#zynq

Secure Boot Path: From BootROM to Userspace in ZynqMP and i.MX8

Published at July 18, 2025 ·  5 min read

🔐 Introduction Secure Boot ensures that only authenticated and untampered code runs on a system. This post walks through the secure boot process from BootROM all the way to Linux userspace, focusing on Xilinx ZynqMP and NXP i.MX8. We explain how keys are stored and verified, how FIT images are authenticated, and what protections are required even after Linux boots. 📊 Secure Boot Flow Overview The diagram below illustrates the secure boot process commonly used in embedded SoCs like Xilinx ZynqMP and NXP i....

Securing U-Boot with FIT Signature and Key Injection on ZynqMP

Published at July 17, 2025 ·  4 min read

This blog post provides a comprehensive guide to implementing secure boot with U-Boot using FIT image signatures and RSA public key injection, targeting Xilinx ZynqMP platforms such as the ZCU102. It includes theory, differences between DTB embedding methods, and a practical Yocto-based implementation. Background: FIT Signing and Public Key Injection Modern U-Boot supports signed FIT images to enforce boot-time validation of kernel and other binaries. The verification is done using an RSA public key embedded in U-Boot’s DTB....

Installing Xen Support on Xilinx ZynqMP

Published at July 15, 2025 ·  3 min read

This blog post summarizes how to install and run Xen with Linux as Dom0 from an SD card on the ZCU102 Rev 1.1 development board by Xilinx. The method is based on a Yocto-generated build but includes a few manual adjustments to enable Xen hypervisor support without embedding it directly in the Yocto recipes. This approach is useful for debugging, experimenting with boot configurations, and staying flexible. Boot Script The following U-Boot script is used to load Xen, Linux, and the device tree blob (DTB) from the SD card....

install linux on microzed board

Published at August 1, 2020 ·  4 min read

The microzed development board has Xilinx zynq7000 chip. It has an application process unit with cortex a9 and FPGA fabric. The board also contains interfaces like SDIO and QSPI. I want to install Linux on it directly with yocto and without petalinux, which runs yocto behind the scene, so I tried to eliminate the need to use it. Why do so? It is interesting, and I have a lot of experience with yocto and it very easy to work with its script once you know it easy porting to other processors: IMX, stm32Mp157, etc' using build tools like CMake,Autotools, and yocto scripts make it very easy to port SW between different processors....