1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
|
/* Copyright (c) 2014 The Chromium OS Authors. All rights reserved.
* Use of this source code is governed by a BSD-style license that can be
* found in the LICENSE file.
*
* Misc functions which need access to vb2_context but are not public APIs
*/
#ifndef VBOOT_REFERENCE_2MISC_H_
#define VBOOT_REFERENCE_2MISC_H_
#include "2api.h"
#include "2struct.h"
struct vb2_gbb_header;
struct vb2_workbuf;
#define vb2_container_of(ptr, type, member) ({ \
const typeof(((type *)0)->member) *__mptr = (ptr); \
(type *)((uint8_t *)__mptr - offsetof(type, member) );}) \
/**
* Get the shared data pointer from the vboot context
*
* @param ctx Vboot context
* @return The shared data pointer.
*/
static inline struct vb2_shared_data *vb2_get_sd(struct vb2_context *ctx)
{
return vb2_container_of(ctx, struct vb2_shared_data, ctx);
}
/**
* Get the GBB header pointer from a vboot context's shared data
*
* @param ctx Vboot context
* @return The GBB header pointer.
*/
struct vb2_gbb_header *vb2_get_gbb(struct vb2_context *ctx);
/**
* Validate gbb signature (the magic number)
*
* @param sig Pointer to the signature bytes to validate
* @return VB2_SUCCESS if valid or non-zero if error.
*/
vb2_error_t vb2_validate_gbb_signature(uint8_t *sig);
/**
* Initialize a work buffer from the vboot context.
*
* This sets the work buffer to the unused portion of the context work buffer.
*
* @param ctx Vboot context
* @param wb Work buffer to initialize
*/
void vb2_workbuf_from_ctx(struct vb2_context *ctx, struct vb2_workbuf *wb);
/**
* Set the amount of work buffer used in the vboot context.
*
* This will round up to VB2_WORKBUF_ALIGN, so that the next allocation will
* be aligned as expected.
*
* @param ctx Vboot context
* @param used Number of bytes used
*/
void vb2_set_workbuf_used(struct vb2_context *ctx, uint32_t used);
/**
* Read the GBB header.
*
* @param ctx Vboot context
* @param gbb Destination for header
* @return VB2_SUCCESS, or non-zero if error.
*/
vb2_error_t vb2_read_gbb_header(struct vb2_context *ctx,
struct vb2_gbb_header *gbb);
/**
* Check for recovery reasons we can determine early in the boot process.
*
* On exit, check ctx->flags for VB2_CONTEXT_RECOVERY_MODE; if present, jump to
* the recovery path instead of continuing with normal boot. This is the only
* direct path to recovery mode. All other errors later in the boot process
* should induce a reboot instead of jumping to recovery, so that recovery mode
* starts from a consistent firmware state.
*
* @param ctx Vboot context
*/
void vb2_check_recovery(struct vb2_context *ctx);
/**
* Parse the GBB header.
*
* @param ctx Vboot context
* @return VB2_SUCCESS, or error code on error.
*/
vb2_error_t vb2_fw_init_gbb(struct vb2_context *ctx);
/**
* Check developer switch position.
*
* @param ctx Vboot context
* @return VB2_SUCCESS, or error code on error.
*/
vb2_error_t vb2_check_dev_switch(struct vb2_context *ctx);
/**
* Check if we need to clear the TPM owner.
*
* @param ctx Vboot context
* @return VB2_SUCCESS, or error code on error.
*/
vb2_error_t vb2_check_tpm_clear(struct vb2_context *ctx);
/**
* Decide which firmware slot to try this boot.
*
* @param ctx Vboot context
* @return VB2_SUCCESS, or error code on error.
*/
vb2_error_t vb2_select_fw_slot(struct vb2_context *ctx);
/**
* Verify the firmware keyblock using the root key.
*
* After this call, the data key is stored in the work buffer.
*
* @param ctx Vboot context
* @return VB2_SUCCESS, or error code on error.
*/
vb2_error_t vb2_load_fw_keyblock(struct vb2_context *ctx);
vb2_error_t vb21_load_fw_keyblock(struct vb2_context *ctx);
/**
* Verify the firmware preamble using the data subkey from the keyblock.
*
* After this call, the preamble is stored in the work buffer.
*
* @param ctx Vboot context
* @return VB2_SUCCESS, or error code on error.
*/
vb2_error_t vb2_load_fw_preamble(struct vb2_context *ctx);
vb2_error_t vb21_load_fw_preamble(struct vb2_context *ctx);
/**
* Verify the kernel keyblock using the previously-loaded kernel key.
*
* After this call, the data key is stored in the work buffer.
*
* @param ctx Vboot context
* @return VB2_SUCCESS, or error code on error.
*/
vb2_error_t vb2_load_kernel_keyblock(struct vb2_context *ctx);
/**
* Verify the kernel preamble using the data subkey from the keyblock.
*
* After this call, the preamble is stored in the work buffer.
*
* @param ctx Vboot context
* @return VB2_SUCCESS, or error code on error.
*/
vb2_error_t vb2_load_kernel_preamble(struct vb2_context *ctx);
/**
* Utility function to enable developer mode.
*
* Enables the developer flag in vb2_context firmware secdata. Note that
* modified secdata must be saved for change to apply on reboot.
*
* NOTE: Doesn't update the LAST_BOOT_DEVELOPER secdata flag. That should be
* done on the next boot.
*
* @param ctx Vboot context
* @return VB2_SUCCESS, or error code on error.
*/
vb2_error_t vb2_enable_developer_mode(struct vb2_context *ctx);
/**
* Check whether recovery is allowed or not.
*
* The only way to pass this check and proceed to the recovery process is to
* physically request a recovery (a.k.a. manual recovery). All other recovery
* requests including manual recovery requested by a (compromised) host will
* end up with 'broken' screen.
*
* @param ctx Vboot context
* @return 1 if recovery is allowed; 0 if no or uncertain.
*/
int vb2_allow_recovery(struct vb2_context *ctx);
#endif /* VBOOT_REFERENCE_2MISC_H_ */
|
