# Xilinx Standalone Library Documentation

# XIIFPGA Library v4.0

UG1229 (2018.1) April 4, 2018





# **Table of Contents**

| Chapter 1: Overview                            |    |
|------------------------------------------------|----|
| XiIFPGA library Interface modules              | 3  |
| Processor Configuration Access Port (PCAP)     | 3  |
| CSU DMA driver                                 | 3  |
| Xilsecure_library                              | 3  |
| Design Summary                                 | 4  |
| Flow Diagram                                   | 5  |
| Setting up the Software System                 | 6  |
| Enabling Secure Mode in PMUFirmware            | 6  |
| Bitstream Authentication Using External Memory | 7  |
| Bootgen                                        | 7  |
| Authenticated Bitstream Loading Using OCM      | 8  |
| Authenticated Bitstream Loading Using DDR      | 8  |
| Chapter 2: XiIFPGA APIs                        |    |
| Overview                                       | 9  |
| Xilfpga_PL library Interface modules           | 9  |
| Initialization & Writing Bit-Stream            | 10 |
| Function Documentation                         | 10 |
| Xfpga_GetConfigReg                             | 10 |
| XFpga_PL_BitSream_Load1                        | 10 |
| XFpga_PcapStatus                               | 11 |

# **Appendix A: Additional Resources and Legal Notices**





# Chapter 1

# Overview

The XilFPGA library provides an interface to the Linux or bare-metal users for configuring the programmable logic (PL) over PCAP from PS.

The library is designed for Zynq® UltraScale+™ MPSoC to run on top of Xilinx standalone BSPs. It is tested for A53, R5 and MicroBlaze. In the most common use case, we expect users to run this library on PMU MicroBlaze with PMUFW to serve requests from Linux for Bitstream programming. In this release, the XilFPGA library Supports full, Authenticated and encrypted Bitstream download.

# XIIFPGA library Interface modules

XilFPGA library uses the below major components to configure the PL through PS.

# **Processor Configuration Access Port (PCAP)**

The processor configuration access port (PCAP) is used to configure the programmable logic (PL) through the PS.

### **CSU DMA driver**

The CSU DMA driver is used to transfer the actual Bit stream file for the PS to PL after PCAP initialization.

### Xilsecure library

The LibXilSecure library provides APIs to access secure hardware on the Zynq® UltraScale+™ MPSoC devices.

#### Note

- The current version of library supports only Zynq® UltraScale+™ MPSoC devices.
- The XilFPGA library is capable of loading only .bin format files into PL. The library will not support the other file formats.





# **Design Summary**

XilFPGA library acts as a bridge between the user application and the PL device. It provides the required functionality to the user application for configuring the PL Device with the required bit-stream. The following figure illustrates an implementation where the XilFPGA library needs the CSU DMA driver APIs to transfer the bit-stream from the DDR to the PL region. The XilFPGA library also needs the XilSecure library APIs to support while programming the authenticated and the encrypted bitstream files.



Figure 1.1: XilFPGA Design Summary



# Flow Diagram



Figure 1.2: XiIFPGA Library Workflow



# **Setting up the Software System**

To use XiIFPGA in a software application, you must first compile the XiIFPGA library as part of software application.

- 1. Launch Xilinx SDK. Xilinx SDK prompts you to create a workspace.
- 2. Select File > New > Xilinx Board Support Package. The New Board Support Package wizard appears.
- 3. Specify a project name.
- 4. Select **Standalone** from the **Board Support Package OS** drop-down list. The **Board Support Package Settings** wizard appears.
- 5. Select the **xilfpga** library from the list of **Supported Libraries**.
- 6. Expand the Overview tree and select xilfpga. The configuration options for xilfpga are listed.
- 7. Configure the xilfpga by providing the base address of the Bit-stream file (DDR address) and the size (in bytes).
- 8. Click **OK**. The board support package automatically builds with XiIFPGA library included in it.
- 9. Double-click the **system.mss** file to open it in the **Editor** view.
- 10. Scroll-down and locate the **Libraries** chapter.
- 11. Click **Import Examples** adjacent to the XiIFPGA 4.0 entry.

# **Enabling Secure Mode in PMUFirmware**

To support encrypted and authenticated bit-stream loading, you must enable secure mode in PMUFW.

- 1. Launch Xilinx SDK. Xilinx SDK prompts you to create a workspace.
- 2. Select File > New > Application Project. The New Application Project wizard appears.
- 3. Specify a project name.
- 4. Select **Standalone** from the **OS Platform** drop-down list.
- 5. Select a supported hardware platform.
- 6. Select **psu pmu 0** from the **Processor** drop-down list.
- 7. Click Next. The **Templates** page appears.
- 8. Select ZyngMP PMU Firmware from the Available Templates list.
- 9. Click **Finish**. A PMUFW application project is created with the required BSPs.
- 10. Double-click the **system.mss** file to open it in the **Editor** view.





- 11. Click the **Modify this BSP's Settings** button. The **Board Support Package Settings** dialog box appears.
- 12. Select xilfpga. Various settings related to the library appears.
- 13. Select **secure\_mode** and modify its value to **true**.
- 14. Click **OK** to save the configuration.

# **Bitstream Authentication Using External Memory**

Authentication of Bitstream is different from that of all other partitions. The FSBL can be altogether contained within the OCM, and therefore authenticated and decrypted inside the device. For Bitstream, the size of the file is too large to be contained inside the device and external memory must be used. The use of external memory could pose access security issues. The following section describes how Bitstream is authenticated securely using external memory.

# **Bootgen**

When a Bitstream is requested for authentication, Bootgen divides the Bitstream into blocks of 8MB each and assigns an authentication certificate for each block. If the size of a Bitstream is not in multiples of 8 MB, the last block contains the remaining Bitstream data.



Figure 1.3: Bitstream Blocks

When both authentication and encryption are enabled, encryption is first done on the Bitstream. Bootgen then divides the encrypted data into blocks and assigns an Authentication certificate for each block.





# **Authenticated Bitstream Loading Using OCM**

To authenticate the Bitstream partition securely, XilFPGA uses the FSBL chapter's OCM memory to copy the bitstream in chunks from DDR.

The software workflow for authenticating Bitstream is as follows:

- XilFPGA identifies DDR secure Bitstream image base address. XilFPGA has two buffers in OCM, Read Buffer of size 56KB and hash's of Chunks to store intermediate hashes calculated for each 56 KB of every 8MB block.
- 2. XiIFPGA copies a 56KB chunk from the first 8MB block to Read Buffer.
- 3. XiIFPGA calculates hash on 56 KB and stores in HashsOfChunks.
- 4. XiIFPGA repeats steps 1 to 3 until the entire 8MB of block is completed.

#### Note

The chunk that XiIFPGA copies can be of any size. A 56KB chunk is taken for better performance.

- 5. XiIFPGA authenticates the Bitstream.
- 6. Once the authentication is successful, XiIFPGA starts copying information in batches of 56KB starting from the first block which is located in DDR to Read Buffer, calculates the hash, and then compares it with the hash stored at HashsOfChunks.
- 7. If the hash comparison is successful, FSBL transmits data to PCAP using DMA (for un-encrypted Bitstream) or AES (if encryption is enabled).
- 8. XiIFPGA repeats steps 6 and 7 until the entire 8MB block is completed.
- 9. Repeats steps 1 through 8 for all the blocks of Bitstream.

#### **Note**

You cannot use the warm restart when the FSBL OCM memory is used to authenticate the Bitstream.

# **Authenticated Bitstream Loading Using DDR**

XiIFPGA uses DDR to authenticate as In-sufficient OCM memory (OCM memory occupies with ATF and FSBL). The software workflow for authenticating Bitstream is as follows:

- 1. XilFPGA identifies DDR secure Bitstream image base address.
- 2. XilFPGA calculates hash for the first 8MB block.
- 3. XiIFPGA authenticates the 8MB block
- 4. If Authentication is successful, XiIFPGA transmits data to PCAP via DMA (for unencrypted Bitstream) or AES (if encryption is enabled).
- 5. Repeats steps 1 through 4 for all the blocks of Bitstream.





# Chapter 2

# XiIFPGA APIs

### **Overview**

This chapter provides detailed descriptions of the XilFPGA library APIs.

The XILFPGA library provides the interface to the application to configure the programmable logic (PL) though the PS.

- Supported Features:
  - Full Bit-stream loading
  - Encrypted Bit-stream loading.
  - Authenticated Bit-stream loading.
  - Authenticated and Encrypted Bit-stream loading.
- To be supported features:
  - o Partial Bit-stream loading.

# Xilfpga\_PL library Interface modules

Xilfpga\_PL library uses the below major components to configure the PL through PS.

- CSU DMA driver is used to transfer the actual Bit stream file for the PS to PL after PCAP initialization
- Xilsecure\_library provides APIs to access secure hardware on the Zynq® UltraScale+™ MPSoC devices.
  This library includes:
  - SHA-3 engine hash functions
  - AES for symmetric key encryption
  - RSA for authentication

These algorithms are needed to support to load the Encrypted and Authenticated bit-streams into PL.

#### Note

XilFPGA library is capable of loading only .bin format files into PL. The library does not support other file formats. The current implementation supports only Full Bit-stream.





# **Initialization & Writing Bit-Stream**

Use the u32 XFpga PL BitSream Load(); function to initialize the driver and load the bit-stream.

### **Functions**

- u32 Xfpga\_GetConfigReg (u32 ConfigReg, u32 \*RegData)
- u32 XFpga\_PL\_BitSream\_Load (UINTPTR WrAddr, UINTPTR KeyAddr, u32 flags)
- u32 XFpga\_PcapStatus (void)

## **Function Documentation**

# u32 Xfpga\_GetConfigReg ( u32 ConfigReg, u32 \* RegData )

Returns the value of the specified configuration register.

#### **Parameters**

| InstancePtr | is a pointer to the XHwlcap instance.                                           |
|-------------|---------------------------------------------------------------------------------|
| ConfigReg   | is a constant which represents the configuration register value to be returned. |
| RegData     | is the value of the specified configuration register.                           |

#### **Returns**

- XST\_SUCCESS if successful
- XST FAILURE if unsuccessful

# u32 XFpga\_PL\_BitSream\_Load ( UINTPTR WrAddr, UINTPTR AddrPtr, u32 flags )

The API is used to load the user provided bitstream file into Zync MPSoC PL region. This function does the following jobs:

- Power-up the PL fabric.
- · Performs PL-PS Isolation.
- Initialize PCAP Interface
- Write a bitstream into the PL
- Wait for the PL Done Status.
- Restore PS-PL Isolation (Power-up PL fabric).



#### Note

This function contains the polling implementation to provide the PL reset wait time due to this polling implementation the function call is blocked till the time out value expires or gets the appropriate status value from the PL Done Status register.

#### **Parameters**

| WrAddr  | Linear memory image base address                      |  |
|---------|-------------------------------------------------------|--|
| AddrPtr | Aes key address which is used for Decryption.         |  |
| flags   | Flags are used to specify the type of bitstream file. |  |
|         | BIT(0) - Bit-stream type                              |  |
|         | o 0 - Full Bit-stream                                 |  |
|         | o 1 - Partial Bit-stream                              |  |
|         | BIT(1) - Authentication using DDR                     |  |
|         | o 1 - Enable                                          |  |
|         | o 0 - Disable                                         |  |
|         | BIT(2) - Authentication using OCM                     |  |
|         | o 1 - Enable                                          |  |
|         | o 0 - Disable                                         |  |
|         | BIT(3) - User-key Encryption                          |  |
|         | o 1 - Enable                                          |  |
|         | o 0 - Disable                                         |  |
|         | BIT(4) - Device-key Encryption                        |  |
|         | o 1 - Enable                                          |  |
|         | o 0 - Disable                                         |  |

#### Note

The current implementation will not support partial Bit-stream loading.

#### **Returns**

• Error status based on implemented functionality (SUCCESS by default).

# u32 XFpga\_PcapStatus (void )

Provides the STATUS of PCAP interface.





#### **Parameters**

| None |  |
|------|--|
|      |  |

#### Returns

Status of the PCAP interface.



# Appendix A

# Additional Resources and Legal Notices

# **Xilinx Resources**

For support resources such as Answers, Documentation, Downloads, and Forums, see Xilinx Support .

### **Solution Centers**

See the Xilinx Solution Centers for support on devices, software tools, and intellectual property at all stages of the design cycle. Topics include design assistance, advisories, and troubleshooting tips.

# Please Read: Important Legal Notices

The information disclosed to you hereunder (the "Materials") is provided solely for the selection and use of Xilinx products. To the maximum extent permitted by applicable law: (1) Materials are made available "AS IS" and with all faults, Xilinx hereby DISCLAIMS ALL WARRANTIES AND CONDITIONS, EXPRESS, IMPLIED, OR STATUTORY, INCLUDING BUT NOT LIMITED TO WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, OR FITNESS FOR ANY PARTICULAR PURPOSE; and (2) Xilinx shall not be liable (whether in contract or tort, including negligence, or under any other theory of liability) for any loss or damage of any kind or nature related to, arising under, or in connection with, the Materials (including your use of the Materials), including for any direct, indirect, special, incidental, or consequential loss or damage (including loss of data, profits, goodwill, or any type of loss or damage suffered as a result of any action brought by a third party) even if such damage or loss was reasonably foreseeable or Xilinx had been advised of the possibility of the same. Xilinx assumes no obligation to correct any errors contained in the Materials or to notify you of updates to the Materials or to product specifications. You may not reproduce, modify, distribute, or publicly display the Materials without prior written consent. Certain products are subject to the terms and conditions of Xilinx's limited warranty, please refer to Xilinx's Terms of Sale which can be viewed at http://www.xilinx.com/legal.htm#tos; IP cores may be subject to warranty and support terms contained in a license issued to you by Xilinx. Xilinx products are not designed or intended to be fail-safe or for use in any application requiring fail-safe performance; you assume sole risk and liability for use of Xilinx products in such critical applications, please refer to Xilinx's Terms of Sale which can be viewed at http://www.xilinx.com/legal.htm#tos.



#### **Automotive Applications Disclaimer**

AUTOMOTIVE PRODUCTS (IDENTIFIED AS "XA" IN THE PART NUMBER) ARE NOT WARRANTED FOR USE IN THE DEPLOYMENT OF AIRBAGS OR FOR USE IN APPLICATIONS THAT AFFECT CONTROL OF A VEHICLE ("SAFETY APPLICATION") UNLESS THERE IS A SAFETY CONCEPT OR REDUNDANCY FEATURE CONSISTENT WITH THE ISO 26262 AUTOMOTIVE SAFETY STANDARD ("SAFETY DESIGN"). CUSTOMER SHALL, PRIOR TO USING OR DISTRIBUTING ANY SYSTEMS THAT INCORPORATE PRODUCTS, THOROUGHLY TEST SUCH SYSTEMS FOR SAFETY PURPOSES. USE OF PRODUCTS IN A SAFETY APPLICATION WITHOUT A SAFETY DESIGN IS FULLY AT THE RISK OF CUSTOMER, SUBJECT ONLY TO APPLICABLE LAWS AND REGULATIONS GOVERNING LIMITATIONS ON PRODUCT LIABILITY.

© Copyright 2018 Xilinx, Inc. Xilinx, the Xilinx logo, Artix, ISE, Kintex, Spartan, Virtex, Vivado, Zynq, and other designated brands included herein are trademarks of Xilinx in the United States and other countries. All other trademarks are the property of their respective owners.