| /* |
| * Copyright (C) 2016 The Android Open Source Project |
| * |
| * Licensed under the Apache License, Version 2.0 (the "License"); |
| * you may not use this file except in compliance with the License. |
| * You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, software |
| * distributed under the License is distributed on an "AS IS" BASIS, |
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| * See the License for the specific language governing permissions and |
| * limitations under the License. |
| */ |
| |
| #ifndef NVRAM_CORE_PERSISTENCE_H_ |
| #define NVRAM_CORE_PERSISTENCE_H_ |
| |
| extern "C" { |
| #include <stdint.h> |
| } // extern "C" |
| |
| #include <nvram/messages/optional.h> |
| #include <nvram/messages/struct.h> |
| #include <nvram/messages/vector.h> |
| |
| #include <nvram/core/storage.h> |
| |
| namespace nvram { |
| |
| // The NVRAM header data structure, which holds global information used by the |
| // NVRAM service, such as version and a list of defined spaces. |
| struct NvramHeader { |
| // State flags affecting all spaces. |
| enum Flags { |
| kFlagDisableCreate = 1 << 0, |
| }; |
| |
| // Check whether a flag is present. |
| bool HasFlag(Flags flag) const { |
| return (flags & flag) != 0; |
| } |
| |
| // Set a flag. |
| void SetFlag(Flags flag) { |
| flags |= flag; |
| } |
| |
| // The current major header version. Bump this upon making |
| // forward-incompatible changes to the storage format. Old versions will |
| // reject the header on load and refuse to operate when they encounter a |
| // version that is larger than the compile-time one. |
| static constexpr uint32_t kVersion = 1; |
| |
| // The header version, indicating the data format revision used when the |
| // header was last written. On load, if the version is more recent then what |
| // the code can handle, we bail out. This allows making forward-incompatible |
| // changes to the data format with the guarantee that old code versions won't |
| // clobber new data. This is a last resort kill switch for old code, in |
| // general we should aim for maximum compatibility between versions. |
| uint32_t version = kVersion; |
| |
| // Current header flags. Bitwise OR of |NvramHeader::Flags| values. |
| uint32_t flags = 0; |
| |
| // A list of allocated indices, in no particular order. |
| Vector<uint32_t> allocated_indices; |
| |
| // An index that is in the process of being created or deleted. This field is |
| // used as follows: |
| // * On space creation, we add the new space's index both to |
| // |allocated_indices| and set it as the |provisional_index|. Then, the |
| // header is written, followed by the space data. If we crash in between, |
| // the next load will find |provisional_index| present and will check |
| // whether that space is present on disk or not. If not, it'll clear the |
| // index from |allocated_indices| and reset |provisional_index|, hence the |
| // space is as good as never created. |
| // * On space deletion, the deleted space's index is removed from |
| // |allocated_indices|, but stored in |provisional_index|. The, the header |
| // gets written, followed by the space deletion. If we crash in between , |
| // the next load will find the provisional index set, but the space is |
| // absent in |allocated_indices|. If this is the case, the initialization |
| // code will make sure to delete the space data if it's still around and |
| // clear |provisional_index| afterwards. |
| Optional<uint32_t> provisional_index; |
| }; |
| |
| // All data corresponding to a single NVRAM space is held in an NvramSpace |
| // structure. There is one structure per allocated index. |
| struct NvramSpace { |
| // Flags indicating internal status in effect for a space. |
| enum Flags { |
| kFlagWriteLocked = 1 << 0, |
| }; |
| |
| // Check whether a given flag is set. |
| bool HasFlag(Flags flag) const { |
| return (flags & flag) != 0; |
| } |
| |
| // Set a flag. |
| void SetFlag(Flags flag) { |
| flags |= flag; |
| } |
| |
| // A helper to simplify checking control flags. |
| bool HasControl(uint32_t control) const { |
| return (controls & (1 << control)) != 0; |
| } |
| |
| // Persistent space flags. Bitwise OR of |NvramSpace::Flags| values. |
| uint32_t flags = 0; |
| |
| // A bitmask of CONTROL_XYZ values in effect for the space. These are set at |
| // space creation time and generally not touched afterwards. |
| uint32_t controls = 0; |
| |
| // The authorization value for the space. This is a shared secret that must be |
| // provided to read and write the space as specified by the appropriate |
| // |controls| flags. |
| Blob authorization_value; |
| |
| // The space payload data. |
| Blob contents; |
| }; |
| |
| namespace persistence { |
| |
| // Load NVRAM header from storage. |
| storage::Status LoadHeader(NvramHeader* header); |
| |
| // Write the NVRAM header to storage. |
| storage::Status StoreHeader(const NvramHeader& header); |
| |
| // Load NVRAM space data for a given index from storage. |
| storage::Status LoadSpace(uint32_t index, NvramSpace* space); |
| |
| // Write the NVRAM space data for the given index to storage. |
| storage::Status StoreSpace(uint32_t index, const NvramSpace& space); |
| |
| // Delete the stored NVRAM space data for the given index. |
| storage::Status DeleteSpace(uint32_t index); |
| |
| } // namespace persistence |
| |
| } // namespace nvram |
| |
| #endif // NVRAM_CORE_PERSISTENCE_H_ |
