From 10a2b7ffb0e6afb460673b5578afaf0af86a85e5 Mon Sep 17 00:00:00 2001 From: Ellis Sarza-Nguyen Date: Wed, 15 Apr 2026 11:19:02 -0700 Subject: [PATCH] [htool] Add htool interface for mauv get compiled FW In the series of adding mauv support for htool. We will start with adding the htool interface to interact with a dauntless chip. This seeks to get back just the compiled FW MAUV only. --- examples/BUILD | 3 +++ examples/htool.c | 13 +++++++++ examples/htool_mauv.c | 61 +++++++++++++++++++++++++++++++++++++++++++ examples/htool_mauv.h | 23 ++++++++++++++++ examples/meson.build | 2 ++ 5 files changed, 102 insertions(+) create mode 100644 examples/htool_mauv.c create mode 100644 examples/htool_mauv.h diff --git a/examples/BUILD b/examples/BUILD index b431c19..97b393b 100644 --- a/examples/BUILD +++ b/examples/BUILD @@ -192,6 +192,8 @@ cc_binary( "htool_jtag.h", "htool_key_rotation.c", "htool_key_rotation.h", + "htool_mauv.c", + "htool_mauv.h", "htool_macros.h", "htool_mtd.c", "htool_panic.c", @@ -250,6 +252,7 @@ cc_binary( "//protocol:i2c", "//protocol:jtag", "//protocol:key_rotation", + "//protocol:mauv", "//protocol:opentitan_version", "//protocol:panic", "//protocol:payload_info", diff --git a/examples/htool.c b/examples/htool.c index 4a38fce..22ec4c7 100644 --- a/examples/htool.c +++ b/examples/htool.c @@ -38,6 +38,7 @@ #include "htool_i2c.h" #include "htool_jtag.h" #include "htool_key_rotation.h" +#include "htool_mauv.h" #include "htool_panic.h" #include "htool_payload.h" #include "htool_payload_update.h" @@ -1852,6 +1853,18 @@ static const struct htool_cmd CMDS[] = { "other output files are not required."}, {}}, }, + { + .verbs = (const char*[]){"mauv", "compiled", NULL}, + .desc = "Get compiled MAUV", + .params = (const struct htool_param[]){{}}, + .func = htool_mauv_compiled, + }, + { + .verbs = (const char*[]){"mauv", "effective", NULL}, + .desc = "Get effective MAUV", + .params = (const struct htool_param[]){{}}, + .func = htool_mauv_effective, + }, { .verbs = (const char*[]){"tpm", "get_mode", NULL}, .desc = "Get the current TPM mode.", diff --git a/examples/htool_mauv.c b/examples/htool_mauv.c new file mode 100644 index 0000000..5f79810 --- /dev/null +++ b/examples/htool_mauv.c @@ -0,0 +1,61 @@ +// Copyright 2026 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +#include "htool_mauv.h" + +#include +#include +#include + +#include "htool.h" +#include "protocol/mauv.h" + +static void print_firmware_mauv(const struct hoth_response_mauv* mauv) { + printf("Firmware MAUV:\n"); + printf(" Struct Version: %u\n", mauv->haven.struct_version); + printf(" MAUV Version: %u\n", mauv->haven.mauv_version); + printf(" Minimum Version: %u.%u.%lu\n", + mauv->haven.minimum_acceptable_update_version.epoch, + mauv->haven.minimum_acceptable_update_version.major, + mauv->haven.minimum_acceptable_update_version.minor); + printf(" Denylist (%u entries):\n", mauv->haven.denylist_num_entries); + for (uint32_t i = 0; + i < mauv->haven.denylist_num_entries && i < HAVEN_MAUV_MAX_DENYLIST_SIZE; + i++) { + printf(" [%u]: %u.%u.%lu\n", i, mauv->haven.denylist[i].epoch, + mauv->haven.denylist[i].major, mauv->haven.denylist[i].minor); + } +} + +int htool_mauv_compiled(const struct htool_invocation* inv) { + struct libhoth_device* dev = htool_libhoth_device(); + if (!dev) { + return -1; + } + + struct hoth_response_mauv mauv; + int ret = libhoth_fetch_mauv(dev, MAUV_STATE_COMPILED, HAVEN_MAUV, &mauv); + if (ret != 0) { + fprintf(stderr, "Failed to get compiled firmware MAUV: %d\n", ret); + return -1; + } + + print_firmware_mauv(&mauv); + return 0; +} + +int htool_mauv_effective(const struct htool_invocation* inv) { + // TODO: support FW MAUV effective once it's implemented in firmware. + return 0; +} diff --git a/examples/htool_mauv.h b/examples/htool_mauv.h new file mode 100644 index 0000000..effe43b --- /dev/null +++ b/examples/htool_mauv.h @@ -0,0 +1,23 @@ +// Copyright 2026 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +#ifndef _LIBHOTH_EXAMPLES_HTOOL_MAUV_H_ +#define _LIBHOTH_EXAMPLES_HTOOL_MAUV_H_ + +#include "htool_cmd.h" + +int htool_mauv_compiled(const struct htool_invocation* inv); +int htool_mauv_effective(const struct htool_invocation* inv); + +#endif // _LIBHOTH_EXAMPLES_HTOOL_MAUV_H_ diff --git a/examples/meson.build b/examples/meson.build index 34dc52e..3c5e982 100644 --- a/examples/meson.build +++ b/examples/meson.build @@ -31,6 +31,8 @@ executable( 'htool_jtag.c', 'htool_mtd.c', 'htool_key_rotation.c', + 'htool_mauv.h', + 'htool_mauv.c', 'htool_panic.c', 'htool_payload.c', 'htool_payload_update.c',