aboutsummaryrefslogtreecommitdiff
path: root/firmware/2lib/include
diff options
context:
space:
mode:
Diffstat (limited to 'firmware/2lib/include')
-rw-r--r--firmware/2lib/include/2api.h28
-rw-r--r--firmware/2lib/include/2return_codes.h6
-rw-r--r--firmware/2lib/include/2struct.h6
-rw-r--r--firmware/2lib/include/2tpm_bootmode.h21
4 files changed, 60 insertions, 1 deletions
diff --git a/firmware/2lib/include/2api.h b/firmware/2lib/include/2api.h
index 9db5019f..69f4ddec 100644
--- a/firmware/2lib/include/2api.h
+++ b/firmware/2lib/include/2api.h
@@ -42,6 +42,9 @@
*/
#define VB2_WORKBUF_RECOMMENDED_SIZE (12 * 1024)
+/* Recommended buffer size for vb2api_get_pcr_digest */
+#define VB2_PCR_DIGEST_RECOMMENDED_SIZE 32
+
/* Flags for vb2_context.
*
* Unless otherwise noted, flags are set by verified boot and may be read (but
@@ -160,6 +163,15 @@ enum vb2_resource_index {
VB2_RES_FW_VBLOCK,
};
+/* Digest ID for vbapi_get_pcr_digest() */
+enum vb2_pcr_digest {
+ /* Digest based on current developer and recovery mode flags */
+ BOOT_MODE_PCR,
+
+ /* SHA-256 hash digest of HWID, from GBB */
+ HWID_DIGEST_PCR,
+};
+
/******************************************************************************
* APIs provided by verified boot.
*
@@ -338,6 +350,22 @@ int vb2api_extend_hash(struct vb2_context *ctx,
*/
int vb2api_check_hash(struct vb2_context *ctx);
+/**
+ * Get a PCR digest
+ *
+ * @param ctx Vboot context
+ * @param which_digest PCR index of the digest
+ * @param dest Destination where the digest is copied.
+ * Recommended size is VB2_PCR_DIGEST_RECOMMENDED_SIZE.
+ * @param dest_size IN: size of the buffer pointed by dest
+ * OUT: size of the copied digest
+ * @return VB2_SUCCESS, or error code on error
+ */
+int vb2api_get_pcr_digest(struct vb2_context *ctx,
+ enum vb2_pcr_digest which_digest,
+ uint8_t *dest,
+ uint32_t *dest_size);
+
/*****************************************************************************/
/* APIs provided by the caller to verified boot */
diff --git a/firmware/2lib/include/2return_codes.h b/firmware/2lib/include/2return_codes.h
index 53e0102b..e89897f2 100644
--- a/firmware/2lib/include/2return_codes.h
+++ b/firmware/2lib/include/2return_codes.h
@@ -423,6 +423,12 @@ enum vb2_return_code {
/* Siganature mismatch in vb2api_check_hash() */
VB2_ERROR_API_CHECK_HASH_SIG,
+ /* Invalid enum vb2_pcr_digest requested to vb2api_get_pcr_digest */
+ VB2_ERROR_API_PCR_DIGEST,
+
+ /* Buffer size for the digest is too small for vb2api_get_pcr_digest */
+ VB2_ERROR_API_PCR_DIGEST_BUF,
+
/**********************************************************************
* Errors which may be generated by implementations of vb2ex functions.
* Implementation may also return its own specific errors, which should
diff --git a/firmware/2lib/include/2struct.h b/firmware/2lib/include/2struct.h
index 5e2757b6..95cf73c7 100644
--- a/firmware/2lib/include/2struct.h
+++ b/firmware/2lib/include/2struct.h
@@ -21,6 +21,7 @@
#define VB2_KEY_BLOCK_FLAG_DEVELOPER_1 0x02 /* Developer switch on */
#define VB2_KEY_BLOCK_FLAG_RECOVERY_0 0x04 /* Not recovery mode */
#define VB2_KEY_BLOCK_FLAG_RECOVERY_1 0x08 /* Recovery mode */
+#define VB2_GBB_HWID_DIGEST_SIZE 32
/****************************************************************************/
@@ -103,6 +104,9 @@ struct vb2_shared_data {
uint32_t gbb_rootkey_offset;
uint32_t gbb_rootkey_size;
+ /* HWID digest from GBB header */
+ uint8_t gbb_hwid_digest[VB2_GBB_HWID_DIGEST_SIZE];
+
/* Offset of preamble from start of vblock */
uint32_t vblock_preamble_offset;
@@ -231,7 +235,7 @@ struct vb2_gbb_header {
uint32_t recovery_key_size;
/* Added in version 1.2 */
- uint8_t hwid_digest[32]; /* SHA-256 of HWID */
+ uint8_t hwid_digest[VB2_GBB_HWID_DIGEST_SIZE]; /* SHA-256 of HWID */
/* Pad to match EXPECETED_VB2_GBB_HEADER_SIZE. Initialize to 0. */
uint8_t pad[48];
diff --git a/firmware/2lib/include/2tpm_bootmode.h b/firmware/2lib/include/2tpm_bootmode.h
new file mode 100644
index 00000000..63f247da
--- /dev/null
+++ b/firmware/2lib/include/2tpm_bootmode.h
@@ -0,0 +1,21 @@
+/* Copyright 2015 The Chromium OS Authors. All rights reserved.
+ * Use of this source code is governed by a BSD-style license that can be
+ * found in the LICENSE file.
+ *
+ * Functions for updating the TPM state with the status of boot path.
+ */
+
+#ifndef VBOOT_REFERENCE_2TPM_BOOTMODE_H_
+#define VBOOT_REFERENCE_2TPM_BOOTMODE_H_
+
+#include "2api.h"
+
+/**
+ * Return digest indicating the boot state
+ *
+ * @param ctx Vboot context
+ * @return Pointer to sha1 digest of size VB2_SHA1_DIGEST_SIZE
+ */
+const uint8_t *vb2_get_boot_state_digest(struct vb2_context *ctx);
+
+#endif /* VBOOT_REFERENCE_2TPM_BOOTMODE_H_ */
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-14 03:08:23 +0000