feat(intel): extend attestation service to Agilex family
This patch extends the functionality of FPGA Crypto Services (FCS) to
support FPGA Attestation feature in Agilex device.
Signed-off-by: Boon Khai Ng <boon.khai.ng@intel.com>
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Change-Id: I3c2e29d2fa04d394e9f65d8143d7f4e57389cd02
diff --git a/plat/intel/soc/common/include/socfpga_fcs.h b/plat/intel/soc/common/include/socfpga_fcs.h
index 1df1639..d9b8be4 100644
--- a/plat/intel/soc/common/include/socfpga_fcs.h
+++ b/plat/intel/soc/common/include/socfpga_fcs.h
@@ -40,6 +40,14 @@
#define FCS_BIG_CNTR_VAL_MAX 495U
#define FCS_SVN_CNTR_VAL_MAX 64U
+/* FCS Attestation Cert Request Parameter */
+
+#define FCS_ALIAS_CERT 0x01
+#define FCS_DEV_ID_SELF_SIGN_CERT 0x02
+#define FCS_DEV_ID_ENROLL_CERT 0x04
+#define FCS_ENROLL_SELF_SIGN_CERT 0x08
+#define FCS_PLAT_KEY_CERT 0x10
+
/* FCS Payload Structure */
typedef struct fcs_encrypt_payload_t {
@@ -100,4 +108,9 @@
uint32_t intel_fcs_get_rom_patch_sha384(uint64_t addr, uint64_t *ret_size,
uint32_t *mbox_error);
+int intel_fcs_create_cert_on_reload(uint32_t cert_request,
+ uint32_t *mbox_error);
+int intel_fcs_get_attestation_cert(uint32_t cert_request, uint64_t dst_addr,
+ uint32_t *dst_size, uint32_t *mbox_error);
+
#endif /* SOCFPGA_FCS_H */