1*8617a60dSAndroid Build Coastguard Worker /* Copyright 2014 The ChromiumOS Authors
2*8617a60dSAndroid Build Coastguard Worker * Use of this source code is governed by a BSD-style license that can be
3*8617a60dSAndroid Build Coastguard Worker * found in the LICENSE file.
4*8617a60dSAndroid Build Coastguard Worker *
5*8617a60dSAndroid Build Coastguard Worker * Misc functions which need access to vb2_context but are not public APIs
6*8617a60dSAndroid Build Coastguard Worker */
7*8617a60dSAndroid Build Coastguard Worker
8*8617a60dSAndroid Build Coastguard Worker #ifndef VBOOT_REFERENCE_2MISC_H_
9*8617a60dSAndroid Build Coastguard Worker #define VBOOT_REFERENCE_2MISC_H_
10*8617a60dSAndroid Build Coastguard Worker
11*8617a60dSAndroid Build Coastguard Worker #include "2api.h"
12*8617a60dSAndroid Build Coastguard Worker #include "2struct.h"
13*8617a60dSAndroid Build Coastguard Worker
14*8617a60dSAndroid Build Coastguard Worker struct vb2_gbb_header;
15*8617a60dSAndroid Build Coastguard Worker struct vb2_workbuf;
16*8617a60dSAndroid Build Coastguard Worker
17*8617a60dSAndroid Build Coastguard Worker #define vb2_container_of(ptr, type, member) ({ \
18*8617a60dSAndroid Build Coastguard Worker const typeof(((type *)0)->member) *__mptr = (ptr); \
19*8617a60dSAndroid Build Coastguard Worker (type *)((uint8_t *)__mptr - offsetof(type, member) );}) \
20*8617a60dSAndroid Build Coastguard Worker
21*8617a60dSAndroid Build Coastguard Worker /**
22*8617a60dSAndroid Build Coastguard Worker * Get the shared data pointer from the vboot context
23*8617a60dSAndroid Build Coastguard Worker *
24*8617a60dSAndroid Build Coastguard Worker * @param ctx Vboot context
25*8617a60dSAndroid Build Coastguard Worker * @return The shared data pointer.
26*8617a60dSAndroid Build Coastguard Worker */
vb2_get_sd(struct vb2_context * ctx)27*8617a60dSAndroid Build Coastguard Worker static inline struct vb2_shared_data *vb2_get_sd(struct vb2_context *ctx)
28*8617a60dSAndroid Build Coastguard Worker {
29*8617a60dSAndroid Build Coastguard Worker return vb2_container_of(ctx, struct vb2_shared_data, ctx);
30*8617a60dSAndroid Build Coastguard Worker }
31*8617a60dSAndroid Build Coastguard Worker
32*8617a60dSAndroid Build Coastguard Worker /**
33*8617a60dSAndroid Build Coastguard Worker * Get the GBB header pointer from a vboot context's shared data
34*8617a60dSAndroid Build Coastguard Worker *
35*8617a60dSAndroid Build Coastguard Worker * @param ctx Vboot context
36*8617a60dSAndroid Build Coastguard Worker * @return The GBB header pointer.
37*8617a60dSAndroid Build Coastguard Worker */
38*8617a60dSAndroid Build Coastguard Worker struct vb2_gbb_header *vb2_get_gbb(struct vb2_context *ctx);
39*8617a60dSAndroid Build Coastguard Worker
40*8617a60dSAndroid Build Coastguard Worker /**
41*8617a60dSAndroid Build Coastguard Worker * Validate gbb signature (the magic number)
42*8617a60dSAndroid Build Coastguard Worker *
43*8617a60dSAndroid Build Coastguard Worker * @param sig Pointer to the signature bytes to validate
44*8617a60dSAndroid Build Coastguard Worker * @return VB2_SUCCESS if valid or non-zero if error.
45*8617a60dSAndroid Build Coastguard Worker */
46*8617a60dSAndroid Build Coastguard Worker vb2_error_t vb2_validate_gbb_signature(uint8_t *sig);
47*8617a60dSAndroid Build Coastguard Worker
48*8617a60dSAndroid Build Coastguard Worker /**
49*8617a60dSAndroid Build Coastguard Worker * Initialize a work buffer from the vboot context.
50*8617a60dSAndroid Build Coastguard Worker *
51*8617a60dSAndroid Build Coastguard Worker * This sets the work buffer to the unused portion of the context work buffer.
52*8617a60dSAndroid Build Coastguard Worker *
53*8617a60dSAndroid Build Coastguard Worker * @param ctx Vboot context
54*8617a60dSAndroid Build Coastguard Worker * @param wb Work buffer to initialize
55*8617a60dSAndroid Build Coastguard Worker */
56*8617a60dSAndroid Build Coastguard Worker void vb2_workbuf_from_ctx(struct vb2_context *ctx, struct vb2_workbuf *wb);
57*8617a60dSAndroid Build Coastguard Worker
58*8617a60dSAndroid Build Coastguard Worker /**
59*8617a60dSAndroid Build Coastguard Worker * Set the amount of work buffer used in the vboot context.
60*8617a60dSAndroid Build Coastguard Worker *
61*8617a60dSAndroid Build Coastguard Worker * This will round up to VB2_WORKBUF_ALIGN, so that the next allocation will
62*8617a60dSAndroid Build Coastguard Worker * be aligned as expected.
63*8617a60dSAndroid Build Coastguard Worker *
64*8617a60dSAndroid Build Coastguard Worker * @param ctx Vboot context
65*8617a60dSAndroid Build Coastguard Worker * @param used Number of bytes used
66*8617a60dSAndroid Build Coastguard Worker */
67*8617a60dSAndroid Build Coastguard Worker void vb2_set_workbuf_used(struct vb2_context *ctx, uint32_t used);
68*8617a60dSAndroid Build Coastguard Worker
69*8617a60dSAndroid Build Coastguard Worker /**
70*8617a60dSAndroid Build Coastguard Worker * Read the GBB header.
71*8617a60dSAndroid Build Coastguard Worker *
72*8617a60dSAndroid Build Coastguard Worker * @param ctx Vboot context
73*8617a60dSAndroid Build Coastguard Worker * @param gbb Destination for header
74*8617a60dSAndroid Build Coastguard Worker * @return VB2_SUCCESS, or non-zero if error.
75*8617a60dSAndroid Build Coastguard Worker */
76*8617a60dSAndroid Build Coastguard Worker vb2_error_t vb2_read_gbb_header(struct vb2_context *ctx,
77*8617a60dSAndroid Build Coastguard Worker struct vb2_gbb_header *gbb);
78*8617a60dSAndroid Build Coastguard Worker
79*8617a60dSAndroid Build Coastguard Worker /**
80*8617a60dSAndroid Build Coastguard Worker * Check for recovery reasons we can determine early in the boot process.
81*8617a60dSAndroid Build Coastguard Worker *
82*8617a60dSAndroid Build Coastguard Worker * On exit, check ctx->flags for VB2_CONTEXT_RECOVERY_MODE; if present, jump to
83*8617a60dSAndroid Build Coastguard Worker * the recovery path instead of continuing with normal boot. This is the only
84*8617a60dSAndroid Build Coastguard Worker * direct path to recovery mode. All other errors later in the boot process
85*8617a60dSAndroid Build Coastguard Worker * should induce a reboot instead of jumping to recovery, so that recovery mode
86*8617a60dSAndroid Build Coastguard Worker * starts from a consistent firmware state.
87*8617a60dSAndroid Build Coastguard Worker *
88*8617a60dSAndroid Build Coastguard Worker * @param ctx Vboot context
89*8617a60dSAndroid Build Coastguard Worker */
90*8617a60dSAndroid Build Coastguard Worker void vb2_check_recovery(struct vb2_context *ctx);
91*8617a60dSAndroid Build Coastguard Worker
92*8617a60dSAndroid Build Coastguard Worker /**
93*8617a60dSAndroid Build Coastguard Worker * Parse the GBB header.
94*8617a60dSAndroid Build Coastguard Worker *
95*8617a60dSAndroid Build Coastguard Worker * @param ctx Vboot context
96*8617a60dSAndroid Build Coastguard Worker * @return VB2_SUCCESS, or error code on error.
97*8617a60dSAndroid Build Coastguard Worker */
98*8617a60dSAndroid Build Coastguard Worker vb2_error_t vb2_fw_init_gbb(struct vb2_context *ctx);
99*8617a60dSAndroid Build Coastguard Worker
100*8617a60dSAndroid Build Coastguard Worker /**
101*8617a60dSAndroid Build Coastguard Worker * Check developer switch position.
102*8617a60dSAndroid Build Coastguard Worker *
103*8617a60dSAndroid Build Coastguard Worker * @param ctx Vboot context
104*8617a60dSAndroid Build Coastguard Worker * @return VB2_SUCCESS, or error code on error.
105*8617a60dSAndroid Build Coastguard Worker */
106*8617a60dSAndroid Build Coastguard Worker vb2_error_t vb2_check_dev_switch(struct vb2_context *ctx);
107*8617a60dSAndroid Build Coastguard Worker
108*8617a60dSAndroid Build Coastguard Worker /**
109*8617a60dSAndroid Build Coastguard Worker * Check if we need to clear the TPM owner.
110*8617a60dSAndroid Build Coastguard Worker *
111*8617a60dSAndroid Build Coastguard Worker * @param ctx Vboot context
112*8617a60dSAndroid Build Coastguard Worker * @return VB2_SUCCESS, or error code on error.
113*8617a60dSAndroid Build Coastguard Worker */
114*8617a60dSAndroid Build Coastguard Worker vb2_error_t vb2_check_tpm_clear(struct vb2_context *ctx);
115*8617a60dSAndroid Build Coastguard Worker
116*8617a60dSAndroid Build Coastguard Worker /**
117*8617a60dSAndroid Build Coastguard Worker * Decide which firmware slot to try this boot.
118*8617a60dSAndroid Build Coastguard Worker *
119*8617a60dSAndroid Build Coastguard Worker * @param ctx Vboot context
120*8617a60dSAndroid Build Coastguard Worker * @return VB2_SUCCESS, or error code on error.
121*8617a60dSAndroid Build Coastguard Worker */
122*8617a60dSAndroid Build Coastguard Worker vb2_error_t vb2_select_fw_slot(struct vb2_context *ctx);
123*8617a60dSAndroid Build Coastguard Worker
124*8617a60dSAndroid Build Coastguard Worker /**
125*8617a60dSAndroid Build Coastguard Worker * Verify the firmware keyblock using the root key.
126*8617a60dSAndroid Build Coastguard Worker *
127*8617a60dSAndroid Build Coastguard Worker * After this call, the data key is stored in the work buffer.
128*8617a60dSAndroid Build Coastguard Worker *
129*8617a60dSAndroid Build Coastguard Worker * @param ctx Vboot context
130*8617a60dSAndroid Build Coastguard Worker * @return VB2_SUCCESS, or error code on error.
131*8617a60dSAndroid Build Coastguard Worker */
132*8617a60dSAndroid Build Coastguard Worker vb2_error_t vb2_load_fw_keyblock(struct vb2_context *ctx);
133*8617a60dSAndroid Build Coastguard Worker
134*8617a60dSAndroid Build Coastguard Worker /**
135*8617a60dSAndroid Build Coastguard Worker * Verify the firmware preamble using the data subkey from the keyblock.
136*8617a60dSAndroid Build Coastguard Worker *
137*8617a60dSAndroid Build Coastguard Worker * After this call, the preamble is stored in the work buffer.
138*8617a60dSAndroid Build Coastguard Worker *
139*8617a60dSAndroid Build Coastguard Worker * @param ctx Vboot context
140*8617a60dSAndroid Build Coastguard Worker * @return VB2_SUCCESS, or error code on error.
141*8617a60dSAndroid Build Coastguard Worker */
142*8617a60dSAndroid Build Coastguard Worker vb2_error_t vb2_load_fw_preamble(struct vb2_context *ctx);
143*8617a60dSAndroid Build Coastguard Worker
144*8617a60dSAndroid Build Coastguard Worker /**
145*8617a60dSAndroid Build Coastguard Worker * Verify the kernel keyblock using the previously-loaded kernel key.
146*8617a60dSAndroid Build Coastguard Worker *
147*8617a60dSAndroid Build Coastguard Worker * After this call, the data key is stored in the work buffer.
148*8617a60dSAndroid Build Coastguard Worker *
149*8617a60dSAndroid Build Coastguard Worker * @param ctx Vboot context
150*8617a60dSAndroid Build Coastguard Worker * @return VB2_SUCCESS, or error code on error.
151*8617a60dSAndroid Build Coastguard Worker */
152*8617a60dSAndroid Build Coastguard Worker vb2_error_t vb2_load_kernel_keyblock(struct vb2_context *ctx);
153*8617a60dSAndroid Build Coastguard Worker
154*8617a60dSAndroid Build Coastguard Worker /**
155*8617a60dSAndroid Build Coastguard Worker * Verify the kernel preamble using the data subkey from the keyblock.
156*8617a60dSAndroid Build Coastguard Worker *
157*8617a60dSAndroid Build Coastguard Worker * After this call, the preamble is stored in the work buffer.
158*8617a60dSAndroid Build Coastguard Worker *
159*8617a60dSAndroid Build Coastguard Worker * @param ctx Vboot context
160*8617a60dSAndroid Build Coastguard Worker * @return VB2_SUCCESS, or error code on error.
161*8617a60dSAndroid Build Coastguard Worker */
162*8617a60dSAndroid Build Coastguard Worker vb2_error_t vb2_load_kernel_preamble(struct vb2_context *ctx);
163*8617a60dSAndroid Build Coastguard Worker
164*8617a60dSAndroid Build Coastguard Worker /**
165*8617a60dSAndroid Build Coastguard Worker * Fill VB2_CONTEXT_DEV_BOOT_ALLOWED, VB2_CONTEXT_DEV_BOOT_EXTERNAL_ALLOWED and
166*8617a60dSAndroid Build Coastguard Worker * VB2_CONTEXT_DEV_BOOT_ALTFW_ALLOWED flags in ctx->flags.
167*8617a60dSAndroid Build Coastguard Worker *
168*8617a60dSAndroid Build Coastguard Worker * @param ctx Vboot context.
169*8617a60dSAndroid Build Coastguard Worker */
170*8617a60dSAndroid Build Coastguard Worker void vb2_fill_dev_boot_flags(struct vb2_context *ctx);
171*8617a60dSAndroid Build Coastguard Worker
172*8617a60dSAndroid Build Coastguard Worker /**
173*8617a60dSAndroid Build Coastguard Worker * Determine and set a mutually exclusive boot mode in the vboot context.
174*8617a60dSAndroid Build Coastguard Worker *
175*8617a60dSAndroid Build Coastguard Worker * Determine the most relevant boot mode for current boot, store into
176*8617a60dSAndroid Build Coastguard Worker * ctx->boot_mode, which is a ctx field introduced in struct version 3.1.
177*8617a60dSAndroid Build Coastguard Worker *
178*8617a60dSAndroid Build Coastguard Worker * This function should be only called by vb2api_fw_phase1.
179*8617a60dSAndroid Build Coastguard Worker * The vb2api_fw_phase1 should call this function at its end phase once and all
180*8617a60dSAndroid Build Coastguard Worker * the following steps should directly access ctx->boot_mode to retrieve the
181*8617a60dSAndroid Build Coastguard Worker * most relevant boot mode.
182*8617a60dSAndroid Build Coastguard Worker *
183*8617a60dSAndroid Build Coastguard Worker * @param ctx Vboot context.
184*8617a60dSAndroid Build Coastguard Worker */
185*8617a60dSAndroid Build Coastguard Worker void vb2_set_boot_mode(struct vb2_context *ctx);
186*8617a60dSAndroid Build Coastguard Worker
187*8617a60dSAndroid Build Coastguard Worker #endif /* VBOOT_REFERENCE_2MISC_H_ */
188