diff options
| author | Ji Luo <ji.luo@nxp.com> | 2019-07-17 12:21:09 +0800 |
|---|---|---|
| committer | Ji Luo <ji.luo@nxp.com> | 2020-05-15 17:34:30 +0800 |
| commit | 0221aefb405c8ad72bef2f5a4bdeaf350f533228 (patch) | |
| tree | 2fc35f336625e8e168395bfdb2d4346e80ec5192 /lib | |
| parent | c4d8f9d5db2448810f7f5c6d58849f988073a8df (diff) | |
MA-15151 Limit some hwcrypto commands within bootloader
It can be dangerous to export some hwcrypto commands to Linux,
add commands to limit some commands within bootloader.
Test: hwcrypto commands can't be used after locking boot state.
Change-Id: Ib0a96a87f661778c133178840d8dccf49f151c22
Signed-off-by: Ji Luo <ji.luo@nxp.com>
(cherry picked from commit 3fc3f521957677b1f363624494ed866985a25505)
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/trusty/ql-tipc/hwcrypto.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/lib/trusty/ql-tipc/hwcrypto.c b/lib/trusty/ql-tipc/hwcrypto.c index 50532b005b3..800b759c538 100644 --- a/lib/trusty/ql-tipc/hwcrypto.c +++ b/lib/trusty/ql-tipc/hwcrypto.c @@ -262,3 +262,8 @@ int hwcrypto_gen_bkek(uint32_t buf, uint32_t len) sizeof(req), NULL, 0, false); return rc; } + +int hwcrypto_lock_boot_state(void) +{ + return hwcrypto_do_tipc(HWCRYPTO_LOCK_BOOT_STATE, NULL, 0, NULL, 0, false); +} |