diff options
author | Suman Anna | 2020-08-10 15:07:14 -0500 |
---|---|---|
committer | Dave Gerlach | 2020-08-14 12:11:07 -0500 |
commit | 060498a9bf287260431139f69767f54eff3d159c (patch) | |
tree | 43b16d31b5ebfff9e4b2fff272fca2da828007be | |
parent | 10d3f3d1de829e02edacfa3a5d1c660263ef0820 (diff) | |
download | k3-image-gen-060498a9bf287260431139f69767f54eff3d159c.tar.gz k3-image-gen-060498a9bf287260431139f69767f54eff3d159c.tar.xz k3-image-gen-060498a9bf287260431139f69767f54eff3d159c.zip |
sec-cfg: Add secure_debug_config section
Update the common.h headers to add new defines from
SYSFW 2020.07-rc1.
Starting from SYSFW v2020.07-rc1, a secure_debug_config section
is mandatory in the security config. Otherwise the boot fails
on all SoCs.
Fix this by adding a section for secure_debug_config with
appropriate parameters configured on all on AM65x, AM65x SR2.0,
J721E and J7200 SoCs.
Signed-off-by: Suman Anna <s-anna@ti.com>
-rw-r--r-- | include/common.h | 14 | ||||
-rw-r--r-- | soc/am65x/evm/sec-cfg.c | 12 | ||||
-rw-r--r-- | soc/am65x_sr2/evm/sec-cfg.c | 12 | ||||
-rw-r--r-- | soc/j7200/evm/sec-cfg.c | 12 | ||||
-rw-r--r-- | soc/j721e/evm/sec-cfg.c | 12 |
5 files changed, 62 insertions, 0 deletions
diff --git a/include/common.h b/include/common.h index 08b9b4bda..382b6c422 100644 --- a/include/common.h +++ b/include/common.h | |||
@@ -82,6 +82,7 @@ typedef u8 ftbool; | |||
82 | #define BOARDCFG_OTP_CFG_MAGIC_NUM 0x4081 | 82 | #define BOARDCFG_OTP_CFG_MAGIC_NUM 0x4081 |
83 | #define BOARDCFG_DKEK_CFG_MAGIC_NUM 0x5170 | 83 | #define BOARDCFG_DKEK_CFG_MAGIC_NUM 0x5170 |
84 | #define BOARDCFG_SA2UL_CFG_MAGIC_NUM_RSVD 0x23BE | 84 | #define BOARDCFG_SA2UL_CFG_MAGIC_NUM_RSVD 0x23BE |
85 | #define BOARDCFG_SEC_DBG_CTRL_MAGIC_NUM 0x42AF | ||
85 | 86 | ||
86 | struct boardcfg_substructure_header { | 87 | struct boardcfg_substructure_header { |
87 | u16 magic; | 88 | u16 magic; |
@@ -247,6 +248,18 @@ struct boardcfg_sa2ul_cfg { | |||
247 | u8 rsvd[4]; | 248 | u8 rsvd[4]; |
248 | }; | 249 | }; |
249 | 250 | ||
251 | #define BOARDCFG_SEC_MAX_NUM_JTAG_UNLOCK_HOSTS 4 | ||
252 | |||
253 | struct boardcfg_secure_debug_config { | ||
254 | struct boardcfg_substructure_header subhdr; | ||
255 | u8 allow_jtag_unlock; | ||
256 | u8 allow_wildcard_unlock; | ||
257 | u8 allowed_debug_level_rsvd; | ||
258 | u8 rsvd; | ||
259 | u32 min_cert_rev; | ||
260 | u8 jtag_unlock_hosts[BOARDCFG_SEC_MAX_NUM_JTAG_UNLOCK_HOSTS]; | ||
261 | } __attribute__((__packed__)); | ||
262 | |||
250 | struct boardcfg_security { | 263 | struct boardcfg_security { |
251 | struct boardcfg_abi_rev rev; | 264 | struct boardcfg_abi_rev rev; |
252 | struct boardcfg_proc_acl processor_acl_list; | 265 | struct boardcfg_proc_acl processor_acl_list; |
@@ -254,6 +267,7 @@ struct boardcfg_security { | |||
254 | struct boardcfg_extended_otp otp_config; | 267 | struct boardcfg_extended_otp otp_config; |
255 | struct boardcfg_dkek dkek_config; | 268 | struct boardcfg_dkek dkek_config; |
256 | struct boardcfg_sa2ul_cfg sa2ul_cfg; | 269 | struct boardcfg_sa2ul_cfg sa2ul_cfg; |
270 | struct boardcfg_secure_debug_config sec_dbg_config; | ||
257 | } __attribute__((__packed__)); | 271 | } __attribute__((__packed__)); |
258 | 272 | ||
259 | /** | 273 | /** |
diff --git a/soc/am65x/evm/sec-cfg.c b/soc/am65x/evm/sec-cfg.c index bb8a2f5fc..13007cd6f 100644 --- a/soc/am65x/evm/sec-cfg.c +++ b/soc/am65x/evm/sec-cfg.c | |||
@@ -91,4 +91,16 @@ const struct boardcfg_security am65_boardcfg_security_data = { | |||
91 | }, | 91 | }, |
92 | .rsvd = {0, 0, 0, 0}, | 92 | .rsvd = {0, 0, 0, 0}, |
93 | }, | 93 | }, |
94 | |||
95 | /* Secure JTAG Unlock Configuration */ | ||
96 | .sec_dbg_config = { | ||
97 | .subhdr = { | ||
98 | .magic = BOARDCFG_SEC_DBG_CTRL_MAGIC_NUM, | ||
99 | .size = sizeof(struct boardcfg_secure_debug_config), | ||
100 | }, | ||
101 | .allow_jtag_unlock = 0x5A, | ||
102 | .allow_wildcard_unlock = 0x5A, | ||
103 | .min_cert_rev = 0x0, | ||
104 | .jtag_unlock_hosts = {0, 0, 0, 0}, | ||
105 | }, | ||
94 | }; | 106 | }; |
diff --git a/soc/am65x_sr2/evm/sec-cfg.c b/soc/am65x_sr2/evm/sec-cfg.c index 43a55c153..486036fca 100644 --- a/soc/am65x_sr2/evm/sec-cfg.c +++ b/soc/am65x_sr2/evm/sec-cfg.c | |||
@@ -90,4 +90,16 @@ const struct boardcfg_security am65_boardcfg_security_data = { | |||
90 | }, | 90 | }, |
91 | .rsvd = {0, 0, 0, 0}, | 91 | .rsvd = {0, 0, 0, 0}, |
92 | }, | 92 | }, |
93 | |||
94 | /* Secure JTAG Unlock Configuration */ | ||
95 | .sec_dbg_config = { | ||
96 | .subhdr = { | ||
97 | .magic = BOARDCFG_SEC_DBG_CTRL_MAGIC_NUM, | ||
98 | .size = sizeof(struct boardcfg_secure_debug_config), | ||
99 | }, | ||
100 | .allow_jtag_unlock = 0x5A, | ||
101 | .allow_wildcard_unlock = 0x5A, | ||
102 | .min_cert_rev = 0x0, | ||
103 | .jtag_unlock_hosts = {0, 0, 0, 0}, | ||
104 | }, | ||
93 | }; | 105 | }; |
diff --git a/soc/j7200/evm/sec-cfg.c b/soc/j7200/evm/sec-cfg.c index 280f9296c..74b393891 100644 --- a/soc/j7200/evm/sec-cfg.c +++ b/soc/j7200/evm/sec-cfg.c | |||
@@ -90,4 +90,16 @@ const struct boardcfg_security j7200_boardcfg_security_data = { | |||
90 | }, | 90 | }, |
91 | .rsvd = {0, 0, 0, 0}, | 91 | .rsvd = {0, 0, 0, 0}, |
92 | }, | 92 | }, |
93 | |||
94 | /* Secure JTAG Unlock Configuration */ | ||
95 | .sec_dbg_config = { | ||
96 | .subhdr = { | ||
97 | .magic = BOARDCFG_SEC_DBG_CTRL_MAGIC_NUM, | ||
98 | .size = sizeof(struct boardcfg_secure_debug_config), | ||
99 | }, | ||
100 | .allow_jtag_unlock = 0x5A, | ||
101 | .allow_wildcard_unlock = 0x5A, | ||
102 | .min_cert_rev = 0x0, | ||
103 | .jtag_unlock_hosts = {0, 0, 0, 0}, | ||
104 | }, | ||
93 | }; | 105 | }; |
diff --git a/soc/j721e/evm/sec-cfg.c b/soc/j721e/evm/sec-cfg.c index ddbc04429..8391d276c 100644 --- a/soc/j721e/evm/sec-cfg.c +++ b/soc/j721e/evm/sec-cfg.c | |||
@@ -91,4 +91,16 @@ const struct boardcfg_security j721e_boardcfg_security_data = { | |||
91 | }, | 91 | }, |
92 | .rsvd = {0, 0, 0, 0}, | 92 | .rsvd = {0, 0, 0, 0}, |
93 | }, | 93 | }, |
94 | |||
95 | /* Secure JTAG Unlock Configuration */ | ||
96 | .sec_dbg_config = { | ||
97 | .subhdr = { | ||
98 | .magic = BOARDCFG_SEC_DBG_CTRL_MAGIC_NUM, | ||
99 | .size = sizeof(struct boardcfg_secure_debug_config), | ||
100 | }, | ||
101 | .allow_jtag_unlock = 0x5A, | ||
102 | .allow_wildcard_unlock = 0x5A, | ||
103 | .min_cert_rev = 0x0, | ||
104 | .jtag_unlock_hosts = {0, 0, 0, 0}, | ||
105 | }, | ||
94 | }; | 106 | }; |