1*d289c2baSAndroid Build Coastguard Worker /*
2*d289c2baSAndroid Build Coastguard Worker * Copyright (C) 2017 The Android Open Source Project
3*d289c2baSAndroid Build Coastguard Worker *
4*d289c2baSAndroid Build Coastguard Worker * Permission is hereby granted, free of charge, to any person
5*d289c2baSAndroid Build Coastguard Worker * obtaining a copy of this software and associated documentation
6*d289c2baSAndroid Build Coastguard Worker * files (the "Software"), to deal in the Software without
7*d289c2baSAndroid Build Coastguard Worker * restriction, including without limitation the rights to use, copy,
8*d289c2baSAndroid Build Coastguard Worker * modify, merge, publish, distribute, sublicense, and/or sell copies
9*d289c2baSAndroid Build Coastguard Worker * of the Software, and to permit persons to whom the Software is
10*d289c2baSAndroid Build Coastguard Worker * furnished to do so, subject to the following conditions:
11*d289c2baSAndroid Build Coastguard Worker *
12*d289c2baSAndroid Build Coastguard Worker * The above copyright notice and this permission notice shall be
13*d289c2baSAndroid Build Coastguard Worker * included in all copies or substantial portions of the Software.
14*d289c2baSAndroid Build Coastguard Worker *
15*d289c2baSAndroid Build Coastguard Worker * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
16*d289c2baSAndroid Build Coastguard Worker * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
17*d289c2baSAndroid Build Coastguard Worker * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
18*d289c2baSAndroid Build Coastguard Worker * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
19*d289c2baSAndroid Build Coastguard Worker * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
20*d289c2baSAndroid Build Coastguard Worker * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
21*d289c2baSAndroid Build Coastguard Worker * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
22*d289c2baSAndroid Build Coastguard Worker * SOFTWARE.
23*d289c2baSAndroid Build Coastguard Worker */
24*d289c2baSAndroid Build Coastguard Worker
25*d289c2baSAndroid Build Coastguard Worker #include "avb_user_verity.h"
26*d289c2baSAndroid Build Coastguard Worker
27*d289c2baSAndroid Build Coastguard Worker /* Maximum allow length (in bytes) of a partition name, including
28*d289c2baSAndroid Build Coastguard Worker * ab_suffix.
29*d289c2baSAndroid Build Coastguard Worker */
30*d289c2baSAndroid Build Coastguard Worker #define AVB_PART_NAME_MAX_SIZE 32
31*d289c2baSAndroid Build Coastguard Worker
32*d289c2baSAndroid Build Coastguard Worker /* Loads the toplevel AvbVBMetaImageHeader from the slot denoted by
33*d289c2baSAndroid Build Coastguard Worker * |ab_suffix| into |vbmeta_image|. No validation, verification, or
34*d289c2baSAndroid Build Coastguard Worker * byteswapping is performed.
35*d289c2baSAndroid Build Coastguard Worker *
36*d289c2baSAndroid Build Coastguard Worker * If successful, |true| is returned and the partition it was loaded
37*d289c2baSAndroid Build Coastguard Worker * from is returned in |out_partition_name| and the offset on said
38*d289c2baSAndroid Build Coastguard Worker * partition is returned in |out_vbmeta_offset|.
39*d289c2baSAndroid Build Coastguard Worker */
load_top_level_vbmeta_header(AvbOps * ops,const char * ab_suffix,uint8_t vbmeta_image[AVB_VBMETA_IMAGE_HEADER_SIZE],char out_partition_name[AVB_PART_NAME_MAX_SIZE],uint64_t * out_vbmeta_offset)40*d289c2baSAndroid Build Coastguard Worker static bool load_top_level_vbmeta_header(
41*d289c2baSAndroid Build Coastguard Worker AvbOps* ops,
42*d289c2baSAndroid Build Coastguard Worker const char* ab_suffix,
43*d289c2baSAndroid Build Coastguard Worker uint8_t vbmeta_image[AVB_VBMETA_IMAGE_HEADER_SIZE],
44*d289c2baSAndroid Build Coastguard Worker char out_partition_name[AVB_PART_NAME_MAX_SIZE],
45*d289c2baSAndroid Build Coastguard Worker uint64_t* out_vbmeta_offset) {
46*d289c2baSAndroid Build Coastguard Worker uint64_t vbmeta_offset = 0;
47*d289c2baSAndroid Build Coastguard Worker size_t num_read;
48*d289c2baSAndroid Build Coastguard Worker bool ret = false;
49*d289c2baSAndroid Build Coastguard Worker AvbIOResult io_res;
50*d289c2baSAndroid Build Coastguard Worker
51*d289c2baSAndroid Build Coastguard Worker /* Construct full partition name. */
52*d289c2baSAndroid Build Coastguard Worker if (!avb_str_concat(out_partition_name,
53*d289c2baSAndroid Build Coastguard Worker AVB_PART_NAME_MAX_SIZE,
54*d289c2baSAndroid Build Coastguard Worker "vbmeta",
55*d289c2baSAndroid Build Coastguard Worker 6,
56*d289c2baSAndroid Build Coastguard Worker ab_suffix,
57*d289c2baSAndroid Build Coastguard Worker avb_strlen(ab_suffix))) {
58*d289c2baSAndroid Build Coastguard Worker avb_error("Partition name and suffix does not fit.\n");
59*d289c2baSAndroid Build Coastguard Worker goto out;
60*d289c2baSAndroid Build Coastguard Worker }
61*d289c2baSAndroid Build Coastguard Worker
62*d289c2baSAndroid Build Coastguard Worker /* Only read the header, not the entire struct. */
63*d289c2baSAndroid Build Coastguard Worker io_res = ops->read_from_partition(ops,
64*d289c2baSAndroid Build Coastguard Worker out_partition_name,
65*d289c2baSAndroid Build Coastguard Worker vbmeta_offset,
66*d289c2baSAndroid Build Coastguard Worker AVB_VBMETA_IMAGE_HEADER_SIZE,
67*d289c2baSAndroid Build Coastguard Worker vbmeta_image,
68*d289c2baSAndroid Build Coastguard Worker &num_read);
69*d289c2baSAndroid Build Coastguard Worker if (io_res == AVB_IO_RESULT_ERROR_NO_SUCH_PARTITION) {
70*d289c2baSAndroid Build Coastguard Worker AvbFooter footer;
71*d289c2baSAndroid Build Coastguard Worker
72*d289c2baSAndroid Build Coastguard Worker /* Try looking for the vbmeta struct in 'boot' via the footer. */
73*d289c2baSAndroid Build Coastguard Worker if (!avb_str_concat(out_partition_name,
74*d289c2baSAndroid Build Coastguard Worker AVB_PART_NAME_MAX_SIZE,
75*d289c2baSAndroid Build Coastguard Worker "boot",
76*d289c2baSAndroid Build Coastguard Worker 4,
77*d289c2baSAndroid Build Coastguard Worker ab_suffix,
78*d289c2baSAndroid Build Coastguard Worker avb_strlen(ab_suffix))) {
79*d289c2baSAndroid Build Coastguard Worker avb_error("Partition name and suffix does not fit.\n");
80*d289c2baSAndroid Build Coastguard Worker goto out;
81*d289c2baSAndroid Build Coastguard Worker }
82*d289c2baSAndroid Build Coastguard Worker io_res = ops->read_from_partition(ops,
83*d289c2baSAndroid Build Coastguard Worker out_partition_name,
84*d289c2baSAndroid Build Coastguard Worker -AVB_FOOTER_SIZE,
85*d289c2baSAndroid Build Coastguard Worker AVB_FOOTER_SIZE,
86*d289c2baSAndroid Build Coastguard Worker &footer,
87*d289c2baSAndroid Build Coastguard Worker &num_read);
88*d289c2baSAndroid Build Coastguard Worker if (io_res != AVB_IO_RESULT_OK) {
89*d289c2baSAndroid Build Coastguard Worker avb_error(
90*d289c2baSAndroid Build Coastguard Worker "Error loading footer from partition '", out_partition_name, "'\n");
91*d289c2baSAndroid Build Coastguard Worker goto out;
92*d289c2baSAndroid Build Coastguard Worker }
93*d289c2baSAndroid Build Coastguard Worker
94*d289c2baSAndroid Build Coastguard Worker if (avb_memcmp(footer.magic, AVB_FOOTER_MAGIC, AVB_FOOTER_MAGIC_LEN) != 0) {
95*d289c2baSAndroid Build Coastguard Worker avb_error("Data from '",
96*d289c2baSAndroid Build Coastguard Worker out_partition_name,
97*d289c2baSAndroid Build Coastguard Worker "' does not look like a vbmeta footer.\n");
98*d289c2baSAndroid Build Coastguard Worker goto out;
99*d289c2baSAndroid Build Coastguard Worker }
100*d289c2baSAndroid Build Coastguard Worker
101*d289c2baSAndroid Build Coastguard Worker vbmeta_offset = avb_be64toh(footer.vbmeta_offset);
102*d289c2baSAndroid Build Coastguard Worker io_res = ops->read_from_partition(ops,
103*d289c2baSAndroid Build Coastguard Worker out_partition_name,
104*d289c2baSAndroid Build Coastguard Worker vbmeta_offset,
105*d289c2baSAndroid Build Coastguard Worker AVB_VBMETA_IMAGE_HEADER_SIZE,
106*d289c2baSAndroid Build Coastguard Worker vbmeta_image,
107*d289c2baSAndroid Build Coastguard Worker &num_read);
108*d289c2baSAndroid Build Coastguard Worker }
109*d289c2baSAndroid Build Coastguard Worker
110*d289c2baSAndroid Build Coastguard Worker if (io_res != AVB_IO_RESULT_OK) {
111*d289c2baSAndroid Build Coastguard Worker avb_error("Error loading from partition '", out_partition_name, "'\n");
112*d289c2baSAndroid Build Coastguard Worker goto out;
113*d289c2baSAndroid Build Coastguard Worker }
114*d289c2baSAndroid Build Coastguard Worker
115*d289c2baSAndroid Build Coastguard Worker if (out_vbmeta_offset != NULL) {
116*d289c2baSAndroid Build Coastguard Worker *out_vbmeta_offset = vbmeta_offset;
117*d289c2baSAndroid Build Coastguard Worker }
118*d289c2baSAndroid Build Coastguard Worker
119*d289c2baSAndroid Build Coastguard Worker ret = true;
120*d289c2baSAndroid Build Coastguard Worker
121*d289c2baSAndroid Build Coastguard Worker out:
122*d289c2baSAndroid Build Coastguard Worker return ret;
123*d289c2baSAndroid Build Coastguard Worker }
124*d289c2baSAndroid Build Coastguard Worker
avb_user_verity_get(AvbOps * ops,const char * ab_suffix,bool * out_verity_enabled)125*d289c2baSAndroid Build Coastguard Worker bool avb_user_verity_get(AvbOps* ops,
126*d289c2baSAndroid Build Coastguard Worker const char* ab_suffix,
127*d289c2baSAndroid Build Coastguard Worker bool* out_verity_enabled) {
128*d289c2baSAndroid Build Coastguard Worker uint8_t vbmeta_image[AVB_VBMETA_IMAGE_HEADER_SIZE]; /* 256 bytes. */
129*d289c2baSAndroid Build Coastguard Worker char partition_name[AVB_PART_NAME_MAX_SIZE]; /* 32 bytes. */
130*d289c2baSAndroid Build Coastguard Worker AvbVBMetaImageHeader* header;
131*d289c2baSAndroid Build Coastguard Worker uint32_t flags;
132*d289c2baSAndroid Build Coastguard Worker bool ret = false;
133*d289c2baSAndroid Build Coastguard Worker
134*d289c2baSAndroid Build Coastguard Worker if (!load_top_level_vbmeta_header(
135*d289c2baSAndroid Build Coastguard Worker ops, ab_suffix, vbmeta_image, partition_name, NULL)) {
136*d289c2baSAndroid Build Coastguard Worker goto out;
137*d289c2baSAndroid Build Coastguard Worker }
138*d289c2baSAndroid Build Coastguard Worker
139*d289c2baSAndroid Build Coastguard Worker if (avb_memcmp(vbmeta_image, AVB_MAGIC, AVB_MAGIC_LEN) != 0) {
140*d289c2baSAndroid Build Coastguard Worker avb_error("Data from '",
141*d289c2baSAndroid Build Coastguard Worker partition_name,
142*d289c2baSAndroid Build Coastguard Worker "' does not look like a vbmeta header.\n");
143*d289c2baSAndroid Build Coastguard Worker goto out;
144*d289c2baSAndroid Build Coastguard Worker }
145*d289c2baSAndroid Build Coastguard Worker
146*d289c2baSAndroid Build Coastguard Worker /* Set/clear the HASHTREE_DISABLED bit, as requested. */
147*d289c2baSAndroid Build Coastguard Worker header = (AvbVBMetaImageHeader*)vbmeta_image;
148*d289c2baSAndroid Build Coastguard Worker flags = avb_be32toh(header->flags);
149*d289c2baSAndroid Build Coastguard Worker
150*d289c2baSAndroid Build Coastguard Worker if (out_verity_enabled != NULL) {
151*d289c2baSAndroid Build Coastguard Worker *out_verity_enabled = !(flags & AVB_VBMETA_IMAGE_FLAGS_HASHTREE_DISABLED);
152*d289c2baSAndroid Build Coastguard Worker }
153*d289c2baSAndroid Build Coastguard Worker
154*d289c2baSAndroid Build Coastguard Worker ret = true;
155*d289c2baSAndroid Build Coastguard Worker
156*d289c2baSAndroid Build Coastguard Worker out:
157*d289c2baSAndroid Build Coastguard Worker return ret;
158*d289c2baSAndroid Build Coastguard Worker }
159*d289c2baSAndroid Build Coastguard Worker
avb_user_verity_set(AvbOps * ops,const char * ab_suffix,bool enable_verity)160*d289c2baSAndroid Build Coastguard Worker bool avb_user_verity_set(AvbOps* ops,
161*d289c2baSAndroid Build Coastguard Worker const char* ab_suffix,
162*d289c2baSAndroid Build Coastguard Worker bool enable_verity) {
163*d289c2baSAndroid Build Coastguard Worker uint8_t vbmeta_image[AVB_VBMETA_IMAGE_HEADER_SIZE]; /* 256 bytes. */
164*d289c2baSAndroid Build Coastguard Worker char partition_name[AVB_PART_NAME_MAX_SIZE]; /* 32 bytes. */
165*d289c2baSAndroid Build Coastguard Worker uint64_t vbmeta_offset;
166*d289c2baSAndroid Build Coastguard Worker AvbIOResult io_res;
167*d289c2baSAndroid Build Coastguard Worker AvbVBMetaImageHeader* header;
168*d289c2baSAndroid Build Coastguard Worker uint32_t flags;
169*d289c2baSAndroid Build Coastguard Worker bool ret = false;
170*d289c2baSAndroid Build Coastguard Worker
171*d289c2baSAndroid Build Coastguard Worker if (!load_top_level_vbmeta_header(
172*d289c2baSAndroid Build Coastguard Worker ops, ab_suffix, vbmeta_image, partition_name, &vbmeta_offset)) {
173*d289c2baSAndroid Build Coastguard Worker goto out;
174*d289c2baSAndroid Build Coastguard Worker }
175*d289c2baSAndroid Build Coastguard Worker
176*d289c2baSAndroid Build Coastguard Worker if (avb_memcmp(vbmeta_image, AVB_MAGIC, AVB_MAGIC_LEN) != 0) {
177*d289c2baSAndroid Build Coastguard Worker avb_error("Data from '",
178*d289c2baSAndroid Build Coastguard Worker partition_name,
179*d289c2baSAndroid Build Coastguard Worker "' does not look like a vbmeta header.\n");
180*d289c2baSAndroid Build Coastguard Worker goto out;
181*d289c2baSAndroid Build Coastguard Worker }
182*d289c2baSAndroid Build Coastguard Worker
183*d289c2baSAndroid Build Coastguard Worker /* Set/clear the HASHTREE_DISABLED bit, as requested. */
184*d289c2baSAndroid Build Coastguard Worker header = (AvbVBMetaImageHeader*)vbmeta_image;
185*d289c2baSAndroid Build Coastguard Worker flags = avb_be32toh(header->flags);
186*d289c2baSAndroid Build Coastguard Worker flags &= ~AVB_VBMETA_IMAGE_FLAGS_HASHTREE_DISABLED;
187*d289c2baSAndroid Build Coastguard Worker if (!enable_verity) {
188*d289c2baSAndroid Build Coastguard Worker flags |= AVB_VBMETA_IMAGE_FLAGS_HASHTREE_DISABLED;
189*d289c2baSAndroid Build Coastguard Worker }
190*d289c2baSAndroid Build Coastguard Worker header->flags = avb_htobe32(flags);
191*d289c2baSAndroid Build Coastguard Worker
192*d289c2baSAndroid Build Coastguard Worker /* Write the header. */
193*d289c2baSAndroid Build Coastguard Worker io_res = ops->write_to_partition(ops,
194*d289c2baSAndroid Build Coastguard Worker partition_name,
195*d289c2baSAndroid Build Coastguard Worker vbmeta_offset,
196*d289c2baSAndroid Build Coastguard Worker AVB_VBMETA_IMAGE_HEADER_SIZE,
197*d289c2baSAndroid Build Coastguard Worker vbmeta_image);
198*d289c2baSAndroid Build Coastguard Worker if (io_res != AVB_IO_RESULT_OK) {
199*d289c2baSAndroid Build Coastguard Worker avb_error("Error writing to partition '", partition_name, "'\n");
200*d289c2baSAndroid Build Coastguard Worker goto out;
201*d289c2baSAndroid Build Coastguard Worker }
202*d289c2baSAndroid Build Coastguard Worker
203*d289c2baSAndroid Build Coastguard Worker ret = true;
204*d289c2baSAndroid Build Coastguard Worker
205*d289c2baSAndroid Build Coastguard Worker out:
206*d289c2baSAndroid Build Coastguard Worker return ret;
207*d289c2baSAndroid Build Coastguard Worker }
208