1*8617a60dSAndroid Build Coastguard Worker /* Copyright 2022 The ChromiumOS Authors 2*8617a60dSAndroid Build Coastguard Worker * Use of this source code is governed by a BSD-style license that can be 3*8617a60dSAndroid Build Coastguard Worker * found in the LICENSE file. 4*8617a60dSAndroid Build Coastguard Worker * 5*8617a60dSAndroid Build Coastguard Worker * Definition of the vb2_context structure and related constants. 6*8617a60dSAndroid Build Coastguard Worker */ 7*8617a60dSAndroid Build Coastguard Worker 8*8617a60dSAndroid Build Coastguard Worker #ifndef VBOOT_REFERENCE_2CONTEXT_H_ 9*8617a60dSAndroid Build Coastguard Worker #define VBOOT_REFERENCE_2CONTEXT_H_ 10*8617a60dSAndroid Build Coastguard Worker 11*8617a60dSAndroid Build Coastguard Worker #include "2constants.h" 12*8617a60dSAndroid Build Coastguard Worker 13*8617a60dSAndroid Build Coastguard Worker /* Flags for vb2_context. 14*8617a60dSAndroid Build Coastguard Worker * 15*8617a60dSAndroid Build Coastguard Worker * Unless otherwise noted, flags are set by verified boot and may be read (but 16*8617a60dSAndroid Build Coastguard Worker * not set or cleared) by the caller. 17*8617a60dSAndroid Build Coastguard Worker */ 18*8617a60dSAndroid Build Coastguard Worker enum vb2_context_flags { 19*8617a60dSAndroid Build Coastguard Worker 20*8617a60dSAndroid Build Coastguard Worker /* 21*8617a60dSAndroid Build Coastguard Worker * Verified boot has changed nvdata[]. Caller must save nvdata[] back 22*8617a60dSAndroid Build Coastguard Worker * to its underlying storage, then may clear this flag. 23*8617a60dSAndroid Build Coastguard Worker */ 24*8617a60dSAndroid Build Coastguard Worker VB2_CONTEXT_NVDATA_CHANGED = (1 << 0), 25*8617a60dSAndroid Build Coastguard Worker 26*8617a60dSAndroid Build Coastguard Worker /* 27*8617a60dSAndroid Build Coastguard Worker * Verified boot has changed secdata_firmware[]. Caller must save 28*8617a60dSAndroid Build Coastguard Worker * secdata_firmware[] back to its underlying storage, then may clear 29*8617a60dSAndroid Build Coastguard Worker * this flag. 30*8617a60dSAndroid Build Coastguard Worker */ 31*8617a60dSAndroid Build Coastguard Worker VB2_CONTEXT_SECDATA_FIRMWARE_CHANGED = (1 << 1), 32*8617a60dSAndroid Build Coastguard Worker 33*8617a60dSAndroid Build Coastguard Worker /* Recovery mode is requested this boot */ 34*8617a60dSAndroid Build Coastguard Worker VB2_CONTEXT_RECOVERY_MODE = (1 << 2), 35*8617a60dSAndroid Build Coastguard Worker 36*8617a60dSAndroid Build Coastguard Worker /* Developer mode is requested this boot */ 37*8617a60dSAndroid Build Coastguard Worker VB2_CONTEXT_DEVELOPER_MODE = (1 << 3), 38*8617a60dSAndroid Build Coastguard Worker 39*8617a60dSAndroid Build Coastguard Worker /* 40*8617a60dSAndroid Build Coastguard Worker * Force recovery mode due to physical user request. Caller may set 41*8617a60dSAndroid Build Coastguard Worker * this flag when initializing the context. 42*8617a60dSAndroid Build Coastguard Worker */ 43*8617a60dSAndroid Build Coastguard Worker VB2_CONTEXT_FORCE_RECOVERY_MODE = (1 << 4), 44*8617a60dSAndroid Build Coastguard Worker 45*8617a60dSAndroid Build Coastguard Worker /* 46*8617a60dSAndroid Build Coastguard Worker * Force developer mode enabled. Caller may set this flag when 47*8617a60dSAndroid Build Coastguard Worker * initializing the context. Previously used for forcing developer 48*8617a60dSAndroid Build Coastguard Worker * mode with physical dev switch. 49*8617a60dSAndroid Build Coastguard Worker * 50*8617a60dSAndroid Build Coastguard Worker * Deprecated as part of chromium:942901. 51*8617a60dSAndroid Build Coastguard Worker */ 52*8617a60dSAndroid Build Coastguard Worker VB2_CONTEXT_DEPRECATED_FORCE_DEVELOPER_MODE = (1 << 5), 53*8617a60dSAndroid Build Coastguard Worker 54*8617a60dSAndroid Build Coastguard Worker /* Using firmware slot B. If this flag is clear, using slot A. */ 55*8617a60dSAndroid Build Coastguard Worker VB2_CONTEXT_FW_SLOT_B = (1 << 6), 56*8617a60dSAndroid Build Coastguard Worker 57*8617a60dSAndroid Build Coastguard Worker /* RAM should be cleared by caller this boot */ 58*8617a60dSAndroid Build Coastguard Worker VB2_CONTEXT_CLEAR_RAM = (1 << 7), 59*8617a60dSAndroid Build Coastguard Worker 60*8617a60dSAndroid Build Coastguard Worker /* Wipeout by the app should be requested. */ 61*8617a60dSAndroid Build Coastguard Worker VB2_CONTEXT_FORCE_WIPEOUT_MODE = (1 << 8), 62*8617a60dSAndroid Build Coastguard Worker 63*8617a60dSAndroid Build Coastguard Worker /* Erase developer mode state if it is enabled. */ 64*8617a60dSAndroid Build Coastguard Worker VB2_CONTEXT_DISABLE_DEVELOPER_MODE = (1 << 9), 65*8617a60dSAndroid Build Coastguard Worker 66*8617a60dSAndroid Build Coastguard Worker /* 67*8617a60dSAndroid Build Coastguard Worker * Verified boot has changed secdata_kernel[]. Caller must save 68*8617a60dSAndroid Build Coastguard Worker * secdata_kernel[] back to its underlying storage, then may clear 69*8617a60dSAndroid Build Coastguard Worker * this flag. 70*8617a60dSAndroid Build Coastguard Worker */ 71*8617a60dSAndroid Build Coastguard Worker VB2_CONTEXT_SECDATA_KERNEL_CHANGED = (1 << 10), 72*8617a60dSAndroid Build Coastguard Worker 73*8617a60dSAndroid Build Coastguard Worker /* 74*8617a60dSAndroid Build Coastguard Worker * Allow kernel verification to roll forward the version in 75*8617a60dSAndroid Build Coastguard Worker * secdata_kernel[]. Caller may set this flag before calling 76*8617a60dSAndroid Build Coastguard Worker * vb2api_kernel_phase3(). 77*8617a60dSAndroid Build Coastguard Worker */ 78*8617a60dSAndroid Build Coastguard Worker VB2_CONTEXT_ALLOW_KERNEL_ROLL_FORWARD = (1 << 11), 79*8617a60dSAndroid Build Coastguard Worker 80*8617a60dSAndroid Build Coastguard Worker /* 81*8617a60dSAndroid Build Coastguard Worker * Boot optimistically: don't touch failure counters. Caller may set 82*8617a60dSAndroid Build Coastguard Worker * this flag when initializing the context. 83*8617a60dSAndroid Build Coastguard Worker */ 84*8617a60dSAndroid Build Coastguard Worker VB2_CONTEXT_NOFAIL_BOOT = (1 << 12), 85*8617a60dSAndroid Build Coastguard Worker 86*8617a60dSAndroid Build Coastguard Worker /* 87*8617a60dSAndroid Build Coastguard Worker * secdata is not ready this boot, but should be ready next boot. It 88*8617a60dSAndroid Build Coastguard Worker * would like to reboot. The decision whether to reboot or not must be 89*8617a60dSAndroid Build Coastguard Worker * deferred until vboot, because rebooting all the time before then 90*8617a60dSAndroid Build Coastguard Worker * could cause a device with malfunctioning secdata to get stuck in an 91*8617a60dSAndroid Build Coastguard Worker * unrecoverable crash loop. 92*8617a60dSAndroid Build Coastguard Worker */ 93*8617a60dSAndroid Build Coastguard Worker VB2_CONTEXT_SECDATA_WANTS_REBOOT = (1 << 13), 94*8617a60dSAndroid Build Coastguard Worker 95*8617a60dSAndroid Build Coastguard Worker /* 96*8617a60dSAndroid Build Coastguard Worker * Boot is S3->S0 resume, not S5->S0 normal boot. Caller may set this 97*8617a60dSAndroid Build Coastguard Worker * flag when initializing the context. 98*8617a60dSAndroid Build Coastguard Worker */ 99*8617a60dSAndroid Build Coastguard Worker VB2_CONTEXT_S3_RESUME = (1 << 14), 100*8617a60dSAndroid Build Coastguard Worker 101*8617a60dSAndroid Build Coastguard Worker /* 102*8617a60dSAndroid Build Coastguard Worker * System supports EC software sync. Caller may set this flag at any 103*8617a60dSAndroid Build Coastguard Worker * time before calling vb2api_kernel_phase2(). 104*8617a60dSAndroid Build Coastguard Worker */ 105*8617a60dSAndroid Build Coastguard Worker VB2_CONTEXT_EC_SYNC_SUPPORTED = (1 << 15), 106*8617a60dSAndroid Build Coastguard Worker 107*8617a60dSAndroid Build Coastguard Worker /* 108*8617a60dSAndroid Build Coastguard Worker * EC software sync is slow to update; warning screen should be 109*8617a60dSAndroid Build Coastguard Worker * displayed. Caller may set this flag at any time before calling 110*8617a60dSAndroid Build Coastguard Worker * vb2api_kernel_phase2(). 111*8617a60dSAndroid Build Coastguard Worker */ 112*8617a60dSAndroid Build Coastguard Worker VB2_CONTEXT_EC_SYNC_SLOW = (1 << 16), 113*8617a60dSAndroid Build Coastguard Worker 114*8617a60dSAndroid Build Coastguard Worker /* 115*8617a60dSAndroid Build Coastguard Worker * EC firmware supports early firmware selection; two EC images exist, 116*8617a60dSAndroid Build Coastguard Worker * and EC may have already verified and jumped to EC-RW prior to EC 117*8617a60dSAndroid Build Coastguard Worker * software sync. Deprecated as part of chromium:1038259. 118*8617a60dSAndroid Build Coastguard Worker */ 119*8617a60dSAndroid Build Coastguard Worker VB2_CONTEXT_DEPRECATED_EC_EFS = (1 << 17), 120*8617a60dSAndroid Build Coastguard Worker 121*8617a60dSAndroid Build Coastguard Worker /* 122*8617a60dSAndroid Build Coastguard Worker * NV storage uses data format V2. Data is size VB2_NVDATA_SIZE_V2, 123*8617a60dSAndroid Build Coastguard Worker * not VB2_NVDATA_SIZE. 124*8617a60dSAndroid Build Coastguard Worker * 125*8617a60dSAndroid Build Coastguard Worker * Caller must set this flag when initializing the context to use V2. 126*8617a60dSAndroid Build Coastguard Worker * (Vboot cannot infer the data size from the data itself, because the 127*8617a60dSAndroid Build Coastguard Worker * data provided by the caller could be uninitialized.) 128*8617a60dSAndroid Build Coastguard Worker */ 129*8617a60dSAndroid Build Coastguard Worker VB2_CONTEXT_NVDATA_V2 = (1 << 18), 130*8617a60dSAndroid Build Coastguard Worker 131*8617a60dSAndroid Build Coastguard Worker /* 132*8617a60dSAndroid Build Coastguard Worker * Allow vendor data to be set via the vendor data ui. 133*8617a60dSAndroid Build Coastguard Worker * 134*8617a60dSAndroid Build Coastguard Worker * Deprecated with CL:2512740. 135*8617a60dSAndroid Build Coastguard Worker */ 136*8617a60dSAndroid Build Coastguard Worker VB2_CONTEXT_DEPRECATED_VENDOR_DATA_SETTABLE = (1 << 19), 137*8617a60dSAndroid Build Coastguard Worker 138*8617a60dSAndroid Build Coastguard Worker /* 139*8617a60dSAndroid Build Coastguard Worker * Caller may set this before running vb2api_fw_phase1. In this case, 140*8617a60dSAndroid Build Coastguard Worker * it means: "Display is available on this boot. Please advertise 141*8617a60dSAndroid Build Coastguard Worker * as such to downstream vboot code and users." 142*8617a60dSAndroid Build Coastguard Worker * 143*8617a60dSAndroid Build Coastguard Worker * vboot may also set this before returning from vb2api_fw_phase1. 144*8617a60dSAndroid Build Coastguard Worker * In this case, it means: "Please initialize display so that it is 145*8617a60dSAndroid Build Coastguard Worker * available to downstream vboot code and users." This is used when 146*8617a60dSAndroid Build Coastguard Worker * vboot encounters some internally-generated request for display 147*8617a60dSAndroid Build Coastguard Worker * support. 148*8617a60dSAndroid Build Coastguard Worker */ 149*8617a60dSAndroid Build Coastguard Worker VB2_CONTEXT_DISPLAY_INIT = (1 << 20), 150*8617a60dSAndroid Build Coastguard Worker 151*8617a60dSAndroid Build Coastguard Worker /* 152*8617a60dSAndroid Build Coastguard Worker * Caller may set this before running vb2api_kernel_phase1. It means 153*8617a60dSAndroid Build Coastguard Worker * that there is no FWMP on this system, and thus default values should 154*8617a60dSAndroid Build Coastguard Worker * be used instead. 155*8617a60dSAndroid Build Coastguard Worker * 156*8617a60dSAndroid Build Coastguard Worker * Caller should *not* set this when FWMP is available but invalid. 157*8617a60dSAndroid Build Coastguard Worker */ 158*8617a60dSAndroid Build Coastguard Worker VB2_CONTEXT_NO_SECDATA_FWMP = (1 << 21), 159*8617a60dSAndroid Build Coastguard Worker 160*8617a60dSAndroid Build Coastguard Worker /* 161*8617a60dSAndroid Build Coastguard Worker * Enable detachable menu ui (volume up/down + power). 162*8617a60dSAndroid Build Coastguard Worker * 163*8617a60dSAndroid Build Coastguard Worker * Deprecated with CL:1975390. 164*8617a60dSAndroid Build Coastguard Worker */ 165*8617a60dSAndroid Build Coastguard Worker VB2_CONTEXT_DEPRECATED_DETACHABLE_UI = (1 << 22), 166*8617a60dSAndroid Build Coastguard Worker 167*8617a60dSAndroid Build Coastguard Worker /* 168*8617a60dSAndroid Build Coastguard Worker * NO_BOOT means the OS is not allowed to boot. Only relevant for EFS2. 169*8617a60dSAndroid Build Coastguard Worker */ 170*8617a60dSAndroid Build Coastguard Worker VB2_CONTEXT_NO_BOOT = (1 << 23), 171*8617a60dSAndroid Build Coastguard Worker 172*8617a60dSAndroid Build Coastguard Worker /* 173*8617a60dSAndroid Build Coastguard Worker * TRUSTED means EC is running an RO copy and PD isn't enabled. At 174*8617a60dSAndroid Build Coastguard Worker * least that was last known to the GSC. If EC RO is correctly behaving, 175*8617a60dSAndroid Build Coastguard Worker * it doesn't jump to RW when this flag is set. 176*8617a60dSAndroid Build Coastguard Worker */ 177*8617a60dSAndroid Build Coastguard Worker VB2_CONTEXT_EC_TRUSTED = (1 << 24), 178*8617a60dSAndroid Build Coastguard Worker 179*8617a60dSAndroid Build Coastguard Worker /* 180*8617a60dSAndroid Build Coastguard Worker * Boot into developer mode is allowed by FWMP or GBB flags. 181*8617a60dSAndroid Build Coastguard Worker */ 182*8617a60dSAndroid Build Coastguard Worker VB2_CONTEXT_DEV_BOOT_ALLOWED = (1 << 25), 183*8617a60dSAndroid Build Coastguard Worker 184*8617a60dSAndroid Build Coastguard Worker /* 185*8617a60dSAndroid Build Coastguard Worker * Boot into developer mode from external disk is allowed by nvdata, 186*8617a60dSAndroid Build Coastguard Worker * FWMP or GBB flags. 187*8617a60dSAndroid Build Coastguard Worker */ 188*8617a60dSAndroid Build Coastguard Worker VB2_CONTEXT_DEV_BOOT_EXTERNAL_ALLOWED = (1 << 26), 189*8617a60dSAndroid Build Coastguard Worker 190*8617a60dSAndroid Build Coastguard Worker /* 191*8617a60dSAndroid Build Coastguard Worker * Boot into developer mode from alternate bootloader is allowed by 192*8617a60dSAndroid Build Coastguard Worker * nvdata, FWMP or GBB flags. 193*8617a60dSAndroid Build Coastguard Worker */ 194*8617a60dSAndroid Build Coastguard Worker VB2_CONTEXT_DEV_BOOT_ALTFW_ALLOWED = (1 << 27), 195*8617a60dSAndroid Build Coastguard Worker 196*8617a60dSAndroid Build Coastguard Worker /* 197*8617a60dSAndroid Build Coastguard Worker * If this is set after kernel verification, caller should disable the 198*8617a60dSAndroid Build Coastguard Worker * TPM before jumping to kernel. 199*8617a60dSAndroid Build Coastguard Worker */ 200*8617a60dSAndroid Build Coastguard Worker VB2_CONTEXT_DISABLE_TPM = (1 << 28), 201*8617a60dSAndroid Build Coastguard Worker 202*8617a60dSAndroid Build Coastguard Worker /* 203*8617a60dSAndroid Build Coastguard Worker * Indicates there is only one RW slot present. Caller should set this 204*8617a60dSAndroid Build Coastguard Worker * flag when initializing the context if the flash layout does not 205*8617a60dSAndroid Build Coastguard Worker * support two RW slots. 206*8617a60dSAndroid Build Coastguard Worker */ 207*8617a60dSAndroid Build Coastguard Worker VB2_CONTEXT_SLOT_A_ONLY = (1 << 29), 208*8617a60dSAndroid Build Coastguard Worker }; 209*8617a60dSAndroid Build Coastguard Worker 210*8617a60dSAndroid Build Coastguard Worker /* Helper for aligning fields in vb2_context. */ 211*8617a60dSAndroid Build Coastguard Worker #define VB2_PAD_STRUCT3(size, align, count) \ 212*8617a60dSAndroid Build Coastguard Worker uint8_t _pad##count[align - (((size - 1) % align) + 1)] 213*8617a60dSAndroid Build Coastguard Worker #define VB2_PAD_STRUCT2(size, align, count) VB2_PAD_STRUCT3(size, align, count) 214*8617a60dSAndroid Build Coastguard Worker #define VB2_PAD_STRUCT(size, align) VB2_PAD_STRUCT2(size, align, __COUNTER__) 215*8617a60dSAndroid Build Coastguard Worker 216*8617a60dSAndroid Build Coastguard Worker /* 217*8617a60dSAndroid Build Coastguard Worker * Context for firmware verification. Pass this to all vboot APIs. 218*8617a60dSAndroid Build Coastguard Worker * 219*8617a60dSAndroid Build Coastguard Worker * Context is stored as part of vb2_shared_data, initialized with vb2api_init(). 220*8617a60dSAndroid Build Coastguard Worker * Subsequent retrieval of the context object should be done by calling 221*8617a60dSAndroid Build Coastguard Worker * vb2api_reinit(), e.g. if switching firmware applications. 222*8617a60dSAndroid Build Coastguard Worker * 223*8617a60dSAndroid Build Coastguard Worker * The context struct can be seen as the "publicly accessible" portion of 224*8617a60dSAndroid Build Coastguard Worker * vb2_shared_data, and thus does not require its own magic and version fields. 225*8617a60dSAndroid Build Coastguard Worker */ 226*8617a60dSAndroid Build Coastguard Worker struct vb2_context { 227*8617a60dSAndroid Build Coastguard Worker 228*8617a60dSAndroid Build Coastguard Worker /********************************************************************** 229*8617a60dSAndroid Build Coastguard Worker * Fields caller must initialize before calling any API functions. 230*8617a60dSAndroid Build Coastguard Worker */ 231*8617a60dSAndroid Build Coastguard Worker 232*8617a60dSAndroid Build Coastguard Worker /* 233*8617a60dSAndroid Build Coastguard Worker * Flags; see vb2_context_flags. Some flags may only be set by caller 234*8617a60dSAndroid Build Coastguard Worker * prior to calling vboot functions. 235*8617a60dSAndroid Build Coastguard Worker */ 236*8617a60dSAndroid Build Coastguard Worker uint64_t flags; 237*8617a60dSAndroid Build Coastguard Worker 238*8617a60dSAndroid Build Coastguard Worker /* 239*8617a60dSAndroid Build Coastguard Worker * Non-volatile data. Caller must fill this from some non-volatile 240*8617a60dSAndroid Build Coastguard Worker * location before calling vb2api_fw_phase1. If the 241*8617a60dSAndroid Build Coastguard Worker * VB2_CONTEXT_NVDATA_CHANGED flag is set when a vb2api function 242*8617a60dSAndroid Build Coastguard Worker * returns, caller must save the data back to the non-volatile location 243*8617a60dSAndroid Build Coastguard Worker * and then clear the flag. 244*8617a60dSAndroid Build Coastguard Worker */ 245*8617a60dSAndroid Build Coastguard Worker uint8_t nvdata[VB2_NVDATA_SIZE_V2]; 246*8617a60dSAndroid Build Coastguard Worker VB2_PAD_STRUCT(VB2_NVDATA_SIZE_V2, 8); 247*8617a60dSAndroid Build Coastguard Worker 248*8617a60dSAndroid Build Coastguard Worker /* 249*8617a60dSAndroid Build Coastguard Worker * Secure data for firmware verification stage. Caller must fill this 250*8617a60dSAndroid Build Coastguard Worker * from some secure non-volatile location before calling 251*8617a60dSAndroid Build Coastguard Worker * vb2api_fw_phase1. If the VB2_CONTEXT_SECDATA_FIRMWARE_CHANGED flag 252*8617a60dSAndroid Build Coastguard Worker * is set when a function returns, caller must save the data back to the 253*8617a60dSAndroid Build Coastguard Worker * secure non-volatile location and then clear the flag. 254*8617a60dSAndroid Build Coastguard Worker */ 255*8617a60dSAndroid Build Coastguard Worker uint8_t secdata_firmware[VB2_SECDATA_FIRMWARE_SIZE]; 256*8617a60dSAndroid Build Coastguard Worker VB2_PAD_STRUCT(VB2_SECDATA_FIRMWARE_SIZE, 8); 257*8617a60dSAndroid Build Coastguard Worker 258*8617a60dSAndroid Build Coastguard Worker /********************************************************************** 259*8617a60dSAndroid Build Coastguard Worker * Fields caller must initialize before calling vb2api_kernel_phase1(). 260*8617a60dSAndroid Build Coastguard Worker */ 261*8617a60dSAndroid Build Coastguard Worker 262*8617a60dSAndroid Build Coastguard Worker /* 263*8617a60dSAndroid Build Coastguard Worker * Secure data for kernel verification stage. Caller must fill this 264*8617a60dSAndroid Build Coastguard Worker * from some secure non-volatile location before calling 265*8617a60dSAndroid Build Coastguard Worker * vb2api_kernel_phase1. If the VB2_CONTEXT_SECDATA_KERNEL_CHANGED 266*8617a60dSAndroid Build Coastguard Worker * flag is set when a function returns, caller must save the data back 267*8617a60dSAndroid Build Coastguard Worker * to the secure non-volatile location and then clear the flag. 268*8617a60dSAndroid Build Coastguard Worker */ 269*8617a60dSAndroid Build Coastguard Worker uint8_t secdata_kernel[VB2_SECDATA_KERNEL_MAX_SIZE]; 270*8617a60dSAndroid Build Coastguard Worker VB2_PAD_STRUCT(VB2_SECDATA_KERNEL_MAX_SIZE, 8); 271*8617a60dSAndroid Build Coastguard Worker 272*8617a60dSAndroid Build Coastguard Worker /* 273*8617a60dSAndroid Build Coastguard Worker * Firmware management parameters (FWMP) secure data. Caller must fill 274*8617a60dSAndroid Build Coastguard Worker * this from some secure non-volatile location before calling 275*8617a60dSAndroid Build Coastguard Worker * vb2api_kernel_phase1. Since FWMP is a variable-size space, caller 276*8617a60dSAndroid Build Coastguard Worker * should initially fill in VB2_SECDATA_FWMP_MIN_SIZE bytes, and call 277*8617a60dSAndroid Build Coastguard Worker * vb2_secdata_fwmp_check() to see whether more should be read. If the 278*8617a60dSAndroid Build Coastguard Worker * VB2_CONTEXT_SECDATA_FWMP_CHANGED flag is set when a function 279*8617a60dSAndroid Build Coastguard Worker * returns, caller must save the data back to the secure non-volatile 280*8617a60dSAndroid Build Coastguard Worker * location and then clear the flag. 281*8617a60dSAndroid Build Coastguard Worker */ 282*8617a60dSAndroid Build Coastguard Worker uint8_t secdata_fwmp[VB2_SECDATA_FWMP_MAX_SIZE]; 283*8617a60dSAndroid Build Coastguard Worker VB2_PAD_STRUCT(VB2_SECDATA_FWMP_MAX_SIZE, 8); 284*8617a60dSAndroid Build Coastguard Worker 285*8617a60dSAndroid Build Coastguard Worker /********************************************************************** 286*8617a60dSAndroid Build Coastguard Worker * Fields below added in struct version 3.1. 287*8617a60dSAndroid Build Coastguard Worker */ 288*8617a60dSAndroid Build Coastguard Worker 289*8617a60dSAndroid Build Coastguard Worker /* 290*8617a60dSAndroid Build Coastguard Worker * Mutually exclusive boot mode (from enum vb2_boot_mode). 291*8617a60dSAndroid Build Coastguard Worker * This constant is initialized after calling vb2api_fw_phase1(). 292*8617a60dSAndroid Build Coastguard Worker */ 293*8617a60dSAndroid Build Coastguard Worker const uint8_t boot_mode; 294*8617a60dSAndroid Build Coastguard Worker }; 295*8617a60dSAndroid Build Coastguard Worker 296*8617a60dSAndroid Build Coastguard Worker #endif /* VBOOT_REFERENCE_2CONTEXT_H_ */ 297