| /* |
| * Copyright (C) 2017 The Android Open Source Project |
| * |
| * Licensed under the Apache License, Version 2.0 (the "License"); |
| * you may not use this file except in compliance with the License. |
| * You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, software |
| * distributed under the License is distributed on an "AS IS" BASIS, |
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| * See the License for the specific language governing permissions and |
| * limitations under the License. |
| */ |
| |
| syntax = "proto3"; |
| |
| package nugget.app.avb; |
| |
| import "nugget/protobuf/options.proto"; |
| |
| service Avb { |
| option (nugget.protobuf.app_id) = "AVB"; |
| option (nugget.protobuf.app_name) = "Android Verified Boot"; |
| option (nugget.protobuf.app_version) = 1; |
| option (nugget.protobuf.request_buffer_size) = 2200; |
| option (nugget.protobuf.response_buffer_size) = 128; |
| |
| rpc GetState (GetStateRequest) returns (GetStateResponse); |
| rpc Load (LoadRequest) returns (LoadResponse); |
| rpc Store (StoreRequest) returns (StoreResponse); |
| rpc GetLock (GetLockRequest) returns (GetLockResponse); |
| rpc SetLock (SetLockRequest) returns (SetLockResponse); |
| rpc SetProduction (SetProductionRequest) returns (SetProductionResponse); |
| rpc CarrierLockTest (CarrierLockTestRequest) returns (CarrierLockTestResponse); |
| rpc Reset (ResetRequest) returns (ResetResponse); |
| } |
| |
| enum LockIndex { |
| CARRIER = 0; |
| DEVICE = 1; |
| BOOT = 2; |
| OWNER = 3; |
| } |
| |
| |
| // GetState |
| message GetStateRequest {} |
| message GetStateResponse { |
| uint64 version = 1; |
| bool bootloader = 2; |
| bool production = 3; |
| uint32 number_of_locks = 4; |
| bytes locks = 5; |
| } |
| |
| // Load |
| message LoadRequest { |
| uint32 slot = 1; |
| } |
| message LoadResponse { |
| uint64 version = 1; |
| } |
| |
| // Store |
| message StoreRequest { |
| uint32 slot = 1; |
| uint64 version = 2; |
| } |
| message StoreResponse {} |
| |
| // GetLock |
| message GetLockRequest { |
| LockIndex lock = 1; |
| } |
| message GetLockResponse { |
| bool locked = 1; |
| } |
| |
| // SetLock |
| // TODO: this might be better if split into separate RPCs as some locks have |
| // different characteristics and specific metadata that could be encoded in this |
| // protocol. Especially as each lock is handled as a separate case. |
| message CarrierUnlock { |
| uint64 version = 1; |
| uint64 nonce = 2; |
| bytes signature = 3; |
| } |
| |
| message SetLockRequest { |
| message CarrierLock { |
| bytes device_data = 1; // TODO: does this have any structure |
| } |
| |
| LockIndex lock = 1; |
| bool locked = 2; |
| oneof metadata { |
| CarrierUnlock carrier_unlock = 3; |
| CarrierLock carrier_lock = 4; |
| } |
| } |
| message SetLockResponse {} |
| |
| // SetProduction |
| message SetProductionRequest { |
| bool production = 1; |
| } |
| message SetProductionResponse {} |
| |
| // CarrierLockTest |
| message CarrierLockTestRequest { |
| uint64 last_nonce = 1; |
| uint64 version = 2; |
| bytes device_data = 3; |
| CarrierUnlock token = 4; |
| } |
| |
| message CarrierLockTestResponse {} |
| |
| // Reset |
| message ResetRequest { |
| enum ResetKind { |
| FACTORY = 0; |
| LOCKS = 1; |
| } |
| |
| ResetKind kind = 1; |
| } |
| message ResetResponse {} |