MA-13487 Refine fsl avb functions
Too many macros are used in fsl_avbkey.c and make it difficult to maintain. This patch made some refine by: 1. Move all avb/atx operations to fsl_avb.c. 2. Refine the functions logic. 3. Drop some unsupported conditions/functions. Test: build and boot on imx8qm_mek/imx8mq_evk/imx6qp_sabresd/imx7d_pico/imx8m_aiy. Change-Id: I5c99732acfc47d53cdf188d69223983777e577f4 Signed-off-by: Luo Ji <ji.luo@nxp.com>zero-sugar
parent
e26db8caf2
commit
f39aa82a3d
|
@ -39,3 +39,4 @@ CONFIG_AVB_SUPPORT=y
|
|||
CONFIG_AVB_ATX=y
|
||||
CONFIG_USE_STDINT=y
|
||||
CONFIG_LIB_RAND=y
|
||||
CONFIG_CMD_UUID=y
|
||||
|
|
|
@ -933,18 +933,6 @@ static void process_flash_mmc(const char *cmdbuf)
|
|||
{
|
||||
if (download_bytes) {
|
||||
struct fastboot_ptentry *ptn;
|
||||
#if defined(AVB_RPMB) && !defined(CONFIG_ARM64)
|
||||
if (!strcmp_l1(FASTBOOT_PARTITION_AVBKEY, cmdbuf)) {
|
||||
printf("pubkey len %d\n", download_bytes);
|
||||
if (avbkey_init(interface.transfer_buffer, download_bytes) != 0) {
|
||||
fastboot_fail("fail to Write partition");
|
||||
} else {
|
||||
printf("init 'avbkey' DONE!\n");
|
||||
fastboot_okay("OKAY");
|
||||
}
|
||||
return;
|
||||
}
|
||||
#endif
|
||||
|
||||
/* Next is the partition name */
|
||||
ptn = fastboot_flash_find_ptn(cmdbuf);
|
||||
|
|
|
@ -102,6 +102,7 @@
|
|||
#endif
|
||||
|
||||
#ifdef CONFIG_SPL_BUILD
|
||||
#define AVB_RPMB
|
||||
#undef CONFIG_BLK
|
||||
#endif
|
||||
|
||||
|
|
|
@ -95,6 +95,7 @@
|
|||
#undef CONFIG_USB_FUNCTION_MASS_STORAGE
|
||||
|
||||
#ifdef CONFIG_SPL_BUILD
|
||||
#define AVB_RPMB
|
||||
#undef CONFIG_BLK
|
||||
#endif
|
||||
|
||||
|
|
|
@ -1,5 +1,3 @@
|
|||
ccflags-y += -Werror
|
||||
|
||||
ifndef CONFIG_SPL_BUILD
|
||||
obj-y += fsl_avb.o
|
||||
obj-y += fsl_bootctl.o
|
||||
|
@ -9,3 +7,4 @@ endif
|
|||
obj-y += fsl_avbkey.o
|
||||
obj-y += utils.o
|
||||
obj-y += fsl_avb_ab_flow.o
|
||||
obj-$(CONFIG_AVB_ATX) += fsl_atx_attributes.o
|
||||
|
|
|
@ -0,0 +1,145 @@
|
|||
/*
|
||||
* Copyright 2018 NXP
|
||||
*
|
||||
* SPDX-License-Identifier: GPL-2.0+
|
||||
*/
|
||||
|
||||
/* This product_id is generated from
|
||||
* extern/avb/test/data/atx_product_id.bin */
|
||||
unsigned char fsl_atx_product_id[16] = {
|
||||
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
|
||||
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00
|
||||
};
|
||||
/* This product_root_public_key is generated form
|
||||
* extern/avb/test/data/testkey_atx_prk.pem */
|
||||
unsigned char fsl_product_root_public_key[1032] = {
|
||||
0x00,0x00,0x10,0x00,0x9f,0x35,0xef,0x65,
|
||||
0xc3,0x29,0x4c,0x23,0x16,0x10,0xac,0x32,
|
||||
0xc1,0x3c,0xd5,0xc5,0xab,0xa1,0xd9,0xe7,
|
||||
0x13,0x3f,0x7e,0xd1,0xe6,0x61,0x5d,0xa3,
|
||||
0xa1,0x60,0xda,0x57,0x4b,0xb2,0xe6,0x0f,
|
||||
0xe1,0x50,0xbf,0x47,0xff,0x09,0xaf,0xcd,
|
||||
0x49,0x2d,0x82,0x33,0x76,0xa1,0xfe,0x28,
|
||||
0x5f,0x89,0x62,0xb3,0xc0,0xf1,0x11,0xaf,
|
||||
0x15,0x09,0x27,0xdb,0xeb,0x06,0x01,0xa2,
|
||||
0xf8,0xb7,0xd7,0x9c,0xe4,0x88,0x3a,0x86,
|
||||
0x05,0x02,0x20,0x69,0xb2,0x36,0x4c,0x3e,
|
||||
0x25,0x03,0xed,0xfc,0x0c,0x6b,0x1b,0x0a,
|
||||
0x04,0x9c,0xce,0x7f,0x83,0x82,0x60,0xd9,
|
||||
0x52,0x7e,0xc4,0x35,0x7b,0x1c,0xe6,0x64,
|
||||
0x9c,0x17,0xec,0x81,0xe7,0x9c,0x0c,0x8b,
|
||||
0x4b,0x7e,0x48,0xbe,0x00,0x98,0xa8,0x20,
|
||||
0x10,0x4c,0x9b,0xd1,0x16,0x5b,0x25,0xe9,
|
||||
0x4e,0x61,0xda,0x7c,0x63,0x80,0x8f,0xa4,
|
||||
0xac,0x74,0xee,0xa8,0x06,0xac,0x26,0xd5,
|
||||
0x71,0x6f,0xaa,0x73,0x20,0x9c,0x7f,0xcd,
|
||||
0x73,0xd4,0xa9,0xa0,0x7e,0x5a,0xb5,0x61,
|
||||
0xb0,0x88,0xb0,0xdd,0xdb,0x6b,0x79,0xd1,
|
||||
0x5a,0x9e,0x54,0x49,0x55,0xc6,0x89,0x76,
|
||||
0x7a,0xc6,0x78,0x99,0xdc,0xc9,0x00,0x5d,
|
||||
0x20,0xf5,0xfc,0x8f,0x39,0x46,0xf3,0x02,
|
||||
0x96,0x0d,0x9b,0xfb,0xbc,0xd5,0xcf,0x5a,
|
||||
0x4f,0xc4,0xb8,0x0b,0xd0,0xf3,0x19,0x3c,
|
||||
0x74,0x04,0xd5,0x94,0x2c,0x19,0x15,0x64,
|
||||
0xbf,0x53,0x67,0x97,0x7b,0x9e,0xc6,0xe0,
|
||||
0xfb,0x29,0x5b,0x90,0xad,0x04,0x8a,0xd8,
|
||||
0x5b,0xdf,0x69,0x09,0xe4,0xa5,0xe9,0xd9,
|
||||
0x0f,0xc4,0xff,0xae,0xb7,0x44,0x12,0xae,
|
||||
0xad,0x03,0x97,0xb8,0xda,0xd7,0x60,0x37,
|
||||
0x15,0xf2,0xb9,0xdb,0x10,0xf6,0xe2,0x26,
|
||||
0x48,0x7e,0x3e,0x3e,0xc3,0x67,0xd3,0xa6,
|
||||
0x02,0xf7,0xbc,0x60,0xed,0x45,0xdf,0x37,
|
||||
0xef,0xf9,0xea,0x97,0x5f,0x37,0xb4,0xeb,
|
||||
0xb4,0x91,0x6c,0x39,0x4d,0xed,0x52,0x15,
|
||||
0x39,0x47,0x59,0x62,0xde,0x32,0x55,0xe1,
|
||||
0xd4,0x15,0x58,0x7d,0x52,0x41,0x12,0x78,
|
||||
0xee,0x9f,0x0d,0xc8,0x5e,0x34,0x91,0xf9,
|
||||
0xe7,0x4c,0x1e,0xe7,0x2f,0x90,0x7f,0xbb,
|
||||
0xf8,0x99,0x3e,0xc9,0x79,0xab,0x01,0xdb,
|
||||
0x24,0x39,0xe3,0xb4,0xc9,0x52,0x73,0xdb,
|
||||
0x65,0x42,0xa5,0x2e,0x43,0x56,0xa0,0x33,
|
||||
0x8c,0x1a,0xb7,0xa1,0xed,0x5c,0xd0,0x14,
|
||||
0x93,0x8d,0x23,0x78,0x93,0xcb,0x3a,0x03,
|
||||
0x1f,0xbb,0xc6,0x7b,0xcd,0x51,0x4e,0xaa,
|
||||
0x14,0x01,0xe9,0x03,0x27,0x13,0xe2,0xb2,
|
||||
0xf8,0x36,0xc6,0xe3,0xc3,0x7f,0xb5,0x74,
|
||||
0x20,0x5e,0x17,0xaa,0x25,0x07,0x9b,0x60,
|
||||
0xda,0x83,0x98,0xb5,0x55,0xae,0x1b,0x7a,
|
||||
0xc1,0x1f,0x49,0x72,0xe2,0xcb,0x6a,0x11,
|
||||
0x77,0xdf,0x3f,0xc0,0x9f,0x8f,0x33,0xc7,
|
||||
0x10,0x17,0x8c,0xfc,0xd5,0xb7,0x5f,0x5e,
|
||||
0xb2,0xe3,0x7b,0x2e,0xdc,0xc7,0x34,0xdb,
|
||||
0x31,0xb0,0xdc,0x5d,0x14,0x98,0xb6,0x1a,
|
||||
0x2a,0xd4,0xb4,0x04,0x2c,0xf0,0x68,0x1c,
|
||||
0x91,0x60,0x28,0xa5,0x3b,0x01,0x98,0xb6,
|
||||
0x1e,0x6e,0xaa,0x35,0x89,0xc7,0x94,0xaa,
|
||||
0x9e,0xf0,0x11,0x52,0x0f,0x28,0xa1,0x3d,
|
||||
0xd3,0x17,0xb5,0x08,0xd8,0x7a,0x41,0xf9,
|
||||
0x07,0xe2,0x87,0x36,0xcd,0x86,0x3e,0x79,
|
||||
0x99,0x73,0x50,0x21,0x30,0x00,0xd2,0xf3,
|
||||
0x88,0x60,0x32,0x59,0x58,0x2f,0x55,0x93,
|
||||
0x86,0x56,0x9a,0x96,0xb9,0xf8,0xbf,0x24,
|
||||
0xc4,0xba,0xea,0xa4,0x73,0xb0,0x0c,0xa6,
|
||||
0xdb,0x09,0x2d,0x0a,0x36,0x3f,0x80,0xe6,
|
||||
0x85,0x7a,0xf3,0x01,0x90,0x3a,0xc6,0xee,
|
||||
0x2d,0xa8,0xce,0xb4,0x3f,0x3a,0xa6,0xa3,
|
||||
0xaf,0xb9,0x21,0xef,0x40,0x6f,0xf4,0x7f,
|
||||
0x78,0x25,0x55,0x39,0x53,0x67,0x53,0x56,
|
||||
0x8d,0x81,0xaf,0x63,0x97,0x68,0x86,0x75,
|
||||
0x66,0x14,0x1e,0xa6,0x63,0x1e,0x02,0xd0,
|
||||
0x41,0xd8,0x78,0x75,0x0d,0x76,0x77,0xfa,
|
||||
0x9c,0xc5,0xcc,0x54,0x06,0x25,0x53,0x95,
|
||||
0xeb,0x4b,0x7c,0xb4,0xc8,0xbb,0x5d,0x6b,
|
||||
0x6e,0xf0,0xd7,0x8d,0x3f,0xdf,0x93,0x4c,
|
||||
0x30,0x5b,0x02,0xf5,0x0e,0x49,0x87,0x60,
|
||||
0x5f,0x19,0x06,0x24,0x3d,0x5d,0x97,0x37,
|
||||
0x61,0xef,0x3e,0x0b,0x9e,0x85,0x1c,0x1a,
|
||||
0xa6,0x53,0x91,0xd2,0x2c,0x18,0x7c,0x8f,
|
||||
0x5b,0x4a,0xd5,0xdd,0xd9,0x8a,0xc3,0x92,
|
||||
0x19,0x54,0x39,0xde,0x33,0xa1,0xe1,0x37,
|
||||
0x60,0x3c,0x3b,0x3b,0xc5,0xed,0x1b,0xef,
|
||||
0x28,0xf5,0xdf,0x44,0x91,0xa3,0x1e,0x69,
|
||||
0x6a,0x35,0x85,0x6e,0x26,0x46,0x22,0x4d,
|
||||
0x87,0x92,0x44,0x6b,0x96,0xdb,0x75,0xfe,
|
||||
0x76,0x03,0x60,0xf7,0xfd,0x90,0x55,0x7d,
|
||||
0x6e,0xd7,0xaa,0x44,0x05,0xc7,0x23,0x37,
|
||||
0x12,0xa8,0xd4,0xb2,0x2b,0xed,0x41,0x5f,
|
||||
0x23,0x38,0x7c,0x16,0xe6,0x16,0xd3,0x10,
|
||||
0x19,0x12,0xcc,0x8b,0x6e,0xcd,0xd6,0xa6,
|
||||
0x39,0x8a,0x1b,0x24,0x3f,0x4d,0x6f,0xa6,
|
||||
0x00,0x7c,0xa0,0xa1,0x4a,0xfd,0xcd,0x68,
|
||||
0x50,0x76,0xc8,0x68,0x9d,0xeb,0xdf,0x24,
|
||||
0x39,0xaf,0x77,0xb2,0xb6,0xaf,0xb6,0x34,
|
||||
0x61,0x37,0x6a,0xfd,0xc7,0x6d,0x02,0x9f,
|
||||
0x29,0xd5,0x45,0xf4,0x89,0xd8,0x8c,0x5c,
|
||||
0xd3,0x31,0xa0,0x58,0x19,0x54,0x33,0x46,
|
||||
0x92,0xbc,0x1e,0x4b,0x14,0xac,0x73,0xa5,
|
||||
0x09,0x9f,0xb6,0x2b,0x2b,0x73,0x6b,0x83,
|
||||
0x86,0x13,0x6e,0x03,0xf7,0xe0,0x7d,0x81,
|
||||
0x47,0x18,0x08,0xea,0x09,0x10,0x24,0x61,
|
||||
0x6d,0x09,0x1d,0xb8,0x8e,0xba,0x04,0x4d,
|
||||
0xcc,0xe6,0xff,0x28,0x27,0x86,0x38,0x01,
|
||||
0x86,0xbe,0xf0,0x5b,0xf8,0x1a,0xd6,0xde,
|
||||
0xbe,0xf9,0x3b,0x76,0x3f,0x85,0x82,0x22,
|
||||
0x92,0x4b,0xe0,0x76,0x15,0xb2,0x57,0x5a,
|
||||
0xb0,0x64,0xde,0xce,0x93,0xb8,0x9f,0x25,
|
||||
0x53,0x8c,0x5e,0xdf,0x29,0x4e,0x50,0x69,
|
||||
0xfb,0x7e,0x33,0xcb,0x0e,0x28,0x01,0x6c,
|
||||
0xab,0xfa,0xd8,0x88,0x02,0xbc,0xf2,0xb1,
|
||||
0x0e,0x2f,0x6d,0x1c,0x8d,0xe4,0x11,0x23,
|
||||
0xcc,0x67,0x94,0x7b,0xf7,0x8a,0xf3,0x68,
|
||||
0x52,0xe4,0x82,0x25,0x86,0xc6,0x72,0x19,
|
||||
0x77,0x80,0x28,0xe3,0x86,0xc8,0x8a,0xea,
|
||||
0x3d,0x54,0x2f,0x0b,0x64,0x0a,0xc5,0x12,
|
||||
0x8c,0xb2,0x07,0x72,0x1b,0x09,0x9f,0x32,
|
||||
0xbd,0xa3,0xb0,0x0c,0x95,0xc8,0x4d,0xe5,
|
||||
0xd7,0x20,0xdb,0xf8,0x34,0x2a,0x9d,0x91,
|
||||
0x58,0x38,0x7a,0x9c,0xe0,0xa3,0x0f,0x40,
|
||||
0x9d,0xff,0xeb,0x4b,0xe2,0x16,0x94,0x32,
|
||||
0xce,0xe8,0x52,0x75,0x49,0xf4,0x71,0x13,
|
||||
0xbc,0x59,0x7d,0x9a,0xe8,0x60,0x29,0x58,
|
||||
0x1a,0x14,0x94,0xe6,0x37,0x23,0xad,0xfe,
|
||||
0x0b,0xf0,0x63,0x60,0x4f,0x5d,0x10,0x91,
|
||||
0xf2,0x50,0x8e,0x0b,0x4a,0x47,0xc9,0x0c,
|
||||
0x1f,0xdc,0x94,0x75,0x25,0x52,0x99,0xfc
|
||||
};
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 2017 NXP
|
||||
* Copyright 2018 NXP
|
||||
*
|
||||
* SPDX-License-Identifier: GPL-2.0+
|
||||
*/
|
||||
|
@ -10,143 +10,9 @@
|
|||
#define fsl_version 1
|
||||
/* This product_id is generated from
|
||||
* extern/avb/test/data/atx_product_id.bin */
|
||||
unsigned char fsl_atx_product_id[] = {
|
||||
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
|
||||
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00
|
||||
};
|
||||
extern unsigned char fsl_atx_product_id[17];
|
||||
/* This product_root_public_key is generated form
|
||||
* extern/avb/test/data/testkey_atx_prk.pem */
|
||||
unsigned char fsl_product_root_public_key[] = {
|
||||
0x00,0x00,0x10,0x00,0x9f,0x35,0xef,0x65,
|
||||
0xc3,0x29,0x4c,0x23,0x16,0x10,0xac,0x32,
|
||||
0xc1,0x3c,0xd5,0xc5,0xab,0xa1,0xd9,0xe7,
|
||||
0x13,0x3f,0x7e,0xd1,0xe6,0x61,0x5d,0xa3,
|
||||
0xa1,0x60,0xda,0x57,0x4b,0xb2,0xe6,0x0f,
|
||||
0xe1,0x50,0xbf,0x47,0xff,0x09,0xaf,0xcd,
|
||||
0x49,0x2d,0x82,0x33,0x76,0xa1,0xfe,0x28,
|
||||
0x5f,0x89,0x62,0xb3,0xc0,0xf1,0x11,0xaf,
|
||||
0x15,0x09,0x27,0xdb,0xeb,0x06,0x01,0xa2,
|
||||
0xf8,0xb7,0xd7,0x9c,0xe4,0x88,0x3a,0x86,
|
||||
0x05,0x02,0x20,0x69,0xb2,0x36,0x4c,0x3e,
|
||||
0x25,0x03,0xed,0xfc,0x0c,0x6b,0x1b,0x0a,
|
||||
0x04,0x9c,0xce,0x7f,0x83,0x82,0x60,0xd9,
|
||||
0x52,0x7e,0xc4,0x35,0x7b,0x1c,0xe6,0x64,
|
||||
0x9c,0x17,0xec,0x81,0xe7,0x9c,0x0c,0x8b,
|
||||
0x4b,0x7e,0x48,0xbe,0x00,0x98,0xa8,0x20,
|
||||
0x10,0x4c,0x9b,0xd1,0x16,0x5b,0x25,0xe9,
|
||||
0x4e,0x61,0xda,0x7c,0x63,0x80,0x8f,0xa4,
|
||||
0xac,0x74,0xee,0xa8,0x06,0xac,0x26,0xd5,
|
||||
0x71,0x6f,0xaa,0x73,0x20,0x9c,0x7f,0xcd,
|
||||
0x73,0xd4,0xa9,0xa0,0x7e,0x5a,0xb5,0x61,
|
||||
0xb0,0x88,0xb0,0xdd,0xdb,0x6b,0x79,0xd1,
|
||||
0x5a,0x9e,0x54,0x49,0x55,0xc6,0x89,0x76,
|
||||
0x7a,0xc6,0x78,0x99,0xdc,0xc9,0x00,0x5d,
|
||||
0x20,0xf5,0xfc,0x8f,0x39,0x46,0xf3,0x02,
|
||||
0x96,0x0d,0x9b,0xfb,0xbc,0xd5,0xcf,0x5a,
|
||||
0x4f,0xc4,0xb8,0x0b,0xd0,0xf3,0x19,0x3c,
|
||||
0x74,0x04,0xd5,0x94,0x2c,0x19,0x15,0x64,
|
||||
0xbf,0x53,0x67,0x97,0x7b,0x9e,0xc6,0xe0,
|
||||
0xfb,0x29,0x5b,0x90,0xad,0x04,0x8a,0xd8,
|
||||
0x5b,0xdf,0x69,0x09,0xe4,0xa5,0xe9,0xd9,
|
||||
0x0f,0xc4,0xff,0xae,0xb7,0x44,0x12,0xae,
|
||||
0xad,0x03,0x97,0xb8,0xda,0xd7,0x60,0x37,
|
||||
0x15,0xf2,0xb9,0xdb,0x10,0xf6,0xe2,0x26,
|
||||
0x48,0x7e,0x3e,0x3e,0xc3,0x67,0xd3,0xa6,
|
||||
0x02,0xf7,0xbc,0x60,0xed,0x45,0xdf,0x37,
|
||||
0xef,0xf9,0xea,0x97,0x5f,0x37,0xb4,0xeb,
|
||||
0xb4,0x91,0x6c,0x39,0x4d,0xed,0x52,0x15,
|
||||
0x39,0x47,0x59,0x62,0xde,0x32,0x55,0xe1,
|
||||
0xd4,0x15,0x58,0x7d,0x52,0x41,0x12,0x78,
|
||||
0xee,0x9f,0x0d,0xc8,0x5e,0x34,0x91,0xf9,
|
||||
0xe7,0x4c,0x1e,0xe7,0x2f,0x90,0x7f,0xbb,
|
||||
0xf8,0x99,0x3e,0xc9,0x79,0xab,0x01,0xdb,
|
||||
0x24,0x39,0xe3,0xb4,0xc9,0x52,0x73,0xdb,
|
||||
0x65,0x42,0xa5,0x2e,0x43,0x56,0xa0,0x33,
|
||||
0x8c,0x1a,0xb7,0xa1,0xed,0x5c,0xd0,0x14,
|
||||
0x93,0x8d,0x23,0x78,0x93,0xcb,0x3a,0x03,
|
||||
0x1f,0xbb,0xc6,0x7b,0xcd,0x51,0x4e,0xaa,
|
||||
0x14,0x01,0xe9,0x03,0x27,0x13,0xe2,0xb2,
|
||||
0xf8,0x36,0xc6,0xe3,0xc3,0x7f,0xb5,0x74,
|
||||
0x20,0x5e,0x17,0xaa,0x25,0x07,0x9b,0x60,
|
||||
0xda,0x83,0x98,0xb5,0x55,0xae,0x1b,0x7a,
|
||||
0xc1,0x1f,0x49,0x72,0xe2,0xcb,0x6a,0x11,
|
||||
0x77,0xdf,0x3f,0xc0,0x9f,0x8f,0x33,0xc7,
|
||||
0x10,0x17,0x8c,0xfc,0xd5,0xb7,0x5f,0x5e,
|
||||
0xb2,0xe3,0x7b,0x2e,0xdc,0xc7,0x34,0xdb,
|
||||
0x31,0xb0,0xdc,0x5d,0x14,0x98,0xb6,0x1a,
|
||||
0x2a,0xd4,0xb4,0x04,0x2c,0xf0,0x68,0x1c,
|
||||
0x91,0x60,0x28,0xa5,0x3b,0x01,0x98,0xb6,
|
||||
0x1e,0x6e,0xaa,0x35,0x89,0xc7,0x94,0xaa,
|
||||
0x9e,0xf0,0x11,0x52,0x0f,0x28,0xa1,0x3d,
|
||||
0xd3,0x17,0xb5,0x08,0xd8,0x7a,0x41,0xf9,
|
||||
0x07,0xe2,0x87,0x36,0xcd,0x86,0x3e,0x79,
|
||||
0x99,0x73,0x50,0x21,0x30,0x00,0xd2,0xf3,
|
||||
0x88,0x60,0x32,0x59,0x58,0x2f,0x55,0x93,
|
||||
0x86,0x56,0x9a,0x96,0xb9,0xf8,0xbf,0x24,
|
||||
0xc4,0xba,0xea,0xa4,0x73,0xb0,0x0c,0xa6,
|
||||
0xdb,0x09,0x2d,0x0a,0x36,0x3f,0x80,0xe6,
|
||||
0x85,0x7a,0xf3,0x01,0x90,0x3a,0xc6,0xee,
|
||||
0x2d,0xa8,0xce,0xb4,0x3f,0x3a,0xa6,0xa3,
|
||||
0xaf,0xb9,0x21,0xef,0x40,0x6f,0xf4,0x7f,
|
||||
0x78,0x25,0x55,0x39,0x53,0x67,0x53,0x56,
|
||||
0x8d,0x81,0xaf,0x63,0x97,0x68,0x86,0x75,
|
||||
0x66,0x14,0x1e,0xa6,0x63,0x1e,0x02,0xd0,
|
||||
0x41,0xd8,0x78,0x75,0x0d,0x76,0x77,0xfa,
|
||||
0x9c,0xc5,0xcc,0x54,0x06,0x25,0x53,0x95,
|
||||
0xeb,0x4b,0x7c,0xb4,0xc8,0xbb,0x5d,0x6b,
|
||||
0x6e,0xf0,0xd7,0x8d,0x3f,0xdf,0x93,0x4c,
|
||||
0x30,0x5b,0x02,0xf5,0x0e,0x49,0x87,0x60,
|
||||
0x5f,0x19,0x06,0x24,0x3d,0x5d,0x97,0x37,
|
||||
0x61,0xef,0x3e,0x0b,0x9e,0x85,0x1c,0x1a,
|
||||
0xa6,0x53,0x91,0xd2,0x2c,0x18,0x7c,0x8f,
|
||||
0x5b,0x4a,0xd5,0xdd,0xd9,0x8a,0xc3,0x92,
|
||||
0x19,0x54,0x39,0xde,0x33,0xa1,0xe1,0x37,
|
||||
0x60,0x3c,0x3b,0x3b,0xc5,0xed,0x1b,0xef,
|
||||
0x28,0xf5,0xdf,0x44,0x91,0xa3,0x1e,0x69,
|
||||
0x6a,0x35,0x85,0x6e,0x26,0x46,0x22,0x4d,
|
||||
0x87,0x92,0x44,0x6b,0x96,0xdb,0x75,0xfe,
|
||||
0x76,0x03,0x60,0xf7,0xfd,0x90,0x55,0x7d,
|
||||
0x6e,0xd7,0xaa,0x44,0x05,0xc7,0x23,0x37,
|
||||
0x12,0xa8,0xd4,0xb2,0x2b,0xed,0x41,0x5f,
|
||||
0x23,0x38,0x7c,0x16,0xe6,0x16,0xd3,0x10,
|
||||
0x19,0x12,0xcc,0x8b,0x6e,0xcd,0xd6,0xa6,
|
||||
0x39,0x8a,0x1b,0x24,0x3f,0x4d,0x6f,0xa6,
|
||||
0x00,0x7c,0xa0,0xa1,0x4a,0xfd,0xcd,0x68,
|
||||
0x50,0x76,0xc8,0x68,0x9d,0xeb,0xdf,0x24,
|
||||
0x39,0xaf,0x77,0xb2,0xb6,0xaf,0xb6,0x34,
|
||||
0x61,0x37,0x6a,0xfd,0xc7,0x6d,0x02,0x9f,
|
||||
0x29,0xd5,0x45,0xf4,0x89,0xd8,0x8c,0x5c,
|
||||
0xd3,0x31,0xa0,0x58,0x19,0x54,0x33,0x46,
|
||||
0x92,0xbc,0x1e,0x4b,0x14,0xac,0x73,0xa5,
|
||||
0x09,0x9f,0xb6,0x2b,0x2b,0x73,0x6b,0x83,
|
||||
0x86,0x13,0x6e,0x03,0xf7,0xe0,0x7d,0x81,
|
||||
0x47,0x18,0x08,0xea,0x09,0x10,0x24,0x61,
|
||||
0x6d,0x09,0x1d,0xb8,0x8e,0xba,0x04,0x4d,
|
||||
0xcc,0xe6,0xff,0x28,0x27,0x86,0x38,0x01,
|
||||
0x86,0xbe,0xf0,0x5b,0xf8,0x1a,0xd6,0xde,
|
||||
0xbe,0xf9,0x3b,0x76,0x3f,0x85,0x82,0x22,
|
||||
0x92,0x4b,0xe0,0x76,0x15,0xb2,0x57,0x5a,
|
||||
0xb0,0x64,0xde,0xce,0x93,0xb8,0x9f,0x25,
|
||||
0x53,0x8c,0x5e,0xdf,0x29,0x4e,0x50,0x69,
|
||||
0xfb,0x7e,0x33,0xcb,0x0e,0x28,0x01,0x6c,
|
||||
0xab,0xfa,0xd8,0x88,0x02,0xbc,0xf2,0xb1,
|
||||
0x0e,0x2f,0x6d,0x1c,0x8d,0xe4,0x11,0x23,
|
||||
0xcc,0x67,0x94,0x7b,0xf7,0x8a,0xf3,0x68,
|
||||
0x52,0xe4,0x82,0x25,0x86,0xc6,0x72,0x19,
|
||||
0x77,0x80,0x28,0xe3,0x86,0xc8,0x8a,0xea,
|
||||
0x3d,0x54,0x2f,0x0b,0x64,0x0a,0xc5,0x12,
|
||||
0x8c,0xb2,0x07,0x72,0x1b,0x09,0x9f,0x32,
|
||||
0xbd,0xa3,0xb0,0x0c,0x95,0xc8,0x4d,0xe5,
|
||||
0xd7,0x20,0xdb,0xf8,0x34,0x2a,0x9d,0x91,
|
||||
0x58,0x38,0x7a,0x9c,0xe0,0xa3,0x0f,0x40,
|
||||
0x9d,0xff,0xeb,0x4b,0xe2,0x16,0x94,0x32,
|
||||
0xce,0xe8,0x52,0x75,0x49,0xf4,0x71,0x13,
|
||||
0xbc,0x59,0x7d,0x9a,0xe8,0x60,0x29,0x58,
|
||||
0x1a,0x14,0x94,0xe6,0x37,0x23,0xad,0xfe,
|
||||
0x0b,0xf0,0x63,0x60,0x4f,0x5d,0x10,0x91,
|
||||
0xf2,0x50,0x8e,0x0b,0x4a,0x47,0xc9,0x0c,
|
||||
0x1f,0xdc,0x94,0x75,0x25,0x52,0x99,0xfc
|
||||
};
|
||||
extern unsigned char fsl_product_root_public_key[1032];
|
||||
|
||||
#endif
|
||||
/* __FSL_ATX_ATTRIBUTES_H__ */
|
||||
#endif /* __FSL_ATX_ATTRIBUTES_H__ */
|
||||
|
|
|
@ -15,6 +15,9 @@
|
|||
#include "fsl_avbkey.h"
|
||||
#include "utils.h"
|
||||
#include "debug.h"
|
||||
#include "trusty/avb.h"
|
||||
#include "fsl_public_key.h"
|
||||
#include "fsl_atx_attributes.h"
|
||||
|
||||
#define FSL_AVB_DEV "mmc"
|
||||
|
||||
|
@ -435,3 +438,392 @@ AvbIOResult fsl_get_size_of_partition(AvbOps* ops,
|
|||
*out_size_num_bytes = (uint64_t)(pte->length * 512);
|
||||
return AVB_IO_RESULT_OK;
|
||||
}
|
||||
|
||||
#ifdef CONFIG_AVB_ATX
|
||||
/* Reads permanent |attributes| data. There are no restrictions on where this
|
||||
* data is stored. On success, returns AVB_IO_RESULT_OK and populates
|
||||
* |attributes|.
|
||||
*/
|
||||
AvbIOResult fsl_read_permanent_attributes(
|
||||
AvbAtxOps* atx_ops, AvbAtxPermanentAttributes* attributes) {
|
||||
#ifdef CONFIG_IMX_TRUSTY_OS
|
||||
if (!trusty_read_permanent_attributes((uint8_t *)attributes,
|
||||
sizeof(AvbAtxPermanentAttributes))) {
|
||||
return AVB_IO_RESULT_OK;
|
||||
}
|
||||
ERR("No perm-attr fused. Will use hard code one.\n");
|
||||
#endif /* CONFIG_IMX_TRUSTY_OS */
|
||||
|
||||
/* use hard code permanent attributes due to limited fuse and RPMB */
|
||||
attributes->version = fsl_version;
|
||||
memcpy(attributes->product_root_public_key, fsl_product_root_public_key,
|
||||
sizeof(fsl_product_root_public_key));
|
||||
memcpy(attributes->product_id, fsl_atx_product_id,
|
||||
sizeof(fsl_atx_product_id));
|
||||
|
||||
return AVB_IO_RESULT_OK;
|
||||
}
|
||||
|
||||
/* Reads a |hash| of permanent attributes. This hash MUST be retrieved from a
|
||||
* permanently read-only location (e.g. fuses) when a device is LOCKED. On
|
||||
* success, returned AVB_IO_RESULT_OK and populates |hash|.
|
||||
*/
|
||||
AvbIOResult fsl_read_permanent_attributes_hash(
|
||||
AvbAtxOps* atx_ops, uint8_t hash[AVB_SHA256_DIGEST_SIZE]) {
|
||||
#ifdef CONFIG_ARM64
|
||||
/* calculate sha256(permanent attributes) */
|
||||
if (permanent_attributes_sha256_hash(hash) != RESULT_OK) {
|
||||
return AVB_IO_RESULT_ERROR_IO;
|
||||
} else {
|
||||
return AVB_IO_RESULT_OK;
|
||||
}
|
||||
#else
|
||||
uint8_t sha256_hash_buf[AVB_SHA256_DIGEST_SIZE];
|
||||
uint32_t sha256_hash_fuse[ATX_FUSE_BANK_NUM];
|
||||
|
||||
/* read first 112 bits of sha256(permanent attributes) from fuse */
|
||||
if (fsl_fuse_read(sha256_hash_fuse, ATX_FUSE_BANK_NUM,
|
||||
PERMANENT_ATTRIBUTE_HASH_OFFSET)) {
|
||||
printf("ERROR - read permanent attributes hash from "
|
||||
"fuse error\n");
|
||||
return AVB_IO_RESULT_ERROR_IO;
|
||||
}
|
||||
/* only take the lower 2 bytes of last bank */
|
||||
sha256_hash_fuse[ATX_FUSE_BANK_NUM - 1] &= ATX_FUSE_BANK_MASK;
|
||||
|
||||
/* calculate sha256(permanent attributes) */
|
||||
if (permanent_attributes_sha256_hash(sha256_hash_buf) != RESULT_OK) {
|
||||
return AVB_IO_RESULT_ERROR_IO;
|
||||
}
|
||||
/* check if the sha256(permanent attributes) hash match the calculated one,
|
||||
* if not match, just return all zeros hash.
|
||||
*/
|
||||
if (memcmp(sha256_hash_fuse, sha256_hash_buf, ATX_HASH_LENGTH)) {
|
||||
printf("ERROR - sha256(permanent attributes) does not match\n");
|
||||
memset(hash, 0, AVB_SHA256_DIGEST_SIZE);
|
||||
} else {
|
||||
memcpy(hash, sha256_hash_buf, AVB_SHA256_DIGEST_SIZE);
|
||||
}
|
||||
|
||||
return AVB_IO_RESULT_OK;
|
||||
#endif /* CONFIG_ARM64 */
|
||||
}
|
||||
|
||||
/* Generates |num_bytes| random bytes and stores them in |output|,
|
||||
* which must point to a buffer large enough to store the bytes.
|
||||
*
|
||||
* Returns AVB_IO_RESULT_OK on success, otherwise an error code.
|
||||
*/
|
||||
AvbIOResult fsl_get_random(AvbAtxOps* atx_ops,
|
||||
size_t num_bytes,
|
||||
uint8_t* output)
|
||||
{
|
||||
uint32_t num = 0;
|
||||
uint32_t i;
|
||||
|
||||
if (output == NULL) {
|
||||
ERR("Output buffer is NULL!\n");
|
||||
return AVB_IO_RESULT_ERROR_INSUFFICIENT_SPACE;
|
||||
}
|
||||
|
||||
/* set the seed as device boot time. */
|
||||
srand((uint32_t)get_timer(0));
|
||||
for (i = 0; i < num_bytes; i++) {
|
||||
num = rand() % 256;
|
||||
output[i] = (uint8_t)num;
|
||||
}
|
||||
|
||||
return AVB_IO_RESULT_OK;
|
||||
}
|
||||
/* Provides the key version of a key used during verification. This may be
|
||||
* useful for managing the minimum key version.
|
||||
*/
|
||||
void fsl_set_key_version(AvbAtxOps* atx_ops,
|
||||
size_t rollback_index_location,
|
||||
uint64_t key_version) {
|
||||
kblb_hdr_t hdr;
|
||||
kblb_tag_t *rbk;
|
||||
uint64_t *plain_idx = NULL;
|
||||
struct mmc *mmc_dev;
|
||||
static const uint32_t kTypeMask = 0xF000;
|
||||
|
||||
DEBUGAVB("[rpmb] write to rollback slot: (%zu, %" PRIu64 ")\n",
|
||||
rollback_index_location, key_version);
|
||||
|
||||
assert(atx_ops != NULL);
|
||||
|
||||
if ((mmc_dev = get_mmc()) == NULL) {
|
||||
ERR("err get mmc device\n");
|
||||
}
|
||||
/* read the kblb header */
|
||||
if (rpmb_read(mmc_dev, (uint8_t *)&hdr, sizeof(hdr), 0) != 0) {
|
||||
ERR("read RPMB error\n");
|
||||
}
|
||||
|
||||
if (memcmp(hdr.magic, AVB_KBLB_MAGIC, AVB_KBLB_MAGIC_LEN) != 0) {
|
||||
ERR("magic not match\n");
|
||||
}
|
||||
|
||||
/* rollback index for Android Things key versions */
|
||||
rbk = &hdr.atx_rbk_tags[rollback_index_location & ~kTypeMask];
|
||||
|
||||
plain_idx = malloc(rbk->len);
|
||||
if (plain_idx == NULL)
|
||||
printf("\nError! allocate memory fail!\n");
|
||||
memset(plain_idx, 0, rbk->len);
|
||||
*plain_idx = key_version;
|
||||
|
||||
/* write rollback_index keyblob */
|
||||
if (rpmb_write(mmc_dev, (uint8_t *)plain_idx, rbk->len, rbk->offset) !=
|
||||
0) {
|
||||
ERR("write rollback index error\n");
|
||||
goto fail;
|
||||
}
|
||||
fail:
|
||||
if (plain_idx != NULL)
|
||||
free(plain_idx);
|
||||
}
|
||||
#endif /* CONFIG_AVB_ATX */
|
||||
|
||||
#ifdef AVB_RPMB
|
||||
/* Checks if the given public key used to sign the 'vbmeta'
|
||||
* partition is trusted. Boot loaders typically compare this with
|
||||
* embedded key material generated with 'avbtool
|
||||
* extract_public_key'.
|
||||
*
|
||||
* If AVB_IO_RESULT_OK is returned then |out_is_trusted| is set -
|
||||
* true if trusted or false if untrusted.
|
||||
*/
|
||||
AvbIOResult fsl_validate_vbmeta_public_key_rpmb(AvbOps* ops,
|
||||
const uint8_t* public_key_data,
|
||||
size_t public_key_length,
|
||||
const uint8_t* public_key_metadata,
|
||||
size_t public_key_metadata_length,
|
||||
bool* out_is_trusted) {
|
||||
AvbIOResult ret;
|
||||
assert(ops != NULL && out_is_trusted != NULL);
|
||||
*out_is_trusted = false;
|
||||
|
||||
/* match given public key */
|
||||
if (memcmp(fsl_public_key, public_key_data, public_key_length)) {
|
||||
ret = AVB_IO_RESULT_ERROR_IO;
|
||||
ERR("public key not match\n");
|
||||
return AVB_IO_RESULT_ERROR_IO;
|
||||
}
|
||||
|
||||
*out_is_trusted = true;
|
||||
ret = AVB_IO_RESULT_OK;
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
/* Sets the rollback index corresponding to the slot given by
|
||||
* |rollback_index_slot| to |rollback_index|. Returns
|
||||
* AVB_IO_RESULT_OK if the rollback index was set, otherwise an
|
||||
* error code.
|
||||
*
|
||||
* A device may have a limited amount of rollback index slots (say,
|
||||
* one or four) so may error out if |rollback_index_slot| exceeds
|
||||
* this number.
|
||||
*/
|
||||
AvbIOResult fsl_write_rollback_index_rpmb(AvbOps* ops, size_t rollback_index_slot,
|
||||
uint64_t rollback_index) {
|
||||
AvbIOResult ret;
|
||||
#ifdef CONFIG_IMX_TRUSTY_OS
|
||||
if (trusty_write_rollback_index(rollback_index_slot, rollback_index)) {
|
||||
ERR("write rollback from Trusty error!");
|
||||
ret = AVB_IO_RESULT_ERROR_IO;
|
||||
} else {
|
||||
ret = AVB_IO_RESULT_OK;
|
||||
}
|
||||
return ret;
|
||||
#else
|
||||
kblb_hdr_t hdr;
|
||||
kblb_tag_t *rbk;
|
||||
uint64_t *plain_idx = NULL;
|
||||
struct mmc *mmc_dev;
|
||||
#ifdef CONFIG_AVB_ATX
|
||||
static const uint32_t kTypeMask = 0xF000;
|
||||
static const unsigned int kTypeShift = 12;
|
||||
#endif
|
||||
|
||||
DEBUGAVB("[rpmb] write to rollback slot: (%zu, %" PRIu64 ")\n",
|
||||
rollback_index_slot, rollback_index);
|
||||
|
||||
assert(ops != NULL);
|
||||
/* check if the rollback index location exceed the limit */
|
||||
#ifdef CONFIG_AVB_ATX
|
||||
if ((rollback_index_slot & ~kTypeMask) >= AVB_MAX_NUMBER_OF_ROLLBACK_INDEX_LOCATIONS)
|
||||
#else
|
||||
if (rollback_index_slot >= AVB_MAX_NUMBER_OF_ROLLBACK_INDEX_LOCATIONS)
|
||||
#endif /* CONFIG_AVB_ATX */
|
||||
return AVB_IO_RESULT_ERROR_IO;
|
||||
|
||||
if ((mmc_dev = get_mmc()) == NULL) {
|
||||
ERR("err get mmc device\n");
|
||||
return AVB_IO_RESULT_ERROR_IO;
|
||||
}
|
||||
/* read the kblb header */
|
||||
if (rpmb_read(mmc_dev, (uint8_t *)&hdr, sizeof(hdr), 0) != 0) {
|
||||
ERR("read RPMB error\n");
|
||||
return AVB_IO_RESULT_ERROR_IO;
|
||||
}
|
||||
|
||||
if (memcmp(hdr.magic, AVB_KBLB_MAGIC, AVB_KBLB_MAGIC_LEN) != 0) {
|
||||
ERR("magic not match\n");
|
||||
return AVB_IO_RESULT_ERROR_IO;
|
||||
}
|
||||
/* choose rollback index type */
|
||||
#ifdef CONFIG_AVB_ATX
|
||||
if ((rollback_index_slot & kTypeMask) >> kTypeShift) {
|
||||
/* rollback index for Android Things key versions */
|
||||
rbk = &hdr.atx_rbk_tags[rollback_index_slot & ~kTypeMask];
|
||||
} else {
|
||||
/* rollback index for vbmeta */
|
||||
rbk = &hdr.rbk_tags[rollback_index_slot & ~kTypeMask];
|
||||
}
|
||||
#else
|
||||
rbk = &hdr.rbk_tags[rollback_index_slot];
|
||||
#endif /* CONFIG_AVB_ATX */
|
||||
plain_idx = malloc(rbk->len);
|
||||
if (plain_idx == NULL)
|
||||
return AVB_IO_RESULT_ERROR_OOM;
|
||||
memset(plain_idx, 0, rbk->len);
|
||||
*plain_idx = rollback_index;
|
||||
|
||||
/* write rollback_index keyblob */
|
||||
if (rpmb_write(mmc_dev, (uint8_t *)plain_idx, rbk->len, rbk->offset) !=
|
||||
0) {
|
||||
ERR("write rollback index error\n");
|
||||
ret = AVB_IO_RESULT_ERROR_IO;
|
||||
goto fail;
|
||||
}
|
||||
ret = AVB_IO_RESULT_OK;
|
||||
fail:
|
||||
if (plain_idx != NULL)
|
||||
free(plain_idx);
|
||||
return ret;
|
||||
#endif /* CONFIG_IMX_TRUSTY_OS */
|
||||
}
|
||||
|
||||
/* Gets the rollback index corresponding to the slot given by
|
||||
* |rollback_index_slot|. The value is returned in
|
||||
* |out_rollback_index|. Returns AVB_IO_RESULT_OK if the rollback
|
||||
* index was retrieved, otherwise an error code.
|
||||
*
|
||||
* A device may have a limited amount of rollback index slots (say,
|
||||
* one or four) so may error out if |rollback_index_slot| exceeds
|
||||
* this number.
|
||||
*/
|
||||
AvbIOResult fsl_read_rollback_index_rpmb(AvbOps* ops, size_t rollback_index_slot,
|
||||
uint64_t* out_rollback_index) {
|
||||
AvbIOResult ret;
|
||||
#ifdef CONFIG_IMX_TRUSTY_OS
|
||||
if (trusty_read_rollback_index(rollback_index_slot, out_rollback_index)) {
|
||||
ERR("read rollback from Trusty error!");
|
||||
ret = AVB_IO_RESULT_ERROR_IO;
|
||||
} else {
|
||||
ret = AVB_IO_RESULT_OK;
|
||||
}
|
||||
return ret;
|
||||
#else
|
||||
kblb_hdr_t hdr;
|
||||
kblb_tag_t *rbk;
|
||||
uint64_t *extract_idx = NULL;
|
||||
struct mmc *mmc_dev;
|
||||
#ifdef CONFIG_AVB_ATX
|
||||
static const uint32_t kTypeMask = 0xF000;
|
||||
static const unsigned int kTypeShift = 12;
|
||||
#endif
|
||||
|
||||
assert(ops != NULL && out_rollback_index != NULL);
|
||||
*out_rollback_index = ~0;
|
||||
|
||||
DEBUGAVB("[rpmb] read rollback slot: %zu\n", rollback_index_slot);
|
||||
|
||||
/* check if the rollback index location exceed the limit */
|
||||
#ifdef CONFIG_AVB_ATX
|
||||
if ((rollback_index_slot & ~kTypeMask) >= AVB_MAX_NUMBER_OF_ROLLBACK_INDEX_LOCATIONS)
|
||||
#else
|
||||
if (rollback_index_slot >= AVB_MAX_NUMBER_OF_ROLLBACK_INDEX_LOCATIONS)
|
||||
#endif
|
||||
return AVB_IO_RESULT_ERROR_IO;
|
||||
|
||||
if ((mmc_dev = get_mmc()) == NULL) {
|
||||
ERR("err get mmc device\n");
|
||||
return AVB_IO_RESULT_ERROR_IO;
|
||||
}
|
||||
/* read the kblb header */
|
||||
if (rpmb_read(mmc_dev, (uint8_t *)&hdr, sizeof(hdr), 0) != 0) {
|
||||
ERR("read RPMB error\n");
|
||||
return AVB_IO_RESULT_ERROR_IO;
|
||||
}
|
||||
|
||||
if (memcmp(hdr.magic, AVB_KBLB_MAGIC, AVB_KBLB_MAGIC_LEN) != 0) {
|
||||
ERR("magic not match\n");
|
||||
return AVB_IO_RESULT_ERROR_IO;
|
||||
}
|
||||
/* choose rollback index type */
|
||||
#ifdef CONFIG_AVB_ATX
|
||||
if ((rollback_index_slot & kTypeMask) >> kTypeShift) {
|
||||
/* rollback index for Android Things key versions */
|
||||
rbk = &hdr.atx_rbk_tags[rollback_index_slot & ~kTypeMask];
|
||||
} else {
|
||||
/* rollback index for vbmeta */
|
||||
rbk = &hdr.rbk_tags[rollback_index_slot & ~kTypeMask];
|
||||
}
|
||||
#else
|
||||
rbk = &hdr.rbk_tags[rollback_index_slot];
|
||||
#endif /* CONFIG_AVB_ATX */
|
||||
extract_idx = malloc(rbk->len);
|
||||
if (extract_idx == NULL)
|
||||
return AVB_IO_RESULT_ERROR_OOM;
|
||||
|
||||
/* read rollback_index keyblob */
|
||||
if (rpmb_read(mmc_dev, (uint8_t *)extract_idx, rbk->len, rbk->offset) != 0) {
|
||||
ERR("read rollback index error\n");
|
||||
ret = AVB_IO_RESULT_ERROR_IO;
|
||||
goto fail;
|
||||
}
|
||||
|
||||
#ifdef AVB_VVDEBUG
|
||||
printf("\n----idx dump: ---\n");
|
||||
print_buffer(0, extract_idx, HEXDUMP_WIDTH, rbk->len, 0);
|
||||
printf("--- end ---\n");
|
||||
#endif
|
||||
*out_rollback_index = *extract_idx;
|
||||
DEBUGAVB("rollback_index = %" PRIu64 "\n", *out_rollback_index);
|
||||
ret = AVB_IO_RESULT_OK;
|
||||
fail:
|
||||
if (extract_idx != NULL)
|
||||
free(extract_idx);
|
||||
return ret;
|
||||
#endif /* CONFIG_IMX_TRUSTY_OS */
|
||||
}
|
||||
#else /* AVB_RPMB */
|
||||
/*
|
||||
* In no security enhanced ARM64, we cannot protect public key.
|
||||
* So that we choose to trust the key from vbmeta image
|
||||
*/
|
||||
AvbIOResult fsl_validate_vbmeta_public_key_rpmb(AvbOps* ops,
|
||||
const uint8_t* public_key_data,
|
||||
size_t public_key_length,
|
||||
const uint8_t* public_key_metadata,
|
||||
size_t public_key_metadata_length,
|
||||
bool* out_is_trusted) {
|
||||
*out_is_trusted = true;
|
||||
return AVB_IO_RESULT_OK;
|
||||
}
|
||||
|
||||
/* In no security enhanced ARM64, rollback index has no protection so no use it */
|
||||
AvbIOResult fsl_write_rollback_index_rpmb(AvbOps* ops, size_t rollback_index_slot,
|
||||
uint64_t rollback_index) {
|
||||
return AVB_IO_RESULT_OK;
|
||||
|
||||
}
|
||||
AvbIOResult fsl_read_rollback_index_rpmb(AvbOps* ops, size_t rollback_index_slot,
|
||||
uint64_t* out_rollback_index) {
|
||||
*out_rollback_index = 0;
|
||||
return AVB_IO_RESULT_OK;
|
||||
}
|
||||
#endif /* AVB_RPMB */
|
||||
|
|
File diff suppressed because it is too large
Load Diff
|
@ -44,6 +44,15 @@ struct bl_rbindex_package {
|
|||
#define RPMB_KEY_MAGIC "RPMB"
|
||||
#endif
|
||||
|
||||
#ifdef CONFIG_AVB_ATX
|
||||
#define ATX_FUSE_BANK_NUM 4
|
||||
#define ATX_FUSE_BANK_MASK 0xFFFF
|
||||
#define ATX_HASH_LENGTH 14
|
||||
#endif
|
||||
|
||||
#define RESULT_ERROR -1
|
||||
#define RESULT_OK 0
|
||||
|
||||
struct kblb_tag {
|
||||
uint32_t flag;
|
||||
uint32_t offset;
|
||||
|
@ -59,7 +68,7 @@ struct kblb_hdr {
|
|||
*/
|
||||
#if defined(CONFIG_DUAL_BOOTLOADER) && defined(CONFIG_SPL_BUILD)
|
||||
kblb_tag_t bootloader_rbk_tags;
|
||||
#else
|
||||
#endif
|
||||
/* public key keyblb tag */
|
||||
kblb_tag_t pubk_tag;
|
||||
/* vbmeta rollback index keyblb tag */
|
||||
|
@ -68,7 +77,6 @@ struct kblb_hdr {
|
|||
/* Android Things key versions rollback index keyblb tag */
|
||||
kblb_tag_t atx_rbk_tags[AVB_MAX_NUMBER_OF_ROLLBACK_INDEX_LOCATIONS];
|
||||
#endif
|
||||
#endif
|
||||
};
|
||||
typedef struct kblb_hdr kblb_hdr_t;
|
||||
|
||||
|
@ -93,4 +101,8 @@ int rpmb_write(struct mmc *mmc, uint8_t *buffer, size_t num_bytes,
|
|||
|
||||
int check_rpmb_blob(struct mmc *mmc);
|
||||
bool rpmbkey_is_set(void);
|
||||
int fsl_fuse_write(const uint32_t *buffer, uint32_t length, uint32_t offset);
|
||||
int fsl_fuse_read(uint32_t *buffer, uint32_t length, uint32_t offset);
|
||||
int permanent_attributes_sha256_hash(unsigned char* output);
|
||||
struct mmc *get_mmc(void);
|
||||
#endif
|
||||
|
|
Loading…
Reference in New Issue