1# Copyright (c) 2012 The Chromium OS Authors. All rights reserved.
2# Use of this source code is governed by a BSD-style license that can be
3# found in the LICENSE file.
4
5# The constants of verified boot.
6
7# Recovery reason codes, copied from:
8#     vboot_reference/firmware/include/vboot_nvstorage.h
9#     vboot_reference/firmware/include/vboot_struct.h
10RECOVERY_REASON = {
11    # Recovery not requested
12    'NOT_REQUESTED':      '0',   # 0x00
13    # Recovery requested from legacy utility
14    'LEGACY':             '1',   # 0x01
15    # User manually requested recovery via recovery button
16    'RO_MANUAL':          '2',   # 0x02
17    # RW firmware failed signature check
18    'RO_INVALID_RW':      '3',   # 0x03
19    # S3 resume failed
20    'RO_S3_RESUME':       '4',   # 0x04
21    # TPM error in read-only firmware (deprecated)
22    'DEP_RO_TPM_ERROR':   '5',   # 0x05
23    # Shared data error in read-only firmware
24    'RO_SHARED_DATA':     '6',   # 0x06
25    # Test error from S3Resume()
26    'RO_TEST_S3':         '7',   # 0x07
27    # Test error from LoadFirmwareSetup()
28    'RO_TEST_LFS':        '8',   # 0x08
29    # Test error from LoadFirmware()
30    'RO_TEST_LF':         '9',   # 0x09
31    # RW firmware failed signature check
32    'RW_NOT_DONE':        '16',  # 0x10
33    'RW_DEV_MISMATCH':    '17',  # 0x11
34    'RW_REC_MISMATCH':    '18',  # 0x12
35    'RW_VERIFY_KEYBLOCK': '19',  # 0x13
36    'RW_KEY_ROLLBACK':    '20',  # 0x14
37    'RW_DATA_KEY_PARSE':  '21',  # 0x15
38    'RW_VERIFY_PREAMBLE': '22',  # 0x16
39    'RW_FW_ROLLBACK':     '23',  # 0x17
40    'RW_HEADER_VALID':    '24',  # 0x18
41    'RW_GET_FW_BODY':     '25',  # 0x19
42    'RW_HASH_WRONG_SIZE': '26',  # 0x1A
43    'RW_VERIFY_BODY':     '27',  # 0x1B
44    'RW_VALID':           '28',  # 0x1C
45    # Read-only normal path requested by firmware preamble, but
46    # unsupported by firmware.
47    'RW_NO_RO_NORMAL':    '29',  # 0x1D
48    # Firmware boot failure outside of verified boot
49    'RO_FIRMWARE':        '32',  # 0x20
50    # Recovery mode TPM initialization requires a system reboot.
51    # The system was already in recovery mode for some other reason
52    # when this happened.
53    'RO_TPM_REBOOT':      '33',  # 0x21
54    # EC software sync - other error
55    'EC_SOFTWARE_SYNC':   '34',  # 0x22
56    # EC software sync - unable to determine active EC image
57    'EC_UNKNOWN_IMAGE':   '35',  # 0x23
58    # EC software sync - error obtaining EC image hash (deprecated)
59    'DEP_EC_HASH':        '36',  # 0x24
60    # EC software sync - error obtaining expected EC image
61    'EC_EXPECTED_IMAGE':  '37',  # 0x25
62    # EC software sync - error updating EC
63    'EC_UPDATE':          '38',  # 0x26
64    # EC software sync - unable to jump to EC-RW
65    'EC_JUMP_RW':         '39',  # 0x27
66    # EC software sync - unable to protect / unprotect EC-RW
67    'EC_PROTECT':         '40',  # 0x28
68    # Unspecified/unknown error in read-only firmware
69    'RO_UNSPECIFIED':     '63',  # 0x3F
70    # User manually requested recovery by pressing a key at developer
71    # warning screen.
72    'RW_DEV_SCREEN':      '65',  # 0x41
73    # No OS kernel detected
74    'RW_NO_OS':           '66',  # 0x42
75    # OS kernel failed signature check
76    'RW_INVALID_OS':      '67',  # 0x43
77    # TPM error in rewritable firmware (deprecated)
78    'DEP_RW_TPM_ERROR':   '68',  # 0x44
79    # RW firmware in dev mode, but dev switch is off.
80    'RW_DEV_MISMATCH':    '69',  # 0x45
81    # Shared data error in rewritable firmware
82    'RW_SHARED_DATA':     '70',  # 0x46
83    # Test error from LoadKernel()
84    'RW_TEST_LK':         '71',  # 0x47
85    # No bootable disk found (deprecated)
86    'DEP_RW_NO_DISK':     '72',  # 0x48
87    # Rebooting did not correct TPM_E_FAIL or TPM_E_FAILEDSELFTEST
88    'TPM_E_FAIL':         '73',  # 0x49
89    # TPM setup error in read-only firmware
90    'RO_TPM_S_ERROR':     '80',  # 0x50
91    # TPM write error in read-only firmware
92    'RO_TPM_W_ERROR':     '81',  # 0x51
93    # TPM lock error in read-only firmware
94    'RO_TPM_L_ERROR':     '82',  # 0x52
95    # TPM update error in read-only firmware
96    'RO_TPM_U_ERROR':     '83',  # 0x53
97    # TPM read error in rewritable firmware
98    'RW_TPM_R_ERROR':     '84',  # 0x54
99    # TPM write error in rewritable firmware
100    'RW_TPM_W_ERROR':     '85',  # 0x55
101    # TPM lock error in rewritable firmware
102    'RW_TPM_L_ERROR':     '86',  # 0x56
103    # EC software sync unable to get EC image hash
104    'EC_HASH_FAILED':     '87',  # 0x57
105    # EC software sync invalid image hash size
106    'EC_HASH_SIZE':       '88',  # 0x58
107    # Unspecified error while trying to load kernel
108    'LK_UNSPECIFIED':     '89',  # 0x59
109    # No bootable storage device in system
110    'RW_NO_DISK':         '90',  # 0x5A
111    # No bootable kernel found on disk
112    'RW_NO_KERNEL':       '91',  # 0x5B
113    # Unspecified/unknown error in rewritable firmware
114    'RW_UNSPECIFIED':     '127', # 0x7F
115    # DM-verity error
116    'KE_DM_VERITY':       '129', # 0x81
117    # Unspecified/unknown error in kernel
118    'KE_UNSPECIFIED':     '191', # 0xBF
119    # Recovery mode test from user-mode
120    'US_TEST':            '193', # 0xC1
121    # Unspecified/unknown error in user-mode
122    'US_UNSPECIFIED':     '255', # 0xFF
123}
124
125# GBB flags, copied from:
126#     vboot_reference/firmware/include/gbb_header.h
127GBB_FLAG_DEV_SCREEN_SHORT_DELAY    = 0x00000001
128GBB_FLAG_LOAD_OPTION_ROMS          = 0x00000002
129GBB_FLAG_ENABLE_ALTERNATE_OS       = 0x00000004
130GBB_FLAG_FORCE_DEV_SWITCH_ON       = 0x00000008
131GBB_FLAG_FORCE_DEV_BOOT_USB        = 0x00000010
132GBB_FLAG_DISABLE_FW_ROLLBACK_CHECK = 0x00000020
133GBB_FLAG_ENTER_TRIGGERS_TONORM     = 0x00000040
134GBB_FLAG_FORCE_DEV_BOOT_LEGACY     = 0x00000080
135GBB_FLAG_FAFT_KEY_OVERIDE          = 0x00000100
136GBB_FLAG_DISABLE_EC_SOFTWARE_SYNC  = 0x00000200
137GBB_FLAG_DEFAULT_DEV_BOOT_LEGACY   = 0x00000400
138GBB_FLAG_DISABLE_PD_SOFTWARE_SYNC  = 0x00000800
139GBB_FLAG_DISABLE_LID_SHUTDOWN      = 0x00001000
140GBB_FLAG_FORCE_DEV_BOOT_FASTBOOT_FULL_CAP = 0x00002000
141
142
143# VbSharedData flags, copied from:
144#     vboot_reference/firmware/include/vboot_struct.h
145VDAT_FLAG_FWB_TRIED                = 0x00000001
146VDAT_FLAG_KERNEL_KEY_VERIFIED      = 0x00000002
147VDAT_FLAG_LF_DEV_SWITCH_ON         = 0x00000004
148VDAT_FLAG_LF_USE_RO_NORMAL         = 0x00000008
149VDAT_FLAG_BOOT_DEV_SWITCH_ON       = 0x00000010
150VDAT_FLAG_BOOT_REC_SWITCH_ON       = 0x00000020
151VDAT_FLAG_BOOT_FIRMWARE_WP_ENABLED = 0x00000040
152VDAT_FLAG_BOOT_S3_RESUME           = 0x00000100
153VDAT_FLAG_BOOT_RO_NORMAL_SUPPORT   = 0x00000200
154VDAT_FLAG_HONOR_VIRT_DEV_SWITCH    = 0x00000400
155VDAT_FLAG_EC_SOFTWARE_SYNC         = 0x00000800
156VDAT_FLAG_EC_SLOW_UPDATE           = 0x00001000
157
158# Firmware preamble flags, copied from:
159#     vboot_reference/firmware/include/vboot_struct.h
160PREAMBLE_USE_RO_NORMAL             = 0x00000001
161