1 /*
2  * Copyright (C) 2020 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 #pragma once
18 
19 #include <stdint.h>
20 
21 #define SYSTEM_STATE_PORT "com.android.trusty.system-state"
22 #define SYSTEM_STATE_MAX_MESSAGE_SIZE 32
23 
24 /**
25  * enum system_state_cmd - command identifiers for system_state functions
26  * @SYSTEM_STATE_CMD_RESP_BIT:  Message is a response.
27  * @SYSTEM_STATE_CMD_REQ_SHIFT: Number of bits used by @SYSTEM_STATE_RESP_BIT.
28  *
29  */
30 enum system_state_cmd {
31     SYSTEM_STATE_CMD_RESP_BIT = 1,
32     SYSTEM_STATE_CMD_REQ_SHIFT = 1,
33 
34     /** @SYSTEM_STATE_CMD_GET_FLAG: Command to read a system state flag. */
35     SYSTEM_STATE_CMD_GET_FLAG = (1 << SYSTEM_STATE_CMD_REQ_SHIFT),
36 };
37 
38 /**
39  * enum system_state_flag - flag identifiers for %SYSTEM_STATE_GET_FLAG
40  */
41 enum system_state_flag {
42     /**
43      * @SYSTEM_STATE_FLAG_PROVISIONING_ALLOWED:
44      *     Flag used to restrict when provisoning is allowed.
45      */
46     SYSTEM_STATE_FLAG_PROVISIONING_ALLOWED = 1,
47 
48     /**
49      * @SYSTEM_STATE_FLAG_APP_LOADING_UNLOCKED:
50      *     Flag used to indicate that loading apps signed with insecure dev keys
51      *     is allowed.
52      */
53     SYSTEM_STATE_FLAG_APP_LOADING_UNLOCKED = 2,
54 
55     /**
56      * @SYSTEM_STATE_FLAG_APP_LOADING_VERSION_CHECK:
57      *     Flag used to permit skipping of app version checks or rollback
58      *     version updates. Contains a value of type enum
59      *     system_state_flag_app_loading_version_check.
60      */
61     SYSTEM_STATE_FLAG_APP_LOADING_VERSION_CHECK = 3,
62 };
63 
64 /**
65  * enum system_state_flag_provisioning_allowed - Provisioning allowed states
66  * @SYSTEM_STATE_FLAG_PROVISIONING_ALLOWED_VALUE_NOT_ALLOWED:
67  *     Provisoning is not currently allowed.
68  * @SYSTEM_STATE_FLAG_PROVISIONING_ALLOWED_VALUE_ALLOWED:
69  *     Provisoning is currently allowed.
70  * @SYSTEM_STATE_FLAG_PROVISIONING_ALLOWED_VALUE_ALLOWED_AT_BOOT:
71  *     Provisoning is currently allowed if the client is in a boot stage.
72  *     For backward compatibility. Not recommened for new systems.
73  */
74 enum system_state_flag_provisioning_allowed {
75     SYSTEM_STATE_FLAG_PROVISIONING_ALLOWED_VALUE_NOT_ALLOWED = 0,
76     SYSTEM_STATE_FLAG_PROVISIONING_ALLOWED_VALUE_ALLOWED = 1,
77     SYSTEM_STATE_FLAG_PROVISIONING_ALLOWED_VALUE_ALLOWED_AT_BOOT = 2,
78 };
79 
80 /**
81  * enum system_state_flag_app_loading_version_check - App loading version check
82  * states
83  * @SYSTEM_STATE_FLAG_APP_LOADING_VERSION_CHECK_VALUE_REQUIRED
84  *     Rollback version check and updating is required
85  * @SYSTEM_STATE_FLAG_APP_LOADING_VERSION_CHECK_VALUE_SKIP_UPDATE
86  *     Rollback version check is required, but the rollback version will not be
87  *     updated.
88  * @SYSTEM_STATE_FLAG_APP_LOADING_VERSION_CHECK_VALUE_SKIP_CHECK
89  *     Rollback version check should be skipped (rollback version will not be
90  *     updated)
91  */
92 enum system_state_flag_app_loading_version_check {
93     SYSTEM_STATE_FLAG_APP_LOADING_VERSION_CHECK_VALUE_REQUIRED = 0,
94     SYSTEM_STATE_FLAG_APP_LOADING_VERSION_CHECK_VALUE_SKIP_UPDATE = 1,
95     SYSTEM_STATE_FLAG_APP_LOADING_VERSION_CHECK_VALUE_SKIP_CHECK = 2,
96 };
97 
98 /**
99  * struct system_state_req - common request structure for system_state
100  * @cmd:        Command identifier.
101  * @reserved:   Reserved, must be 0.
102  * @payload:    Payload buffer, meaning determined by @cmd.
103  */
104 struct system_state_req {
105     uint32_t cmd;
106     uint32_t reserved;
107     uint8_t payload[0];
108 };
109 
110 /**
111  * struct system_state_resp - common response structure for system_state
112  * @cmd:        Command identifier.
113  * @result:     If non-0, an lk error code.
114  * @payload:    Payload buffer, meaning determined by @cmd.
115  */
116 struct system_state_resp {
117     uint32_t cmd;
118     int32_t result;
119     uint8_t payload[0];
120 };
121 
122 /**
123  * struct system_state_get_flag_req - payload for get-flag request
124  * @flag:       One of @enum system_state_flag.
125  */
126 struct system_state_get_flag_req {
127     uint32_t flag;
128 };
129 
130 /**
131  * struct system_state_get_flag_resp - payload for get-flag response
132  * @flag:       One of @enum system_state_flag.
133  * @reserved:   Reserved, must be 0.
134  * @value:      Current value of flag @flag.
135  */
136 struct system_state_get_flag_resp {
137     uint32_t flag;
138     uint32_t reserved;
139     uint64_t value;
140 };
141