1*d8f9d2afSIgor Opaniuk /* 2*d8f9d2afSIgor Opaniuk * Copyright (C) 2016 The Android Open Source Project 3*d8f9d2afSIgor Opaniuk * 4*d8f9d2afSIgor Opaniuk * SPDX-License-Identifier: MIT 5*d8f9d2afSIgor Opaniuk */ 6*d8f9d2afSIgor Opaniuk 7*d8f9d2afSIgor Opaniuk #if !defined(AVB_INSIDE_LIBAVB_H) && !defined(AVB_COMPILATION) 8*d8f9d2afSIgor Opaniuk #error "Never include this file directly, include libavb.h instead." 9*d8f9d2afSIgor Opaniuk #endif 10*d8f9d2afSIgor Opaniuk 11*d8f9d2afSIgor Opaniuk #ifndef AVB_HASH_DESCRIPTOR_H_ 12*d8f9d2afSIgor Opaniuk #define AVB_HASH_DESCRIPTOR_H_ 13*d8f9d2afSIgor Opaniuk 14*d8f9d2afSIgor Opaniuk #include "avb_descriptor.h" 15*d8f9d2afSIgor Opaniuk 16*d8f9d2afSIgor Opaniuk #ifdef __cplusplus 17*d8f9d2afSIgor Opaniuk extern "C" { 18*d8f9d2afSIgor Opaniuk #endif 19*d8f9d2afSIgor Opaniuk 20*d8f9d2afSIgor Opaniuk /* Flags for hash descriptors. 21*d8f9d2afSIgor Opaniuk * 22*d8f9d2afSIgor Opaniuk * AVB_HASH_DESCRIPTOR_FLAGS_DO_NOT_USE_AB: Do not apply the default A/B 23*d8f9d2afSIgor Opaniuk * partition logic to this partition. This is intentionally a negative boolean 24*d8f9d2afSIgor Opaniuk * because A/B should be both the default and most used in practice. 25*d8f9d2afSIgor Opaniuk */ 26*d8f9d2afSIgor Opaniuk typedef enum { 27*d8f9d2afSIgor Opaniuk AVB_HASH_DESCRIPTOR_FLAGS_DO_NOT_USE_AB = (1 << 0), 28*d8f9d2afSIgor Opaniuk } AvbHashDescriptorFlags; 29*d8f9d2afSIgor Opaniuk 30*d8f9d2afSIgor Opaniuk /* A descriptor containing information about hash for an image. 31*d8f9d2afSIgor Opaniuk * 32*d8f9d2afSIgor Opaniuk * This descriptor is typically used for boot partitions to verify the 33*d8f9d2afSIgor Opaniuk * entire kernel+initramfs image before executing it. 34*d8f9d2afSIgor Opaniuk * 35*d8f9d2afSIgor Opaniuk * Following this struct are |partition_name_len| bytes of the 36*d8f9d2afSIgor Opaniuk * partition name (UTF-8 encoded), |salt_len| bytes of salt, and then 37*d8f9d2afSIgor Opaniuk * |digest_len| bytes of the digest. 38*d8f9d2afSIgor Opaniuk * 39*d8f9d2afSIgor Opaniuk * The |reserved| field is for future expansion and must be set to NUL 40*d8f9d2afSIgor Opaniuk * bytes. 41*d8f9d2afSIgor Opaniuk * 42*d8f9d2afSIgor Opaniuk * Changes in v1.1: 43*d8f9d2afSIgor Opaniuk * - flags field is added which supports AVB_HASH_DESCRIPTOR_FLAGS_USE_AB 44*d8f9d2afSIgor Opaniuk * - digest_len may be zero, which indicates the use of a persistent digest 45*d8f9d2afSIgor Opaniuk */ 46*d8f9d2afSIgor Opaniuk typedef struct AvbHashDescriptor { 47*d8f9d2afSIgor Opaniuk AvbDescriptor parent_descriptor; 48*d8f9d2afSIgor Opaniuk uint64_t image_size; 49*d8f9d2afSIgor Opaniuk uint8_t hash_algorithm[32]; 50*d8f9d2afSIgor Opaniuk uint32_t partition_name_len; 51*d8f9d2afSIgor Opaniuk uint32_t salt_len; 52*d8f9d2afSIgor Opaniuk uint32_t digest_len; 53*d8f9d2afSIgor Opaniuk uint32_t flags; 54*d8f9d2afSIgor Opaniuk uint8_t reserved[60]; 55*d8f9d2afSIgor Opaniuk } AVB_ATTR_PACKED AvbHashDescriptor; 56*d8f9d2afSIgor Opaniuk 57*d8f9d2afSIgor Opaniuk /* Copies |src| to |dest| and validates, byte-swapping fields in the 58*d8f9d2afSIgor Opaniuk * process if needed. Returns true if valid, false if invalid. 59*d8f9d2afSIgor Opaniuk * 60*d8f9d2afSIgor Opaniuk * Data following the struct is not validated nor copied. 61*d8f9d2afSIgor Opaniuk */ 62*d8f9d2afSIgor Opaniuk bool avb_hash_descriptor_validate_and_byteswap(const AvbHashDescriptor* src, 63*d8f9d2afSIgor Opaniuk AvbHashDescriptor* dest) 64*d8f9d2afSIgor Opaniuk AVB_ATTR_WARN_UNUSED_RESULT; 65*d8f9d2afSIgor Opaniuk 66*d8f9d2afSIgor Opaniuk #ifdef __cplusplus 67*d8f9d2afSIgor Opaniuk } 68*d8f9d2afSIgor Opaniuk #endif 69*d8f9d2afSIgor Opaniuk 70*d8f9d2afSIgor Opaniuk #endif /* AVB_HASH_DESCRIPTOR_H_ */ 71