Monika Singh | 5e17036 | 2018-03-14 00:48:36 +0530 | [diff] [blame] | 1 | /* Copyright (c) 2018, The Linux Foundation. All rights reserved. |
| 2 | * |
| 3 | * Redistribution and use in source and binary forms, with or without |
| 4 | * modification, are permitted provided that the following conditions are |
| 5 | * met: |
| 6 | * * Redistributions of source code must retain the above copyright |
| 7 | * notice, this list of conditions and the following disclaimer. |
| 8 | * * Redistributions in binary form must reproduce the above |
| 9 | * copyright notice, this list of conditions and the following |
| 10 | * disclaimer in the documentation and/or other materials provided |
| 11 | * with the distribution. |
| 12 | * * Neither the name of The Linux Foundation nor the names of its |
| 13 | * contributors may be used to endorse or promote products derived |
| 14 | * from this software without specific prior written permission. |
| 15 | * |
| 16 | * THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESS OR IMPLIED |
| 17 | * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF |
| 18 | * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT |
| 19 | * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS |
| 20 | * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR |
| 21 | * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF |
| 22 | * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR |
| 23 | * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, |
| 24 | * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE |
| 25 | * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN |
| 26 | * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
| 27 | */ |
| 28 | |
| 29 | #ifndef __VERIFIEDBOOT_H__ |
| 30 | #define __VERIFIEDBOOT_H__ |
| 31 | |
| 32 | #include <stdlib.h> |
| 33 | #include <stdint.h> |
| 34 | #include <string.h> |
| 35 | #include <sys/types.h> |
| 36 | #include <mmc.h> |
| 37 | #include <platform.h> |
| 38 | #include <devinfo.h> |
| 39 | #include <meta_format.h> |
| 40 | #include <boot_device.h> |
| 41 | #include <boot_verifier.h> |
| 42 | #include <target.h> |
| 43 | |
| 44 | typedef enum { |
| 45 | NO_AVB = 0, |
| 46 | AVB_1, |
| 47 | AVB_2, |
| 48 | AVB_LE |
| 49 | } avb_versions; |
| 50 | |
| 51 | #define VB_SHA256_SIZE 32 |
| 52 | #define LE_BOOTIMG_SIG_SIZE 256 |
| 53 | #define abort() ASSERT(false); |
| 54 | #define MAX_PATH_SIZE 64 |
| 55 | |
| 56 | #define EFIERR(_a) (-1 * (_a)) |
| 57 | |
| 58 | #define EFI_SUCCESS 0 |
| 59 | #define EFI_LOAD_ERROR EFIERR (1) |
| 60 | #define EFI_INVALID_PARAMETER EFIERR (2) |
| 61 | #define EFI_UNSUPPORTED EFIERR (3) |
| 62 | #define EFI_BAD_BUFFER_SIZE EFIERR (4) |
| 63 | #define EFI_BUFFER_TOO_SMALL EFIERR (5) |
| 64 | #define EFI_NOT_READY EFIERR (6) |
| 65 | #define EFI_DEVICE_ERROR EFIERR (7) |
| 66 | #define EFI_WRITE_PROTECTED EFIERR (8) |
| 67 | #define EFI_OUT_OF_RESOURCES EFIERR (9) |
| 68 | #define EFI_VOLUME_CORRUPTED EFIERR (10) |
| 69 | #define EFI_VOLUME_FULL EFIERR (11) |
| 70 | #define EFI_NO_MEDIA EFIERR (12) |
| 71 | #define EFI_MEDIA_CHANGED EFIERR (13) |
| 72 | #define EFI_NOT_FOUND EFIERR (14) |
| 73 | #define EFI_ACCESS_DENIED EFIERR (15) |
| 74 | #define EFI_NO_RESPONSE EFIERR (16) |
| 75 | #define EFI_NO_MAPPING EFIERR (17) |
| 76 | #define EFI_TIMEOUT EFIERR (18) |
| 77 | #define EFI_NOT_STARTED EFIERR (19) |
| 78 | #define EFI_ALREADY_STARTED EFIERR (20) |
| 79 | #define EFI_ABORTED EFIERR (21) |
| 80 | #define EFI_ICMP_ERROR EFIERR (22) |
| 81 | |
| 82 | #define EFI_TFTP_ERROR EFIERR (23) |
| 83 | #define EFI_PROTOCOL_ERROR EFIERR (24) |
| 84 | #define EFI_INCOMPATIBLE_VERSION EFIERR (25) |
| 85 | #define EFI_SECURITY_VIOLATION EFIERR (26) |
| 86 | #define EFI_CRC_ERROR EFIERR (27) |
| 87 | #define EFI_END_OF_MEDIA EFIERR (28) |
| 88 | #define EFI_END_OF_FILE EFIERR (31) |
| 89 | #define EFI_INVALID_LANGUAGE EFIERR (32) |
| 90 | |
| 91 | #define EFI_WARN_UNKNOWN_GLYPH EFIWARN (1) |
| 92 | #define EFI_WARN_DELETE_FAILURE EFIWARN (2) |
| 93 | #define EFI_WARN_WRITE_FAILURE EFIWARN (3) |
| 94 | #define EFI_WARN_BUFFER_TOO_SMALL EFIWARN (4) |
| 95 | |
| 96 | typedef int EFI_STATUS; |
| 97 | typedef bool BOOLEAN; |
| 98 | typedef char CHAR8; |
| 99 | typedef int16_t CHAR16; |
| 100 | typedef void VOID; |
| 101 | typedef uint8_t UINT8; |
| 102 | typedef uint16_t UINT16; |
| 103 | typedef uint32_t UINT32; |
| 104 | typedef uint64_t UINT64; |
| 105 | typedef int16_t INT16; |
| 106 | typedef int32_t INT32; |
| 107 | typedef int64_t INT64; |
lijuang | 1f8c832 | 2018-06-20 18:21:19 +0800 | [diff] [blame^] | 108 | typedef uint64_t UINTN; |
Monika Singh | 5e17036 | 2018-03-14 00:48:36 +0530 | [diff] [blame] | 109 | |
| 110 | typedef enum { |
| 111 | VB_UNDEFINED_HASH = 0, |
| 112 | VB_SHA1, |
| 113 | VB_SHA256, |
| 114 | VB_UNSUPPORTED_HASH, |
| 115 | VB_RESERVED_HASH = 0x7fffffff /* force to 32 bits */ |
| 116 | } vb_hash; |
| 117 | |
| 118 | #define GUARD(code) \ |
| 119 | do { \ |
| 120 | Status = (code); \ |
| 121 | if (Status != EFI_SUCCESS) { \ |
| 122 | dprintf(CRITICAL, "Err: line:%d %s() status: %d\n", __LINE__, \ |
| 123 | __FUNCTION__, Status); \ |
| 124 | return Status; \ |
| 125 | } \ |
| 126 | } while (0) |
| 127 | |
| 128 | #define GUARD_OUT(code) \ |
| 129 | do { \ |
| 130 | Status = (code); \ |
| 131 | if (Status != EFI_SUCCESS) { \ |
| 132 | dprintf(CRITICAL, "Err: line:%d %s() status: %d\n", __LINE__, \ |
| 133 | __FUNCTION__, Status); \ |
| 134 | goto out; \ |
| 135 | } \ |
| 136 | } while (0) |
| 137 | |
| 138 | /* forward declare bootinfo */ |
| 139 | typedef struct bootinfo bootinfo; |
| 140 | |
| 141 | BOOLEAN VerifiedBootEnabled(); |
| 142 | |
| 143 | /** |
| 144 | * @return 0 - AVB disabled |
| 145 | * 1 - VB 1.0 |
| 146 | * 2 - VB 2.0 |
| 147 | * 3 - LE VB |
| 148 | */ |
| 149 | UINT32 GetAVBVersion(); |
| 150 | |
| 151 | /** |
| 152 | * Authenticates and loads boot image in |
| 153 | * Info->Images on EFI_SUCCESS. |
| 154 | * Also provides Verified Boot command |
| 155 | * arguments (if any) in Info->vbcmdline |
| 156 | * |
| 157 | * @return EFI_STATUS |
| 158 | */ |
| 159 | int load_image_and_auth(bootinfo *Info); |
| 160 | |
| 161 | /** |
| 162 | * Free resources/memory allocated by |
| 163 | * verified boot, image_buffer, vbcmdline |
| 164 | * VBData... |
| 165 | * |
| 166 | * @return VOID |
| 167 | */ |
| 168 | void free_verified_boot_resource(bootinfo *Info); |
| 169 | |
| 170 | #endif /* __VERIFIEDBOOT_H__ */ |