diff options
author | Ji Luo <ji.luo@nxp.com> | 2018-11-30 10:21:35 +0800 |
---|---|---|
committer | Ji Luo <ji.luo@nxp.com> | 2018-12-04 10:39:07 +0800 |
commit | 0e8b4af40671aee9e6fa656870aa00efb44a4116 (patch) | |
tree | ce13dbdc5397e37ddf83e33dbee74b3b06071d0a /lib | |
parent | 6192aff56871a4f88c8ac23d9ca2b6131c579f1f (diff) |
MA-13629 [Trusty] Add commands to set vbmeta public key
Add commands to write/read vbmeta public key to/from secure
storage. The vbmeta public key can only be set once.
Comands to set the public key:
fastboot stage <path-to-your-public-key>
fastboot oem set-public-key
Test: build and boot on imx8qxp_mek.
Change-Id: Id3ad4aa5aacef4fc8443f6a2d6ccb931310970ca
Signed-off-by: Ji Luo <ji.luo@nxp.com>
Diffstat (limited to 'lib')
-rw-r--r-- | lib/avb/fsl/fsl_avb.c | 22 | ||||
-rw-r--r-- | lib/avb/fsl/fsl_avbkey.c | 16 | ||||
-rw-r--r-- | lib/trusty/ql-tipc/avb.c | 23 |
3 files changed, 58 insertions, 3 deletions
diff --git a/lib/avb/fsl/fsl_avb.c b/lib/avb/fsl/fsl_avb.c index ee9f34f205..fce01fc439 100644 --- a/lib/avb/fsl/fsl_avb.c +++ b/lib/avb/fsl/fsl_avb.c @@ -20,7 +20,7 @@ #include "fsl_atx_attributes.h" #define FSL_AVB_DEV "mmc" - +#define AVB_MAX_BUFFER_LENGTH 2048 static struct blk_desc *fs_dev_desc = NULL; static struct blk_desc *get_mmc_desc(void) { @@ -604,11 +604,27 @@ AvbIOResult fsl_validate_vbmeta_public_key_rpmb(AvbOps* ops, assert(ops != NULL && out_is_trusted != NULL); *out_is_trusted = false; +#if defined(CONFIG_IMX_TRUSTY_OS) && defined(CONFIG_ANDROID_AUTO_SUPPORT) + uint8_t public_key_buf[AVB_MAX_BUFFER_LENGTH]; + if (trusty_read_vbmeta_public_key(public_key_buf, + public_key_length) != 0) { + ERR("Read public key error\n"); + /* We're not going to return error code here because it will + * abort the following avb verify process even we allow the + * verification error. Return AVB_IO_RESULT_OK and keep the + * 'out_is_trusted' as false, avb will handle the error + * depends on the 'allow_verification_error' flag. + */ + return AVB_IO_RESULT_OK; + } + + if (memcmp(public_key_buf, public_key_data, public_key_length)) { +#else /* match given public key */ if (memcmp(fsl_public_key, public_key_data, public_key_length)) { - ret = AVB_IO_RESULT_ERROR_IO; +#endif ERR("public key not match\n"); - return AVB_IO_RESULT_ERROR_IO; + return AVB_IO_RESULT_OK; } *out_is_trusted = true; diff --git a/lib/avb/fsl/fsl_avbkey.c b/lib/avb/fsl/fsl_avbkey.c index 890ff71322..85428db029 100644 --- a/lib/avb/fsl/fsl_avbkey.c +++ b/lib/avb/fsl/fsl_avbkey.c @@ -15,6 +15,7 @@ #include <mapmem.h> #include <fsl_avb.h> +#include "trusty/avb.h" #ifdef CONFIG_IMX_TRUSTY_OS #include <trusty/libtipc.h> #endif @@ -1127,5 +1128,20 @@ fail: return ret; } + +int avb_set_public_key(uint8_t *staged_buffer, uint32_t size) { + + if ((staged_buffer == NULL) || (size <= 0)) { + ERR("Error. Get null staged_buffer\n"); + return -1; + } + if (trusty_write_vbmeta_public_key(staged_buffer, size)) { + ERR("Error. Failed to write vbmeta public key into secure storage\n"); + return -1; + } else + printf("Set vbmeta public key successfully!\n"); + + return 0; +} #endif /* CONFIG_IMX_TRUSTY_OS && CONFIG_ANDROID_AUTO_SUPPORT */ #endif /* CONFIG_SPL_BUILD */ diff --git a/lib/trusty/ql-tipc/avb.c b/lib/trusty/ql-tipc/avb.c index 2f2a418a44..b8dab40a4a 100644 --- a/lib/trusty/ql-tipc/avb.c +++ b/lib/trusty/ql-tipc/avb.c @@ -220,6 +220,29 @@ int trusty_write_permanent_attributes(uint8_t *attributes, uint32_t size) NULL); } +int trusty_read_vbmeta_public_key(uint8_t *publickey, uint32_t size) +{ + uint8_t resp_buf[AVB_MAX_BUFFER_LENGTH]; + uint32_t resp_size = AVB_MAX_BUFFER_LENGTH; + int rc = avb_do_tipc(READ_VBMETA_PUBLIC_KEY, NULL, 0, resp_buf, + &resp_size); + if (rc != 0) { + return rc; + } + /* ensure caller passed size matches size returned by Trusty */ + if (size != resp_size) { + return TRUSTY_ERR_INVALID_ARGS; + } + trusty_memcpy(publickey, resp_buf, resp_size); + return rc; +} + +int trusty_write_vbmeta_public_key(uint8_t *publickey, uint32_t size) +{ + return avb_do_tipc(WRITE_VBMETA_PUBLIC_KEY, publickey, size, NULL, + NULL); +} + int trusty_read_lock_state(uint8_t *lock_state) { uint32_t resp_size = sizeof(*lock_state); |