blob: 544dc55cfe59275568a4233acb2cb77d5ad8c642 [file] [log] [blame]
/*
* Copyright (c) 2015-2016, The Linux Foundation. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are
* met:
* * Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* * Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
* * Neither the name of The Linux Foundation nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
* THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESS OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
* MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT
* ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS
* BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
* BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
* WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
* OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
* IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#ifndef KM_MAIN_H
#define KM_MAIN_H
#include <sys/types.h>
#include <boot_verifier.h>
/**
* Commands supported
*/
#define KEYMASTER_CMD_ID 0x100UL
#define KEYMASTER_UTILS_CMD_ID 0x200UL
#define UINT32_MAX (0xffffffff)
typedef enum {
/*
* List the commands supportedin by the hardware.
*/
KEYMASTER_GET_SUPPORTED_ALGORITHMS = (KEYMASTER_CMD_ID + 1UL),
KEYMASTER_GET_SUPPORTED_BLOCK_MODES = (KEYMASTER_CMD_ID + 2UL),
KEYMASTER_GET_SUPPORTED_PADDING_MODES = (KEYMASTER_CMD_ID + 3UL),
KEYMASTER_GET_SUPPORTED_DIGESTS = (KEYMASTER_CMD_ID + 4UL),
KEYMASTER_GET_SUPPORTED_IMPORT_FORMATS = (KEYMASTER_CMD_ID + 5UL),
KEYMASTER_GET_SUPPORTED_EXPORT_FORMATS = (KEYMASTER_CMD_ID + 6UL),
KEYMASTER_ADD_RNG_ENTROPY = (KEYMASTER_CMD_ID + 7UL),
KEYMASTER_GENERATE_KEY = (KEYMASTER_CMD_ID + 8UL),
KEYMASTER_GET_KEY_CHARACTERISTICS = (KEYMASTER_CMD_ID + 9UL),
KEYMASTER_RESCOPE = (KEYMASTER_CMD_ID + 10UL),
KEYMASTER_IMPORT_KEY = (KEYMASTER_CMD_ID + 11UL),
KEYMASTER_EXPORT_KEY = (KEYMASTER_CMD_ID + 12UL),
KEYMASTER_DELETE_KEY = (KEYMASTER_CMD_ID + 13UL),
KEYMASTER_DELETE_ALL_KEYS = (KEYMASTER_CMD_ID + 14UL),
KEYMASTER_BEGIN = (KEYMASTER_CMD_ID + 15UL),
KEYMASTER_GET_OUTPUT_SIZE = (KEYMASTER_CMD_ID + 16UL),
KEYMASTER_UPDATE = (KEYMASTER_CMD_ID + 17UL),
KEYMASTER_FINISH = (KEYMASTER_CMD_ID + 18UL),
KEYMASTER_ABORT = (KEYMASTER_CMD_ID + 19UL),
KEYMASTER_SET_BOOT_STATE = (KEYMASTER_UTILS_CMD_ID + 8UL),
KEYMASTER_GET_VERSION = (KEYMASTER_UTILS_CMD_ID + 0UL),
KEYMASTER_SET_ROT = (KEYMASTER_UTILS_CMD_ID + 1UL),
KEYMASTER_READ_LK_DEVICE_STATE = (KEYMASTER_UTILS_CMD_ID + 2UL),
KEYMASTER_WRITE_LK_DEVICE_STATE = (KEYMASTER_UTILS_CMD_ID + 3UL),
KEYMASTER_MILESTONE_CALL = (KEYMASTER_UTILS_CMD_ID + 4UL),
KEYMASTER_SECURE_WRITE_PROTECT = (KEYMASTER_UTILS_CMD_ID + 6UL),
KEYMASTER_SET_VBH = (KEYMASTER_UTILS_CMD_ID + 17UL),
KEYMASTER_LAST_CMD_ENTRY = (int)0xFFFFFFFFULL
} keymaster_cmd_t;
typedef enum {
KM_ERROR_INVALID_TAG = -40,
} keymaster_error_t;
/*
* Utils Api struct
*/
/**
@brief
Data structure
@param[in] cmd_id Requested command
@param[in] rot_ofset Offset from the top of the struct.
@param[in] rot_size Size of the ROT
*/
typedef struct _km_set_rot_req_t {
uint32 cmd_id;
uint32 rot_ofset;
uint32 rot_size;
}__attribute__ ((packed)) km_set_rot_req_t;
/**
@brief
Data structure
@param[out] status Status of the request
*/
typedef struct _km_set_rot_rsp_t {
int status;
}__attribute__ ((packed)) km_set_rot_rsp_t;
/**
@brief
Data structure
@param[in] cmd_id Requested command
@param[in] data information (could be data or a pointer to the memory that holds the data
@param[in] len if data is ptr to some buffer, len indicates length of the buffer
*/
typedef struct send_cmd{
uint32 cmd_id;
uint32 data;
uint32 len;
} __attribute__ ((packed)) send_cmd_t;
/*
typedef struct send_cmd_rsp{
uint32 cmd_id;
uint32 data;
int32 status;
} __attribute__ ((packed)) send_cmd_rsp_t; */
/**
@brief
Data structure
@param[in] cmd_id Requested command
*/
typedef struct _km_set_milestone_req_t {
uint32 cmd_id;
}__attribute__ ((packed)) km_set_milestone_req_t;
/**
@brief
Data structure
@param[out] status Status of the request
*/
typedef struct _km_set_milestone_rsp_t {
int status;
}__attribute__ ((packed)) km_set_milestone_rsp_t;
/*
* Structures for delete_all cmd
*/
/*
@brief
Data structure
@param[in] cmd_id Requested command
*/
typedef struct _key_op_delete_all_req_t {
uint32 cmd_id;
}__attribute__ ((packed)) key_op_delete_all_req_t;
/*
@brief
Data structure
@param[out] status Status of the request
*/
typedef struct _key_op_delete_all_rsp_t {
int status;
}__attribute__ ((packed)) key_op_delete_all_rsp_t;
typedef enum _secure_write_prot_op_t
{
SWP_READ_CONFIG,
SWP_WRITE_CONFIG,
SWP_LAST_CMD_ENTRY = (int)0xFFFFFFFFULL
} secure_write_prot_op_t;
/*
@brief
Data structure
@param[in] cmd_id Command ID of the request
@param[in] op Secure write protect operation (enum from secure_write_prot_op_t)
@param[in] swp_write_data_offset Offset of data for SWP operation
@param[in] swp_write_data_len Length of data for SWP operation
*/
typedef struct _secure_write_prot_req_t
{
uint32 cmd_id;
uint32 op;
uint32 swp_write_data_offset;
uint32 swp_write_data_len;
}__attribute__((packed)) secure_write_prot_req_t;
/*
@brief
Data structure
@param[out] status Status of the request
@param[out] swp_read_data_offset Offset of data for SWP operation
@param[out] swp_read_data_len Length of data for SWP operation
*/
typedef struct _secure_write_prot_rsp_t
{
int status;
uint32 swp_read_data_offset;
uint32 swp_read_data_len;
}__attribute__((packed)) secure_write_prot_rsp_t;
/*
* * Structures for get_version
* */
typedef struct _km_get_version_req_t
{
uint32_t cmd_id;
}__attribute__((packed)) km_get_version_req_t;
typedef struct _km_get_version_rsp_t
{
int status;
uint32_t major_version;
uint32_t minor_version;
uint32_t ta_major_version;
uint32_t ta_minor_version;
}__attribute__((packed)) km_get_version_rsp_t;
typedef struct _km_boot_state_t
{
bool is_unlocked;
uint8_t public_key[32];
uint32_t color;
uint32_t system_version;
uint32_t system_security_level;
}__attribute__((packed)) km_boot_state_t;
/**
* @brief
* Data structure
* @param[in] cmd_id Requested command
* @param[in] boot_state_ofset Offset from the top of the struct.
* @param[in] boot_state_size Size of the Boot state
*
* The offset contains the following
* km_boot_state_t
**/
typedef struct _km_set_boot_state_req_t
{
uint32_t cmd_id;
uint32_t version;
uint32_t boot_state_offset;
uint32_t boot_state_size;
}__attribute__((packed)) km_set_boot_state_req_t;
/**
* @brief
* Data structure
*
* @param[out] status Status of the request
**/
typedef struct _km_set_boot_state_rsp_t
{
int status;
}__attribute__((packed)) km_set_boot_state_rsp_t;
typedef struct
{
uint32_t cmd_id;
char vbh[32];
} __attribute__ ((packed)) km_set_vbh_req_t;
typedef struct
{
int status;
} __attribute__ ((packed)) km_set_vbh_rsp_t;
#endif /* KM_MAIN_H */