blob: ac39e4eb188a99f573a455aea2f606e15ac317d8 [file] [log] [blame]
Manish V Badarkhe26880932020-06-29 11:12:12 +01001/*
laurenw-armc1aef7d2024-01-09 20:47:08 -06002 * Copyright (c) 2020-2024, Arm Limited. All rights reserved.
Manish V Badarkhe26880932020-06-29 11:12:12 +01003 *
4 * SPDX-License-Identifier: BSD-3-Clause
5 */
6
7#include <tools_share/tbbr_oid.h>
8#include <common/tbbr/tbbr_img_def.h>
Manish V Badarkhe4aab6692020-08-23 09:47:02 +01009#include <common/nv_cntr_ids.h>
Manish V Badarkhe26880932020-06-29 11:12:12 +010010
11cot {
12 manifests {
13 compatible = "arm, cert-descs";
14
15 trusted_boot_fw_cert: trusted_boot_fw_cert {
16 root-certificate;
17 image-id =<TRUSTED_BOOT_FW_CERT_ID>;
18 antirollback-counter = <&trusted_nv_counter>;
19
20 tb_fw_hash: tb_fw_hash {
21 oid = TRUSTED_BOOT_FW_HASH_OID;
22 };
23 tb_fw_config_hash: tb_fw_config_hash {
24 oid = TRUSTED_BOOT_FW_CONFIG_HASH_OID;
25 };
26 hw_config_hash: hw_config_hash {
27 oid = HW_CONFIG_HASH_OID;
28 };
29 fw_config_hash: fw_config_hash {
30 oid = FW_CONFIG_HASH_OID;
31 };
32 };
33
34 trusted_key_cert: trusted_key_cert {
35 root-certificate;
36 image-id = <TRUSTED_KEY_CERT_ID>;
37 antirollback-counter = <&trusted_nv_counter>;
38
39 trusted_world_pk: trusted_world_pk {
40 oid = TRUSTED_WORLD_PK_OID;
41 };
42 non_trusted_world_pk: non_trusted_world_pk {
43 oid = NON_TRUSTED_WORLD_PK_OID;
44 };
45 };
46
47 scp_fw_key_cert: scp_fw_key_cert {
48 image-id = <SCP_FW_KEY_CERT_ID>;
49 parent = <&trusted_key_cert>;
50 signing-key = <&trusted_world_pk>;
51 antirollback-counter = <&trusted_nv_counter>;
52
53 scp_fw_content_pk: scp_fw_content_pk {
54 oid = SCP_FW_CONTENT_CERT_PK_OID;
55 };
56 };
57
58 scp_fw_content_cert: scp_fw_content_cert {
59 image-id = <SCP_FW_CONTENT_CERT_ID>;
60 parent = <&scp_fw_key_cert>;
61 signing-key = <&scp_fw_content_pk>;
62 antirollback-counter = <&trusted_nv_counter>;
63
64 scp_fw_hash: scp_fw_hash {
65 oid = SCP_FW_HASH_OID;
66 };
67 };
68
69 soc_fw_key_cert: soc_fw_key_cert {
70 image-id = <SOC_FW_KEY_CERT_ID>;
71 parent = <&trusted_key_cert>;
72 signing-key = <&trusted_world_pk>;
73 antirollback-counter = <&trusted_nv_counter>;
74 soc_fw_content_pk: soc_fw_content_pk {
75 oid = SOC_FW_CONTENT_CERT_PK_OID;
76 };
77 };
78
79 soc_fw_content_cert: soc_fw_content_cert {
80 image-id = <SOC_FW_CONTENT_CERT_ID>;
81 parent = <&soc_fw_key_cert>;
82 signing-key = <&soc_fw_content_pk>;
83 antirollback-counter = <&trusted_nv_counter>;
84
85 soc_fw_hash: soc_fw_hash {
86 oid = SOC_AP_FW_HASH_OID;
87 };
88 soc_fw_config_hash: soc_fw_config_hash {
89 oid = SOC_FW_CONFIG_HASH_OID;
90 };
91 };
92
93 trusted_os_fw_key_cert: trusted_os_fw_key_cert {
94 image-id = <TRUSTED_OS_FW_KEY_CERT_ID>;
95 parent = <&trusted_key_cert>;
96 signing-key = <&trusted_world_pk>;
97 antirollback-counter = <&trusted_nv_counter>;
98
99 tos_fw_content_pk: tos_fw_content_pk {
100 oid = TRUSTED_OS_FW_CONTENT_CERT_PK_OID;
101 };
102 };
103
104 trusted_os_fw_content_cert: trusted_os_fw_content_cert {
105 image-id = <TRUSTED_OS_FW_CONTENT_CERT_ID>;
106 parent = <&trusted_os_fw_key_cert>;
107 signing-key = <&tos_fw_content_pk>;
108 antirollback-counter = <&trusted_nv_counter>;
109
110 tos_fw_hash: tos_fw_hash {
111 oid = TRUSTED_OS_FW_HASH_OID;
112 };
113 tos_fw_extra1_hash: tos_fw_extra1_hash {
114 oid = TRUSTED_OS_FW_EXTRA1_HASH_OID;
115 };
116 tos_fw_extra2_hash: tos_fw_extra2_hash {
117 oid = TRUSTED_OS_FW_EXTRA2_HASH_OID;
118 };
119 tos_fw_config_hash: tos_fw_config_hash {
120 oid = TRUSTED_OS_FW_CONFIG_HASH_OID;
121 };
122 };
123
124 non_trusted_fw_key_cert: non_trusted_fw_key_cert {
125 image-id = <NON_TRUSTED_FW_KEY_CERT_ID>;
126 parent = <&trusted_key_cert>;
127 signing-key = <&non_trusted_world_pk>;
128 antirollback-counter = <&non_trusted_nv_counter>;
129
130 nt_fw_content_pk: nt_fw_content_pk {
131 oid = NON_TRUSTED_FW_CONTENT_CERT_PK_OID;
132 };
133 };
134
135 non_trusted_fw_content_cert: non_trusted_fw_content_cert {
136 image-id = <NON_TRUSTED_FW_CONTENT_CERT_ID>;
137 parent = <&non_trusted_fw_key_cert>;
138 signing-key = <&nt_fw_content_pk>;
139 antirollback-counter = <&non_trusted_nv_counter>;
140
141 nt_world_bl_hash: nt_world_bl_hash {
142 oid = NON_TRUSTED_WORLD_BOOTLOADER_HASH_OID;
143 };
144 nt_fw_config_hash: nt_fw_config_hash {
145 oid = NON_TRUSTED_FW_CONFIG_HASH_OID;
146 };
147 };
148
149#if defined(SPD_spmd)
Manish Pandeyd07d0172020-07-23 16:54:30 +0100150 sip_sp_content_cert: sip_sp_content_cert {
151 image-id = <SIP_SP_CONTENT_CERT_ID>;
Manish V Badarkhe26880932020-06-29 11:12:12 +0100152 parent = <&trusted_key_cert>;
153 signing-key = <&trusted_world_pk>;
154 antirollback-counter = <&trusted_nv_counter>;
155
156 sp_pkg1_hash: sp_pkg1_hash {
157 oid = SP_PKG1_HASH_OID;
158 };
159 sp_pkg2_hash: sp_pkg2_hash {
160 oid = SP_PKG2_HASH_OID;
161 };
162 sp_pkg3_hash: sp_pkg3_hash {
163 oid = SP_PKG3_HASH_OID;
164 };
165 sp_pkg4_hash: sp_pkg4_hash {
166 oid = SP_PKG4_HASH_OID;
167 };
168 sp_pkg5_hash: sp_pkg5_hash {
169 oid = SP_PKG5_HASH_OID;
170 };
171 sp_pkg6_hash: sp_pkg6_hash {
172 oid = SP_PKG6_HASH_OID;
173 };
174 sp_pkg7_hash: sp_pkg7_hash {
175 oid = SP_PKG7_HASH_OID;
176 };
177 sp_pkg8_hash: sp_pkg8_hash {
178 oid = SP_PKG8_HASH_OID;
179 };
180 };
181#endif
182 };
183
184 images {
185 compatible = "arm, img-descs";
186
187 hw_config {
188 image-id = <HW_CONFIG_ID>;
189 parent = <&trusted_boot_fw_cert>;
190 hash = <&hw_config_hash>;
191 };
192
193 tb_fw_config {
194 image-id = <TB_FW_CONFIG_ID>;
195 parent = <&trusted_boot_fw_cert>;
196 hash = <&tb_fw_config_hash>;
197 };
198
199 scp_bl2_image {
200 image-id = <SCP_BL2_IMAGE_ID>;
201 parent = <&scp_fw_content_cert>;
202 hash = <&scp_fw_hash>;
203 };
204
205 bl31_image {
206 image-id = <BL31_IMAGE_ID>;
207 parent = <&soc_fw_content_cert>;
208 hash = <&soc_fw_hash>;
209 };
210
211 soc_fw_config {
212 image-id = <SOC_FW_CONFIG_ID>;
213 parent = <&soc_fw_content_cert>;
214 hash = <&soc_fw_config_hash>;
215 };
216
217 bl32_image {
218 image-id = <BL32_IMAGE_ID>;
219 parent = <&trusted_os_fw_content_cert>;
220 hash = <&tos_fw_hash>;
221 };
222
223 bl32_extra1_image {
224 image-id = <BL32_EXTRA1_IMAGE_ID>;
225 parent = <&trusted_os_fw_content_cert>;
226 hash = <&tos_fw_extra1_hash>;
227 };
228
229 bl32_extra2_image {
230 image-id = <BL32_EXTRA2_IMAGE_ID>;
231 parent = <&trusted_os_fw_content_cert>;
232 hash = <&tos_fw_extra2_hash>;
233 };
234
235 tos_fw_config {
236 image-id = <TOS_FW_CONFIG_ID>;
237 parent = <&trusted_os_fw_content_cert>;
238 hash = <&tos_fw_config_hash>;
239 };
240
241 bl33_image {
242 image-id = <BL33_IMAGE_ID>;
243 parent = <&non_trusted_fw_content_cert>;
244 hash = <&nt_world_bl_hash>;
245 };
246
247 nt_fw_config {
248 image-id = <NT_FW_CONFIG_ID>;
249 parent = <&non_trusted_fw_content_cert>;
250 hash = <&nt_fw_config_hash>;
251 };
252
253#if defined(SPD_spmd)
254 sp_pkg1 {
Manish Pandeyd07d0172020-07-23 16:54:30 +0100255 image-id = <SP_PKG1_ID>;
256 parent = <&sip_sp_content_cert>;
Manish V Badarkhe26880932020-06-29 11:12:12 +0100257 hash = <&sp_pkg1_hash>;
258 };
259
260 sp_pkg2 {
Manish Pandeyd07d0172020-07-23 16:54:30 +0100261 image-id = <SP_PKG2_ID>;
262 parent = <&sip_sp_content_cert>;
Manish V Badarkhe26880932020-06-29 11:12:12 +0100263 hash = <&sp_pkg2_hash>;
264 };
265
266 sp_pkg3 {
Manish Pandeyd07d0172020-07-23 16:54:30 +0100267 image-id = <SP_PKG3_ID>;
268 parent = <&sip_sp_content_cert>;
Manish V Badarkhe26880932020-06-29 11:12:12 +0100269 hash = <&sp_pkg3_hash>;
270 };
271
272 sp_pkg4 {
Manish Pandeyd07d0172020-07-23 16:54:30 +0100273 image-id = <SP_PKG4_ID>;
274 parent = <&sip_sp_content_cert>;
Manish V Badarkhe26880932020-06-29 11:12:12 +0100275 hash = <&sp_pkg4_hash>;
276 };
277
278 sp_pkg5 {
Manish Pandeyd07d0172020-07-23 16:54:30 +0100279 image-id = <SP_PKG5_ID>;
280 parent = <&sip_sp_content_cert>;
Manish V Badarkhe26880932020-06-29 11:12:12 +0100281 hash = <&sp_pkg5_hash>;
282 };
283
284 sp_pkg6 {
Manish Pandeyd07d0172020-07-23 16:54:30 +0100285 image-id = <SP_PKG6_ID>;
286 parent = <&sip_sp_content_cert>;
Manish V Badarkhe26880932020-06-29 11:12:12 +0100287 hash = <&sp_pkg6_hash>;
288 };
289
290 sp_pkg7 {
Manish Pandeyd07d0172020-07-23 16:54:30 +0100291 image-id = <SP_PKG7_ID>;
292 parent = <&sip_sp_content_cert>;
Manish V Badarkhe26880932020-06-29 11:12:12 +0100293 hash = <&sp_pkg7_hash>;
294 };
295
296 sp_pkg8 {
Manish Pandeyd07d0172020-07-23 16:54:30 +0100297 image-id = <SP_PKG8_ID>;
298 parent = <&sip_sp_content_cert>;
Manish V Badarkhe26880932020-06-29 11:12:12 +0100299 hash = <&sp_pkg8_hash>;
300 };
301#endif
302 };
303};
304
Manish V Badarkhe4aab6692020-08-23 09:47:02 +0100305non_volatile_counters: non_volatile_counters {
Manish V Badarkhe26880932020-06-29 11:12:12 +0100306 compatible = "arm, non-volatile-counter";
307
308 #address-cells = <1>;
309 #size-cells = <0>;
310
Manish V Badarkhe4aab6692020-08-23 09:47:02 +0100311 trusted_nv_counter: trusted_nv_counter {
312 id = <TRUSTED_NV_CTR_ID>;
313 oid = TRUSTED_FW_NVCOUNTER_OID;
314 };
315
316 non_trusted_nv_counter: non_trusted_nv_counter {
317 id = <NON_TRUSTED_NV_CTR_ID>;
318 oid = NON_TRUSTED_FW_NVCOUNTER_OID;
Manish V Badarkhe26880932020-06-29 11:12:12 +0100319 };
320};