diff --git a/src/ec/google/chromeec/ec_cmd_api.h b/src/ec/google/chromeec/ec_cmd_api.h index 7438ee68aa..2b0bdde1aa 100644 --- a/src/ec/google/chromeec/ec_cmd_api.h +++ b/src/ec/google/chromeec/ec_cmd_api.h @@ -45,6 +45,12 @@ extern "C" { * Please keep this list sorted by function name. */ +static inline int ec_cmd_battery_config(CROS_EC_COMMAND_INFO *h, uint8_t *r) +{ + return CROS_EC_COMMAND(h, EC_CMD_BATTERY_CONFIG, 0, NULL, 0, r, + BATT_CONF_MAX_SIZE); +} + static inline int ec_cmd_get_sku_id(CROS_EC_COMMAND_INFO *h, struct ec_sku_id_info *r) { @@ -232,6 +238,7 @@ ec_cmd_usb_pd_set_amode(CROS_EC_COMMAND_INFO *h, _CROS_EC_C0_F_PF_RF(EC_CMD_ADC_READ, adc_read); _CROS_EC_CV_F_P(EC_CMD_ADD_ENTROPY, 0, add_entropy, rollback_add_entropy); +_CROS_EC_C0_F_PF(EC_CMD_AP_FW_STATE, ap_fw_state); _CROS_EC_C0_F(EC_CMD_AP_RESET, ap_reset); _CROS_EC_CV_F_P(EC_CMD_BATTERY_CUT_OFF, 1, battery_cut_off_v1, battery_cutoff); _CROS_EC_C0_F(EC_CMD_BATTERY_CUT_OFF, battery_cut_off); @@ -247,6 +254,9 @@ _CROS_EC_C0_F_PF_RF(EC_CMD_BATTERY_VENDOR_PARAM, battery_vendor_param); _CROS_EC_C0_F_PF(EC_CMD_BUTTON, button); _CROS_EC_C0_F_PF_RF(EC_CMD_CEC_GET, cec_get); _CROS_EC_C0_F_PF(EC_CMD_CEC_SET, cec_set); +_CROS_EC_C1_F_PF(EC_CMD_CEC_WRITE_MSG, cec_write); +_CROS_EC_C0_F_PF_RF(EC_CMD_CEC_READ_MSG, cec_read); +_CROS_EC_C0_F_RF(EC_CMD_CEC_PORT_COUNT, cec_port_count); _CROS_EC_C0_F_PF_RF(EC_CMD_CHARGESPLASH, chargesplash); _CROS_EC_CV_F_P_R(EC_CMD_CHARGE_CONTROL, 2, charge_control_v2, charge_control, charge_control); diff --git a/src/ec/google/chromeec/ec_commands.h b/src/ec/google/chromeec/ec_commands.h index a55c075b77..b66f9d387d 100644 --- a/src/ec/google/chromeec/ec_commands.h +++ b/src/ec/google/chromeec/ec_commands.h @@ -693,6 +693,49 @@ enum ec_status { EC_RES_MAX = UINT16_MAX, /**< Force enum to be 16 bits */ } __packed; BUILD_ASSERT(sizeof(enum ec_status) == sizeof(uint16_t)); +#ifdef CONFIG_EC_HOST_CMD +/* + * Make sure Zephyre uses the same status codes. + */ +#include + +BUILD_ASSERT((uint16_t)EC_RES_SUCCESS == (uint16_t)EC_HOST_CMD_SUCCESS); +BUILD_ASSERT((uint16_t)EC_RES_INVALID_COMMAND == + (uint16_t)EC_HOST_CMD_INVALID_COMMAND); +BUILD_ASSERT((uint16_t)EC_RES_ERROR == (uint16_t)EC_HOST_CMD_ERROR); +BUILD_ASSERT((uint16_t)EC_RES_INVALID_PARAM == + (uint16_t)EC_HOST_CMD_INVALID_PARAM); +BUILD_ASSERT((uint16_t)EC_RES_ACCESS_DENIED == + (uint16_t)EC_HOST_CMD_ACCESS_DENIED); +BUILD_ASSERT((uint16_t)EC_RES_INVALID_RESPONSE == + (uint16_t)EC_HOST_CMD_INVALID_RESPONSE); +BUILD_ASSERT((uint16_t)EC_RES_INVALID_VERSION == + (uint16_t)EC_HOST_CMD_INVALID_VERSION); +BUILD_ASSERT((uint16_t)EC_RES_INVALID_CHECKSUM == + (uint16_t)EC_HOST_CMD_INVALID_CHECKSUM); +BUILD_ASSERT((uint16_t)EC_RES_IN_PROGRESS == (uint16_t)EC_HOST_CMD_IN_PROGRESS); +BUILD_ASSERT((uint16_t)EC_RES_UNAVAILABLE == (uint16_t)EC_HOST_CMD_UNAVAILABLE); +BUILD_ASSERT((uint16_t)EC_RES_TIMEOUT == (uint16_t)EC_HOST_CMD_TIMEOUT); +BUILD_ASSERT((uint16_t)EC_RES_OVERFLOW == (uint16_t)EC_HOST_CMD_OVERFLOW); +BUILD_ASSERT((uint16_t)EC_RES_INVALID_HEADER == + (uint16_t)EC_HOST_CMD_INVALID_HEADER); +BUILD_ASSERT((uint16_t)EC_RES_REQUEST_TRUNCATED == + (uint16_t)EC_HOST_CMD_REQUEST_TRUNCATED); +BUILD_ASSERT((uint16_t)EC_RES_RESPONSE_TOO_BIG == + (uint16_t)EC_HOST_CMD_RESPONSE_TOO_BIG); +BUILD_ASSERT((uint16_t)EC_RES_BUS_ERROR == (uint16_t)EC_HOST_CMD_BUS_ERROR); +BUILD_ASSERT((uint16_t)EC_RES_BUSY == (uint16_t)EC_HOST_CMD_BUSY); +BUILD_ASSERT((uint16_t)EC_RES_INVALID_HEADER_VERSION == + (uint16_t)EC_HOST_CMD_INVALID_HEADER_VERSION); +BUILD_ASSERT((uint16_t)EC_RES_INVALID_HEADER_CRC == + (uint16_t)EC_HOST_CMD_INVALID_HEADER_CRC); +BUILD_ASSERT((uint16_t)EC_RES_INVALID_DATA_CRC == + (uint16_t)EC_HOST_CMD_INVALID_DATA_CRC); +BUILD_ASSERT((uint16_t)EC_RES_DUP_UNAVAILABLE == + (uint16_t)EC_HOST_CMD_DUP_UNAVAILABLE); +BUILD_ASSERT((uint16_t)EC_RES_MAX == (uint16_t)EC_HOST_CMD_MAX); + +#endif /* * Host event codes. ACPI query EC command uses code 0 to mean "no event @@ -1591,6 +1634,30 @@ enum ec_feature_code { * The EC supports the AP composing VDMs for us to send. */ EC_FEATURE_TYPEC_AP_VDM_SEND = 46, + /* + * The EC supports system safe mode panic recovery. + */ + EC_FEATURE_SYSTEM_SAFE_MODE = 47, + /* + * The EC will reboot on runtime assertion failures. + */ + EC_FEATURE_ASSERT_REBOOTS = 48, + /* + * The EC image is built with tokenized logging enabled. + */ + EC_FEATURE_TOKENIZED_LOGGING = 49, + /* + * The EC supports triggering an STB dump. + */ + EC_FEATURE_AMD_STB_DUMP = 50, + /* + * The EC supports memory dump commands. + */ + EC_FEATURE_MEMORY_DUMP = 51, + /* + * The EC supports DP2.1 capability + */ + EC_FEATURE_TYPEC_DP2_1 = 52, }; #define EC_FEATURE_MASK_0(event_code) BIT(event_code % 32) @@ -1880,6 +1947,19 @@ struct ec_params_flash_protect { uint32_t flags; } __ec_align4; +enum flash_protect_action { + FLASH_PROTECT_ASYNC = 0, + FLASH_PROTECT_GET_RESULT = 1, +}; + +/* Version 2 of the command is "asynchronous". */ +struct ec_params_flash_protect_v2 { + uint8_t action; /**< enum flash_protect_action */ + uint8_t reserved[3]; /**< padding for alignment */ + uint32_t mask; + uint32_t flags; +} __ec_align4; + /** * struct ec_response_flash_protect - Response to the flash protect command. * @flags: Current value of flash protect flags. @@ -4377,7 +4457,7 @@ struct ec_params_i2c_write { * discharge the battery. */ #define EC_CMD_CHARGE_CONTROL 0x0096 -#define EC_VER_CHARGE_CONTROL 2 +#define EC_VER_CHARGE_CONTROL 3 enum ec_charge_control_mode { CHARGE_CONTROL_NORMAL = 0, @@ -4399,12 +4479,16 @@ enum ec_charge_control_cmd { EC_CHARGE_CONTROL_CMD_GET, }; +enum ec_charge_control_flag { + EC_CHARGE_CONTROL_FLAG_NO_IDLE = BIT(0), +}; + struct ec_params_charge_control { uint32_t mode; /* enum charge_control_mode */ /* Below are the fields added in V2. */ uint8_t cmd; /* enum ec_charge_control_cmd. */ - uint8_t reserved; + uint8_t flags; /* enum ec_charge_control_flag (v3+) */ /* * Lower and upper thresholds for battery sustainer. This struct isn't * named to avoid tainting foreign projects' name spaces. @@ -4426,7 +4510,8 @@ struct ec_response_charge_control { int8_t lower; int8_t upper; } sustain_soc; - uint16_t reserved; + uint8_t flags; /* enum ec_charge_control_flag (v3+) */ + uint8_t reserved; } __ec_align4; /*****************************************************************************/ @@ -5098,8 +5183,20 @@ struct ec_response_i2c_passthru_protect { * These commands are for sending and receiving message via HDMI CEC */ +#define EC_CEC_MAX_PORTS 16 + #define MAX_CEC_MSG_LEN 16 +/* + * Helper macros for packing/unpacking cec_events. + * bits[27:0] : bitmask of events from enum mkbp_cec_event + * bits[31:28]: port number + */ +#define EC_MKBP_EVENT_CEC_PACK(events, port) \ + (((events)&GENMASK(27, 0)) | (((port)&0xf) << 28)) +#define EC_MKBP_EVENT_CEC_GET_EVENTS(event) ((event)&GENMASK(27, 0)) +#define EC_MKBP_EVENT_CEC_GET_PORT(event) (((event) >> 28) & 0xf) + /* CEC message from the AP to be written on the CEC bus */ #define EC_CMD_CEC_WRITE_MSG 0x00B8 @@ -5111,19 +5208,54 @@ struct ec_params_cec_write { uint8_t msg[MAX_CEC_MSG_LEN]; } __ec_align1; +/** + * struct ec_params_cec_write_v1 - Message to write to the CEC bus + * @port: CEC port to write the message on + * @msg_len: length of msg in bytes + * @msg: message content to write to the CEC bus + */ +struct ec_params_cec_write_v1 { + uint8_t port; + uint8_t msg_len; + uint8_t msg[MAX_CEC_MSG_LEN]; +} __ec_align1; + +/* CEC message read from a CEC bus reported back to the AP */ +#define EC_CMD_CEC_READ_MSG 0x00B9 + +/** + * struct ec_params_cec_read - Read a message from the CEC bus + * @port: CEC port to read a message on + */ +struct ec_params_cec_read { + uint8_t port; +} __ec_align1; + +/** + * struct ec_response_cec_read - Message read from the CEC bus + * @msg_len: length of msg in bytes + * @msg: message content read from the CEC bus + */ +struct ec_response_cec_read { + uint8_t msg_len; + uint8_t msg[MAX_CEC_MSG_LEN]; +} __ec_align1; + /* Set various CEC parameters */ #define EC_CMD_CEC_SET 0x00BA /** * struct ec_params_cec_set - CEC parameters set * @cmd: parameter type, can be CEC_CMD_ENABLE or CEC_CMD_LOGICAL_ADDRESS + * @port: CEC port to set the parameter on * @val: in case cmd is CEC_CMD_ENABLE, this field can be 0 to disable CEC * or 1 to enable CEC functionality, in case cmd is * CEC_CMD_LOGICAL_ADDRESS, this field encodes the requested logical * address between 0 and 15 or 0xff to unregister */ struct ec_params_cec_set { - uint8_t cmd; /* enum cec_command */ + uint8_t cmd : 4; /* enum cec_command */ + uint8_t port : 4; uint8_t val; } __ec_align1; @@ -5133,9 +5265,11 @@ struct ec_params_cec_set { /** * struct ec_params_cec_get - CEC parameters get * @cmd: parameter type, can be CEC_CMD_ENABLE or CEC_CMD_LOGICAL_ADDRESS + * @port: CEC port to get the parameter on */ struct ec_params_cec_get { - uint8_t cmd; /* enum cec_command */ + uint8_t cmd : 4; /* enum cec_command */ + uint8_t port : 4; } __ec_align1; /** @@ -5149,6 +5283,17 @@ struct ec_response_cec_get { uint8_t val; } __ec_align1; +/* Get the number of CEC ports */ +#define EC_CMD_CEC_PORT_COUNT 0x00C1 + +/** + * struct ec_response_cec_port_count - CEC port count response + * @port_count: number of CEC ports + */ +struct ec_response_cec_port_count { + uint8_t port_count; +} __ec_align1; + /* CEC parameters command */ enum cec_command { /* CEC reading, writing and events enable */ @@ -5163,6 +5308,8 @@ enum mkbp_cec_event { EC_MKBP_CEC_SEND_OK = BIT(0), /* Outgoing message was not acknowledged */ EC_MKBP_CEC_SEND_FAILED = BIT(1), + /* Incoming message can be read out by AP */ + EC_MKBP_CEC_HAVE_DATA = BIT(2), }; /*****************************************************************************/ @@ -5474,6 +5621,11 @@ struct ec_params_reboot_ec { */ #define EC_CMD_GET_PANIC_INFO 0x00D3 +struct ec_params_get_panic_info_v1 { + /* Do not modify PANIC_DATA_FLAG_OLD_HOSTCMD when reading panic info */ + uint8_t preserve_old_hostcmd_flag; +} __ec_align1; + /*****************************************************************************/ /* * Special commands @@ -5877,6 +6029,10 @@ struct ec_params_usb_pd_discovery_entry { /* Negative port parameters have special meaning */ enum usb_pd_override_ports { + /* + * DONT_CHARGE is for all ports. Thus it's persistent across plug-in + * or plug-out. + */ OVERRIDE_DONT_CHARGE = -2, OVERRIDE_OFF = -1, /* [0, CONFIG_USB_PD_PORT_MAX_COUNT): Port# */ @@ -6149,9 +6305,29 @@ enum cbi_data_tag { CBI_TAG_SSFC = 8, /* uint32_t bit field */ CBI_TAG_REWORK_ID = 9, /* uint64_t or smaller */ CBI_TAG_FACTORY_CALIBRATION_DATA = 10, /* uint32_t bit field */ + + /* + * A uint32_t field reserved for controlling common features at runtime. + * It shouldn't be used at board-level. See union ec_common_control for + * the bit definitions. + */ + CBI_TAG_COMMON_CONTROL = 11, + + /* struct board_batt_params */ + CBI_TAG_BATTERY_CONFIG = 12, + /* CBI_TAG_BATTERY_CONFIG_1 ~ 15 will use 13 ~ 27. */ + + /* Last entry */ CBI_TAG_COUNT, }; +union ec_common_control { + struct { + uint32_t bcic_enabled : 1; + }; + uint32_t raw_value; +}; + /* * Flags to control read operation * @@ -7460,6 +7636,166 @@ struct ec_response_typec_vdm_response { uint32_t vdm_attention[2]; } __ec_align1; +/* + * Get an active battery config from the EC. + */ +#define EC_CMD_BATTERY_CONFIG 0x013D + +/* Version of struct batt_conf_header and its internals. */ +#define EC_BATTERY_CONFIG_STRUCT_VERSION 0x00 + +/* Number of writes needed to invoke battery cutoff command */ +#define SHIP_MODE_WRITES 2 + +struct ship_mode_info { + uint8_t reg_addr; + uint8_t reserved; + uint16_t reg_data[SHIP_MODE_WRITES]; +} __packed __aligned(2); + +struct sleep_mode_info { + uint8_t reg_addr; + uint8_t reserved; + uint16_t reg_data; +} __packed __aligned(2); + +struct fet_info { + uint8_t reg_addr; + uint8_t reserved; + uint16_t reg_mask; + uint16_t disconnect_val; + uint16_t cfet_mask; /* CHG FET status mask */ + uint16_t cfet_off_val; +} __packed __aligned(2); + +enum fuel_gauge_flags { + /* + * Write Block Support. If enabled, we use a i2c write block command + * instead of a 16-bit write. The effective difference is the i2c + * transaction will prefix the length (2). + */ + FUEL_GAUGE_FLAG_WRITE_BLOCK = BIT(0), + /* Sleep command support. fuel_gauge_info.sleep_mode must be defined. */ + FUEL_GAUGE_FLAG_SLEEP_MODE = BIT(1), + /* + * Manufacturer access command support. If enabled, FET status is read + * from the OperationStatus (0x54) register using the + * ManufacturerBlockAccess (0x44). + */ + FUEL_GAUGE_FLAG_MFGACC = BIT(2), + /* + * SMB block protocol support in manufacturer access command. If + * enabled, FET status is read from the OperationStatus (0x54) register + * using the ManufacturerBlockAccess (0x44). + */ + FUEL_GAUGE_FLAG_MFGACC_SMB_BLOCK = BIT(3), +}; + +struct fuel_gauge_info { + uint32_t flags; + uint32_t board_flags; + struct ship_mode_info ship_mode; + struct sleep_mode_info sleep_mode; + struct fet_info fet; +} __packed __aligned(4); + +/* Battery constants */ +struct battery_info { + /* Operation voltage in mV */ + uint16_t voltage_max; + uint16_t voltage_normal; + uint16_t voltage_min; + /* (TODO(chromium:756700): add desired_charging_current */ + /** + * Pre-charge to fast charge threshold in mV, + * default to voltage_min if not specified. + * This option is only available on isl923x and rt946x. + */ + uint16_t precharge_voltage; + /* Pre-charge current in mA */ + uint16_t precharge_current; + /* Working temperature ranges in degrees C */ + int8_t start_charging_min_c; + int8_t start_charging_max_c; + int8_t charging_min_c; + int8_t charging_max_c; + int8_t discharging_min_c; + int8_t discharging_max_c; + /* Used only if CONFIG_BATTERY_VENDOR_PARAM is defined. */ + uint8_t vendor_param_start; + uint8_t reserved; +} __packed __aligned(2); + +/** + * The 'config' of a battery. + */ +struct board_batt_params { + struct fuel_gauge_info fuel_gauge; + struct battery_info batt_info; +} __packed __aligned(4); + +#define SBS_MAX_STRING_SIZE 32 + +/** + * Header describing a battery config stored in CBI. Only struct_version has + * size and position independent of struct_version. The rest varies as + * struct_version changes. + * + * Version 0 + * Layout: + * +-------------+ + * | header | + * +-------------+ + * | | ^ + * | manuf_name | | manuf_name_size + * | | v + * +-------------+ + * | device_name | ^ + * | | | device_name_size + * | | v + * +-------------+ + * | config | ^ + * | | | + * | | | cbi data size + * | | | - (header_size+manuf_name_size+device_name_size) + * | | | + * | | v + * +-------------+ + * Note: + * - manuf_name and device_name are not null-terminated. + * - The config isn't aligned. It should be copied to struct board_batt_params + * before its contents are accessed. + */ +struct batt_conf_header { + /* Version independent field. It's always here as a uint8_t. */ + uint8_t struct_version; + /* Version 0 members */ + uint8_t manuf_name_size; + uint8_t device_name_size; + uint8_t reserved; + /* manuf_name, device_name, board_batt_params follow after this. */ +} __packed; + +#define BATT_CONF_MAX_SIZE \ + (sizeof(struct batt_conf_header) + SBS_MAX_STRING_SIZE * 2 + \ + sizeof(struct board_batt_params)) + +/* + * Record the current AP firmware state. This is used to help testing, such as + * with FAFT (Fully-Automated Firmware Test), which likes to know which firmware + * screen is currently displayed. + */ + +#define EC_CMD_AP_FW_STATE 0x013E + +struct ec_params_ap_fw_state { + /* + * Value which indicates the state. This is not decoded by the EC, so + * its meaning is entirely outside this code base. + */ + uint32_t state; +} __ec_align1; + /*****************************************************************************/ /* The command range 0x200-0x2FF is reserved for Rotor. */ @@ -7473,7 +7809,11 @@ struct ec_response_typec_vdm_response { /*****************************************************************************/ /* Fingerprint MCU commands: range 0x0400-0x040x */ -/* Fingerprint SPI sensor passthru command: prototyping ONLY */ +/* + * Fingerprint SPI sensor passthru command + * + * This command was used for prototyping and it's now deprecated. + */ #define EC_CMD_FP_PASSTHRU 0x0400 #define EC_FP_FLAG_NOT_COMPLETE 0x1 @@ -7721,6 +8061,12 @@ struct ec_params_fp_seed { /* FP TPM seed has been set or not */ #define FP_ENC_STATUS_SEED_SET BIT(0) +/* FP using nonce context or not */ +#define FP_CONTEXT_STATUS_NONCE_CONTEXT_SET BIT(1) +/* FP match had been processed or not */ +#define FP_CONTEXT_STATUS_MATCH_PROCESSED_SET BIT(2) +/* FP auth_nonce had been set or not*/ +#define FP_CONTEXT_AUTH_NONCE_SET BIT(3) struct ec_response_fp_encryption_status { /* Used bits in encryption engine status */ @@ -7740,6 +8086,115 @@ struct ec_response_fp_read_match_secret { uint8_t positive_match_secret[FP_POSITIVE_MATCH_SECRET_BYTES]; } __ec_align4; +#define FP_ELLIPTIC_CURVE_PUBLIC_KEY_POINT_LEN 32 + +struct fp_elliptic_curve_public_key { + uint8_t x[FP_ELLIPTIC_CURVE_PUBLIC_KEY_POINT_LEN]; + uint8_t y[FP_ELLIPTIC_CURVE_PUBLIC_KEY_POINT_LEN]; +} __ec_align4; + +#define FP_AES_KEY_ENC_METADATA_VERSION 1 +#define FP_AES_KEY_NONCE_BYTES 12 +#define FP_AES_KEY_ENCRYPTION_SALT_BYTES 16 +#define FP_AES_KEY_TAG_BYTES 16 + +struct fp_auth_command_encryption_metadata { + /* Version of the structure format */ + uint16_t struct_version; + /* Reserved bytes, set to 0. */ + uint16_t reserved; + /* + * The salt is *only* ever used for key derivation. The nonce is unique, + * a different one is used for every message. + */ + uint8_t nonce[FP_AES_KEY_NONCE_BYTES]; + uint8_t encryption_salt[FP_AES_KEY_ENCRYPTION_SALT_BYTES]; + uint8_t tag[FP_AES_KEY_TAG_BYTES]; +} __ec_align4; + +#define FP_ELLIPTIC_CURVE_PRIVATE_KEY_LEN 32 +#define FP_ELLIPTIC_CURVE_PUBLIC_KEY_IV_LEN 16 + +struct fp_encrypted_private_key { + struct fp_auth_command_encryption_metadata info; + uint8_t data[FP_ELLIPTIC_CURVE_PRIVATE_KEY_LEN]; +} __ec_align4; + +#define EC_CMD_FP_ESTABLISH_PAIRING_KEY_KEYGEN 0x0410 + +struct ec_response_fp_establish_pairing_key_keygen { + struct fp_elliptic_curve_public_key pubkey; + struct fp_encrypted_private_key encrypted_private_key; +} __ec_align4; + +#define FP_PAIRING_KEY_LEN 32 + +struct ec_fp_encrypted_pairing_key { + struct fp_auth_command_encryption_metadata info; + uint8_t data[FP_PAIRING_KEY_LEN]; +} __ec_align4; + +#define EC_CMD_FP_ESTABLISH_PAIRING_KEY_WRAP 0x0411 + +struct ec_params_fp_establish_pairing_key_wrap { + struct fp_elliptic_curve_public_key peers_pubkey; + struct fp_encrypted_private_key encrypted_private_key; +} __ec_align4; + +struct ec_response_fp_establish_pairing_key_wrap { + struct ec_fp_encrypted_pairing_key encrypted_pairing_key; +} __ec_align4; + +#define EC_CMD_FP_LOAD_PAIRING_KEY 0x0412 + +typedef struct ec_response_fp_establish_pairing_key_wrap + ec_params_fp_load_pairing_key; + +#define FP_CK_AUTH_NONCE_LEN 32 + +#define EC_CMD_FP_GENERATE_NONCE 0x0413 +struct ec_response_fp_generate_nonce { + uint8_t nonce[FP_CK_AUTH_NONCE_LEN]; +} __ec_align4; + +#define FP_CONTEXT_USERID_LEN 32 +#define FP_CONTEXT_USERID_IV_LEN 16 +#define FP_CONTEXT_KEY_LEN 32 + +#define EC_CMD_FP_NONCE_CONTEXT 0x0414 +struct ec_params_fp_nonce_context { + uint8_t gsc_nonce[FP_CK_AUTH_NONCE_LEN]; + uint8_t enc_user_id[FP_CONTEXT_USERID_LEN]; + uint8_t enc_user_id_iv[FP_CONTEXT_USERID_IV_LEN]; +} __ec_align4; + +#define FP_ELLIPTIC_CURVE_PUBLIC_KEY_IV_LEN 16 + +#define EC_CMD_FP_READ_MATCH_SECRET_WITH_PUBKEY 0x0415 + +struct ec_params_fp_read_match_secret_with_pubkey { + uint16_t fgr; + uint16_t reserved; + struct fp_elliptic_curve_public_key pubkey; +} __ec_align4; + +struct ec_response_fp_read_match_secret_with_pubkey { + struct fp_elliptic_curve_public_key pubkey; + uint8_t iv[FP_ELLIPTIC_CURVE_PUBLIC_KEY_IV_LEN]; + uint8_t enc_secret[FP_POSITIVE_MATCH_SECRET_BYTES]; +} __ec_align4; + +/* Preload encrypted template into the MCU buffer */ +#define EC_CMD_FP_PRELOAD_TEMPLATE 0x0416 + +struct ec_params_fp_preload_template { + uint32_t offset; + uint32_t size; + uint16_t fgr; + uint8_t reserved[2]; + uint8_t data[]; +} __ec_align4; + /*****************************************************************************/ /* Touchpad MCU commands: range 0x0500-0x05FF */