diff options
author | nagendra modadugu <ngm@google.com> | 2018-06-19 20:21:11 -0700 |
---|---|---|
committer | nagendra modadugu <ngm@google.com> | 2018-06-19 20:31:13 -0700 |
commit | 44432063284943cc743f31e4f4c1773a274fd47f (patch) | |
tree | 172bc6d772a4df3863c9ab5d0eb1af6a5fb5da92 | |
parent | 038766371c787f1fd25d1695879de2dec4ec885d (diff) | |
parent | 5b7337e6e6cf4a1f06daf1a4b600bf031ace7d65 (diff) | |
download | generic-44432063284943cc743f31e4f4c1773a274fd47f.tar.gz |
Merge remote-tracking branch 'goog/upstream-master' into ngm-nos-merge-upstream
* goog/upstream-master:
keymaster: return color and digest in ProvisionPresharedSecret
keymaster: convert HardwareAuthType from enum to int
keymaster: add missing Tag to keymaster_defs.proto
keymaster.proto: Added additional comments.
Definitions for slave implementation of v1 transport protocol
keymaster: add error code KEY_UPGRADE_NOT_REQUIRED
Bug: 110301629
Change-Id: I782e3f1257b86012c8acca2eea5ef014ff8d81df
-rw-r--r-- | BUILD | 1 | ||||
-rw-r--r-- | nugget/include/app_transport_test.h | 25 | ||||
-rw-r--r-- | nugget/include/application.h | 87 | ||||
-rw-r--r-- | nugget/proto/nugget/app/keymaster/keymaster.options | 1 | ||||
-rw-r--r-- | nugget/proto/nugget/app/keymaster/keymaster.proto | 6 | ||||
-rw-r--r-- | nugget/proto/nugget/app/keymaster/keymaster_defs.proto | 10 | ||||
-rw-r--r-- | nugget/proto/nugget/app/keymaster/keymaster_types.proto | 4 |
7 files changed, 110 insertions, 24 deletions
@@ -2,6 +2,7 @@ cc_library( name = "nos_headers", hdrs = [ "nugget/include/app_nugget.h", + "nugget/include/app_transport_test.h", "nugget/include/application.h", "nugget/include/avb.h", "nugget/include/flash_layout.h", diff --git a/nugget/include/app_transport_test.h b/nugget/include/app_transport_test.h new file mode 100644 index 0000000..0c0b4ba --- /dev/null +++ b/nugget/include/app_transport_test.h @@ -0,0 +1,25 @@ +/* + * Copyright (C) 2018 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +#ifndef __CROS_EC_INCLUDE_APP_TRANSPORT_TEST_H +#define __CROS_EC_INCLUDE_APP_TRANSPORT_TEST_H + +/* App commands */ +#define TRANSPORT_TEST_NOP 5 /* Does nothing successfully */ +#define TRANSPORT_TEST_1234 8 /* Returns 0x01020304 successfully */ +#define TRANSPORT_TEST_9876 9 /* Only successful if the arg is 0x09080706 */ +#define TRANSPORT_TEST_HANG 12 /* Forgets to call app_reply() */ + +#endif /* __CROS_EC_INCLUDE_APP_TRANSPORT_TEST_H */ diff --git a/nugget/include/application.h b/nugget/include/application.h index 45824b3..9c7f2f6 100644 --- a/nugget/include/application.h +++ b/nugget/include/application.h @@ -75,6 +75,7 @@ typedef const void * const __private; /* Fake apps used only for testing */ #define APP_ID_AVB_TEST 0x11 +#define APP_ID_TRANSPORT_TEST 0x12 /* This app ID should only be used by tests. */ #define APP_ID_TEST 0xff @@ -199,20 +200,72 @@ typedef void (write_to_app_fn_t)(uint32_t command, * then performs the requested operation and transititions to a "done" state. * The Master will retrieve the application status and any reply data from * Nugget OS, after which the application is ready to handle the next command. - * + */ + +#define TRANSPORT_V0 0x0000 +#define TRANSPORT_V1 0x0001 + +/* Command information for the transport protocol. */ +struct transport_command_info { + /* v1 fields */ + uint16_t length; /* length of this message */ + uint16_t version; /* max version used by master */ + uint16_t crc; /* CRC of some command fields */ + uint16_t reply_len_hint; /* max that the master will read */ +} __packed; + +#define COMMAND_INFO_MIN_LENGTH 8 +#define COMMAND_INFO_MAX_LENGTH 32 +/* If more data needs to be sent, chain a new struct to the end of this one. It + * will require its own CRC for data integrity and something to signify the + * presence of the extra data. */ + +struct transport_status { + /* v0 fields */ + uint32_t status; /* status of the app */ + uint16_t reply_len; /* length of available response data */ + /* v1 fields */ + uint16_t length; /* length of this message */ + uint16_t version; /* max version used by slave */ + uint16_t flags; /* space for more protocol state flags */ + uint16_t crc; /* CRC of this status with crc set to 0 */ + uint16_t reply_crc; /* CRC of the reply data */ +} __packed; + +/* Valid range of lengths for the status message */ +#define STATUS_MIN_LENGTH 0x10 +#define STATUS_MAX_LENGTH 0xff + +/* Flags used in the status message */ +#define STATUS_FLAG_WORKING 0x0001 /* added in v1 */ + +/* Pre-calculated CRCs for different status responses set by in the interrupt + * context where the CRC would otherwise not be calculated. */ +#define STATUS_CRC_FOR_IDLE 0x54c1 +#define STATUS_CRC_FOR_WORKING 0x2101 +#define STATUS_CRC_FOR_ERROR_TOO_MUCH 0x97c0 + +/* * Applications that wish to use this transport API will need to declare a * private struct app_transport which Nugget OS can use to maintain the state: */ - struct app_transport { - uint32_t command; /* from master */ - volatile uint32_t status; /* current application status */ - uint8_t *request, *response; /* input/output data buffer */ - uint16_t max_request_len, max_response_len; /* data buffer sizes */ - uint16_t request_len, response_len; /* current buffer count */ - uint16_t request_idx, response_idx; /* used internally */ void (*done_fn)(struct app_transport *); /* optional cleanup function */ /* Note: Any done_fn() is called in interrupt context. Be quick. */ + uint8_t *const request; /* input data buffer */ + uint8_t *const response; /* output data buffer */ + const uint16_t max_request_len; /* input data buffer size */ + const uint16_t max_response_len; /* output data buffer size */ + /* The following are used for the incoming command. */ + uint32_t command; /* from master */ + union { + struct transport_command_info info; + uint8_t data[COMMAND_INFO_MAX_LENGTH]; /* space for future growth */ + } command_info; /* extra info about the command */ + uint16_t request_len; /* command data buffer size */ + uint16_t response_idx; /* current index into response */ + struct transport_status status[2]; /* current transport_status */ + volatile uint8_t status_idx; /* index of active status */ }; /* @@ -224,18 +277,24 @@ struct app_transport { */ #define __TRANSPORT_ALIGNED__ __attribute__((aligned(8))) -/* For debugging if needed */ -extern void dump_transport_state(const struct app_transport *s); - /* * The application will need to provide a write_to_app_fn_t function that will * be invoked when a new request is ready to be processed. All command and data * parameters will already be present in the app's struct app_transport, so it * just needs to awaken the application task to do the work. * + * When awakened, the application task must check that there were no errors in + * the transmission of the request by calling this function. If it returns + * true, the task should go back to sleep until the next request arrives. + */ +int request_is_invalid(struct app_transport *s); +/* * When processing is finished, the app should call the app_reply() function to - * return its status code and specify length of any data it has placed into the - * response buffer, and then it can go back to sleep until its next invocation. + * return its status code and specify the length of any data it has placed into + * the response buffer, and then it can go back to sleep until its next + * invocation. CAUTION: The Master polls for app completion independently, so + * it may immediately begin retrieving the results as soon as this function + * is called *without* waiting for the Nugget OS app to go to sleep. */ void app_reply(struct app_transport *st, uint32_t status, uint16_t reply_len); @@ -248,6 +307,7 @@ enum app_status { APP_ERROR_TOO_MUCH, /* caller sent too much data */ APP_ERROR_IO, /* problem sending or receiving data */ APP_ERROR_RPC, /* problem during RPC communication */ + APP_ERROR_CHECKSUM, /* checksum failed, only used within protocol */ /* more? */ APP_SPECIFIC_ERROR = 0x20, /* "should be enough for anybody" */ @@ -314,6 +374,7 @@ extern write_to_app_fn_t transaction_api_to_fn; /* Command flags used internally by Transport API messages */ #define CMD_TRANSPORT 0x40000000 /* 1=Transport API message */ +/* When CMD_TRANSPORT is set, the following bits have meaning */ #define CMD_IS_DATA 0x20000000 /* 1=data msg 0=status msg */ #define CMD_MORE_TO_COME 0x10000000 /* 1=continued 0=new */ diff --git a/nugget/proto/nugget/app/keymaster/keymaster.options b/nugget/proto/nugget/app/keymaster/keymaster.options index 554b2dc..a96c584 100644 --- a/nugget/proto/nugget/app/keymaster/keymaster.options +++ b/nugget/proto/nugget/app/keymaster/keymaster.options @@ -15,3 +15,4 @@ nugget.app.keymaster.GetBootInfoResponse.boot_hash max_size:32 nugget.app.keymaster.ProvisionPresharedSecretRequest.preshared_secret max_size:32 nugget.app.keymaster.StartAttestKeyRequest.not_before max_size:13 nugget.app.keymaster.StartAttestKeyRequest.not_after max_size:13 +nugget.app.keymaster.ProvisionPresharedSecretResponse.digest max_size:32 diff --git a/nugget/proto/nugget/app/keymaster/keymaster.proto b/nugget/proto/nugget/app/keymaster/keymaster.proto index 705bc85..69056e8 100644 --- a/nugget/proto/nugget/app/keymaster/keymaster.proto +++ b/nugget/proto/nugget/app/keymaster/keymaster.proto @@ -346,8 +346,8 @@ message SetBootStateRequest { bool is_unlocked = 1; bytes public_key = 2; // This is a SHA256 digest. BootColor color = 3; - uint32 system_version = 4; - uint32 system_security_level = 5; + uint32 system_version = 4; // Deprecated. + uint32 system_security_level = 5; // Patch level of the boot partition. bytes boot_hash = 6; // This is a SHA256 digest. } message SetBootStateResponse { @@ -430,4 +430,6 @@ message ProvisionPresharedSecretRequest { message ProvisionPresharedSecretResponse { ErrorCode error_code = 1; PresharedSecretStatus status = 2; + BootColor color = 3; + bytes digest = 4; } diff --git a/nugget/proto/nugget/app/keymaster/keymaster_defs.proto b/nugget/proto/nugget/app/keymaster/keymaster_defs.proto index 2555c49..88ee2e5 100644 --- a/nugget/proto/nugget/app/keymaster/keymaster_defs.proto +++ b/nugget/proto/nugget/app/keymaster/keymaster_defs.proto @@ -69,6 +69,7 @@ enum Tag { ALLOW_WHILE_ON_BODY = 0x701fa; // (TagType:BOOL | 506) TRUSTED_USER_PRESENCE_REQUIRED = 0x701fb; // (TagType:BOOL | 507) TRUSTED_CONFIRMATION_REQUIRED = 0x701fc; // (TagType:BOOL | 508) + UNLOCKED_DEVICE_REQUIRED = 0x701fd; // (TagType:BOOL | 509) /* RESERVED: ALL_APPLICATIONS = 0x70258; // (TagType:BOOL | 600) */ APPLICATION_ID = 0x90259; // (TagType:BYTES | 601) /* RESERVED: EXPORTABLE = 0x7025a; // (TagType:BOOL | 602) */ @@ -247,14 +248,7 @@ enum ErrorCode { INVALID_DEVICE_IDS = 72; // Vendor specific. PRODUCTION_MODE_PROVISIONING = 73; // Vendor specific. NO_USER_CONFIRMATION = 74; -}; - -enum HardwareAuthenticatorType { - AUTH_NONE = 0; - AUTH_PASSWORD = 1; // (1 << 0) - AUTH_FINGERPRINT = 2; // (1 << 1) - AUTH_ANY = 3; - AUTH_MAX = 4; + KEY_UPGRADE_NOT_REQUIRED = 75; // Vendor specific. }; enum SecurityLevel { diff --git a/nugget/proto/nugget/app/keymaster/keymaster_types.proto b/nugget/proto/nugget/app/keymaster/keymaster_types.proto index d56ff16..7e1d7b7 100644 --- a/nugget/proto/nugget/app/keymaster/keymaster_types.proto +++ b/nugget/proto/nugget/app/keymaster/keymaster_types.proto @@ -63,9 +63,11 @@ message HardwareAuthToken { uint64 challenge = 1; uint64 user_id = 2; uint64 authenticator_id = 3; - HardwareAuthenticatorType authenticator_type = 4; + // Deprecated in favor of tag 7. + // HardwareAuthenticatorType authenticator_type = 4; uint64 timestamp = 5; bytes mac = 6; + uint32 authenticator_type = 7; } message VerificationToken { |