1 /* 2 * Copyright (c) 2024, Arm Limited. All rights reserved. 3 * 4 * SPDX-License-Identifier: BSD-3-Clause 5 */ 6 7 #ifndef TC_DPE_H 8 #define TC_DPE_H 9 10 /* 11 * The certificate structure on the TC platform: 12 * - The arrows indicate the parent/child relationships (who loads who). 13 * - The boxes indicate the certificates. 14 * 15 * AP FW Cert. 16 * +--------------------------------+ 17 * | | 18 * Plat Cert. | +->SPx | Hyper Cert. 19 * +--------------------------+ | +->SP1 | +--------------------+ 20 * RoT Cert. | | | +->TOS_FW_CONF | | | 21 * +------------+ | +->SCP_BL1 +-----+-----+-->FW_CONF +->AP_BL32 | | +->PVMFW | 22 * | | | | | | | | | | | | 23 * | RSE_BL1_2--+-----+-->RSE_BL2------->AP_BL1--+-----+------------->AP_BL2------------+-----+-->AP_BL33 | 24 * | | | | | | | | | | | | 25 * +------------+ | +->RSE_S +-----+-----+-->TB_FW_CONF +->AP_BL31 | | +->HYPERVISOR | 26 * | +->RSE_NS | | +->SCP_BL2 | | | 27 * | | | +->HW_CONF | | | 28 * +--------------------------+ | +---------------+-----+-->NT_FW_CONF | 29 * | | | | 30 * +--------------------------------+ +--------------------+ 31 */ 32 33 #define DPE_AP_FW_CERT_ID 0x300 /* Includes: FW_CONF - SP1 */ 34 #define DPE_HYPERVISOR_CERT_ID 0x400 /* Includes: AP_BL33 - PVMFW */ 35 36 /* Common definition */ 37 #define DPE_CERT_ID_SAME_AS_PARENT 0xFFFFFFFF 38 39 /* 40 * Target Locality: 41 * The goal is to specify that a certain component is expected to run and 42 * thereby send DPE commands from a given security domain. RSE is capable of 43 * of distinguishing the client's locality based on the MHU channel used for 44 * communication. 45 * Defines here must match with RSE side: 46 */ 47 #define LOCALITY_NONE -1 48 /* #define LOCALITY_RSE_S 0 */ /* Not applicable on AP side */ 49 /* #define LOCALITY_RSE_NS 1 */ /* Not applicable on AP side */ 50 #define LOCALITY_AP_S 2 51 #define LOCALITY_AP_NS 3 52 53 #endif /* TC_DPE_H */ 54