diff options
Diffstat (limited to 'firmware/2lib/include/2api.h')
-rw-r--r-- | firmware/2lib/include/2api.h | 105 |
1 files changed, 59 insertions, 46 deletions
diff --git a/firmware/2lib/include/2api.h b/firmware/2lib/include/2api.h index b091731b..9ca01993 100644 --- a/firmware/2lib/include/2api.h +++ b/firmware/2lib/include/2api.h @@ -28,6 +28,14 @@ #include "2return_codes.h" #include "2secdata.h" +/* TODO(chromium:972956): Remove once coreboot is using updated names */ +#define secdata secdata_firmware +#define secdatak secdata_kernel +#define vb2api_secdata_check vb2api_secdata_firmware_check +#define vb2api_secdata_create vb2api_secdata_firmware_create +#define vb2api_secdatak_check vb2api_secdata_kernel_check +#define vb2api_secdatak_create vb2api_secdata_kernel_create + /* Modes for vb2ex_tpm_set_mode. */ enum vb2_tpm_mode { /* @@ -57,9 +65,12 @@ enum vb2_context_flags { VB2_CONTEXT_NVDATA_CHANGED = (1 << 0), /* - * Verified boot has changed secdata[]. Caller must save secdata[] - * back to its underlying storage, then may clear this flag. + * Verified boot has changed secdata_firmware[]. Caller must save + * secdata_firmware[] back to its underlying storage, then may clear + * this flag. */ + VB2_CONTEXT_SECDATA_FIRMWARE_CHANGED = (1 << 1), + /* TODO: Remove once coreboot has switched over */ VB2_CONTEXT_SECDATA_CHANGED = (1 << 1), /* Recovery mode is requested this boot */ @@ -96,14 +107,16 @@ enum vb2_context_flags { VB2_CONTEXT_DISABLE_DEVELOPER_MODE = (1 << 9), /* - * Verified boot has changed secdatak[]. Caller must save secdatak[] - * back to its underlying storage, then may clear this flag. + * Verified boot has changed secdata_kernel[]. Caller must save + * secdata_kernel[] back to its underlying storage, then may clear + * this flag. */ - VB2_CONTEXT_SECDATAK_CHANGED = (1 << 10), + VB2_CONTEXT_SECDATA_KERNEL_CHANGED = (1 << 10), /* - * Allow kernel verification to roll forward the version in secdatak[]. - * Caller may set this flag before calling vb2api_kernel_phase3(). + * Allow kernel verification to roll forward the version in + * secdata_kernel[]. Caller may set this flag before calling + * vb2api_kernel_phase3(). */ VB2_CONTEXT_ALLOW_KERNEL_ROLL_FORWARD = (1 << 11), @@ -214,7 +227,7 @@ struct vb2_context { * caller must save the data back to the secure non-volatile location * and then clear the flag. */ - uint8_t secdata[VB2_SECDATA_SIZE]; + uint8_t secdata_firmware[VB2_SECDATA_FIRMWARE_SIZE]; /* * Context pointer for use by caller. Verified boot never looks at @@ -243,11 +256,11 @@ struct vb2_context { /* * Secure data for kernel verification stage. Caller must fill this * from some secure non-volatile location. If the - * VB2_CONTEXT_SECDATAK_CHANGED flag is set when a function returns, - * caller must save the data back to the secure non-volatile location - * and then clear the flag. + * VB2_CONTEXT_SECDATA_KERNEL_CHANGED flag is set when a function + * returns, caller must save the data back to the secure non-volatile + * location and then clear the flag. */ - uint8_t secdatak[VB2_SECDATAK_SIZE]; + uint8_t secdata_kernel[VB2_SECDATA_KERNEL_SIZE]; }; /* Resource index for vb2ex_read_resource() */ @@ -295,18 +308,18 @@ enum vb2_pcr_digest { * * Load nvdata from wherever you keep it. * - * Load secdata from wherever you keep it. + * Load secdata_firmware from wherever you keep it. * * If it wasn't there at all (for example, this is the first boot - * of a new system in the factory), call vb2api_secdata_create() - * to initialize the data. + * of a new system in the factory), call + * vb2api_secdata_firmware_create() to initialize the data. * * If access to your storage is unreliable (reads/writes may - * contain corrupt data), you may call vb2api_secdata_check() to - * determine if the data was valid, and retry reading if it - * wasn't. (In that case, you should also read back and check the - * data after any time you write it, to make sure it was written - * correctly.) + * contain corrupt data), you may call + * vb2api_secdata_firmware_check() to determine if the data was + * valid, and retry reading if it wasn't. (In that case, you + * should also read back and check the data after any time you + * write it, to make sure it was written correctly.) * * Call vb2api_fw_phase1(). At present, this nominally decides whether * recovery mode is needed this boot. @@ -317,8 +330,8 @@ enum vb2_pcr_digest { * Call vb2api_fw_phase3(). At present, this nominally verifies the * firmware keyblock and preamble. * - * Lock down wherever you keep secdata. It should no longer be writable - * this boot. + * Lock down wherever you keep secdata_firmware. It should no longer be + * writable this boot. * * Verify the hash of each section of code/data you need to boot the RW * firmware. For each section: @@ -342,18 +355,18 @@ enum vb2_pcr_digest { * done by the same firmware image, or may be done by the RW firmware. The * recommended order is: * - * Load secdatak from wherever you keep it. + * Load secdata_kernel from wherever you keep it. * * If it wasn't there at all (for example, this is the first boot - * of a new system in the factory), call vb2api_secdatak_create() - * to initialize the data. + * of a new system in the factory), call + * vb2api_secdata_kernel_create() to initialize the data. * * If access to your storage is unreliable (reads/writes may - * contain corrupt data), you may call vb2api_secdatak_check() to - * determine if the data was valid, and retry reading if it - * wasn't. (In that case, you should also read back and check the - * data after any time you write it, to make sure it was written - * correctly.) + * contain corrupt data), you may call + * vb2api_secdata_kernel_check() to determine if the data was + * valid, and retry reading if it wasn't. (In that case, you + * should also read back and check the data after any time you +* write it, to make sure it was written correctly.) * * Call vb2api_kernel_phase1(). At present, this decides which key to * use to verify kernel data - the recovery key from the GBB, or the @@ -387,55 +400,55 @@ enum vb2_pcr_digest { * Call vb2api_kernel_phase3(). This cleans up from kernel verification * and updates the secure data if needed. * - * Lock down wherever you keep secdatak. It should no longer be writable - * this boot. + * Lock down wherever you keep secdata_kernel. It should no longer be + * writable this boot. */ /** - * Check the validity of the secure storage context. + * Check the validity of the firmware secure storage context. * * Checks version and CRC. * * @param ctx Context pointer * @return VB2_SUCCESS, or non-zero error code if error. */ -vb2_error_t vb2api_secdata_check(struct vb2_context *ctx); +vb2_error_t vb2api_secdata_firmware_check(struct vb2_context *ctx); /** - * Create fresh data in the secure storage context. + * Create fresh data in the firmware secure storage context. * * Use this only when initializing the secure storage context on a new machine - * the first time it boots. Do NOT simply use this if vb2api_secdata_check() - * (or any other API in this library) fails; that could allow the secure data - * to be rolled back to an insecure state. + * the first time it boots. Do NOT simply use this if + * vb2api_secdata_firmware_check() (or any other API in this library) fails; + * that could allow the secure data to be rolled back to an insecure state. * * @param ctx Context pointer * @return VB2_SUCCESS, or non-zero error code if error. */ -vb2_error_t vb2api_secdata_create(struct vb2_context *ctx); +vb2_error_t vb2api_secdata_firmware_create(struct vb2_context *ctx); /** - * Check the validity of the kernel version secure storage context. + * Check the validity of the kernel secure storage context. * * Checks version, UID, and CRC. * * @param ctx Context pointer * @return VB2_SUCCESS, or non-zero error code if error. */ -vb2_error_t vb2api_secdatak_check(struct vb2_context *ctx); +vb2_error_t vb2api_secdata_kernel_check(struct vb2_context *ctx); /** - * Create fresh data in the kernel version secure storage context. + * Create fresh data in the kernel secure storage context. * * Use this only when initializing the secure storage context on a new machine - * the first time it boots. Do NOT simply use this if vb2api_secdatak_check() - * (or any other API in this library) fails; that could allow the secure data - * to be rolled back to an insecure state. + * the first time it boots. Do NOT simply use this if + * vb2api_secdata_kernel_check() (or any other API in this library) fails; that + * could allow the secure data to be rolled back to an insecure state. * * @param ctx Context pointer * @return VB2_SUCCESS, or non-zero error code if error. */ -vb2_error_t vb2api_secdatak_create(struct vb2_context *ctx); +vb2_error_t vb2api_secdata_kernel_create(struct vb2_context *ctx); /** * Report firmware failure to vboot. |