vboot_nvstorage.h revision b64f097891e697eaf3b2794baae934f8b4d82d14
1a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler/* Copyright (c) 2013 The Chromium OS Authors. All rights reserved. 2b944534edd3799b3353f73bcb8ee90161d640c2bRandall Spangler * Use of this source code is governed by a BSD-style license that can be 3b944534edd3799b3353f73bcb8ee90161d640c2bRandall Spangler * found in the LICENSE file. 4b944534edd3799b3353f73bcb8ee90161d640c2bRandall Spangler */ 5b944534edd3799b3353f73bcb8ee90161d640c2bRandall Spangler 6a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler/* Non-volatile storage routines for verified boot. */ 7b944534edd3799b3353f73bcb8ee90161d640c2bRandall Spangler 8b944534edd3799b3353f73bcb8ee90161d640c2bRandall Spangler#ifndef VBOOT_REFERENCE_NVSTORAGE_H_ 9b944534edd3799b3353f73bcb8ee90161d640c2bRandall Spangler#define VBOOT_REFERENCE_NVSTORAGE_H_ 100c3ba249abb1dc60f5ebabccf84ff13206440b83Bill Richardson#include <stdint.h> 11b944534edd3799b3353f73bcb8ee90161d640c2bRandall Spangler 129e162cdaa7433dff01d3e47ba3a47cb8b39ff3a1Randall Spangler#define VBNV_BLOCK_SIZE 16 /* Size of NV storage block in bytes */ 13b944534edd3799b3353f73bcb8ee90161d640c2bRandall Spangler 14b944534edd3799b3353f73bcb8ee90161d640c2bRandall Spanglertypedef struct VbNvContext { 15a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler /* Raw NV data. Caller must fill this before calling VbNvSetup(). */ 16a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler uint8_t raw[VBNV_BLOCK_SIZE]; 17a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler /* 18a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler * Flag indicating whether raw data has changed. Set by VbNvTeardown() 19a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler * if the raw data has changed and needs to be stored to the underlying 20a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler * non-volatile data store. 21a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler */ 22a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler int raw_changed; 23b944534edd3799b3353f73bcb8ee90161d640c2bRandall Spangler 24a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler /* 25a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler * Internal data for NV storage routines. Caller should not touch 26a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler * these fields. 27a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler */ 28a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler int regenerate_crc; 29b944534edd3799b3353f73bcb8ee90161d640c2bRandall Spangler} VbNvContext; 30b944534edd3799b3353f73bcb8ee90161d640c2bRandall Spangler 31b944534edd3799b3353f73bcb8ee90161d640c2bRandall Spangler/* Parameter type for VbNvGet(), VbNvSet(). */ 32b944534edd3799b3353f73bcb8ee90161d640c2bRandall Spanglertypedef enum VbNvParam { 33a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler /* 34a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler * Parameter values have been reset to defaults (flag for firmware). 35a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler * 0=clear; 1=set. 36a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler */ 37a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler VBNV_FIRMWARE_SETTINGS_RESET = 0, 38a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler /* 39a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler * Parameter values have been reset to defaults (flag for kernel). 40a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler * 0=clear; 1=set. 41a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler */ 42a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler VBNV_KERNEL_SETTINGS_RESET, 43a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler /* Request debug reset on next S3->S0 transition. 0=clear; 1=set. */ 44a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler VBNV_DEBUG_RESET_MODE, 45a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler /* 46a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler * Number of times to try booting RW firmware slot B before slot A. 47a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler * Valid range: 0-15. 48a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler */ 49a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler VBNV_TRY_B_COUNT, 50a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler /* 51a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler * Request recovery mode on next boot; see VBNB_RECOVERY_* below for 52a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler * currently defined reason codes. 8-bit value. 53a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler */ 54a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler VBNV_RECOVERY_REQUEST, 55a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler /* 56a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler * Localization index for screen bitmaps displayed by firmware. 57a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler * 8-bit value. 58a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler */ 59a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler VBNV_LOCALIZATION_INDEX, 60a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler /* Field reserved for kernel/user-mode use; 32-bit value. */ 61a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler VBNV_KERNEL_FIELD, 62a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler /* Allow booting from USB in developer mode. 0=no, 1=yes. */ 63a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler VBNV_DEV_BOOT_USB, 64a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler /* Allow booting of legacy OSes in developer mode. 0=no, 1=yes. */ 65a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler VBNV_DEV_BOOT_LEGACY, 66a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler /* Only boot Google-signed images in developer mode. 0=no, 1=yes. */ 67a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler VBNV_DEV_BOOT_SIGNED_ONLY, 68a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler /* 69a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler * Set by userspace to request that RO firmware disable dev-mode on the 70a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler * next boot. This is likely only possible if the dev-switch is 71a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler * virtual. 72a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler */ 73a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler VBNV_DISABLE_DEV_REQUEST, 74a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler /* 75a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler * Set and cleared by vboot to request that the video Option ROM be 76a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler * loaded at boot time, so that BIOS screens can be displayed. 0=no, 77a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler * 1=yes. 78a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler */ 79a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler VBNV_OPROM_NEEDED, 80a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler /* Request that the firmware clear the TPM owner on the next boot. */ 81a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler VBNV_CLEAR_TPM_OWNER_REQUEST, 82a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler /* Flag that TPM owner was cleared on request. */ 83a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler VBNV_CLEAR_TPM_OWNER_DONE, 84a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler /* More details on recovery reason */ 85a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler VBNV_RECOVERY_SUBCODE, 86b64f097891e697eaf3b2794baae934f8b4d82d14Bill Richardson /* Request that NVRAM be backed up at next boot if possible. */ 87b64f097891e697eaf3b2794baae934f8b4d82d14Bill Richardson VBNV_BACKUP_NVRAM_REQUEST, 88b944534edd3799b3353f73bcb8ee90161d640c2bRandall Spangler} VbNvParam; 89b944534edd3799b3353f73bcb8ee90161d640c2bRandall Spangler 909e162cdaa7433dff01d3e47ba3a47cb8b39ff3a1Randall Spangler/* Recovery reason codes for VBNV_RECOVERY_REQUEST */ 919e162cdaa7433dff01d3e47ba3a47cb8b39ff3a1Randall Spangler/* Recovery not requested. */ 929e162cdaa7433dff01d3e47ba3a47cb8b39ff3a1Randall Spangler#define VBNV_RECOVERY_NOT_REQUESTED 0x00 93a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler/* 94a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler * Recovery requested from legacy utility. (Prior to the NV storage spec, 95a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler * recovery mode was a single bitfield; this value is reserved so that scripts 96a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler * which wrote 1 to the recovery field are distinguishable from scripts whch 97a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler * use the recovery reasons listed here. 98a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler */ 999e162cdaa7433dff01d3e47ba3a47cb8b39ff3a1Randall Spangler#define VBNV_RECOVERY_LEGACY 0x01 1009e162cdaa7433dff01d3e47ba3a47cb8b39ff3a1Randall Spangler/* User manually requested recovery via recovery button */ 1019e162cdaa7433dff01d3e47ba3a47cb8b39ff3a1Randall Spangler#define VBNV_RECOVERY_RO_MANUAL 0x02 1029e162cdaa7433dff01d3e47ba3a47cb8b39ff3a1Randall Spangler/* RW firmware failed signature check (neither RW firmware slot was valid) */ 1039e162cdaa7433dff01d3e47ba3a47cb8b39ff3a1Randall Spangler#define VBNV_RECOVERY_RO_INVALID_RW 0x03 1049e162cdaa7433dff01d3e47ba3a47cb8b39ff3a1Randall Spangler/* S3 resume failed */ 1059e162cdaa7433dff01d3e47ba3a47cb8b39ff3a1Randall Spangler#define VBNV_RECOVERY_RO_S3_RESUME 0x04 106640b1c420748049c796b3f9d59406e38ff8f4774Bill Richardson/* TPM error in read-only firmware (deprecated) */ 107640b1c420748049c796b3f9d59406e38ff8f4774Bill Richardson#define VBNV_RECOVERY_DEP_RO_TPM_ERROR 0x05 10895c4031ce903258036beeed0705d25c7e9d25da0Randall Spangler/* Shared data error in read-only firmware */ 10995c4031ce903258036beeed0705d25c7e9d25da0Randall Spangler#define VBNV_RECOVERY_RO_SHARED_DATA 0x06 110b17e8d353c50d46f0e5f29578f6294003692ea1dRandall Spangler/* Test error from S3Resume() */ 111b17e8d353c50d46f0e5f29578f6294003692ea1dRandall Spangler#define VBNV_RECOVERY_RO_TEST_S3 0x07 112b17e8d353c50d46f0e5f29578f6294003692ea1dRandall Spangler/* Test error from LoadFirmwareSetup() */ 113b17e8d353c50d46f0e5f29578f6294003692ea1dRandall Spangler#define VBNV_RECOVERY_RO_TEST_LFS 0x08 114b17e8d353c50d46f0e5f29578f6294003692ea1dRandall Spangler/* Test error from LoadFirmware() */ 115b17e8d353c50d46f0e5f29578f6294003692ea1dRandall Spangler#define VBNV_RECOVERY_RO_TEST_LF 0x09 116a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler/* 117a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler * RW firmware failed signature check (neither RW firmware slot was valid). 1189243e616d727c3e57525f8dec2b5f22840900451Randall Spangler * Recovery reason is VBNV_RECOVERY_RO_INVALID_RW_CHECK_MIN + the check value 1199243e616d727c3e57525f8dec2b5f22840900451Randall Spangler * for the slot which came closest to validating; see VBSD_LF_CHECK_* in 120a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler * vboot_struct.h. 121a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler */ 1229243e616d727c3e57525f8dec2b5f22840900451Randall Spangler#define VBNV_RECOVERY_RO_INVALID_RW_CHECK_MIN 0x10 1239243e616d727c3e57525f8dec2b5f22840900451Randall Spangler#define VBNV_RECOVERY_RO_INVALID_RW_CHECK_MAX 0x1F 124a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler/* 125a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler * Firmware boot failure outside of verified boot (RAM init, missing SSD, 126a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler * etc.). 127a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler */ 1289619112a574b975476667545e3a326052fa0c50bRandall Spangler#define VBNV_RECOVERY_RO_FIRMWARE 0x20 129a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler/* 130a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler * Recovery mode TPM initialization requires a system reboot. The system was 131a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler * already in recovery mode for some other reason when this happened. 132a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler */ 133ad03a439bc97523e03d19aa1dcd568744d60889cRandall Spangler#define VBNV_RECOVERY_RO_TPM_REBOOT 0x21 134584e0d2070aca1a5e091442cb9bad0726451ad95Randall Spangler/* EC software sync - other error */ 135d4faa060cc6445cf532e3f9c9cd785e0726f1b82Randall Spangler#define VBNV_RECOVERY_EC_SOFTWARE_SYNC 0x22 136584e0d2070aca1a5e091442cb9bad0726451ad95Randall Spangler/* EC software sync - unable to determine active EC image */ 137d4faa060cc6445cf532e3f9c9cd785e0726f1b82Randall Spangler#define VBNV_RECOVERY_EC_UNKNOWN_IMAGE 0x23 138640b1c420748049c796b3f9d59406e38ff8f4774Bill Richardson/* EC software sync - error obtaining EC image hash (deprecated) */ 139640b1c420748049c796b3f9d59406e38ff8f4774Bill Richardson#define VBNV_RECOVERY_DEP_EC_HASH 0x24 140584e0d2070aca1a5e091442cb9bad0726451ad95Randall Spangler/* EC software sync - error obtaining expected EC image */ 141584e0d2070aca1a5e091442cb9bad0726451ad95Randall Spangler#define VBNV_RECOVERY_EC_EXPECTED_IMAGE 0x25 142584e0d2070aca1a5e091442cb9bad0726451ad95Randall Spangler/* EC software sync - error updating EC */ 143584e0d2070aca1a5e091442cb9bad0726451ad95Randall Spangler#define VBNV_RECOVERY_EC_UPDATE 0x26 144584e0d2070aca1a5e091442cb9bad0726451ad95Randall Spangler/* EC software sync - unable to jump to EC-RW */ 145584e0d2070aca1a5e091442cb9bad0726451ad95Randall Spangler#define VBNV_RECOVERY_EC_JUMP_RW 0x27 146584e0d2070aca1a5e091442cb9bad0726451ad95Randall Spangler/* EC software sync - unable to protect / unprotect EC-RW */ 147584e0d2070aca1a5e091442cb9bad0726451ad95Randall Spangler#define VBNV_RECOVERY_EC_PROTECT 0x28 1485ca4ea087a3d67c2a639e8b9254f51f076bf85faRandall Spangler/* EC software sync - error obtaining expected EC hash */ 1495ca4ea087a3d67c2a639e8b9254f51f076bf85faRandall Spangler#define VBNV_RECOVERY_EC_EXPECTED_HASH 0x29 1505ca4ea087a3d67c2a639e8b9254f51f076bf85faRandall Spangler/* EC software sync - expected EC image doesn't match hash */ 1515ca4ea087a3d67c2a639e8b9254f51f076bf85faRandall Spangler#define VBNV_RECOVERY_EC_HASH_MISMATCH 0x2A 1529e162cdaa7433dff01d3e47ba3a47cb8b39ff3a1Randall Spangler/* Unspecified/unknown error in read-only firmware */ 1539e162cdaa7433dff01d3e47ba3a47cb8b39ff3a1Randall Spangler#define VBNV_RECOVERY_RO_UNSPECIFIED 0x3F 154a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler/* 155a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler * User manually requested recovery by pressing a key at developer 156a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler * warning screen 157a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler */ 1589e162cdaa7433dff01d3e47ba3a47cb8b39ff3a1Randall Spangler#define VBNV_RECOVERY_RW_DEV_SCREEN 0x41 1599e162cdaa7433dff01d3e47ba3a47cb8b39ff3a1Randall Spangler/* No OS kernel detected */ 1609e162cdaa7433dff01d3e47ba3a47cb8b39ff3a1Randall Spangler#define VBNV_RECOVERY_RW_NO_OS 0x42 1619e162cdaa7433dff01d3e47ba3a47cb8b39ff3a1Randall Spangler/* OS kernel failed signature check */ 1629e162cdaa7433dff01d3e47ba3a47cb8b39ff3a1Randall Spangler#define VBNV_RECOVERY_RW_INVALID_OS 0x43 163640b1c420748049c796b3f9d59406e38ff8f4774Bill Richardson/* TPM error in rewritable firmware (deprecated) */ 164640b1c420748049c796b3f9d59406e38ff8f4774Bill Richardson#define VBNV_RECOVERY_DEP_RW_TPM_ERROR 0x44 165640fb51d866e7ac8a92f61a2f69145bfe6b13699Randall Spangler/* RW firmware in dev mode, but dev switch is off */ 166640fb51d866e7ac8a92f61a2f69145bfe6b13699Randall Spangler#define VBNV_RECOVERY_RW_DEV_MISMATCH 0x45 16795c4031ce903258036beeed0705d25c7e9d25da0Randall Spangler/* Shared data error in rewritable firmware */ 16895c4031ce903258036beeed0705d25c7e9d25da0Randall Spangler#define VBNV_RECOVERY_RW_SHARED_DATA 0x46 169b17e8d353c50d46f0e5f29578f6294003692ea1dRandall Spangler/* Test error from LoadKernel() */ 170b17e8d353c50d46f0e5f29578f6294003692ea1dRandall Spangler#define VBNV_RECOVERY_RW_TEST_LK 0x47 171640b1c420748049c796b3f9d59406e38ff8f4774Bill Richardson/* No bootable disk found (deprecated)*/ 172640b1c420748049c796b3f9d59406e38ff8f4774Bill Richardson#define VBNV_RECOVERY_DEP_RW_NO_DISK 0x48 173d2852eabf6da8bd36ba898c9b375f0480fab02d2Luigi Semenzato/* Rebooting did not correct TPM_E_FAIL or TPM_E_FAILEDSELFTEST */ 174d2852eabf6da8bd36ba898c9b375f0480fab02d2Luigi Semenzato#define VBNV_RECOVERY_TPM_E_FAIL 0x49 175640b1c420748049c796b3f9d59406e38ff8f4774Bill Richardson/* TPM setup error in read-only firmware */ 176640b1c420748049c796b3f9d59406e38ff8f4774Bill Richardson#define VBNV_RECOVERY_RO_TPM_S_ERROR 0x50 177640b1c420748049c796b3f9d59406e38ff8f4774Bill Richardson/* TPM write error in read-only firmware */ 178640b1c420748049c796b3f9d59406e38ff8f4774Bill Richardson#define VBNV_RECOVERY_RO_TPM_W_ERROR 0x51 179640b1c420748049c796b3f9d59406e38ff8f4774Bill Richardson/* TPM lock error in read-only firmware */ 180640b1c420748049c796b3f9d59406e38ff8f4774Bill Richardson#define VBNV_RECOVERY_RO_TPM_L_ERROR 0x52 181640b1c420748049c796b3f9d59406e38ff8f4774Bill Richardson/* TPM update error in read-only firmware */ 182640b1c420748049c796b3f9d59406e38ff8f4774Bill Richardson#define VBNV_RECOVERY_RO_TPM_U_ERROR 0x53 183640b1c420748049c796b3f9d59406e38ff8f4774Bill Richardson/* TPM read error in rewritable firmware */ 184640b1c420748049c796b3f9d59406e38ff8f4774Bill Richardson#define VBNV_RECOVERY_RW_TPM_R_ERROR 0x54 185640b1c420748049c796b3f9d59406e38ff8f4774Bill Richardson/* TPM write error in rewritable firmware */ 186640b1c420748049c796b3f9d59406e38ff8f4774Bill Richardson#define VBNV_RECOVERY_RW_TPM_W_ERROR 0x55 187640b1c420748049c796b3f9d59406e38ff8f4774Bill Richardson/* TPM lock error in rewritable firmware */ 188640b1c420748049c796b3f9d59406e38ff8f4774Bill Richardson#define VBNV_RECOVERY_RW_TPM_L_ERROR 0x56 189640b1c420748049c796b3f9d59406e38ff8f4774Bill Richardson/* EC software sync unable to get EC image hash */ 190640b1c420748049c796b3f9d59406e38ff8f4774Bill Richardson#define VBNV_RECOVERY_EC_HASH_FAILED 0x57 191640b1c420748049c796b3f9d59406e38ff8f4774Bill Richardson/* EC software sync invalid image hash size */ 192640b1c420748049c796b3f9d59406e38ff8f4774Bill Richardson#define VBNV_RECOVERY_EC_HASH_SIZE 0x58 193640b1c420748049c796b3f9d59406e38ff8f4774Bill Richardson/* Unspecified error while trying to load kernel */ 194640b1c420748049c796b3f9d59406e38ff8f4774Bill Richardson#define VBNV_RECOVERY_LK_UNSPECIFIED 0x59 195640b1c420748049c796b3f9d59406e38ff8f4774Bill Richardson/* No bootable storage device in system */ 196640b1c420748049c796b3f9d59406e38ff8f4774Bill Richardson#define VBNV_RECOVERY_RW_NO_DISK 0x5A 197640b1c420748049c796b3f9d59406e38ff8f4774Bill Richardson/* No bootable kernel found on disk */ 198640b1c420748049c796b3f9d59406e38ff8f4774Bill Richardson#define VBNV_RECOVERY_RW_NO_KERNEL 0x5B 1999e162cdaa7433dff01d3e47ba3a47cb8b39ff3a1Randall Spangler/* Unspecified/unknown error in rewritable firmware */ 2009e162cdaa7433dff01d3e47ba3a47cb8b39ff3a1Randall Spangler#define VBNV_RECOVERY_RW_UNSPECIFIED 0x7F 2019e162cdaa7433dff01d3e47ba3a47cb8b39ff3a1Randall Spangler/* DM-verity error */ 2029e162cdaa7433dff01d3e47ba3a47cb8b39ff3a1Randall Spangler#define VBNV_RECOVERY_KE_DM_VERITY 0x81 2039e162cdaa7433dff01d3e47ba3a47cb8b39ff3a1Randall Spangler/* Unspecified/unknown error in kernel */ 2049e162cdaa7433dff01d3e47ba3a47cb8b39ff3a1Randall Spangler#define VBNV_RECOVERY_KE_UNSPECIFIED 0xBF 2059e162cdaa7433dff01d3e47ba3a47cb8b39ff3a1Randall Spangler/* Recovery mode test from user-mode */ 2069e162cdaa7433dff01d3e47ba3a47cb8b39ff3a1Randall Spangler#define VBNV_RECOVERY_US_TEST 0xC1 2079e162cdaa7433dff01d3e47ba3a47cb8b39ff3a1Randall Spangler/* Unspecified/unknown error in user-mode */ 2089e162cdaa7433dff01d3e47ba3a47cb8b39ff3a1Randall Spangler#define VBNV_RECOVERY_US_UNSPECIFIED 0xFF 2099e162cdaa7433dff01d3e47ba3a47cb8b39ff3a1Randall Spangler 210a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler/** 211a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler * Initialize the NV storage library. 212a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler * 213a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler * This must be called before any other functions in this library. Returns 0 214a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler * if success, non-zero if error. 215b944534edd3799b3353f73bcb8ee90161d640c2bRandall Spangler * 2169e162cdaa7433dff01d3e47ba3a47cb8b39ff3a1Randall Spangler * Proper calling procedure: 2179e162cdaa7433dff01d3e47ba3a47cb8b39ff3a1Randall Spangler * 1) Allocate a context struct. 2189e162cdaa7433dff01d3e47ba3a47cb8b39ff3a1Randall Spangler * 2) If multi-threaded/multi-process, acquire a lock to prevent 2199e162cdaa7433dff01d3e47ba3a47cb8b39ff3a1Randall Spangler * other processes from modifying the underlying storage. 2209e162cdaa7433dff01d3e47ba3a47cb8b39ff3a1Randall Spangler * 3) Read underlying storage and fill in context->raw. 2219e162cdaa7433dff01d3e47ba3a47cb8b39ff3a1Randall Spangler * 4) Call VbNvSetup(). 2229e162cdaa7433dff01d3e47ba3a47cb8b39ff3a1Randall Spangler * 223a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler * If you have access to global variables, you may want to wrap all that in 224a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler * your own VbNvOpen() function. We don't do that in here because there are no 225a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler * global variables in UEFI BIOS during the PEI phase (that's also why we have 226a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler * to pass around a context pointer). 227a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler */ 228a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spanglerint VbNvSetup(VbNvContext *context); 229b944534edd3799b3353f73bcb8ee90161d640c2bRandall Spangler 230a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler/** 231a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler * Clean up and flush changes back to the raw data. 232a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler * 233a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler * This must be called after other functions in this library. Returns 0 if 234b944534edd3799b3353f73bcb8ee90161d640c2bRandall Spangler * success, non-zero if error. 235b944534edd3799b3353f73bcb8ee90161d640c2bRandall Spangler * 2369e162cdaa7433dff01d3e47ba3a47cb8b39ff3a1Randall Spangler * Proper calling procedure: 2379e162cdaa7433dff01d3e47ba3a47cb8b39ff3a1Randall Spangler * 1) Call VbNvExit(). 2389e162cdaa7433dff01d3e47ba3a47cb8b39ff3a1Randall Spangler * 2) If context.raw_changed, write data back to underlying storage. 2399e162cdaa7433dff01d3e47ba3a47cb8b39ff3a1Randall Spangler * 3) Release any lock you acquired before calling VbNvSetup(). 2409e162cdaa7433dff01d3e47ba3a47cb8b39ff3a1Randall Spangler * 4) Free the context struct. 2419e162cdaa7433dff01d3e47ba3a47cb8b39ff3a1Randall Spangler * 242b944534edd3799b3353f73bcb8ee90161d640c2bRandall Spangler * If you have access to global variables, you may want to wrap this 243a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler * in your own VbNvClose() function. 244a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler */ 245a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spanglerint VbNvTeardown(VbNvContext *context); 246b944534edd3799b3353f73bcb8ee90161d640c2bRandall Spangler 247a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler/** 248a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler * Read a NV storage parameter into *dest. 2499e162cdaa7433dff01d3e47ba3a47cb8b39ff3a1Randall Spangler * 250a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler * Returns 0 if success, non-zero if error. 2519e162cdaa7433dff01d3e47ba3a47cb8b39ff3a1Randall Spangler * 252a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler * This may only be called between VbNvSetup() and VbNvTeardown(). 253a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler */ 254a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spanglerint VbNvGet(VbNvContext *context, VbNvParam param, uint32_t *dest); 255b944534edd3799b3353f73bcb8ee90161d640c2bRandall Spangler 256a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler/** 257a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler * Set a NV storage param to a new value. 258a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler * 259a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler * Returns 0 if success, non-zero if error. 260a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler * 261a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler * This may only be called between VbNvSetup() and VbNvTeardown(). 262a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spangler */ 263a2db67d204c0dd3d152ff54958bf42c5dbe394ffRandall Spanglerint VbNvSet(VbNvContext *context, VbNvParam param, uint32_t value); 264b944534edd3799b3353f73bcb8ee90161d640c2bRandall Spangler 265b64f097891e697eaf3b2794baae934f8b4d82d14Bill Richardson/** 266b64f097891e697eaf3b2794baae934f8b4d82d14Bill Richardson * Attempt to restore some fields of a lost VbNvContext from a backup area. 267b64f097891e697eaf3b2794baae934f8b4d82d14Bill Richardson * The rest of the fields are unchanged, so they'd need to be set to their 268b64f097891e697eaf3b2794baae934f8b4d82d14Bill Richardson * appropriate defaults by calling VbNvSetup() first (which is usually how we 269b64f097891e697eaf3b2794baae934f8b4d82d14Bill Richardson * know the fields have been lost). 270b64f097891e697eaf3b2794baae934f8b4d82d14Bill Richardson * 271b64f097891e697eaf3b2794baae934f8b4d82d14Bill Richardson * Returns 0 if success, non-zero if error. 272b64f097891e697eaf3b2794baae934f8b4d82d14Bill Richardson * 273b64f097891e697eaf3b2794baae934f8b4d82d14Bill Richardson * This may only be called between VbNvSetup() and VbNvTeardown(). 274b64f097891e697eaf3b2794baae934f8b4d82d14Bill Richardson */ 275b64f097891e697eaf3b2794baae934f8b4d82d14Bill Richardsonint RestoreNvFromBackup(VbNvContext *vnc); 276b64f097891e697eaf3b2794baae934f8b4d82d14Bill Richardson 277b64f097891e697eaf3b2794baae934f8b4d82d14Bill Richardson/** 278b64f097891e697eaf3b2794baae934f8b4d82d14Bill Richardson * Attempt to save some fields of the VbNvContext to a backup area. 279b64f097891e697eaf3b2794baae934f8b4d82d14Bill Richardson * 280b64f097891e697eaf3b2794baae934f8b4d82d14Bill Richardson * Returns 0 if success, non-zero if error. If it succeeds, it will clear the 281b64f097891e697eaf3b2794baae934f8b4d82d14Bill Richardson * VBNV_BACKUP_NVRAM_REQUEST flag in the VbNvContext. 282b64f097891e697eaf3b2794baae934f8b4d82d14Bill Richardson * 283b64f097891e697eaf3b2794baae934f8b4d82d14Bill Richardson * This may only be called when the backup area is writable. 284b64f097891e697eaf3b2794baae934f8b4d82d14Bill Richardson */ 285b64f097891e697eaf3b2794baae934f8b4d82d14Bill Richardsonint SaveNvToBackup(VbNvContext *vnc); 286b64f097891e697eaf3b2794baae934f8b4d82d14Bill Richardson 287b944534edd3799b3353f73bcb8ee90161d640c2bRandall Spangler#endif /* VBOOT_REFERENCE_NVSTORAGE_H_ */ 288