(UG821) "FSBL Multiboot" states:
"In the secure boot scenario, with the AES key stored in eFUSE, the Multiboot scenario must be handled by the user (without going through a soft reset)."
Please provide more detail on this.
If a Zynq-7000 boots with FSBL encrypted with an AES key stored in eFUSE then a subsequent SRST will generate a secure lockdown.
This is an expected behavior of production silicon.
The only reset that can be used to successfully re-boot the system is PS_POR.
In a "Secure Fallback Flow with eFUSE" scenario described in (UG821), configuring the Watchdog to reset the system (SRST) in case of a failure (for example CPU hang) will cause a secure lockdown.
That is why you are REQUIRED to configure the Watchdog timers for interrupt and not SRST.
You can route the Watchdog interrupt to do (Software implementation in the interrupt routine) a PS_POR through a GPIO.
Xilinx recommends using an nFIQ whenever it is possible to implement this mechanism.