| # Copyright 2018 syzkaller project authors. All rights reserved. |
| # Use of this source code is governed by Apache 2 LICENSE that can be found in the LICENSE file. |
| |
| # Trusty IPC device (https://android.googlesource.com/kernel/common android-trusty-4.9). |
| |
| include <linux/ioctl.h> |
| include <linux/fcntl.h> |
| |
| resource fd_trusty[fd] |
| |
| openat$trusty(fd const[AT_FDCWD], file ptr[in, string["/dev/trusty-ipc-dev0"]], flags flags[trusty_open_flags], mode const[0]) fd_trusty |
| ioctl$TIPC_IOC_CONNECT(fd fd_trusty, cmd const[TIPC_IOC_CONNECT], arg ptr[in, string[trusty_ports]]) |
| write$trusty(fd fd_trusty, msg ptr[in, array[int8]], len len[msg]) |
| read$trusty(fd fd_trusty, msg ptr[out, array[int8]], len len[msg]) |
| |
| # TODO: describe interface for the rest of ports. |
| trusty_ports = "com.android.trusty.gatekeeper", "com.android.trusty.keymaster", "com.android.trusty.keymaster.secure", "com.android.trusty.avb", "com.android.trusty.storage.proxy", "com.android.trusty.storage.client.td", "com.android.trusty.storage.client.tdea", "com.android.trusty.storage.client.tp", "com.android.trusty.hwkey", "com.android.trusty.hwrng", "com.android.trusty.appmgmt.srv2.start" |
| |
| trusty_open_flags = O_RDWR, O_RDWR_NONBLOCK |
| |
| define O_RDWR_NONBLOCK O_RDWR | O_NONBLOCK |
| |
| # This is not defined in any kernel header. |
| define TIPC_IOC_CONNECT _IOW('r', 0x80, char*) |
| |
| define TRUSTY_ERROR_NONE 0 |
| define TRUSTY_ERROR_INVALID 1 |
| define TRUSTY_ERROR_RETRY 2 |
| define TRUSTY_ERROR_UNKNOWN 3 |
| |
| ### gatekeeper ### |
| |
| resource fd_trusty_gatekeeper[fd_trusty] |
| |
| openat$trusty_gatekeeper(fd const[AT_FDCWD], file ptr[in, string["/dev/trusty-ipc-dev0"]], flags flags[trusty_open_flags], mode const[0]) fd_trusty_gatekeeper |
| ioctl$TIPC_IOC_CONNECT_gatekeeper(fd fd_trusty_gatekeeper, cmd const[TIPC_IOC_CONNECT], arg ptr[in, string["com.android.trusty.gatekeeper"]]) |
| write$trusty_gatekeeper(fd fd_trusty_gatekeeper, msg ptr[in, trusty_gatekeeper_msg], len len[msg]) |
| |
| trusty_gatekeeper_msg [ |
| err trusty_gatekeeper_error |
| retry trusty_gatekeeper_retry |
| enroll trusty_gatekeeper_enroll |
| verify trusty_gatekeeper_verify |
| ] [varlen] |
| |
| trusty_gatekeeper_error { |
| cmd flags[trusty_gatekeeper_cmd, int32] |
| error const[TRUSTY_ERROR_INVALID, int32] |
| user_id const[0, int32] |
| } |
| |
| trusty_gatekeeper_retry { |
| cmd flags[trusty_gatekeeper_cmd, int32] |
| error const[TRUSTY_ERROR_RETRY, int32] |
| user_id const[0, int32] |
| retry_timeout int32 |
| } |
| |
| trusty_gatekeeper_enroll { |
| cmd const[TRUSTY_GK_ENROLL, int32] |
| error const[TRUSTY_ERROR_NONE, int32] |
| user_id trusty_gatekeeper_user_id |
| provided_password trusty_blob |
| enrolled_password trusty_blob |
| password_handle_len bytesize[password_handle, int32] |
| password_handle trusty_password_handle |
| } [packed] |
| |
| trusty_gatekeeper_verify { |
| cmd const[TRUSTY_GK_VERIFY, int32] |
| error const[TRUSTY_ERROR_NONE, int32] |
| user_id trusty_gatekeeper_user_id |
| challenge int64 |
| password_handle trusty_blob |
| provided_password trusty_blob |
| } [packed] |
| |
| trusty_password_handle { |
| version int8[0:2] |
| user_id int64 |
| flags bool64 |
| salt int64 |
| signature array[int8, 32] |
| hardware_backed bool8 |
| } [packed] |
| |
| trusty_blob { |
| len bytesize[data, int32] |
| data array[int8] |
| } [packed] |
| |
| type trusty_gatekeeper_user_id int32[0:4] |
| |
| trusty_gatekeeper_cmd = TRUSTY_GK_ENROLL, TRUSTY_GK_VERIFY |
| |
| define TRUSTY_GK_ENROLL 0 |
| define TRUSTY_GK_VERIFY 2 |
| |
| ### keymaster.secure ### |
| |
| resource fd_trusty_km_secure[fd_trusty] |
| |
| openat$trusty_km_secure(fd const[AT_FDCWD], file ptr[in, string["/dev/trusty-ipc-dev0"]], flags flags[trusty_open_flags], mode const[0]) fd_trusty_km_secure |
| ioctl$TIPC_IOC_CONNECT_keymaster_secure(fd fd_trusty_km_secure, cmd const[TIPC_IOC_CONNECT], arg ptr[in, string["com.android.trusty.keymaster.secure"]]) |
| write$trusty_km_secure(fd fd_trusty_km_secure, msg ptr[in, trusty_km_secure_msg], len len[msg]) |
| |
| trusty_km_secure_msg { |
| cmd const[TRUSTY_KM_GET_AUTH_TOKEN_KEY, int32] |
| } |
| |
| define TRUSTY_KM_GET_AUTH_TOKEN_KEY 0 |
| |
| ### keymaster ### |
| |
| resource fd_trusty_km[fd_trusty] |
| |
| openat$trusty_km(fd const[AT_FDCWD], file ptr[in, string["/dev/trusty-ipc-dev0"]], flags flags[trusty_open_flags], mode const[0]) fd_trusty_km |
| ioctl$TIPC_IOC_CONNECT_km(fd fd_trusty_km, cmd const[TIPC_IOC_CONNECT], arg ptr[in, string["com.android.trusty.keymaster"]]) |
| write$trusty_km(fd fd_trusty_km, msg ptr[in, trusty_km_msg], len len[msg]) |
| |
| trusty_km_msg [ |
| GENERATE_KEY trusty_km_msg_t[TRUSTY_KM_GENERATE_KEY, trusty_authorization_set] |
| BEGIN_OPERATION trusty_km_msg_t[TRUSTY_KM_BEGIN_OPERATION, trusty_km_begin_operation] |
| UPDATE_OPERATION trusty_km_msg_t[TRUSTY_KM_UPDATE_OPERATION, trusty_km_update_operation] |
| FINISH_OPERATION trusty_km_msg_t[TRUSTY_KM_FINISH_OPERATION, trusty_km_finish_operation] |
| ABORT_OPERATION trusty_km_msg_t[TRUSTY_KM_ABORT_OPERATION, int64] |
| IMPORT_KEY trusty_km_msg_t[TRUSTY_KM_IMPORT_KEY, trusty_km_import_key] |
| EXPORT_KEY trusty_km_msg_t[TRUSTY_KM_EXPORT_KEY, trusty_km_export_key] |
| GET_VERSION trusty_km_msg_t[TRUSTY_KM_GET_VERSION, void] |
| ADD_RNG_ENTROPY trusty_km_msg_t[TRUSTY_KM_ADD_RNG_ENTROPY, trusty_blob] |
| GET_SUPPORTED_ALGORITHMS trusty_km_msg_t[TRUSTY_KM_GET_SUPPORTED_ALGORITHMS, void] |
| GET_SUPPORTED_BLOCK_MODES trusty_km_msg_t[TRUSTY_KM_GET_SUPPORTED_BLOCK_MODES, trusty_km_supported_digests] |
| GET_SUPPORTED_PADDING_MODES trusty_km_msg_t[TRUSTY_KM_GET_SUPPORTED_PADDING_MODES, trusty_km_supported_digests] |
| GET_SUPPORTED_DIGESTS trusty_km_msg_t[TRUSTY_KM_GET_SUPPORTED_DIGESTS, trusty_km_supported_digests] |
| GET_SUPPORTED_IMPORT_FORMATS trusty_km_msg_t[TRUSTY_KM_GET_SUPPORTED_IMPORT_FORMATS, flags[trusty_km_algorithms, int32]] |
| GET_SUPPORTED_EXPORT_FORMATS trusty_km_msg_t[TRUSTY_KM_GET_SUPPORTED_EXPORT_FORMATS, flags[trusty_km_algorithms, int32]] |
| GET_KEY_CHARACTERISTICS trusty_km_msg_t[TRUSTY_KM_GET_KEY_CHARACTERISTICS, trusty_km_get_key_characteristics] |
| ATTEST_KEY trusty_km_msg_t[TRUSTY_KM_ATTEST_KEY, trusty_km_attest_key] |
| UPGRADE_KEY trusty_km_msg_t[TRUSTY_KM_UPGRADE_KEY, trusty_km_attest_key] |
| CONFIGURE trusty_km_msg_t[TRUSTY_KM_CONFIGURE, trusty_km_configure] |
| GET_HMAC_SHARING_PARAMETERS trusty_km_msg_t[TRUSTY_KM_GET_HMAC_SHARING_PARAMETERS, void] |
| COMPUTE_SHARED_HMAC trusty_km_msg_t[TRUSTY_KM_COMPUTE_SHARED_HMAC, trusty_km_hmac_sharing_parameters_array] |
| VERIFY_AUTHORIZATION trusty_km_msg_t[TRUSTY_KM_VERIFY_AUTHORIZATION, trusty_km_verify_authorization] |
| DELETE_KEY trusty_km_msg_t[TRUSTY_KM_DELETE_KEY, trusty_blob] |
| DELETE_ALL_KEYS trusty_km_msg_t[TRUSTY_KM_DELETE_ALL_KEYS, void] |
| # TODO: is DESTROY_ATTESTATION_IDS a thing? Where is it handled? |
| IMPORT_WRAPPED_KEY trusty_km_msg_t[TRUSTY_KM_IMPORT_WRAPPED_KEY, trusty_km_import_wrapped_key] |
| ] [varlen] |
| |
| type trusty_km_msg_t[CMD, PAYLOAD] { |
| cmd const[CMD, int32] |
| payload PAYLOAD |
| } [packed] |
| |
| trusty_km_begin_operation { |
| purpose int32 |
| key trusty_blob |
| additional_params trusty_authorization_set |
| } [packed] |
| |
| trusty_km_update_operation { |
| handle int64 |
| input trusty_blob |
| additional_params trusty_authorization_set |
| } [packed] |
| |
| trusty_km_finish_operation { |
| handle int64 |
| signature trusty_blob |
| additional_params trusty_authorization_set |
| input trusty_blob |
| } [packed] |
| |
| trusty_km_import_key { |
| key_description trusty_authorization_set |
| key_format flags[trusty_km_key_format, int32] |
| key_material trusty_blob |
| } [packed] |
| |
| trusty_km_key_format = 0, 1, 3 |
| |
| trusty_km_export_key { |
| key_description trusty_authorization_set |
| key_format flags[trusty_km_key_format, int32] |
| key_material trusty_blob |
| } [packed] |
| |
| trusty_km_supported_digests { |
| algorithm flags[trusty_km_algorithms, int32] |
| purpose flags[trusty_km_purposes, int32] |
| } [packed] |
| |
| trusty_km_algorithms = 1, 2, 3, 32, 33, 128 |
| trusty_km_purposes = 0, 1, 2, 3, 4, 5 |
| |
| trusty_km_get_key_characteristics { |
| key_blob trusty_blob |
| additional_params trusty_authorization_set |
| } [packed] |
| |
| trusty_km_attest_key { |
| key_blob trusty_blob |
| attest_params trusty_authorization_set |
| } [packed] |
| |
| trusty_km_configure { |
| os_version int32 |
| os_patchlevel int32 |
| } [packed] |
| |
| trusty_km_hmac_sharing_parameters_array { |
| num_params len[params, int32] |
| params array[trusty_km_hmac_sharing_parameter] |
| } [packed] |
| |
| trusty_km_hmac_sharing_parameter { |
| seed trusty_blob |
| none array[int8, 32] |
| } [packed] |
| |
| trusty_km_verify_authorization { |
| challenge int64 |
| parameters_to_verify trusty_authorization_set |
| auth_token trusty_km_hardware_auth_token |
| } [packed] |
| |
| trusty_km_hardware_auth_token { |
| challenge int64 |
| user_id int64 |
| authenticator_id int64 |
| authenticator_type int32 |
| timestamp int64 |
| mac trusty_blob |
| } [packed] |
| |
| trusty_km_import_wrapped_key { |
| wrapped_key trusty_blob |
| wrapping_key trusty_blob |
| masking_key trusty_blob |
| additional_params trusty_authorization_set |
| password_sid int64 |
| biometric_sid int64 |
| } [packed] |
| |
| trusty_authorization_set { |
| indirect_data trusty_blob |
| elements_count len[elements, int32] |
| elements_size bytesize[elements, int32] |
| elements array[trusty_authorization_elem] |
| } [packed] |
| |
| trusty_authorization_elem [ |
| ENUM trusty_authorization_elem_t[TRUSTY_KM_ENUM, int32] |
| ENUM_REP trusty_authorization_elem_t[TRUSTY_KM_ENUM_REP, int32] |
| UINT trusty_authorization_elem_t[TRUSTY_KM_UINT, int32] |
| UINT_REP trusty_authorization_elem_t[TRUSTY_KM_UINT_REP, int32] |
| ULONG trusty_authorization_elem_t[TRUSTY_KM_ULONG, int64] |
| ULONG_REP trusty_authorization_elem_t[TRUSTY_KM_ULONG_REP, int64] |
| DATE trusty_authorization_elem_t[TRUSTY_KM_DATE, int64] |
| BOOL trusty_authorization_elem_t[TRUSTY_KM_BOOL, bool8] |
| BIGNUM trusty_authorization_elem_t[TRUSTY_KM_BIGNUM, trusty_authorization_bytes] |
| BYTES trusty_authorization_elem_t[TRUSTY_KM_BYTES, trusty_authorization_bytes] |
| ] [varlen] |
| |
| type trusty_authorization_elem_t[TAG, DATA] { |
| tag const[TAG, int32] |
| data DATA |
| } [packed] |
| |
| trusty_authorization_bytes { |
| # NEED: these are length/offset in trusty_authorization_set.indirect_data. |
| data_length int32 |
| offset int32 |
| } [packed] |
| |
| define TRUSTY_KM_REQ_SHIFT 2 |
| define TRUSTY_KM_GENERATE_KEY 0 << TRUSTY_KM_REQ_SHIFT |
| define TRUSTY_KM_BEGIN_OPERATION 1 << TRUSTY_KM_REQ_SHIFT |
| define TRUSTY_KM_UPDATE_OPERATION 2 << TRUSTY_KM_REQ_SHIFT |
| define TRUSTY_KM_FINISH_OPERATION 3 << TRUSTY_KM_REQ_SHIFT |
| define TRUSTY_KM_ABORT_OPERATION 4 << TRUSTY_KM_REQ_SHIFT |
| define TRUSTY_KM_IMPORT_KEY 5 << TRUSTY_KM_REQ_SHIFT |
| define TRUSTY_KM_EXPORT_KEY 6 << TRUSTY_KM_REQ_SHIFT |
| define TRUSTY_KM_GET_VERSION 7 << TRUSTY_KM_REQ_SHIFT |
| define TRUSTY_KM_ADD_RNG_ENTROPY 8 << TRUSTY_KM_REQ_SHIFT |
| define TRUSTY_KM_GET_SUPPORTED_ALGORITHMS 9 << TRUSTY_KM_REQ_SHIFT |
| define TRUSTY_KM_GET_SUPPORTED_BLOCK_MODES 10 << TRUSTY_KM_REQ_SHIFT |
| define TRUSTY_KM_GET_SUPPORTED_PADDING_MODES 11 << TRUSTY_KM_REQ_SHIFT |
| define TRUSTY_KM_GET_SUPPORTED_DIGESTS 12 << TRUSTY_KM_REQ_SHIFT |
| define TRUSTY_KM_GET_SUPPORTED_IMPORT_FORMATS 13 << TRUSTY_KM_REQ_SHIFT |
| define TRUSTY_KM_GET_SUPPORTED_EXPORT_FORMATS 14 << TRUSTY_KM_REQ_SHIFT |
| define TRUSTY_KM_GET_KEY_CHARACTERISTICS 15 << TRUSTY_KM_REQ_SHIFT |
| define TRUSTY_KM_ATTEST_KEY 16 << TRUSTY_KM_REQ_SHIFT |
| define TRUSTY_KM_UPGRADE_KEY 17 << TRUSTY_KM_REQ_SHIFT |
| define TRUSTY_KM_CONFIGURE 18 << TRUSTY_KM_REQ_SHIFT |
| define TRUSTY_KM_GET_HMAC_SHARING_PARAMETERS 19 << TRUSTY_KM_REQ_SHIFT |
| define TRUSTY_KM_COMPUTE_SHARED_HMAC 20 << TRUSTY_KM_REQ_SHIFT |
| define TRUSTY_KM_VERIFY_AUTHORIZATION 21 << TRUSTY_KM_REQ_SHIFT |
| define TRUSTY_KM_DELETE_KEY 22 << TRUSTY_KM_REQ_SHIFT |
| define TRUSTY_KM_DELETE_ALL_KEYS 23 << TRUSTY_KM_REQ_SHIFT |
| define TRUSTY_KM_DESTROY_ATTESTATION_IDS 24 << TRUSTY_KM_REQ_SHIFT |
| define TRUSTY_KM_IMPORT_WRAPPED_KEY 25 << TRUSTY_KM_REQ_SHIFT |
| |
| define TRUSTY_KM_ENUM 1 << 28 |
| define TRUSTY_KM_ENUM_REP 2 << 28 |
| define TRUSTY_KM_UINT 3 << 28 |
| define TRUSTY_KM_UINT_REP 4 << 28 |
| define TRUSTY_KM_ULONG 5 << 28 |
| define TRUSTY_KM_DATE 6 << 28 |
| define TRUSTY_KM_BOOL 7 << 28 |
| define TRUSTY_KM_BIGNUM 8 << 28 |
| define TRUSTY_KM_BYTES 9 << 28 |
| define TRUSTY_KM_ULONG_REP 10 << 28 |
| |
| # TODO: does it make sense to exercise bootloader commands? |
| # They should be locked when Linux starts and we probably trust bootloader anyway? |
| |
| ### avb ### |
| |
| resource fd_trusty_avb[fd_trusty] |
| |
| openat$trusty_avb(fd const[AT_FDCWD], file ptr[in, string["/dev/trusty-ipc-dev0"]], flags flags[trusty_open_flags], mode const[0]) fd_trusty_avb |
| ioctl$TIPC_IOC_CONNECT_avb(fd fd_trusty_avb, cmd const[TIPC_IOC_CONNECT], arg ptr[in, string["com.android.trusty.avb"]]) |
| write$trusty_avb(fd fd_trusty_avb, msg ptr[in, trusty_avb_msg], len len[msg]) |
| |
| trusty_avb_msg [ |
| READ_ROLLBACK_INDEX trusty_avb_msg_t[TRUSTY_AVB_READ_ROLLBACK_INDEX, trusty_avb_rollback_index] |
| WRITE_ROLLBACK_INDEX trusty_avb_msg_t[TRUSTY_AVB_WRITE_ROLLBACK_INDEX, trusty_avb_rollback_index] |
| AVB_GET_VERSION trusty_avb_msg_t[TRUSTY_AVB_GET_VERSION, void] |
| READ_PERMANENT_ATTRIBUTES trusty_avb_msg_t[TRUSTY_AVB_READ_PERMANENT_ATTRIBUTES, void] |
| WRITE_PERMANENT_ATTRIBUTES trusty_avb_msg_t[TRUSTY_AVB_WRITE_PERMANENT_ATTRIBUTES, array[int8]] |
| READ_LOCK_STATE trusty_avb_msg_t[TRUSTY_AVB_READ_LOCK_STATE, void] |
| WRITE_LOCK_STATE trusty_avb_msg_t[TRUSTY_AVB_WRITE_LOCK_STATE, int8] |
| LOCK_BOOT_STATE trusty_avb_msg_t[TRUSTY_AVB_LOCK_BOOT_STATE, void] |
| ] [varlen] |
| |
| type trusty_avb_msg_t[CMD, PAYLOAD] { |
| cmd const[CMD, int32] |
| payload PAYLOAD |
| } [packed] |
| |
| trusty_avb_rollback_index { |
| value int64 |
| slot int32 |
| } [packed] |
| |
| define TRUSTY_AVB_REQ_SHIFT 1 |
| define TRUSTY_AVB_READ_ROLLBACK_INDEX 0 << TRUSTY_AVB_REQ_SHIFT |
| define TRUSTY_AVB_WRITE_ROLLBACK_INDEX 1 << TRUSTY_AVB_REQ_SHIFT |
| define TRUSTY_AVB_GET_VERSION 2 << TRUSTY_AVB_REQ_SHIFT |
| define TRUSTY_AVB_READ_PERMANENT_ATTRIBUTES 3 << TRUSTY_AVB_REQ_SHIFT |
| define TRUSTY_AVB_WRITE_PERMANENT_ATTRIBUTES 4 << TRUSTY_AVB_REQ_SHIFT |
| define TRUSTY_AVB_READ_LOCK_STATE 5 << TRUSTY_AVB_REQ_SHIFT |
| define TRUSTY_AVB_WRITE_LOCK_STATE 6 << TRUSTY_AVB_REQ_SHIFT |
| define TRUSTY_AVB_LOCK_BOOT_STATE 7 << TRUSTY_AVB_REQ_SHIFT |
| |
| ### storage ### |
| |
| resource fd_trusty_storage[fd_trusty] |
| |
| openat$trusty_storage(fd const[AT_FDCWD], file ptr[in, string["/dev/trusty-ipc-dev0"]], flags flags[trusty_open_flags], mode const[0]) fd_trusty_storage |
| ioctl$TIPC_IOC_CONNECT_storage(fd fd_trusty_storage, cmd const[TIPC_IOC_CONNECT], arg ptr[in, string[trusty_storage_ports]]) |
| write$trusty_storage(fd fd_trusty_storage, msg ptr[in, trusty_storage], len len[msg]) |
| |
| trusty_storage_ports = "com.android.trusty.storage.proxy", "com.android.trusty.storage.client.td", "com.android.trusty.storage.client.tdea", "com.android.trusty.storage.client.tp" |
| |
| trusty_storage [ |
| delete trusty_storage_msg[TRUSTY_STORAGE_FILE_DELETE, trusty_storage_file_delete_req] |
| open trusty_storage_msg[TRUSTY_STORAGE_FILE_OPEN, trusty_storage_file_open_req] |
| close trusty_storage_msg[TRUSTY_STORAGE_FILE_CLOSE, trusty_storage_file_close_req] |
| read trusty_storage_msg[TRUSTY_STORAGE_FILE_READ, trusty_storage_file_read_req] |
| write trusty_storage_msg[TRUSTY_STORAGE_FILE_WRITE, trusty_storage_file_write_req] |
| get_size trusty_storage_msg[TRUSTY_STORAGE_FILE_GET_SIZE, trusty_storage_file_get_size_req] |
| set_size trusty_storage_msg[TRUSTY_STORAGE_FILE_SET_SIZE, trusty_storage_file_set_size_req] |
| rpmb trusty_storage_msg[TRUSTY_STORAGE_RPMB_SEND, trusty_storage_rpmb_send_req] |
| end_trans trusty_storage_msg[TRUSTY_STORAGE_END_TRANSACTION, void] |
| move trusty_storage_msg[TRUSTY_STORAGE_FILE_MOVE, trusty_storage_file_move_req] |
| list trusty_storage_msg[TRUSTY_STORAGE_FILE_LIST, trusty_storage_file_list_req] |
| ] [varlen] |
| |
| type trusty_storage_msg[CMD, PAYLOAD] { |
| cmd const[CMD, int32] |
| op_id int32[0:4] |
| flags int32[0:7] |
| size bytesize[parent, int32] |
| # TODO: this is only output, right? |
| result const[0, int32] |
| __reserved const[0, int32] |
| payload PAYLOAD |
| } |
| |
| define TRUSTY_STORAGE_FILE_DELETE 1 << 1 |
| define TRUSTY_STORAGE_FILE_OPEN 2 << 1 |
| define TRUSTY_STORAGE_FILE_CLOSE 3 << 1 |
| define TRUSTY_STORAGE_FILE_READ 4 << 1 |
| define TRUSTY_STORAGE_FILE_WRITE 5 << 1 |
| define TRUSTY_STORAGE_FILE_GET_SIZE 6 << 1 |
| define TRUSTY_STORAGE_FILE_SET_SIZE 7 << 1 |
| define TRUSTY_STORAGE_RPMB_SEND 8 << 1 |
| define TRUSTY_STORAGE_END_TRANSACTION 9 << 1 |
| define TRUSTY_STORAGE_FILE_MOVE 10 << 1 |
| define TRUSTY_STORAGE_FILE_LIST 11 << 1 |
| |
| # Server returns handles in responses to requests, we don't parse them, so we just use int32 for now. |
| type trusty_storage_handle int32[0:4] |
| |
| trusty_storage_file_delete_req { |
| flags const[0, int32] |
| name stringnoz |
| } |
| |
| trusty_storage_file_move_req { |
| flags int32[0:7] |
| handle trusty_storage_handle |
| old_name_len bytesize[old_new_name, int32] |
| old_new_name stringnoz |
| new_new_name stringnoz |
| } [packed] |
| |
| trusty_storage_file_open_req { |
| flags int32[0:7] |
| name stringnoz |
| } |
| |
| trusty_storage_file_close_req { |
| handle trusty_storage_handle |
| } |
| |
| trusty_storage_file_read_req { |
| handle trusty_storage_handle |
| size int32 |
| offset int64 |
| } |
| |
| trusty_storage_file_write_req { |
| offset int64 |
| handle trusty_storage_handle |
| __reserved const[0, int32] |
| data array[int8] |
| } |
| |
| trusty_storage_file_list_req { |
| max_count int8 |
| flags int8[0:7] |
| name stringnoz |
| } |
| |
| trusty_storage_file_get_size_req { |
| handle trusty_storage_handle |
| } |
| |
| trusty_storage_file_set_size_req { |
| size int64 |
| handle trusty_storage_handle |
| } |
| |
| trusty_storage_rpmb_send_req { |
| reliable_write_size bytesize[reliable_write, int32] |
| write_size bytesize[write, int32] |
| read_size flags[trusty_storage_rpmb_read_size, int32] |
| __reserved const[0, int32] |
| reliable_write array[array[const[0, int8], 512]] |
| write array[array[const[0, int8], 512]] |
| } [packed] |
| |
| # NEED: this should be a 512-aligned int in range [0:4096] |
| trusty_storage_rpmb_read_size = 0, 512, 1024, 1536, 1536, 2048, 2560, 3072, 3584, 4096 |
| |
| ### hwkey ### |
| |
| resource fd_trusty_hwkey[fd_trusty] |
| |
| openat$trusty_hwkey(fd const[AT_FDCWD], file ptr[in, string["/dev/trusty-ipc-dev0"]], flags flags[trusty_open_flags], mode const[0]) fd_trusty_hwkey |
| ioctl$TIPC_IOC_CONNECT_hwkey(fd fd_trusty_hwkey, cmd const[TIPC_IOC_CONNECT], arg ptr[in, string["com.android.trusty.hwkey"]]) |
| write$trusty_hwkey(fd fd_trusty_hwkey, msg ptr[in, trusty_hwkey], len len[msg]) |
| |
| trusty_hwkey [ |
| get trusty_hwkey_msg[TRUSTY_HWKEY_GET_KEYSLOT, stringnoz] |
| derive trusty_hwkey_msg[TRUSTY_HWKEY_DERIVE, stringnoz] |
| ] [varlen] |
| |
| type trusty_hwkey_msg[CMD, PAYLOAD] { |
| cmd const[CMD, int32] |
| op_id int32[0:4] |
| status const[0, int32] |
| arg1 const[0, int32] |
| arg2 const[0, int32] |
| payload PAYLOAD |
| } |
| |
| define TRUSTY_HWKEY_GET_KEYSLOT 0 << 1 |
| define TRUSTY_HWKEY_DERIVE 1 << 1 |
| |
| ### hwrng ### |
| |
| resource fd_trusty_hwrng[fd_trusty] |
| |
| openat$trusty_hwrng(fd const[AT_FDCWD], file ptr[in, string["/dev/trusty-ipc-dev0"]], flags flags[trusty_open_flags], mode const[0]) fd_trusty_hwrng |
| ioctl$TIPC_IOC_CONNECT_hwrng(fd fd_trusty_hwrng, cmd const[TIPC_IOC_CONNECT], arg ptr[in, string["com.android.trusty.hwrng"]]) |
| write$trusty_hwrng(fd fd_trusty_hwrng, msg ptr[in, int32], len len[msg]) |