Fuses for OEM Field Ratcheting
Fuse Ownership |
Fuse Name |
Bits |
---|---|---|
NV Owned |
N/A |
N/A |
OEM Owned (Field) |
fuse_system_fw_field_ratchet0[31:0] |
32 Bits |
fuse_system_fw_field_ratchet1[31:0] |
32 Bits |
|
fuse_system_fw_field_ratchet2[31:0] |
32 Bits |
|
fuse_system_fw_field_ratchet3[31:0] |
32 Bits |
Passing Ratchet Status to Guest OSes
Ratchet fuse burning status is passed to guest OS via the kernel device tree. There are
separate nodes for MB1, MTS, and MB1-BCT at the following location under the
/proc
interface.
/proc/device-tree/chosen/ratchet-status
Each node has two fields: status and error.
- "error" has the appropriate ratchet error value.
- "status" can have following status strings:
Ratcheting Status |
Description |
---|---|
not_tried |
Default status. Ratchet check path is skipped. |
skipped_a |
Active Boot Chain firmware ratchet matches with HW fuses. |
skipped_b |
Inactive Boot Chain firmware ratchet matches with HW fuses. |
updated |
Ratchet fuses are successfully updated with SW ratchet value. |
failed |
Ratchet fuse update(burning) failed. |
no_option |
Ratchet update check skipped as Opt-in fuse is not set by OEM |
Lock Fuse Burning
If the SecurityMode fuse is burned, the quickboot locks fuse burning at the end of ratchet handling before kernel handoff to prevent malicious over-ratcheting.
Set bit #0 of register FUSE_DISABLEREGPROGRAM_0
.