diff options
Diffstat (limited to 'chip')
-rw-r--r-- | chip/g/flash_info.h | 23 | ||||
-rw-r--r-- | chip/g/signed_header.h | 17 |
2 files changed, 30 insertions, 10 deletions
diff --git a/chip/g/flash_info.h b/chip/g/flash_info.h index 9ff730b39e..e07fac1ed7 100644 --- a/chip/g/flash_info.h +++ b/chip/g/flash_info.h @@ -11,17 +11,24 @@ #include "signed_header.h" /* - * Info1 space available to the app firmware is split in several areas. Of - * interest are the two spaces used for rollback prevention of RO and RW image - * versions. + * Info1 space available to the app firmware is split in four equal size + * areas, used as follows: * - * Each bit in the image infomap header section is mapped into a 4 byte word - * in the Info1 space. + * Area 0 - RO rollback prevention + * Area 1 - RW rollback prevention + * Area 2 - Board specific stuff + * Area 3 - Crypto scratch */ +#define INFO_AREA_SIZE (INFO_MAX * 4) +#define INFO_TOTAL_SIZE (INFO_AREA_SIZE * 4) + #define INFO_RO_MAP_OFFSET 0 -#define INFO_RO_MAP_SIZE (INFO_MAX * 4) -#define INFO_RW_MAP_OFFSET INFO_RO_MAP_SIZE -#define INFO_RW_MAP_SIZE (INFO_MAX * 4) +#define INFO_RO_MAP_SIZE INFO_AREA_SIZE + +#define INFO_RW_MAP_OFFSET (INFO_RO_MAP_OFFSET + INFO_RO_MAP_SIZE) +#define INFO_RW_MAP_SIZE INFO_AREA_SIZE + +#define INFO_BOARD_SPACE_OFFSET (INFO_RW_MAP_OFFSET + INFO_RW_MAP_SIZE) int flash_info_read_enable(uint32_t offset, size_t size); /* This in fact enables both read and write. */ diff --git a/chip/g/signed_header.h b/chip/g/signed_header.h index c4e6726c40..cafe858718 100644 --- a/chip/g/signed_header.h +++ b/chip/g/signed_header.h @@ -14,6 +14,9 @@ #define INFO_MAX 128 /* baked in rom! */ #define INFO_IGNORE 0xaa3c55c3 /* baked in rom! */ +/* Default value for _pad[] words */ +#define SIGNED_HEADER_PADDING 0x33333333 + struct SignedHeader { uint32_t magic; /* -1 (thanks, boot_sys!) */ uint32_t signature[96]; @@ -42,8 +45,18 @@ struct SignedHeader { uint32_t err_response_; /* action to take when expectation is violated */ uint32_t expect_response_; - uint32_t _pad[256 - 1 - 96 - 1 - 7 - 1 - 96 - - 5*1 - 4 - 4 - 9*1 - 2 - 1]; + /* + * Padding to bring the total structure size to 1K. Note: First 17 + * words of _pad[] may be used by a second FIPS-compliant signature, + * so don't put anything there. + */ + uint32_t _pad[24]; + /* Board ID type, mask, flags (stored ^SIGNED_HEADER_PADDING) */ + uint32_t board_id_type; + uint32_t board_id_type_mask; + uint32_t board_id_flags; + uint32_t dev_id0_; /* node id, if locked */ + uint32_t dev_id1_; uint32_t fuses_chk_; /* top 32 bit of expected fuses hash */ uint32_t info_chk_; /* top 32 bit of expected info hash */ }; |