diff options
Diffstat (limited to 'firmware/2lib/include/2secdata_struct.h')
-rw-r--r-- | firmware/2lib/include/2secdata_struct.h | 56 |
1 files changed, 52 insertions, 4 deletions
diff --git a/firmware/2lib/include/2secdata_struct.h b/firmware/2lib/include/2secdata_struct.h index 7a835dd7..d8b5340f 100644 --- a/firmware/2lib/include/2secdata_struct.h +++ b/firmware/2lib/include/2secdata_struct.h @@ -8,7 +8,9 @@ #ifndef VBOOT_REFERENCE_2SECDATA_STRUCT_H_ #define VBOOT_REFERENCE_2SECDATA_STRUCT_H_ +#include "2constants.h" #include "2crc8.h" +#include "2sha.h" #include "2sysincludes.h" /*****************************************************************************/ @@ -34,15 +36,26 @@ struct vb2_secdata_firmware { } __attribute__((packed)); /*****************************************************************************/ -/* Kernel secure storage space */ +/* Kernel secure storage space + * + * We'll never convert v0.2 to v1.* or the other way. v0.2 or v1.* data will be + * passed around between AP and TPM without upgrade or downgrade. + * + * 1. Old BIOS on old device will read/write v0.2 data from/to TPM. + * 2. New BIOS on old device will read/write v0.2 data from/to TPM. + * 3. Old BIOS on new device will read/write v0.2 data from/to TPM. + * 4. New BIOS on new device will read/write v1.0 data from/to TPM. + */ /* Kernel space - KERNEL_NV_INDEX, locked with physical presence. */ -#define VB2_SECDATA_KERNEL_VERSION 2 +#define VB2_SECDATA_KERNEL_VERSION_V02 (0 << 4 | 2 << 0) /* 0.2 */ +#define VB2_SECDATA_KERNEL_VERSION_V10 (1 << 4 | 0 << 0) /* 1.0 */ +#define VB2_SECDATA_KERNEL_VERSION_LATEST VB2_SECDATA_KERNEL_VERSION_V10 #define VB2_SECDATA_KERNEL_UID 0x4752574c /* 'LWRG' */ -struct vb2_secdata_kernel { +struct vb2_secdata_kernel_v0 { /* Struct version, for backwards compatibility */ - uint8_t struct_version; + uint8_t struct_version; /* 0.2 (or 0x02 in v0 format) */ /* Unique ID to detect space redefinition */ uint32_t uid; @@ -56,6 +69,41 @@ struct vb2_secdata_kernel { /* CRC; must be last field in struct */ uint8_t crc8; } __attribute__((packed)); +_Static_assert(sizeof(struct vb2_secdata_kernel_v0) + == VB2_SECDATA_KERNEL_SIZE_V02, + "VB2_SECDATA_KERNEL_SIZE_V02 incorrect"); +_Static_assert(sizeof(struct vb2_secdata_kernel_v0) + < VB2_SECDATA_KERNEL_MAX_SIZE, + "VB2_SECDATA_KERNEL_SIZE_V02 exceeds max size"); + +/* + * Secdata kernel v1.* series. + */ +struct vb2_secdata_kernel_v1 { + /* Struct version, for backwards compatibility */ + uint8_t struct_version; /* 1.0 (or 0x10 in v0 format) */ + + /* Size of the struct */ + uint8_t struct_size; + + /* 8-bit CRC for everything below */ + uint8_t crc8; + + /* Reserved for future expansion */ + uint8_t reserved0; + + /* Kernel versions */ + uint32_t kernel_versions; + + /* EC hash used for EFS2 */ + uint8_t ec_hash[VB2_SHA256_DIGEST_SIZE]; +}; +_Static_assert(sizeof(struct vb2_secdata_kernel_v1) + == VB2_SECDATA_KERNEL_SIZE_V10, + "VB2_SECDATA_KERNEL_SIZE_V10 incorrect"); +_Static_assert(sizeof(struct vb2_secdata_kernel_v1) + < VB2_SECDATA_KERNEL_MAX_SIZE, + "VB2_SECDATA_KERNEL_SIZE_V10 exceeds max size"); /*****************************************************************************/ /* Firmware management parameters (FWMP) space */ |