1*8617a60dSAndroid Build Coastguard Worker /* Copyright 2014 The ChromiumOS Authors 2*8617a60dSAndroid Build Coastguard Worker * Use of this source code is governed by a BSD-style license that can be 3*8617a60dSAndroid Build Coastguard Worker * found in the LICENSE file. 4*8617a60dSAndroid Build Coastguard Worker * 5*8617a60dSAndroid Build Coastguard Worker * Vboot data structures. 6*8617a60dSAndroid Build Coastguard Worker * 7*8617a60dSAndroid Build Coastguard Worker * Note: Many of the structs have pairs of 32-bit fields and reserved fields. 8*8617a60dSAndroid Build Coastguard Worker * This is to be backwards-compatible with older verified boot data which used 9*8617a60dSAndroid Build Coastguard Worker * 64-bit fields (when we thought that hey, UEFI is 64-bit so all our fields 10*8617a60dSAndroid Build Coastguard Worker * should be too). 11*8617a60dSAndroid Build Coastguard Worker * 12*8617a60dSAndroid Build Coastguard Worker * Offsets should be padded to 32-bit boundaries, since some architectures 13*8617a60dSAndroid Build Coastguard Worker * have trouble with accessing unaligned integers. 14*8617a60dSAndroid Build Coastguard Worker */ 15*8617a60dSAndroid Build Coastguard Worker 16*8617a60dSAndroid Build Coastguard Worker #ifndef VBOOT_REFERENCE_2STRUCT_H_ 17*8617a60dSAndroid Build Coastguard Worker #define VBOOT_REFERENCE_2STRUCT_H_ 18*8617a60dSAndroid Build Coastguard Worker 19*8617a60dSAndroid Build Coastguard Worker #include "2api.h" 20*8617a60dSAndroid Build Coastguard Worker #include "2constants.h" 21*8617a60dSAndroid Build Coastguard Worker #include "2crypto.h" 22*8617a60dSAndroid Build Coastguard Worker #include "2sysincludes.h" 23*8617a60dSAndroid Build Coastguard Worker 24*8617a60dSAndroid Build Coastguard Worker /* Flags for vb2_shared_data.flags */ 25*8617a60dSAndroid Build Coastguard Worker enum vb2_shared_data_flags { 26*8617a60dSAndroid Build Coastguard Worker /* 27*8617a60dSAndroid Build Coastguard Worker * VB2_SD_FLAG_MANUAL_RECOVERY (1 << 0) is deprecated. This flag is not 28*8617a60dSAndroid Build Coastguard Worker * necessary since the introduction of persistent context (CL:1716351). 29*8617a60dSAndroid Build Coastguard Worker * With introducing vb2_boot_mode and differentiating between manual 30*8617a60dSAndroid Build Coastguard Worker * recovery and broken screen (CL:3274699), it is suggested to leverage 31*8617a60dSAndroid Build Coastguard Worker * the vb2_boot_mode instead to determine if the user has physically 32*8617a60dSAndroid Build Coastguard Worker * requested recovery. 33*8617a60dSAndroid Build Coastguard Worker */ 34*8617a60dSAndroid Build Coastguard Worker 35*8617a60dSAndroid Build Coastguard Worker /* Developer mode is enabled */ 36*8617a60dSAndroid Build Coastguard Worker VB2_SD_FLAG_DEV_MODE_ENABLED = (1 << 1), 37*8617a60dSAndroid Build Coastguard Worker 38*8617a60dSAndroid Build Coastguard Worker /* 39*8617a60dSAndroid Build Coastguard Worker * TODO: might be nice to add flags for why dev mode is enabled - via 40*8617a60dSAndroid Build Coastguard Worker * gbb, virtual dev switch, or forced on for testing. 41*8617a60dSAndroid Build Coastguard Worker */ 42*8617a60dSAndroid Build Coastguard Worker 43*8617a60dSAndroid Build Coastguard Worker /* Kernel keyblock was verified by signature (not just hash) */ 44*8617a60dSAndroid Build Coastguard Worker VB2_SD_FLAG_KERNEL_SIGNED = (1 << 2), 45*8617a60dSAndroid Build Coastguard Worker 46*8617a60dSAndroid Build Coastguard Worker /* Software sync needs to update EC-RO or EC-RW */ 47*8617a60dSAndroid Build Coastguard Worker VB2_SD_FLAG_ECSYNC_EC_RO = (1 << 3), 48*8617a60dSAndroid Build Coastguard Worker VB2_SD_FLAG_ECSYNC_EC_RW = (1 << 4), 49*8617a60dSAndroid Build Coastguard Worker 50*8617a60dSAndroid Build Coastguard Worker /* 51*8617a60dSAndroid Build Coastguard Worker * VB2_SD_FLAG_ECSYNC_PD_RW (1 << 5) is deprecated. Vboot no 52*8617a60dSAndroid Build Coastguard Worker * longer supports updating "PD" devices running CrOS EC code. 53*8617a60dSAndroid Build Coastguard Worker */ 54*8617a60dSAndroid Build Coastguard Worker 55*8617a60dSAndroid Build Coastguard Worker /* Software sync says EC running RW */ 56*8617a60dSAndroid Build Coastguard Worker VB2_SD_FLAG_ECSYNC_EC_IN_RW = (1 << 6), 57*8617a60dSAndroid Build Coastguard Worker 58*8617a60dSAndroid Build Coastguard Worker /* 59*8617a60dSAndroid Build Coastguard Worker * VB2_SD_FLAG_ECSYNC_PD_IN_RW (1 << 7) is deprecated. Vboot 60*8617a60dSAndroid Build Coastguard Worker * no longer supports updating "PD" devices running CrOS EC 61*8617a60dSAndroid Build Coastguard Worker * code. 62*8617a60dSAndroid Build Coastguard Worker */ 63*8617a60dSAndroid Build Coastguard Worker 64*8617a60dSAndroid Build Coastguard Worker /* Display is available on this boot */ 65*8617a60dSAndroid Build Coastguard Worker VB2_SD_FLAG_DISPLAY_AVAILABLE = (1 << 8), 66*8617a60dSAndroid Build Coastguard Worker 67*8617a60dSAndroid Build Coastguard Worker /* Mirrored hash (Hmir) is updated. */ 68*8617a60dSAndroid Build Coastguard Worker VB2_SD_FLAG_ECSYNC_HMIR_UPDATED = (1 << 9), 69*8617a60dSAndroid Build Coastguard Worker }; 70*8617a60dSAndroid Build Coastguard Worker 71*8617a60dSAndroid Build Coastguard Worker /* Flags for vb2_shared_data.status */ 72*8617a60dSAndroid Build Coastguard Worker enum vb2_shared_data_status { 73*8617a60dSAndroid Build Coastguard Worker /* Reinitialized NV data due to invalid checksum */ 74*8617a60dSAndroid Build Coastguard Worker VB2_SD_STATUS_NV_REINIT = (1 << 0), 75*8617a60dSAndroid Build Coastguard Worker 76*8617a60dSAndroid Build Coastguard Worker /* NV data has been initialized */ 77*8617a60dSAndroid Build Coastguard Worker VB2_SD_STATUS_NV_INIT = (1 << 1), 78*8617a60dSAndroid Build Coastguard Worker 79*8617a60dSAndroid Build Coastguard Worker /* Secure data initialized */ 80*8617a60dSAndroid Build Coastguard Worker VB2_SD_STATUS_SECDATA_FIRMWARE_INIT = (1 << 2), 81*8617a60dSAndroid Build Coastguard Worker 82*8617a60dSAndroid Build Coastguard Worker /* Chose a firmware slot */ 83*8617a60dSAndroid Build Coastguard Worker VB2_SD_STATUS_CHOSE_SLOT = (1 << 3), 84*8617a60dSAndroid Build Coastguard Worker 85*8617a60dSAndroid Build Coastguard Worker /* Secure data kernel version space initialized */ 86*8617a60dSAndroid Build Coastguard Worker VB2_SD_STATUS_SECDATA_KERNEL_INIT = (1 << 4), 87*8617a60dSAndroid Build Coastguard Worker 88*8617a60dSAndroid Build Coastguard Worker /* FWMP secure data initialized */ 89*8617a60dSAndroid Build Coastguard Worker VB2_SD_STATUS_SECDATA_FWMP_INIT = (1 << 5), 90*8617a60dSAndroid Build Coastguard Worker 91*8617a60dSAndroid Build Coastguard Worker /* EC Sync completed successfully */ 92*8617a60dSAndroid Build Coastguard Worker VB2_SD_STATUS_EC_SYNC_COMPLETE = (1 << 6), 93*8617a60dSAndroid Build Coastguard Worker 94*8617a60dSAndroid Build Coastguard Worker /* Have checked whether we are booting into recovery mode or not. */ 95*8617a60dSAndroid Build Coastguard Worker VB2_SD_STATUS_RECOVERY_DECIDED = (1 << 7), 96*8617a60dSAndroid Build Coastguard Worker }; 97*8617a60dSAndroid Build Coastguard Worker 98*8617a60dSAndroid Build Coastguard Worker /* "V2SD" = vb2_shared_data.magic */ 99*8617a60dSAndroid Build Coastguard Worker #define VB2_SHARED_DATA_MAGIC 0x44533256 100*8617a60dSAndroid Build Coastguard Worker 101*8617a60dSAndroid Build Coastguard Worker /* Current version of vb2_shared_data struct */ 102*8617a60dSAndroid Build Coastguard Worker #define VB2_SHARED_DATA_VERSION_MAJOR 3 103*8617a60dSAndroid Build Coastguard Worker #define VB2_SHARED_DATA_VERSION_MINOR 2 104*8617a60dSAndroid Build Coastguard Worker 105*8617a60dSAndroid Build Coastguard Worker /* MAX_SIZE should not be changed without bumping up DATA_VERSION_MAJOR. */ 106*8617a60dSAndroid Build Coastguard Worker #define VB2_CONTEXT_MAX_SIZE 384 107*8617a60dSAndroid Build Coastguard Worker 108*8617a60dSAndroid Build Coastguard Worker /* 109*8617a60dSAndroid Build Coastguard Worker * Data shared between vboot API calls. Stored at the start of the work 110*8617a60dSAndroid Build Coastguard Worker * buffer. 111*8617a60dSAndroid Build Coastguard Worker */ 112*8617a60dSAndroid Build Coastguard Worker struct vb2_shared_data { 113*8617a60dSAndroid Build Coastguard Worker /* Magic number for struct (VB2_SHARED_DATA_MAGIC) */ 114*8617a60dSAndroid Build Coastguard Worker uint32_t magic; 115*8617a60dSAndroid Build Coastguard Worker 116*8617a60dSAndroid Build Coastguard Worker /* Version of this structure */ 117*8617a60dSAndroid Build Coastguard Worker uint16_t struct_version_major; 118*8617a60dSAndroid Build Coastguard Worker uint16_t struct_version_minor; 119*8617a60dSAndroid Build Coastguard Worker 120*8617a60dSAndroid Build Coastguard Worker /* Public fields are stored in the context object */ 121*8617a60dSAndroid Build Coastguard Worker struct vb2_context ctx; 122*8617a60dSAndroid Build Coastguard Worker 123*8617a60dSAndroid Build Coastguard Worker /* Padding for adding future vb2_context fields */ 124*8617a60dSAndroid Build Coastguard Worker uint8_t padding[VB2_CONTEXT_MAX_SIZE - sizeof(struct vb2_context)]; 125*8617a60dSAndroid Build Coastguard Worker 126*8617a60dSAndroid Build Coastguard Worker /* Work buffer length in bytes. */ 127*8617a60dSAndroid Build Coastguard Worker uint32_t workbuf_size; 128*8617a60dSAndroid Build Coastguard Worker 129*8617a60dSAndroid Build Coastguard Worker /* 130*8617a60dSAndroid Build Coastguard Worker * Amount of work buffer used so far. Verified boot sub-calls use 131*8617a60dSAndroid Build Coastguard Worker * this to know where the unused work area starts. 132*8617a60dSAndroid Build Coastguard Worker */ 133*8617a60dSAndroid Build Coastguard Worker uint32_t workbuf_used; 134*8617a60dSAndroid Build Coastguard Worker 135*8617a60dSAndroid Build Coastguard Worker /* Flags; see enum vb2_shared_data_flags */ 136*8617a60dSAndroid Build Coastguard Worker uint32_t flags; 137*8617a60dSAndroid Build Coastguard Worker 138*8617a60dSAndroid Build Coastguard Worker /* 139*8617a60dSAndroid Build Coastguard Worker * Reason we are in recovery mode this boot (enum vb2_nv_recovery), or 140*8617a60dSAndroid Build Coastguard Worker * 0 if we aren't. 141*8617a60dSAndroid Build Coastguard Worker */ 142*8617a60dSAndroid Build Coastguard Worker uint32_t recovery_reason; 143*8617a60dSAndroid Build Coastguard Worker 144*8617a60dSAndroid Build Coastguard Worker /* Firmware slot used last boot (0=A, 1=B) */ 145*8617a60dSAndroid Build Coastguard Worker uint32_t last_fw_slot; 146*8617a60dSAndroid Build Coastguard Worker 147*8617a60dSAndroid Build Coastguard Worker /* Result of last boot (enum vb2_fw_result) */ 148*8617a60dSAndroid Build Coastguard Worker uint32_t last_fw_result; 149*8617a60dSAndroid Build Coastguard Worker 150*8617a60dSAndroid Build Coastguard Worker /* Firmware slot used this boot */ 151*8617a60dSAndroid Build Coastguard Worker uint32_t fw_slot; 152*8617a60dSAndroid Build Coastguard Worker 153*8617a60dSAndroid Build Coastguard Worker /* 154*8617a60dSAndroid Build Coastguard Worker * Version for this slot (top 16 bits = key, lower 16 bits = firmware). 155*8617a60dSAndroid Build Coastguard Worker * 156*8617a60dSAndroid Build Coastguard Worker * TODO: Make this a union to allow getting/setting those versions 157*8617a60dSAndroid Build Coastguard Worker * separately? 158*8617a60dSAndroid Build Coastguard Worker */ 159*8617a60dSAndroid Build Coastguard Worker uint32_t fw_version; 160*8617a60dSAndroid Build Coastguard Worker 161*8617a60dSAndroid Build Coastguard Worker /* Version from secdata_firmware (must be <= fw_version to boot). */ 162*8617a60dSAndroid Build Coastguard Worker uint32_t fw_version_secdata; 163*8617a60dSAndroid Build Coastguard Worker 164*8617a60dSAndroid Build Coastguard Worker /* 165*8617a60dSAndroid Build Coastguard Worker * Status flags for this boot; see enum vb2_shared_data_status. Status 166*8617a60dSAndroid Build Coastguard Worker * is "what we've done"; flags above are "decisions we've made". 167*8617a60dSAndroid Build Coastguard Worker */ 168*8617a60dSAndroid Build Coastguard Worker uint32_t status; 169*8617a60dSAndroid Build Coastguard Worker 170*8617a60dSAndroid Build Coastguard Worker /* Offset from start of this struct to GBB header */ 171*8617a60dSAndroid Build Coastguard Worker uint32_t gbb_offset; 172*8617a60dSAndroid Build Coastguard Worker 173*8617a60dSAndroid Build Coastguard Worker /********************************************************************** 174*8617a60dSAndroid Build Coastguard Worker * Data from kernel verification stage. 175*8617a60dSAndroid Build Coastguard Worker * 176*8617a60dSAndroid Build Coastguard Worker * TODO: shouldn't be part of the main struct, since that needlessly 177*8617a60dSAndroid Build Coastguard Worker * uses more memory during firmware verification. 178*8617a60dSAndroid Build Coastguard Worker */ 179*8617a60dSAndroid Build Coastguard Worker 180*8617a60dSAndroid Build Coastguard Worker /* 181*8617a60dSAndroid Build Coastguard Worker * Version for the current kernel (top 16 bits = key, lower 16 bits = 182*8617a60dSAndroid Build Coastguard Worker * kernel preamble). 183*8617a60dSAndroid Build Coastguard Worker * 184*8617a60dSAndroid Build Coastguard Worker * TODO: Make this a union to allow getting/setting those versions 185*8617a60dSAndroid Build Coastguard Worker * separately? 186*8617a60dSAndroid Build Coastguard Worker */ 187*8617a60dSAndroid Build Coastguard Worker uint32_t kernel_version; 188*8617a60dSAndroid Build Coastguard Worker 189*8617a60dSAndroid Build Coastguard Worker /* Version from secdata_kernel (must be <= kernel_version to boot) */ 190*8617a60dSAndroid Build Coastguard Worker uint32_t kernel_version_secdata; 191*8617a60dSAndroid Build Coastguard Worker 192*8617a60dSAndroid Build Coastguard Worker /********************************************************************** 193*8617a60dSAndroid Build Coastguard Worker * Temporary variables used during firmware verification. These don't 194*8617a60dSAndroid Build Coastguard Worker * really need to persist through to the OS, but there's nowhere else 195*8617a60dSAndroid Build Coastguard Worker * we can put them. 196*8617a60dSAndroid Build Coastguard Worker */ 197*8617a60dSAndroid Build Coastguard Worker 198*8617a60dSAndroid Build Coastguard Worker /* Offset of preamble from start of vblock */ 199*8617a60dSAndroid Build Coastguard Worker uint32_t vblock_preamble_offset; 200*8617a60dSAndroid Build Coastguard Worker 201*8617a60dSAndroid Build Coastguard Worker /* 202*8617a60dSAndroid Build Coastguard Worker * Offset and size of packed data key in work buffer. Size is 0 if 203*8617a60dSAndroid Build Coastguard Worker * data key is not stored in the work buffer. 204*8617a60dSAndroid Build Coastguard Worker */ 205*8617a60dSAndroid Build Coastguard Worker uint32_t data_key_offset; 206*8617a60dSAndroid Build Coastguard Worker uint32_t data_key_size; 207*8617a60dSAndroid Build Coastguard Worker 208*8617a60dSAndroid Build Coastguard Worker /* 209*8617a60dSAndroid Build Coastguard Worker * Offset and size of firmware preamble in work buffer. Size is 0 if 210*8617a60dSAndroid Build Coastguard Worker * preamble is not stored in the work buffer. 211*8617a60dSAndroid Build Coastguard Worker */ 212*8617a60dSAndroid Build Coastguard Worker uint32_t preamble_offset; 213*8617a60dSAndroid Build Coastguard Worker uint32_t preamble_size; 214*8617a60dSAndroid Build Coastguard Worker 215*8617a60dSAndroid Build Coastguard Worker /* 216*8617a60dSAndroid Build Coastguard Worker * Offset and size of hash context in work buffer. Size is 0 if 217*8617a60dSAndroid Build Coastguard Worker * hash context is not stored in the work buffer. 218*8617a60dSAndroid Build Coastguard Worker */ 219*8617a60dSAndroid Build Coastguard Worker uint32_t hash_offset; 220*8617a60dSAndroid Build Coastguard Worker uint32_t hash_size; 221*8617a60dSAndroid Build Coastguard Worker 222*8617a60dSAndroid Build Coastguard Worker /* 223*8617a60dSAndroid Build Coastguard Worker * Current tag we're hashing 224*8617a60dSAndroid Build Coastguard Worker * 225*8617a60dSAndroid Build Coastguard Worker * For new structs, this is the offset of the vb2_signature struct 226*8617a60dSAndroid Build Coastguard Worker * in the work buffer. 227*8617a60dSAndroid Build Coastguard Worker * 228*8617a60dSAndroid Build Coastguard Worker * TODO: rename to hash_sig_offset when vboot1 structs are deprecated. 229*8617a60dSAndroid Build Coastguard Worker */ 230*8617a60dSAndroid Build Coastguard Worker uint32_t hash_tag; 231*8617a60dSAndroid Build Coastguard Worker 232*8617a60dSAndroid Build Coastguard Worker /* Amount of data we still expect to hash */ 233*8617a60dSAndroid Build Coastguard Worker uint32_t hash_remaining_size; 234*8617a60dSAndroid Build Coastguard Worker 235*8617a60dSAndroid Build Coastguard Worker /********************************************************************** 236*8617a60dSAndroid Build Coastguard Worker * Temporary variables used during kernel verification. These don't 237*8617a60dSAndroid Build Coastguard Worker * really need to persist through to the OS, but there's nowhere else 238*8617a60dSAndroid Build Coastguard Worker * we can put them. 239*8617a60dSAndroid Build Coastguard Worker * 240*8617a60dSAndroid Build Coastguard Worker * TODO: make a union with the firmware verification temp variables, 241*8617a60dSAndroid Build Coastguard Worker * or make both of them workbuf-allocated sub-structs, so that we can 242*8617a60dSAndroid Build Coastguard Worker * overlap them so kernel variables don't bloat firmware verification 243*8617a60dSAndroid Build Coastguard Worker * stage memory requirements. 244*8617a60dSAndroid Build Coastguard Worker */ 245*8617a60dSAndroid Build Coastguard Worker 246*8617a60dSAndroid Build Coastguard Worker /* 247*8617a60dSAndroid Build Coastguard Worker * Formerly a pointer to vboot1 shared data header ("VBSD"). Caller 248*8617a60dSAndroid Build Coastguard Worker * may now export a copy of VBSD via vb2api_export_vbsd(). 249*8617a60dSAndroid Build Coastguard Worker * TODO: Remove this field and bump struct_version_major. 250*8617a60dSAndroid Build Coastguard Worker */ 251*8617a60dSAndroid Build Coastguard Worker uintptr_t reserved0; 252*8617a60dSAndroid Build Coastguard Worker 253*8617a60dSAndroid Build Coastguard Worker /* 254*8617a60dSAndroid Build Coastguard Worker * Offset and size of packed kernel key in work buffer. Size is 0 if 255*8617a60dSAndroid Build Coastguard Worker * subkey is not stored in the work buffer. Note that kernel key may 256*8617a60dSAndroid Build Coastguard Worker * be inside the firmware preamble. 257*8617a60dSAndroid Build Coastguard Worker */ 258*8617a60dSAndroid Build Coastguard Worker uint32_t kernel_key_offset; 259*8617a60dSAndroid Build Coastguard Worker uint32_t kernel_key_size; 260*8617a60dSAndroid Build Coastguard Worker } __attribute__((packed)); 261*8617a60dSAndroid Build Coastguard Worker 262*8617a60dSAndroid Build Coastguard Worker /****************************************************************************/ 263*8617a60dSAndroid Build Coastguard Worker 264*8617a60dSAndroid Build Coastguard Worker /* Signature at start of the GBB 265*8617a60dSAndroid Build Coastguard Worker * Note that if you compile in the signature as is, you are likely to break any 266*8617a60dSAndroid Build Coastguard Worker * tools that search for the signature. */ 267*8617a60dSAndroid Build Coastguard Worker #define VB2_GBB_SIGNATURE "$GBB" 268*8617a60dSAndroid Build Coastguard Worker #define VB2_GBB_SIGNATURE_SIZE 4 269*8617a60dSAndroid Build Coastguard Worker #define VB2_GBB_XOR_CHARS "****" 270*8617a60dSAndroid Build Coastguard Worker /* TODO: can we write a macro to produce this at compile time? */ 271*8617a60dSAndroid Build Coastguard Worker #define VB2_GBB_XOR_SIGNATURE { 0x0e, 0x6d, 0x68, 0x68 } 272*8617a60dSAndroid Build Coastguard Worker 273*8617a60dSAndroid Build Coastguard Worker #define VB2_GBB_HWID_DIGEST_SIZE 32 274*8617a60dSAndroid Build Coastguard Worker 275*8617a60dSAndroid Build Coastguard Worker /* VB2 GBB struct version */ 276*8617a60dSAndroid Build Coastguard Worker #define VB2_GBB_MAJOR_VER 1 277*8617a60dSAndroid Build Coastguard Worker #define VB2_GBB_MINOR_VER 2 278*8617a60dSAndroid Build Coastguard Worker /* v1.2 - added fields for sha256 digest of the HWID */ 279*8617a60dSAndroid Build Coastguard Worker 280*8617a60dSAndroid Build Coastguard Worker struct vb2_gbb_header { 281*8617a60dSAndroid Build Coastguard Worker /* Fields present in version 1.1 */ 282*8617a60dSAndroid Build Coastguard Worker uint8_t signature[VB2_GBB_SIGNATURE_SIZE]; /* VB2_GBB_SIGNATURE */ 283*8617a60dSAndroid Build Coastguard Worker uint16_t major_version; /* See VB2_GBB_MAJOR_VER */ 284*8617a60dSAndroid Build Coastguard Worker uint16_t minor_version; /* See VB2_GBB_MINOR_VER */ 285*8617a60dSAndroid Build Coastguard Worker uint32_t header_size; /* Size of GBB header in bytes */ 286*8617a60dSAndroid Build Coastguard Worker 287*8617a60dSAndroid Build Coastguard Worker /* Flags (see enum vb2_gbb_flag in 2gbb_flags.h) */ 288*8617a60dSAndroid Build Coastguard Worker vb2_gbb_flags_t flags; 289*8617a60dSAndroid Build Coastguard Worker 290*8617a60dSAndroid Build Coastguard Worker /* Offsets (from start of header) and sizes (in bytes) of components */ 291*8617a60dSAndroid Build Coastguard Worker uint32_t hwid_offset; /* HWID */ 292*8617a60dSAndroid Build Coastguard Worker uint32_t hwid_size; 293*8617a60dSAndroid Build Coastguard Worker uint32_t rootkey_offset; /* Root key */ 294*8617a60dSAndroid Build Coastguard Worker uint32_t rootkey_size; 295*8617a60dSAndroid Build Coastguard Worker uint32_t bmpfv_offset; /* BMP FV; deprecated in current FW */ 296*8617a60dSAndroid Build Coastguard Worker uint32_t bmpfv_size; 297*8617a60dSAndroid Build Coastguard Worker uint32_t recovery_key_offset; /* Recovery key */ 298*8617a60dSAndroid Build Coastguard Worker uint32_t recovery_key_size; 299*8617a60dSAndroid Build Coastguard Worker 300*8617a60dSAndroid Build Coastguard Worker /* Added in version 1.2 */ 301*8617a60dSAndroid Build Coastguard Worker uint8_t hwid_digest[VB2_GBB_HWID_DIGEST_SIZE]; /* SHA-256 of HWID */ 302*8617a60dSAndroid Build Coastguard Worker 303*8617a60dSAndroid Build Coastguard Worker /* Pad to match EXPECTED_VB2_GBB_HEADER_SIZE. Initialize to 0. */ 304*8617a60dSAndroid Build Coastguard Worker uint8_t pad[48]; 305*8617a60dSAndroid Build Coastguard Worker } __attribute__((packed)); 306*8617a60dSAndroid Build Coastguard Worker 307*8617a60dSAndroid Build Coastguard Worker #define EXPECTED_VB2_GBB_HEADER_SIZE 128 308*8617a60dSAndroid Build Coastguard Worker 309*8617a60dSAndroid Build Coastguard Worker /* VB2_GBB_FLAGS_OFFSET exposed in 2constants.h */ 310*8617a60dSAndroid Build Coastguard Worker _Static_assert(VB2_GBB_FLAGS_OFFSET == offsetof(struct vb2_gbb_header, flags), 311*8617a60dSAndroid Build Coastguard Worker "VB2_GBB_FLAGS_OFFSET set incorrectly"); 312*8617a60dSAndroid Build Coastguard Worker 313*8617a60dSAndroid Build Coastguard Worker /****************************************************************************/ 314*8617a60dSAndroid Build Coastguard Worker 315*8617a60dSAndroid Build Coastguard Worker /* Packed public key data */ 316*8617a60dSAndroid Build Coastguard Worker struct vb2_packed_key { 317*8617a60dSAndroid Build Coastguard Worker /* Offset of key data from start of this struct */ 318*8617a60dSAndroid Build Coastguard Worker uint32_t key_offset; 319*8617a60dSAndroid Build Coastguard Worker uint32_t reserved0; 320*8617a60dSAndroid Build Coastguard Worker 321*8617a60dSAndroid Build Coastguard Worker /* Size of key data in bytes (NOT strength of key in bits) */ 322*8617a60dSAndroid Build Coastguard Worker uint32_t key_size; 323*8617a60dSAndroid Build Coastguard Worker uint32_t reserved1; 324*8617a60dSAndroid Build Coastguard Worker 325*8617a60dSAndroid Build Coastguard Worker /* Signature algorithm used by the key (enum vb2_crypto_algorithm) */ 326*8617a60dSAndroid Build Coastguard Worker uint32_t algorithm; 327*8617a60dSAndroid Build Coastguard Worker uint32_t reserved2; 328*8617a60dSAndroid Build Coastguard Worker 329*8617a60dSAndroid Build Coastguard Worker /* Key version */ 330*8617a60dSAndroid Build Coastguard Worker uint32_t key_version; 331*8617a60dSAndroid Build Coastguard Worker uint32_t reserved3; 332*8617a60dSAndroid Build Coastguard Worker 333*8617a60dSAndroid Build Coastguard Worker /* TODO: when redoing this struct, add a text description of the key */ 334*8617a60dSAndroid Build Coastguard Worker } __attribute__((packed)); 335*8617a60dSAndroid Build Coastguard Worker 336*8617a60dSAndroid Build Coastguard Worker #define EXPECTED_VB2_PACKED_KEY_SIZE 32 337*8617a60dSAndroid Build Coastguard Worker 338*8617a60dSAndroid Build Coastguard Worker /****************************************************************************/ 339*8617a60dSAndroid Build Coastguard Worker 340*8617a60dSAndroid Build Coastguard Worker /* Signature data (a secure hash, possibly signed) */ 341*8617a60dSAndroid Build Coastguard Worker struct vb2_signature { 342*8617a60dSAndroid Build Coastguard Worker /* Offset of signature data from start of this struct */ 343*8617a60dSAndroid Build Coastguard Worker uint32_t sig_offset; 344*8617a60dSAndroid Build Coastguard Worker uint32_t reserved0; 345*8617a60dSAndroid Build Coastguard Worker 346*8617a60dSAndroid Build Coastguard Worker /* Size of signature data in bytes */ 347*8617a60dSAndroid Build Coastguard Worker uint32_t sig_size; 348*8617a60dSAndroid Build Coastguard Worker uint32_t reserved1; 349*8617a60dSAndroid Build Coastguard Worker 350*8617a60dSAndroid Build Coastguard Worker /* Size of the data block which was signed in bytes */ 351*8617a60dSAndroid Build Coastguard Worker uint32_t data_size; 352*8617a60dSAndroid Build Coastguard Worker uint32_t reserved2; 353*8617a60dSAndroid Build Coastguard Worker } __attribute__((packed)); 354*8617a60dSAndroid Build Coastguard Worker 355*8617a60dSAndroid Build Coastguard Worker #define EXPECTED_VB2_SIGNATURE_SIZE 24 356*8617a60dSAndroid Build Coastguard Worker 357*8617a60dSAndroid Build Coastguard Worker /****************************************************************************/ 358*8617a60dSAndroid Build Coastguard Worker 359*8617a60dSAndroid Build Coastguard Worker #define VB2_KEYBLOCK_MAGIC "CHROMEOS" 360*8617a60dSAndroid Build Coastguard Worker #define VB2_KEYBLOCK_MAGIC_SIZE 8 361*8617a60dSAndroid Build Coastguard Worker 362*8617a60dSAndroid Build Coastguard Worker #define VB2_KEYBLOCK_VERSION_MAJOR 2 363*8617a60dSAndroid Build Coastguard Worker #define VB2_KEYBLOCK_VERSION_MINOR 1 364*8617a60dSAndroid Build Coastguard Worker 365*8617a60dSAndroid Build Coastguard Worker /* 366*8617a60dSAndroid Build Coastguard Worker * Keyblock flags. 367*8617a60dSAndroid Build Coastguard Worker * 368*8617a60dSAndroid Build Coastguard Worker * The following flags set where the key is valid. Not used by firmware 369*8617a60dSAndroid Build Coastguard Worker * verification; only kernel verification. 370*8617a60dSAndroid Build Coastguard Worker */ 371*8617a60dSAndroid Build Coastguard Worker #define VB2_KEYBLOCK_FLAG_DEVELOPER_0 0x1 /* Developer switch off */ 372*8617a60dSAndroid Build Coastguard Worker #define VB2_KEYBLOCK_FLAG_DEVELOPER_1 0x2 /* Developer switch on */ 373*8617a60dSAndroid Build Coastguard Worker #define VB2_KEYBLOCK_FLAG_RECOVERY_0 0x4 /* Not recovery mode */ 374*8617a60dSAndroid Build Coastguard Worker #define VB2_KEYBLOCK_FLAG_RECOVERY_1 0x8 /* Recovery mode */ 375*8617a60dSAndroid Build Coastguard Worker #define VB2_KEYBLOCK_FLAG_MINIOS_0 0x10 /* Not miniOS boot */ 376*8617a60dSAndroid Build Coastguard Worker #define VB2_KEYBLOCK_FLAG_MINIOS_1 0x20 /* miniOS boot */ 377*8617a60dSAndroid Build Coastguard Worker 378*8617a60dSAndroid Build Coastguard Worker /* 379*8617a60dSAndroid Build Coastguard Worker * Keyblock, containing the public key used to sign some other chunk of data. 380*8617a60dSAndroid Build Coastguard Worker * 381*8617a60dSAndroid Build Coastguard Worker * This should be followed by: 382*8617a60dSAndroid Build Coastguard Worker * 1) The data_key key data, pointed to by data_key.key_offset. 383*8617a60dSAndroid Build Coastguard Worker * 2) The checksum data for (vb2_keyblock + data_key data), pointed to 384*8617a60dSAndroid Build Coastguard Worker * by keyblock_checksum.sig_offset. 385*8617a60dSAndroid Build Coastguard Worker * 3) The signature data for (vb2_keyblock + data_key data), pointed to 386*8617a60dSAndroid Build Coastguard Worker * by keyblock_signature.sig_offset. 387*8617a60dSAndroid Build Coastguard Worker */ 388*8617a60dSAndroid Build Coastguard Worker struct vb2_keyblock { 389*8617a60dSAndroid Build Coastguard Worker /* Magic number */ 390*8617a60dSAndroid Build Coastguard Worker uint8_t magic[VB2_KEYBLOCK_MAGIC_SIZE]; 391*8617a60dSAndroid Build Coastguard Worker 392*8617a60dSAndroid Build Coastguard Worker /* Version of this header format */ 393*8617a60dSAndroid Build Coastguard Worker uint32_t header_version_major; 394*8617a60dSAndroid Build Coastguard Worker uint32_t header_version_minor; 395*8617a60dSAndroid Build Coastguard Worker 396*8617a60dSAndroid Build Coastguard Worker /* 397*8617a60dSAndroid Build Coastguard Worker * Length of this entire keyblock, including keys, signatures, and 398*8617a60dSAndroid Build Coastguard Worker * padding, in bytes 399*8617a60dSAndroid Build Coastguard Worker */ 400*8617a60dSAndroid Build Coastguard Worker uint32_t keyblock_size; 401*8617a60dSAndroid Build Coastguard Worker uint32_t reserved0; 402*8617a60dSAndroid Build Coastguard Worker 403*8617a60dSAndroid Build Coastguard Worker /* 404*8617a60dSAndroid Build Coastguard Worker * Signature for this keyblock (header + data pointed to by data_key) 405*8617a60dSAndroid Build Coastguard Worker * For use with signed data keys 406*8617a60dSAndroid Build Coastguard Worker */ 407*8617a60dSAndroid Build Coastguard Worker struct vb2_signature keyblock_signature; 408*8617a60dSAndroid Build Coastguard Worker 409*8617a60dSAndroid Build Coastguard Worker /* 410*8617a60dSAndroid Build Coastguard Worker * SHA-512 hash for this keyblock (header + data pointed to by 411*8617a60dSAndroid Build Coastguard Worker * data_key) For use with unsigned data keys. 412*8617a60dSAndroid Build Coastguard Worker * 413*8617a60dSAndroid Build Coastguard Worker * Only supported for kernel keyblocks, not firmware keyblocks. 414*8617a60dSAndroid Build Coastguard Worker */ 415*8617a60dSAndroid Build Coastguard Worker struct vb2_signature keyblock_hash; 416*8617a60dSAndroid Build Coastguard Worker 417*8617a60dSAndroid Build Coastguard Worker /* Flags for key (VB2_KEYBLOCK_FLAG_*) */ 418*8617a60dSAndroid Build Coastguard Worker uint32_t keyblock_flags; 419*8617a60dSAndroid Build Coastguard Worker uint32_t reserved1; 420*8617a60dSAndroid Build Coastguard Worker 421*8617a60dSAndroid Build Coastguard Worker /* Key to verify the chunk of data */ 422*8617a60dSAndroid Build Coastguard Worker struct vb2_packed_key data_key; 423*8617a60dSAndroid Build Coastguard Worker } __attribute__((packed)); 424*8617a60dSAndroid Build Coastguard Worker 425*8617a60dSAndroid Build Coastguard Worker #define EXPECTED_VB2_KEYBLOCK_SIZE 112 426*8617a60dSAndroid Build Coastguard Worker 427*8617a60dSAndroid Build Coastguard Worker /****************************************************************************/ 428*8617a60dSAndroid Build Coastguard Worker 429*8617a60dSAndroid Build Coastguard Worker /* 430*8617a60dSAndroid Build Coastguard Worker * Rollback protection currently uses a 32-bit value comprised of the bottom 16 431*8617a60dSAndroid Build Coastguard Worker * bits of the (firmware or kernel) preamble version and the bottom 16 bits of 432*8617a60dSAndroid Build Coastguard Worker * the key version. So each of those versions is effectively limited to 16 433*8617a60dSAndroid Build Coastguard Worker * bits even though they get stored in 32-bit fields. 434*8617a60dSAndroid Build Coastguard Worker */ 435*8617a60dSAndroid Build Coastguard Worker #define VB2_MAX_KEY_VERSION 0xffff 436*8617a60dSAndroid Build Coastguard Worker #define VB2_MAX_PREAMBLE_VERSION 0xffff 437*8617a60dSAndroid Build Coastguard Worker 438*8617a60dSAndroid Build Coastguard Worker /****************************************************************************/ 439*8617a60dSAndroid Build Coastguard Worker 440*8617a60dSAndroid Build Coastguard Worker /* Firmware preamble header */ 441*8617a60dSAndroid Build Coastguard Worker #define VB2_FIRMWARE_PREAMBLE_HEADER_VERSION_MAJOR 2 442*8617a60dSAndroid Build Coastguard Worker #define VB2_FIRMWARE_PREAMBLE_HEADER_VERSION_MINOR 1 443*8617a60dSAndroid Build Coastguard Worker 444*8617a60dSAndroid Build Coastguard Worker /* Flags for vb2_fw_preamble.flags */ 445*8617a60dSAndroid Build Coastguard Worker /* Use RO-normal firmware (deprecated; do not use) */ 446*8617a60dSAndroid Build Coastguard Worker #define VB2_FIRMWARE_PREAMBLE_USE_RO_NORMAL 0x00000001 447*8617a60dSAndroid Build Coastguard Worker /* Do not allow use of any hardware crypto accelerators. 448*8617a60dSAndroid Build Coastguard Worker * (deprecated; use VB2_SECDATA_KERNEL_FLAG_HWCRYPTO_ALLOWED instead) 449*8617a60dSAndroid Build Coastguard Worker */ 450*8617a60dSAndroid Build Coastguard Worker #define VB2_FIRMWARE_PREAMBLE_DISALLOW_HWCRYPTO 0x00000002 451*8617a60dSAndroid Build Coastguard Worker 452*8617a60dSAndroid Build Coastguard Worker /* Premable block for rewritable firmware, vboot1 version 2.1. 453*8617a60dSAndroid Build Coastguard Worker * 454*8617a60dSAndroid Build Coastguard Worker * The firmware preamble header should be followed by: 455*8617a60dSAndroid Build Coastguard Worker * 1) The kernel_subkey key data, pointed to by kernel_subkey.key_offset. 456*8617a60dSAndroid Build Coastguard Worker * 2) The signature data for the firmware body, pointed to by 457*8617a60dSAndroid Build Coastguard Worker * body_signature.sig_offset. 458*8617a60dSAndroid Build Coastguard Worker * 3) The signature data for (header + kernel_subkey data + body signature 459*8617a60dSAndroid Build Coastguard Worker * data), pointed to by preamble_signature.sig_offset. 460*8617a60dSAndroid Build Coastguard Worker */ 461*8617a60dSAndroid Build Coastguard Worker struct vb2_fw_preamble { 462*8617a60dSAndroid Build Coastguard Worker /* 463*8617a60dSAndroid Build Coastguard Worker * Size of this preamble, including keys, signatures, and padding, in 464*8617a60dSAndroid Build Coastguard Worker * bytes 465*8617a60dSAndroid Build Coastguard Worker */ 466*8617a60dSAndroid Build Coastguard Worker uint32_t preamble_size; 467*8617a60dSAndroid Build Coastguard Worker uint32_t reserved0; 468*8617a60dSAndroid Build Coastguard Worker 469*8617a60dSAndroid Build Coastguard Worker /* 470*8617a60dSAndroid Build Coastguard Worker * Signature for this preamble (header + kernel subkey + body 471*8617a60dSAndroid Build Coastguard Worker * signature) 472*8617a60dSAndroid Build Coastguard Worker */ 473*8617a60dSAndroid Build Coastguard Worker struct vb2_signature preamble_signature; 474*8617a60dSAndroid Build Coastguard Worker 475*8617a60dSAndroid Build Coastguard Worker /* Version of this header format */ 476*8617a60dSAndroid Build Coastguard Worker uint32_t header_version_major; 477*8617a60dSAndroid Build Coastguard Worker uint32_t header_version_minor; 478*8617a60dSAndroid Build Coastguard Worker 479*8617a60dSAndroid Build Coastguard Worker /* Firmware version */ 480*8617a60dSAndroid Build Coastguard Worker uint32_t firmware_version; 481*8617a60dSAndroid Build Coastguard Worker uint32_t reserved1; 482*8617a60dSAndroid Build Coastguard Worker 483*8617a60dSAndroid Build Coastguard Worker /* Key to verify kernel keyblock */ 484*8617a60dSAndroid Build Coastguard Worker struct vb2_packed_key kernel_subkey; 485*8617a60dSAndroid Build Coastguard Worker 486*8617a60dSAndroid Build Coastguard Worker /* Signature for the firmware body */ 487*8617a60dSAndroid Build Coastguard Worker struct vb2_signature body_signature; 488*8617a60dSAndroid Build Coastguard Worker 489*8617a60dSAndroid Build Coastguard Worker /* 490*8617a60dSAndroid Build Coastguard Worker * Fields added in header version 2.1. You must verify the header 491*8617a60dSAndroid Build Coastguard Worker * version before reading these fields! 492*8617a60dSAndroid Build Coastguard Worker */ 493*8617a60dSAndroid Build Coastguard Worker 494*8617a60dSAndroid Build Coastguard Worker /* 495*8617a60dSAndroid Build Coastguard Worker * Flags; see VB2_FIRMWARE_PREAMBLE_*. Readers should return 0 for 496*8617a60dSAndroid Build Coastguard Worker * header version < 2.1. 497*8617a60dSAndroid Build Coastguard Worker */ 498*8617a60dSAndroid Build Coastguard Worker uint32_t flags; 499*8617a60dSAndroid Build Coastguard Worker } __attribute__((packed)); 500*8617a60dSAndroid Build Coastguard Worker 501*8617a60dSAndroid Build Coastguard Worker #define EXPECTED_VB2_FW_PREAMBLE_SIZE 108 502*8617a60dSAndroid Build Coastguard Worker 503*8617a60dSAndroid Build Coastguard Worker _Static_assert(EXPECTED_VB2_FW_PREAMBLE_SIZE == sizeof(struct vb2_fw_preamble), 504*8617a60dSAndroid Build Coastguard Worker "EXPECTED_VB2_FW_PREAMBLE_SIZE incorrect"); 505*8617a60dSAndroid Build Coastguard Worker 506*8617a60dSAndroid Build Coastguard Worker /****************************************************************************/ 507*8617a60dSAndroid Build Coastguard Worker 508*8617a60dSAndroid Build Coastguard Worker /* Kernel preamble header */ 509*8617a60dSAndroid Build Coastguard Worker #define VB2_KERNEL_PREAMBLE_HEADER_VERSION_MAJOR 2 510*8617a60dSAndroid Build Coastguard Worker #define VB2_KERNEL_PREAMBLE_HEADER_VERSION_MINOR 2 511*8617a60dSAndroid Build Coastguard Worker 512*8617a60dSAndroid Build Coastguard Worker /* Flags for vb2_kernel_preamble.flags */ 513*8617a60dSAndroid Build Coastguard Worker /* Kernel image type = bits 1:0 */ 514*8617a60dSAndroid Build Coastguard Worker #define VB2_KERNEL_PREAMBLE_KERNEL_TYPE_MASK 0x00000003 515*8617a60dSAndroid Build Coastguard Worker #define VB2_KERNEL_PREAMBLE_KERNEL_TYPE_CROS 0 516*8617a60dSAndroid Build Coastguard Worker #define VB2_KERNEL_PREAMBLE_KERNEL_TYPE_BOOTIMG 1 517*8617a60dSAndroid Build Coastguard Worker #define VB2_KERNEL_PREAMBLE_KERNEL_TYPE_MULTIBOOT 2 518*8617a60dSAndroid Build Coastguard Worker /* Kernel type 3 is reserved for future use */ 519*8617a60dSAndroid Build Coastguard Worker 520*8617a60dSAndroid Build Coastguard Worker /* 521*8617a60dSAndroid Build Coastguard Worker * Preamble block for kernel, version 2.2 522*8617a60dSAndroid Build Coastguard Worker * 523*8617a60dSAndroid Build Coastguard Worker * This should be followed by: 524*8617a60dSAndroid Build Coastguard Worker * 1) The signature data for the kernel body, pointed to by 525*8617a60dSAndroid Build Coastguard Worker * body_signature.sig_offset. 526*8617a60dSAndroid Build Coastguard Worker * 2) The signature data for (vb2_kernel_preamble + body signature data), 527*8617a60dSAndroid Build Coastguard Worker * pointed to by preamble_signature.sig_offset. 528*8617a60dSAndroid Build Coastguard Worker * 3) The 16-bit vmlinuz header, which is used for reconstruction of 529*8617a60dSAndroid Build Coastguard Worker * vmlinuz image. 530*8617a60dSAndroid Build Coastguard Worker */ 531*8617a60dSAndroid Build Coastguard Worker struct vb2_kernel_preamble { 532*8617a60dSAndroid Build Coastguard Worker /* 533*8617a60dSAndroid Build Coastguard Worker * Size of this preamble, including keys, signatures, vmlinuz header, 534*8617a60dSAndroid Build Coastguard Worker * and padding, in bytes 535*8617a60dSAndroid Build Coastguard Worker */ 536*8617a60dSAndroid Build Coastguard Worker uint32_t preamble_size; 537*8617a60dSAndroid Build Coastguard Worker uint32_t reserved0; 538*8617a60dSAndroid Build Coastguard Worker 539*8617a60dSAndroid Build Coastguard Worker /* Signature for this preamble (header + body signature) */ 540*8617a60dSAndroid Build Coastguard Worker struct vb2_signature preamble_signature; 541*8617a60dSAndroid Build Coastguard Worker 542*8617a60dSAndroid Build Coastguard Worker /* Version of this header format */ 543*8617a60dSAndroid Build Coastguard Worker uint32_t header_version_major; 544*8617a60dSAndroid Build Coastguard Worker uint32_t header_version_minor; 545*8617a60dSAndroid Build Coastguard Worker 546*8617a60dSAndroid Build Coastguard Worker /* Kernel version */ 547*8617a60dSAndroid Build Coastguard Worker uint32_t kernel_version; 548*8617a60dSAndroid Build Coastguard Worker uint32_t reserved1; 549*8617a60dSAndroid Build Coastguard Worker 550*8617a60dSAndroid Build Coastguard Worker /* Load address for kernel body */ 551*8617a60dSAndroid Build Coastguard Worker uint64_t body_load_address; 552*8617a60dSAndroid Build Coastguard Worker /* TODO (vboot 2.1): we never used that */ 553*8617a60dSAndroid Build Coastguard Worker 554*8617a60dSAndroid Build Coastguard Worker /* Address of bootloader, after body is loaded at body_load_address */ 555*8617a60dSAndroid Build Coastguard Worker uint64_t bootloader_address; 556*8617a60dSAndroid Build Coastguard Worker /* TODO (vboot 2.1): should be a 32-bit offset */ 557*8617a60dSAndroid Build Coastguard Worker 558*8617a60dSAndroid Build Coastguard Worker /* Size of bootloader in bytes */ 559*8617a60dSAndroid Build Coastguard Worker uint32_t bootloader_size; 560*8617a60dSAndroid Build Coastguard Worker uint32_t reserved2; 561*8617a60dSAndroid Build Coastguard Worker 562*8617a60dSAndroid Build Coastguard Worker /* Signature for the kernel body */ 563*8617a60dSAndroid Build Coastguard Worker struct vb2_signature body_signature; 564*8617a60dSAndroid Build Coastguard Worker 565*8617a60dSAndroid Build Coastguard Worker /* 566*8617a60dSAndroid Build Coastguard Worker * TODO (vboot 2.1): fields for kernel offset and size. Right now the 567*8617a60dSAndroid Build Coastguard Worker * size is implicitly the same as the size of data signed by the body 568*8617a60dSAndroid Build Coastguard Worker * signature, and the offset is implicitly at the end of the preamble. 569*8617a60dSAndroid Build Coastguard Worker * But that forces us to pad the preamble to 64KB rather than just 570*8617a60dSAndroid Build Coastguard Worker * having a tiny preamble and an offset field. 571*8617a60dSAndroid Build Coastguard Worker */ 572*8617a60dSAndroid Build Coastguard Worker 573*8617a60dSAndroid Build Coastguard Worker /* 574*8617a60dSAndroid Build Coastguard Worker * Fields added in header version 2.1. You must verify the header 575*8617a60dSAndroid Build Coastguard Worker * version before reading these fields! 576*8617a60dSAndroid Build Coastguard Worker */ 577*8617a60dSAndroid Build Coastguard Worker 578*8617a60dSAndroid Build Coastguard Worker /* 579*8617a60dSAndroid Build Coastguard Worker * Address of 16-bit header for vmlinuz reassembly. Readers should 580*8617a60dSAndroid Build Coastguard Worker * return 0 for header version < 2.1. 581*8617a60dSAndroid Build Coastguard Worker */ 582*8617a60dSAndroid Build Coastguard Worker uint64_t vmlinuz_header_address; 583*8617a60dSAndroid Build Coastguard Worker 584*8617a60dSAndroid Build Coastguard Worker /* Size of 16-bit header for vmlinuz in bytes. Readers should return 0 585*8617a60dSAndroid Build Coastguard Worker for header version < 2.1 */ 586*8617a60dSAndroid Build Coastguard Worker uint32_t vmlinuz_header_size; 587*8617a60dSAndroid Build Coastguard Worker uint32_t reserved3; 588*8617a60dSAndroid Build Coastguard Worker 589*8617a60dSAndroid Build Coastguard Worker /* 590*8617a60dSAndroid Build Coastguard Worker * Fields added in header version 2.2. You must verify the header 591*8617a60dSAndroid Build Coastguard Worker * version before reading these fields! 592*8617a60dSAndroid Build Coastguard Worker */ 593*8617a60dSAndroid Build Coastguard Worker 594*8617a60dSAndroid Build Coastguard Worker /* 595*8617a60dSAndroid Build Coastguard Worker * Flags; see VB2_KERNEL_PREAMBLE_*. Readers should return 0 for 596*8617a60dSAndroid Build Coastguard Worker * header version < 2.2. Flags field is currently defined as: 597*8617a60dSAndroid Build Coastguard Worker * [31:2] - Reserved (for future use) 598*8617a60dSAndroid Build Coastguard Worker * [1:0] - Kernel image type (0b00 - CrOS, 599*8617a60dSAndroid Build Coastguard Worker * 0b01 - bootimg, 600*8617a60dSAndroid Build Coastguard Worker * 0b10 - multiboot) 601*8617a60dSAndroid Build Coastguard Worker */ 602*8617a60dSAndroid Build Coastguard Worker uint32_t flags; 603*8617a60dSAndroid Build Coastguard Worker } __attribute__((packed)); 604*8617a60dSAndroid Build Coastguard Worker 605*8617a60dSAndroid Build Coastguard Worker #define EXPECTED_VB2_KERNEL_PREAMBLE_2_0_SIZE 96 606*8617a60dSAndroid Build Coastguard Worker #define EXPECTED_VB2_KERNEL_PREAMBLE_2_1_SIZE 112 607*8617a60dSAndroid Build Coastguard Worker #define EXPECTED_VB2_KERNEL_PREAMBLE_2_2_SIZE 116 608*8617a60dSAndroid Build Coastguard Worker 609*8617a60dSAndroid Build Coastguard Worker _Static_assert(EXPECTED_VB2_KERNEL_PREAMBLE_2_0_SIZE 610*8617a60dSAndroid Build Coastguard Worker == offsetof(struct vb2_kernel_preamble, vmlinuz_header_address), 611*8617a60dSAndroid Build Coastguard Worker "EXPECTED_VB2_KERNEL_PREAMBLE_2_0_SIZE incorrect"); 612*8617a60dSAndroid Build Coastguard Worker 613*8617a60dSAndroid Build Coastguard Worker _Static_assert(EXPECTED_VB2_KERNEL_PREAMBLE_2_1_SIZE 614*8617a60dSAndroid Build Coastguard Worker == offsetof(struct vb2_kernel_preamble, flags), 615*8617a60dSAndroid Build Coastguard Worker "EXPECTED_VB2_KERNEL_PREAMBLE_2_1_SIZE incorrect"); 616*8617a60dSAndroid Build Coastguard Worker 617*8617a60dSAndroid Build Coastguard Worker _Static_assert(EXPECTED_VB2_KERNEL_PREAMBLE_2_2_SIZE 618*8617a60dSAndroid Build Coastguard Worker == sizeof(struct vb2_kernel_preamble), 619*8617a60dSAndroid Build Coastguard Worker "EXPECTED_VB2_KERNEL_PREAMBLE_2_2_SIZE incorrect"); 620*8617a60dSAndroid Build Coastguard Worker 621*8617a60dSAndroid Build Coastguard Worker #endif /* VBOOT_REFERENCE_2STRUCT_H_ */ 622