1 /* SPDX-License-Identifier: BSD-2-Clause */ 2 /* 3 * Copyright (C) 2025, Pengutronix, Michael Tretter <entwicklung@pengutronix.de> 4 */ 5 6 #ifndef __PTA_RK_SECURE_BOOT_H 7 #define __PTA_RK_SECURE_BOOT_H 8 9 #include <tee_api_types.h> 10 11 #define PTA_RK_SECURE_BOOT_UUID { 0x5cfa57f6, 0x1a4c, 0x407f, \ 12 { 0x94, 0xa7, 0xa5, 0x6c, 0x8c, 0x47, 0x01, 0x9d } } 13 14 struct pta_rk_secure_boot_hash { 15 /* sha256 has 256 bit */ 16 uint8_t value[32]; 17 }; 18 19 struct pta_rk_secure_boot_info { 20 uint8_t enabled; 21 uint8_t simulation; 22 struct pta_rk_secure_boot_hash hash; 23 }; 24 25 /* 26 * PTA_RK_SECURE_BOOT_GET_INFO - Get secure boot status info 27 * 28 * [out] memref[0] buffer memory reference containing a struct 29 * pta_rk_secure_boot_info 30 */ 31 #define PTA_RK_SECURE_BOOT_GET_INFO 0x0 32 33 /* 34 * PTA_RK_SECURE_BOOT_BURN_HASH - Burn the RSA key hash to fuses 35 * 36 * [in] memref[0] buffer memory reference containing a struct 37 * pta_rk_secure_boot_hash 38 * [in] value[1].a bit length of signing key 39 */ 40 #define PTA_RK_SECURE_BOOT_BURN_HASH 0x1 41 42 /* 43 * PTA_RK_SECURE_BOOT_LOCKDOWN_DEVICE - Lockdown the device with secure boot 44 */ 45 #define PTA_RK_SECURE_BOOT_LOCKDOWN_DEVICE 0x2 46 47 #endif /* __PTA_ROCKCHIP_OTP_H */ 48