1 /* 2 * Copyright (C) 2020 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 #pragma once 18 19 #include <stdint.h> 20 21 #define SYSTEM_STATE_PORT "com.android.trusty.system-state" 22 #define SYSTEM_STATE_MAX_MESSAGE_SIZE 32 23 24 /** 25 * enum system_state_cmd - command identifiers for system_state functions 26 * @SYSTEM_STATE_CMD_RESP_BIT: Message is a response. 27 * @SYSTEM_STATE_CMD_REQ_SHIFT: Number of bits used by @SYSTEM_STATE_RESP_BIT. 28 * 29 */ 30 enum system_state_cmd { 31 SYSTEM_STATE_CMD_RESP_BIT = 1, 32 SYSTEM_STATE_CMD_REQ_SHIFT = 1, 33 34 /** @SYSTEM_STATE_CMD_GET_FLAG: Command to read a system state flag. */ 35 SYSTEM_STATE_CMD_GET_FLAG = (1 << SYSTEM_STATE_CMD_REQ_SHIFT), 36 }; 37 38 /** 39 * enum system_state_flag - flag identifiers for %SYSTEM_STATE_GET_FLAG 40 */ 41 enum system_state_flag { 42 /** 43 * @SYSTEM_STATE_FLAG_PROVISIONING_ALLOWED: 44 * Flag used to restrict when provisoning is allowed. 45 */ 46 SYSTEM_STATE_FLAG_PROVISIONING_ALLOWED = 1, 47 48 /** 49 * @SYSTEM_STATE_FLAG_APP_LOADING_UNLOCKED: 50 * Flag used to indicate that loading apps signed with insecure dev keys 51 * is allowed. 52 */ 53 SYSTEM_STATE_FLAG_APP_LOADING_UNLOCKED = 2, 54 55 /** 56 * @SYSTEM_STATE_FLAG_APP_LOADING_VERSION_CHECK: 57 * Flag used to permit skipping of app version checks or rollback 58 * version updates. Contains a value of type enum 59 * system_state_flag_app_loading_version_check. 60 */ 61 SYSTEM_STATE_FLAG_APP_LOADING_VERSION_CHECK = 3, 62 }; 63 64 /** 65 * enum system_state_flag_provisioning_allowed - Provisioning allowed states 66 * @SYSTEM_STATE_FLAG_PROVISIONING_ALLOWED_VALUE_NOT_ALLOWED: 67 * Provisoning is not currently allowed. 68 * @SYSTEM_STATE_FLAG_PROVISIONING_ALLOWED_VALUE_ALLOWED: 69 * Provisoning is currently allowed. 70 * @SYSTEM_STATE_FLAG_PROVISIONING_ALLOWED_VALUE_ALLOWED_AT_BOOT: 71 * Provisoning is currently allowed if the client is in a boot stage. 72 * For backward compatibility. Not recommened for new systems. 73 */ 74 enum system_state_flag_provisioning_allowed { 75 SYSTEM_STATE_FLAG_PROVISIONING_ALLOWED_VALUE_NOT_ALLOWED = 0, 76 SYSTEM_STATE_FLAG_PROVISIONING_ALLOWED_VALUE_ALLOWED = 1, 77 SYSTEM_STATE_FLAG_PROVISIONING_ALLOWED_VALUE_ALLOWED_AT_BOOT = 2, 78 }; 79 80 /** 81 * enum system_state_flag_app_loading_version_check - App loading version check 82 * states 83 * @SYSTEM_STATE_FLAG_APP_LOADING_VERSION_CHECK_VALUE_REQUIRED 84 * Rollback version check and updating is required 85 * @SYSTEM_STATE_FLAG_APP_LOADING_VERSION_CHECK_VALUE_SKIP_UPDATE 86 * Rollback version check is required, but the rollback version will not be 87 * updated. 88 * @SYSTEM_STATE_FLAG_APP_LOADING_VERSION_CHECK_VALUE_SKIP_CHECK 89 * Rollback version check should be skipped (rollback version will not be 90 * updated) 91 */ 92 enum system_state_flag_app_loading_version_check { 93 SYSTEM_STATE_FLAG_APP_LOADING_VERSION_CHECK_VALUE_REQUIRED = 0, 94 SYSTEM_STATE_FLAG_APP_LOADING_VERSION_CHECK_VALUE_SKIP_UPDATE = 1, 95 SYSTEM_STATE_FLAG_APP_LOADING_VERSION_CHECK_VALUE_SKIP_CHECK = 2, 96 }; 97 98 /** 99 * struct system_state_req - common request structure for system_state 100 * @cmd: Command identifier. 101 * @reserved: Reserved, must be 0. 102 * @payload: Payload buffer, meaning determined by @cmd. 103 */ 104 struct system_state_req { 105 uint32_t cmd; 106 uint32_t reserved; 107 uint8_t payload[0]; 108 }; 109 110 /** 111 * struct system_state_resp - common response structure for system_state 112 * @cmd: Command identifier. 113 * @result: If non-0, an lk error code. 114 * @payload: Payload buffer, meaning determined by @cmd. 115 */ 116 struct system_state_resp { 117 uint32_t cmd; 118 int32_t result; 119 uint8_t payload[0]; 120 }; 121 122 /** 123 * struct system_state_get_flag_req - payload for get-flag request 124 * @flag: One of @enum system_state_flag. 125 */ 126 struct system_state_get_flag_req { 127 uint32_t flag; 128 }; 129 130 /** 131 * struct system_state_get_flag_resp - payload for get-flag response 132 * @flag: One of @enum system_state_flag. 133 * @reserved: Reserved, must be 0. 134 * @value: Current value of flag @flag. 135 */ 136 struct system_state_get_flag_resp { 137 uint32_t flag; 138 uint32_t reserved; 139 uint64_t value; 140 }; 141