include/zircon-estelle/vboot.h - u-boot - Git at Google

 /*
  * Copyright (c) 2019 The Fuchsia Authors
  *
  * SPDX-License-Identifier:	BSD-3-Clause
  */

 #ifndef _ZIRCON_VBOOT_H_
 #define _ZIRCON_VBOOT_H_

 #include <abr/abr.h>
 #include <libavb/libavb.h>
 #include <libavb_atx/libavb_atx.h>

 typedef enum {
 	AVB_ATX_LOCKED,
 	AVB_ATX_UNLOCKED,
 } AvbAtxLockState;

 typedef enum {
 	AVB_ATX_SLOT_MARKED_SUCCESSFUL,
 	AVB_ATX_SLOT_NOT_MARKED_SUCCESSFUL,
 } AvbAtxSlotState;

 /* Add extra zbi items from vbmeta into |zbi| container */
 int zircon_vboot_add_extra_zbi_items(zbi_header_t *zbi, size_t capacity);

 /**
  * Loads zircon image using A/B/R scheme.
  *
  * @loadaddr: address at which to load the Zircon image.
  * @loadsize: size of the load buffer.
  * @force_recovery: trigger a force boot into recovery (R slot).
  *
  * Return: 0 if successful, negative value on failure.
  */
 int zircon_vboot_img_load(unsigned char *loadaddr, size_t loadsize,
 			  bool force_recovery);

 /* Performs a full load + verification of the indicated slot.
  *
  * @loadaddr: address at which to load the Zircon image.
  * @loadsize: size of the load buffer.
  * @requested_partitions: partitions to verify.
  * @ab_suffix: slot suffix to load and verify.
  * @lock_state: if AVB_ATX_UNLOCKED, verification errors will be allowed (see
  *              AVB_SLOT_VERIFY_FLAGS_ALLOW_VERIFICATION_ERROR for details).
  * @slot_state: if AVB_ATX_SLOT_MARKED_SUCCESSFUL, minimum rollback index values
  *              will be bumped to match the values in the verified slot (on
  *              success).
  * @verify_data: see |out_data| for avb_slot_verify().
  */
 AvbSlotVerifyResult
 zircon_vboot_slot_verify(unsigned char *loadaddr, size_t loadsize,
 			 const char *const *requested_partitions,
 			 const char *ab_suffix, AvbAtxLockState lock_state,
 			 AvbAtxSlotState slot_state,
 			 AvbSlotVerifyData **verify_data);

 /* Get current slot to boot */
 const char *zircon_vboot_get_current_slot(void);

 /* Get slot info for |slot_number| slot.
  *
  * Returns > 0 if an error occured.
  */
 int zircon_vboot_get_slot_info(int slot_number, AbrSlotInfo *info);

 /* Set slot active */
 int zircon_vboot_set_slot_active(int slot_number);

 /* Generate unlock challenge */
 int zircon_vboot_generate_unlock_challenge(AvbAtxUnlockChallenge *out);

 /* Validate unlock credential */
 int zircon_vboot_validate_unlock_credential(AvbAtxUnlockCredential *in,
 					    bool *out_is_trusted);

 /* True if ZVB is enabled */
 bool zircon_is_vboot_enabled(void);

 /* Fills |hash| with the permanent attributes SHA256 hash. */
 AvbIOResult
 avb_read_permanent_attributes_hash(AvbAtxOps *atx_ops,
 				   uint8_t hash[AVB_SHA256_DIGEST_SIZE]);

 #if defined(CONFIG_ZIRCON_VBOOT_UNLOCK)
 /* True if ZVB unlock feature is enabled */
 bool zircon_is_vboot_unlock_enabled(void);

 /* Permanently disable ZVB unlock feature */
 int zircon_vboot_disable_vboot_unlock(void);

 /* set ZVB unlock state */
 int zircon_vboot_set_unlock(bool unlock);
 #endif /* CONFIG_ZIRCON_VBOOT_UNLOCK */

 #endif // _ZIRCON_VBOOT_H_
	/*
	* Copyright (c) 2019 The Fuchsia Authors
	*
	* SPDX-License-Identifier: BSD-3-Clause
	*/

	#ifndef _ZIRCON_VBOOT_H_
	#define _ZIRCON_VBOOT_H_

	#include <abr/abr.h>
	#include <libavb/libavb.h>
	#include <libavb_atx/libavb_atx.h>

	typedef enum {
	AVB_ATX_LOCKED,
	AVB_ATX_UNLOCKED,
	} AvbAtxLockState;

	typedef enum {
	AVB_ATX_SLOT_MARKED_SUCCESSFUL,
	AVB_ATX_SLOT_NOT_MARKED_SUCCESSFUL,
	} AvbAtxSlotState;

	/* Add extra zbi items from vbmeta into \|zbi\| container */
	int zircon_vboot_add_extra_zbi_items(zbi_header_t *zbi, size_t capacity);

	/**
	* Loads zircon image using A/B/R scheme.
	*
	* @loadaddr: address at which to load the Zircon image.
	* @loadsize: size of the load buffer.
	* @force_recovery: trigger a force boot into recovery (R slot).
	*
	* Return: 0 if successful, negative value on failure.
	*/
	int zircon_vboot_img_load(unsigned char *loadaddr, size_t loadsize,
	bool force_recovery);

	/* Performs a full load + verification of the indicated slot.
	*
	* @loadaddr: address at which to load the Zircon image.
	* @loadsize: size of the load buffer.
	* @requested_partitions: partitions to verify.
	* @ab_suffix: slot suffix to load and verify.
	* @lock_state: if AVB_ATX_UNLOCKED, verification errors will be allowed (see
	* AVB_SLOT_VERIFY_FLAGS_ALLOW_VERIFICATION_ERROR for details).
	* @slot_state: if AVB_ATX_SLOT_MARKED_SUCCESSFUL, minimum rollback index values
	* will be bumped to match the values in the verified slot (on
	* success).
	* @verify_data: see \|out_data\| for avb_slot_verify().
	*/
	AvbSlotVerifyResult
	zircon_vboot_slot_verify(unsigned char *loadaddr, size_t loadsize,
	const char const requested_partitions,
	const char *ab_suffix, AvbAtxLockState lock_state,
	AvbAtxSlotState slot_state,
	AvbSlotVerifyData **verify_data);

	/* Get current slot to boot */
	const char *zircon_vboot_get_current_slot(void);

	/* Get slot info for \|slot_number\| slot.
	*
	* Returns > 0 if an error occured.
	*/
	int zircon_vboot_get_slot_info(int slot_number, AbrSlotInfo *info);

	/* Set slot active */
	int zircon_vboot_set_slot_active(int slot_number);

	/* Generate unlock challenge */
	int zircon_vboot_generate_unlock_challenge(AvbAtxUnlockChallenge *out);

	/* Validate unlock credential */
	int zircon_vboot_validate_unlock_credential(AvbAtxUnlockCredential *in,
	bool *out_is_trusted);

	/* True if ZVB is enabled */
	bool zircon_is_vboot_enabled(void);

	/* Fills \|hash\| with the permanent attributes SHA256 hash. */
	AvbIOResult
	avb_read_permanent_attributes_hash(AvbAtxOps *atx_ops,
	uint8_t hash[AVB_SHA256_DIGEST_SIZE]);

	#if defined(CONFIG_ZIRCON_VBOOT_UNLOCK)
	/* True if ZVB unlock feature is enabled */
	bool zircon_is_vboot_unlock_enabled(void);

	/* Permanently disable ZVB unlock feature */
	int zircon_vboot_disable_vboot_unlock(void);

	/* set ZVB unlock state */
	int zircon_vboot_set_unlock(bool unlock);
	#endif /* CONFIG_ZIRCON_VBOOT_UNLOCK */

	#endif // _ZIRCON_VBOOT_H_