Yeh page kuch bhi assume nahi karta. parent note mein use hua har letter, arrow, aur word yahan neeche se upar build kiya gaya hai, ek aisi sequence mein jahan har idea sirf usse pehle wale ideas par tika hai.
Koi bhi letter aane se pehle, picture karo ki chip hota kya hai. Ek chip silicon ka ek tukda hota hai jisme billions of tiny switches hote hain jinhe transistors kehte hain. Akele woh bekar hain — woh tab hi kuch useful karte hain jab unhe aisa patterns mein wire kiya jaaye jo numbers ko add, compare, aur remember kar sake.
Topic ko yeh kyun chahiye: poora note in gates ke wiring diagram ko publish karne ke baare mein hai. "Design open karo" samajhne ke liye, pehle yeh jaanna zaroori hai ki design hai hi gates ka yeh pattern — kuch aur mystical nahi, bas ek bahut bada, bahut chota electrical drawing.
Koi bhi ek billion gates haath se nahi draw karta. Engineers wiring ko ek text language mein describe karte hain, aur ek program automatically gates layout kar deta hai — bilkul waisi hi tarah jaise ek programmer code likhta hai aur ek compiler machine instructions produce karta hai.
Topic ko yeh kyun chahiye: parent ki open hardware ki definition literally hai "RTL ek permissive license ke under publish hai." Yeh jaane bina ki RTL kya hai, woh sentence khaali hai.
RTL ko kaise test kiya jaata hai aur real device mein kaise convert kiya jaata hai yeh dekhne ke liye FPGA & RTL Verification dekho.
RISC-V aur OpenRISC mein "R" RISC ke liye stand karta hai: Reduced Instruction Set Computer. RISC ka ek design choice parent note mein ek formula drive karta hai, isliye hum ise abhi build karte hain.
Ab letters. Humein ek formula chahiye, isliye pehle quantities ko naam dena zaroori hai:
Topic ko yeh kyun chahiye: parent Bytes=4N aur PCnext=PC+4 use karta hai; dono meaningless hain jab tak N, w, byte, aur PC define nahi hote.
Topic ka Root-of-Trust wala part ek chhota cluster of notation ek saath introduce karta hai. Hum har ek define karte hain, use ek picture se jodte hain, aur batate hain ki woh kaunsa sawaal answer karta hai.
Ek fingerprint akela prove karta hai ki data fingerprint lene ke baad se nahi badla — lekin ek attacker dono image aur uska fingerprint replace kar sakta hai. Humein proof chahiye ki fingerprint real vendor se aaya hai. Yahi signature add karta hai.
Neeche ki figure integrity (hash) versus authenticity (signature) side by side dikhati hai.
Har "verify" ko pk ki ek trusted copy chahiye. Woh kahan rehti hai taaki attacker use swap na kar sake? Un fuses mein jo ek baar write ho sakti hain aur kabhi rewrite nahi ho sakti.
Topic ko yeh sab section 5 kyun chahiye: parent ka secure-boot formula mi=H(Ii) aur Verifypk(σi,mi)=true use karta hai H, m, I, σ, pk, subscripts i, aur "fuses" — har ek upar define kiya gaya hai.
Parent Ii, mi, σi likhta hai ek chhote i ke saath. Woh subscript bas ek stage counter hai: i=0 pehla boot stage hai, i=1 agla, aur aise aage. "Stage i, stage i+1 ko verify karta hai use run karne se pehle" yahi chain of trust hai — fused key se leke operating system tak vouchers ki ek unbroken line.
Image ka ek chhota fingerprint; yeh answer karta hai "kya yahi exactly woh code hai jo mujhe expect tha?" (integrity).
Secure boot ke liye hash akela kaafi kyun nahi hai?
Yeh integrity prove karta hai lekin authenticity nahi — ek attacker image aur uska hash dono swap kar sakta hai; ek signature hash ko vendor ki private key se bind karta hai.
Ii,mi,σi mein subscript i ka kya matlab hai?
Yeh chain of trust mein boot-stage number hai.
Public key one-time-programmable fuses mein kyun store ki jaati hai?
Taaki trust anchor ko koi attacker rewrite na kar sake.