137a7bc39SJason Zhu /* 237a7bc39SJason Zhu * (C) Copyright 2017 Rockchip Electronics Co., Ltd 337a7bc39SJason Zhu * 437a7bc39SJason Zhu * SPDX-License-Identifier: GPL-2.0+ 537a7bc39SJason Zhu */ 637a7bc39SJason Zhu 737a7bc39SJason Zhu #ifndef RK_AVB_OPS_USER_H_ 837a7bc39SJason Zhu #define RK_AVB_OPS_USER_H_ 937a7bc39SJason Zhu 1037a7bc39SJason Zhu #ifdef __cplusplus 1137a7bc39SJason Zhu extern "C" { 1237a7bc39SJason Zhu #endif 1337a7bc39SJason Zhu 1437a7bc39SJason Zhu /* rk used */ 1537a7bc39SJason Zhu #define PERM_ATTR_DIGEST_SIZE 32 1637a7bc39SJason Zhu #define PERM_ATTR_TOTAL_SIZE 1052 1737a7bc39SJason Zhu #define VBOOT_KEY_HASH_SIZE 32 1837a7bc39SJason Zhu #define ANDROID_VBOOT_LOCK 0 1937a7bc39SJason Zhu #define ANDROID_VBOOT_UNLOCK 1 2037a7bc39SJason Zhu #define SLOT_NUM 2 2137a7bc39SJason Zhu #define CURR_SYSTEM_SLOT_SUFFIX "ab" 2237a7bc39SJason Zhu #define VBMETA_MAX_SIZE 65536 2337a7bc39SJason Zhu #define ROLLBACK_MAX_SIZE 20 2437a7bc39SJason Zhu #define LOCK_MASK 0x1 2537a7bc39SJason Zhu #define UNLOCK_DISABLE_MASK 0x2 2637a7bc39SJason Zhu #define VBOOT_STATE_SIZE 300 2737a7bc39SJason Zhu #define PERM_ATTR_SUCCESS_FLAG 1 2837a7bc39SJason Zhu /* soc-v use the rsa2048 */ 2937a7bc39SJason Zhu #define VBOOT_KEY_SIZE 256 30*c3230cf0SJason Zhu #define RPMB_BASE_ADDR (64*1024/256) 31*c3230cf0SJason Zhu #define UBOOT_RB_INDEX_OFFSET 24 32*c3230cf0SJason Zhu #define TRUST_RB_INDEX_OFFSET 28 3337a7bc39SJason Zhu 3437a7bc39SJason Zhu /** 3537a7bc39SJason Zhu * Provided to fastboot to read how many slot in this system. 3637a7bc39SJason Zhu * 3737a7bc39SJason Zhu * @param slot_count We use parameter slot_count to obtain 3837a7bc39SJason Zhu * how many slots in the system. 3937a7bc39SJason Zhu * 4037a7bc39SJason Zhu * @return 0 if the command succeeded, -1 if it failed 4137a7bc39SJason Zhu */ 4237a7bc39SJason Zhu int rk_avb_read_slot_count(char *slot_count); 4337a7bc39SJason Zhu 4437a7bc39SJason Zhu /** 4537a7bc39SJason Zhu * The android things supply many slots, their name like '_a', '_b'. 4637a7bc39SJason Zhu * We can use this function to read current slot is '_a' or '_b'. 4737a7bc39SJason Zhu * 4837a7bc39SJason Zhu * @slot_suffixes read value '_a' or '_b'. 4937a7bc39SJason Zhu * 5037a7bc39SJason Zhu * @return 0 if the command succeeded, -1 if it failed 5137a7bc39SJason Zhu */ 5237a7bc39SJason Zhu int rk_avb_read_slot_suffixes(char *slot_suffixes); 5337a7bc39SJason Zhu 5437a7bc39SJason Zhu /** 5537a7bc39SJason Zhu * Use this function to set which slot boot first. 5637a7bc39SJason Zhu * 5737a7bc39SJason Zhu * @param slot_number set '0' or '1' 5837a7bc39SJason Zhu * 5937a7bc39SJason Zhu * @return 0 if the command succeeded, -1 if it failed 6037a7bc39SJason Zhu */ 6137a7bc39SJason Zhu int rk_avb_set_slot_active(unsigned int *slot_number); 6237a7bc39SJason Zhu 6337a7bc39SJason Zhu /** 6437a7bc39SJason Zhu * Get current slot: '_a' or '_b'. 6537a7bc39SJason Zhu * 6637a7bc39SJason Zhu * @param select_slot obtain current slot. 6737a7bc39SJason Zhu * 6837a7bc39SJason Zhu * @return 0 if the command succeeded, -1 if it failed 6937a7bc39SJason Zhu */ 7037a7bc39SJason Zhu int rk_avb_get_current_slot(char *select_slot); 7137a7bc39SJason Zhu 7237a7bc39SJason Zhu /** 7337a7bc39SJason Zhu * The android things defines permanent attributes to 7437a7bc39SJason Zhu * store PSK_public, product id. We can use this function 7537a7bc39SJason Zhu * to read them. 7637a7bc39SJason Zhu * 7737a7bc39SJason Zhu * @param attributes PSK_public, product id.... 7837a7bc39SJason Zhu * 7937a7bc39SJason Zhu * @param size The size of attributes. 8037a7bc39SJason Zhu * 8137a7bc39SJason Zhu * @return 0 if the command succeeded, -1 if it failed 8237a7bc39SJason Zhu */ 8337a7bc39SJason Zhu int rk_avb_read_permanent_attributes(uint8_t *attributes, uint32_t size); 8437a7bc39SJason Zhu 8537a7bc39SJason Zhu /** 8637a7bc39SJason Zhu * The android things defines permanent attributes to 8737a7bc39SJason Zhu * store PSK_public, product id. We can use this function 8837a7bc39SJason Zhu * to write them. 8937a7bc39SJason Zhu * 9037a7bc39SJason Zhu * @param attributes PSK_public, product id.... 9137a7bc39SJason Zhu * 9237a7bc39SJason Zhu * @param size The size of attributes. 9337a7bc39SJason Zhu * 9437a7bc39SJason Zhu * @return 0 if the command succeeded, -1 if it failed 9537a7bc39SJason Zhu */ 9637a7bc39SJason Zhu int rk_avb_write_permanent_attributes(uint8_t *attributes, uint32_t size); 9737a7bc39SJason Zhu 9837a7bc39SJason Zhu /** 9937a7bc39SJason Zhu * The funtion can be use to read the device state to judge 10037a7bc39SJason Zhu * whether the device can be flash. 10137a7bc39SJason Zhu * 10237a7bc39SJason Zhu * @param flash_lock_state A flag indicate the device flash state. 10337a7bc39SJason Zhu * 10437a7bc39SJason Zhu * @return 0 if the command succeeded, -1 if it failed 10537a7bc39SJason Zhu */ 10637a7bc39SJason Zhu int rk_avb_read_flash_lock_state(uint8_t *flash_lock_state); 10737a7bc39SJason Zhu 10837a7bc39SJason Zhu /** 10937a7bc39SJason Zhu * The function is provided to write device flash state. 11037a7bc39SJason Zhu * 11137a7bc39SJason Zhu * @param flash_lock_state A flag indicate the device flash state. 11237a7bc39SJason Zhu * 11337a7bc39SJason Zhu * @return 0 if the command succeeded, -1 if it failed 11437a7bc39SJason Zhu */ 11537a7bc39SJason Zhu int rk_avb_write_flash_lock_state(uint8_t flash_lock_state); 11637a7bc39SJason Zhu 11737a7bc39SJason Zhu /** 11837a7bc39SJason Zhu * The android things use the flag of lock state to indicate 11937a7bc39SJason Zhu * whether the device can be booted when verified error. 12037a7bc39SJason Zhu * 12137a7bc39SJason Zhu * @param lock_state A flag indicate the device lock state. 12237a7bc39SJason Zhu * 12337a7bc39SJason Zhu * @return 0 if the command succeeded, -1 if it failed 12437a7bc39SJason Zhu */ 12537a7bc39SJason Zhu int rk_avb_read_lock_state(uint8_t *lock_state); 12637a7bc39SJason Zhu 12737a7bc39SJason Zhu /** 12837a7bc39SJason Zhu * The android things use the flag of lock state to indicate 12937a7bc39SJason Zhu * whether the device can be booted when verified error. 13037a7bc39SJason Zhu * 13137a7bc39SJason Zhu * @param lock_state A flag indicate the device lock state. 13237a7bc39SJason Zhu * 13337a7bc39SJason Zhu * @return 0 if the command succeeded, -1 if it failed 13437a7bc39SJason Zhu */ 13537a7bc39SJason Zhu int rk_avb_write_lock_state(uint8_t lock_state); 13637a7bc39SJason Zhu 13737a7bc39SJason Zhu /** 13837a7bc39SJason Zhu * The android things uses fastboot to flash the permanent attributes. 13937a7bc39SJason Zhu * And if them were written, there must have a flag to indicate. 14037a7bc39SJason Zhu * 14137a7bc39SJason Zhu * @param flag indicate the permanent attributes have been written 14237a7bc39SJason Zhu * or not. 14337a7bc39SJason Zhu * 14437a7bc39SJason Zhu * @return 0 if the command succeeded, -1 if it failed 14537a7bc39SJason Zhu */ 14637a7bc39SJason Zhu int rk_avb_read_perm_attr_flag(uint8_t *flag); 14737a7bc39SJason Zhu 14837a7bc39SJason Zhu /** 14937a7bc39SJason Zhu * The android things uses fastboot to flash the permanent attributes. 15037a7bc39SJason Zhu * And if them were written, there must have a flag to indicate. 15137a7bc39SJason Zhu * 15237a7bc39SJason Zhu * @param flag We can call this function to write the flag '1' 15337a7bc39SJason Zhu * to indicate the permanent attributes has been 15437a7bc39SJason Zhu * written. 15537a7bc39SJason Zhu * 15637a7bc39SJason Zhu * @return 0 if the command succeeded, -1 if it failed 15737a7bc39SJason Zhu */ 15837a7bc39SJason Zhu int rk_avb_write_perm_attr_flag(uint8_t flag); 15937a7bc39SJason Zhu 16037a7bc39SJason Zhu /** 16137a7bc39SJason Zhu * The android things require the soc-v key hash to be flashed 16237a7bc39SJason Zhu * using the fastboot. So the function can be used in fastboot 16337a7bc39SJason Zhu * to flash the key hash. 16437a7bc39SJason Zhu * 16537a7bc39SJason Zhu * @param buf The vboot key hash data. 16637a7bc39SJason Zhu * 16737a7bc39SJason Zhu * @param length The length of key hash. 16837a7bc39SJason Zhu * 16937a7bc39SJason Zhu * @return 0 if the command succeeded, -1 if it failed 17037a7bc39SJason Zhu */ 17137a7bc39SJason Zhu int rk_avb_read_vbootkey_hash(uint8_t *buf, uint8_t length); 17237a7bc39SJason Zhu 17337a7bc39SJason Zhu /** 17437a7bc39SJason Zhu * The android things require the soc-v key hash to be flashed 17537a7bc39SJason Zhu * using the fastboot. So the function can be used in fastboot 17637a7bc39SJason Zhu * to flash the key hash. 17737a7bc39SJason Zhu * 17837a7bc39SJason Zhu * @param buf The vboot key hash data. 17937a7bc39SJason Zhu * 18037a7bc39SJason Zhu * @param length The length of key hash. 18137a7bc39SJason Zhu * 18237a7bc39SJason Zhu * @return 0 if the command succeeded, -1 if it failed 18337a7bc39SJason Zhu */ 18437a7bc39SJason Zhu int rk_avb_write_vbootkey_hash(uint8_t *buf, uint8_t length); 18537a7bc39SJason Zhu 18637a7bc39SJason Zhu /** 18737a7bc39SJason Zhu * U-boot close the optee client when start kernel 18837a7bc39SJason Zhu * to prevent the optee client being invoking by other 18937a7bc39SJason Zhu * program. 19037a7bc39SJason Zhu * 19137a7bc39SJason Zhu * @return 0 if the command succeeded, -1 if it failed 19237a7bc39SJason Zhu */ 19337a7bc39SJason Zhu int rk_avb_close_optee_client(void); 19437a7bc39SJason Zhu 19537a7bc39SJason Zhu /** 19637a7bc39SJason Zhu * read the permanent attributes hash. 19737a7bc39SJason Zhu * 19837a7bc39SJason Zhu * @param buf The permanent attributes hash data. 19937a7bc39SJason Zhu * 20037a7bc39SJason Zhu * @param length The length of permanent attributes hash. 20137a7bc39SJason Zhu * 20237a7bc39SJason Zhu * @return 0 if the command succeeded, -1 if it failed 20337a7bc39SJason Zhu */ 20437a7bc39SJason Zhu int rk_avb_read_attribute_hash(uint8_t *buf, uint8_t length); 20537a7bc39SJason Zhu 20637a7bc39SJason Zhu /** 20737a7bc39SJason Zhu * Write the permanent attributes hash. 20837a7bc39SJason Zhu * 20937a7bc39SJason Zhu * @param buf The permanent attributes hash data. 21037a7bc39SJason Zhu * 21137a7bc39SJason Zhu * @param length The length of permanent attributes hash. 21237a7bc39SJason Zhu * 21337a7bc39SJason Zhu * @return 0 if the command succeeded, -1 if it failed 21437a7bc39SJason Zhu */ 21537a7bc39SJason Zhu int rk_avb_write_attribute_hash(uint8_t *buf, uint8_t length); 21637a7bc39SJason Zhu 21737a7bc39SJason Zhu /** 21837a7bc39SJason Zhu * Get the avb vboot state 21937a7bc39SJason Zhu * 22037a7bc39SJason Zhu * @param buf store the vboot state. 22137a7bc39SJason Zhu * 22237a7bc39SJason Zhu * @return 0 if the command succeeded, -1 if it failed 22337a7bc39SJason Zhu */ 22437a7bc39SJason Zhu void rk_avb_get_at_vboot_state(char *buf); 22537a7bc39SJason Zhu 22637a7bc39SJason Zhu /** 22737a7bc39SJason Zhu * Get ab information from misc partition 22837a7bc39SJason Zhu * 22937a7bc39SJason Zhu * @param ab_data the struct of ab information 23037a7bc39SJason Zhu * 23137a7bc39SJason Zhu * @return 0 if the command succeeded, -1 if it failed 23237a7bc39SJason Zhu */ 23337a7bc39SJason Zhu int rk_avb_get_ab_info(AvbABData* ab_data); 23437a7bc39SJason Zhu 23537a7bc39SJason Zhu /** 23637a7bc39SJason Zhu * Get the information whether the partition has slot 23737a7bc39SJason Zhu * 23837a7bc39SJason Zhu * @param the partition name 23937a7bc39SJason Zhu * 24037a7bc39SJason Zhu * @return 0 if the partition has slot, -1 if not 24137a7bc39SJason Zhu */ 24237a7bc39SJason Zhu int rk_avb_get_part_has_slot_info(const char *base_name); 24337a7bc39SJason Zhu 24437a7bc39SJason Zhu AvbABFlowResult rk_avb_ab_slot_select(AvbABOps* ab_ops,char select_slot[]); 24537a7bc39SJason Zhu 24637a7bc39SJason Zhu #ifdef __cplusplus 24737a7bc39SJason Zhu } 24837a7bc39SJason Zhu #endif 24937a7bc39SJason Zhu 25037a7bc39SJason Zhu #endif /* RK_AVB_OPS_USER_H_ */ 251