From 97b8b1760075d3bdfedc3189df96f06162eb0c9d Mon Sep 17 00:00:00 2001 From: Raul E Rangel Date: Wed, 24 Feb 2021 16:59:32 -0700 Subject: soc/amd/cezanne: Add PSP whitelist debug unlock support Signed-off-by: Raul E Rangel Signed-off-by: Felix Held Change-Id: Ibe3136682d2a9d248d5c6f26957e69013e4847ac Reviewed-on: https://review.coreboot.org/c/coreboot/+/51078 Tested-by: build bot (Jenkins) --- src/soc/amd/cezanne/Kconfig | 15 +++++++++++++++ src/soc/amd/cezanne/Makefile.inc | 8 ++++++++ src/soc/amd/cezanne/fw.cfg | 1 + 3 files changed, 24 insertions(+) (limited to 'src/soc/amd') diff --git a/src/soc/amd/cezanne/Kconfig b/src/soc/amd/cezanne/Kconfig index f8c38d0ff8..4a308df527 100644 --- a/src/soc/amd/cezanne/Kconfig +++ b/src/soc/amd/cezanne/Kconfig @@ -235,6 +235,21 @@ config PSP_UNLOCK_SECURE_DEBUG help Select this item to enable secure debug options in PSP. +config HAVE_PSP_WHITELIST_FILE + bool "Include a debug whitelist file in PSP build" + default n + help + Support secured unlock prior to reset using a whitelisted + serial number. This feature requires a signed whitelist image + and bootloader from AMD. + + If unsure, answer 'n' + +config PSP_WHITELIST_FILE + string "Debug whitelist file path" + depends on HAVE_PSP_WHITELIST_FILE + default "3rdparty/amd_blobs/cezanne/PSP/wtl-czn.sbin" + endmenu endif # SOC_AMD_CEZANNE diff --git a/src/soc/amd/cezanne/Makefile.inc b/src/soc/amd/cezanne/Makefile.inc index d631c63495..35e700977e 100644 --- a/src/soc/amd/cezanne/Makefile.inc +++ b/src/soc/amd/cezanne/Makefile.inc @@ -85,6 +85,11 @@ else PSP_SOFTFUSE_BITS += 29 endif +# type = 0x3a +ifeq ($(CONFIG_HAVE_PSP_WHITELIST_FILE),y) +PSP_WHITELIST_FILE=$(CONFIG_PSP_WHITELIST_FILE) +endif + # # BIOS Directory Table items - proper ordering is managed by amdfwtool # @@ -134,6 +139,8 @@ OPT_EFS_SPI_MICRON_FLAG=$(call add_opt_prefix, $(CONFIG_EFS_SPI_MICRON_FLAG), -- OPT_PSP_SOFTFUSE=$(call add_opt_prefix, $(PSP_SOFTFUSE), --soft-fuse) +OPT_WHITELIST_FILE=$(call add_opt_prefix, $(PSP_WHITELIST_FILE), --whitelist) + # Add all the files listed in the config file POUND_SIGN=$(call strip_quotes, "\#") DEP_FILES= $(patsubst %,$(FIRMWARE_LOCATION)/%, $(shell sed -e /^$(POUND_SIGN)/d -e /*/d -e /^FIRMWARE_LOCATION/d $(CONFIG_AMDFW_CONFIG_FILE) | awk '{print $$2}' )) @@ -149,6 +156,7 @@ AMDFW_COMMON_ARGS=$(OPT_PSP_APCB_FILES) \ --load-s0i3 \ --combo-capable \ $(OPT_TOKEN_UNLOCK) \ + $(OPT_WHITELIST_FILE) \ $(OPT_EFS_SPI_READ_MODE) \ $(OPT_EFS_SPI_SPEED) \ $(OPT_EFS_SPI_MICRON_FLAG) \ diff --git a/src/soc/amd/cezanne/fw.cfg b/src/soc/amd/cezanne/fw.cfg index 277707de1c..9757d7249e 100644 --- a/src/soc/amd/cezanne/fw.cfg +++ b/src/soc/amd/cezanne/fw.cfg @@ -6,6 +6,7 @@ FIRMWARE_LOCATION 3rdparty/amd_blobs/cezanne/PSP # PSP AMD_PUBKEY_FILE TypeId0x00_CezannePublicKey.tkn PSPBTLDR_FILE TypeId0x01_PspBootLoader_CZN.sbin +PSPBTLDR_WL_FILE TypeId0x01_PspBootLoader_WL_CZN.sbin PSPSECUREOS_FILE TypeId0x02_PspOS_CZN.sbin PSPRCVR_FILE TypeId0x03_PspRecoveryBootLoader_CZN.sbin PSP_SMUFW1_SUB0_FILE TypeId0x08_SmuFirmware_CZN.csbin -- cgit v1.2.3