/* * Copyright (C) 2016 The Android Open Source Project * * Permission is hereby granted, free of charge, to any person * obtaining a copy of this software and associated documentation * files (the "Software"), to deal in the Software without * restriction, including without limitation the rights to use, copy, * modify, merge, publish, distribute, sublicense, and/or sell copies * of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: * * The above copyright notice and this permission notice shall be * included in all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE * SOFTWARE. */ #ifndef TRUSTY_AVB_H_ #define TRUSTY_AVB_H_ #include #include #include /* * Initialize AVB TIPC client. Returns one of trusty_err. * * @dev: initialized with trusty_ipc_dev_create */ int avb_tipc_init(struct trusty_ipc_dev *dev); /* * Shutdown AVB TIPC client. * * @dev: initialized with trusty_ipc_dev_create */ void avb_tipc_shutdown(struct trusty_ipc_dev *dev); /* * Send request to secure side to read rollback index. * Returns one of trusty_err. * * @slot: rollback index slot * @value: rollback index value stored here */ int trusty_read_rollback_index(uint32_t slot, uint64_t *value); /* * Send request to secure side to write rollback index * Returns one of trusty_err. * * @slot: rollback index slot * @value: rollback index value to write */ int trusty_write_rollback_index(uint32_t slot, uint64_t value); /* * Send request to secure side to read permanent attributes. When permanent * attributes are stored in RPMB, a hash of the permanent attributes which is * given to AVB during verification MUST still be backed by write-once hardware. * * Copies attributes received by secure side to |attributes|. If |size| does not * match the size returned by the secure side, an error is returned. Returns one * of trusty_err. * * @attributes: caller allocated buffer * @size: size of |attributes| */ int trusty_read_permanent_attributes(uint8_t *attributes, uint32_t size); /* * Send request to secure side to write permanent attributes. Permanent * attributes can only be written to storage once. * * Returns one of trusty_err. */ int trusty_write_permanent_attributes(uint8_t *attributes, uint32_t size); /* * Send request to secure side to read vbmeta public key. * * Copies public key received by secure side to |publickey|. If |size| does not * match the size returned by the secure side, an error is returned. Returns one * of trusty_err. * * @publickey: caller allocated buffer * @size: size of |publickey| */ int trusty_read_vbmeta_public_key(uint8_t *publickey, uint32_t size); /* * Send request to secure side to write vbmeta public key. Public key * can only be written to storage once. * * Returns one of trusty_err. */ int trusty_write_vbmeta_public_key(uint8_t *publickey, uint32_t size); /* * Send request to secure side to read device lock state from RPMB. * * Returns one of trusty_err. */ int trusty_read_lock_state(uint8_t *lock_state); /* * Send request to secure side to write device lock state to RPMB. If the lock * state is changed, all rollback index data will be cleared. * * Returns one of trusty_err. */ int trusty_write_lock_state(uint8_t lock_state); /* * Send request to secure side to lock the boot state. After this is invoked, * the non-secure side will not be able to write to data managed by the AVB * service until next boot. * * Returns one of trusty_err. */ int trusty_lock_boot_state(void); #endif /* TRUSTY_AVB_H_ */