OLD | NEW |
1 /* Copyright (c) 2011 The Chromium OS Authors. All rights reserved. | 1 /* Copyright (c) 2011 The Chromium OS Authors. All rights reserved. |
2 * Use of this source code is governed by a BSD-style license that can be | 2 * Use of this source code is governed by a BSD-style license that can be |
3 * found in the LICENSE file. | 3 * found in the LICENSE file. |
4 */ | 4 */ |
5 | 5 |
6 /* Non-volatile storage routines for verified boot. | 6 /* Non-volatile storage routines for verified boot. |
7 */ | 7 */ |
8 | 8 |
9 #ifndef VBOOT_REFERENCE_NVSTORAGE_H_ | 9 #ifndef VBOOT_REFERENCE_NVSTORAGE_H_ |
10 #define VBOOT_REFERENCE_NVSTORAGE_H_ | 10 #define VBOOT_REFERENCE_NVSTORAGE_H_ |
(...skipping 29 matching lines...) Expand all Loading... |
40 * Valid range: 0-15. */ | 40 * Valid range: 0-15. */ |
41 VBNV_TRY_B_COUNT, | 41 VBNV_TRY_B_COUNT, |
42 /* Request recovery mode on next boot; see VBNB_RECOVERY_* below for | 42 /* Request recovery mode on next boot; see VBNB_RECOVERY_* below for |
43 * currently defined reason codes. 8-bit value. */ | 43 * currently defined reason codes. 8-bit value. */ |
44 VBNV_RECOVERY_REQUEST, | 44 VBNV_RECOVERY_REQUEST, |
45 /* Localization index for screen bitmaps displayed by firmware. | 45 /* Localization index for screen bitmaps displayed by firmware. |
46 * 8-bit value. */ | 46 * 8-bit value. */ |
47 VBNV_LOCALIZATION_INDEX, | 47 VBNV_LOCALIZATION_INDEX, |
48 /* Field reserved for kernel/user-mode use; 32-bit value. */ | 48 /* Field reserved for kernel/user-mode use; 32-bit value. */ |
49 VBNV_KERNEL_FIELD, | 49 VBNV_KERNEL_FIELD, |
50 /* Firmware checked RW slot B before slot A on the current boot because | 50 /* Verified boot API function which should generate a test error, if |
51 * VBNV_TRY_B_COUNT was non-zero at that time. 0=no; 1=yes. */ | 51 * error number (below) is non-zero. */ |
52 VBNV_TRIED_FIRMWARE_B, | 52 VBNV_TEST_ERROR_FUNC, |
53 /* Firmware verified the kernel key block signature using the key stored | 53 /* Verified boot API error to generate for the function, if non-zero. */ |
54 * in the firmware. 0=no, just used the key block hash; 1=yes, used the | 54 VBNV_TEST_ERROR_NUM, |
55 * key block signature. */ | |
56 VBNV_FW_VERIFIED_KERNEL_KEY, | |
57 } VbNvParam; | 55 } VbNvParam; |
58 | 56 |
59 | 57 |
60 /* Recovery reason codes for VBNV_RECOVERY_REQUEST */ | 58 /* Recovery reason codes for VBNV_RECOVERY_REQUEST */ |
61 /* Recovery not requested. */ | 59 /* Recovery not requested. */ |
62 #define VBNV_RECOVERY_NOT_REQUESTED 0x00 | 60 #define VBNV_RECOVERY_NOT_REQUESTED 0x00 |
63 /* Recovery requested from legacy utility. (Prior to the NV storage | 61 /* Recovery requested from legacy utility. (Prior to the NV storage |
64 * spec, recovery mode was a single bitfield; this value is reserved | 62 * spec, recovery mode was a single bitfield; this value is reserved |
65 * so that scripts which wrote 1 to the recovery field are | 63 * so that scripts which wrote 1 to the recovery field are |
66 * distinguishable from scripts whch use the recovery reasons listed | 64 * distinguishable from scripts whch use the recovery reasons listed |
67 * here. */ | 65 * here. */ |
68 #define VBNV_RECOVERY_LEGACY 0x01 | 66 #define VBNV_RECOVERY_LEGACY 0x01 |
69 /* User manually requested recovery via recovery button */ | 67 /* User manually requested recovery via recovery button */ |
70 #define VBNV_RECOVERY_RO_MANUAL 0x02 | 68 #define VBNV_RECOVERY_RO_MANUAL 0x02 |
71 /* RW firmware failed signature check (neither RW firmware slot was valid) */ | 69 /* RW firmware failed signature check (neither RW firmware slot was valid) */ |
72 #define VBNV_RECOVERY_RO_INVALID_RW 0x03 | 70 #define VBNV_RECOVERY_RO_INVALID_RW 0x03 |
73 /* S3 resume failed */ | 71 /* S3 resume failed */ |
74 #define VBNV_RECOVERY_RO_S3_RESUME 0x04 | 72 #define VBNV_RECOVERY_RO_S3_RESUME 0x04 |
75 /* TPM error in read-only firmware */ | 73 /* TPM error in read-only firmware */ |
76 #define VBNV_RECOVERY_RO_TPM_ERROR 0x05 | 74 #define VBNV_RECOVERY_RO_TPM_ERROR 0x05 |
77 /* Shared data error in read-only firmware */ | 75 /* Shared data error in read-only firmware */ |
78 #define VBNV_RECOVERY_RO_SHARED_DATA 0x06 | 76 #define VBNV_RECOVERY_RO_SHARED_DATA 0x06 |
| 77 /* Test error from S3Resume() */ |
| 78 #define VBNV_RECOVERY_RO_TEST_S3 0x07 |
| 79 /* Test error from LoadFirmwareSetup() */ |
| 80 #define VBNV_RECOVERY_RO_TEST_LFS 0x08 |
| 81 /* Test error from LoadFirmware() */ |
| 82 #define VBNV_RECOVERY_RO_TEST_LF 0x09 |
79 /* Unspecified/unknown error in read-only firmware */ | 83 /* Unspecified/unknown error in read-only firmware */ |
80 #define VBNV_RECOVERY_RO_UNSPECIFIED 0x3F | 84 #define VBNV_RECOVERY_RO_UNSPECIFIED 0x3F |
81 /* User manually requested recovery by pressing a key at developer | 85 /* User manually requested recovery by pressing a key at developer |
82 * warning screen */ | 86 * warning screen */ |
83 #define VBNV_RECOVERY_RW_DEV_SCREEN 0x41 | 87 #define VBNV_RECOVERY_RW_DEV_SCREEN 0x41 |
84 /* No OS kernel detected */ | 88 /* No OS kernel detected */ |
85 #define VBNV_RECOVERY_RW_NO_OS 0x42 | 89 #define VBNV_RECOVERY_RW_NO_OS 0x42 |
86 /* OS kernel failed signature check */ | 90 /* OS kernel failed signature check */ |
87 #define VBNV_RECOVERY_RW_INVALID_OS 0x43 | 91 #define VBNV_RECOVERY_RW_INVALID_OS 0x43 |
88 /* TPM error in rewritable firmware */ | 92 /* TPM error in rewritable firmware */ |
89 #define VBNV_RECOVERY_RW_TPM_ERROR 0x44 | 93 #define VBNV_RECOVERY_RW_TPM_ERROR 0x44 |
90 /* RW firmware in dev mode, but dev switch is off */ | 94 /* RW firmware in dev mode, but dev switch is off */ |
91 #define VBNV_RECOVERY_RW_DEV_MISMATCH 0x45 | 95 #define VBNV_RECOVERY_RW_DEV_MISMATCH 0x45 |
92 /* Shared data error in rewritable firmware */ | 96 /* Shared data error in rewritable firmware */ |
93 #define VBNV_RECOVERY_RW_SHARED_DATA 0x46 | 97 #define VBNV_RECOVERY_RW_SHARED_DATA 0x46 |
| 98 /* Test error from LoadKernel() */ |
| 99 #define VBNV_RECOVERY_RW_TEST_LK 0x47 |
94 /* Unspecified/unknown error in rewritable firmware */ | 100 /* Unspecified/unknown error in rewritable firmware */ |
95 #define VBNV_RECOVERY_RW_UNSPECIFIED 0x7F | 101 #define VBNV_RECOVERY_RW_UNSPECIFIED 0x7F |
96 /* DM-verity error */ | 102 /* DM-verity error */ |
97 #define VBNV_RECOVERY_KE_DM_VERITY 0x81 | 103 #define VBNV_RECOVERY_KE_DM_VERITY 0x81 |
98 /* Unspecified/unknown error in kernel */ | 104 /* Unspecified/unknown error in kernel */ |
99 #define VBNV_RECOVERY_KE_UNSPECIFIED 0xBF | 105 #define VBNV_RECOVERY_KE_UNSPECIFIED 0xBF |
100 /* Recovery mode test from user-mode */ | 106 /* Recovery mode test from user-mode */ |
101 #define VBNV_RECOVERY_US_TEST 0xC1 | 107 #define VBNV_RECOVERY_US_TEST 0xC1 |
102 /* Unspecified/unknown error in user-mode */ | 108 /* Unspecified/unknown error in user-mode */ |
103 #define VBNV_RECOVERY_US_UNSPECIFIED 0xFF | 109 #define VBNV_RECOVERY_US_UNSPECIFIED 0xFF |
104 | 110 |
105 | 111 |
| 112 /* Function codes for VBNV_TEST_ERROR_FUNC */ |
| 113 #define VBNV_TEST_ERROR_LOAD_FIRMWARE_SETUP 1 |
| 114 #define VBNV_TEST_ERROR_LOAD_FIRMWARE 2 |
| 115 #define VBNV_TEST_ERROR_LOAD_KERNEL 3 |
| 116 #define VBNV_TEST_ERROR_S3_RESUME 4 |
| 117 |
| 118 |
106 /* Initialize the NV storage library. This must be called before any | 119 /* Initialize the NV storage library. This must be called before any |
107 * other functions in this library. Returns 0 if success, non-zero if | 120 * other functions in this library. Returns 0 if success, non-zero if |
108 * error. | 121 * error. |
109 * | 122 * |
110 * Proper calling procedure: | 123 * Proper calling procedure: |
111 * 1) Allocate a context struct. | 124 * 1) Allocate a context struct. |
112 * 2) If multi-threaded/multi-process, acquire a lock to prevent | 125 * 2) If multi-threaded/multi-process, acquire a lock to prevent |
113 * other processes from modifying the underlying storage. | 126 * other processes from modifying the underlying storage. |
114 * 3) Read underlying storage and fill in context->raw. | 127 * 3) Read underlying storage and fill in context->raw. |
115 * 4) Call VbNvSetup(). | 128 * 4) Call VbNvSetup(). |
(...skipping 25 matching lines...) Expand all Loading... |
141 int VbNvGet(VbNvContext* context, VbNvParam param, uint32_t* dest); | 154 int VbNvGet(VbNvContext* context, VbNvParam param, uint32_t* dest); |
142 | 155 |
143 /* Set a NV storage param to a new value. Returns 0 if success, | 156 /* Set a NV storage param to a new value. Returns 0 if success, |
144 * non-zero if error. | 157 * non-zero if error. |
145 * | 158 * |
146 * This may only be called between VbNvSetup() and VbNvTeardown(). */ | 159 * This may only be called between VbNvSetup() and VbNvTeardown(). */ |
147 int VbNvSet(VbNvContext* context, VbNvParam param, uint32_t value); | 160 int VbNvSet(VbNvContext* context, VbNvParam param, uint32_t value); |
148 | 161 |
149 | 162 |
150 #endif /* VBOOT_REFERENCE_NVSTORAGE_H_ */ | 163 #endif /* VBOOT_REFERENCE_NVSTORAGE_H_ */ |
OLD | NEW |