1*4274d6f8SXialin Liu/* 2*4274d6f8SXialin Liu * Copyright (c) 2024, Arm Limited. All rights reserved. 3*4274d6f8SXialin Liu * 4*4274d6f8SXialin Liu * SPDX-License-Identifier: BSD-3-Clause 5*4274d6f8SXialin Liu * 6*4274d6f8SXialin Liu * This file provide a malformed CoT DT file that there 7*4274d6f8SXialin Liu * are image/certificate that missing root certificate 8*4274d6f8SXialin Liu * 9*4274d6f8SXialin Liu */ 10*4274d6f8SXialin Liu 11*4274d6f8SXialin Liu#include <tools_share/cca_oid.h> 12*4274d6f8SXialin Liu#include <common/tbbr/tbbr_img_def.h> 13*4274d6f8SXialin Liu#include <common/nv_cntr_ids.h> 14*4274d6f8SXialin Liu 15*4274d6f8SXialin Liucot { 16*4274d6f8SXialin Liu manifests { 17*4274d6f8SXialin Liu compatible = "arm, cert-descs"; 18*4274d6f8SXialin Liu 19*4274d6f8SXialin Liu core_swd_key_cert: core_swd_key_cert { 20*4274d6f8SXialin Liu image-id = <CORE_SWD_KEY_CERT_ID>; 21*4274d6f8SXialin Liu signing-key = <&swd_rot_pk>; 22*4274d6f8SXialin Liu antirollback-counter = <&trusted_nv_ctr>; 23*4274d6f8SXialin Liu 24*4274d6f8SXialin Liu core_swd_pk: core_swd_pk { 25*4274d6f8SXialin Liu oid = CORE_SWD_PK_OID; 26*4274d6f8SXialin Liu }; 27*4274d6f8SXialin Liu }; 28*4274d6f8SXialin Liu 29*4274d6f8SXialin Liu trusted_os_fw_content_cert: trusted_os_fw_content_cert { 30*4274d6f8SXialin Liu image-id = <TRUSTED_OS_FW_CONTENT_CERT_ID>; 31*4274d6f8SXialin Liu parent = <&core_swd_key_cert>; 32*4274d6f8SXialin Liu signing-key = <&core_swd_pk>; 33*4274d6f8SXialin Liu antirollback-counter = <&trusted_nv_ctr>; 34*4274d6f8SXialin Liu 35*4274d6f8SXialin Liu tos_fw_hash: tos_fw_hash { 36*4274d6f8SXialin Liu oid = TRUSTED_OS_FW_HASH_OID; 37*4274d6f8SXialin Liu }; 38*4274d6f8SXialin Liu tos_fw_config_hash: tos_fw_config_hash { 39*4274d6f8SXialin Liu oid = TRUSTED_OS_FW_CONFIG_HASH_OID; 40*4274d6f8SXialin Liu }; 41*4274d6f8SXialin Liu }; 42*4274d6f8SXialin Liu 43*4274d6f8SXialin Liu plat_key_cert: plat_key_cert { 44*4274d6f8SXialin Liu image-id = <PLAT_KEY_CERT_ID>; 45*4274d6f8SXialin Liu signing-key = <&prot_pk>; 46*4274d6f8SXialin Liu antirollback-counter = <&non_trusted_nv_ctr>; 47*4274d6f8SXialin Liu 48*4274d6f8SXialin Liu plat_pk: plat_pk { 49*4274d6f8SXialin Liu oid = PLAT_PK_OID; 50*4274d6f8SXialin Liu }; 51*4274d6f8SXialin Liu }; 52*4274d6f8SXialin Liu 53*4274d6f8SXialin Liu non_trusted_fw_content_cert: non_trusted_fw_content_cert { 54*4274d6f8SXialin Liu image-id = <NON_TRUSTED_FW_CONTENT_CERT_ID>; 55*4274d6f8SXialin Liu parent = <&plat_key_cert>; 56*4274d6f8SXialin Liu signing-key = <&plat_pk>; 57*4274d6f8SXialin Liu antirollback-counter = <&non_trusted_nv_ctr>; 58*4274d6f8SXialin Liu 59*4274d6f8SXialin Liu nt_world_bl_hash: nt_world_bl_hash { 60*4274d6f8SXialin Liu oid = NON_TRUSTED_WORLD_BOOTLOADER_HASH_OID; 61*4274d6f8SXialin Liu }; 62*4274d6f8SXialin Liu nt_fw_config_hash: nt_fw_config_hash { 63*4274d6f8SXialin Liu oid = NON_TRUSTED_FW_CONFIG_HASH_OID; 64*4274d6f8SXialin Liu }; 65*4274d6f8SXialin Liu }; 66*4274d6f8SXialin Liu 67*4274d6f8SXialin Liu#if defined(SPD_spmd) 68*4274d6f8SXialin Liu sip_sp_content_cert: sip_sp_content_cert { 69*4274d6f8SXialin Liu image-id = <SIP_SP_CONTENT_CERT_ID>; 70*4274d6f8SXialin Liu parent = <&core_swd_key_cert>; 71*4274d6f8SXialin Liu signing-key = <&core_swd_pk>; 72*4274d6f8SXialin Liu antirollback-counter = <&trusted_nv_ctr>; 73*4274d6f8SXialin Liu 74*4274d6f8SXialin Liu sp_pkg1_hash: sp_pkg1_hash { 75*4274d6f8SXialin Liu oid = SP_PKG1_HASH_OID; 76*4274d6f8SXialin Liu }; 77*4274d6f8SXialin Liu sp_pkg2_hash: sp_pkg2_hash { 78*4274d6f8SXialin Liu oid = SP_PKG2_HASH_OID; 79*4274d6f8SXialin Liu }; 80*4274d6f8SXialin Liu sp_pkg3_hash: sp_pkg3_hash { 81*4274d6f8SXialin Liu oid = SP_PKG3_HASH_OID; 82*4274d6f8SXialin Liu }; 83*4274d6f8SXialin Liu sp_pkg4_hash: sp_pkg4_hash { 84*4274d6f8SXialin Liu oid = SP_PKG4_HASH_OID; 85*4274d6f8SXialin Liu }; 86*4274d6f8SXialin Liu }; 87*4274d6f8SXialin Liu 88*4274d6f8SXialin Liu plat_sp_content_cert: plat_sp_content_cert { 89*4274d6f8SXialin Liu image-id = <PLAT_SP_CONTENT_CERT_ID>; 90*4274d6f8SXialin Liu parent = <&plat_key_cert>; 91*4274d6f8SXialin Liu signing-key = <&plat_pk>; 92*4274d6f8SXialin Liu antirollback-counter = <&non_trusted_nv_ctr>; 93*4274d6f8SXialin Liu 94*4274d6f8SXialin Liu sp_pkg5_hash: sp_pkg5_hash { 95*4274d6f8SXialin Liu oid = SP_PKG5_HASH_OID; 96*4274d6f8SXialin Liu }; 97*4274d6f8SXialin Liu sp_pkg6_hash: sp_pkg6_hash { 98*4274d6f8SXialin Liu oid = SP_PKG6_HASH_OID; 99*4274d6f8SXialin Liu }; 100*4274d6f8SXialin Liu sp_pkg7_hash: sp_pkg7_hash { 101*4274d6f8SXialin Liu oid = SP_PKG7_HASH_OID; 102*4274d6f8SXialin Liu }; 103*4274d6f8SXialin Liu sp_pkg8_hash: sp_pkg8_hash { 104*4274d6f8SXialin Liu oid = SP_PKG8_HASH_OID; 105*4274d6f8SXialin Liu }; 106*4274d6f8SXialin Liu }; 107*4274d6f8SXialin Liu#endif 108*4274d6f8SXialin Liu }; 109*4274d6f8SXialin Liu 110*4274d6f8SXialin Liu images { 111*4274d6f8SXialin Liu compatible = "arm, img-descs"; 112*4274d6f8SXialin Liu 113*4274d6f8SXialin Liu hw_config { 114*4274d6f8SXialin Liu image-id = <HW_CONFIG_ID>; 115*4274d6f8SXialin Liu parent = <&cca_content_cert>; 116*4274d6f8SXialin Liu hash = <&hw_config_hash>; 117*4274d6f8SXialin Liu }; 118*4274d6f8SXialin Liu 119*4274d6f8SXialin Liu bl31_image { 120*4274d6f8SXialin Liu image-id = <BL31_IMAGE_ID>; 121*4274d6f8SXialin Liu parent = <&cca_content_cert>; 122*4274d6f8SXialin Liu hash = <&soc_fw_hash>; 123*4274d6f8SXialin Liu }; 124*4274d6f8SXialin Liu 125*4274d6f8SXialin Liu soc_fw_config { 126*4274d6f8SXialin Liu image-id = <SOC_FW_CONFIG_ID>; 127*4274d6f8SXialin Liu parent = <&cca_content_cert>; 128*4274d6f8SXialin Liu hash = <&soc_fw_config_hash>; 129*4274d6f8SXialin Liu }; 130*4274d6f8SXialin Liu 131*4274d6f8SXialin Liu rmm_image { 132*4274d6f8SXialin Liu image-id = <RMM_IMAGE_ID>; 133*4274d6f8SXialin Liu parent = <&cca_content_cert>; 134*4274d6f8SXialin Liu hash = <&rmm_hash>; 135*4274d6f8SXialin Liu }; 136*4274d6f8SXialin Liu 137*4274d6f8SXialin Liu bl32_image { 138*4274d6f8SXialin Liu image-id = <BL32_IMAGE_ID>; 139*4274d6f8SXialin Liu parent = <&trusted_os_fw_content_cert>; 140*4274d6f8SXialin Liu hash = <&tos_fw_hash>; 141*4274d6f8SXialin Liu }; 142*4274d6f8SXialin Liu 143*4274d6f8SXialin Liu tos_fw_config { 144*4274d6f8SXialin Liu image-id = <TOS_FW_CONFIG_ID>; 145*4274d6f8SXialin Liu parent = <&trusted_os_fw_content_cert>; 146*4274d6f8SXialin Liu hash = <&tos_fw_config_hash>; 147*4274d6f8SXialin Liu }; 148*4274d6f8SXialin Liu 149*4274d6f8SXialin Liu bl33_image { 150*4274d6f8SXialin Liu image-id = <BL33_IMAGE_ID>; 151*4274d6f8SXialin Liu parent = <&non_trusted_fw_content_cert>; 152*4274d6f8SXialin Liu hash = <&nt_world_bl_hash>; 153*4274d6f8SXialin Liu }; 154*4274d6f8SXialin Liu 155*4274d6f8SXialin Liu nt_fw_config { 156*4274d6f8SXialin Liu image-id = <NT_FW_CONFIG_ID>; 157*4274d6f8SXialin Liu parent = <&non_trusted_fw_content_cert>; 158*4274d6f8SXialin Liu hash = <&nt_fw_config_hash>; 159*4274d6f8SXialin Liu }; 160*4274d6f8SXialin Liu 161*4274d6f8SXialin Liu#if defined(SPD_spmd) 162*4274d6f8SXialin Liu sp_pkg1 { 163*4274d6f8SXialin Liu image-id = <SP_PKG1_ID>; 164*4274d6f8SXialin Liu parent = <&sip_sp_content_cert>; 165*4274d6f8SXialin Liu hash = <&sp_pkg1_hash>; 166*4274d6f8SXialin Liu }; 167*4274d6f8SXialin Liu 168*4274d6f8SXialin Liu sp_pkg2 { 169*4274d6f8SXialin Liu image-id = <SP_PKG2_ID>; 170*4274d6f8SXialin Liu parent = <&sip_sp_content_cert>; 171*4274d6f8SXialin Liu hash = <&sp_pkg2_hash>; 172*4274d6f8SXialin Liu }; 173*4274d6f8SXialin Liu 174*4274d6f8SXialin Liu sp_pkg3 { 175*4274d6f8SXialin Liu image-id = <SP_PKG3_ID>; 176*4274d6f8SXialin Liu parent = <&sip_sp_content_cert>; 177*4274d6f8SXialin Liu hash = <&sp_pkg3_hash>; 178*4274d6f8SXialin Liu }; 179*4274d6f8SXialin Liu 180*4274d6f8SXialin Liu sp_pkg4 { 181*4274d6f8SXialin Liu image-id = <SP_PKG4_ID>; 182*4274d6f8SXialin Liu parent = <&sip_sp_content_cert>; 183*4274d6f8SXialin Liu hash = <&sp_pkg4_hash>; 184*4274d6f8SXialin Liu }; 185*4274d6f8SXialin Liu 186*4274d6f8SXialin Liu sp_pkg5 { 187*4274d6f8SXialin Liu image-id = <SP_PKG5_ID>; 188*4274d6f8SXialin Liu parent = <&plat_sp_content_cert>; 189*4274d6f8SXialin Liu hash = <&sp_pkg5_hash>; 190*4274d6f8SXialin Liu }; 191*4274d6f8SXialin Liu 192*4274d6f8SXialin Liu sp_pkg6 { 193*4274d6f8SXialin Liu image-id = <SP_PKG6_ID>; 194*4274d6f8SXialin Liu parent = <&plat_sp_content_cert>; 195*4274d6f8SXialin Liu hash = <&sp_pkg6_hash>; 196*4274d6f8SXialin Liu }; 197*4274d6f8SXialin Liu 198*4274d6f8SXialin Liu sp_pkg7 { 199*4274d6f8SXialin Liu image-id = <SP_PKG7_ID>; 200*4274d6f8SXialin Liu parent = <&plat_sp_content_cert>; 201*4274d6f8SXialin Liu hash = <&sp_pkg7_hash>; 202*4274d6f8SXialin Liu }; 203*4274d6f8SXialin Liu 204*4274d6f8SXialin Liu sp_pkg8 { 205*4274d6f8SXialin Liu image-id = <SP_PKG8_ID>; 206*4274d6f8SXialin Liu parent = <&plat_sp_content_cert>; 207*4274d6f8SXialin Liu hash = <&sp_pkg8_hash>; 208*4274d6f8SXialin Liu }; 209*4274d6f8SXialin Liu#endif 210*4274d6f8SXialin Liu }; 211*4274d6f8SXialin Liu}; 212*4274d6f8SXialin Liu 213*4274d6f8SXialin Liunon_volatile_counters: non_volatile_counters { 214*4274d6f8SXialin Liu compatible = "arm, non-volatile-counter"; 215*4274d6f8SXialin Liu 216*4274d6f8SXialin Liu #address-cells = <1>; 217*4274d6f8SXialin Liu #size-cells = <0>; 218*4274d6f8SXialin Liu 219*4274d6f8SXialin Liu cca_nv_ctr: cca_nv_ctr { 220*4274d6f8SXialin Liu id = <TRUSTED_NV_CTR_ID>; 221*4274d6f8SXialin Liu oid = CCA_FW_NVCOUNTER_OID; 222*4274d6f8SXialin Liu }; 223*4274d6f8SXialin Liu 224*4274d6f8SXialin Liu trusted_nv_ctr: trusted_nv_ctr { 225*4274d6f8SXialin Liu id = <TRUSTED_NV_CTR_ID>; 226*4274d6f8SXialin Liu oid = TRUSTED_FW_NVCOUNTER_OID; 227*4274d6f8SXialin Liu }; 228*4274d6f8SXialin Liu 229*4274d6f8SXialin Liu non_trusted_nv_ctr: non_trusted_nv_ctr { 230*4274d6f8SXialin Liu id = <NON_TRUSTED_NV_CTR_ID>; 231*4274d6f8SXialin Liu oid = NON_TRUSTED_FW_NVCOUNTER_OID; 232*4274d6f8SXialin Liu }; 233*4274d6f8SXialin Liu}; 234*4274d6f8SXialin Liu 235*4274d6f8SXialin Liurot_keys { 236*4274d6f8SXialin Liu swd_rot_pk: swd_rot_pk { 237*4274d6f8SXialin Liu oid = SWD_ROT_PK_OID; 238*4274d6f8SXialin Liu }; 239*4274d6f8SXialin Liu prot_pk: prot_pk { 240*4274d6f8SXialin Liu oid = PROT_PK_OID; 241*4274d6f8SXialin Liu }; 242*4274d6f8SXialin Liu}; 243