Eric Lee / smarc-uboot

1
Download as
Browse Code ยป

Commit bb0c880bb2cd5d9414b4c167eac546682a5d5ccc

Authored by Ji Luo
Committed by Ye Li
1 parent 84b14fc41e
Exists in smarc_8mq_lf_v2020.04 and in 4 other branches pitx_8mp_lf_v2020.04, smarc-8m-android-11.0.0_2.0.0, smarc-8mp-android-11.0.0_2.0.0, smarc_8mp_lf_v2020.04

MA-17144 Only do security check for rpmb key flashed boards 

Only check the bootloader rollback index and trusty keyslot package
for rpmb key flashed boards.

Test: boots on boards without rpmb key.

Change-Id: I130e4d906c0f08d602eac820ec5612214e01ff55
Signed-off-by: Ji Luo <ji.luo@nxp.com>

Showing 1 changed file with 14 additions and 10 deletions Side-by-side Diff

lib/avb/fsl/fsl_avb_ab_flow.c
Diff comments   View file @ bb0c880
... ... @@ -377,12 +377,14 @@
377 377  
378 378 #if !defined(CONFIG_XEN) && defined(CONFIG_IMX_TRUSTY_OS)
379 379 /* Image loaded successfully, go to verify rollback index */
380   - if (!ret)
381   - ret = spl_verify_rbidx(mmc, &ab_data.slots[target_slot], spl_image);
  380 + if (rpmbkey_is_set()) {
  381 + if (!ret)
  382 + ret = spl_verify_rbidx(mmc, &ab_data.slots[target_slot], spl_image);
382 383  
383   - /* Copy rpmb keyslot to secure memory. */
384   - if (!ret)
385   - fill_secure_keyslot_package(&kp);
  384 + /* Copy rpmb keyslot to secure memory. */
  385 + if (!ret)
  386 + fill_secure_keyslot_package(&kp);
  387 + }
386 388 #endif
387 389 }
388 390  
389 391  
... ... @@ -457,12 +459,14 @@
457 459  
458 460 #if !defined(CONFIG_XEN) && defined(CONFIG_IMX_TRUSTY_OS)
459 461 /* Image loaded successfully, go to verify rollback index */
460   - if (!ret)
461   - ret = spl_verify_rbidx(mmc, &ab_data.slots[target_slot], spl_image);
  462 + if (rpmbkey_is_set()) {
  463 + if (!ret)
  464 + ret = spl_verify_rbidx(mmc, &ab_data.slots[target_slot], spl_image);
462 465  
463   - /* Copy rpmb keyslot to secure memory. */
464   - if (!ret)
465   - fill_secure_keyslot_package(&kp);
  466 + /* Copy rpmb keyslot to secure memory. */
  467 + if (!ret)
  468 + fill_secure_keyslot_package(&kp);
  469 + }
466 470 #endif
467 471 }
468 472