From 00f16f9754f59984bbbba52eb42de525ca994971 Mon Sep 17 00:00:00 2001 From: Winter Wang Date: Wed, 23 Nov 2016 17:01:22 +0800 Subject: libavb: fsl: use fsl_avb.h as top level header google split A/B metadata management and slot verify to 2 libs, move fsl_avb on top of them to use libavb/libavb_ab. Change-Id: I02518d12208ec0df7f63f1da74684b6da5473aec Signed-off-by: Winter Wang --- include/fsl_avb.h | 174 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 174 insertions(+) create mode 100644 include/fsl_avb.h (limited to 'include/fsl_avb.h') diff --git a/include/fsl_avb.h b/include/fsl_avb.h new file mode 100644 index 0000000..bcd2536 --- /dev/null +++ b/include/fsl_avb.h @@ -0,0 +1,174 @@ +/* + * Copyright (C) 2016 Freescale Semiconductor, Inc. + * + * SPDX-License-Identifier: GPL-2.0+ + */ + +#ifndef __FSL_AVB_H__ +#define __FSL_AVB_H__ + +#include "../lib/avb/libavb_ab/libavb_ab.h" +/* Reads |num_bytes| from offset |offset| from partition with name + * |partition| (NUL-terminated UTF-8 string). If |offset| is + * negative, its absolute value should be interpreted as the number + * of bytes from the end of the partition. + * + * This function returns AVB_IO_RESULT_ERROR_NO_SUCH_PARTITION if + * there is no partition with the given name, + * AVB_IO_RESULT_ERROR_RANGE_OUTSIDE_PARTITION if the requested + * |offset| is outside the partition, and AVB_IO_RESULT_ERROR_IO if + * there was an I/O error from the underlying I/O subsystem. If the + * operation succeeds as requested AVB_IO_RESULT_OK is returned and + * the data is available in |buffer|. + * + * The only time partial I/O may occur is if reading beyond the end + * of the partition. In this case the value returned in + * |out_num_read| may be smaller than |num_bytes|. + */ +AvbIOResult fsl_read_from_partition(AvbOps* ops, const char* partition, + int64_t offset, size_t num_bytes, + void* buffer, size_t* out_num_read); + +/* multi block read version + * */ +AvbIOResult fsl_read_from_partition_multi(AvbOps* ops, const char* partition, + int64_t offset, size_t num_bytes, + void* buffer, size_t* out_num_read); + +/* Writes |num_bytes| from |bffer| at offset |offset| to partition + * with name |partition| (NUL-terminated UTF-8 string). If |offset| + * is negative, its absolute value should be interpreted as the + * number of bytes from the end of the partition. + * + * This function returns AVB_IO_RESULT_ERROR_NO_SUCH_PARTITION if + * there is no partition with the given name, + * AVB_IO_RESULT_ERROR_RANGE_OUTSIDE_PARTITION if the requested + * byterange goes outside the partition, and AVB_IO_RESULT_ERROR_IO + * if there was an I/O error from the underlying I/O subsystem. If + * the operation succeeds as requested AVB_IO_RESULT_OK is + * returned. + * + * This function never does any partial I/O, it either transfers all + * of the requested bytes or returns an error. + */ +AvbIOResult fsl_write_to_partition(AvbOps* ops, const char* partition, + int64_t offset, size_t num_bytes, + const void* buffer); + +/* Reads A/B metadata from persistent storage. Returned data is + * properly byteswapped. Returns AVB_IO_RESULT_OK on success, error + * code otherwise. + * + * If the data read is invalid (e.g. wrong magic or CRC checksum + * failure), the metadata shoule be reset using avb_ab_data_init() + * and then written to persistent storage. + * + * Implementations will typically want to use avb_ab_data_read() + * here to use the 'misc' partition for persistent storage. + */ +AvbIOResult fsl_read_ab_metadata(AvbABOps* ab_ops, struct AvbABData* data); + +/* Writes A/B metadata to persistent storage. This will byteswap and + * update the CRC as needed. Returns AVB_IO_RESULT_OK on success, + * error code otherwise. + * + * Implementations will typically want to use avb_ab_data_write() + * here to use the 'misc' partition for persistent storage. + */ +AvbIOResult fsl_write_ab_metadata(AvbABOps* ab_ops, const struct AvbABData* data); + +/* Checks if the given public key used to sign the 'vbmeta' + * partition is trusted. Boot loaders typically compare this with + * embedded key material generated with 'avbtool + * extract_public_key'. + * + * If AVB_IO_RESULT_OK is returned then |out_is_trusted| is set - + * true if trusted or false if untrusted. + */ +AvbIOResult fsl_validate_vbmeta_public_key(AvbOps* ops, + const uint8_t* public_key_data, + size_t public_key_length, + bool* out_is_trusted); + +/* Gets the rollback index corresponding to the slot given by + * |rollback_index_slot|. The value is returned in + * |out_rollback_index|. Returns AVB_IO_RESULT_OK if the rollback + * index was retrieved, otherwise an error code. + * + * A device may have a limited amount of rollback index slots (say, + * one or four) so may error out if |rollback_index_slot| exceeds + * this number. + */ +AvbIOResult fsl_read_rollback_index(AvbOps* ops, size_t rollback_index_slot, + uint64_t* out_rollback_index); + +/* Sets the rollback index corresponding to the slot given by + * |rollback_index_slot| to |rollback_index|. Returns + * AVB_IO_RESULT_OK if the rollback index was set, otherwise an + * error code. + * + * A device may have a limited amount of rollback index slots (say, + * one or four) so may error out if |rollback_index_slot| exceeds + * this number. + */ +AvbIOResult fsl_write_rollback_index(AvbOps* ops, size_t rollback_index_slot, + uint64_t rollback_index); + +/* Gets whether the device is unlocked. The value is returned in + * |out_is_unlocked| (true if unlocked, false otherwise). Returns + * AVB_IO_RESULT_OK if the state was retrieved, otherwise an error + * code. + */ +AvbIOResult fsl_read_is_device_unlocked(AvbOps* ops, bool* out_is_unlocked); + +/* Gets the unique partition GUID for a partition with name in + * |partition| (NUL-terminated UTF-8 string). The GUID is copied as + * a string into |guid_buf| of size |guid_buf_size| and will be NUL + * terminated. The string must be lower-case and properly + * hyphenated. For example: + * + * 527c1c6d-6361-4593-8842-3c78fcd39219 + * + * Returns AVB_IO_RESULT_OK on success, otherwise an error code. + */ +AvbIOResult fsl_get_unique_guid_for_partition(AvbOps* ops, + const char* partition, + char* guid_buf, + size_t guid_buf_size); + +/* check if the fastboot getvar cmd is for query [avb] bootctl's slot var + * cmd is the fastboot getvar's cmd in + * return true if it is a bootctl related cmd, false if it's not. + * */ +bool is_slotvar_avb(char *cmd); + +/* return 0 for the first slot + * return 1 for the second slot + * return -1 for not supported slot + * */ +int slotidx_from_suffix(char *suffix); + +/* return fastboot's getvar cmd response + * cmd is the fastboot getvar's cmd in + * if return 0, buffer is bootctl's slot var out + * if return -1, buffer is error string + * */ +int get_slotvar_avb(AvbABOps *ab_ops, char *cmd, char *buffer, size_t size); + +/* reset rollback_index part in avbkey partition + * used in the switch from LOCK to UNLOCK + * return 0 if success, non 0 if fail. + * */ +int rbkidx_erase(const char * kblb_part); + +/* init the avbkey partition, include the header/public key/rollback index + * for public key/rollback index part, use caam to do encrypt + * return 0 if success, non 0 if fail. + * */ +int avbkeyblb_init(uint8_t *plainkey, uint32_t keylen, const char *kblb_part /*"avbkey"*/); + +/* read a/b metadata to get curr slot + * return slot suffix '_a'/'_b' or NULL */ +char *select_slot(AvbABOps *ab_ops); + +#endif /* __FSL_AVB_H__ */ -- cgit v1.1