You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
85 lines
2.9 KiB
85 lines
2.9 KiB
/*
|
|
* Copyright (C) 2017 The Android Open Source Project
|
|
*
|
|
* Permission is hereby granted, free of charge, to any person
|
|
* obtaining a copy of this software and associated documentation
|
|
* files (the "Software"), to deal in the Software without
|
|
* restriction, including without limitation the rights to use, copy,
|
|
* modify, merge, publish, distribute, sublicense, and/or sell copies
|
|
* of the Software, and to permit persons to whom the Software is
|
|
* furnished to do so, subject to the following conditions:
|
|
*
|
|
* The above copyright notice and this permission notice shall be
|
|
* included in all copies or substantial portions of the Software.
|
|
*
|
|
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
|
* EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
|
* MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
|
* NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
|
|
* BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
|
|
* ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
|
|
* CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
|
* SOFTWARE.
|
|
*/
|
|
|
|
#ifndef AVB_ATX_SLOT_VERIFY_H_
|
|
#define AVB_ATX_SLOT_VERIFY_H_
|
|
|
|
#include <libavb_atx/libavb_atx.h>
|
|
|
|
#ifdef __cplusplus
|
|
extern "C" {
|
|
#endif
|
|
|
|
typedef enum {
|
|
AVB_ATX_LOCKED,
|
|
AVB_ATX_UNLOCKED,
|
|
} AvbAtxLockState;
|
|
|
|
typedef enum {
|
|
AVB_ATX_SLOT_MARKED_SUCCESSFUL,
|
|
AVB_ATX_SLOT_NOT_MARKED_SUCCESSFUL,
|
|
} AvbAtxSlotState;
|
|
|
|
typedef enum {
|
|
AVB_ATX_OEM_DATA_USED,
|
|
AVB_ATX_OEM_DATA_NOT_USED,
|
|
} AvbAtxOemDataState;
|
|
|
|
/* Performs a full verification of the slot identified by |ab_suffix|. If
|
|
* |lock_state| indicates verified boot is unlocked then verification errors
|
|
* will be allowed (see AVB_SLOT_VERIFY_FLAGS_ALLOW_VERIFICATION_ERROR for more
|
|
* details.
|
|
*
|
|
* If |slot_state| indicates the slot identified by |ab_suffix| has been marked
|
|
* successful then minimum rollback index values will be bumped to match the
|
|
* values in the verified slot (on success).
|
|
*
|
|
* If |oem_data_state| indicates that OEM-specific data is not being used, then
|
|
* verification of the 'oem_bootloader' partition will be skipped and it will
|
|
* not be represented in |out_data|.
|
|
*
|
|
* The semantics of |out_data| are the same as for avb_slot_verify().
|
|
*
|
|
* On success, an Android Things |vbh_extension| is populated. This value must
|
|
* be extended into the Verified Boot Hash value accumulated from earlier boot
|
|
* stages.
|
|
*
|
|
* All of the function pointers in |ops| must be valid except for
|
|
* set_key_version, which will be ignored and may be NULL.
|
|
*/
|
|
AvbSlotVerifyResult avb_atx_slot_verify(
|
|
AvbAtxOps* ops,
|
|
const char* ab_suffix,
|
|
AvbAtxLockState lock_state,
|
|
AvbAtxSlotState slot_state,
|
|
AvbAtxOemDataState oem_data_state,
|
|
AvbSlotVerifyData** verify_data,
|
|
uint8_t vbh_extension[AVB_SHA256_DIGEST_SIZE]);
|
|
|
|
#ifdef __cplusplus
|
|
}
|
|
#endif
|
|
|
|
#endif /* AVB_SLOT_VERIFY_H_ */
|