soc/amd/cezanne: Add PSP whitelist debug unlock support

Signed-off-by: Raul E Rangel <rrangel@chromium.org> Signed-off-by: Felix Held <felix-coreboot@felixheld.de> Change-Id: Ibe3136682d2a9d248d5c6f26957e69013e4847ac Reviewed-on: https://review.coreboot.org/c/coreboot/+/51078 Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
2021-02-24 16:59:32 -07:00
parent 2c30a83d9b
commit 97b8b17600
3 changed files with 24 additions and 0 deletions
--- a/src/soc/amd/cezanne/Kconfig
+++ b/src/soc/amd/cezanne/Kconfig
@@ -235,6 +235,21 @@ config PSP_UNLOCK_SECURE_DEBUG
 	help
 	  Select this item to enable secure debug options in PSP.

+config HAVE_PSP_WHITELIST_FILE
+	bool "Include a debug whitelist file in PSP build"
+	default n
+	help
+	  Support secured unlock prior to reset using a whitelisted
+	  serial number. This feature requires a signed whitelist image
+	  and bootloader from AMD.
+
+	  If unsure, answer 'n'
+
+config PSP_WHITELIST_FILE
+	string "Debug whitelist file path"
+	depends on HAVE_PSP_WHITELIST_FILE
+	default "3rdparty/amd_blobs/cezanne/PSP/wtl-czn.sbin"
+
 endmenu

 endif # SOC_AMD_CEZANNE
--- a/src/soc/amd/cezanne/Makefile.inc
+++ b/src/soc/amd/cezanne/Makefile.inc
@@ -85,6 +85,11 @@ else
 PSP_SOFTFUSE_BITS += 29
 endif

+# type = 0x3a
+ifeq ($(CONFIG_HAVE_PSP_WHITELIST_FILE),y)
+PSP_WHITELIST_FILE=$(CONFIG_PSP_WHITELIST_FILE)
+endif
+
 #
 # BIOS Directory Table items - proper ordering is managed by amdfwtool
 #
@@ -134,6 +139,8 @@ OPT_EFS_SPI_MICRON_FLAG=$(call add_opt_prefix, $(CONFIG_EFS_SPI_MICRON_FLAG), --

 OPT_PSP_SOFTFUSE=$(call add_opt_prefix, $(PSP_SOFTFUSE), --soft-fuse)

+OPT_WHITELIST_FILE=$(call add_opt_prefix, $(PSP_WHITELIST_FILE), --whitelist)
+
 # Add all the files listed in the config file
 POUND_SIGN=$(call strip_quotes, "\#")
 DEP_FILES= $(patsubst %,$(FIRMWARE_LOCATION)/%, $(shell sed -e /^$(POUND_SIGN)/d -e /*/d -e /^FIRMWARE_LOCATION/d $(CONFIG_AMDFW_CONFIG_FILE) | awk '{print $$2}' ))
@@ -149,6 +156,7 @@ AMDFW_COMMON_ARGS=$(OPT_PSP_APCB_FILES) \
 		--load-s0i3 \
 		--combo-capable \
 		$(OPT_TOKEN_UNLOCK) \
+		$(OPT_WHITELIST_FILE) \
 		$(OPT_EFS_SPI_READ_MODE) \
 		$(OPT_EFS_SPI_SPEED) \
 		$(OPT_EFS_SPI_MICRON_FLAG) \
--- a/src/soc/amd/cezanne/fw.cfg
+++ b/src/soc/amd/cezanne/fw.cfg
@@ -6,6 +6,7 @@ FIRMWARE_LOCATION      3rdparty/amd_blobs/cezanne/PSP
 # PSP
 AMD_PUBKEY_FILE         TypeId0x00_CezannePublicKey.tkn
 PSPBTLDR_FILE           TypeId0x01_PspBootLoader_CZN.sbin
+PSPBTLDR_WL_FILE        TypeId0x01_PspBootLoader_WL_CZN.sbin
 PSPSECUREOS_FILE        TypeId0x02_PspOS_CZN.sbin
 PSPRCVR_FILE            TypeId0x03_PspRecoveryBootLoader_CZN.sbin
 PSP_SMUFW1_SUB0_FILE    TypeId0x08_SmuFirmware_CZN.csbin