1 /* 2 * Copyright (C) 2016 The Android Open Source Project 3 * 4 * Permission is hereby granted, free of charge, to any person 5 * obtaining a copy of this software and associated documentation 6 * files (the "Software"), to deal in the Software without 7 * restriction, including without limitation the rights to use, copy, 8 * modify, merge, publish, distribute, sublicense, and/or sell copies 9 * of the Software, and to permit persons to whom the Software is 10 * furnished to do so, subject to the following conditions: 11 * 12 * The above copyright notice and this permission notice shall be 13 * included in all copies or substantial portions of the Software. 14 * 15 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, 16 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF 17 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND 18 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS 19 * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN 20 * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 21 * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 22 * SOFTWARE. 23 */ 24 25 #ifndef TRUSTY_AVB_H_ 26 #define TRUSTY_AVB_H_ 27 28 #include <interface/avb/avb.h> 29 #include <trusty/sysdeps.h> 30 #include <trusty/trusty_ipc.h> 31 32 /* 33 * Initialize AVB TIPC client. Returns one of trusty_err. 34 * 35 * @dev: initialized with trusty_ipc_dev_create 36 */ 37 int avb_tipc_init(struct trusty_ipc_dev* dev); 38 /* 39 * Shutdown AVB TIPC client. 40 * 41 * @dev: initialized with trusty_ipc_dev_create 42 */ 43 void avb_tipc_shutdown(struct trusty_ipc_dev* dev); 44 /* 45 * Send request to secure side to read rollback index. 46 * Returns one of trusty_err. 47 * 48 * @slot: rollback index slot 49 * @value: rollback index value stored here 50 */ 51 int trusty_read_rollback_index(uint32_t slot, uint64_t* value); 52 /* 53 * Send request to secure side to write rollback index 54 * Returns one of trusty_err. 55 * 56 * @slot: rollback index slot 57 * @value: rollback index value to write 58 */ 59 int trusty_write_rollback_index(uint32_t slot, uint64_t value); 60 /* 61 * Send request to secure side to read permanent attributes. When permanent 62 * attributes are stored in RPMB, a hash of the permanent attributes which is 63 * given to AVB during verification MUST still be backed by write-once hardware. 64 * 65 * Copies attributes received by secure side to |attributes|. If |size| does not 66 * match the size returned by the secure side, an error is returned. Returns one 67 * of trusty_err. 68 * 69 * @attributes: caller allocated buffer 70 * @size: size of |attributes| 71 */ 72 int trusty_read_permanent_attributes(uint8_t* attributes, uint32_t size); 73 /* 74 * Send request to secure side to write permanent attributes. Permanent 75 * attributes can only be written to storage once. 76 * 77 * Returns one of trusty_err. 78 */ 79 int trusty_write_permanent_attributes(uint8_t* attributes, uint32_t size); 80 /* 81 * Send request to secure side to read device lock state from RPMB. 82 * 83 * Returns one of trusty_err. 84 */ 85 int trusty_read_lock_state(uint8_t* lock_state); 86 /* 87 * Send request to secure side to write device lock state to RPMB. If the lock 88 * state is changed, all rollback index data will be cleared. 89 * 90 * Returns one of trusty_err. 91 */ 92 int trusty_write_lock_state(uint8_t lock_state); 93 /* 94 * Send request to secure side to lock the boot state. After this is invoked, 95 * the non-secure side will not be able to write to data managed by the AVB 96 * service until next boot. 97 * 98 * Returns one of trusty_err. 99 */ 100 int trusty_lock_boot_state(void); 101 102 #endif /* TRUSTY_AVB_H_ */ 103