1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
|
/* Copyright (c) 2013 The Chromium OS Authors. All rights reserved.
* Use of this source code is governed by a BSD-style license that can be
* found in the LICENSE file.
*
* Data structure and API definitions for a verified boot kernel image.
* (Firmware Portion)
*/
#ifndef VBOOT_REFERENCE_VBOOT_KERNEL_H_
#define VBOOT_REFERENCE_VBOOT_KERNEL_H_
#include "cgptlib.h"
#include "gpt_misc.h"
#include "load_kernel_fw.h"
#include "vboot_api.h"
struct vb2_context;
/* Flags for VbSharedDataKernelPart.flags */
#define VBSD_LKP_FLAG_KEYBLOCK_VALID 0x01
/* Result codes for VbSharedDataKernelPart.check_result */
#define VBSD_LKP_CHECK_NOT_DONE 0
#define VBSD_LKP_CHECK_TOO_SMALL 1
#define VBSD_LKP_CHECK_READ_START 2
#define VBSD_LKP_CHECK_KEYBLOCK_SIG 3
#define VBSD_LKP_CHECK_KEYBLOCK_HASH 4
#define VBSD_LKP_CHECK_DEV_MISMATCH 5
#define VBSD_LKP_CHECK_REC_MISMATCH 6
#define VBSD_LKP_CHECK_KEY_ROLLBACK 7
#define VBSD_LKP_CHECK_DATA_KEY_PARSE 8
#define VBSD_LKP_CHECK_VERIFY_PREAMBLE 9
#define VBSD_LKP_CHECK_KERNEL_ROLLBACK 10
#define VBSD_LKP_CHECK_PREAMBLE_VALID 11
/*
* Body load address check is omitted; this result code is deprecated and not
* used anywhere in the codebase.
*/
#define VBSD_LKP_CHECK_BODY_ADDRESS 12
#define VBSD_LKP_CHECK_BODY_OFFSET 13
#define VBSD_LKP_CHECK_SELF_SIGNED 14
#define VBSD_LKP_CHECK_BODY_EXCEEDS_MEM 15
#define VBSD_LKP_CHECK_BODY_EXCEEDS_PART 16
#define VBSD_LKP_CHECK_READ_DATA 17
#define VBSD_LKP_CHECK_VERIFY_DATA 18
#define VBSD_LKP_CHECK_KERNEL_GOOD 19
/* Information about a single kernel partition check in LoadKernel() */
typedef struct VbSharedDataKernelPart {
uint64_t sector_start; /* Start sector of partition */
uint64_t sector_count; /* Sector count of partition */
uint32_t combined_version; /* Combined key+kernel version */
uint8_t gpt_index; /* Index of partition in GPT */
uint8_t check_result; /* Check result; see VBSD_LKP_CHECK_* */
uint8_t flags; /* Flags (see VBSD_LKP_FLAG_* */
uint8_t reserved0; /* Reserved for padding */
} VbSharedDataKernelPart;
/* Number of kernel partitions to track per call. Must be power of 2. */
#define VBSD_MAX_KERNEL_PARTS 8
/* Result codes for VbSharedDataKernelCall.check_result */
#define VBSD_LKC_CHECK_NOT_DONE 0
#define VBSD_LKC_CHECK_DEV_SWITCH_MISMATCH 1
#define VBSD_LKC_CHECK_GPT_READ_ERROR 2
#define VBSD_LKC_CHECK_GPT_PARSE_ERROR 3
#define VBSD_LKC_CHECK_GOOD_PARTITION 4
#define VBSD_LKC_CHECK_INVALID_PARTITIONS 5
#define VBSD_LKC_CHECK_NO_PARTITIONS 6
/* Information about a single call to LoadKernel() */
typedef struct VbSharedDataKernelCall {
/* Bottom 32 bits of flags passed in LoadKernelParams.boot_flags */
uint32_t boot_flags;
/* Debug flags; see VBSD_LK_FLAG_* */
uint32_t flags;
/* Number of sectors on drive */
uint64_t sector_count;
/* Sector size in bytes */
uint32_t sector_size;
/* Check result; see VBSD_LKC_CHECK_* */
uint8_t check_result;
/* Boot mode for LoadKernel(); see VBSD_LK_BOOT_MODE_* constants */
uint8_t boot_mode;
/* Test error number, if non-zero */
uint8_t test_error_num;
/* Return code from LoadKernel() */
uint8_t return_code;
/* Number of kernel partitions found */
uint8_t kernel_parts_found;
/* Reserved for padding */
uint8_t reserved0[7];
/* Data on kernels */
VbSharedDataKernelPart parts[VBSD_MAX_KERNEL_PARTS];
} VbSharedDataKernelCall;
/**
* Attempt loading a kernel from the specified type(s) of disks.
*
* If successful, sets lkp.disk_handle to the disk for the kernel and returns
* VB2_SUCCESS.
*
* @param ctx Vboot context
* @param get_info_flags Flags to pass to VbExDiskGetInfo()
* @return VB2_SUCCESS or the most specific VB2_ERROR_LK error.
*/
vb2_error_t VbTryLoadKernel(struct vb2_context *ctx, uint32_t get_info_flags);
/* Flags for VbUserConfirms() */
#define VB_CONFIRM_MUST_TRUST_KEYBOARD (1 << 0)
#define VB_CONFIRM_SPACE_MEANS_NO (1 << 1)
/**
* Ask the user to confirm something.
*
* We should display whatever the question is first, then call this. ESC is
* always "no", ENTER is always "yes", and we'll specify what SPACE means. We
* don't return until one of those keys is pressed, or until asked to shut
* down.
*
* Additionally, in some situations we don't accept confirmations from an
* untrusted keyboard (such as a USB device). In those cases, a recovery
* button press is needed for confirmation, instead of ENTER.
*
* Returns: 1=yes, 0=no, -1 = shutdown.
*/
int VbUserConfirms(struct vb2_context *ctx, uint32_t confirm_flags);
/**
* Handle a normal boot.
*/
vb2_error_t VbBootNormal(struct vb2_context *ctx);
/**
* Handle a developer-mode boot using legacy clamshell UI.
*/
vb2_error_t VbBootDeveloperLegacyClamshell(struct vb2_context *ctx);
/**
* Handle a diagnostic-mode boot using legacy clamshell UI.
*/
vb2_error_t VbBootDiagnosticLegacyClamshell(struct vb2_context *ctx);
/**
* Handle a recovery-mode boot using legacy clamshell UI.
*/
vb2_error_t VbBootRecoveryLegacyClamshell(struct vb2_context *ctx);
/**
* Handle a developer-mode boot using legacy menu UI.
*/
vb2_error_t VbBootDeveloperLegacyMenu(struct vb2_context *ctx);
/**
* Handle a recovery-mode boot using legacy menu UI.
*/
vb2_error_t VbBootRecoveryLegacyMenu(struct vb2_context *ctx);
#endif /* VBOOT_REFERENCE_VBOOT_KERNEL_H_ */
|
