1 /* 2 * Copyright (C) 2016 The Android Open Source Project 3 * 4 * Permission is hereby granted, free of charge, to any person 5 * obtaining a copy of this software and associated documentation 6 * files (the "Software"), to deal in the Software without 7 * restriction, including without limitation the rights to use, copy, 8 * modify, merge, publish, distribute, sublicense, and/or sell copies 9 * of the Software, and to permit persons to whom the Software is 10 * furnished to do so, subject to the following conditions: 11 * 12 * The above copyright notice and this permission notice shall be 13 * included in all copies or substantial portions of the Software. 14 * 15 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, 16 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF 17 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND 18 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS 19 * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN 20 * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 21 * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 22 * SOFTWARE. 23 */ 24 25 #ifndef AVB_OPS_USER_H_ 26 #define AVB_OPS_USER_H_ 27 28 #include <android_avb/libavb.h> 29 #include <android_avb/avb_ab_flow.h> 30 31 #define PERM_ATTR_DIGEST_SIZE 32 32 #define PERM_ATTR_TOTAL_SIZE 1084 33 #define VBOOT_KEY_HASH_SIZE 32 34 35 /* Allocates an AvbOps instance suitable for use in Android userspace 36 * on the device. Returns NULL on OOM. 37 * 38 * The returned AvbOps has the following characteristics: 39 * 40 * - The read_from_partition(), write_to_partition(), and 41 * get_size_of_partition() operations are implemented, however for 42 * these operations to work the fstab file on the device must have a 43 * /misc entry using a by-name device file scheme and the containing 44 * by-name/ subdirectory must have files for other partitions. 45 * 46 * - The remaining operations are implemented and never fails and 47 * return the following values: 48 * - validate_vbmeta_public_key(): always returns |true|. 49 * - read_rollback_index(): returns 0 for any roolback index. 50 * - write_rollback_index(): no-op. 51 * - read_is_device_unlocked(): always returns |true|. 52 * - get_unique_guid_for_partition(): always returns the empty string. 53 * 54 * - The |ab_ops| member will point to a valid AvbABOps instance 55 * implemented via libavb_ab/. This should only be used if the AVB 56 * A/B stack is used on the device. This is what is used in 57 * bootctrl.avb boot control implementation. 58 * 59 * Free with avb_ops_user_free(). 60 */ 61 AvbOps* avb_ops_user_new(void); 62 63 /* Frees an AvbOps instance previously allocated with avb_ops_device_new(). */ 64 void avb_ops_user_free(AvbOps* ops); 65 66 /** 67 * Provided to fastboot to read how many slot in this system. 68 * 69 * @param slot_count We use parameter slot_count to obtain 70 * how many slots in the system. 71 * 72 * @return 0 if the command succeeded, -1 if it failed 73 */ 74 int avb_read_slot_count(char *slot_count); 75 76 /** 77 * The android things supply many slots, their name like '_a', '_b'. 78 * We can use this function to read current slot is '_a' or '_b'. 79 * 80 * @slot_suffixes read value '_a' or '_b'. 81 * 82 * @return 0 if the command succeeded, -1 if it failed 83 */ 84 int avb_read_slot_suffixes(char *slot_suffixes); 85 86 /** 87 * Use this function to set which slot boot first. 88 * 89 * @param slot_number set '0' or '1' 90 * 91 * @return 0 if the command succeeded, -1 if it failed 92 */ 93 int avb_set_slot_active(unsigned int *slot_number); 94 95 /** 96 * Get current slot: '_a' or '_b'. 97 * 98 * @param select_slot obtain current slot. 99 * 100 * @return 0 if the command succeeded, -1 if it failed 101 */ 102 int avb_get_current_slot(char *select_slot); 103 104 /** 105 * The android things defines permanent attributes to 106 * store PSK_public, product id. We can use this function 107 * to read them. 108 * 109 * @param attributes PSK_public, product id.... 110 * 111 * @param size The size of attributes. 112 * 113 * @return 0 if the command succeeded, -1 if it failed 114 */ 115 int avb_read_permanent_attributes(uint8_t *attributes, uint32_t size); 116 117 /** 118 * The android things defines permanent attributes to 119 * store PSK_public, product id. We can use this function 120 * to write them. 121 * 122 * @param attributes PSK_public, product id.... 123 * 124 * @param size The size of attributes. 125 * 126 * @return 0 if the command succeeded, -1 if it failed 127 */ 128 int avb_write_permanent_attributes(uint8_t *attributes, uint32_t size); 129 130 /** 131 * The funtion can be use to read the device state to judge 132 * whether the device can be flash. 133 * 134 * @param flash_lock_state A flag indicate the device flash state. 135 * 136 * @return 0 if the command succeeded, -1 if it failed 137 */ 138 int avb_read_flash_lock_state(uint8_t *flash_lock_state); 139 140 /** 141 * The function is provided to write device flash state. 142 * 143 * @param flash_lock_state A flag indicate the device flash state. 144 * 145 * @return 0 if the command succeeded, -1 if it failed 146 */ 147 int avb_write_flash_lock_state(uint8_t flash_lock_state); 148 149 /** 150 * The android things use the flag of lock state to indicate 151 * whether the device can be booted when verified error. 152 * 153 * @param lock_state A flag indicate the device lock state. 154 * 155 * @return 0 if the command succeeded, -1 if it failed 156 */ 157 int avb_read_lock_state(uint8_t *lock_state); 158 159 /** 160 * The android things use the flag of lock state to indicate 161 * whether the device can be booted when verified error. 162 * 163 * @param lock_state A flag indicate the device lock state. 164 * 165 * @return 0 if the command succeeded, -1 if it failed 166 */ 167 int avb_write_lock_state(uint8_t lock_state); 168 169 /** 170 * The android things uses fastboot to flash the permanent attributes. 171 * And if them were written, there must have a flag to indicate. 172 * 173 * @param flag indicate the permanent attributes have been written 174 * or not. 175 * 176 * @return 0 if the command succeeded, -1 if it failed 177 */ 178 int avb_read_perm_attr_flag(uint8_t *flag); 179 180 /** 181 * The android things uses fastboot to flash the permanent attributes. 182 * And if them were written, there must have a flag to indicate. 183 * 184 * @param flag We can call this function to write the flag '1' 185 * to indicate the permanent attributes has been 186 * written. 187 * 188 * @return 0 if the command succeeded, -1 if it failed 189 */ 190 int avb_write_perm_attr_flag(uint8_t flag); 191 192 /** 193 * The android things require the soc-v key hash to be flashed 194 * using the fastboot. So the function can be used in fastboot 195 * to flash the key hash. 196 * 197 * @param buf The vboot key hash data. 198 * 199 * @param length The length of key hash. 200 * 201 * @return 0 if the command succeeded, -1 if it failed 202 */ 203 int avb_read_vbootkey_hash(uint8_t *buf, uint8_t length); 204 205 /** 206 * The android things require the soc-v key hash to be flashed 207 * using the fastboot. So the function can be used in fastboot 208 * to flash the key hash. 209 * 210 * @param buf The vboot key hash data. 211 * 212 * @param length The length of key hash. 213 * 214 * @return 0 if the command succeeded, -1 if it failed 215 */ 216 int avb_write_vbootkey_hash(uint8_t *buf, uint8_t length); 217 218 /** 219 * U-boot close the optee client when start kernel 220 * to prevent the optee client being invoking by other 221 * program. 222 * 223 * @return 0 if the command succeeded, -1 if it failed 224 */ 225 int avb_close_optee_client(void); 226 227 /** 228 * Write the permanent attributes hash. 229 * 230 * @param buf The permanent attributes hash data. 231 * 232 * @param length The length of permanent attributes hash. 233 * 234 * @return 0 if the command succeeded, -1 if it failed 235 */ 236 int avb_write_attribute_hash(uint8_t *buf, uint8_t length); 237 238 #endif 239