1 /* 2 * Copyright (C) 2016 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 #ifndef _NANOHUB_NANOHUB_H_ 18 #define _NANOHUB_NANOHUB_H_ 19 20 #include <inttypes.h> 21 #include <nanohub/aes.h> 22 23 /* this file is collection of nanohub-related definitions shared between multiple parties, 24 * including but not limited to: HAL, Kernel, utilities, nanohub FW 25 * it provides minimum details on nanohub implementation, necessary to reliably identify it, and 26 * generate/parse compatible images 27 */ 28 29 #define NANOHUB_OS_PATCH_LEVEL 0x0000 30 31 #define NANOHUB_VENDOR_GOOGLE UINT64_C(0x476F6F676C) // "Googl" 32 #define NANOHUB_VENDOR_STMICRO UINT64_C(0x53544d6963) // "STMic" 33 34 #define NANOAPP_SIGNED_FLAG 0x1 // contents is signed with one or more signature block(s) 35 #define NANOAPP_ENCRYPTED_FLAG 0x2 // contents is encrypted with exactly one encryption key 36 37 #define NANOAPP_AOSP_MAGIC (((uint32_t)'N' << 0) | ((uint32_t)'A' << 8) | ((uint32_t)'N' << 16) | ((uint32_t)'O' << 24)) 38 #define NANOAPP_FW_MAGIC (((uint32_t)'N' << 0) | ((uint32_t)'B' << 8) | ((uint32_t)'I' << 16) | ((uint32_t)'N' << 24)) 39 #define GOOGLE_LAYOUT_MAGIC (((uint32_t)'G' << 0) | ((uint32_t)'o' << 8) | ((uint32_t)'o' << 16) | ((uint32_t)'g' << 24)) 40 41 #define APP_ID_ANY UINT64_C(0xFFFFFFFFFFFFFFFF) 42 #define APP_VENDOR_ANY UINT64_C(0xFFFFFFFFFF) 43 #define APP_VENDOR_SHF (24) 44 #define APP_SEQ_ID_ANY UINT32_C(0xFFFFFF) 45 #define APP_ID_GET_VENDOR(appid) ((appid) >> APP_VENDOR_SHF) 46 #define APP_ID_GET_SEQ_ID(appid) ((appid) & APP_SEQ_ID_ANY) 47 #define APP_ID_MAKE(vendor, app) ((((uint64_t)(vendor)) << APP_VENDOR_SHF) | ((app) & APP_SEQ_ID_ANY)) 48 49 #ifndef CONTEXT_HUB_H 50 // The binary format below is in little endian format; borrowed from CONTEXT_HUB_H 51 struct nano_app_binary_t { 52 uint32_t header_version; // 0x1 for this version 53 uint32_t magic; // "NANO" 54 uint64_t app_id; // App Id contains vendor id 55 uint32_t app_version; // Version of the app 56 uint32_t flags; // Signed, encrypted 57 uint64_t hw_hub_type; // which hub type is this compiled for 58 uint32_t reserved[2]; // Should be all zeroes 59 uint8_t custom_binary[0]; // start of custom binary data 60 }; 61 62 #endif 63 64 struct HostMsgHdr { 65 uint32_t eventId; 66 uint64_t appId; 67 uint8_t len; 68 } __attribute__((packed)); 69 70 struct HostMsgHdrChre { 71 uint32_t eventId; 72 uint64_t appId; 73 uint8_t len; 74 uint32_t appEventId; 75 } __attribute__((packed)); 76 77 // we translate AOSP header into FW header: this header is in LE format 78 // please maintain natural alignment for every field (matters to Intel; otherwise is has to be declared as packed) 79 struct FwCommonHdr { 80 uint32_t magic; // external & internal: NANOAPP_FW_MAGIC 81 uint16_t fwVer; // external & internal: set to 1; header version 82 uint16_t fwFlags; // external & internal: class : EXTERNAL/INTERNAL, EXEC/NOEXEC, APP/KERNEL/EEDATA/... 83 uint64_t appId; // external: copy from AOSP header; internal: defined locally 84 uint32_t appVer; // external: copy from AOSP header; internal: defined locally 85 uint8_t payInfoType; // external: copy ImageLayout::payload; internal: LAYOUT_APP 86 uint8_t payInfoSize; // sizeof(PayloadInfo) for this payload type 87 uint8_t rfu[2]; // filled with 0xFF 88 }; 89 90 struct SectInfo { 91 uint32_t data_start; 92 uint32_t data_end; 93 uint32_t data_data; 94 95 uint32_t bss_start; 96 uint32_t bss_end; 97 98 uint32_t got_start; 99 uint32_t got_end; 100 uint32_t rel_start; 101 uint32_t rel_end; 102 }; 103 104 // this is platform-invariant version of struct TaskFuncs (from seos.h) 105 struct AppVectors { 106 uint32_t init; 107 uint32_t end; 108 uint32_t handle; 109 }; 110 111 #define FLASH_RELOC_OFFSET offsetof(struct AppHdr, sect) // used by appSupport.c at run time 112 #define BINARY_RELOC_OFFSET offsetof(struct BinHdr, sect) // used by postprocess at build time 113 114 struct BinCommonHdr { 115 uint32_t magic; 116 uint32_t appVer; 117 }; 118 119 // binary nanoapp image (.bin) produced by objcopy starts with this binary header (LE) 120 struct BinHdr { 121 struct BinCommonHdr hdr; 122 struct SectInfo sect; 123 struct AppVectors vec; 124 }; 125 126 // FW nanoapp image starts with this binary header (LE) in flash 127 struct AppHdr { 128 struct FwCommonHdr hdr; 129 struct SectInfo sect; 130 struct AppVectors vec; 131 }; 132 133 struct AppSecSignHdr { 134 uint32_t appDataLen; 135 }; 136 137 struct AppSecEncrHdr { 138 uint64_t keyID; 139 uint32_t dataLen; 140 uint32_t IV[AES_BLOCK_WORDS]; 141 }; 142 143 #define LAYOUT_APP 1 144 #define LAYOUT_KEY 2 145 #define LAYOUT_OS 3 146 #define LAYOUT_DATA 4 147 148 struct ImageLayout { 149 uint32_t magic; // Layout ID: (GOOGLE_LAYOUT_MAGIC for this implementation) 150 uint8_t version; // layout version 151 uint8_t payload; // type of payload: APP, SECRET KEY, OS IMAGE, USER DATA, ... 152 uint16_t flags; // layout flags: extra options for certain payload types; payload-specific 153 }; 154 155 // .napp image starts with this binary header (LE) 156 // it is optionally followed by AppSecSignHdr and/or AppSecEncrHdr 157 // all of the above are included in signing hash, but never encrypted 158 // encryption (if enabled) starts immediately after those 159 struct ImageHeader { 160 struct nano_app_binary_t aosp; 161 struct ImageLayout layout; 162 }; 163 164 #define CKK_RSA 0x00 165 #define CKK_AES 0x1F 166 167 #define CKO_PUBLIC_KEY 0x02 168 #define CKO_PRIVATE_KEY 0x03 169 #define CKO_SECRET_KEY 0x04 170 171 // flags 172 #define FL_KI_ENFORCE_ID 0x0001 // if set, size, key_type, obj_type must be valid 173 174 // payload header format: LAYOUT_KEY 175 struct KeyInfo { 176 union { 177 struct { 178 uint16_t id; // arbitrary number, != 0, equivalent of PKCS#11 name 179 uint16_t flags; // key flags (additional PKCS#11 attrs, unused for now; must be 0) 180 uint16_t size; // key size in bits 181 uint8_t key_type; // 8 LSB of PKCS-11 CKK_<KEY TYPE> 182 uint8_t obj_type; // 8 LSB of PKCS-11 CKO_<OBJ TYPE> 183 }; 184 uint64_t data; // complete 64-bit key-id, unique within this APP namespace (complete id is <APP_ID | KEY_INFO> 128 bits) 185 }; 186 }; 187 188 #define AES_KEY_ID(_id) (((struct KeyInfo){ .key_type = CKK_AES, .obj_type = CKO_SECRET_KEY, .size = 256, .id = (_id) }).data) 189 190 // payload header format: LAYOUT_APP 191 struct AppInfo { 192 struct SectInfo sect; 193 struct AppVectors vec; 194 }; 195 196 #define OS_UPDT_MARKER_INPROGRESS 0xFF 197 #define OS_UPDT_MARKER_DOWNLOADED 0xFE 198 #define OS_UPDT_MARKER_VERIFIED 0xF0 199 #define OS_UPDT_MARKER_INVALID 0x00 200 #define OS_UPDT_MAGIC "Nanohub OS" //11 bytes incl terminator 201 202 // payload header format: LAYOUT_OS 203 struct OsUpdateHdr { 204 char magic[11]; 205 uint8_t marker; //OS_UPDT_MARKER_INPROGRESS -> OS_UPDT_MARKER_DOWNLOADED -> OS_UPDT_MARKER_VERIFIED / OS_UPDT_INVALID 206 uint32_t size; //does not include the mandatory signature (using device key) that follows 207 }; 208 209 // payload header format: LAYOUT_DATA 210 struct DataInfo { 211 uint32_t id; 212 uint32_t size; 213 }; 214 215 #endif // _NANOHUB_NANOHUB_H_ 216