AR# 73677

Design Advisory for Zynq UltraScale+ MPSoC/RFSoC: 2019.2 (and previous) XilFpga loads non-secure Bitstreams even if RSA_EN and ENC_ONLY eFUSEs are programmed

Description

In 2019.2 and previous releases, it is possible to load a non-secure Bitstream using XilFpga (Standalone, u-boot and Linux) even if RSA_EN and/or ENC_ONLY eFUSEs are programmed.

An adversary with access to Linux calls through ATF into XilFpga or RPU calls to XilFpga could perform incorrect operations.

This is considered a security violation.

 

For more information on how to sign up to receive notifications for new Design Advisories, see (Xilinx Answer 18683).

Solution

This issue is addressed in the 2020.1 release by checking the status of RSA_EN and ENC_ONLY during the bitstream validation (prior to loading).

For previous releases, copy the .c and .h files in the attached ZIP file to the Vitis or XSDK installation path and re-build the project.

 

For example in the 2019.2 release copy the .c and .h file to the below path:

\Vitis\2019.2\data\embeddedsw\lib\sw_services\xilfpga_v5_2\src\interface\zynqmp\

 

Attachments

Associated Attachments

Name File Size File Type
73677_1590749851441.zip 19 KB ZIP
AR# 73677
Date 05/29/2020
Status Active
Type Design Advisory
Devices
Tools