Home | History | Annotate | Download | only in cros 
      1 # Copyright (c) 2012 The Chromium OS Authors. All rights reserved.
      2 # Use of this source code is governed by a BSD-style license that can be
      3 # found in the LICENSE file.
      4 
      5 # The constants of verified boot.
      6 
      7 # Recovery reason codes, copied from:
      8 #     vboot_reference/firmware/include/vboot_nvstorage.h
      9 #     vboot_reference/firmware/include/vboot_struct.h
     10 RECOVERY_REASON = {
     11     # Recovery not requested
     12     'NOT_REQUESTED':      '0',   # 0x00
     13     # Recovery requested from legacy utility
     14     'LEGACY':             '1',   # 0x01
     15     # User manually requested recovery via recovery button
     16     'RO_MANUAL':          '2',   # 0x02
     17     # RW firmware failed signature check
     18     'RO_INVALID_RW':      '3',   # 0x03
     19     # S3 resume failed
     20     'RO_S3_RESUME':       '4',   # 0x04
     21     # TPM error in read-only firmware (deprecated)
     22     'DEP_RO_TPM_ERROR':   '5',   # 0x05
     23     # Shared data error in read-only firmware
     24     'RO_SHARED_DATA':     '6',   # 0x06
     25     # Test error from S3Resume()
     26     'RO_TEST_S3':         '7',   # 0x07
     27     # Test error from LoadFirmwareSetup()
     28     'RO_TEST_LFS':        '8',   # 0x08
     29     # Test error from LoadFirmware()
     30     'RO_TEST_LF':         '9',   # 0x09
     31     # RW firmware failed signature check
     32     'RW_NOT_DONE':        '16',  # 0x10
     33     'RW_DEV_MISMATCH':    '17',  # 0x11
     34     'RW_REC_MISMATCH':    '18',  # 0x12
     35     'RW_VERIFY_KEYBLOCK': '19',  # 0x13
     36     'RW_KEY_ROLLBACK':    '20',  # 0x14
     37     'RW_DATA_KEY_PARSE':  '21',  # 0x15
     38     'RW_VERIFY_PREAMBLE': '22',  # 0x16
     39     'RW_FW_ROLLBACK':     '23',  # 0x17
     40     'RW_HEADER_VALID':    '24',  # 0x18
     41     'RW_GET_FW_BODY':     '25',  # 0x19
     42     'RW_HASH_WRONG_SIZE': '26',  # 0x1A
     43     'RW_VERIFY_BODY':     '27',  # 0x1B
     44     'RW_VALID':           '28',  # 0x1C
     45     # Read-only normal path requested by firmware preamble, but
     46     # unsupported by firmware.
     47     'RW_NO_RO_NORMAL':    '29',  # 0x1D
     48     # Firmware boot failure outside of verified boot
     49     'RO_FIRMWARE':        '32',  # 0x20
     50     # Recovery mode TPM initialization requires a system reboot.
     51     # The system was already in recovery mode for some other reason
     52     # when this happened.
     53     'RO_TPM_REBOOT':      '33',  # 0x21
     54     # EC software sync - other error
     55     'EC_SOFTWARE_SYNC':   '34',  # 0x22
     56     # EC software sync - unable to determine active EC image
     57     'EC_UNKNOWN_IMAGE':   '35',  # 0x23
     58     # EC software sync - error obtaining EC image hash (deprecated)
     59     'DEP_EC_HASH':        '36',  # 0x24
     60     # EC software sync - error obtaining expected EC image
     61     'EC_EXPECTED_IMAGE':  '37',  # 0x25
     62     # EC software sync - error updating EC
     63     'EC_UPDATE':          '38',  # 0x26
     64     # EC software sync - unable to jump to EC-RW
     65     'EC_JUMP_RW':         '39',  # 0x27
     66     # EC software sync - unable to protect / unprotect EC-RW
     67     'EC_PROTECT':         '40',  # 0x28
     68     # Unspecified/unknown error in read-only firmware
     69     'RO_UNSPECIFIED':     '63',  # 0x3F
     70     # User manually requested recovery by pressing a key at developer
     71     # warning screen.
     72     'RW_DEV_SCREEN':      '65',  # 0x41
     73     # No OS kernel detected
     74     'RW_NO_OS':           '66',  # 0x42
     75     # OS kernel failed signature check
     76     'RW_INVALID_OS':      '67',  # 0x43
     77     # TPM error in rewritable firmware (deprecated)
     78     'DEP_RW_TPM_ERROR':   '68',  # 0x44
     79     # RW firmware in dev mode, but dev switch is off.
     80     'RW_DEV_MISMATCH':    '69',  # 0x45
     81     # Shared data error in rewritable firmware
     82     'RW_SHARED_DATA':     '70',  # 0x46
     83     # Test error from LoadKernel()
     84     'RW_TEST_LK':         '71',  # 0x47
     85     # No bootable disk found (deprecated)
     86     'DEP_RW_NO_DISK':     '72',  # 0x48
     87     # Rebooting did not correct TPM_E_FAIL or TPM_E_FAILEDSELFTEST
     88     'TPM_E_FAIL':         '73',  # 0x49
     89     # TPM setup error in read-only firmware
     90     'RO_TPM_S_ERROR':     '80',  # 0x50
     91     # TPM write error in read-only firmware
     92     'RO_TPM_W_ERROR':     '81',  # 0x51
     93     # TPM lock error in read-only firmware
     94     'RO_TPM_L_ERROR':     '82',  # 0x52
     95     # TPM update error in read-only firmware
     96     'RO_TPM_U_ERROR':     '83',  # 0x53
     97     # TPM read error in rewritable firmware
     98     'RW_TPM_R_ERROR':     '84',  # 0x54
     99     # TPM write error in rewritable firmware
    100     'RW_TPM_W_ERROR':     '85',  # 0x55
    101     # TPM lock error in rewritable firmware
    102     'RW_TPM_L_ERROR':     '86',  # 0x56
    103     # EC software sync unable to get EC image hash
    104     'EC_HASH_FAILED':     '87',  # 0x57
    105     # EC software sync invalid image hash size
    106     'EC_HASH_SIZE':       '88',  # 0x58
    107     # Unspecified error while trying to load kernel
    108     'LK_UNSPECIFIED':     '89',  # 0x59
    109     # No bootable storage device in system
    110     'RW_NO_DISK':         '90',  # 0x5A
    111     # No bootable kernel found on disk
    112     'RW_NO_KERNEL':       '91',  # 0x5B
    113     # Unspecified/unknown error in rewritable firmware
    114     'RW_UNSPECIFIED':     '127', # 0x7F
    115     # DM-verity error
    116     'KE_DM_VERITY':       '129', # 0x81
    117     # Unspecified/unknown error in kernel
    118     'KE_UNSPECIFIED':     '191', # 0xBF
    119     # Recovery mode test from user-mode
    120     'US_TEST':            '193', # 0xC1
    121     # Unspecified/unknown error in user-mode
    122     'US_UNSPECIFIED':     '255', # 0xFF
    123 }
    124 
    125 # GBB flags, copied from:
    126 #     vboot_reference/firmware/include/gbb_header.h
    127 GBB_FLAG_DEV_SCREEN_SHORT_DELAY    = 0x00000001
    128 GBB_FLAG_LOAD_OPTION_ROMS          = 0x00000002
    129 GBB_FLAG_ENABLE_ALTERNATE_OS       = 0x00000004
    130 GBB_FLAG_FORCE_DEV_SWITCH_ON       = 0x00000008
    131 GBB_FLAG_FORCE_DEV_BOOT_USB        = 0x00000010
    132 GBB_FLAG_DISABLE_FW_ROLLBACK_CHECK = 0x00000020
    133 GBB_FLAG_ENTER_TRIGGERS_TONORM     = 0x00000040
    134 GBB_FLAG_FORCE_DEV_BOOT_LEGACY     = 0x00000080
    135 GBB_FLAG_FAFT_KEY_OVERIDE          = 0x00000100
    136 GBB_FLAG_DISABLE_EC_SOFTWARE_SYNC  = 0x00000200
    137 GBB_FLAG_DEFAULT_DEV_BOOT_LEGACY   = 0x00000400
    138 GBB_FLAG_DISABLE_PD_SOFTWARE_SYNC  = 0x00000800
    139 GBB_FLAG_DISABLE_LID_SHUTDOWN      = 0x00001000
    140 GBB_FLAG_FORCE_DEV_BOOT_FASTBOOT_FULL_CAP = 0x00002000
    141 
    142 
    143 # VbSharedData flags, copied from:
    144 #     vboot_reference/firmware/include/vboot_struct.h
    145 VDAT_FLAG_FWB_TRIED                = 0x00000001
    146 VDAT_FLAG_KERNEL_KEY_VERIFIED      = 0x00000002
    147 VDAT_FLAG_LF_DEV_SWITCH_ON         = 0x00000004
    148 VDAT_FLAG_LF_USE_RO_NORMAL         = 0x00000008
    149 VDAT_FLAG_BOOT_DEV_SWITCH_ON       = 0x00000010
    150 VDAT_FLAG_BOOT_REC_SWITCH_ON       = 0x00000020
    151 VDAT_FLAG_BOOT_FIRMWARE_WP_ENABLED = 0x00000040
    152 VDAT_FLAG_BOOT_S3_RESUME           = 0x00000100
    153 VDAT_FLAG_BOOT_RO_NORMAL_SUPPORT   = 0x00000200
    154 VDAT_FLAG_HONOR_VIRT_DEV_SWITCH    = 0x00000400
    155 VDAT_FLAG_EC_SOFTWARE_SYNC         = 0x00000800
    156 VDAT_FLAG_EC_SLOW_UPDATE           = 0x00001000
    157 
    158 # Firmware preamble flags, copied from:
    159 #     vboot_reference/firmware/include/vboot_struct.h
    160 PREAMBLE_USE_RO_NORMAL             = 0x00000001
    161