1*54fd6939SJiyong Park/* 2*54fd6939SJiyong Park * Copyright (c) 2020, ARM Limited. All rights reserved. 3*54fd6939SJiyong Park * 4*54fd6939SJiyong Park * SPDX-License-Identifier: BSD-3-Clause 5*54fd6939SJiyong Park */ 6*54fd6939SJiyong Park 7*54fd6939SJiyong Park#include <tools_share/tbbr_oid.h> 8*54fd6939SJiyong Park#include <common/tbbr/tbbr_img_def.h> 9*54fd6939SJiyong Park#include <common/nv_cntr_ids.h> 10*54fd6939SJiyong Park 11*54fd6939SJiyong Parkcot { 12*54fd6939SJiyong Park manifests { 13*54fd6939SJiyong Park compatible = "arm, cert-descs"; 14*54fd6939SJiyong Park 15*54fd6939SJiyong Park trusted_boot_fw_cert: trusted_boot_fw_cert { 16*54fd6939SJiyong Park root-certificate; 17*54fd6939SJiyong Park image-id =<TRUSTED_BOOT_FW_CERT_ID>; 18*54fd6939SJiyong Park antirollback-counter = <&trusted_nv_counter>; 19*54fd6939SJiyong Park 20*54fd6939SJiyong Park tb_fw_hash: tb_fw_hash { 21*54fd6939SJiyong Park oid = TRUSTED_BOOT_FW_HASH_OID; 22*54fd6939SJiyong Park }; 23*54fd6939SJiyong Park tb_fw_config_hash: tb_fw_config_hash { 24*54fd6939SJiyong Park oid = TRUSTED_BOOT_FW_CONFIG_HASH_OID; 25*54fd6939SJiyong Park }; 26*54fd6939SJiyong Park hw_config_hash: hw_config_hash { 27*54fd6939SJiyong Park oid = HW_CONFIG_HASH_OID; 28*54fd6939SJiyong Park }; 29*54fd6939SJiyong Park fw_config_hash: fw_config_hash { 30*54fd6939SJiyong Park oid = FW_CONFIG_HASH_OID; 31*54fd6939SJiyong Park }; 32*54fd6939SJiyong Park }; 33*54fd6939SJiyong Park 34*54fd6939SJiyong Park trusted_key_cert: trusted_key_cert { 35*54fd6939SJiyong Park root-certificate; 36*54fd6939SJiyong Park image-id = <TRUSTED_KEY_CERT_ID>; 37*54fd6939SJiyong Park antirollback-counter = <&trusted_nv_counter>; 38*54fd6939SJiyong Park 39*54fd6939SJiyong Park trusted_world_pk: trusted_world_pk { 40*54fd6939SJiyong Park oid = TRUSTED_WORLD_PK_OID; 41*54fd6939SJiyong Park }; 42*54fd6939SJiyong Park non_trusted_world_pk: non_trusted_world_pk { 43*54fd6939SJiyong Park oid = NON_TRUSTED_WORLD_PK_OID; 44*54fd6939SJiyong Park }; 45*54fd6939SJiyong Park }; 46*54fd6939SJiyong Park 47*54fd6939SJiyong Park scp_fw_key_cert: scp_fw_key_cert { 48*54fd6939SJiyong Park image-id = <SCP_FW_KEY_CERT_ID>; 49*54fd6939SJiyong Park parent = <&trusted_key_cert>; 50*54fd6939SJiyong Park signing-key = <&trusted_world_pk>; 51*54fd6939SJiyong Park antirollback-counter = <&trusted_nv_counter>; 52*54fd6939SJiyong Park 53*54fd6939SJiyong Park scp_fw_content_pk: scp_fw_content_pk { 54*54fd6939SJiyong Park oid = SCP_FW_CONTENT_CERT_PK_OID; 55*54fd6939SJiyong Park }; 56*54fd6939SJiyong Park }; 57*54fd6939SJiyong Park 58*54fd6939SJiyong Park scp_fw_content_cert: scp_fw_content_cert { 59*54fd6939SJiyong Park image-id = <SCP_FW_CONTENT_CERT_ID>; 60*54fd6939SJiyong Park parent = <&scp_fw_key_cert>; 61*54fd6939SJiyong Park signing-key = <&scp_fw_content_pk>; 62*54fd6939SJiyong Park antirollback-counter = <&trusted_nv_counter>; 63*54fd6939SJiyong Park 64*54fd6939SJiyong Park scp_fw_hash: scp_fw_hash { 65*54fd6939SJiyong Park oid = SCP_FW_HASH_OID; 66*54fd6939SJiyong Park }; 67*54fd6939SJiyong Park }; 68*54fd6939SJiyong Park 69*54fd6939SJiyong Park soc_fw_key_cert: soc_fw_key_cert { 70*54fd6939SJiyong Park image-id = <SOC_FW_KEY_CERT_ID>; 71*54fd6939SJiyong Park parent = <&trusted_key_cert>; 72*54fd6939SJiyong Park signing-key = <&trusted_world_pk>; 73*54fd6939SJiyong Park antirollback-counter = <&trusted_nv_counter>; 74*54fd6939SJiyong Park soc_fw_content_pk: soc_fw_content_pk { 75*54fd6939SJiyong Park oid = SOC_FW_CONTENT_CERT_PK_OID; 76*54fd6939SJiyong Park }; 77*54fd6939SJiyong Park }; 78*54fd6939SJiyong Park 79*54fd6939SJiyong Park soc_fw_content_cert: soc_fw_content_cert { 80*54fd6939SJiyong Park image-id = <SOC_FW_CONTENT_CERT_ID>; 81*54fd6939SJiyong Park parent = <&soc_fw_key_cert>; 82*54fd6939SJiyong Park signing-key = <&soc_fw_content_pk>; 83*54fd6939SJiyong Park antirollback-counter = <&trusted_nv_counter>; 84*54fd6939SJiyong Park 85*54fd6939SJiyong Park soc_fw_hash: soc_fw_hash { 86*54fd6939SJiyong Park oid = SOC_AP_FW_HASH_OID; 87*54fd6939SJiyong Park }; 88*54fd6939SJiyong Park soc_fw_config_hash: soc_fw_config_hash { 89*54fd6939SJiyong Park oid = SOC_FW_CONFIG_HASH_OID; 90*54fd6939SJiyong Park }; 91*54fd6939SJiyong Park }; 92*54fd6939SJiyong Park 93*54fd6939SJiyong Park trusted_os_fw_key_cert: trusted_os_fw_key_cert { 94*54fd6939SJiyong Park image-id = <TRUSTED_OS_FW_KEY_CERT_ID>; 95*54fd6939SJiyong Park parent = <&trusted_key_cert>; 96*54fd6939SJiyong Park signing-key = <&trusted_world_pk>; 97*54fd6939SJiyong Park antirollback-counter = <&trusted_nv_counter>; 98*54fd6939SJiyong Park 99*54fd6939SJiyong Park tos_fw_content_pk: tos_fw_content_pk { 100*54fd6939SJiyong Park oid = TRUSTED_OS_FW_CONTENT_CERT_PK_OID; 101*54fd6939SJiyong Park }; 102*54fd6939SJiyong Park }; 103*54fd6939SJiyong Park 104*54fd6939SJiyong Park trusted_os_fw_content_cert: trusted_os_fw_content_cert { 105*54fd6939SJiyong Park image-id = <TRUSTED_OS_FW_CONTENT_CERT_ID>; 106*54fd6939SJiyong Park parent = <&trusted_os_fw_key_cert>; 107*54fd6939SJiyong Park signing-key = <&tos_fw_content_pk>; 108*54fd6939SJiyong Park antirollback-counter = <&trusted_nv_counter>; 109*54fd6939SJiyong Park 110*54fd6939SJiyong Park tos_fw_hash: tos_fw_hash { 111*54fd6939SJiyong Park oid = TRUSTED_OS_FW_HASH_OID; 112*54fd6939SJiyong Park }; 113*54fd6939SJiyong Park tos_fw_extra1_hash: tos_fw_extra1_hash { 114*54fd6939SJiyong Park oid = TRUSTED_OS_FW_EXTRA1_HASH_OID; 115*54fd6939SJiyong Park }; 116*54fd6939SJiyong Park tos_fw_extra2_hash: tos_fw_extra2_hash { 117*54fd6939SJiyong Park oid = TRUSTED_OS_FW_EXTRA2_HASH_OID; 118*54fd6939SJiyong Park }; 119*54fd6939SJiyong Park tos_fw_config_hash: tos_fw_config_hash { 120*54fd6939SJiyong Park oid = TRUSTED_OS_FW_CONFIG_HASH_OID; 121*54fd6939SJiyong Park }; 122*54fd6939SJiyong Park }; 123*54fd6939SJiyong Park 124*54fd6939SJiyong Park non_trusted_fw_key_cert: non_trusted_fw_key_cert { 125*54fd6939SJiyong Park image-id = <NON_TRUSTED_FW_KEY_CERT_ID>; 126*54fd6939SJiyong Park parent = <&trusted_key_cert>; 127*54fd6939SJiyong Park signing-key = <&non_trusted_world_pk>; 128*54fd6939SJiyong Park antirollback-counter = <&non_trusted_nv_counter>; 129*54fd6939SJiyong Park 130*54fd6939SJiyong Park nt_fw_content_pk: nt_fw_content_pk { 131*54fd6939SJiyong Park oid = NON_TRUSTED_FW_CONTENT_CERT_PK_OID; 132*54fd6939SJiyong Park }; 133*54fd6939SJiyong Park }; 134*54fd6939SJiyong Park 135*54fd6939SJiyong Park non_trusted_fw_content_cert: non_trusted_fw_content_cert { 136*54fd6939SJiyong Park image-id = <NON_TRUSTED_FW_CONTENT_CERT_ID>; 137*54fd6939SJiyong Park parent = <&non_trusted_fw_key_cert>; 138*54fd6939SJiyong Park signing-key = <&nt_fw_content_pk>; 139*54fd6939SJiyong Park antirollback-counter = <&non_trusted_nv_counter>; 140*54fd6939SJiyong Park 141*54fd6939SJiyong Park nt_world_bl_hash: nt_world_bl_hash { 142*54fd6939SJiyong Park oid = NON_TRUSTED_WORLD_BOOTLOADER_HASH_OID; 143*54fd6939SJiyong Park }; 144*54fd6939SJiyong Park nt_fw_config_hash: nt_fw_config_hash { 145*54fd6939SJiyong Park oid = NON_TRUSTED_FW_CONFIG_HASH_OID; 146*54fd6939SJiyong Park }; 147*54fd6939SJiyong Park }; 148*54fd6939SJiyong Park 149*54fd6939SJiyong Park#if defined(SPD_spmd) 150*54fd6939SJiyong Park sip_sp_content_cert: sip_sp_content_cert { 151*54fd6939SJiyong Park image-id = <SIP_SP_CONTENT_CERT_ID>; 152*54fd6939SJiyong Park parent = <&trusted_key_cert>; 153*54fd6939SJiyong Park signing-key = <&trusted_world_pk>; 154*54fd6939SJiyong Park antirollback-counter = <&trusted_nv_counter>; 155*54fd6939SJiyong Park 156*54fd6939SJiyong Park sp_pkg1_hash: sp_pkg1_hash { 157*54fd6939SJiyong Park oid = SP_PKG1_HASH_OID; 158*54fd6939SJiyong Park }; 159*54fd6939SJiyong Park sp_pkg2_hash: sp_pkg2_hash { 160*54fd6939SJiyong Park oid = SP_PKG2_HASH_OID; 161*54fd6939SJiyong Park }; 162*54fd6939SJiyong Park sp_pkg3_hash: sp_pkg3_hash { 163*54fd6939SJiyong Park oid = SP_PKG3_HASH_OID; 164*54fd6939SJiyong Park }; 165*54fd6939SJiyong Park sp_pkg4_hash: sp_pkg4_hash { 166*54fd6939SJiyong Park oid = SP_PKG4_HASH_OID; 167*54fd6939SJiyong Park }; 168*54fd6939SJiyong Park sp_pkg5_hash: sp_pkg5_hash { 169*54fd6939SJiyong Park oid = SP_PKG5_HASH_OID; 170*54fd6939SJiyong Park }; 171*54fd6939SJiyong Park sp_pkg6_hash: sp_pkg6_hash { 172*54fd6939SJiyong Park oid = SP_PKG6_HASH_OID; 173*54fd6939SJiyong Park }; 174*54fd6939SJiyong Park sp_pkg7_hash: sp_pkg7_hash { 175*54fd6939SJiyong Park oid = SP_PKG7_HASH_OID; 176*54fd6939SJiyong Park }; 177*54fd6939SJiyong Park sp_pkg8_hash: sp_pkg8_hash { 178*54fd6939SJiyong Park oid = SP_PKG8_HASH_OID; 179*54fd6939SJiyong Park }; 180*54fd6939SJiyong Park }; 181*54fd6939SJiyong Park#endif 182*54fd6939SJiyong Park }; 183*54fd6939SJiyong Park 184*54fd6939SJiyong Park images { 185*54fd6939SJiyong Park compatible = "arm, img-descs"; 186*54fd6939SJiyong Park 187*54fd6939SJiyong Park hw_config { 188*54fd6939SJiyong Park image-id = <HW_CONFIG_ID>; 189*54fd6939SJiyong Park parent = <&trusted_boot_fw_cert>; 190*54fd6939SJiyong Park hash = <&hw_config_hash>; 191*54fd6939SJiyong Park }; 192*54fd6939SJiyong Park 193*54fd6939SJiyong Park tb_fw_config { 194*54fd6939SJiyong Park image-id = <TB_FW_CONFIG_ID>; 195*54fd6939SJiyong Park parent = <&trusted_boot_fw_cert>; 196*54fd6939SJiyong Park hash = <&tb_fw_config_hash>; 197*54fd6939SJiyong Park }; 198*54fd6939SJiyong Park 199*54fd6939SJiyong Park scp_bl2_image { 200*54fd6939SJiyong Park image-id = <SCP_BL2_IMAGE_ID>; 201*54fd6939SJiyong Park parent = <&scp_fw_content_cert>; 202*54fd6939SJiyong Park hash = <&scp_fw_hash>; 203*54fd6939SJiyong Park }; 204*54fd6939SJiyong Park 205*54fd6939SJiyong Park bl31_image { 206*54fd6939SJiyong Park image-id = <BL31_IMAGE_ID>; 207*54fd6939SJiyong Park parent = <&soc_fw_content_cert>; 208*54fd6939SJiyong Park hash = <&soc_fw_hash>; 209*54fd6939SJiyong Park }; 210*54fd6939SJiyong Park 211*54fd6939SJiyong Park soc_fw_config { 212*54fd6939SJiyong Park image-id = <SOC_FW_CONFIG_ID>; 213*54fd6939SJiyong Park parent = <&soc_fw_content_cert>; 214*54fd6939SJiyong Park hash = <&soc_fw_config_hash>; 215*54fd6939SJiyong Park }; 216*54fd6939SJiyong Park 217*54fd6939SJiyong Park bl32_image { 218*54fd6939SJiyong Park image-id = <BL32_IMAGE_ID>; 219*54fd6939SJiyong Park parent = <&trusted_os_fw_content_cert>; 220*54fd6939SJiyong Park hash = <&tos_fw_hash>; 221*54fd6939SJiyong Park }; 222*54fd6939SJiyong Park 223*54fd6939SJiyong Park bl32_extra1_image { 224*54fd6939SJiyong Park image-id = <BL32_EXTRA1_IMAGE_ID>; 225*54fd6939SJiyong Park parent = <&trusted_os_fw_content_cert>; 226*54fd6939SJiyong Park hash = <&tos_fw_extra1_hash>; 227*54fd6939SJiyong Park }; 228*54fd6939SJiyong Park 229*54fd6939SJiyong Park bl32_extra2_image { 230*54fd6939SJiyong Park image-id = <BL32_EXTRA2_IMAGE_ID>; 231*54fd6939SJiyong Park parent = <&trusted_os_fw_content_cert>; 232*54fd6939SJiyong Park hash = <&tos_fw_extra2_hash>; 233*54fd6939SJiyong Park }; 234*54fd6939SJiyong Park 235*54fd6939SJiyong Park tos_fw_config { 236*54fd6939SJiyong Park image-id = <TOS_FW_CONFIG_ID>; 237*54fd6939SJiyong Park parent = <&trusted_os_fw_content_cert>; 238*54fd6939SJiyong Park hash = <&tos_fw_config_hash>; 239*54fd6939SJiyong Park }; 240*54fd6939SJiyong Park 241*54fd6939SJiyong Park bl33_image { 242*54fd6939SJiyong Park image-id = <BL33_IMAGE_ID>; 243*54fd6939SJiyong Park parent = <&non_trusted_fw_content_cert>; 244*54fd6939SJiyong Park hash = <&nt_world_bl_hash>; 245*54fd6939SJiyong Park }; 246*54fd6939SJiyong Park 247*54fd6939SJiyong Park nt_fw_config { 248*54fd6939SJiyong Park image-id = <NT_FW_CONFIG_ID>; 249*54fd6939SJiyong Park parent = <&non_trusted_fw_content_cert>; 250*54fd6939SJiyong Park hash = <&nt_fw_config_hash>; 251*54fd6939SJiyong Park }; 252*54fd6939SJiyong Park 253*54fd6939SJiyong Park#if defined(SPD_spmd) 254*54fd6939SJiyong Park sp_pkg1 { 255*54fd6939SJiyong Park image-id = <SP_PKG1_ID>; 256*54fd6939SJiyong Park parent = <&sip_sp_content_cert>; 257*54fd6939SJiyong Park hash = <&sp_pkg1_hash>; 258*54fd6939SJiyong Park }; 259*54fd6939SJiyong Park 260*54fd6939SJiyong Park sp_pkg2 { 261*54fd6939SJiyong Park image-id = <SP_PKG2_ID>; 262*54fd6939SJiyong Park parent = <&sip_sp_content_cert>; 263*54fd6939SJiyong Park hash = <&sp_pkg2_hash>; 264*54fd6939SJiyong Park }; 265*54fd6939SJiyong Park 266*54fd6939SJiyong Park sp_pkg3 { 267*54fd6939SJiyong Park image-id = <SP_PKG3_ID>; 268*54fd6939SJiyong Park parent = <&sip_sp_content_cert>; 269*54fd6939SJiyong Park hash = <&sp_pkg3_hash>; 270*54fd6939SJiyong Park }; 271*54fd6939SJiyong Park 272*54fd6939SJiyong Park sp_pkg4 { 273*54fd6939SJiyong Park image-id = <SP_PKG4_ID>; 274*54fd6939SJiyong Park parent = <&sip_sp_content_cert>; 275*54fd6939SJiyong Park hash = <&sp_pkg4_hash>; 276*54fd6939SJiyong Park }; 277*54fd6939SJiyong Park 278*54fd6939SJiyong Park sp_pkg5 { 279*54fd6939SJiyong Park image-id = <SP_PKG5_ID>; 280*54fd6939SJiyong Park parent = <&sip_sp_content_cert>; 281*54fd6939SJiyong Park hash = <&sp_pkg5_hash>; 282*54fd6939SJiyong Park }; 283*54fd6939SJiyong Park 284*54fd6939SJiyong Park sp_pkg6 { 285*54fd6939SJiyong Park image-id = <SP_PKG6_ID>; 286*54fd6939SJiyong Park parent = <&sip_sp_content_cert>; 287*54fd6939SJiyong Park hash = <&sp_pkg6_hash>; 288*54fd6939SJiyong Park }; 289*54fd6939SJiyong Park 290*54fd6939SJiyong Park sp_pkg7 { 291*54fd6939SJiyong Park image-id = <SP_PKG7_ID>; 292*54fd6939SJiyong Park parent = <&sip_sp_content_cert>; 293*54fd6939SJiyong Park hash = <&sp_pkg7_hash>; 294*54fd6939SJiyong Park }; 295*54fd6939SJiyong Park 296*54fd6939SJiyong Park sp_pkg8 { 297*54fd6939SJiyong Park image-id = <SP_PKG8_ID>; 298*54fd6939SJiyong Park parent = <&sip_sp_content_cert>; 299*54fd6939SJiyong Park hash = <&sp_pkg8_hash>; 300*54fd6939SJiyong Park }; 301*54fd6939SJiyong Park#endif 302*54fd6939SJiyong Park }; 303*54fd6939SJiyong Park}; 304*54fd6939SJiyong Park 305*54fd6939SJiyong Parknon_volatile_counters: non_volatile_counters { 306*54fd6939SJiyong Park compatible = "arm, non-volatile-counter"; 307*54fd6939SJiyong Park 308*54fd6939SJiyong Park #address-cells = <1>; 309*54fd6939SJiyong Park #size-cells = <0>; 310*54fd6939SJiyong Park 311*54fd6939SJiyong Park trusted_nv_counter: trusted_nv_counter { 312*54fd6939SJiyong Park id = <TRUSTED_NV_CTR_ID>; 313*54fd6939SJiyong Park oid = TRUSTED_FW_NVCOUNTER_OID; 314*54fd6939SJiyong Park }; 315*54fd6939SJiyong Park 316*54fd6939SJiyong Park non_trusted_nv_counter: non_trusted_nv_counter { 317*54fd6939SJiyong Park id = <NON_TRUSTED_NV_CTR_ID>; 318*54fd6939SJiyong Park oid = NON_TRUSTED_FW_NVCOUNTER_OID; 319*54fd6939SJiyong Park }; 320*54fd6939SJiyong Park}; 321