diff options
author | Dave Gerlach | 2020-04-22 16:03:49 -0500 |
---|---|---|
committer | Dave Gerlach | 2020-04-23 15:09:38 -0500 |
commit | 6d96ae8865fc0dc6df019e474e0c580bf3057524 (patch) | |
tree | eeb95b0d86b4ee1ba5e45196d5df3349a45741e8 | |
parent | c9e26b71b5349d885eb0866e0edffd983f5d505b (diff) | |
download | k3-image-gen-6d96ae8865fc0dc6df019e474e0c580bf3057524.tar.gz k3-image-gen-6d96ae8865fc0dc6df019e474e0c580bf3057524.tar.xz k3-image-gen-6d96ae8865fc0dc6df019e474e0c580bf3057524.zip |
sec-cfg: Add dkek_config section
Update the common.h headers to add new defines from SYSFW 2020.03.
Starting from SYSFW v2020.03, a dkek_config section is mandatory in
the security config. Otherwise the boot fails.
Fix this by adding a section for dkek_config with HOST_ID_ALL in
allowed_hosts and allow_dkek_export_tisci set.
Signed-off-by: Dave Gerlach <d-gerlach@ti.com>
Tested-by: Suman Anna <s-anna@ti.com>
-rw-r--r-- | include/common.h | 11 | ||||
-rw-r--r-- | soc/am65x/evm/sec-cfg.c | 11 | ||||
-rw-r--r-- | soc/am65x_sr2/evm/sec-cfg.c | 11 | ||||
-rw-r--r-- | soc/j721e/evm/sec-cfg.c | 11 |
4 files changed, 44 insertions, 0 deletions
diff --git a/include/common.h b/include/common.h index 03e88e2a9..af01a4396 100644 --- a/include/common.h +++ b/include/common.h | |||
@@ -80,6 +80,7 @@ typedef u8 ftbool; | |||
80 | #define BOARDCFG_DBG_CFG_MAGIC_NUM 0x020C | 80 | #define BOARDCFG_DBG_CFG_MAGIC_NUM 0x020C |
81 | #define BOARDCFG_PMIC_CFG_MAGIC_NUM 0x3172 | 81 | #define BOARDCFG_PMIC_CFG_MAGIC_NUM 0x3172 |
82 | #define BOARDCFG_OTP_CFG_MAGIC_NUM 0x4081 | 82 | #define BOARDCFG_OTP_CFG_MAGIC_NUM 0x4081 |
83 | #define BOARDCFG_DKEK_CFG_MAGIC_NUM 0x5170 | ||
83 | 84 | ||
84 | struct boardcfg_substructure_header { | 85 | struct boardcfg_substructure_header { |
85 | u16 magic; | 86 | u16 magic; |
@@ -231,11 +232,21 @@ struct boardcfg_extended_otp { | |||
231 | u8 write_host_id; | 232 | u8 write_host_id; |
232 | } __attribute__((__packed__)); | 233 | } __attribute__((__packed__)); |
233 | 234 | ||
235 | #define MAX_NUM_DKEK_ALLOWED_HOSTS 4 | ||
236 | |||
237 | struct boardcfg_dkek { | ||
238 | struct boardcfg_substructure_header subhdr; | ||
239 | u8 allowed_hosts[MAX_NUM_DKEK_ALLOWED_HOSTS]; | ||
240 | u8 allow_dkek_export_tisci; | ||
241 | u8 rsvd[3]; | ||
242 | } __attribute__((__packed__)); | ||
243 | |||
234 | struct boardcfg_security { | 244 | struct boardcfg_security { |
235 | struct boardcfg_abi_rev rev; | 245 | struct boardcfg_abi_rev rev; |
236 | struct boardcfg_proc_acl processor_acl_list; | 246 | struct boardcfg_proc_acl processor_acl_list; |
237 | struct boardcfg_host_hierarchy host_hierarchy; | 247 | struct boardcfg_host_hierarchy host_hierarchy; |
238 | struct boardcfg_extended_otp otp_config; | 248 | struct boardcfg_extended_otp otp_config; |
249 | struct boardcfg_dkek dkek_config; | ||
239 | } __attribute__((__packed__)); | 250 | } __attribute__((__packed__)); |
240 | 251 | ||
241 | /** | 252 | /** |
diff --git a/soc/am65x/evm/sec-cfg.c b/soc/am65x/evm/sec-cfg.c index 291b2af65..b15030749 100644 --- a/soc/am65x/evm/sec-cfg.c +++ b/soc/am65x/evm/sec-cfg.c | |||
@@ -71,4 +71,15 @@ const struct boardcfg_security am65_boardcfg_security_data = { | |||
71 | /* This is an array with 32 entries */ | 71 | /* This is an array with 32 entries */ |
72 | .otp_entry = {{ 0 } }, | 72 | .otp_entry = {{ 0 } }, |
73 | }, | 73 | }, |
74 | |||
75 | /* DKEK configuration */ | ||
76 | .dkek_config = { | ||
77 | .subhdr = { | ||
78 | .magic = BOARDCFG_DKEK_CFG_MAGIC_NUM, | ||
79 | .size = sizeof(struct boardcfg_dkek), | ||
80 | }, | ||
81 | .allowed_hosts = { HOST_ID_ALL, 0, 0, 0 }, | ||
82 | .allow_dkek_export_tisci = 0x5A, | ||
83 | .rsvd = {0, 0, 0}, | ||
84 | }, | ||
74 | }; | 85 | }; |
diff --git a/soc/am65x_sr2/evm/sec-cfg.c b/soc/am65x_sr2/evm/sec-cfg.c index ea7007664..9e1cfb9c5 100644 --- a/soc/am65x_sr2/evm/sec-cfg.c +++ b/soc/am65x_sr2/evm/sec-cfg.c | |||
@@ -70,4 +70,15 @@ const struct boardcfg_security am65_boardcfg_security_data = { | |||
70 | /* This is an array with 32 entries */ | 70 | /* This is an array with 32 entries */ |
71 | .otp_entry = {{ 0 } }, | 71 | .otp_entry = {{ 0 } }, |
72 | }, | 72 | }, |
73 | |||
74 | /* DKEK configuration */ | ||
75 | .dkek_config = { | ||
76 | .subhdr = { | ||
77 | .magic = BOARDCFG_DKEK_CFG_MAGIC_NUM, | ||
78 | .size = sizeof(struct boardcfg_dkek), | ||
79 | }, | ||
80 | .allowed_hosts = { HOST_ID_ALL, 0, 0, 0 }, | ||
81 | .allow_dkek_export_tisci = 0x5A, | ||
82 | .rsvd = {0, 0, 0}, | ||
83 | }, | ||
73 | }; | 84 | }; |
diff --git a/soc/j721e/evm/sec-cfg.c b/soc/j721e/evm/sec-cfg.c index 4392a3188..153f059c5 100644 --- a/soc/j721e/evm/sec-cfg.c +++ b/soc/j721e/evm/sec-cfg.c | |||
@@ -71,4 +71,15 @@ const struct boardcfg_security j721e_boardcfg_security_data = { | |||
71 | /* This is an array with 32 entries */ | 71 | /* This is an array with 32 entries */ |
72 | .otp_entry = {{ 0 } }, | 72 | .otp_entry = {{ 0 } }, |
73 | }, | 73 | }, |
74 | |||
75 | /* DKEK configuration */ | ||
76 | .dkek_config = { | ||
77 | .subhdr = { | ||
78 | .magic = BOARDCFG_DKEK_CFG_MAGIC_NUM, | ||
79 | .size = sizeof(struct boardcfg_dkek), | ||
80 | }, | ||
81 | .allowed_hosts = { HOST_ID_ALL, 0, 0, 0 }, | ||
82 | .allow_dkek_export_tisci = 0x5A, | ||
83 | .rsvd = {0, 0, 0}, | ||
84 | }, | ||
74 | }; | 85 | }; |