Changes to ROM Specification

Comparing version 1.2 to 1.1
+6 additions -5 deletions
@@ -1,5 +1,5 @@
11 <div style="font-size: 0.85em; color: #656d76; margin-bottom: 1em; padding: 0.5em; background: #f6f8fa; border-radius: 4px;">
2-📄 Source: <a href="https://github.com/chipsalliance/caliptra-sw/blob/51ff0a89f169bbf8e06acb49b31db555e99fefb6/rom/dev/README.md" target="_blank">chipsalliance/caliptra-sw/rom/dev/README.md</a> @ <code>51ff0a8</code>
2+📄 Source: <a href="https://github.com/chipsalliance/caliptra-sw/blob/e6e5db26702ee88d530d2789ac87749472a6641c/rom/dev/README.md" target="_blank">chipsalliance/caliptra-sw/rom/dev/README.md</a> @ <code>e6e5db2</code>
33 </div>
44
55
@@ -53,7 +53,7 @@
5353 | :------------------------------ | :------------ | :----------------------------------------------------- |
5454 | CPTRA_SECURITY_STATE | 32 | Security State of the device. Contains two fields: <br> **LIFECYCLE_STATE**: Unprovisioned, Manufacturing or Production <br> **DEBUG_ENABLED**: Boolean indicating if debug is enabled or not |
5555 | FUSE_UDS_SEED | 384 | Obfuscated UDS |
56-| FUSE_FIELD_ENTROPY | 384 | Obfuscated Field Entropy |
56+| FUSE_FIELD_ENTROPY | 256 | Obfuscated Field Entropy |
5757 | FUSE_KEY_MANIFEST_PK_HASH | 384 | Hash of the four ECC and thirty-two LMS Manufacturer Public Keys |
5858 | FUSE_KEY_MANIFEST_PK_HASH_MASK | 32 | Manufacturer ECC Public Key Revocation Mask |
5959 | FUSE_LMS_REVOCATION | 32 | Manufacturer LMS Public Key Revocation Mask |
@@ -62,7 +62,7 @@
6262 | FUSE_FMC_KEY_MANIFEST_SVN | 32 | FMC Security Version Number |
6363 | FUSE_RUNTIME_SVN | 128 | Runtime Security Version Number |
6464 | FUSE_ANTI_ROLLBACK_DISABLE | 1 | Disable SVN checking for FMC & Runtime when bit is set |
65-| FUSE_IDEVID_CERT_ATTR | 768 | FUSE containing information for generating IDEVID CSR <br> **Word 0**: X509 Key Id Algorithm (2 bits) 1: SHA1, 2: SHA256, 2: SHA384, 3: Fuse <br> **Word 1,2,3,4,5**: Subject Key Id <br> **Words 7,8**: Unique Endpoint ID |
65+| FUSE_IDEVID_CERT_ATTR | 768 | FUSE containing information for generating IDEVID CSR <br> **Word 0**: X509 Key Id Algorithm (2 bits) 1: SHA1, 2: SHA256, 2: SHA384, 3: Fuse <br> **Word 1,2,3,4,5**: Subject Key Id <br> **Word 6**: UEID type as defined in [IETF RATS specification](https://www.ietf.org/archive/id/draft-ietf-rats-eat-21.html#section-4.2.1.1) <br> **Words 7,8,9,10**: Manufacturer Serial Number |
6666 | CPTRA_DBG_MANUF_SERVICE_REG | 16 | Manufacturing Services: <br> **Bit 0**: IDEVID CSR upload <br> **Bit 1**: Random Number Generator Unavailable <br> **Bit 15:8**: FIPS test hook code <br> **Bit 30**: Fake ROM enable in production lifecycle mode <br> **Bit 31**: Fake ROM image verify enable |
6767
6868
@@ -143,8 +143,8 @@
143143 | Image Type | 4 | Image Type that defines format of the image section <br> **0x0000_0001:** Executable |
144144 | Image Revision | 20 | Git Commit hash of the build |
145145 | Image Version | 4 | Firmware release number |
146-| Image SVN | 4 | Security Version Number for the Image. This field is compared against the fuses (FMC SVN or RUNTIME SVN. |
147-| Image Minimum SVN | 4 | Minimum Security Version Number for the Image. This field is compared against the fuses (FMC SVN or RUNTIME SVN. |
146+| Image SVN | 4 | Security Version Number for the Image. This field is compared against the fuses (FMC SVN or RUNTIME SVN) |
147+| Reserved | 4 | Reserved field |
148148 | Image Load Address | 4 | Load address |
149149 | Image Entry Point | 4 | Entry point to start the execution from |
150150 | Image Offset | 4 | Offset from beginning of the image |
@@ -397,6 +397,7 @@
397397 4. **SELF_TEST_GET_RESULTS**: This command is used to check if a SELF_TEST command is in progress. [Self Test Get Results command](https://github.com/chipsalliance/caliptra-sw/blob/main/runtime/README.md#self_test_get_results).
398398 5. **SHUTDOWN**: This command is used clear the hardware crypto blocks including the keyvault. [Shutdown command](https://github.com/chipsalliance/caliptra-sw/blob/main/runtime/README.md#shutdown).
399399 6. **CAPABILITIES**: This command is used to query the ROM capabilities. Capabilities is a 128-bit value with individual bits indicating a specific capability. Currently, the only capability supported is ROM_BASE (bit 0). [Capabilities command](https://github.com/chipsalliance/caliptra-sw/blob/main/runtime/README.md#capabilities).
400+7. **GET_IDEVID_CSR**: This command is used to fetch the IDevID CSR from ROM. [Fetch IDevIDCSR command](https://github.com/chipsalliance/caliptra-sw/blob/main/runtime/README.md#get_idevid_csr).
400401
401402 ### Downloading images from mailbox
402403