cli: Add token file generation for secure unlock version update

cli/mfg.c

@@ -1439,6 +1439,10 @@ static int no_openssl(int argc, char **argv)
 
 #endif
 
+
+#define TOKEN_RESROUCE_UNLOCK 0
+#define TOKEN_VERSION_UPDATE 1
+
 #define CMD_DESC_DEBUG_TOKEN "generate debug unlock token file for the device"
 static int debug_unlock_token(int argc, char **argv)
 {
@@ -1456,13 +1460,30 @@ static int debug_unlock_token(int argc, char **argv)
 			   "management system to generate the signature file "
 			   "required for command 'mfg debug-unlock'";
 
+	const struct argconfig_choice type[] = {
+		{"RESROUCE_UNLOCK", TOKEN_RESROUCE_UNLOCK,
+		 "Generate token for signature file requred for command 'mfg debug-unlock' (default)"},
+		{"UNLOCK_VERSION_UPDATE", TOKEN_VERSION_UPDATE,
+		 "Generate token for signature file requred for command 'mfg debug-lock-update'"},
+		{}
+	};
+
 	struct {
 		struct switchtec_dev *dev;
 		int out_fd;
+		int unlock;
+		int update;
 		const char *out_filename;
-	} cfg = {};
+		int type;
+	} cfg = {
+		.type =TOKEN_RESROUCE_UNLOCK,
+	};
+
 	const struct argconfig_options opts[] = {
 		DEVICE_OPTION_MFG_PCI,
+		{"type", 't', "TYPE", CFG_CHOICES, &cfg.type,
+		  required_argument,
+		 "output token file type", .choices=type},
 		{"token_file", .cfg_type=CFG_FD_WR, .value_addr=&cfg.out_fd,
 		  .argument_type=optional_positional,
 		  .force_default="debug.tkn",
@@ -1477,9 +1498,15 @@ static int debug_unlock_token(int argc, char **argv)
 		return ret;
 	}
 
-	token.id = htole32(1);
 	token.serial = htole32(sn_info.chip_serial);
-	token.version = htole32(sn_info.ver_sec_unlock);
+
+	if (cfg.type == TOKEN_RESROUCE_UNLOCK) {
+		token.id = htole32(1);
+		token.version = htole32(sn_info.ver_sec_unlock);
+	} else {
+		token.id = htole32(2);
+		token.version = htole32(sn_info.ver_sec_unlock) + 1;
+	}
 
 	ret = write(cfg.out_fd, &token, sizeof(token));
 	if(ret <= 0) {