Re: [PATCH v1] include: android_bootloader_message.h: sync with AOSP upstream
Hi Igor, Sam, On mar., févr. 20, 2024 at 20:08, Igor Opaniuk wrote: > Hi Sam, > > On Tue, Feb 20, 2024 at 7:29 PM Sam Protsenko > wrote: >> >> On Mon, Feb 19, 2024 at 4:16 AM Igor Opaniuk wrote: >> > >> > This takes the latest changes from AOSP from [1][2] (as this >> > header was split on two) with minimal changes (this could lead >> > to warnings reported by checkpatch). >> >> Do we want to maybe follow that and also carry two different headers >> in U-Boot? Or it doesn't make much sense? I'm thinking in terms of >> future portability mostly: how easy it's to update this header right >> now, and how easy it's going to be further. I didn't form any opinion >> on that, hence asking. > The problem is licensing. android_bootloader_message.h was > re-licensed by Alex Deymo from Google under BSD-3-Clause, > which is GPLv2 compatible. I'm not sure it's legally correct to pull > boot_control_definition.h from AOSP licensed under Apache as a > separate file. I'd prefer a separate file as well but I'm not familiar enough with licensing to see if that's a problem. I'm ok to keep as is. > >> >> Another thing: are you sure that changing only the header won't break >> anything in U-Boot .c files that use this header? > > I've tested both ab_select and avb verify in QEMU. Or do you mean > something else additionally should be tested? I've boot tested this on VIM3 and tested adb reboot bootloader, adb reboot fastboot (which writes things into the misc partition) > >> >> > >> > Some local changes have been applied: >> >> Is it possible to split this work into two patches: >> 1. Bring the original changes only >> 2. Apply all necessary changes for U-Boot >> >> Or does it break the build, etc? Again, thinking in terms of >> portability easiness, and not sure which approach is better -- just >> asking basically. > Yeah, that's the problem, as splitting this on two commits > will lead to the first one reporting warnings/notes. > >> >> > 1. Enable static_assert() for defined structures to be sure >> > that all of them have correct sizes. >> > 2. Adjuste types in bootloader_control structure with bitfields >> >> Adjuste -> adjust > Will fix, thanks! >> >> > (uint8_t -> uint16_t). It seems that gcc just doesn't like bitfields >> >> I wonder if all those extra changes can be upstreamed back to AOSP? >> Ideally we'd want to just copy those headers over from AOSP to U-Boot >> with no changes, would make the porting work easier. What are your >> thoughts on that? > Technically we can, I was planning to do that. I'm not sure this change will be of interest to AOSP, since they moved to the AIDL implementation here: https://android.googlesource.com/platform/hardware/interfaces/+/refs/heads/main/boot/aidl/default/ If you submit it on gerrit, can you please cc me? (using this email address) > >> >> > that cross the width of the type. Changing the type doesn't change >> > the layout though. >> > This addresses this gcc note: >> > In file included from boot/android_ab.c:7: >> > include/android_bootloader_message.h:230:1: note: offset of packed >> > bit-field ‘merge_status’ has changed in GCC 4.4 >> > 230 | } __attribute__((packed)); >> > >> > [1] >> > https://android.googlesource.com/platform/bootable/recovery/+/main/bootloader_message/include/bootloader_message/bootloader_message.h >> > [2] >> > https://android.googlesource.com/platform/hardware/interfaces/+/main/boot/1.1/default/boot_control/include/private/boot_control_definition.h >> > >> > CC: Alex Deymo >> > CC: Sam Protsenko >> > CC: Eugeniu Rosca >> > CC: Simon Glass >> > Signed-off-by: Igor Opaniuk >> > --- >> > >> > include/android_bootloader_message.h | 104 +++ >> > 1 file changed, 92 insertions(+), 12 deletions(-) >> > >> > diff --git a/include/android_bootloader_message.h >> > b/include/android_bootloader_message.h >> > index 286d7ab0f31..75198fc9dc2 100644 >> > --- a/include/android_bootloader_message.h >> > +++ b/include/android_bootloader_message.h >> > @@ -21,17 +21,22 @@ >> > * stddef.h >> > */ >> > #include >> > +#include >> > #endif >> > >> > // Spaces used by misc partition are as below: >> > // 0 - 2K For bootloader_message >> > // 2K - 16KUsed by Vendor's bootloader (the 2K - 4K range may be >> > optionally used >> > // as bootloader_message_ab struct) >> > -// 16K - 64KUsed by uncrypt and recovery to store wipe_package for >> > A/B devices >> > +// 16K - 32KUsed by uncrypt and recovery to store wipe_package for >> > A/B devices >> > +// 32K - 64KSystem space, used for miscellanious AOSP features. See >> > below. >> > // Note that these offsets are admitted by bootloader,recovery and >> > uncrypt, so they >> > // are not configurable without changing all of them. >> > static const size_t BOOTLOADER_MESSAGE_OFFSET_IN_MISC = 0; >> > +static const size_t VENDOR_SPACE_OFFSET_IN_MISC = 2 * 1024; >> > static const size_t WIPE_PACKAGE_OFFSET_IN_MISC = 16 *
Re: [PATCH v1] include: android_bootloader_message.h: sync with AOSP upstream
Hi Igor, Thank you for the patch. On lun., févr. 19, 2024 at 11:15, Igor Opaniuk wrote: > This takes the latest changes from AOSP from [1][2] (as this > header was split on two) with minimal changes (this could lead > to warnings reported by checkpatch). > > Some local changes have been applied: > 1. Enable static_assert() for defined structures to be sure > that all of them have correct sizes. > 2. Adjuste types in bootloader_control structure with bitfields > (uint8_t -> uint16_t). It seems that gcc just doesn't like bitfields > that cross the width of the type. Changing the type doesn't change > the layout though. > This addresses this gcc note: > In file included from boot/android_ab.c:7: > include/android_bootloader_message.h:230:1: note: offset of packed bit-field > ‘merge_status’ has changed in GCC 4.4 > 230 | } __attribute__((packed)); > > [1] > https://android.googlesource.com/platform/bootable/recovery/+/main/bootloader_message/include/bootloader_message/bootloader_message.h > [2] > https://android.googlesource.com/platform/hardware/interfaces/+/main/boot/1.1/default/boot_control/include/private/boot_control_definition.h nitpick: Can you please put in the commit message the sha-1 from when this was synced? Looking at platform/bootable/recovery, I can see that there are some new structures introduced (misc_control_message) in commit 5a4a41ee2e4b ("misctrl: read message, incl 16kb flag") To do the review, I used: * //bootable/recovery: a4aec2f2ceac ("Add kcmdline bootloader message") * //hardware/interfaces: c4b2f5b564e3 ("Merge "Merge Android 14 QPR2 to AOSP main" into main") > > CC: Alex Deymo > CC: Sam Protsenko > CC: Eugeniu Rosca > CC: Simon Glass > Signed-off-by: Igor Opaniuk Tested on Khadas VIM3 that I could reboot into fastbootd (recovery) and into fastboot(u-boot) from Android using: $ adb reboot fastboot $ adb reboot bootloader Reviewed-by: Mattijs Korpershoek Tested-by: Mattijs Korpershoek # on vim3 > --- > > include/android_bootloader_message.h | 104 +++ > 1 file changed, 92 insertions(+), 12 deletions(-) > > diff --git a/include/android_bootloader_message.h > b/include/android_bootloader_message.h > index 286d7ab0f31..75198fc9dc2 100644 > --- a/include/android_bootloader_message.h > +++ b/include/android_bootloader_message.h > @@ -21,17 +21,22 @@ > * stddef.h > */ > #include > +#include > #endif > > // Spaces used by misc partition are as below: > // 0 - 2K For bootloader_message > // 2K - 16KUsed by Vendor's bootloader (the 2K - 4K range may be > optionally used > // as bootloader_message_ab struct) > -// 16K - 64KUsed by uncrypt and recovery to store wipe_package for A/B > devices > +// 16K - 32KUsed by uncrypt and recovery to store wipe_package for A/B > devices > +// 32K - 64KSystem space, used for miscellanious AOSP features. See > below. > // Note that these offsets are admitted by bootloader,recovery and uncrypt, > so they > // are not configurable without changing all of them. > static const size_t BOOTLOADER_MESSAGE_OFFSET_IN_MISC = 0; > +static const size_t VENDOR_SPACE_OFFSET_IN_MISC = 2 * 1024; > static const size_t WIPE_PACKAGE_OFFSET_IN_MISC = 16 * 1024; > +static const size_t SYSTEM_SPACE_OFFSET_IN_MISC = 32 * 1024; > +static const size_t SYSTEM_SPACE_SIZE_IN_MISC = 32 * 1024; > > /* Bootloader Message (2-KiB) > * > @@ -81,24 +86,67 @@ struct bootloader_message { > char reserved[1184]; > }; > > +// Holds Virtual A/B merge status information. Current version is 1. New > fields > +// must be added to the end. > +struct misc_virtual_ab_message { > + uint8_t version; > + uint32_t magic; > + uint8_t merge_status; // IBootControl 1.1, MergeStatus enum. > + uint8_t source_slot; // Slot number when merge_status was written. > + uint8_t reserved[57]; > +} __attribute__((packed)); > + > +struct misc_memtag_message { > + uint8_t version; > + uint32_t magic; // magic string for treble compat > + uint32_t memtag_mode; > + uint8_t reserved[55]; > +} __attribute__((packed)); > + > +struct misc_kcmdline_message { > + uint8_t version; > + uint32_t magic; > + uint64_t kcmdline_flags; > + uint8_t reserved[51]; > +} __attribute__((packed)); > + > +#define MISC_VIRTUAL_AB_MESSAGE_VERSION 2 > +#define MISC_VIRTUAL_AB_MAGIC_HEADER 0x56740AB0 > + > +#define MISC_MEMTAG_MESSAGE_VERSION 1 > +#define MISC_MEMTAG_MAGIC_HEADER 0x5afefe5a > +#define MISC_MEMTAG_MODE_MEMTAG 0x1 > +#define MISC_MEMTAG_MODE_MEMTAG_ONCE 0x2 > +#define MISC_MEMTAG_MODE_MEMTAG_KERNEL 0x4 > +#define MISC_MEMTAG_MODE_MEMTAG_KERNEL_ONCE 0x8 > +#define MISC_MEMTAG_MODE_MEMTAG_OFF 0x10 > +// This is set when the state was overridden forcibly. This does not need to > be > +// interpreted by the bootloader but is only for bookkeeping purposes so > +// userspace knows what to do when the override is undone. > +// See system/extras/mtectrl in AOSP for more information. > +#define
Re: [PATCH v1] include: android_bootloader_message.h: sync with AOSP upstream
+CC Mattijs On Mon, Feb 19, 2024 at 11:16 AM Igor Opaniuk wrote: > This takes the latest changes from AOSP from [1][2] (as this > header was split on two) with minimal changes (this could lead > to warnings reported by checkpatch). > > Some local changes have been applied: > 1. Enable static_assert() for defined structures to be sure > that all of them have correct sizes. > 2. Adjuste types in bootloader_control structure with bitfields > (uint8_t -> uint16_t). It seems that gcc just doesn't like bitfields > that cross the width of the type. Changing the type doesn't change > the layout though. > This addresses this gcc note: > In file included from boot/android_ab.c:7: > include/android_bootloader_message.h:230:1: note: offset of packed > bit-field ‘merge_status’ has changed in GCC 4.4 > 230 | } __attribute__((packed)); > > [1] > https://android.googlesource.com/platform/bootable/recovery/+/main/bootloader_message/include/bootloader_message/bootloader_message.h > [2] > https://android.googlesource.com/platform/hardware/interfaces/+/main/boot/1.1/default/boot_control/include/private/boot_control_definition.h > > CC: Alex Deymo > CC: Sam Protsenko > CC: Eugeniu Rosca > CC: Simon Glass > Signed-off-by: Igor Opaniuk > --- > > include/android_bootloader_message.h | 104 +++ > 1 file changed, 92 insertions(+), 12 deletions(-) > > diff --git a/include/android_bootloader_message.h > b/include/android_bootloader_message.h > index 286d7ab0f31..75198fc9dc2 100644 > --- a/include/android_bootloader_message.h > +++ b/include/android_bootloader_message.h > @@ -21,17 +21,22 @@ > * stddef.h > */ > #include > +#include > #endif > > // Spaces used by misc partition are as below: > // 0 - 2K For bootloader_message > // 2K - 16KUsed by Vendor's bootloader (the 2K - 4K range may be > optionally used > // as bootloader_message_ab struct) > -// 16K - 64KUsed by uncrypt and recovery to store wipe_package for > A/B devices > +// 16K - 32KUsed by uncrypt and recovery to store wipe_package for > A/B devices > +// 32K - 64KSystem space, used for miscellanious AOSP features. See > below. > // Note that these offsets are admitted by bootloader,recovery and > uncrypt, so they > // are not configurable without changing all of them. > static const size_t BOOTLOADER_MESSAGE_OFFSET_IN_MISC = 0; > +static const size_t VENDOR_SPACE_OFFSET_IN_MISC = 2 * 1024; > static const size_t WIPE_PACKAGE_OFFSET_IN_MISC = 16 * 1024; > +static const size_t SYSTEM_SPACE_OFFSET_IN_MISC = 32 * 1024; > +static const size_t SYSTEM_SPACE_SIZE_IN_MISC = 32 * 1024; > > /* Bootloader Message (2-KiB) > * > @@ -81,24 +86,67 @@ struct bootloader_message { > char reserved[1184]; > }; > > +// Holds Virtual A/B merge status information. Current version is 1. New > fields > +// must be added to the end. > +struct misc_virtual_ab_message { > + uint8_t version; > + uint32_t magic; > + uint8_t merge_status; // IBootControl 1.1, MergeStatus enum. > + uint8_t source_slot; // Slot number when merge_status was written. > + uint8_t reserved[57]; > +} __attribute__((packed)); > + > +struct misc_memtag_message { > + uint8_t version; > + uint32_t magic; // magic string for treble compat > + uint32_t memtag_mode; > + uint8_t reserved[55]; > +} __attribute__((packed)); > + > +struct misc_kcmdline_message { > + uint8_t version; > + uint32_t magic; > + uint64_t kcmdline_flags; > + uint8_t reserved[51]; > +} __attribute__((packed)); > + > +#define MISC_VIRTUAL_AB_MESSAGE_VERSION 2 > +#define MISC_VIRTUAL_AB_MAGIC_HEADER 0x56740AB0 > + > +#define MISC_MEMTAG_MESSAGE_VERSION 1 > +#define MISC_MEMTAG_MAGIC_HEADER 0x5afefe5a > +#define MISC_MEMTAG_MODE_MEMTAG 0x1 > +#define MISC_MEMTAG_MODE_MEMTAG_ONCE 0x2 > +#define MISC_MEMTAG_MODE_MEMTAG_KERNEL 0x4 > +#define MISC_MEMTAG_MODE_MEMTAG_KERNEL_ONCE 0x8 > +#define MISC_MEMTAG_MODE_MEMTAG_OFF 0x10 > +// This is set when the state was overridden forcibly. This does not need > to be > +// interpreted by the bootloader but is only for bookkeeping purposes so > +// userspace knows what to do when the override is undone. > +// See system/extras/mtectrl in AOSP for more information. > +#define MISC_MEMTAG_MODE_FORCED 0x20 > + > +#define MISC_KCMDLINE_MESSAGE_VERSION 1 > +#define MISC_KCMDLINE_MAGIC_HEADER 0x6ab5110c > +#define MISC_KCMDLINE_BINDER_RUST 0x1 > /** > * We must be cautious when changing the bootloader_message struct size, > * because A/B-specific fields may end up with different offsets. > */ > -#ifndef __UBOOT__ > + > #if (__STDC_VERSION__ >= 201112L) || defined(__cplusplus) > static_assert(sizeof(struct bootloader_message) == 2048, >"struct bootloader_message size changes, which may break > A/B devices"); > #endif > -#endif /* __UBOOT__ */ > > /** > * The A/B-specific bootloader message structure (4-KiB). > * > * We separate A/B boot control metadata from the regular bootloader > * message
Re: [PATCH v1] include: android_bootloader_message.h: sync with AOSP upstream
Hi Sam, On Tue, Feb 20, 2024 at 7:29 PM Sam Protsenko wrote: > > On Mon, Feb 19, 2024 at 4:16 AM Igor Opaniuk wrote: > > > > This takes the latest changes from AOSP from [1][2] (as this > > header was split on two) with minimal changes (this could lead > > to warnings reported by checkpatch). > > Do we want to maybe follow that and also carry two different headers > in U-Boot? Or it doesn't make much sense? I'm thinking in terms of > future portability mostly: how easy it's to update this header right > now, and how easy it's going to be further. I didn't form any opinion > on that, hence asking. The problem is licensing. android_bootloader_message.h was re-licensed by Alex Deymo from Google under BSD-3-Clause, which is GPLv2 compatible. I'm not sure it's legally correct to pull boot_control_definition.h from AOSP licensed under Apache as a separate file. > > Another thing: are you sure that changing only the header won't break > anything in U-Boot .c files that use this header? I've tested both ab_select and avb verify in QEMU. Or do you mean something else additionally should be tested? > > > > > Some local changes have been applied: > > Is it possible to split this work into two patches: > 1. Bring the original changes only > 2. Apply all necessary changes for U-Boot > > Or does it break the build, etc? Again, thinking in terms of > portability easiness, and not sure which approach is better -- just > asking basically. Yeah, that's the problem, as splitting this on two commits will lead to the first one reporting warnings/notes. > > > 1. Enable static_assert() for defined structures to be sure > > that all of them have correct sizes. > > 2. Adjuste types in bootloader_control structure with bitfields > > Adjuste -> adjust Will fix, thanks! > > > (uint8_t -> uint16_t). It seems that gcc just doesn't like bitfields > > I wonder if all those extra changes can be upstreamed back to AOSP? > Ideally we'd want to just copy those headers over from AOSP to U-Boot > with no changes, would make the porting work easier. What are your > thoughts on that? Technically we can, I was planning to do that. > > > that cross the width of the type. Changing the type doesn't change > > the layout though. > > This addresses this gcc note: > > In file included from boot/android_ab.c:7: > > include/android_bootloader_message.h:230:1: note: offset of packed > > bit-field ‘merge_status’ has changed in GCC 4.4 > > 230 | } __attribute__((packed)); > > > > [1] > > https://android.googlesource.com/platform/bootable/recovery/+/main/bootloader_message/include/bootloader_message/bootloader_message.h > > [2] > > https://android.googlesource.com/platform/hardware/interfaces/+/main/boot/1.1/default/boot_control/include/private/boot_control_definition.h > > > > CC: Alex Deymo > > CC: Sam Protsenko > > CC: Eugeniu Rosca > > CC: Simon Glass > > Signed-off-by: Igor Opaniuk > > --- > > > > include/android_bootloader_message.h | 104 +++ > > 1 file changed, 92 insertions(+), 12 deletions(-) > > > > diff --git a/include/android_bootloader_message.h > > b/include/android_bootloader_message.h > > index 286d7ab0f31..75198fc9dc2 100644 > > --- a/include/android_bootloader_message.h > > +++ b/include/android_bootloader_message.h > > @@ -21,17 +21,22 @@ > > * stddef.h > > */ > > #include > > +#include > > #endif > > > > // Spaces used by misc partition are as below: > > // 0 - 2K For bootloader_message > > // 2K - 16KUsed by Vendor's bootloader (the 2K - 4K range may be > > optionally used > > // as bootloader_message_ab struct) > > -// 16K - 64KUsed by uncrypt and recovery to store wipe_package for A/B > > devices > > +// 16K - 32KUsed by uncrypt and recovery to store wipe_package for A/B > > devices > > +// 32K - 64KSystem space, used for miscellanious AOSP features. See > > below. > > // Note that these offsets are admitted by bootloader,recovery and > > uncrypt, so they > > // are not configurable without changing all of them. > > static const size_t BOOTLOADER_MESSAGE_OFFSET_IN_MISC = 0; > > +static const size_t VENDOR_SPACE_OFFSET_IN_MISC = 2 * 1024; > > static const size_t WIPE_PACKAGE_OFFSET_IN_MISC = 16 * 1024; > > +static const size_t SYSTEM_SPACE_OFFSET_IN_MISC = 32 * 1024; > > +static const size_t SYSTEM_SPACE_SIZE_IN_MISC = 32 * 1024; > > > > /* Bootloader Message (2-KiB) > > * > > @@ -81,24 +86,67 @@ struct bootloader_message { > > char reserved[1184]; > > }; > > > > +// Holds Virtual A/B merge status information. Current version is 1. New > > fields > > +// must be added to the end. > > +struct misc_virtual_ab_message { > > + uint8_t version; > > + uint32_t magic; > > + uint8_t merge_status; // IBootControl 1.1, MergeStatus enum. > > + uint8_t source_slot; // Slot number when merge_status was written. > > + uint8_t reserved[57]; > > +} __attribute__((packed)); > > + > > +struct misc_memtag_message { > > + uint8_t
Re: [PATCH v1] include: android_bootloader_message.h: sync with AOSP upstream
On Mon, Feb 19, 2024 at 4:16 AM Igor Opaniuk wrote: > > This takes the latest changes from AOSP from [1][2] (as this > header was split on two) with minimal changes (this could lead > to warnings reported by checkpatch). Do we want to maybe follow that and also carry two different headers in U-Boot? Or it doesn't make much sense? I'm thinking in terms of future portability mostly: how easy it's to update this header right now, and how easy it's going to be further. I didn't form any opinion on that, hence asking. Another thing: are you sure that changing only the header won't break anything in U-Boot .c files that use this header? > > Some local changes have been applied: Is it possible to split this work into two patches: 1. Bring the original changes only 2. Apply all necessary changes for U-Boot Or does it break the build, etc? Again, thinking in terms of portability easiness, and not sure which approach is better -- just asking basically. > 1. Enable static_assert() for defined structures to be sure > that all of them have correct sizes. > 2. Adjuste types in bootloader_control structure with bitfields Adjuste -> adjust > (uint8_t -> uint16_t). It seems that gcc just doesn't like bitfields I wonder if all those extra changes can be upstreamed back to AOSP? Ideally we'd want to just copy those headers over from AOSP to U-Boot with no changes, would make the porting work easier. What are your thoughts on that? > that cross the width of the type. Changing the type doesn't change > the layout though. > This addresses this gcc note: > In file included from boot/android_ab.c:7: > include/android_bootloader_message.h:230:1: note: offset of packed bit-field > ‘merge_status’ has changed in GCC 4.4 > 230 | } __attribute__((packed)); > > [1] > https://android.googlesource.com/platform/bootable/recovery/+/main/bootloader_message/include/bootloader_message/bootloader_message.h > [2] > https://android.googlesource.com/platform/hardware/interfaces/+/main/boot/1.1/default/boot_control/include/private/boot_control_definition.h > > CC: Alex Deymo > CC: Sam Protsenko > CC: Eugeniu Rosca > CC: Simon Glass > Signed-off-by: Igor Opaniuk > --- > > include/android_bootloader_message.h | 104 +++ > 1 file changed, 92 insertions(+), 12 deletions(-) > > diff --git a/include/android_bootloader_message.h > b/include/android_bootloader_message.h > index 286d7ab0f31..75198fc9dc2 100644 > --- a/include/android_bootloader_message.h > +++ b/include/android_bootloader_message.h > @@ -21,17 +21,22 @@ > * stddef.h > */ > #include > +#include > #endif > > // Spaces used by misc partition are as below: > // 0 - 2K For bootloader_message > // 2K - 16KUsed by Vendor's bootloader (the 2K - 4K range may be > optionally used > // as bootloader_message_ab struct) > -// 16K - 64KUsed by uncrypt and recovery to store wipe_package for A/B > devices > +// 16K - 32KUsed by uncrypt and recovery to store wipe_package for A/B > devices > +// 32K - 64KSystem space, used for miscellanious AOSP features. See > below. > // Note that these offsets are admitted by bootloader,recovery and uncrypt, > so they > // are not configurable without changing all of them. > static const size_t BOOTLOADER_MESSAGE_OFFSET_IN_MISC = 0; > +static const size_t VENDOR_SPACE_OFFSET_IN_MISC = 2 * 1024; > static const size_t WIPE_PACKAGE_OFFSET_IN_MISC = 16 * 1024; > +static const size_t SYSTEM_SPACE_OFFSET_IN_MISC = 32 * 1024; > +static const size_t SYSTEM_SPACE_SIZE_IN_MISC = 32 * 1024; > > /* Bootloader Message (2-KiB) > * > @@ -81,24 +86,67 @@ struct bootloader_message { > char reserved[1184]; > }; > > +// Holds Virtual A/B merge status information. Current version is 1. New > fields > +// must be added to the end. > +struct misc_virtual_ab_message { > + uint8_t version; > + uint32_t magic; > + uint8_t merge_status; // IBootControl 1.1, MergeStatus enum. > + uint8_t source_slot; // Slot number when merge_status was written. > + uint8_t reserved[57]; > +} __attribute__((packed)); > + > +struct misc_memtag_message { > + uint8_t version; > + uint32_t magic; // magic string for treble compat > + uint32_t memtag_mode; > + uint8_t reserved[55]; > +} __attribute__((packed)); > + > +struct misc_kcmdline_message { > + uint8_t version; > + uint32_t magic; > + uint64_t kcmdline_flags; > + uint8_t reserved[51]; > +} __attribute__((packed)); > + > +#define MISC_VIRTUAL_AB_MESSAGE_VERSION 2 > +#define MISC_VIRTUAL_AB_MAGIC_HEADER 0x56740AB0 > + > +#define MISC_MEMTAG_MESSAGE_VERSION 1 > +#define MISC_MEMTAG_MAGIC_HEADER 0x5afefe5a > +#define MISC_MEMTAG_MODE_MEMTAG 0x1 > +#define MISC_MEMTAG_MODE_MEMTAG_ONCE 0x2 > +#define MISC_MEMTAG_MODE_MEMTAG_KERNEL 0x4 > +#define MISC_MEMTAG_MODE_MEMTAG_KERNEL_ONCE 0x8 > +#define MISC_MEMTAG_MODE_MEMTAG_OFF 0x10 > +// This is set when the state was overridden forcibly. This does not need to > be > +// interpreted by
[PATCH v1] include: android_bootloader_message.h: sync with AOSP upstream
This takes the latest changes from AOSP from [1][2] (as this header was split on two) with minimal changes (this could lead to warnings reported by checkpatch). Some local changes have been applied: 1. Enable static_assert() for defined structures to be sure that all of them have correct sizes. 2. Adjuste types in bootloader_control structure with bitfields (uint8_t -> uint16_t). It seems that gcc just doesn't like bitfields that cross the width of the type. Changing the type doesn't change the layout though. This addresses this gcc note: In file included from boot/android_ab.c:7: include/android_bootloader_message.h:230:1: note: offset of packed bit-field ‘merge_status’ has changed in GCC 4.4 230 | } __attribute__((packed)); [1] https://android.googlesource.com/platform/bootable/recovery/+/main/bootloader_message/include/bootloader_message/bootloader_message.h [2] https://android.googlesource.com/platform/hardware/interfaces/+/main/boot/1.1/default/boot_control/include/private/boot_control_definition.h CC: Alex Deymo CC: Sam Protsenko CC: Eugeniu Rosca CC: Simon Glass Signed-off-by: Igor Opaniuk --- include/android_bootloader_message.h | 104 +++ 1 file changed, 92 insertions(+), 12 deletions(-) diff --git a/include/android_bootloader_message.h b/include/android_bootloader_message.h index 286d7ab0f31..75198fc9dc2 100644 --- a/include/android_bootloader_message.h +++ b/include/android_bootloader_message.h @@ -21,17 +21,22 @@ * stddef.h */ #include +#include #endif // Spaces used by misc partition are as below: // 0 - 2K For bootloader_message // 2K - 16KUsed by Vendor's bootloader (the 2K - 4K range may be optionally used // as bootloader_message_ab struct) -// 16K - 64KUsed by uncrypt and recovery to store wipe_package for A/B devices +// 16K - 32KUsed by uncrypt and recovery to store wipe_package for A/B devices +// 32K - 64KSystem space, used for miscellanious AOSP features. See below. // Note that these offsets are admitted by bootloader,recovery and uncrypt, so they // are not configurable without changing all of them. static const size_t BOOTLOADER_MESSAGE_OFFSET_IN_MISC = 0; +static const size_t VENDOR_SPACE_OFFSET_IN_MISC = 2 * 1024; static const size_t WIPE_PACKAGE_OFFSET_IN_MISC = 16 * 1024; +static const size_t SYSTEM_SPACE_OFFSET_IN_MISC = 32 * 1024; +static const size_t SYSTEM_SPACE_SIZE_IN_MISC = 32 * 1024; /* Bootloader Message (2-KiB) * @@ -81,24 +86,67 @@ struct bootloader_message { char reserved[1184]; }; +// Holds Virtual A/B merge status information. Current version is 1. New fields +// must be added to the end. +struct misc_virtual_ab_message { + uint8_t version; + uint32_t magic; + uint8_t merge_status; // IBootControl 1.1, MergeStatus enum. + uint8_t source_slot; // Slot number when merge_status was written. + uint8_t reserved[57]; +} __attribute__((packed)); + +struct misc_memtag_message { + uint8_t version; + uint32_t magic; // magic string for treble compat + uint32_t memtag_mode; + uint8_t reserved[55]; +} __attribute__((packed)); + +struct misc_kcmdline_message { + uint8_t version; + uint32_t magic; + uint64_t kcmdline_flags; + uint8_t reserved[51]; +} __attribute__((packed)); + +#define MISC_VIRTUAL_AB_MESSAGE_VERSION 2 +#define MISC_VIRTUAL_AB_MAGIC_HEADER 0x56740AB0 + +#define MISC_MEMTAG_MESSAGE_VERSION 1 +#define MISC_MEMTAG_MAGIC_HEADER 0x5afefe5a +#define MISC_MEMTAG_MODE_MEMTAG 0x1 +#define MISC_MEMTAG_MODE_MEMTAG_ONCE 0x2 +#define MISC_MEMTAG_MODE_MEMTAG_KERNEL 0x4 +#define MISC_MEMTAG_MODE_MEMTAG_KERNEL_ONCE 0x8 +#define MISC_MEMTAG_MODE_MEMTAG_OFF 0x10 +// This is set when the state was overridden forcibly. This does not need to be +// interpreted by the bootloader but is only for bookkeeping purposes so +// userspace knows what to do when the override is undone. +// See system/extras/mtectrl in AOSP for more information. +#define MISC_MEMTAG_MODE_FORCED 0x20 + +#define MISC_KCMDLINE_MESSAGE_VERSION 1 +#define MISC_KCMDLINE_MAGIC_HEADER 0x6ab5110c +#define MISC_KCMDLINE_BINDER_RUST 0x1 /** * We must be cautious when changing the bootloader_message struct size, * because A/B-specific fields may end up with different offsets. */ -#ifndef __UBOOT__ + #if (__STDC_VERSION__ >= 201112L) || defined(__cplusplus) static_assert(sizeof(struct bootloader_message) == 2048, "struct bootloader_message size changes, which may break A/B devices"); #endif -#endif /* __UBOOT__ */ /** * The A/B-specific bootloader message structure (4-KiB). * * We separate A/B boot control metadata from the regular bootloader * message struct and keep it here. Everything that's A/B-specific - * stays after struct bootloader_message, which should be managed by - * the A/B-bootloader or boot control HAL. + * stays after struct bootloader_message, which belongs to the vendor + * space of /misc partition. Also, the A/B-specific contents should