1*4882a593Smuzhiyun /* 2*4882a593Smuzhiyun * (C) Copyright 2017 Rockchip Electronics Co., Ltd 3*4882a593Smuzhiyun * 4*4882a593Smuzhiyun * SPDX-License-Identifier: GPL-2.0+ 5*4882a593Smuzhiyun */ 6*4882a593Smuzhiyun 7*4882a593Smuzhiyun #ifndef RK_AVB_OPS_USER_H_ 8*4882a593Smuzhiyun #define RK_AVB_OPS_USER_H_ 9*4882a593Smuzhiyun 10*4882a593Smuzhiyun #include <android_avb/avb_ops_user.h> 11*4882a593Smuzhiyun #include <android_avb/libavb_ab.h> 12*4882a593Smuzhiyun 13*4882a593Smuzhiyun #ifdef __cplusplus 14*4882a593Smuzhiyun extern "C" { 15*4882a593Smuzhiyun #endif 16*4882a593Smuzhiyun 17*4882a593Smuzhiyun /* rk used */ 18*4882a593Smuzhiyun #define PERM_ATTR_DIGEST_SIZE 32 19*4882a593Smuzhiyun #define PERM_ATTR_TOTAL_SIZE 1052 20*4882a593Smuzhiyun #define VBOOT_KEY_HASH_SIZE 32 21*4882a593Smuzhiyun #define ANDROID_VBOOT_LOCK 0 22*4882a593Smuzhiyun #define ANDROID_VBOOT_UNLOCK 1 23*4882a593Smuzhiyun #define SLOT_NUM 2 24*4882a593Smuzhiyun #define CURR_SYSTEM_SLOT_SUFFIX "ab" 25*4882a593Smuzhiyun #define VBMETA_MAX_SIZE 65536 26*4882a593Smuzhiyun #define ROLLBACK_MAX_SIZE 20 27*4882a593Smuzhiyun #define LOCK_MASK (1 << 0) 28*4882a593Smuzhiyun #define UNLOCK_DISABLE_MASK (1 << 1) 29*4882a593Smuzhiyun #define VBOOT_STATE_SIZE 1000 30*4882a593Smuzhiyun #define PERM_ATTR_SUCCESS_FLAG 1 31*4882a593Smuzhiyun /* soc-v use the rsa2048 */ 32*4882a593Smuzhiyun #define VBOOT_KEY_SIZE 256 33*4882a593Smuzhiyun #define RPMB_BASE_ADDR (64*1024/256) 34*4882a593Smuzhiyun #define UBOOT_RB_INDEX_OFFSET 24 35*4882a593Smuzhiyun #define TRUST_RB_INDEX_OFFSET 28 36*4882a593Smuzhiyun #define ROCHCHIP_RSA_PARAMETER_SIZE 64 37*4882a593Smuzhiyun 38*4882a593Smuzhiyun struct rk_pub_key { 39*4882a593Smuzhiyun u_int32_t rsa_n[ROCHCHIP_RSA_PARAMETER_SIZE]; 40*4882a593Smuzhiyun u_int32_t rsa_e[ROCHCHIP_RSA_PARAMETER_SIZE]; 41*4882a593Smuzhiyun u_int32_t rsa_c[ROCHCHIP_RSA_PARAMETER_SIZE]; 42*4882a593Smuzhiyun }; 43*4882a593Smuzhiyun 44*4882a593Smuzhiyun /** 45*4882a593Smuzhiyun * Provided to fastboot to read how many slot in this system. 46*4882a593Smuzhiyun * 47*4882a593Smuzhiyun * @param slot_count We use parameter slot_count to obtain 48*4882a593Smuzhiyun * how many slots in the system. 49*4882a593Smuzhiyun * 50*4882a593Smuzhiyun * @return 0 if the command succeeded, -1 if it failed 51*4882a593Smuzhiyun */ 52*4882a593Smuzhiyun int rk_avb_read_slot_count(char *slot_count); 53*4882a593Smuzhiyun 54*4882a593Smuzhiyun /** 55*4882a593Smuzhiyun * The android things supply many slots, their name like '_a', '_b'. 56*4882a593Smuzhiyun * We can use this function to read current slot is '_a' or '_b'. 57*4882a593Smuzhiyun * 58*4882a593Smuzhiyun * @slot_suffixes read value '_a' or '_b'. 59*4882a593Smuzhiyun * 60*4882a593Smuzhiyun * @return 0 if the command succeeded, -1 if it failed 61*4882a593Smuzhiyun */ 62*4882a593Smuzhiyun int rk_avb_read_slot_suffixes(char *slot_suffixes); 63*4882a593Smuzhiyun 64*4882a593Smuzhiyun /** 65*4882a593Smuzhiyun * Use this function to set which slot boot first. 66*4882a593Smuzhiyun * 67*4882a593Smuzhiyun * @param slot_number set '0' or '1' 68*4882a593Smuzhiyun * 69*4882a593Smuzhiyun * @return 0 if the command succeeded, -1 if it failed 70*4882a593Smuzhiyun */ 71*4882a593Smuzhiyun int rk_avb_set_slot_active(unsigned int *slot_number); 72*4882a593Smuzhiyun 73*4882a593Smuzhiyun /** 74*4882a593Smuzhiyun * Get current slot: '_a' or '_b'. 75*4882a593Smuzhiyun * 76*4882a593Smuzhiyun * @param select_slot obtain current slot. 77*4882a593Smuzhiyun * 78*4882a593Smuzhiyun * @return 0 if the command succeeded, -1 if it failed 79*4882a593Smuzhiyun */ 80*4882a593Smuzhiyun int rk_avb_get_current_slot(char *select_slot); 81*4882a593Smuzhiyun 82*4882a593Smuzhiyun /** 83*4882a593Smuzhiyun * Append current slot to given partition name 84*4882a593Smuzhiyun * 85*4882a593Smuzhiyun * @param part_name partition name 86*4882a593Smuzhiyun * @param slot given slot suffix, auto append current slot if NULL 87*4882a593Smuzhiyun * @param new_name partition name with slot suffix appended 88*4882a593Smuzhiyun * 89*4882a593Smuzhiyun * @return 0 if the command succeeded, -1 if it failed 90*4882a593Smuzhiyun */ 91*4882a593Smuzhiyun int rk_avb_append_part_slot(const char *part_name, char *new_name); 92*4882a593Smuzhiyun 93*4882a593Smuzhiyun /** 94*4882a593Smuzhiyun * The android things defines permanent attributes to 95*4882a593Smuzhiyun * store PSK_public, product id. We can use this function 96*4882a593Smuzhiyun * to read them. 97*4882a593Smuzhiyun * 98*4882a593Smuzhiyun * @param attributes PSK_public, product id.... 99*4882a593Smuzhiyun * 100*4882a593Smuzhiyun * @param size The size of attributes. 101*4882a593Smuzhiyun * 102*4882a593Smuzhiyun * @return 0 if the command succeeded, -1 if it failed 103*4882a593Smuzhiyun */ 104*4882a593Smuzhiyun int rk_avb_read_permanent_attributes(uint8_t *attributes, uint32_t size); 105*4882a593Smuzhiyun 106*4882a593Smuzhiyun /** 107*4882a593Smuzhiyun * The android things defines permanent attributes to 108*4882a593Smuzhiyun * store PSK_public, product id. We can use this function 109*4882a593Smuzhiyun * to write them. 110*4882a593Smuzhiyun * 111*4882a593Smuzhiyun * @param attributes PSK_public, product id.... 112*4882a593Smuzhiyun * 113*4882a593Smuzhiyun * @param size The size of attributes. 114*4882a593Smuzhiyun * 115*4882a593Smuzhiyun * @return 0 if the command succeeded, -1 if it failed 116*4882a593Smuzhiyun */ 117*4882a593Smuzhiyun int rk_avb_write_permanent_attributes(uint8_t *attributes, uint32_t size); 118*4882a593Smuzhiyun 119*4882a593Smuzhiyun /** 120*4882a593Smuzhiyun * The funtion can be use to read the device state to judge 121*4882a593Smuzhiyun * whether the device can be flash. 122*4882a593Smuzhiyun * 123*4882a593Smuzhiyun * @param flash_lock_state A flag indicate the device flash state. 124*4882a593Smuzhiyun * 125*4882a593Smuzhiyun * @return 0 if the command succeeded, -1 if it failed 126*4882a593Smuzhiyun */ 127*4882a593Smuzhiyun int rk_avb_read_flash_lock_state(uint8_t *flash_lock_state); 128*4882a593Smuzhiyun 129*4882a593Smuzhiyun /** 130*4882a593Smuzhiyun * The function is provided to write device flash state. 131*4882a593Smuzhiyun * 132*4882a593Smuzhiyun * @param flash_lock_state A flag indicate the device flash state. 133*4882a593Smuzhiyun * 134*4882a593Smuzhiyun * @return 0 if the command succeeded, -1 if it failed 135*4882a593Smuzhiyun */ 136*4882a593Smuzhiyun int rk_avb_write_flash_lock_state(uint8_t flash_lock_state); 137*4882a593Smuzhiyun 138*4882a593Smuzhiyun /** 139*4882a593Smuzhiyun * The android things use the flag of lock state to indicate 140*4882a593Smuzhiyun * whether the device can be booted when verified error. 141*4882a593Smuzhiyun * 142*4882a593Smuzhiyun * @param lock_state A flag indicate the device lock state. 143*4882a593Smuzhiyun * 144*4882a593Smuzhiyun * @return 0 if the command succeeded, -1 if it failed 145*4882a593Smuzhiyun */ 146*4882a593Smuzhiyun int rk_avb_read_lock_state(uint8_t *lock_state); 147*4882a593Smuzhiyun 148*4882a593Smuzhiyun /** 149*4882a593Smuzhiyun * The android things use the flag of lock state to indicate 150*4882a593Smuzhiyun * whether the device can be booted when verified error. 151*4882a593Smuzhiyun * 152*4882a593Smuzhiyun * @param lock_state A flag indicate the device lock state. 153*4882a593Smuzhiyun * 154*4882a593Smuzhiyun * @return 0 if the command succeeded, -1 if it failed 155*4882a593Smuzhiyun */ 156*4882a593Smuzhiyun int rk_avb_write_lock_state(uint8_t lock_state); 157*4882a593Smuzhiyun 158*4882a593Smuzhiyun /** 159*4882a593Smuzhiyun * The android things uses fastboot to flash the permanent attributes. 160*4882a593Smuzhiyun * And if them were written, there must have a flag to indicate. 161*4882a593Smuzhiyun * 162*4882a593Smuzhiyun * @param flag indicate the permanent attributes have been written 163*4882a593Smuzhiyun * or not. 164*4882a593Smuzhiyun * 165*4882a593Smuzhiyun * @return 0 if the command succeeded, -1 if it failed 166*4882a593Smuzhiyun */ 167*4882a593Smuzhiyun int rk_avb_read_perm_attr_flag(uint8_t *flag); 168*4882a593Smuzhiyun 169*4882a593Smuzhiyun /** 170*4882a593Smuzhiyun * The android things uses fastboot to flash the permanent attributes. 171*4882a593Smuzhiyun * And if them were written, there must have a flag to indicate. 172*4882a593Smuzhiyun * 173*4882a593Smuzhiyun * @param flag We can call this function to write the flag '1' 174*4882a593Smuzhiyun * to indicate the permanent attributes has been 175*4882a593Smuzhiyun * written. 176*4882a593Smuzhiyun * 177*4882a593Smuzhiyun * @return 0 if the command succeeded, -1 if it failed 178*4882a593Smuzhiyun */ 179*4882a593Smuzhiyun int rk_avb_write_perm_attr_flag(uint8_t flag); 180*4882a593Smuzhiyun 181*4882a593Smuzhiyun /** 182*4882a593Smuzhiyun * The android things require the soc-v key hash to be flashed 183*4882a593Smuzhiyun * using the fastboot. So the function can be used in fastboot 184*4882a593Smuzhiyun * to flash the key hash. 185*4882a593Smuzhiyun * 186*4882a593Smuzhiyun * @param buf The vboot key hash data. 187*4882a593Smuzhiyun * 188*4882a593Smuzhiyun * @param length The length of key hash. 189*4882a593Smuzhiyun * 190*4882a593Smuzhiyun * @return 0 if the command succeeded, -1 if it failed 191*4882a593Smuzhiyun */ 192*4882a593Smuzhiyun int rk_avb_read_vbootkey_hash(uint8_t *buf, uint8_t length); 193*4882a593Smuzhiyun 194*4882a593Smuzhiyun /** 195*4882a593Smuzhiyun * The android things require the soc-v key hash to be flashed 196*4882a593Smuzhiyun * using the fastboot. So the function can be used in fastboot 197*4882a593Smuzhiyun * to flash the key hash. 198*4882a593Smuzhiyun * 199*4882a593Smuzhiyun * @param buf The vboot key hash data. 200*4882a593Smuzhiyun * 201*4882a593Smuzhiyun * @param length The length of key hash. 202*4882a593Smuzhiyun * 203*4882a593Smuzhiyun * @return 0 if the command succeeded, -1 if it failed 204*4882a593Smuzhiyun */ 205*4882a593Smuzhiyun int rk_avb_write_vbootkey_hash(uint8_t *buf, uint8_t length); 206*4882a593Smuzhiyun 207*4882a593Smuzhiyun /** 208*4882a593Smuzhiyun * U-boot close the optee client when start kernel 209*4882a593Smuzhiyun * to prevent the optee client being invoking by other 210*4882a593Smuzhiyun * program. 211*4882a593Smuzhiyun * 212*4882a593Smuzhiyun * @return 0 if the command succeeded, -1 if it failed 213*4882a593Smuzhiyun */ 214*4882a593Smuzhiyun int rk_avb_close_optee_client(void); 215*4882a593Smuzhiyun 216*4882a593Smuzhiyun /** 217*4882a593Smuzhiyun * read the permanent attributes hash. 218*4882a593Smuzhiyun * 219*4882a593Smuzhiyun * @param buf The permanent attributes hash data. 220*4882a593Smuzhiyun * 221*4882a593Smuzhiyun * @param length The length of permanent attributes hash. 222*4882a593Smuzhiyun * 223*4882a593Smuzhiyun * @return 0 if the command succeeded, -1 if it failed 224*4882a593Smuzhiyun */ 225*4882a593Smuzhiyun int rk_avb_read_attribute_hash(uint8_t *buf, uint8_t length); 226*4882a593Smuzhiyun 227*4882a593Smuzhiyun /** 228*4882a593Smuzhiyun * Write the permanent attributes hash. 229*4882a593Smuzhiyun * 230*4882a593Smuzhiyun * @param buf The permanent attributes hash data. 231*4882a593Smuzhiyun * 232*4882a593Smuzhiyun * @param length The length of permanent attributes hash. 233*4882a593Smuzhiyun * 234*4882a593Smuzhiyun * @return 0 if the command succeeded, -1 if it failed 235*4882a593Smuzhiyun */ 236*4882a593Smuzhiyun int rk_avb_write_attribute_hash(uint8_t *buf, uint8_t length); 237*4882a593Smuzhiyun 238*4882a593Smuzhiyun /** 239*4882a593Smuzhiyun * Get the avb vboot state 240*4882a593Smuzhiyun * 241*4882a593Smuzhiyun * @param buf store the vboot state. 242*4882a593Smuzhiyun * 243*4882a593Smuzhiyun * @return 0 if the command succeeded, -1 if it failed 244*4882a593Smuzhiyun */ 245*4882a593Smuzhiyun void rk_avb_get_at_vboot_state(char *buf); 246*4882a593Smuzhiyun 247*4882a593Smuzhiyun /** 248*4882a593Smuzhiyun * Get ab information from misc partition 249*4882a593Smuzhiyun * 250*4882a593Smuzhiyun * @param ab_data the struct of ab information 251*4882a593Smuzhiyun * 252*4882a593Smuzhiyun * @return 0 if the command succeeded, -1 if it failed 253*4882a593Smuzhiyun */ 254*4882a593Smuzhiyun int rk_avb_get_ab_info(AvbABData* ab_data); 255*4882a593Smuzhiyun 256*4882a593Smuzhiyun /** 257*4882a593Smuzhiyun * Get the information whether the partition has slot 258*4882a593Smuzhiyun * 259*4882a593Smuzhiyun * @param the partition name 260*4882a593Smuzhiyun * 261*4882a593Smuzhiyun * @return 0 if the partition has slot, -1 if not 262*4882a593Smuzhiyun */ 263*4882a593Smuzhiyun int rk_avb_get_part_has_slot_info(const char *base_name); 264*4882a593Smuzhiyun 265*4882a593Smuzhiyun AvbABFlowResult rk_avb_ab_slot_select(AvbABOps* ab_ops,char select_slot[]); 266*4882a593Smuzhiyun 267*4882a593Smuzhiyun /** 268*4882a593Smuzhiyun * authenticated unlock 269*4882a593Smuzhiyun * 270*4882a593Smuzhiyun * @param buffer: AvbAtxUnlockCredential 271*4882a593Smuzhiyun * 272*4882a593Smuzhiyun * @param out_is_trusted: true or false 273*4882a593Smuzhiyun * 274*4882a593Smuzhiyun * @return 0 if authenticated unlock OK, -1 if not 275*4882a593Smuzhiyun */ 276*4882a593Smuzhiyun int rk_auth_unlock(void *buffer, char *out_is_trusted); 277*4882a593Smuzhiyun 278*4882a593Smuzhiyun /** 279*4882a593Smuzhiyun * generate unlock challenge 280*4882a593Smuzhiyun * 281*4882a593Smuzhiyun * @param buffer: AvbAtxUnlockChallenge 282*4882a593Smuzhiyun * 283*4882a593Smuzhiyun * @param challenge_len: Challenge length 284*4882a593Smuzhiyun * 285*4882a593Smuzhiyun * @param out_is_trusted: true or false 286*4882a593Smuzhiyun * 287*4882a593Smuzhiyun * @return 0 if generate unlock challenge OK, -1 if not 288*4882a593Smuzhiyun */ 289*4882a593Smuzhiyun int rk_generate_unlock_challenge(void *buffer, uint32_t *challenge_len); 290*4882a593Smuzhiyun 291*4882a593Smuzhiyun /** 292*4882a593Smuzhiyun * Get last boot slot 293*4882a593Smuzhiyun * 294*4882a593Smuzhiyun * @return 0 is slot A; 1 is slot B; -1 is error 295*4882a593Smuzhiyun */ 296*4882a593Smuzhiyun int rk_get_lastboot(void); 297*4882a593Smuzhiyun 298*4882a593Smuzhiyun /** 299*4882a593Smuzhiyun * Get permanent attribute certificate 300*4882a593Smuzhiyun * 301*4882a593Smuzhiyun * @param cer: certificate data 302*4882a593Smuzhiyun * 303*4882a593Smuzhiyun * @param size: certificate size 304*4882a593Smuzhiyun */ 305*4882a593Smuzhiyun int rk_avb_get_perm_attr_cer(uint8_t *cer, uint32_t size); 306*4882a593Smuzhiyun 307*4882a593Smuzhiyun /** 308*4882a593Smuzhiyun * Set permanent attribute certificate 309*4882a593Smuzhiyun * 310*4882a593Smuzhiyun * @param cer: certificate data 311*4882a593Smuzhiyun * 312*4882a593Smuzhiyun * @param size: certificate size 313*4882a593Smuzhiyun */ 314*4882a593Smuzhiyun int rk_avb_set_perm_attr_cer(uint8_t *cer, uint32_t size); 315*4882a593Smuzhiyun 316*4882a593Smuzhiyun /** 317*4882a593Smuzhiyun * Get public key 318*4882a593Smuzhiyun * 319*4882a593Smuzhiyun * @param pub_key: public key data 320*4882a593Smuzhiyun */ 321*4882a593Smuzhiyun int rk_avb_get_pub_key(struct rk_pub_key *pub_key); 322*4882a593Smuzhiyun 323*4882a593Smuzhiyun /** 324*4882a593Smuzhiyun * init ab metadata 325*4882a593Smuzhiyun */ 326*4882a593Smuzhiyun int rk_avb_init_ab_metadata(void); 327*4882a593Smuzhiyun 328*4882a593Smuzhiyun /** 329*4882a593Smuzhiyun * rockchip avb commands 330*4882a593Smuzhiyun */ 331*4882a593Smuzhiyun int rk_avb_write_perm_attr(uint16_t id, void *pbuf, uint16_t size); 332*4882a593Smuzhiyun int rk_avb_read_perm_attr(uint16_t id, void *pbuf, uint16_t size); 333*4882a593Smuzhiyun 334*4882a593Smuzhiyun /** 335*4882a593Smuzhiyun * Do the device have boot slot 336*4882a593Smuzhiyun */ 337*4882a593Smuzhiyun bool rk_avb_ab_have_bootable_slot(void); 338*4882a593Smuzhiyun 339*4882a593Smuzhiyun /** 340*4882a593Smuzhiyun * update rollback index 341*4882a593Smuzhiyun */ 342*4882a593Smuzhiyun int rk_avb_update_stored_rollback_indexes_for_slot(AvbOps* ops, AvbSlotVerifyData* slot_data); 343*4882a593Smuzhiyun 344*4882a593Smuzhiyun #ifdef __cplusplus 345*4882a593Smuzhiyun } 346*4882a593Smuzhiyun #endif 347*4882a593Smuzhiyun 348*4882a593Smuzhiyun #endif /* RK_AVB_OPS_USER_H_ */ 349