I'm hoping that someone can help us with an error that we're getting when we use the FPT tool on the Bay Trail Soc. We're using coreboot to boot Linux via a custom coreboot payload with an E3845 Soc.
To burn the fuses, we issue the following command line:
FPT -writefpfbatch FPFconfigFile.txt
and get the following output:
Intel (R) Flash Programming Tool. Version: 126.96.36.1997
Copyright (c) 2007 - 2013, Intel Corporation. All rights reserved.
Platform: Bay Trail
Reading HSFSTS register... Flash Descriptor: Valid
--- Flash Devices Found ---
W25Q64DW ID:0xEF6017 Size: 8192KB (65536Kb)
Processing file: FPFconfigFile.txt
Receive Response Result: Fuse File Operation Not Supported (FPF Mirror Enabled) [ 0x89 ]
Error 205: Failed writing to the FPF: "SECURE_BOOT_EN" because FPF Mirroring exists
Error 205: Failure. Unexpected error occurred.
The file FPFconfigFile.txt contains:
# This Fuse bit is for enabling Verified Boot. Change value to "01" to enable Secure/verified boot
# This Fuse bit is for Disabling Intel(R) PTT. set value to '01' to permanently disable Intel(R) PTT (ftpm)
# Hash of the public part of the OEM signing key obtained with the Flamingo tool
# The 13 Most Significant Bits of address of alternate copy of IBB within BIOS region
# Alt_bios_limit file is 16 bits wide; applicable values are up to 0x1FFF (13 bits effective).
# This is the ID of the of the Key Manifest ('0' indicates no key manifest is required)
The document 522481_522481_ByTmd_TXE_FW_Comp_Guide_Rev2p4_Fnl.pdf indicates that this is the FPT command line that we should use.
Thanks in advance for your help.
Thank you for contacting Intel Embedded Community.
We are working to give you an update as soon as possible.
Thanks for your patience and understanding.
The information that may help you is stated in sections 3.4 and 10, pages from 9 to 12; 25, 26, and 27of the http://www.intel.com/content/www/us/en/secure/embedded/nda/products/bay-trail/atom-e3800-txe-firmwar... Intel(R) Atom(TM) Processor E3800 Product Family – Intel(R) Trusted Execution Engine [Intel(R) TXE] Firmware Bring-Up Guide document # 540009.
Please let us know if this information is useful to you.
Thanks for your reply, Carlos.
We're familiar with the sections you highlighted in document # 540009, as well as, document # 522481.
We were hoping for get some information on the specific error that FPT reported. We thought that FPF mirroring had to be enabled to allow us to run FPT.
Thanks for your update.
Could you please let us know if you have implemented the suggestions stated in sections C.2.1.2, C.3.1.2, and C.5; pages 100, 101, 102, and 104 of the Bay Trail-M/D Platform - Intel(R) Trusted Execution Engine Intel(R) TXE] Firmware Compliance User Guide document # 522481 that you have mentioned?
Thanks for your cooperation to solve this situation.