6390 1.0 default dat file 2 1 contains the OEM public key hash as set by OEM root_cert_hash 0000000000000000000000000000000000000000000000000000000000000000 SHA256 signed root cert to generate root hash root_cert_file ./../../resources/testpki/qpsa_rootca.cer USE_SERIAL_NUM. false: Use serial number in signature verification is not enforced. true: Use serial number in signature verification is enforced. SECURE_BOOT0_use_serial_num false USE_SERIAL_NUM. false: Use serial number in signature verification is not enforced. true: Use serial number in signature verification is enforced. SECURE_BOOT1_use_serial_num false The OEM hardware ID oem_hw_id 0x0000 The OEM Model ID oem_product_id 0x0000 used to configure the number of root certificates hashed into OEM_PK_HASH (max: 4) total_rot_num 0 prevents the Watch Dog from being disabled by the GPIO, true: ignore GPIO, false: use GPIO watchdog_enable true If true, all anti_rollback features are enabled. . boot anti_rollback feature . tzapps anti_rollback feature . pilsubsys anti_rollback feature If false, all anti_rollback features are disabled. anti_rollback_feature_enable true RAM_DUMP_USE_SN. 0(false): RAM dump is tied to serial number. 1(true): RAM dump is not tied to serial number. ram_dump_use_sn true ACMT_BYPASS_DISABLE. 0(false): When not blown PCIE ACMT should be bypassed for permission check, to enable full access to internal address space in debug mode. 1(true): PCIE ACMT permission check is enabled. acmt_bypass_disable true