Re: [PATCH v1] include: android_bootloader_message.h: sync with AOSP upstream
Hi Igor, Sam, On mar., févr. 20, 2024 at 20:08, Igor Opaniuk wrote: > Hi Sam, > > On Tue, Feb 20, 2024 at 7:29 PM Sam Protsenko > wrote: >> >> On Mon, Feb 19, 2024 at 4:16 AM Igor Opaniuk wrote: >> > >> > This takes the latest changes from AOSP from [1][2] (as this >> > header was split on two) with minimal changes (this could lead >> > to warnings reported by checkpatch). >> >> Do we want to maybe follow that and also carry two different headers >> in U-Boot? Or it doesn't make much sense? I'm thinking in terms of >> future portability mostly: how easy it's to update this header right >> now, and how easy it's going to be further. I didn't form any opinion >> on that, hence asking. > The problem is licensing. android_bootloader_message.h was > re-licensed by Alex Deymo from Google under BSD-3-Clause, > which is GPLv2 compatible. I'm not sure it's legally correct to pull > boot_control_definition.h from AOSP licensed under Apache as a > separate file. I'd prefer a separate file as well but I'm not familiar enough with licensing to see if that's a problem. I'm ok to keep as is. > >> >> Another thing: are you sure that changing only the header won't break >> anything in U-Boot .c files that use this header? > > I've tested both ab_select and avb verify in QEMU. Or do you mean > something else additionally should be tested? I've boot tested this on VIM3 and tested adb reboot bootloader, adb reboot fastboot (which writes things into the misc partition) > >> >> > >> > Some local changes have been applied: >> >> Is it possible to split this work into two patches: >> 1. Bring the original changes only >> 2. Apply all necessary changes for U-Boot >> >> Or does it break the build, etc? Again, thinking in terms of >> portability easiness, and not sure which approach is better -- just >> asking basically. > Yeah, that's the problem, as splitting this on two commits > will lead to the first one reporting warnings/notes. > >> >> > 1. Enable static_assert() for defined structures to be sure >> > that all of them have correct sizes. >> > 2. Adjuste types in bootloader_control structure with bitfields >> >> Adjuste -> adjust > Will fix, thanks! >> >> > (uint8_t -> uint16_t). It seems that gcc just doesn't like bitfields >> >> I wonder if all those extra changes can be upstreamed back to AOSP? >> Ideally we'd want to just copy those headers over from AOSP to U-Boot >> with no changes, would make the porting work easier. What are your >> thoughts on that? > Technically we can, I was planning to do that. I'm not sure this change will be of interest to AOSP, since they moved to the AIDL implementation here: https://android.googlesource.com/platform/hardware/interfaces/+/refs/heads/main/boot/aidl/default/ If you submit it on gerrit, can you please cc me? (using this email address) > >> >> > that cross the width of the type. Changing the type doesn't change >> > the layout though. >> > This addresses this gcc note: >> > In file included from boot/android_ab.c:7: >> > include/android_bootloader_message.h:230:1: note: offset of packed >> > bit-field ‘merge_status’ has changed in GCC 4.4 >> > 230 | } __attribute__((packed)); >> > >> > [1] >> > https://android.googlesource.com/platform/bootable/recovery/+/main/bootloader_message/include/bootloader_message/bootloader_message.h >> > [2] >> > https://android.googlesource.com/platform/hardware/interfaces/+/main/boot/1.1/default/boot_control/include/private/boot_control_definition.h >> > >> > CC: Alex Deymo >> > CC: Sam Protsenko >> > CC: Eugeniu Rosca >> > CC: Simon Glass >> > Signed-off-by: Igor Opaniuk >> > --- >> > >> > include/android_bootloader_message.h | 104 +++ >> > 1 file changed, 92 insertions(+), 12 deletions(-) >> > >> > diff --git a/include/android_bootloader_message.h >> > b/include/android_bootloader_message.h >> > index 286d7ab0f31..75198fc9dc2 100644 >> > --- a/include/android_bootloader_message.h >> > +++ b/include/android_bootloader_message.h >> > @@ -21,17 +21,22 @@ >> > * stddef.h >> > */ >> > #include >> > +#include >> > #endif >> > >> > // Spaces used by misc partition are as below: >> > // 0 - 2K For bootloader_message >> > // 2K - 16KUsed by Vendor's bootloader (the 2K - 4K range may be >> > optionally used >> > // as bootloader_message_ab struct) >> > -// 16K - 64KUsed by uncrypt and recovery to store wipe_package for >> > A/B devices >> > +// 16K - 32KUsed by uncrypt and recovery to store wipe_package for >> > A/B devices >> > +// 32K - 64KSystem space, used for miscellanious AOSP features. See >> > below. >> > // Note that these offsets are admitted by bootloader,recovery and >> > uncrypt, so they >> > // are not configurable without changing all of them. >> > static const size_t BOOTLOADER_MESSAGE_OFFSET_IN_MISC = 0; >> > +static const size_t VENDOR_SPACE_OFFSET_IN_MISC = 2 * 1024; >> > static const size_t WIPE_PACKAGE_OFFSET_IN_MISC = 16 *
Re: [PATCH v1] include: android_bootloader_message.h: sync with AOSP upstream
Hi Igor,
Thank you for the patch.
On lun., févr. 19, 2024 at 11:15, Igor Opaniuk wrote:
> This takes the latest changes from AOSP from [1][2] (as this
> header was split on two) with minimal changes (this could lead
> to warnings reported by checkpatch).
>
> Some local changes have been applied:
> 1. Enable static_assert() for defined structures to be sure
> that all of them have correct sizes.
> 2. Adjuste types in bootloader_control structure with bitfields
> (uint8_t -> uint16_t). It seems that gcc just doesn't like bitfields
> that cross the width of the type. Changing the type doesn't change
> the layout though.
> This addresses this gcc note:
> In file included from boot/android_ab.c:7:
> include/android_bootloader_message.h:230:1: note: offset of packed bit-field
> ‘merge_status’ has changed in GCC 4.4
> 230 | } __attribute__((packed));
>
> [1]
> https://android.googlesource.com/platform/bootable/recovery/+/main/bootloader_message/include/bootloader_message/bootloader_message.h
> [2]
> https://android.googlesource.com/platform/hardware/interfaces/+/main/boot/1.1/default/boot_control/include/private/boot_control_definition.h
nitpick: Can you please put in the commit message the sha-1 from when this was
synced?
Looking at platform/bootable/recovery, I can see that there are some new
structures introduced (misc_control_message) in
commit 5a4a41ee2e4b ("misctrl: read message, incl 16kb flag")
To do the review, I used:
* //bootable/recovery: a4aec2f2ceac ("Add kcmdline bootloader message")
* //hardware/interfaces: c4b2f5b564e3 ("Merge "Merge Android 14 QPR2 to AOSP
main" into main")
>
> CC: Alex Deymo
> CC: Sam Protsenko
> CC: Eugeniu Rosca
> CC: Simon Glass
> Signed-off-by: Igor Opaniuk
Tested on Khadas VIM3 that I could reboot into fastbootd (recovery)
and into fastboot(u-boot) from Android using:
$ adb reboot fastboot
$ adb reboot bootloader
Reviewed-by: Mattijs Korpershoek
Tested-by: Mattijs Korpershoek # on vim3
> ---
>
> include/android_bootloader_message.h | 104 +++
> 1 file changed, 92 insertions(+), 12 deletions(-)
>
> diff --git a/include/android_bootloader_message.h
> b/include/android_bootloader_message.h
> index 286d7ab0f31..75198fc9dc2 100644
> --- a/include/android_bootloader_message.h
> +++ b/include/android_bootloader_message.h
> @@ -21,17 +21,22 @@
> * stddef.h
> */
> #include
> +#include
> #endif
>
> // Spaces used by misc partition are as below:
> // 0 - 2K For bootloader_message
> // 2K - 16KUsed by Vendor's bootloader (the 2K - 4K range may be
> optionally used
> // as bootloader_message_ab struct)
> -// 16K - 64KUsed by uncrypt and recovery to store wipe_package for A/B
> devices
> +// 16K - 32KUsed by uncrypt and recovery to store wipe_package for A/B
> devices
> +// 32K - 64KSystem space, used for miscellanious AOSP features. See
> below.
> // Note that these offsets are admitted by bootloader,recovery and uncrypt,
> so they
> // are not configurable without changing all of them.
> static const size_t BOOTLOADER_MESSAGE_OFFSET_IN_MISC = 0;
> +static const size_t VENDOR_SPACE_OFFSET_IN_MISC = 2 * 1024;
> static const size_t WIPE_PACKAGE_OFFSET_IN_MISC = 16 * 1024;
> +static const size_t SYSTEM_SPACE_OFFSET_IN_MISC = 32 * 1024;
> +static const size_t SYSTEM_SPACE_SIZE_IN_MISC = 32 * 1024;
>
> /* Bootloader Message (2-KiB)
> *
> @@ -81,24 +86,67 @@ struct bootloader_message {
> char reserved[1184];
> };
>
> +// Holds Virtual A/B merge status information. Current version is 1. New
> fields
> +// must be added to the end.
> +struct misc_virtual_ab_message {
> + uint8_t version;
> + uint32_t magic;
> + uint8_t merge_status; // IBootControl 1.1, MergeStatus enum.
> + uint8_t source_slot; // Slot number when merge_status was written.
> + uint8_t reserved[57];
> +} __attribute__((packed));
> +
> +struct misc_memtag_message {
> + uint8_t version;
> + uint32_t magic; // magic string for treble compat
> + uint32_t memtag_mode;
> + uint8_t reserved[55];
> +} __attribute__((packed));
> +
> +struct misc_kcmdline_message {
> + uint8_t version;
> + uint32_t magic;
> + uint64_t kcmdline_flags;
> + uint8_t reserved[51];
> +} __attribute__((packed));
> +
> +#define MISC_VIRTUAL_AB_MESSAGE_VERSION 2
> +#define MISC_VIRTUAL_AB_MAGIC_HEADER 0x56740AB0
> +
> +#define MISC_MEMTAG_MESSAGE_VERSION 1
> +#define MISC_MEMTAG_MAGIC_HEADER 0x5afefe5a
> +#define MISC_MEMTAG_MODE_MEMTAG 0x1
> +#define MISC_MEMTAG_MODE_MEMTAG_ONCE 0x2
> +#define MISC_MEMTAG_MODE_MEMTAG_KERNEL 0x4
> +#define MISC_MEMTAG_MODE_MEMTAG_KERNEL_ONCE 0x8
> +#define MISC_MEMTAG_MODE_MEMTAG_OFF 0x10
> +// This is set when the state was overridden forcibly. This does not need to
> be
> +// interpreted by the bootloader but is only for bookkeeping purposes so
> +// userspace knows what to do when the override is undone.
> +// See system/extras/mtectrl in AOSP for more information.
> +#define
Re: [PATCH v1] include: android_bootloader_message.h: sync with AOSP upstream
+CC Mattijs
On Mon, Feb 19, 2024 at 11:16 AM Igor Opaniuk
wrote:
> This takes the latest changes from AOSP from [1][2] (as this
> header was split on two) with minimal changes (this could lead
> to warnings reported by checkpatch).
>
> Some local changes have been applied:
> 1. Enable static_assert() for defined structures to be sure
> that all of them have correct sizes.
> 2. Adjuste types in bootloader_control structure with bitfields
> (uint8_t -> uint16_t). It seems that gcc just doesn't like bitfields
> that cross the width of the type. Changing the type doesn't change
> the layout though.
> This addresses this gcc note:
> In file included from boot/android_ab.c:7:
> include/android_bootloader_message.h:230:1: note: offset of packed
> bit-field ‘merge_status’ has changed in GCC 4.4
> 230 | } __attribute__((packed));
>
> [1]
> https://android.googlesource.com/platform/bootable/recovery/+/main/bootloader_message/include/bootloader_message/bootloader_message.h
> [2]
> https://android.googlesource.com/platform/hardware/interfaces/+/main/boot/1.1/default/boot_control/include/private/boot_control_definition.h
>
> CC: Alex Deymo
> CC: Sam Protsenko
> CC: Eugeniu Rosca
> CC: Simon Glass
> Signed-off-by: Igor Opaniuk
> ---
>
> include/android_bootloader_message.h | 104 +++
> 1 file changed, 92 insertions(+), 12 deletions(-)
>
> diff --git a/include/android_bootloader_message.h
> b/include/android_bootloader_message.h
> index 286d7ab0f31..75198fc9dc2 100644
> --- a/include/android_bootloader_message.h
> +++ b/include/android_bootloader_message.h
> @@ -21,17 +21,22 @@
> * stddef.h
> */
> #include
> +#include
> #endif
>
> // Spaces used by misc partition are as below:
> // 0 - 2K For bootloader_message
> // 2K - 16KUsed by Vendor's bootloader (the 2K - 4K range may be
> optionally used
> // as bootloader_message_ab struct)
> -// 16K - 64KUsed by uncrypt and recovery to store wipe_package for
> A/B devices
> +// 16K - 32KUsed by uncrypt and recovery to store wipe_package for
> A/B devices
> +// 32K - 64KSystem space, used for miscellanious AOSP features. See
> below.
> // Note that these offsets are admitted by bootloader,recovery and
> uncrypt, so they
> // are not configurable without changing all of them.
> static const size_t BOOTLOADER_MESSAGE_OFFSET_IN_MISC = 0;
> +static const size_t VENDOR_SPACE_OFFSET_IN_MISC = 2 * 1024;
> static const size_t WIPE_PACKAGE_OFFSET_IN_MISC = 16 * 1024;
> +static const size_t SYSTEM_SPACE_OFFSET_IN_MISC = 32 * 1024;
> +static const size_t SYSTEM_SPACE_SIZE_IN_MISC = 32 * 1024;
>
> /* Bootloader Message (2-KiB)
> *
> @@ -81,24 +86,67 @@ struct bootloader_message {
> char reserved[1184];
> };
>
> +// Holds Virtual A/B merge status information. Current version is 1. New
> fields
> +// must be added to the end.
> +struct misc_virtual_ab_message {
> + uint8_t version;
> + uint32_t magic;
> + uint8_t merge_status; // IBootControl 1.1, MergeStatus enum.
> + uint8_t source_slot; // Slot number when merge_status was written.
> + uint8_t reserved[57];
> +} __attribute__((packed));
> +
> +struct misc_memtag_message {
> + uint8_t version;
> + uint32_t magic; // magic string for treble compat
> + uint32_t memtag_mode;
> + uint8_t reserved[55];
> +} __attribute__((packed));
> +
> +struct misc_kcmdline_message {
> + uint8_t version;
> + uint32_t magic;
> + uint64_t kcmdline_flags;
> + uint8_t reserved[51];
> +} __attribute__((packed));
> +
> +#define MISC_VIRTUAL_AB_MESSAGE_VERSION 2
> +#define MISC_VIRTUAL_AB_MAGIC_HEADER 0x56740AB0
> +
> +#define MISC_MEMTAG_MESSAGE_VERSION 1
> +#define MISC_MEMTAG_MAGIC_HEADER 0x5afefe5a
> +#define MISC_MEMTAG_MODE_MEMTAG 0x1
> +#define MISC_MEMTAG_MODE_MEMTAG_ONCE 0x2
> +#define MISC_MEMTAG_MODE_MEMTAG_KERNEL 0x4
> +#define MISC_MEMTAG_MODE_MEMTAG_KERNEL_ONCE 0x8
> +#define MISC_MEMTAG_MODE_MEMTAG_OFF 0x10
> +// This is set when the state was overridden forcibly. This does not need
> to be
> +// interpreted by the bootloader but is only for bookkeeping purposes so
> +// userspace knows what to do when the override is undone.
> +// See system/extras/mtectrl in AOSP for more information.
> +#define MISC_MEMTAG_MODE_FORCED 0x20
> +
> +#define MISC_KCMDLINE_MESSAGE_VERSION 1
> +#define MISC_KCMDLINE_MAGIC_HEADER 0x6ab5110c
> +#define MISC_KCMDLINE_BINDER_RUST 0x1
> /**
> * We must be cautious when changing the bootloader_message struct size,
> * because A/B-specific fields may end up with different offsets.
> */
> -#ifndef __UBOOT__
> +
> #if (__STDC_VERSION__ >= 201112L) || defined(__cplusplus)
> static_assert(sizeof(struct bootloader_message) == 2048,
>"struct bootloader_message size changes, which may break
> A/B devices");
> #endif
> -#endif /* __UBOOT__ */
>
> /**
> * The A/B-specific bootloader message structure (4-KiB).
> *
> * We separate A/B boot control metadata from the regular bootloader
> * message
Re: [PATCH v1] include: android_bootloader_message.h: sync with AOSP upstream
Hi Sam,
On Tue, Feb 20, 2024 at 7:29 PM Sam Protsenko
wrote:
>
> On Mon, Feb 19, 2024 at 4:16 AM Igor Opaniuk wrote:
> >
> > This takes the latest changes from AOSP from [1][2] (as this
> > header was split on two) with minimal changes (this could lead
> > to warnings reported by checkpatch).
>
> Do we want to maybe follow that and also carry two different headers
> in U-Boot? Or it doesn't make much sense? I'm thinking in terms of
> future portability mostly: how easy it's to update this header right
> now, and how easy it's going to be further. I didn't form any opinion
> on that, hence asking.
The problem is licensing. android_bootloader_message.h was
re-licensed by Alex Deymo from Google under BSD-3-Clause,
which is GPLv2 compatible. I'm not sure it's legally correct to pull
boot_control_definition.h from AOSP licensed under Apache as a
separate file.
>
> Another thing: are you sure that changing only the header won't break
> anything in U-Boot .c files that use this header?
I've tested both ab_select and avb verify in QEMU. Or do you mean
something else additionally should be tested?
>
> >
> > Some local changes have been applied:
>
> Is it possible to split this work into two patches:
> 1. Bring the original changes only
> 2. Apply all necessary changes for U-Boot
>
> Or does it break the build, etc? Again, thinking in terms of
> portability easiness, and not sure which approach is better -- just
> asking basically.
Yeah, that's the problem, as splitting this on two commits
will lead to the first one reporting warnings/notes.
>
> > 1. Enable static_assert() for defined structures to be sure
> > that all of them have correct sizes.
> > 2. Adjuste types in bootloader_control structure with bitfields
>
> Adjuste -> adjust
Will fix, thanks!
>
> > (uint8_t -> uint16_t). It seems that gcc just doesn't like bitfields
>
> I wonder if all those extra changes can be upstreamed back to AOSP?
> Ideally we'd want to just copy those headers over from AOSP to U-Boot
> with no changes, would make the porting work easier. What are your
> thoughts on that?
Technically we can, I was planning to do that.
>
> > that cross the width of the type. Changing the type doesn't change
> > the layout though.
> > This addresses this gcc note:
> > In file included from boot/android_ab.c:7:
> > include/android_bootloader_message.h:230:1: note: offset of packed
> > bit-field ‘merge_status’ has changed in GCC 4.4
> > 230 | } __attribute__((packed));
> >
> > [1]
> > https://android.googlesource.com/platform/bootable/recovery/+/main/bootloader_message/include/bootloader_message/bootloader_message.h
> > [2]
> > https://android.googlesource.com/platform/hardware/interfaces/+/main/boot/1.1/default/boot_control/include/private/boot_control_definition.h
> >
> > CC: Alex Deymo
> > CC: Sam Protsenko
> > CC: Eugeniu Rosca
> > CC: Simon Glass
> > Signed-off-by: Igor Opaniuk
> > ---
> >
> > include/android_bootloader_message.h | 104 +++
> > 1 file changed, 92 insertions(+), 12 deletions(-)
> >
> > diff --git a/include/android_bootloader_message.h
> > b/include/android_bootloader_message.h
> > index 286d7ab0f31..75198fc9dc2 100644
> > --- a/include/android_bootloader_message.h
> > +++ b/include/android_bootloader_message.h
> > @@ -21,17 +21,22 @@
> > * stddef.h
> > */
> > #include
> > +#include
> > #endif
> >
> > // Spaces used by misc partition are as below:
> > // 0 - 2K For bootloader_message
> > // 2K - 16KUsed by Vendor's bootloader (the 2K - 4K range may be
> > optionally used
> > // as bootloader_message_ab struct)
> > -// 16K - 64KUsed by uncrypt and recovery to store wipe_package for A/B
> > devices
> > +// 16K - 32KUsed by uncrypt and recovery to store wipe_package for A/B
> > devices
> > +// 32K - 64KSystem space, used for miscellanious AOSP features. See
> > below.
> > // Note that these offsets are admitted by bootloader,recovery and
> > uncrypt, so they
> > // are not configurable without changing all of them.
> > static const size_t BOOTLOADER_MESSAGE_OFFSET_IN_MISC = 0;
> > +static const size_t VENDOR_SPACE_OFFSET_IN_MISC = 2 * 1024;
> > static const size_t WIPE_PACKAGE_OFFSET_IN_MISC = 16 * 1024;
> > +static const size_t SYSTEM_SPACE_OFFSET_IN_MISC = 32 * 1024;
> > +static const size_t SYSTEM_SPACE_SIZE_IN_MISC = 32 * 1024;
> >
> > /* Bootloader Message (2-KiB)
> > *
> > @@ -81,24 +86,67 @@ struct bootloader_message {
> > char reserved[1184];
> > };
> >
> > +// Holds Virtual A/B merge status information. Current version is 1. New
> > fields
> > +// must be added to the end.
> > +struct misc_virtual_ab_message {
> > + uint8_t version;
> > + uint32_t magic;
> > + uint8_t merge_status; // IBootControl 1.1, MergeStatus enum.
> > + uint8_t source_slot; // Slot number when merge_status was written.
> > + uint8_t reserved[57];
> > +} __attribute__((packed));
> > +
> > +struct misc_memtag_message {
> > + uint8_t
Re: [PATCH v1] include: android_bootloader_message.h: sync with AOSP upstream
On Mon, Feb 19, 2024 at 4:16 AM Igor Opaniuk wrote:
>
> This takes the latest changes from AOSP from [1][2] (as this
> header was split on two) with minimal changes (this could lead
> to warnings reported by checkpatch).
Do we want to maybe follow that and also carry two different headers
in U-Boot? Or it doesn't make much sense? I'm thinking in terms of
future portability mostly: how easy it's to update this header right
now, and how easy it's going to be further. I didn't form any opinion
on that, hence asking.
Another thing: are you sure that changing only the header won't break
anything in U-Boot .c files that use this header?
>
> Some local changes have been applied:
Is it possible to split this work into two patches:
1. Bring the original changes only
2. Apply all necessary changes for U-Boot
Or does it break the build, etc? Again, thinking in terms of
portability easiness, and not sure which approach is better -- just
asking basically.
> 1. Enable static_assert() for defined structures to be sure
> that all of them have correct sizes.
> 2. Adjuste types in bootloader_control structure with bitfields
Adjuste -> adjust
> (uint8_t -> uint16_t). It seems that gcc just doesn't like bitfields
I wonder if all those extra changes can be upstreamed back to AOSP?
Ideally we'd want to just copy those headers over from AOSP to U-Boot
with no changes, would make the porting work easier. What are your
thoughts on that?
> that cross the width of the type. Changing the type doesn't change
> the layout though.
> This addresses this gcc note:
> In file included from boot/android_ab.c:7:
> include/android_bootloader_message.h:230:1: note: offset of packed bit-field
> ‘merge_status’ has changed in GCC 4.4
> 230 | } __attribute__((packed));
>
> [1]
> https://android.googlesource.com/platform/bootable/recovery/+/main/bootloader_message/include/bootloader_message/bootloader_message.h
> [2]
> https://android.googlesource.com/platform/hardware/interfaces/+/main/boot/1.1/default/boot_control/include/private/boot_control_definition.h
>
> CC: Alex Deymo
> CC: Sam Protsenko
> CC: Eugeniu Rosca
> CC: Simon Glass
> Signed-off-by: Igor Opaniuk
> ---
>
> include/android_bootloader_message.h | 104 +++
> 1 file changed, 92 insertions(+), 12 deletions(-)
>
> diff --git a/include/android_bootloader_message.h
> b/include/android_bootloader_message.h
> index 286d7ab0f31..75198fc9dc2 100644
> --- a/include/android_bootloader_message.h
> +++ b/include/android_bootloader_message.h
> @@ -21,17 +21,22 @@
> * stddef.h
> */
> #include
> +#include
> #endif
>
> // Spaces used by misc partition are as below:
> // 0 - 2K For bootloader_message
> // 2K - 16KUsed by Vendor's bootloader (the 2K - 4K range may be
> optionally used
> // as bootloader_message_ab struct)
> -// 16K - 64KUsed by uncrypt and recovery to store wipe_package for A/B
> devices
> +// 16K - 32KUsed by uncrypt and recovery to store wipe_package for A/B
> devices
> +// 32K - 64KSystem space, used for miscellanious AOSP features. See
> below.
> // Note that these offsets are admitted by bootloader,recovery and uncrypt,
> so they
> // are not configurable without changing all of them.
> static const size_t BOOTLOADER_MESSAGE_OFFSET_IN_MISC = 0;
> +static const size_t VENDOR_SPACE_OFFSET_IN_MISC = 2 * 1024;
> static const size_t WIPE_PACKAGE_OFFSET_IN_MISC = 16 * 1024;
> +static const size_t SYSTEM_SPACE_OFFSET_IN_MISC = 32 * 1024;
> +static const size_t SYSTEM_SPACE_SIZE_IN_MISC = 32 * 1024;
>
> /* Bootloader Message (2-KiB)
> *
> @@ -81,24 +86,67 @@ struct bootloader_message {
> char reserved[1184];
> };
>
> +// Holds Virtual A/B merge status information. Current version is 1. New
> fields
> +// must be added to the end.
> +struct misc_virtual_ab_message {
> + uint8_t version;
> + uint32_t magic;
> + uint8_t merge_status; // IBootControl 1.1, MergeStatus enum.
> + uint8_t source_slot; // Slot number when merge_status was written.
> + uint8_t reserved[57];
> +} __attribute__((packed));
> +
> +struct misc_memtag_message {
> + uint8_t version;
> + uint32_t magic; // magic string for treble compat
> + uint32_t memtag_mode;
> + uint8_t reserved[55];
> +} __attribute__((packed));
> +
> +struct misc_kcmdline_message {
> + uint8_t version;
> + uint32_t magic;
> + uint64_t kcmdline_flags;
> + uint8_t reserved[51];
> +} __attribute__((packed));
> +
> +#define MISC_VIRTUAL_AB_MESSAGE_VERSION 2
> +#define MISC_VIRTUAL_AB_MAGIC_HEADER 0x56740AB0
> +
> +#define MISC_MEMTAG_MESSAGE_VERSION 1
> +#define MISC_MEMTAG_MAGIC_HEADER 0x5afefe5a
> +#define MISC_MEMTAG_MODE_MEMTAG 0x1
> +#define MISC_MEMTAG_MODE_MEMTAG_ONCE 0x2
> +#define MISC_MEMTAG_MODE_MEMTAG_KERNEL 0x4
> +#define MISC_MEMTAG_MODE_MEMTAG_KERNEL_ONCE 0x8
> +#define MISC_MEMTAG_MODE_MEMTAG_OFF 0x10
> +// This is set when the state was overridden forcibly. This does not need to
> be
> +// interpreted by
[PATCH v1] include: android_bootloader_message.h: sync with AOSP upstream
This takes the latest changes from AOSP from [1][2] (as this
header was split on two) with minimal changes (this could lead
to warnings reported by checkpatch).
Some local changes have been applied:
1. Enable static_assert() for defined structures to be sure
that all of them have correct sizes.
2. Adjuste types in bootloader_control structure with bitfields
(uint8_t -> uint16_t). It seems that gcc just doesn't like bitfields
that cross the width of the type. Changing the type doesn't change
the layout though.
This addresses this gcc note:
In file included from boot/android_ab.c:7:
include/android_bootloader_message.h:230:1: note: offset of packed bit-field
‘merge_status’ has changed in GCC 4.4
230 | } __attribute__((packed));
[1]
https://android.googlesource.com/platform/bootable/recovery/+/main/bootloader_message/include/bootloader_message/bootloader_message.h
[2]
https://android.googlesource.com/platform/hardware/interfaces/+/main/boot/1.1/default/boot_control/include/private/boot_control_definition.h
CC: Alex Deymo
CC: Sam Protsenko
CC: Eugeniu Rosca
CC: Simon Glass
Signed-off-by: Igor Opaniuk
---
include/android_bootloader_message.h | 104 +++
1 file changed, 92 insertions(+), 12 deletions(-)
diff --git a/include/android_bootloader_message.h
b/include/android_bootloader_message.h
index 286d7ab0f31..75198fc9dc2 100644
--- a/include/android_bootloader_message.h
+++ b/include/android_bootloader_message.h
@@ -21,17 +21,22 @@
* stddef.h
*/
#include
+#include
#endif
// Spaces used by misc partition are as below:
// 0 - 2K For bootloader_message
// 2K - 16KUsed by Vendor's bootloader (the 2K - 4K range may be
optionally used
// as bootloader_message_ab struct)
-// 16K - 64KUsed by uncrypt and recovery to store wipe_package for A/B
devices
+// 16K - 32KUsed by uncrypt and recovery to store wipe_package for A/B
devices
+// 32K - 64KSystem space, used for miscellanious AOSP features. See below.
// Note that these offsets are admitted by bootloader,recovery and uncrypt, so
they
// are not configurable without changing all of them.
static const size_t BOOTLOADER_MESSAGE_OFFSET_IN_MISC = 0;
+static const size_t VENDOR_SPACE_OFFSET_IN_MISC = 2 * 1024;
static const size_t WIPE_PACKAGE_OFFSET_IN_MISC = 16 * 1024;
+static const size_t SYSTEM_SPACE_OFFSET_IN_MISC = 32 * 1024;
+static const size_t SYSTEM_SPACE_SIZE_IN_MISC = 32 * 1024;
/* Bootloader Message (2-KiB)
*
@@ -81,24 +86,67 @@ struct bootloader_message {
char reserved[1184];
};
+// Holds Virtual A/B merge status information. Current version is 1. New fields
+// must be added to the end.
+struct misc_virtual_ab_message {
+ uint8_t version;
+ uint32_t magic;
+ uint8_t merge_status; // IBootControl 1.1, MergeStatus enum.
+ uint8_t source_slot; // Slot number when merge_status was written.
+ uint8_t reserved[57];
+} __attribute__((packed));
+
+struct misc_memtag_message {
+ uint8_t version;
+ uint32_t magic; // magic string for treble compat
+ uint32_t memtag_mode;
+ uint8_t reserved[55];
+} __attribute__((packed));
+
+struct misc_kcmdline_message {
+ uint8_t version;
+ uint32_t magic;
+ uint64_t kcmdline_flags;
+ uint8_t reserved[51];
+} __attribute__((packed));
+
+#define MISC_VIRTUAL_AB_MESSAGE_VERSION 2
+#define MISC_VIRTUAL_AB_MAGIC_HEADER 0x56740AB0
+
+#define MISC_MEMTAG_MESSAGE_VERSION 1
+#define MISC_MEMTAG_MAGIC_HEADER 0x5afefe5a
+#define MISC_MEMTAG_MODE_MEMTAG 0x1
+#define MISC_MEMTAG_MODE_MEMTAG_ONCE 0x2
+#define MISC_MEMTAG_MODE_MEMTAG_KERNEL 0x4
+#define MISC_MEMTAG_MODE_MEMTAG_KERNEL_ONCE 0x8
+#define MISC_MEMTAG_MODE_MEMTAG_OFF 0x10
+// This is set when the state was overridden forcibly. This does not need to be
+// interpreted by the bootloader but is only for bookkeeping purposes so
+// userspace knows what to do when the override is undone.
+// See system/extras/mtectrl in AOSP for more information.
+#define MISC_MEMTAG_MODE_FORCED 0x20
+
+#define MISC_KCMDLINE_MESSAGE_VERSION 1
+#define MISC_KCMDLINE_MAGIC_HEADER 0x6ab5110c
+#define MISC_KCMDLINE_BINDER_RUST 0x1
/**
* We must be cautious when changing the bootloader_message struct size,
* because A/B-specific fields may end up with different offsets.
*/
-#ifndef __UBOOT__
+
#if (__STDC_VERSION__ >= 201112L) || defined(__cplusplus)
static_assert(sizeof(struct bootloader_message) == 2048,
"struct bootloader_message size changes, which may break A/B
devices");
#endif
-#endif /* __UBOOT__ */
/**
* The A/B-specific bootloader message structure (4-KiB).
*
* We separate A/B boot control metadata from the regular bootloader
* message struct and keep it here. Everything that's A/B-specific
- * stays after struct bootloader_message, which should be managed by
- * the A/B-bootloader or boot control HAL.
+ * stays after struct bootloader_message, which belongs to the vendor
+ * space of /misc partition. Also, the A/B-specific contents should
