Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Caliptra 2.0] Questions about debug unlock design #1905

Open
jhand2 opened this issue Jan 23, 2025 · 0 comments
Open

[Caliptra 2.0] Questions about debug unlock design #1905

jhand2 opened this issue Jan 23, 2025 · 0 comments
Assignees
@mhatrevi
Labels
Caliptra v2.0 Items to be considered for v2.0 Release

Comments

@jhand2
Copy link
Collaborator

jhand2 commented Jan 23, 2025

I was reading through the ROM documentation for debug unlock and had a few questions:

  1. The ROM documentation seems to be missing some higher level details like how unlock impacts attestation, how it interacts with the debug_en wire from 1.0, what things it unlocks, etc. Is there a high level document somewhere with these kind of details? If not, we should write something.
  2. Can we write up the expected use-cases of this design? Is it expected to be usable in a datacenter environment or is it primarily for RMA flows?
  3. Do we have any recommendations on whether MANUF_DEBUG_UNLOCK_TOKEN should be chip-specific or a class secret? Or are we leaving that up the the integrator?
  4. Are we requiring debug unlock tokens to be supplied to ROM? Or do we expect this functionality to also work via RT firmware?
@jhand2 jhand2 added the Caliptra v2.0 Items to be considered for v2.0 Release label Jan 23, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@mhatrevi mhatrevi

Labels
Caliptra v2.0 Items to be considered for v2.0 Release
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jhand2 @mhatrevi