Switchtec Userspace  PROJECT_NUMBER = PROJECT_NUMBER=PROJECT_NUMBER = 2.2
mfg.h
1 /*
2  * Microsemi Switchtec(tm) PCIe Management Library
3  * Copyright (c) 2019, Microsemi Corporation
4  *
5  * Permission is hereby granted, free of charge, to any person obtaining a
6  * copy of this software and associated documentation files (the "Software"),
7  * to deal in the Software without restriction, including without limitation
8  * the rights to use, copy, modify, merge, publish, distribute, sublicense,
9  * and/or sell copies of the Software, and to permit persons to whom the
10  * Software is furnished to do so, subject to the following conditions:
11  *
12  * The above copyright notice and this permission notice shall be included
13  * in all copies or substantial portions of the Software.
14  *
15  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
16  * OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17  * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
18  * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR
19  * OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
20  * ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
21  * OTHER DEALINGS IN THE SOFTWARE.
22  *
23  */
24 
25 #ifndef LIBSWITCHTEC_MFG_H
26 #define LIBSWITCHTEC_MFG_H
27 
28 #define SWITCHTEC_MB_LOG_LEN 64
29 
30 #define SWITCHTEC_PUB_KEY_LEN 512
31 #define SWITCHTEC_SIG_LEN 512
32 #define SWITCHTEC_KMSK_LEN 64
33 #define SWITCHTEC_KMSK_NUM 4
34 
35 struct switchtec_sn_ver_info {
36  uint32_t chip_serial;
37  uint32_t ver_km;
38  uint32_t ver_bl2;
39  uint32_t ver_main;
40  uint32_t ver_sec_unlock;
41 };
42 enum switchtec_debug_mode {
43  SWITCHTEC_DEBUG_MODE_ENABLED,
44  SWITCHTEC_DEBUG_MODE_DISABLED_BUT_ENABLE_ALLOWED,
45  SWITCHTEC_DEBUG_MODE_DISABLED
46 };
47 
48 enum switchtec_secure_state {
49  SWITCHTEC_UNINITIALIZED_UNSECURED,
50  SWITCHTEC_INITIALIZED_UNSECURED,
51  SWITCHTEC_INITIALIZED_SECURED,
52  SWITCHTEC_SECURE_STATE_UNKNOWN = 0xff,
53 };
54 
55 enum switchtec_spi_clk_rate {
56  SWITCHTEC_SPI_RATE_100M = 1,
57  SWITCHTEC_SPI_RATE_67M,
58  SWITCHTEC_SPI_RATE_50M,
59  SWITCHTEC_SPI_RATE_40M,
60  SWITCHTEC_SPI_RATE_33_33M,
61  SWITCHTEC_SPI_RATE_28_57M,
62  SWITCHTEC_SPI_RATE_25M,
63  SWITCHTEC_SPI_RATE_22_22M,
64  SWITCHTEC_SPI_RATE_20M,
65  SWITCHTEC_SPI_RATE_18_18M
66 };
67 
68 struct switchtec_security_cfg_state {
69  uint8_t basic_setting_valid;
70  uint8_t public_key_exp_valid;
71  uint8_t public_key_num_valid;
72  uint8_t public_key_ver_valid;
73  uint8_t public_key_valid;
74 
75  enum switchtec_debug_mode debug_mode;
76  enum switchtec_secure_state secure_state;
77 
78  uint8_t jtag_lock_after_reset;
79  uint8_t jtag_lock_after_bl1;
80  uint8_t jtag_bl1_unlock_allowed;
81  uint8_t jtag_post_bl1_unlock_allowed;
82 
83  enum switchtec_spi_clk_rate spi_clk_rate;
84  uint32_t i2c_recovery_tmo;
85  uint32_t i2c_port;
86  uint32_t i2c_addr;
87  uint32_t i2c_cmd_map;
88  uint32_t public_key_exponent;
89  uint32_t public_key_num;
90  uint32_t public_key_ver;
91 
92  uint8_t public_key[SWITCHTEC_KMSK_NUM][SWITCHTEC_KMSK_LEN];
93 };
94 
95 struct switchtec_security_cfg_set {
96  uint8_t jtag_lock_after_reset;
97  uint8_t jtag_lock_after_bl1;
98  uint8_t jtag_bl1_unlock_allowed;
99  uint8_t jtag_post_bl1_unlock_allowed;
100 
101  uint32_t spi_clk_rate;
102  uint32_t i2c_recovery_tmo;
103  uint32_t i2c_port;
104  uint32_t i2c_addr;
105  uint32_t i2c_cmd_map;
106  uint32_t public_key_exponent;
107 };
108 
109 enum switchtec_active_index_id {
110  SWITCHTEC_ACTIVE_INDEX_0 = 0,
111  SWITCHTEC_ACTIVE_INDEX_1 = 1,
112  SWITCHTEC_ACTIVE_INDEX_NOT_SET = 0xfe
113 };
114 
115 struct switchtec_active_index {
116  enum switchtec_active_index_id bl2;
117  enum switchtec_active_index_id firmware;
118  enum switchtec_active_index_id config;
119  enum switchtec_active_index_id keyman;
120 };
121 
122 enum switchtec_bl2_recovery_mode {
123  SWITCHTEC_BL2_RECOVERY_I2C = 1,
124  SWITCHTEC_BL2_RECOVERY_XMODEM = 2,
125  SWITCHTEC_BL2_RECOVERY_I2C_AND_XMODEM = 3
126 };
127 
128 struct switchtec_kmsk {
129  uint8_t kmsk[SWITCHTEC_KMSK_LEN];
130 };
131 
132 struct switchtec_pubkey {
133  uint8_t pubkey[SWITCHTEC_PUB_KEY_LEN];
134  uint32_t pubkey_exp;
135 };
136 
137 struct switchtec_signature{
138  uint8_t signature[SWITCHTEC_SIG_LEN];
139 };
140 
141 int switchtec_sn_ver_get(struct switchtec_dev *dev,
142  struct switchtec_sn_ver_info *info);
143 int switchtec_security_config_get(struct switchtec_dev *dev,
144  struct switchtec_security_cfg_state *state);
145 int switchtec_security_config_set(struct switchtec_dev *dev,
146  struct switchtec_security_cfg_set *setting);
147 int switchtec_mailbox_to_file(struct switchtec_dev *dev, int fd);
148 int switchtec_active_image_index_get(struct switchtec_dev *dev,
149  struct switchtec_active_index *index);
150 int switchtec_active_image_index_set(struct switchtec_dev *dev,
151  struct switchtec_active_index *index);
152 int switchtec_fw_exec(struct switchtec_dev *dev,
153  enum switchtec_bl2_recovery_mode recovery_mode);
154 int switchtec_boot_resume(struct switchtec_dev *dev);
155 int switchtec_kmsk_set(struct switchtec_dev *dev,
156  struct switchtec_pubkey *public_key,
157  struct switchtec_signature *signature,
158  struct switchtec_kmsk *kmsk);
159 int switchtec_secure_state_set(struct switchtec_dev *dev,
160  enum switchtec_secure_state state);
161 int switchtec_dbg_unlock(struct switchtec_dev *dev, uint32_t serial,
162  uint32_t ver_sec_unlock,
163  struct switchtec_pubkey *public_key,
164  struct switchtec_signature *signature);
165 int switchtec_dbg_unlock_version_update(struct switchtec_dev *dev,
166  uint32_t serial,
167  uint32_t ver_sec_unlock,
168  struct switchtec_pubkey *public_key,
169  struct switchtec_signature *signature);
170 int switchtec_read_sec_cfg_file(FILE *setting_file,
171  struct switchtec_security_cfg_set *set);
172 int switchtec_read_pubk_file(FILE *pubk_file, struct switchtec_pubkey *pubk);
173 int switchtec_read_kmsk_file(FILE *kmsk_file, struct switchtec_kmsk *kmsk);
174 int switchtec_read_signature_file(FILE *sig_file,
175  struct switchtec_signature *sigature);
176 int
177 switchtec_security_state_has_kmsk(struct switchtec_security_cfg_state *state,
178  struct switchtec_kmsk *kmsk);
179 
180 #endif // LIBSWITCHTEC_MFG_H
switchtec_active_image_index_get
int switchtec_active_image_index_get(struct switchtec_dev *dev, struct switchtec_active_index *index)
Get active image index.
Definition: mfg.c:306
switchtec_fw_exec
int switchtec_fw_exec(struct switchtec_dev *dev, enum switchtec_bl2_recovery_mode recovery_mode)
Execute the transferred firmware.
Definition: mfg.c:388
switchtec_sn_ver_info
Definition: mfg.h:35
switchtec_kmsk_set
int switchtec_kmsk_set(struct switchtec_dev *dev, struct switchtec_pubkey *public_key, struct switchtec_signature *signature, struct switchtec_kmsk *kmsk)
Set KMSK entry KMSK stands for Key Manifest Secure Key. It is a key used to verify Key Manifest parti...
Definition: mfg.c:675
switchtec_mailbox_to_file
int switchtec_mailbox_to_file(struct switchtec_dev *dev, int fd)
Retrieve mailbox entries.
Definition: mfg.c:219
switchtec_read_sec_cfg_file
int switchtec_read_sec_cfg_file(FILE *setting_file, struct switchtec_security_cfg_set *set)
Read security settings from config file.
Definition: mfg.c:540
switchtec_security_cfg_state
Definition: mfg.h:68
switchtec_secure_state_set
int switchtec_secure_state_set(struct switchtec_dev *dev, enum switchtec_secure_state state)
Set device secure state.
Definition: mfg.c:428
switchtec_security_cfg_set
Definition: mfg.h:95
switchtec_read_signature_file
int switchtec_read_signature_file(FILE *sig_file, struct switchtec_signature *sigature)
Read signature data from signature file.
Definition: mfg.c:774
switchtec_sn_ver_get
int switchtec_sn_ver_get(struct switchtec_dev *dev, struct switchtec_sn_ver_info *info)
Get serial number and security version.
Definition: mfg.c:127
switchtec_security_config_set
int switchtec_security_config_set(struct switchtec_dev *dev, struct switchtec_security_cfg_set *setting)
Set secure settings.
Definition: mfg.c:255
switchtec_dbg_unlock_version_update
int switchtec_dbg_unlock_version_update(struct switchtec_dev *dev, uint32_t serial, uint32_t ver_sec_unlock, struct switchtec_pubkey *public_key, struct switchtec_signature *signature)
Update firmware debug secure unlock version number.
Definition: mfg.c:506
switchtec_read_kmsk_file
int switchtec_read_kmsk_file(FILE *kmsk_file, struct switchtec_kmsk *kmsk)
Read KMSK data from KMSK file.
Definition: mfg.c:737
switchtec_signature
Definition: mfg.h:137
switchtec_active_index
Definition: mfg.h:115
switchtec_pubkey
Definition: mfg.h:132
switchtec_security_config_get
int switchtec_security_config_get(struct switchtec_dev *dev, struct switchtec_security_cfg_state *state)
Get secure boot configurations.
Definition: mfg.c:152
switchtec_dbg_unlock
int switchtec_dbg_unlock(struct switchtec_dev *dev, uint32_t serial, uint32_t ver_sec_unlock, struct switchtec_pubkey *public_key, struct switchtec_signature *signature)
Unlock firmware debug features.
Definition: mfg.c:470
switchtec_boot_resume
int switchtec_boot_resume(struct switchtec_dev *dev)
Resume device boot. Note that after calling this function, the current 'dev' pointer is no longer val...
Definition: mfg.c:416
switchtec_kmsk
Definition: mfg.h:128
switchtec_security_state_has_kmsk
int switchtec_security_state_has_kmsk(struct switchtec_security_cfg_state *state, struct switchtec_kmsk *kmsk)
Check if secure config already has a KMSK entry KMSK stands for Key Manifest Secure Key...
Definition: mfg.c:798
switchtec_active_image_index_set
int switchtec_active_image_index_set(struct switchtec_dev *dev, struct switchtec_active_index *index)
Set active image index.
Definition: mfg.c:333
Generated by   doxygen 1.8.11