Authenticated Debug for Computing Systems

What is claimed is: 1 . An apparatus, comprising: one or more functional circuits; a debug circuit configured to implement one or more debug features for the one or more functional circuits; and a validation circuit configured to: receive a request to access debug features; send an identification value corresponding to the apparatus; receive a certificate generated by a server computer system, the certificate including encoded debug permissions; decode the encoded debug permissions using the identification value; and using the decoded debug permissions, enable one or more of the debug features. 2 . The apparatus of claim 1 , wherein the validation circuit is further configured to: in response to receiving the request, generate a liveness token, wherein the liveness token includes a one-time use value; and send the generated liveness token with the identification value. 3 . The apparatus of claim 2 , wherein the validation circuit is further configured, in response to receiving the certificate, to: compare a received liveness token extracted from the certificate to the generated liveness token; and based on the comparison, selectively permit the debug circuit to be accessed. 4 . The apparatus of claim 1 , wherein the validation circuit is further configured to send information indicative of available features of the debug circuit and currently enabled features of the debug circuit. 5 . The apparatus of claim 1 , wherein the validation circuit is further configured, in response to receiving the certificate, to determine if the reception of the certificate is expected. 6 . The apparatus of claim 1 , wherein the validation circuit is further configured to end an active debug session in response to a determination that a particular amount of time has elapsed since receiving the certificate, wherein the particular amount of time is indicated in the certificate. 7 . The apparatus of claim 1 , wherein the validation circuit is further configured to end an active debug session in response to a determination that a number of allowed device resets, as indicated by the certificate, have occurred. 8 . The apparatus of claim 1 , wherein the validation circuit receives the request from a first computing device, and wherein the validation circuit is further configured to end an active debug session in response to a determination that a second computing device has been connected to the apparatus. 9 . The apparatus of claim 1 , wherein the validation circuit is further configured to authenticate a digital signature that is included in the received certificate. 10 . A non-transitory computer-readable medium having instructions stored thereon that are executable by a computer system to perform operations comprising: sending, to a device, a request to access debug features of the device; in response to receiving an identification value from the device, sending, to a server computer system, a certificate request to access the debug features of the device, the certificate request including the identification value; receiving a certificate from the server computer system, the certificate including debug permissions; sending the certificate to the device; and accessing one or more of the debug features of the device based on the debug permissions in the certificate. 11 . The non-transitory computer-readable medium of claim 10 , wherein the operations further comprise: requesting, from the device, a liveness token that includes a one-time use value; and including the liveness token in the certificate request. 12 . The non-transitory computer-readable medium of claim 10 , wherein the operations further comprise including authentication credentials for a user of the computer system in the certificate request. 13 . The non-transitory computer-readable medium of claim 10 , wherein the operations further comprise: requesting, from the device, a first value indicating a plurality of debug features available on the device, and a second value indicating a subset of the plurality of debug features that are currently locked; using the first value and the second value to generate a third value indicating one or more of the plurality of debug features to be accessed; and including the third value in the certificate request. 14 . The non-transitory computer-readable medium of claim 10 , wherein the operations further comprise sending, to the device, a command to end a current debug session. 15 . The non-transitory computer-readable medium of claim 10 , wherein the operations further comprise including, in the certificate request, a user-specified number of device resets that are allowed by the device while maintaining a validity of the certificate. 16 . A method, comprising: maintaining, by a server computer system, one or more policies that indicate debug permissions for one or more users to access debug features of one or more devices; receiving, by the server computer system from a debug system, a request to access debug features of a particular device, the request including an identification value associated with the particular device; validating, by the server computer system using the identification value, the request; in response to the validating, determining, by the server computer system, debug permissions for a particular user based on the one or more policies; and sending, by the server computer system, a certificate to the debug system, the certificate indicating the debug permissions. 17 . The method of claim 16 , wherein the validating includes: receiving authentication credentials for the particular user; and in response to a successful validation of the authentication credentials, identifying a particular policy that corresponds to the particular user. 18 . The method of claim 17 , wherein the validating, using the identification value, includes determining if the particular policy is valid for the particular device or for a class of devices that includes the particular device. 19 . The method of claim 17 , wherein determining the debug permissions for the particular user includes: receiving, from the request, a first value indicating one or more debug features to be accessed; and generating, using the particular policy, a second value indicating at least one of the one or more debug features for which access is granted. 20 . The method of claim 16 , wherein validating the request comprises determining a geographic location of the debug system.