summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSuman Anna2020-08-10 15:07:14 -0500
committerDave Gerlach2020-08-14 12:11:07 -0500
commit060498a9bf287260431139f69767f54eff3d159c (patch)
tree43b16d31b5ebfff9e4b2fff272fca2da828007be
parent10d3f3d1de829e02edacfa3a5d1c660263ef0820 (diff)
downloadk3-image-gen-060498a9bf287260431139f69767f54eff3d159c.tar.gz
k3-image-gen-060498a9bf287260431139f69767f54eff3d159c.tar.xz
k3-image-gen-060498a9bf287260431139f69767f54eff3d159c.zip
sec-cfg: Add secure_debug_config section
Update the common.h headers to add new defines from SYSFW 2020.07-rc1. Starting from SYSFW v2020.07-rc1, a secure_debug_config section is mandatory in the security config. Otherwise the boot fails on all SoCs. Fix this by adding a section for secure_debug_config with appropriate parameters configured on all on AM65x, AM65x SR2.0, J721E and J7200 SoCs. Signed-off-by: Suman Anna <s-anna@ti.com>
-rw-r--r--include/common.h14
-rw-r--r--soc/am65x/evm/sec-cfg.c12
-rw-r--r--soc/am65x_sr2/evm/sec-cfg.c12
-rw-r--r--soc/j7200/evm/sec-cfg.c12
-rw-r--r--soc/j721e/evm/sec-cfg.c12
5 files changed, 62 insertions, 0 deletions
diff --git a/include/common.h b/include/common.h
index 08b9b4bda..382b6c422 100644
--- a/include/common.h
+++ b/include/common.h
@@ -82,6 +82,7 @@ typedef u8 ftbool;
82#define BOARDCFG_OTP_CFG_MAGIC_NUM 0x4081 82#define BOARDCFG_OTP_CFG_MAGIC_NUM 0x4081
83#define BOARDCFG_DKEK_CFG_MAGIC_NUM 0x5170 83#define BOARDCFG_DKEK_CFG_MAGIC_NUM 0x5170
84#define BOARDCFG_SA2UL_CFG_MAGIC_NUM_RSVD 0x23BE 84#define BOARDCFG_SA2UL_CFG_MAGIC_NUM_RSVD 0x23BE
85#define BOARDCFG_SEC_DBG_CTRL_MAGIC_NUM 0x42AF
85 86
86struct boardcfg_substructure_header { 87struct boardcfg_substructure_header {
87 u16 magic; 88 u16 magic;
@@ -247,6 +248,18 @@ struct boardcfg_sa2ul_cfg {
247 u8 rsvd[4]; 248 u8 rsvd[4];
248}; 249};
249 250
251#define BOARDCFG_SEC_MAX_NUM_JTAG_UNLOCK_HOSTS 4
252
253struct boardcfg_secure_debug_config {
254 struct boardcfg_substructure_header subhdr;
255 u8 allow_jtag_unlock;
256 u8 allow_wildcard_unlock;
257 u8 allowed_debug_level_rsvd;
258 u8 rsvd;
259 u32 min_cert_rev;
260 u8 jtag_unlock_hosts[BOARDCFG_SEC_MAX_NUM_JTAG_UNLOCK_HOSTS];
261} __attribute__((__packed__));
262
250struct boardcfg_security { 263struct boardcfg_security {
251 struct boardcfg_abi_rev rev; 264 struct boardcfg_abi_rev rev;
252 struct boardcfg_proc_acl processor_acl_list; 265 struct boardcfg_proc_acl processor_acl_list;
@@ -254,6 +267,7 @@ struct boardcfg_security {
254 struct boardcfg_extended_otp otp_config; 267 struct boardcfg_extended_otp otp_config;
255 struct boardcfg_dkek dkek_config; 268 struct boardcfg_dkek dkek_config;
256 struct boardcfg_sa2ul_cfg sa2ul_cfg; 269 struct boardcfg_sa2ul_cfg sa2ul_cfg;
270 struct boardcfg_secure_debug_config sec_dbg_config;
257} __attribute__((__packed__)); 271} __attribute__((__packed__));
258 272
259/** 273/**
diff --git a/soc/am65x/evm/sec-cfg.c b/soc/am65x/evm/sec-cfg.c
index bb8a2f5fc..13007cd6f 100644
--- a/soc/am65x/evm/sec-cfg.c
+++ b/soc/am65x/evm/sec-cfg.c
@@ -91,4 +91,16 @@ const struct boardcfg_security am65_boardcfg_security_data = {
91 }, 91 },
92 .rsvd = {0, 0, 0, 0}, 92 .rsvd = {0, 0, 0, 0},
93 }, 93 },
94
95 /* Secure JTAG Unlock Configuration */
96 .sec_dbg_config = {
97 .subhdr = {
98 .magic = BOARDCFG_SEC_DBG_CTRL_MAGIC_NUM,
99 .size = sizeof(struct boardcfg_secure_debug_config),
100 },
101 .allow_jtag_unlock = 0x5A,
102 .allow_wildcard_unlock = 0x5A,
103 .min_cert_rev = 0x0,
104 .jtag_unlock_hosts = {0, 0, 0, 0},
105 },
94}; 106};
diff --git a/soc/am65x_sr2/evm/sec-cfg.c b/soc/am65x_sr2/evm/sec-cfg.c
index 43a55c153..486036fca 100644
--- a/soc/am65x_sr2/evm/sec-cfg.c
+++ b/soc/am65x_sr2/evm/sec-cfg.c
@@ -90,4 +90,16 @@ const struct boardcfg_security am65_boardcfg_security_data = {
90 }, 90 },
91 .rsvd = {0, 0, 0, 0}, 91 .rsvd = {0, 0, 0, 0},
92 }, 92 },
93
94 /* Secure JTAG Unlock Configuration */
95 .sec_dbg_config = {
96 .subhdr = {
97 .magic = BOARDCFG_SEC_DBG_CTRL_MAGIC_NUM,
98 .size = sizeof(struct boardcfg_secure_debug_config),
99 },
100 .allow_jtag_unlock = 0x5A,
101 .allow_wildcard_unlock = 0x5A,
102 .min_cert_rev = 0x0,
103 .jtag_unlock_hosts = {0, 0, 0, 0},
104 },
93}; 105};
diff --git a/soc/j7200/evm/sec-cfg.c b/soc/j7200/evm/sec-cfg.c
index 280f9296c..74b393891 100644
--- a/soc/j7200/evm/sec-cfg.c
+++ b/soc/j7200/evm/sec-cfg.c
@@ -90,4 +90,16 @@ const struct boardcfg_security j7200_boardcfg_security_data = {
90 }, 90 },
91 .rsvd = {0, 0, 0, 0}, 91 .rsvd = {0, 0, 0, 0},
92 }, 92 },
93
94 /* Secure JTAG Unlock Configuration */
95 .sec_dbg_config = {
96 .subhdr = {
97 .magic = BOARDCFG_SEC_DBG_CTRL_MAGIC_NUM,
98 .size = sizeof(struct boardcfg_secure_debug_config),
99 },
100 .allow_jtag_unlock = 0x5A,
101 .allow_wildcard_unlock = 0x5A,
102 .min_cert_rev = 0x0,
103 .jtag_unlock_hosts = {0, 0, 0, 0},
104 },
93}; 105};
diff --git a/soc/j721e/evm/sec-cfg.c b/soc/j721e/evm/sec-cfg.c
index ddbc04429..8391d276c 100644
--- a/soc/j721e/evm/sec-cfg.c
+++ b/soc/j721e/evm/sec-cfg.c
@@ -91,4 +91,16 @@ const struct boardcfg_security j721e_boardcfg_security_data = {
91 }, 91 },
92 .rsvd = {0, 0, 0, 0}, 92 .rsvd = {0, 0, 0, 0},
93 }, 93 },
94
95 /* Secure JTAG Unlock Configuration */
96 .sec_dbg_config = {
97 .subhdr = {
98 .magic = BOARDCFG_SEC_DBG_CTRL_MAGIC_NUM,
99 .size = sizeof(struct boardcfg_secure_debug_config),
100 },
101 .allow_jtag_unlock = 0x5A,
102 .allow_wildcard_unlock = 0x5A,
103 .min_cert_rev = 0x0,
104 .jtag_unlock_hosts = {0, 0, 0, 0},
105 },
94}; 106};