Commit f39aa82a3dbcab9ac0807b794e524c9226fdf69a
1 parent
e26db8caf2
Exists in
smarc-imx_v2018.03_4.14.78_1.0.0_ga
MA-13487 Refine fsl avb functions
Too many macros are used in fsl_avbkey.c and make it difficult to maintain. This patch made some refine by: 1. Move all avb/atx operations to fsl_avb.c. 2. Refine the functions logic. 3. Drop some unsupported conditions/functions. Test: build and boot on imx8qm_mek/imx8mq_evk/imx6qp_sabresd/imx7d_pico/imx8m_aiy. Change-Id: I5c99732acfc47d53cdf188d69223983777e577f4 Signed-off-by: Luo Ji <ji.luo@nxp.com>
Showing 10 changed files with 1094 additions and 1275 deletions Side-by-side Diff
- configs/pico-imx7d-trusty_defconfig
- drivers/usb/gadget/f_fastboot.c
- include/configs/imx8qm_mek_android_auto.h
- include/configs/imx8qxp_mek_android_auto.h
- lib/avb/fsl/Makefile
- lib/avb/fsl/fsl_atx_attributes.c
- lib/avb/fsl/fsl_atx_attributes.h
- lib/avb/fsl/fsl_avb.c
- lib/avb/fsl/fsl_avbkey.c
- lib/avb/fsl/fsl_avbkey.h
configs/pico-imx7d-trusty_defconfig
drivers/usb/gadget/f_fastboot.c
... | ... | @@ -933,18 +933,6 @@ |
933 | 933 | { |
934 | 934 | if (download_bytes) { |
935 | 935 | struct fastboot_ptentry *ptn; |
936 | -#if defined(AVB_RPMB) && !defined(CONFIG_ARM64) | |
937 | - if (!strcmp_l1(FASTBOOT_PARTITION_AVBKEY, cmdbuf)) { | |
938 | - printf("pubkey len %d\n", download_bytes); | |
939 | - if (avbkey_init(interface.transfer_buffer, download_bytes) != 0) { | |
940 | - fastboot_fail("fail to Write partition"); | |
941 | - } else { | |
942 | - printf("init 'avbkey' DONE!\n"); | |
943 | - fastboot_okay("OKAY"); | |
944 | - } | |
945 | - return; | |
946 | - } | |
947 | -#endif | |
948 | 936 | |
949 | 937 | /* Next is the partition name */ |
950 | 938 | ptn = fastboot_flash_find_ptn(cmdbuf); |
include/configs/imx8qm_mek_android_auto.h
include/configs/imx8qxp_mek_android_auto.h
lib/avb/fsl/Makefile
lib/avb/fsl/fsl_atx_attributes.c
1 | +/* | |
2 | + * Copyright 2018 NXP | |
3 | + * | |
4 | + * SPDX-License-Identifier: GPL-2.0+ | |
5 | + */ | |
6 | + | |
7 | +/* This product_id is generated from | |
8 | + * extern/avb/test/data/atx_product_id.bin */ | |
9 | +unsigned char fsl_atx_product_id[16] = { | |
10 | + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, | |
11 | + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 | |
12 | +}; | |
13 | +/* This product_root_public_key is generated form | |
14 | + * extern/avb/test/data/testkey_atx_prk.pem */ | |
15 | +unsigned char fsl_product_root_public_key[1032] = { | |
16 | + 0x00,0x00,0x10,0x00,0x9f,0x35,0xef,0x65, | |
17 | + 0xc3,0x29,0x4c,0x23,0x16,0x10,0xac,0x32, | |
18 | + 0xc1,0x3c,0xd5,0xc5,0xab,0xa1,0xd9,0xe7, | |
19 | + 0x13,0x3f,0x7e,0xd1,0xe6,0x61,0x5d,0xa3, | |
20 | + 0xa1,0x60,0xda,0x57,0x4b,0xb2,0xe6,0x0f, | |
21 | + 0xe1,0x50,0xbf,0x47,0xff,0x09,0xaf,0xcd, | |
22 | + 0x49,0x2d,0x82,0x33,0x76,0xa1,0xfe,0x28, | |
23 | + 0x5f,0x89,0x62,0xb3,0xc0,0xf1,0x11,0xaf, | |
24 | + 0x15,0x09,0x27,0xdb,0xeb,0x06,0x01,0xa2, | |
25 | + 0xf8,0xb7,0xd7,0x9c,0xe4,0x88,0x3a,0x86, | |
26 | + 0x05,0x02,0x20,0x69,0xb2,0x36,0x4c,0x3e, | |
27 | + 0x25,0x03,0xed,0xfc,0x0c,0x6b,0x1b,0x0a, | |
28 | + 0x04,0x9c,0xce,0x7f,0x83,0x82,0x60,0xd9, | |
29 | + 0x52,0x7e,0xc4,0x35,0x7b,0x1c,0xe6,0x64, | |
30 | + 0x9c,0x17,0xec,0x81,0xe7,0x9c,0x0c,0x8b, | |
31 | + 0x4b,0x7e,0x48,0xbe,0x00,0x98,0xa8,0x20, | |
32 | + 0x10,0x4c,0x9b,0xd1,0x16,0x5b,0x25,0xe9, | |
33 | + 0x4e,0x61,0xda,0x7c,0x63,0x80,0x8f,0xa4, | |
34 | + 0xac,0x74,0xee,0xa8,0x06,0xac,0x26,0xd5, | |
35 | + 0x71,0x6f,0xaa,0x73,0x20,0x9c,0x7f,0xcd, | |
36 | + 0x73,0xd4,0xa9,0xa0,0x7e,0x5a,0xb5,0x61, | |
37 | + 0xb0,0x88,0xb0,0xdd,0xdb,0x6b,0x79,0xd1, | |
38 | + 0x5a,0x9e,0x54,0x49,0x55,0xc6,0x89,0x76, | |
39 | + 0x7a,0xc6,0x78,0x99,0xdc,0xc9,0x00,0x5d, | |
40 | + 0x20,0xf5,0xfc,0x8f,0x39,0x46,0xf3,0x02, | |
41 | + 0x96,0x0d,0x9b,0xfb,0xbc,0xd5,0xcf,0x5a, | |
42 | + 0x4f,0xc4,0xb8,0x0b,0xd0,0xf3,0x19,0x3c, | |
43 | + 0x74,0x04,0xd5,0x94,0x2c,0x19,0x15,0x64, | |
44 | + 0xbf,0x53,0x67,0x97,0x7b,0x9e,0xc6,0xe0, | |
45 | + 0xfb,0x29,0x5b,0x90,0xad,0x04,0x8a,0xd8, | |
46 | + 0x5b,0xdf,0x69,0x09,0xe4,0xa5,0xe9,0xd9, | |
47 | + 0x0f,0xc4,0xff,0xae,0xb7,0x44,0x12,0xae, | |
48 | + 0xad,0x03,0x97,0xb8,0xda,0xd7,0x60,0x37, | |
49 | + 0x15,0xf2,0xb9,0xdb,0x10,0xf6,0xe2,0x26, | |
50 | + 0x48,0x7e,0x3e,0x3e,0xc3,0x67,0xd3,0xa6, | |
51 | + 0x02,0xf7,0xbc,0x60,0xed,0x45,0xdf,0x37, | |
52 | + 0xef,0xf9,0xea,0x97,0x5f,0x37,0xb4,0xeb, | |
53 | + 0xb4,0x91,0x6c,0x39,0x4d,0xed,0x52,0x15, | |
54 | + 0x39,0x47,0x59,0x62,0xde,0x32,0x55,0xe1, | |
55 | + 0xd4,0x15,0x58,0x7d,0x52,0x41,0x12,0x78, | |
56 | + 0xee,0x9f,0x0d,0xc8,0x5e,0x34,0x91,0xf9, | |
57 | + 0xe7,0x4c,0x1e,0xe7,0x2f,0x90,0x7f,0xbb, | |
58 | + 0xf8,0x99,0x3e,0xc9,0x79,0xab,0x01,0xdb, | |
59 | + 0x24,0x39,0xe3,0xb4,0xc9,0x52,0x73,0xdb, | |
60 | + 0x65,0x42,0xa5,0x2e,0x43,0x56,0xa0,0x33, | |
61 | + 0x8c,0x1a,0xb7,0xa1,0xed,0x5c,0xd0,0x14, | |
62 | + 0x93,0x8d,0x23,0x78,0x93,0xcb,0x3a,0x03, | |
63 | + 0x1f,0xbb,0xc6,0x7b,0xcd,0x51,0x4e,0xaa, | |
64 | + 0x14,0x01,0xe9,0x03,0x27,0x13,0xe2,0xb2, | |
65 | + 0xf8,0x36,0xc6,0xe3,0xc3,0x7f,0xb5,0x74, | |
66 | + 0x20,0x5e,0x17,0xaa,0x25,0x07,0x9b,0x60, | |
67 | + 0xda,0x83,0x98,0xb5,0x55,0xae,0x1b,0x7a, | |
68 | + 0xc1,0x1f,0x49,0x72,0xe2,0xcb,0x6a,0x11, | |
69 | + 0x77,0xdf,0x3f,0xc0,0x9f,0x8f,0x33,0xc7, | |
70 | + 0x10,0x17,0x8c,0xfc,0xd5,0xb7,0x5f,0x5e, | |
71 | + 0xb2,0xe3,0x7b,0x2e,0xdc,0xc7,0x34,0xdb, | |
72 | + 0x31,0xb0,0xdc,0x5d,0x14,0x98,0xb6,0x1a, | |
73 | + 0x2a,0xd4,0xb4,0x04,0x2c,0xf0,0x68,0x1c, | |
74 | + 0x91,0x60,0x28,0xa5,0x3b,0x01,0x98,0xb6, | |
75 | + 0x1e,0x6e,0xaa,0x35,0x89,0xc7,0x94,0xaa, | |
76 | + 0x9e,0xf0,0x11,0x52,0x0f,0x28,0xa1,0x3d, | |
77 | + 0xd3,0x17,0xb5,0x08,0xd8,0x7a,0x41,0xf9, | |
78 | + 0x07,0xe2,0x87,0x36,0xcd,0x86,0x3e,0x79, | |
79 | + 0x99,0x73,0x50,0x21,0x30,0x00,0xd2,0xf3, | |
80 | + 0x88,0x60,0x32,0x59,0x58,0x2f,0x55,0x93, | |
81 | + 0x86,0x56,0x9a,0x96,0xb9,0xf8,0xbf,0x24, | |
82 | + 0xc4,0xba,0xea,0xa4,0x73,0xb0,0x0c,0xa6, | |
83 | + 0xdb,0x09,0x2d,0x0a,0x36,0x3f,0x80,0xe6, | |
84 | + 0x85,0x7a,0xf3,0x01,0x90,0x3a,0xc6,0xee, | |
85 | + 0x2d,0xa8,0xce,0xb4,0x3f,0x3a,0xa6,0xa3, | |
86 | + 0xaf,0xb9,0x21,0xef,0x40,0x6f,0xf4,0x7f, | |
87 | + 0x78,0x25,0x55,0x39,0x53,0x67,0x53,0x56, | |
88 | + 0x8d,0x81,0xaf,0x63,0x97,0x68,0x86,0x75, | |
89 | + 0x66,0x14,0x1e,0xa6,0x63,0x1e,0x02,0xd0, | |
90 | + 0x41,0xd8,0x78,0x75,0x0d,0x76,0x77,0xfa, | |
91 | + 0x9c,0xc5,0xcc,0x54,0x06,0x25,0x53,0x95, | |
92 | + 0xeb,0x4b,0x7c,0xb4,0xc8,0xbb,0x5d,0x6b, | |
93 | + 0x6e,0xf0,0xd7,0x8d,0x3f,0xdf,0x93,0x4c, | |
94 | + 0x30,0x5b,0x02,0xf5,0x0e,0x49,0x87,0x60, | |
95 | + 0x5f,0x19,0x06,0x24,0x3d,0x5d,0x97,0x37, | |
96 | + 0x61,0xef,0x3e,0x0b,0x9e,0x85,0x1c,0x1a, | |
97 | + 0xa6,0x53,0x91,0xd2,0x2c,0x18,0x7c,0x8f, | |
98 | + 0x5b,0x4a,0xd5,0xdd,0xd9,0x8a,0xc3,0x92, | |
99 | + 0x19,0x54,0x39,0xde,0x33,0xa1,0xe1,0x37, | |
100 | + 0x60,0x3c,0x3b,0x3b,0xc5,0xed,0x1b,0xef, | |
101 | + 0x28,0xf5,0xdf,0x44,0x91,0xa3,0x1e,0x69, | |
102 | + 0x6a,0x35,0x85,0x6e,0x26,0x46,0x22,0x4d, | |
103 | + 0x87,0x92,0x44,0x6b,0x96,0xdb,0x75,0xfe, | |
104 | + 0x76,0x03,0x60,0xf7,0xfd,0x90,0x55,0x7d, | |
105 | + 0x6e,0xd7,0xaa,0x44,0x05,0xc7,0x23,0x37, | |
106 | + 0x12,0xa8,0xd4,0xb2,0x2b,0xed,0x41,0x5f, | |
107 | + 0x23,0x38,0x7c,0x16,0xe6,0x16,0xd3,0x10, | |
108 | + 0x19,0x12,0xcc,0x8b,0x6e,0xcd,0xd6,0xa6, | |
109 | + 0x39,0x8a,0x1b,0x24,0x3f,0x4d,0x6f,0xa6, | |
110 | + 0x00,0x7c,0xa0,0xa1,0x4a,0xfd,0xcd,0x68, | |
111 | + 0x50,0x76,0xc8,0x68,0x9d,0xeb,0xdf,0x24, | |
112 | + 0x39,0xaf,0x77,0xb2,0xb6,0xaf,0xb6,0x34, | |
113 | + 0x61,0x37,0x6a,0xfd,0xc7,0x6d,0x02,0x9f, | |
114 | + 0x29,0xd5,0x45,0xf4,0x89,0xd8,0x8c,0x5c, | |
115 | + 0xd3,0x31,0xa0,0x58,0x19,0x54,0x33,0x46, | |
116 | + 0x92,0xbc,0x1e,0x4b,0x14,0xac,0x73,0xa5, | |
117 | + 0x09,0x9f,0xb6,0x2b,0x2b,0x73,0x6b,0x83, | |
118 | + 0x86,0x13,0x6e,0x03,0xf7,0xe0,0x7d,0x81, | |
119 | + 0x47,0x18,0x08,0xea,0x09,0x10,0x24,0x61, | |
120 | + 0x6d,0x09,0x1d,0xb8,0x8e,0xba,0x04,0x4d, | |
121 | + 0xcc,0xe6,0xff,0x28,0x27,0x86,0x38,0x01, | |
122 | + 0x86,0xbe,0xf0,0x5b,0xf8,0x1a,0xd6,0xde, | |
123 | + 0xbe,0xf9,0x3b,0x76,0x3f,0x85,0x82,0x22, | |
124 | + 0x92,0x4b,0xe0,0x76,0x15,0xb2,0x57,0x5a, | |
125 | + 0xb0,0x64,0xde,0xce,0x93,0xb8,0x9f,0x25, | |
126 | + 0x53,0x8c,0x5e,0xdf,0x29,0x4e,0x50,0x69, | |
127 | + 0xfb,0x7e,0x33,0xcb,0x0e,0x28,0x01,0x6c, | |
128 | + 0xab,0xfa,0xd8,0x88,0x02,0xbc,0xf2,0xb1, | |
129 | + 0x0e,0x2f,0x6d,0x1c,0x8d,0xe4,0x11,0x23, | |
130 | + 0xcc,0x67,0x94,0x7b,0xf7,0x8a,0xf3,0x68, | |
131 | + 0x52,0xe4,0x82,0x25,0x86,0xc6,0x72,0x19, | |
132 | + 0x77,0x80,0x28,0xe3,0x86,0xc8,0x8a,0xea, | |
133 | + 0x3d,0x54,0x2f,0x0b,0x64,0x0a,0xc5,0x12, | |
134 | + 0x8c,0xb2,0x07,0x72,0x1b,0x09,0x9f,0x32, | |
135 | + 0xbd,0xa3,0xb0,0x0c,0x95,0xc8,0x4d,0xe5, | |
136 | + 0xd7,0x20,0xdb,0xf8,0x34,0x2a,0x9d,0x91, | |
137 | + 0x58,0x38,0x7a,0x9c,0xe0,0xa3,0x0f,0x40, | |
138 | + 0x9d,0xff,0xeb,0x4b,0xe2,0x16,0x94,0x32, | |
139 | + 0xce,0xe8,0x52,0x75,0x49,0xf4,0x71,0x13, | |
140 | + 0xbc,0x59,0x7d,0x9a,0xe8,0x60,0x29,0x58, | |
141 | + 0x1a,0x14,0x94,0xe6,0x37,0x23,0xad,0xfe, | |
142 | + 0x0b,0xf0,0x63,0x60,0x4f,0x5d,0x10,0x91, | |
143 | + 0xf2,0x50,0x8e,0x0b,0x4a,0x47,0xc9,0x0c, | |
144 | + 0x1f,0xdc,0x94,0x75,0x25,0x52,0x99,0xfc | |
145 | +}; |
lib/avb/fsl/fsl_atx_attributes.h
1 | 1 | /* |
2 | - * Copyright 2017 NXP | |
2 | + * Copyright 2018 NXP | |
3 | 3 | * |
4 | 4 | * SPDX-License-Identifier: GPL-2.0+ |
5 | 5 | */ |
6 | 6 | |
7 | 7 | |
... | ... | @@ -10,144 +10,10 @@ |
10 | 10 | #define fsl_version 1 |
11 | 11 | /* This product_id is generated from |
12 | 12 | * extern/avb/test/data/atx_product_id.bin */ |
13 | -unsigned char fsl_atx_product_id[] = { | |
14 | - 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, | |
15 | - 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 | |
16 | -}; | |
13 | +extern unsigned char fsl_atx_product_id[17]; | |
17 | 14 | /* This product_root_public_key is generated form |
18 | 15 | * extern/avb/test/data/testkey_atx_prk.pem */ |
19 | -unsigned char fsl_product_root_public_key[] = { | |
20 | - 0x00,0x00,0x10,0x00,0x9f,0x35,0xef,0x65, | |
21 | - 0xc3,0x29,0x4c,0x23,0x16,0x10,0xac,0x32, | |
22 | - 0xc1,0x3c,0xd5,0xc5,0xab,0xa1,0xd9,0xe7, | |
23 | - 0x13,0x3f,0x7e,0xd1,0xe6,0x61,0x5d,0xa3, | |
24 | - 0xa1,0x60,0xda,0x57,0x4b,0xb2,0xe6,0x0f, | |
25 | - 0xe1,0x50,0xbf,0x47,0xff,0x09,0xaf,0xcd, | |
26 | - 0x49,0x2d,0x82,0x33,0x76,0xa1,0xfe,0x28, | |
27 | - 0x5f,0x89,0x62,0xb3,0xc0,0xf1,0x11,0xaf, | |
28 | - 0x15,0x09,0x27,0xdb,0xeb,0x06,0x01,0xa2, | |
29 | - 0xf8,0xb7,0xd7,0x9c,0xe4,0x88,0x3a,0x86, | |
30 | - 0x05,0x02,0x20,0x69,0xb2,0x36,0x4c,0x3e, | |
31 | - 0x25,0x03,0xed,0xfc,0x0c,0x6b,0x1b,0x0a, | |
32 | - 0x04,0x9c,0xce,0x7f,0x83,0x82,0x60,0xd9, | |
33 | - 0x52,0x7e,0xc4,0x35,0x7b,0x1c,0xe6,0x64, | |
34 | - 0x9c,0x17,0xec,0x81,0xe7,0x9c,0x0c,0x8b, | |
35 | - 0x4b,0x7e,0x48,0xbe,0x00,0x98,0xa8,0x20, | |
36 | - 0x10,0x4c,0x9b,0xd1,0x16,0x5b,0x25,0xe9, | |
37 | - 0x4e,0x61,0xda,0x7c,0x63,0x80,0x8f,0xa4, | |
38 | - 0xac,0x74,0xee,0xa8,0x06,0xac,0x26,0xd5, | |
39 | - 0x71,0x6f,0xaa,0x73,0x20,0x9c,0x7f,0xcd, | |
40 | - 0x73,0xd4,0xa9,0xa0,0x7e,0x5a,0xb5,0x61, | |
41 | - 0xb0,0x88,0xb0,0xdd,0xdb,0x6b,0x79,0xd1, | |
42 | - 0x5a,0x9e,0x54,0x49,0x55,0xc6,0x89,0x76, | |
43 | - 0x7a,0xc6,0x78,0x99,0xdc,0xc9,0x00,0x5d, | |
44 | - 0x20,0xf5,0xfc,0x8f,0x39,0x46,0xf3,0x02, | |
45 | - 0x96,0x0d,0x9b,0xfb,0xbc,0xd5,0xcf,0x5a, | |
46 | - 0x4f,0xc4,0xb8,0x0b,0xd0,0xf3,0x19,0x3c, | |
47 | - 0x74,0x04,0xd5,0x94,0x2c,0x19,0x15,0x64, | |
48 | - 0xbf,0x53,0x67,0x97,0x7b,0x9e,0xc6,0xe0, | |
49 | - 0xfb,0x29,0x5b,0x90,0xad,0x04,0x8a,0xd8, | |
50 | - 0x5b,0xdf,0x69,0x09,0xe4,0xa5,0xe9,0xd9, | |
51 | - 0x0f,0xc4,0xff,0xae,0xb7,0x44,0x12,0xae, | |
52 | - 0xad,0x03,0x97,0xb8,0xda,0xd7,0x60,0x37, | |
53 | - 0x15,0xf2,0xb9,0xdb,0x10,0xf6,0xe2,0x26, | |
54 | - 0x48,0x7e,0x3e,0x3e,0xc3,0x67,0xd3,0xa6, | |
55 | - 0x02,0xf7,0xbc,0x60,0xed,0x45,0xdf,0x37, | |
56 | - 0xef,0xf9,0xea,0x97,0x5f,0x37,0xb4,0xeb, | |
57 | - 0xb4,0x91,0x6c,0x39,0x4d,0xed,0x52,0x15, | |
58 | - 0x39,0x47,0x59,0x62,0xde,0x32,0x55,0xe1, | |
59 | - 0xd4,0x15,0x58,0x7d,0x52,0x41,0x12,0x78, | |
60 | - 0xee,0x9f,0x0d,0xc8,0x5e,0x34,0x91,0xf9, | |
61 | - 0xe7,0x4c,0x1e,0xe7,0x2f,0x90,0x7f,0xbb, | |
62 | - 0xf8,0x99,0x3e,0xc9,0x79,0xab,0x01,0xdb, | |
63 | - 0x24,0x39,0xe3,0xb4,0xc9,0x52,0x73,0xdb, | |
64 | - 0x65,0x42,0xa5,0x2e,0x43,0x56,0xa0,0x33, | |
65 | - 0x8c,0x1a,0xb7,0xa1,0xed,0x5c,0xd0,0x14, | |
66 | - 0x93,0x8d,0x23,0x78,0x93,0xcb,0x3a,0x03, | |
67 | - 0x1f,0xbb,0xc6,0x7b,0xcd,0x51,0x4e,0xaa, | |
68 | - 0x14,0x01,0xe9,0x03,0x27,0x13,0xe2,0xb2, | |
69 | - 0xf8,0x36,0xc6,0xe3,0xc3,0x7f,0xb5,0x74, | |
70 | - 0x20,0x5e,0x17,0xaa,0x25,0x07,0x9b,0x60, | |
71 | - 0xda,0x83,0x98,0xb5,0x55,0xae,0x1b,0x7a, | |
72 | - 0xc1,0x1f,0x49,0x72,0xe2,0xcb,0x6a,0x11, | |
73 | - 0x77,0xdf,0x3f,0xc0,0x9f,0x8f,0x33,0xc7, | |
74 | - 0x10,0x17,0x8c,0xfc,0xd5,0xb7,0x5f,0x5e, | |
75 | - 0xb2,0xe3,0x7b,0x2e,0xdc,0xc7,0x34,0xdb, | |
76 | - 0x31,0xb0,0xdc,0x5d,0x14,0x98,0xb6,0x1a, | |
77 | - 0x2a,0xd4,0xb4,0x04,0x2c,0xf0,0x68,0x1c, | |
78 | - 0x91,0x60,0x28,0xa5,0x3b,0x01,0x98,0xb6, | |
79 | - 0x1e,0x6e,0xaa,0x35,0x89,0xc7,0x94,0xaa, | |
80 | - 0x9e,0xf0,0x11,0x52,0x0f,0x28,0xa1,0x3d, | |
81 | - 0xd3,0x17,0xb5,0x08,0xd8,0x7a,0x41,0xf9, | |
82 | - 0x07,0xe2,0x87,0x36,0xcd,0x86,0x3e,0x79, | |
83 | - 0x99,0x73,0x50,0x21,0x30,0x00,0xd2,0xf3, | |
84 | - 0x88,0x60,0x32,0x59,0x58,0x2f,0x55,0x93, | |
85 | - 0x86,0x56,0x9a,0x96,0xb9,0xf8,0xbf,0x24, | |
86 | - 0xc4,0xba,0xea,0xa4,0x73,0xb0,0x0c,0xa6, | |
87 | - 0xdb,0x09,0x2d,0x0a,0x36,0x3f,0x80,0xe6, | |
88 | - 0x85,0x7a,0xf3,0x01,0x90,0x3a,0xc6,0xee, | |
89 | - 0x2d,0xa8,0xce,0xb4,0x3f,0x3a,0xa6,0xa3, | |
90 | - 0xaf,0xb9,0x21,0xef,0x40,0x6f,0xf4,0x7f, | |
91 | - 0x78,0x25,0x55,0x39,0x53,0x67,0x53,0x56, | |
92 | - 0x8d,0x81,0xaf,0x63,0x97,0x68,0x86,0x75, | |
93 | - 0x66,0x14,0x1e,0xa6,0x63,0x1e,0x02,0xd0, | |
94 | - 0x41,0xd8,0x78,0x75,0x0d,0x76,0x77,0xfa, | |
95 | - 0x9c,0xc5,0xcc,0x54,0x06,0x25,0x53,0x95, | |
96 | - 0xeb,0x4b,0x7c,0xb4,0xc8,0xbb,0x5d,0x6b, | |
97 | - 0x6e,0xf0,0xd7,0x8d,0x3f,0xdf,0x93,0x4c, | |
98 | - 0x30,0x5b,0x02,0xf5,0x0e,0x49,0x87,0x60, | |
99 | - 0x5f,0x19,0x06,0x24,0x3d,0x5d,0x97,0x37, | |
100 | - 0x61,0xef,0x3e,0x0b,0x9e,0x85,0x1c,0x1a, | |
101 | - 0xa6,0x53,0x91,0xd2,0x2c,0x18,0x7c,0x8f, | |
102 | - 0x5b,0x4a,0xd5,0xdd,0xd9,0x8a,0xc3,0x92, | |
103 | - 0x19,0x54,0x39,0xde,0x33,0xa1,0xe1,0x37, | |
104 | - 0x60,0x3c,0x3b,0x3b,0xc5,0xed,0x1b,0xef, | |
105 | - 0x28,0xf5,0xdf,0x44,0x91,0xa3,0x1e,0x69, | |
106 | - 0x6a,0x35,0x85,0x6e,0x26,0x46,0x22,0x4d, | |
107 | - 0x87,0x92,0x44,0x6b,0x96,0xdb,0x75,0xfe, | |
108 | - 0x76,0x03,0x60,0xf7,0xfd,0x90,0x55,0x7d, | |
109 | - 0x6e,0xd7,0xaa,0x44,0x05,0xc7,0x23,0x37, | |
110 | - 0x12,0xa8,0xd4,0xb2,0x2b,0xed,0x41,0x5f, | |
111 | - 0x23,0x38,0x7c,0x16,0xe6,0x16,0xd3,0x10, | |
112 | - 0x19,0x12,0xcc,0x8b,0x6e,0xcd,0xd6,0xa6, | |
113 | - 0x39,0x8a,0x1b,0x24,0x3f,0x4d,0x6f,0xa6, | |
114 | - 0x00,0x7c,0xa0,0xa1,0x4a,0xfd,0xcd,0x68, | |
115 | - 0x50,0x76,0xc8,0x68,0x9d,0xeb,0xdf,0x24, | |
116 | - 0x39,0xaf,0x77,0xb2,0xb6,0xaf,0xb6,0x34, | |
117 | - 0x61,0x37,0x6a,0xfd,0xc7,0x6d,0x02,0x9f, | |
118 | - 0x29,0xd5,0x45,0xf4,0x89,0xd8,0x8c,0x5c, | |
119 | - 0xd3,0x31,0xa0,0x58,0x19,0x54,0x33,0x46, | |
120 | - 0x92,0xbc,0x1e,0x4b,0x14,0xac,0x73,0xa5, | |
121 | - 0x09,0x9f,0xb6,0x2b,0x2b,0x73,0x6b,0x83, | |
122 | - 0x86,0x13,0x6e,0x03,0xf7,0xe0,0x7d,0x81, | |
123 | - 0x47,0x18,0x08,0xea,0x09,0x10,0x24,0x61, | |
124 | - 0x6d,0x09,0x1d,0xb8,0x8e,0xba,0x04,0x4d, | |
125 | - 0xcc,0xe6,0xff,0x28,0x27,0x86,0x38,0x01, | |
126 | - 0x86,0xbe,0xf0,0x5b,0xf8,0x1a,0xd6,0xde, | |
127 | - 0xbe,0xf9,0x3b,0x76,0x3f,0x85,0x82,0x22, | |
128 | - 0x92,0x4b,0xe0,0x76,0x15,0xb2,0x57,0x5a, | |
129 | - 0xb0,0x64,0xde,0xce,0x93,0xb8,0x9f,0x25, | |
130 | - 0x53,0x8c,0x5e,0xdf,0x29,0x4e,0x50,0x69, | |
131 | - 0xfb,0x7e,0x33,0xcb,0x0e,0x28,0x01,0x6c, | |
132 | - 0xab,0xfa,0xd8,0x88,0x02,0xbc,0xf2,0xb1, | |
133 | - 0x0e,0x2f,0x6d,0x1c,0x8d,0xe4,0x11,0x23, | |
134 | - 0xcc,0x67,0x94,0x7b,0xf7,0x8a,0xf3,0x68, | |
135 | - 0x52,0xe4,0x82,0x25,0x86,0xc6,0x72,0x19, | |
136 | - 0x77,0x80,0x28,0xe3,0x86,0xc8,0x8a,0xea, | |
137 | - 0x3d,0x54,0x2f,0x0b,0x64,0x0a,0xc5,0x12, | |
138 | - 0x8c,0xb2,0x07,0x72,0x1b,0x09,0x9f,0x32, | |
139 | - 0xbd,0xa3,0xb0,0x0c,0x95,0xc8,0x4d,0xe5, | |
140 | - 0xd7,0x20,0xdb,0xf8,0x34,0x2a,0x9d,0x91, | |
141 | - 0x58,0x38,0x7a,0x9c,0xe0,0xa3,0x0f,0x40, | |
142 | - 0x9d,0xff,0xeb,0x4b,0xe2,0x16,0x94,0x32, | |
143 | - 0xce,0xe8,0x52,0x75,0x49,0xf4,0x71,0x13, | |
144 | - 0xbc,0x59,0x7d,0x9a,0xe8,0x60,0x29,0x58, | |
145 | - 0x1a,0x14,0x94,0xe6,0x37,0x23,0xad,0xfe, | |
146 | - 0x0b,0xf0,0x63,0x60,0x4f,0x5d,0x10,0x91, | |
147 | - 0xf2,0x50,0x8e,0x0b,0x4a,0x47,0xc9,0x0c, | |
148 | - 0x1f,0xdc,0x94,0x75,0x25,0x52,0x99,0xfc | |
149 | -}; | |
16 | +extern unsigned char fsl_product_root_public_key[1032]; | |
150 | 17 | |
151 | -#endif | |
152 | -/* __FSL_ATX_ATTRIBUTES_H__ */ | |
18 | +#endif /* __FSL_ATX_ATTRIBUTES_H__ */ |
lib/avb/fsl/fsl_avb.c
... | ... | @@ -15,6 +15,9 @@ |
15 | 15 | #include "fsl_avbkey.h" |
16 | 16 | #include "utils.h" |
17 | 17 | #include "debug.h" |
18 | +#include "trusty/avb.h" | |
19 | +#include "fsl_public_key.h" | |
20 | +#include "fsl_atx_attributes.h" | |
18 | 21 | |
19 | 22 | #define FSL_AVB_DEV "mmc" |
20 | 23 | |
... | ... | @@ -435,4 +438,393 @@ |
435 | 438 | *out_size_num_bytes = (uint64_t)(pte->length * 512); |
436 | 439 | return AVB_IO_RESULT_OK; |
437 | 440 | } |
441 | + | |
442 | +#ifdef CONFIG_AVB_ATX | |
443 | +/* Reads permanent |attributes| data. There are no restrictions on where this | |
444 | + * data is stored. On success, returns AVB_IO_RESULT_OK and populates | |
445 | + * |attributes|. | |
446 | + */ | |
447 | +AvbIOResult fsl_read_permanent_attributes( | |
448 | + AvbAtxOps* atx_ops, AvbAtxPermanentAttributes* attributes) { | |
449 | +#ifdef CONFIG_IMX_TRUSTY_OS | |
450 | + if (!trusty_read_permanent_attributes((uint8_t *)attributes, | |
451 | + sizeof(AvbAtxPermanentAttributes))) { | |
452 | + return AVB_IO_RESULT_OK; | |
453 | + } | |
454 | + ERR("No perm-attr fused. Will use hard code one.\n"); | |
455 | +#endif /* CONFIG_IMX_TRUSTY_OS */ | |
456 | + | |
457 | + /* use hard code permanent attributes due to limited fuse and RPMB */ | |
458 | + attributes->version = fsl_version; | |
459 | + memcpy(attributes->product_root_public_key, fsl_product_root_public_key, | |
460 | + sizeof(fsl_product_root_public_key)); | |
461 | + memcpy(attributes->product_id, fsl_atx_product_id, | |
462 | + sizeof(fsl_atx_product_id)); | |
463 | + | |
464 | + return AVB_IO_RESULT_OK; | |
465 | +} | |
466 | + | |
467 | +/* Reads a |hash| of permanent attributes. This hash MUST be retrieved from a | |
468 | + * permanently read-only location (e.g. fuses) when a device is LOCKED. On | |
469 | + * success, returned AVB_IO_RESULT_OK and populates |hash|. | |
470 | + */ | |
471 | +AvbIOResult fsl_read_permanent_attributes_hash( | |
472 | + AvbAtxOps* atx_ops, uint8_t hash[AVB_SHA256_DIGEST_SIZE]) { | |
473 | +#ifdef CONFIG_ARM64 | |
474 | + /* calculate sha256(permanent attributes) */ | |
475 | + if (permanent_attributes_sha256_hash(hash) != RESULT_OK) { | |
476 | + return AVB_IO_RESULT_ERROR_IO; | |
477 | + } else { | |
478 | + return AVB_IO_RESULT_OK; | |
479 | + } | |
480 | +#else | |
481 | + uint8_t sha256_hash_buf[AVB_SHA256_DIGEST_SIZE]; | |
482 | + uint32_t sha256_hash_fuse[ATX_FUSE_BANK_NUM]; | |
483 | + | |
484 | + /* read first 112 bits of sha256(permanent attributes) from fuse */ | |
485 | + if (fsl_fuse_read(sha256_hash_fuse, ATX_FUSE_BANK_NUM, | |
486 | + PERMANENT_ATTRIBUTE_HASH_OFFSET)) { | |
487 | + printf("ERROR - read permanent attributes hash from " | |
488 | + "fuse error\n"); | |
489 | + return AVB_IO_RESULT_ERROR_IO; | |
490 | + } | |
491 | + /* only take the lower 2 bytes of last bank */ | |
492 | + sha256_hash_fuse[ATX_FUSE_BANK_NUM - 1] &= ATX_FUSE_BANK_MASK; | |
493 | + | |
494 | + /* calculate sha256(permanent attributes) */ | |
495 | + if (permanent_attributes_sha256_hash(sha256_hash_buf) != RESULT_OK) { | |
496 | + return AVB_IO_RESULT_ERROR_IO; | |
497 | + } | |
498 | + /* check if the sha256(permanent attributes) hash match the calculated one, | |
499 | + * if not match, just return all zeros hash. | |
500 | + */ | |
501 | + if (memcmp(sha256_hash_fuse, sha256_hash_buf, ATX_HASH_LENGTH)) { | |
502 | + printf("ERROR - sha256(permanent attributes) does not match\n"); | |
503 | + memset(hash, 0, AVB_SHA256_DIGEST_SIZE); | |
504 | + } else { | |
505 | + memcpy(hash, sha256_hash_buf, AVB_SHA256_DIGEST_SIZE); | |
506 | + } | |
507 | + | |
508 | + return AVB_IO_RESULT_OK; | |
509 | +#endif /* CONFIG_ARM64 */ | |
510 | +} | |
511 | + | |
512 | + /* Generates |num_bytes| random bytes and stores them in |output|, | |
513 | + * which must point to a buffer large enough to store the bytes. | |
514 | + * | |
515 | + * Returns AVB_IO_RESULT_OK on success, otherwise an error code. | |
516 | + */ | |
517 | +AvbIOResult fsl_get_random(AvbAtxOps* atx_ops, | |
518 | + size_t num_bytes, | |
519 | + uint8_t* output) | |
520 | +{ | |
521 | + uint32_t num = 0; | |
522 | + uint32_t i; | |
523 | + | |
524 | + if (output == NULL) { | |
525 | + ERR("Output buffer is NULL!\n"); | |
526 | + return AVB_IO_RESULT_ERROR_INSUFFICIENT_SPACE; | |
527 | + } | |
528 | + | |
529 | + /* set the seed as device boot time. */ | |
530 | + srand((uint32_t)get_timer(0)); | |
531 | + for (i = 0; i < num_bytes; i++) { | |
532 | + num = rand() % 256; | |
533 | + output[i] = (uint8_t)num; | |
534 | + } | |
535 | + | |
536 | + return AVB_IO_RESULT_OK; | |
537 | +} | |
538 | +/* Provides the key version of a key used during verification. This may be | |
539 | + * useful for managing the minimum key version. | |
540 | + */ | |
541 | +void fsl_set_key_version(AvbAtxOps* atx_ops, | |
542 | + size_t rollback_index_location, | |
543 | + uint64_t key_version) { | |
544 | + kblb_hdr_t hdr; | |
545 | + kblb_tag_t *rbk; | |
546 | + uint64_t *plain_idx = NULL; | |
547 | + struct mmc *mmc_dev; | |
548 | + static const uint32_t kTypeMask = 0xF000; | |
549 | + | |
550 | + DEBUGAVB("[rpmb] write to rollback slot: (%zu, %" PRIu64 ")\n", | |
551 | + rollback_index_location, key_version); | |
552 | + | |
553 | + assert(atx_ops != NULL); | |
554 | + | |
555 | + if ((mmc_dev = get_mmc()) == NULL) { | |
556 | + ERR("err get mmc device\n"); | |
557 | + } | |
558 | + /* read the kblb header */ | |
559 | + if (rpmb_read(mmc_dev, (uint8_t *)&hdr, sizeof(hdr), 0) != 0) { | |
560 | + ERR("read RPMB error\n"); | |
561 | + } | |
562 | + | |
563 | + if (memcmp(hdr.magic, AVB_KBLB_MAGIC, AVB_KBLB_MAGIC_LEN) != 0) { | |
564 | + ERR("magic not match\n"); | |
565 | + } | |
566 | + | |
567 | + /* rollback index for Android Things key versions */ | |
568 | + rbk = &hdr.atx_rbk_tags[rollback_index_location & ~kTypeMask]; | |
569 | + | |
570 | + plain_idx = malloc(rbk->len); | |
571 | + if (plain_idx == NULL) | |
572 | + printf("\nError! allocate memory fail!\n"); | |
573 | + memset(plain_idx, 0, rbk->len); | |
574 | + *plain_idx = key_version; | |
575 | + | |
576 | + /* write rollback_index keyblob */ | |
577 | + if (rpmb_write(mmc_dev, (uint8_t *)plain_idx, rbk->len, rbk->offset) != | |
578 | + 0) { | |
579 | + ERR("write rollback index error\n"); | |
580 | + goto fail; | |
581 | + } | |
582 | +fail: | |
583 | + if (plain_idx != NULL) | |
584 | + free(plain_idx); | |
585 | +} | |
586 | +#endif /* CONFIG_AVB_ATX */ | |
587 | + | |
588 | +#ifdef AVB_RPMB | |
589 | +/* Checks if the given public key used to sign the 'vbmeta' | |
590 | + * partition is trusted. Boot loaders typically compare this with | |
591 | + * embedded key material generated with 'avbtool | |
592 | + * extract_public_key'. | |
593 | + * | |
594 | + * If AVB_IO_RESULT_OK is returned then |out_is_trusted| is set - | |
595 | + * true if trusted or false if untrusted. | |
596 | + */ | |
597 | +AvbIOResult fsl_validate_vbmeta_public_key_rpmb(AvbOps* ops, | |
598 | + const uint8_t* public_key_data, | |
599 | + size_t public_key_length, | |
600 | + const uint8_t* public_key_metadata, | |
601 | + size_t public_key_metadata_length, | |
602 | + bool* out_is_trusted) { | |
603 | + AvbIOResult ret; | |
604 | + assert(ops != NULL && out_is_trusted != NULL); | |
605 | + *out_is_trusted = false; | |
606 | + | |
607 | + /* match given public key */ | |
608 | + if (memcmp(fsl_public_key, public_key_data, public_key_length)) { | |
609 | + ret = AVB_IO_RESULT_ERROR_IO; | |
610 | + ERR("public key not match\n"); | |
611 | + return AVB_IO_RESULT_ERROR_IO; | |
612 | + } | |
613 | + | |
614 | + *out_is_trusted = true; | |
615 | + ret = AVB_IO_RESULT_OK; | |
616 | + | |
617 | + return ret; | |
618 | +} | |
619 | + | |
620 | +/* Sets the rollback index corresponding to the slot given by | |
621 | + * |rollback_index_slot| to |rollback_index|. Returns | |
622 | + * AVB_IO_RESULT_OK if the rollback index was set, otherwise an | |
623 | + * error code. | |
624 | + * | |
625 | + * A device may have a limited amount of rollback index slots (say, | |
626 | + * one or four) so may error out if |rollback_index_slot| exceeds | |
627 | + * this number. | |
628 | + */ | |
629 | +AvbIOResult fsl_write_rollback_index_rpmb(AvbOps* ops, size_t rollback_index_slot, | |
630 | + uint64_t rollback_index) { | |
631 | + AvbIOResult ret; | |
632 | +#ifdef CONFIG_IMX_TRUSTY_OS | |
633 | + if (trusty_write_rollback_index(rollback_index_slot, rollback_index)) { | |
634 | + ERR("write rollback from Trusty error!"); | |
635 | + ret = AVB_IO_RESULT_ERROR_IO; | |
636 | + } else { | |
637 | + ret = AVB_IO_RESULT_OK; | |
638 | + } | |
639 | + return ret; | |
640 | +#else | |
641 | + kblb_hdr_t hdr; | |
642 | + kblb_tag_t *rbk; | |
643 | + uint64_t *plain_idx = NULL; | |
644 | + struct mmc *mmc_dev; | |
645 | +#ifdef CONFIG_AVB_ATX | |
646 | + static const uint32_t kTypeMask = 0xF000; | |
647 | + static const unsigned int kTypeShift = 12; | |
648 | +#endif | |
649 | + | |
650 | + DEBUGAVB("[rpmb] write to rollback slot: (%zu, %" PRIu64 ")\n", | |
651 | + rollback_index_slot, rollback_index); | |
652 | + | |
653 | + assert(ops != NULL); | |
654 | + /* check if the rollback index location exceed the limit */ | |
655 | +#ifdef CONFIG_AVB_ATX | |
656 | + if ((rollback_index_slot & ~kTypeMask) >= AVB_MAX_NUMBER_OF_ROLLBACK_INDEX_LOCATIONS) | |
657 | +#else | |
658 | + if (rollback_index_slot >= AVB_MAX_NUMBER_OF_ROLLBACK_INDEX_LOCATIONS) | |
659 | +#endif /* CONFIG_AVB_ATX */ | |
660 | + return AVB_IO_RESULT_ERROR_IO; | |
661 | + | |
662 | + if ((mmc_dev = get_mmc()) == NULL) { | |
663 | + ERR("err get mmc device\n"); | |
664 | + return AVB_IO_RESULT_ERROR_IO; | |
665 | + } | |
666 | + /* read the kblb header */ | |
667 | + if (rpmb_read(mmc_dev, (uint8_t *)&hdr, sizeof(hdr), 0) != 0) { | |
668 | + ERR("read RPMB error\n"); | |
669 | + return AVB_IO_RESULT_ERROR_IO; | |
670 | + } | |
671 | + | |
672 | + if (memcmp(hdr.magic, AVB_KBLB_MAGIC, AVB_KBLB_MAGIC_LEN) != 0) { | |
673 | + ERR("magic not match\n"); | |
674 | + return AVB_IO_RESULT_ERROR_IO; | |
675 | + } | |
676 | + /* choose rollback index type */ | |
677 | +#ifdef CONFIG_AVB_ATX | |
678 | + if ((rollback_index_slot & kTypeMask) >> kTypeShift) { | |
679 | + /* rollback index for Android Things key versions */ | |
680 | + rbk = &hdr.atx_rbk_tags[rollback_index_slot & ~kTypeMask]; | |
681 | + } else { | |
682 | + /* rollback index for vbmeta */ | |
683 | + rbk = &hdr.rbk_tags[rollback_index_slot & ~kTypeMask]; | |
684 | + } | |
685 | +#else | |
686 | + rbk = &hdr.rbk_tags[rollback_index_slot]; | |
687 | +#endif /* CONFIG_AVB_ATX */ | |
688 | + plain_idx = malloc(rbk->len); | |
689 | + if (plain_idx == NULL) | |
690 | + return AVB_IO_RESULT_ERROR_OOM; | |
691 | + memset(plain_idx, 0, rbk->len); | |
692 | + *plain_idx = rollback_index; | |
693 | + | |
694 | + /* write rollback_index keyblob */ | |
695 | + if (rpmb_write(mmc_dev, (uint8_t *)plain_idx, rbk->len, rbk->offset) != | |
696 | + 0) { | |
697 | + ERR("write rollback index error\n"); | |
698 | + ret = AVB_IO_RESULT_ERROR_IO; | |
699 | + goto fail; | |
700 | + } | |
701 | + ret = AVB_IO_RESULT_OK; | |
702 | +fail: | |
703 | + if (plain_idx != NULL) | |
704 | + free(plain_idx); | |
705 | + return ret; | |
706 | +#endif /* CONFIG_IMX_TRUSTY_OS */ | |
707 | +} | |
708 | + | |
709 | +/* Gets the rollback index corresponding to the slot given by | |
710 | + * |rollback_index_slot|. The value is returned in | |
711 | + * |out_rollback_index|. Returns AVB_IO_RESULT_OK if the rollback | |
712 | + * index was retrieved, otherwise an error code. | |
713 | + * | |
714 | + * A device may have a limited amount of rollback index slots (say, | |
715 | + * one or four) so may error out if |rollback_index_slot| exceeds | |
716 | + * this number. | |
717 | + */ | |
718 | +AvbIOResult fsl_read_rollback_index_rpmb(AvbOps* ops, size_t rollback_index_slot, | |
719 | + uint64_t* out_rollback_index) { | |
720 | + AvbIOResult ret; | |
721 | +#ifdef CONFIG_IMX_TRUSTY_OS | |
722 | + if (trusty_read_rollback_index(rollback_index_slot, out_rollback_index)) { | |
723 | + ERR("read rollback from Trusty error!"); | |
724 | + ret = AVB_IO_RESULT_ERROR_IO; | |
725 | + } else { | |
726 | + ret = AVB_IO_RESULT_OK; | |
727 | + } | |
728 | + return ret; | |
729 | +#else | |
730 | + kblb_hdr_t hdr; | |
731 | + kblb_tag_t *rbk; | |
732 | + uint64_t *extract_idx = NULL; | |
733 | + struct mmc *mmc_dev; | |
734 | +#ifdef CONFIG_AVB_ATX | |
735 | + static const uint32_t kTypeMask = 0xF000; | |
736 | + static const unsigned int kTypeShift = 12; | |
737 | +#endif | |
738 | + | |
739 | + assert(ops != NULL && out_rollback_index != NULL); | |
740 | + *out_rollback_index = ~0; | |
741 | + | |
742 | + DEBUGAVB("[rpmb] read rollback slot: %zu\n", rollback_index_slot); | |
743 | + | |
744 | + /* check if the rollback index location exceed the limit */ | |
745 | +#ifdef CONFIG_AVB_ATX | |
746 | + if ((rollback_index_slot & ~kTypeMask) >= AVB_MAX_NUMBER_OF_ROLLBACK_INDEX_LOCATIONS) | |
747 | +#else | |
748 | + if (rollback_index_slot >= AVB_MAX_NUMBER_OF_ROLLBACK_INDEX_LOCATIONS) | |
749 | +#endif | |
750 | + return AVB_IO_RESULT_ERROR_IO; | |
751 | + | |
752 | + if ((mmc_dev = get_mmc()) == NULL) { | |
753 | + ERR("err get mmc device\n"); | |
754 | + return AVB_IO_RESULT_ERROR_IO; | |
755 | + } | |
756 | + /* read the kblb header */ | |
757 | + if (rpmb_read(mmc_dev, (uint8_t *)&hdr, sizeof(hdr), 0) != 0) { | |
758 | + ERR("read RPMB error\n"); | |
759 | + return AVB_IO_RESULT_ERROR_IO; | |
760 | + } | |
761 | + | |
762 | + if (memcmp(hdr.magic, AVB_KBLB_MAGIC, AVB_KBLB_MAGIC_LEN) != 0) { | |
763 | + ERR("magic not match\n"); | |
764 | + return AVB_IO_RESULT_ERROR_IO; | |
765 | + } | |
766 | + /* choose rollback index type */ | |
767 | +#ifdef CONFIG_AVB_ATX | |
768 | + if ((rollback_index_slot & kTypeMask) >> kTypeShift) { | |
769 | + /* rollback index for Android Things key versions */ | |
770 | + rbk = &hdr.atx_rbk_tags[rollback_index_slot & ~kTypeMask]; | |
771 | + } else { | |
772 | + /* rollback index for vbmeta */ | |
773 | + rbk = &hdr.rbk_tags[rollback_index_slot & ~kTypeMask]; | |
774 | + } | |
775 | +#else | |
776 | + rbk = &hdr.rbk_tags[rollback_index_slot]; | |
777 | +#endif /* CONFIG_AVB_ATX */ | |
778 | + extract_idx = malloc(rbk->len); | |
779 | + if (extract_idx == NULL) | |
780 | + return AVB_IO_RESULT_ERROR_OOM; | |
781 | + | |
782 | + /* read rollback_index keyblob */ | |
783 | + if (rpmb_read(mmc_dev, (uint8_t *)extract_idx, rbk->len, rbk->offset) != 0) { | |
784 | + ERR("read rollback index error\n"); | |
785 | + ret = AVB_IO_RESULT_ERROR_IO; | |
786 | + goto fail; | |
787 | + } | |
788 | + | |
789 | +#ifdef AVB_VVDEBUG | |
790 | + printf("\n----idx dump: ---\n"); | |
791 | + print_buffer(0, extract_idx, HEXDUMP_WIDTH, rbk->len, 0); | |
792 | + printf("--- end ---\n"); | |
793 | +#endif | |
794 | + *out_rollback_index = *extract_idx; | |
795 | + DEBUGAVB("rollback_index = %" PRIu64 "\n", *out_rollback_index); | |
796 | + ret = AVB_IO_RESULT_OK; | |
797 | +fail: | |
798 | + if (extract_idx != NULL) | |
799 | + free(extract_idx); | |
800 | + return ret; | |
801 | +#endif /* CONFIG_IMX_TRUSTY_OS */ | |
802 | +} | |
803 | +#else /* AVB_RPMB */ | |
804 | +/* | |
805 | + * In no security enhanced ARM64, we cannot protect public key. | |
806 | + * So that we choose to trust the key from vbmeta image | |
807 | + */ | |
808 | +AvbIOResult fsl_validate_vbmeta_public_key_rpmb(AvbOps* ops, | |
809 | + const uint8_t* public_key_data, | |
810 | + size_t public_key_length, | |
811 | + const uint8_t* public_key_metadata, | |
812 | + size_t public_key_metadata_length, | |
813 | + bool* out_is_trusted) { | |
814 | + *out_is_trusted = true; | |
815 | + return AVB_IO_RESULT_OK; | |
816 | +} | |
817 | + | |
818 | +/* In no security enhanced ARM64, rollback index has no protection so no use it */ | |
819 | +AvbIOResult fsl_write_rollback_index_rpmb(AvbOps* ops, size_t rollback_index_slot, | |
820 | + uint64_t rollback_index) { | |
821 | + return AVB_IO_RESULT_OK; | |
822 | + | |
823 | +} | |
824 | +AvbIOResult fsl_read_rollback_index_rpmb(AvbOps* ops, size_t rollback_index_slot, | |
825 | + uint64_t* out_rollback_index) { | |
826 | + *out_rollback_index = 0; | |
827 | + return AVB_IO_RESULT_OK; | |
828 | +} | |
829 | +#endif /* AVB_RPMB */ |
lib/avb/fsl/fsl_avbkey.c
Changes suppressed. Click to show
... | ... | @@ -19,425 +19,36 @@ |
19 | 19 | #include <trusty/libtipc.h> |
20 | 20 | #endif |
21 | 21 | #include "fsl_avbkey.h" |
22 | -#include "fsl_public_key.h" | |
23 | -#include "fsl_atx_attributes.h" | |
24 | 22 | #include "utils.h" |
25 | 23 | #include "debug.h" |
26 | 24 | #include <memalign.h> |
27 | 25 | #include "trusty/hwcrypto.h" |
26 | +#include "fsl_atx_attributes.h" | |
28 | 27 | |
29 | 28 | #define INITFLAG_FUSE_OFFSET 0 |
30 | 29 | #define INITFLAG_FUSE_MASK 0x00000001 |
31 | 30 | #define INITFLAG_FUSE 0x00000001 |
32 | 31 | |
33 | 32 | #define RPMB_BLKSZ 256 |
34 | -#define RPMBKEY_FUSE_OFFSET 1 | |
35 | 33 | #define RPMBKEY_LENGTH 32 |
36 | -#define RPMBKEY_FUSE_LEN ((RPMBKEY_LENGTH) + (CAAM_PAD)) | |
37 | -#define RPMBKEY_FUSE_LENW (RPMBKEY_FUSE_LEN / 4) | |
38 | 34 | #define RPMBKEY_BLOB_LEN ((RPMBKEY_LENGTH) + (CAAM_PAD)) |
39 | 35 | |
40 | -#ifdef CONFIG_AVB_ATX | |
41 | -#define ATX_FUSE_BANK_NUM 4 | |
42 | -#define ATX_FUSE_BANK_MASK 0xFFFF | |
43 | -#define ATX_HASH_LENGTH 14 | |
44 | -#endif | |
36 | +extern int mmc_switch(struct mmc *mmc, u8 set, u8 index, u8 value); | |
45 | 37 | |
46 | -#define RESULT_ERROR -1 | |
47 | -#define RESULT_OK 0 | |
38 | +#ifdef AVB_RPMB | |
39 | +static int mmc_dev_no = -1; | |
48 | 40 | |
49 | -#ifndef CONFIG_SPL_BUILD | |
50 | -#if defined(CONFIG_AVB_ATX) | |
51 | -static int fsl_fuse_ops(uint32_t *buffer, uint32_t length, uint32_t offset, | |
52 | - const uint8_t read) { | |
53 | - | |
54 | - unsigned short bs, ws, bksz, cnt; | |
55 | - unsigned short num_done = 0; | |
56 | - margin_pos_t margin; | |
57 | - int i; | |
58 | - | |
59 | - /* read from fuse */ | |
60 | - bksz = CONFIG_AVB_FUSE_BANK_SIZEW; | |
61 | - if(get_margin_pos(CONFIG_AVB_FUSE_BANK_START, CONFIG_AVB_FUSE_BANK_END, bksz, | |
62 | - &margin, offset, length, false)) | |
63 | - return -1; | |
64 | - bs = (unsigned short)margin.blk_start; | |
65 | - ws = (unsigned short)margin.start; | |
66 | - | |
67 | - while (num_done < length) { | |
68 | - cnt = bksz - ws; | |
69 | - if (num_done + cnt > length) | |
70 | - cnt = length - num_done; | |
71 | - for (i = 0; i < cnt; i++) { | |
72 | - VDEBUG("cur: bank=%d, word=%d\n",bs, ws); | |
73 | - if (read) { | |
74 | - if (fuse_sense(bs, ws, buffer)) { | |
75 | - ERR("read fuse bank %d, word %d error\n", bs, ws); | |
76 | - return -1; | |
77 | - } | |
78 | - } else { | |
79 | -#ifdef CONFIG_AVB_FUSE | |
80 | - if (fuse_prog(bs, ws, *buffer)) { | |
81 | -#else | |
82 | - if (fuse_override(bs, ws, *buffer)) { | |
83 | -#endif | |
84 | - ERR("write fuse bank %d, word %d error\n", bs, ws); | |
85 | - return -1; | |
86 | - } | |
87 | - } | |
88 | - ws++; | |
89 | - buffer++; | |
90 | - } | |
91 | - bs++; | |
92 | - num_done += cnt; | |
93 | - ws = 0; | |
94 | - } | |
95 | - return 0; | |
41 | +struct mmc *get_mmc(void) { | |
42 | + extern int mmc_get_env_devno(void); | |
43 | + struct mmc *mmc; | |
44 | + if (mmc_dev_no < 0 && (mmc_dev_no = mmc_get_env_dev()) < 0) | |
45 | + return NULL; | |
46 | + mmc = find_mmc_device(mmc_dev_no); | |
47 | + if (!mmc || mmc_init(mmc)) | |
48 | + return NULL; | |
49 | + return mmc; | |
96 | 50 | } |
97 | 51 | |
98 | -static int fsl_fuse_read(uint32_t *buffer, uint32_t length, uint32_t offset) { | |
99 | - | |
100 | - return fsl_fuse_ops( | |
101 | - buffer, | |
102 | - length, | |
103 | - offset, | |
104 | - 1 | |
105 | - ); | |
106 | -} | |
107 | - | |
108 | -static int fsl_fuse_write(const uint32_t *buffer, uint32_t length, uint32_t offset) { | |
109 | - | |
110 | - return fsl_fuse_ops( | |
111 | - (uint32_t *)buffer, | |
112 | - length, | |
113 | - offset, | |
114 | - 0 | |
115 | - ); | |
116 | -} | |
117 | -#endif /* defined(CONFIG_AVB_ATX) && !defined(CONFIG_ARM64) */ | |
118 | - | |
119 | -#if defined(CONFIG_AVB_ATX) | |
120 | -static int sha256(unsigned char* data, int len, unsigned char* output) { | |
121 | - struct hash_algo *algo; | |
122 | - void *buf; | |
123 | - | |
124 | - if (hash_lookup_algo("sha256", &algo)) { | |
125 | - printf("error in lookup sha256 algo!\n"); | |
126 | - return RESULT_ERROR; | |
127 | - } | |
128 | - buf = map_sysmem((ulong)data, len); | |
129 | - algo->hash_func_ws(buf, len, output, algo->chunk_size); | |
130 | - unmap_sysmem(buf); | |
131 | - | |
132 | - return algo->digest_size; | |
133 | -} | |
134 | - | |
135 | -static int permanent_attributes_sha256_hash(unsigned char* output) { | |
136 | - AvbAtxPermanentAttributes attributes; | |
137 | - | |
138 | -#ifdef CONFIG_IMX_TRUSTY_OS | |
139 | - if(!trusty_read_permanent_attributes((uint8_t *)(&attributes), | |
140 | - sizeof(AvbAtxPermanentAttributes))) { | |
141 | - goto calc_sha256; | |
142 | - } else { | |
143 | - ERR("No perm-attr fused. Will use hard code one.\n"); | |
144 | - } | |
145 | -#endif | |
146 | - /* get permanent attributes */ | |
147 | - attributes.version = fsl_version; | |
148 | - memcpy(attributes.product_root_public_key, fsl_product_root_public_key, | |
149 | - sizeof(fsl_product_root_public_key)); | |
150 | - memcpy(attributes.product_id, fsl_atx_product_id, | |
151 | - sizeof(fsl_atx_product_id)); | |
152 | -#ifdef CONFIG_IMX_TRUSTY_OS | |
153 | -calc_sha256: | |
154 | -#endif | |
155 | - /* calculate sha256(permanent attributes) hash */ | |
156 | - if (sha256((unsigned char *)&attributes, sizeof(AvbAtxPermanentAttributes), | |
157 | - output) == RESULT_ERROR) { | |
158 | - printf("ERROR - calculate permanent attributes hash error"); | |
159 | - return RESULT_ERROR; | |
160 | - } | |
161 | - | |
162 | - return RESULT_OK; | |
163 | -} | |
164 | - | |
165 | -static int init_permanent_attributes_fuse(void) { | |
166 | - | |
167 | -#ifdef CONFIG_ARM64 | |
168 | - return RESULT_OK; | |
169 | -#else | |
170 | - uint8_t sha256_hash[AVB_SHA256_DIGEST_SIZE]; | |
171 | - uint32_t buffer[ATX_FUSE_BANK_NUM]; | |
172 | - int num = 0; | |
173 | - | |
174 | - /* read first 112 bits of sha256(permanent attributes) from fuse */ | |
175 | - if (fsl_fuse_read(buffer, ATX_FUSE_BANK_NUM, PERMANENT_ATTRIBUTE_HASH_OFFSET)) { | |
176 | - printf("ERROR - read permanent attributes hash from fuse error\n"); | |
177 | - return RESULT_ERROR; | |
178 | - } | |
179 | - /* only take the lower 2 bytes of the last bank */ | |
180 | - buffer[ATX_FUSE_BANK_NUM - 1] &= ATX_FUSE_BANK_MASK; | |
181 | - | |
182 | - /* return RESULT_OK if fuse has been initialized before */ | |
183 | - for (num = 0; num < ATX_FUSE_BANK_NUM; num++) { | |
184 | - if (buffer[num]) | |
185 | - return RESULT_OK; | |
186 | - } | |
187 | - | |
188 | - /* calculate sha256(permanent attributes) */ | |
189 | - if (permanent_attributes_sha256_hash(sha256_hash) != RESULT_OK) { | |
190 | - printf("ERROR - calculating permanent attributes SHA256 error!\n"); | |
191 | - return RESULT_ERROR; | |
192 | - } | |
193 | - | |
194 | - /* write first 112 bits of sha256(permanent attributes) into fuse */ | |
195 | - memset(buffer, 0, sizeof(buffer)); | |
196 | - memcpy(buffer, sha256_hash, ATX_HASH_LENGTH); | |
197 | - if (fsl_fuse_write(buffer, ATX_FUSE_BANK_NUM, PERMANENT_ATTRIBUTE_HASH_OFFSET)) { | |
198 | - printf("ERROR - write permanent attributes hash to fuse error\n"); | |
199 | - return RESULT_ERROR; | |
200 | - } | |
201 | - | |
202 | - return RESULT_OK; | |
203 | -#endif /* CONFIG_ARM64 */ | |
204 | -} | |
205 | -#endif | |
206 | - | |
207 | -#ifdef CONFIG_AVB_ATX | |
208 | -int avb_atx_fuse_perm_attr(uint8_t *staged_buffer, uint32_t size) { | |
209 | - | |
210 | - if (staged_buffer == NULL) { | |
211 | - ERR("Error. Get null staged_buffer\n"); | |
212 | - return -1; | |
213 | - } | |
214 | - if (size != sizeof(AvbAtxPermanentAttributes)) { | |
215 | - ERR("Error. expect perm_attr length %u, but get %u.\n", | |
216 | - (uint32_t)sizeof(AvbAtxPermanentAttributes), size); | |
217 | - return -1; | |
218 | - } | |
219 | -#ifdef CONFIG_IMX_TRUSTY_OS | |
220 | - if (trusty_write_permanent_attributes(staged_buffer, size)) { | |
221 | - ERR("Error. Failed to write permanent attributes into secure storage\n"); | |
222 | - return -1; | |
223 | - } | |
224 | - else | |
225 | - return init_permanent_attributes_fuse(); | |
226 | -#else | |
227 | - /* | |
228 | - * TODO: | |
229 | - * Need to handle this when no Trusty OS support. | |
230 | - * But now every Android Things will have Trusty OS support. | |
231 | - */ | |
232 | - ERR("No Trusty OS enabled in bootloader.\n"); | |
233 | - return 0; | |
234 | -#endif | |
235 | -} | |
236 | - | |
237 | -int avb_atx_get_unlock_challenge(struct AvbAtxOps* atx_ops, | |
238 | - uint8_t *upload_buffer, uint32_t *upload_size) | |
239 | -{ | |
240 | - struct AvbAtxUnlockChallenge *buf = NULL; | |
241 | - int ret, size; | |
242 | - | |
243 | - size = sizeof(struct AvbAtxUnlockChallenge); | |
244 | - buf = (struct AvbAtxUnlockChallenge *)malloc(size); | |
245 | - if (buf == NULL) { | |
246 | - ERR("unable to alloc memory!\n"); | |
247 | - return -1; | |
248 | - } | |
249 | - | |
250 | - if (avb_atx_generate_unlock_challenge(atx_ops, buf) != | |
251 | - AVB_IO_RESULT_OK) { | |
252 | - ERR("generate unlock challenge fail!\n"); | |
253 | - ret = -1; | |
254 | - goto fail; | |
255 | - } | |
256 | - /* Current avbtool only accept 16 bytes random numbers as unlock | |
257 | - * challenge, need to return the whole 'AvbAtxUnlockChallenge' | |
258 | - * when avbtool is ready. | |
259 | - */ | |
260 | - memcpy(upload_buffer, buf->challenge, AVB_ATX_UNLOCK_CHALLENGE_SIZE); | |
261 | - *upload_size = AVB_ATX_UNLOCK_CHALLENGE_SIZE; | |
262 | - ret = 0; | |
263 | -fail: | |
264 | - if (buf != NULL) | |
265 | - free(buf); | |
266 | - return ret; | |
267 | -} | |
268 | - | |
269 | -int avb_atx_verify_unlock_credential(struct AvbAtxOps* atx_ops, | |
270 | - uint8_t *staged_buffer) | |
271 | -{ | |
272 | - bool out_is_trusted; | |
273 | - AvbIOResult ret; | |
274 | - const AvbAtxUnlockCredential* buf = NULL; | |
275 | - | |
276 | - buf = (const AvbAtxUnlockCredential*)staged_buffer; | |
277 | - ret = avb_atx_validate_unlock_credential(atx_ops, buf, &out_is_trusted); | |
278 | - if ((ret != AVB_IO_RESULT_OK) || (out_is_trusted != true)) { | |
279 | - ERR("validate unlock credential fail!\n"); | |
280 | - return -1; | |
281 | - } else | |
282 | - return 0; | |
283 | -} | |
284 | - | |
285 | -bool perm_attr_are_fused(void) | |
286 | -{ | |
287 | -#ifdef CONFIG_IMX_TRUSTY_OS | |
288 | - AvbAtxPermanentAttributes attributes; | |
289 | - if(!trusty_read_permanent_attributes((uint8_t *)(&attributes), | |
290 | - sizeof(AvbAtxPermanentAttributes))) { | |
291 | - return true; | |
292 | - } else { | |
293 | - ERR("No perm-attr fused, please fuse your perm-attr first!.\n"); | |
294 | - return false; | |
295 | - } | |
296 | -#else | |
297 | - /* We hard code the perm-attr if trusty is not enabled. */ | |
298 | - return true; | |
299 | -#endif | |
300 | -} | |
301 | - | |
302 | -bool at_unlock_vboot_is_disabled(void) | |
303 | -{ | |
304 | - uint32_t unlock_vboot_status; | |
305 | - | |
306 | - if (fsl_fuse_read(&unlock_vboot_status, 1, | |
307 | - UNLOCK_VBOOT_STATUS_OFFSET_IN_WORD)) { | |
308 | - printf("Read at unlock vboot status error!\n"); | |
309 | - return false; | |
310 | - } | |
311 | - | |
312 | - if (unlock_vboot_status & (1 << UNLOCK_VBOOT_STATUS_OFFSET_IN_BIT)) | |
313 | - return true; | |
314 | - else | |
315 | - return false; | |
316 | -} | |
317 | - | |
318 | -int at_disable_vboot_unlock(void) | |
319 | -{ | |
320 | - uint32_t unlock_vboot_status = 0; | |
321 | - | |
322 | - /* Read the status first */ | |
323 | - if (fsl_fuse_read(&unlock_vboot_status, 1, | |
324 | - UNLOCK_VBOOT_STATUS_OFFSET_IN_WORD)) { | |
325 | - ERR("Read unlock vboot status error!\n"); | |
326 | - return -1; | |
327 | - } | |
328 | - | |
329 | - /* Set the disable unlock vboot bit */ | |
330 | - unlock_vboot_status |= (1 << UNLOCK_VBOOT_STATUS_OFFSET_IN_BIT); | |
331 | - | |
332 | - /* Write disable unlock vboot bit to fuse */ | |
333 | - if (fsl_fuse_write(&unlock_vboot_status, 1, | |
334 | - UNLOCK_VBOOT_STATUS_OFFSET_IN_WORD)) { | |
335 | - ERR("Write unlock vboot status fail!\n"); | |
336 | - return -1; | |
337 | - } | |
338 | - | |
339 | - return 0; | |
340 | -} | |
341 | -/* Reads permanent |attributes| data. There are no restrictions on where this | |
342 | - * data is stored. On success, returns AVB_IO_RESULT_OK and populates | |
343 | - * |attributes|. | |
344 | - */ | |
345 | -AvbIOResult fsl_read_permanent_attributes( | |
346 | - AvbAtxOps* atx_ops, AvbAtxPermanentAttributes* attributes) { | |
347 | -#ifdef CONFIG_IMX_TRUSTY_OS | |
348 | - if (!trusty_read_permanent_attributes((uint8_t *)attributes, | |
349 | - sizeof(AvbAtxPermanentAttributes))) { | |
350 | - return AVB_IO_RESULT_OK; | |
351 | - } | |
352 | - ERR("No perm-attr fused. Will use hard code one.\n"); | |
353 | -#endif /* CONFIG_IMX_TRUSTY_OS */ | |
354 | - | |
355 | - /* use hard code permanent attributes due to limited fuse and RPMB */ | |
356 | - attributes->version = fsl_version; | |
357 | - memcpy(attributes->product_root_public_key, fsl_product_root_public_key, | |
358 | - sizeof(fsl_product_root_public_key)); | |
359 | - memcpy(attributes->product_id, fsl_atx_product_id, | |
360 | - sizeof(fsl_atx_product_id)); | |
361 | - | |
362 | - return AVB_IO_RESULT_OK; | |
363 | -} | |
364 | - | |
365 | -/* Reads a |hash| of permanent attributes. This hash MUST be retrieved from a | |
366 | - * permanently read-only location (e.g. fuses) when a device is LOCKED. On | |
367 | - * success, returned AVB_IO_RESULT_OK and populates |hash|. | |
368 | - */ | |
369 | -AvbIOResult fsl_read_permanent_attributes_hash( | |
370 | - AvbAtxOps* atx_ops, uint8_t hash[AVB_SHA256_DIGEST_SIZE]) { | |
371 | -#ifdef CONFIG_ARM64 | |
372 | - /* calculate sha256(permanent attributes) */ | |
373 | - if (permanent_attributes_sha256_hash(hash) != RESULT_OK) { | |
374 | - return AVB_IO_RESULT_ERROR_IO; | |
375 | - } else { | |
376 | - return AVB_IO_RESULT_OK; | |
377 | - } | |
378 | -#else | |
379 | - uint8_t sha256_hash_buf[AVB_SHA256_DIGEST_SIZE]; | |
380 | - uint32_t sha256_hash_fuse[ATX_FUSE_BANK_NUM]; | |
381 | - | |
382 | - /* read first 112 bits of sha256(permanent attributes) from fuse */ | |
383 | - if (fsl_fuse_read(sha256_hash_fuse, ATX_FUSE_BANK_NUM, | |
384 | - PERMANENT_ATTRIBUTE_HASH_OFFSET)) { | |
385 | - printf("ERROR - read permanent attributes hash from " | |
386 | - "fuse error\n"); | |
387 | - return AVB_IO_RESULT_ERROR_IO; | |
388 | - } | |
389 | - /* only take the lower 2 bytes of last bank */ | |
390 | - sha256_hash_fuse[ATX_FUSE_BANK_NUM - 1] &= ATX_FUSE_BANK_MASK; | |
391 | - | |
392 | - /* calculate sha256(permanent attributes) */ | |
393 | - if (permanent_attributes_sha256_hash(sha256_hash_buf) != RESULT_OK) { | |
394 | - return AVB_IO_RESULT_ERROR_IO; | |
395 | - } | |
396 | - /* check if the sha256(permanent attributes) hash match the calculated one, | |
397 | - * if not match, just return all zeros hash. | |
398 | - */ | |
399 | - if (memcmp(sha256_hash_fuse, sha256_hash_buf, ATX_HASH_LENGTH)) { | |
400 | - printf("ERROR - sha256(permanent attributes) does not match\n"); | |
401 | - memset(hash, 0, AVB_SHA256_DIGEST_SIZE); | |
402 | - } else { | |
403 | - memcpy(hash, sha256_hash_buf, AVB_SHA256_DIGEST_SIZE); | |
404 | - } | |
405 | - | |
406 | - return AVB_IO_RESULT_OK; | |
407 | -#endif /* CONFIG_ARM64 */ | |
408 | -} | |
409 | - | |
410 | - /* Generates |num_bytes| random bytes and stores them in |output|, | |
411 | - * which must point to a buffer large enough to store the bytes. | |
412 | - * | |
413 | - * Returns AVB_IO_RESULT_OK on success, otherwise an error code. | |
414 | - */ | |
415 | -AvbIOResult fsl_get_random(AvbAtxOps* atx_ops, | |
416 | - size_t num_bytes, | |
417 | - uint8_t* output) | |
418 | -{ | |
419 | - uint32_t num = 0; | |
420 | - uint32_t i; | |
421 | - | |
422 | - if (output == NULL) { | |
423 | - ERR("Output buffer is NULL!\n"); | |
424 | - return AVB_IO_RESULT_ERROR_INSUFFICIENT_SPACE; | |
425 | - } | |
426 | - | |
427 | - /* set the seed as device boot time. */ | |
428 | - srand((uint32_t)get_timer(0)); | |
429 | - for (i = 0; i < num_bytes; i++) { | |
430 | - num = rand() % 256; | |
431 | - output[i] = (uint8_t)num; | |
432 | - } | |
433 | - | |
434 | - return AVB_IO_RESULT_OK; | |
435 | -} | |
436 | - | |
437 | -#endif /* CONFIG_AVB_ATX */ | |
438 | -#endif /* CONFIG_SPL_BUILD */ | |
439 | - | |
440 | -#if defined(AVB_RPMB) || defined(CONFIG_IMX_TRUSTY_OS) | |
441 | 52 | void fill_secure_keyslot_package(struct keyslot_package *kp) { |
442 | 53 | |
443 | 54 | memcpy((void*)CAAM_ARB_BASE_ADDR, kp, sizeof(struct keyslot_package)); |
444 | 55 | |
445 | 56 | |
446 | 57 | |
447 | 58 | |
448 | 59 | |
449 | 60 | |
450 | 61 | |
451 | 62 | |
... | ... | @@ -521,61 +132,211 @@ |
521 | 132 | #endif |
522 | 133 | return ret; |
523 | 134 | } |
524 | -#endif /* (AVB_RPMB) || defined(CONFIG_IMX_TRUSTY_OS) */ | |
525 | 135 | |
526 | -#ifndef AVB_RPMB | |
527 | -/* ARM64 won't avbkey and rollback index in this stage directly. */ | |
528 | -int avbkey_init(uint8_t *plainkey, uint32_t keylen) { | |
529 | - return 0; | |
530 | -} | |
136 | +#ifdef CONFIG_FSL_CAAM_KB | |
137 | +int rpmb_read(struct mmc *mmc, uint8_t *buffer, size_t num_bytes, int64_t offset) { | |
531 | 138 | |
532 | -int rbkidx_erase(void) { | |
533 | - return 0; | |
534 | -} | |
139 | + unsigned char *bdata = NULL; | |
140 | + unsigned char *out_buf = (unsigned char *)buffer; | |
141 | + unsigned long s, cnt; | |
142 | + unsigned long blksz; | |
143 | + size_t num_read = 0; | |
144 | + unsigned short part_start, part_length, part_end, bs, be; | |
145 | + margin_pos_t margin; | |
146 | + char original_part; | |
147 | + uint8_t *blob = NULL; | |
148 | + struct blk_desc *desc = mmc_get_blk_desc(mmc); | |
149 | + ALLOC_CACHE_ALIGN_BUFFER(uint8_t, extract_key, RPMBKEY_LENGTH); | |
535 | 150 | |
536 | -/* | |
537 | - * In no security enhanced ARM64, we cannot protect public key. | |
538 | - * So that we choose to trust the key from vbmeta image | |
539 | - */ | |
540 | -AvbIOResult fsl_validate_vbmeta_public_key_rpmb(AvbOps* ops, | |
541 | - const uint8_t* public_key_data, | |
542 | - size_t public_key_length, | |
543 | - const uint8_t* public_key_metadata, | |
544 | - size_t public_key_metadata_length, | |
545 | - bool* out_is_trusted) { | |
546 | - *out_is_trusted = true; | |
547 | - return AVB_IO_RESULT_OK; | |
548 | -} | |
151 | + struct keyslot_package kp; | |
152 | + int ret; | |
549 | 153 | |
550 | -/* In no security enhanced ARM64, rollback index has no protection so no use it */ | |
551 | -AvbIOResult fsl_write_rollback_index_rpmb(AvbOps* ops, size_t rollback_index_slot, | |
552 | - uint64_t rollback_index) { | |
553 | - return AVB_IO_RESULT_OK; | |
154 | + blksz = RPMB_BLKSZ; | |
155 | + part_length = mmc->capacity_rpmb >> 8; | |
156 | + part_start = 0; | |
157 | + part_end = part_start + part_length - 1; | |
554 | 158 | |
555 | -} | |
556 | -AvbIOResult fsl_read_rollback_index_rpmb(AvbOps* ops, size_t rollback_index_slot, | |
557 | - uint64_t* out_rollback_index) { | |
558 | - *out_rollback_index = 0; | |
559 | - return AVB_IO_RESULT_OK; | |
560 | -} | |
561 | -#else /* AVB_RPMB */ | |
562 | -static int mmc_dev_no = -1; | |
159 | + DEBUGAVB("[rpmb]: offset=%ld, num_bytes=%zu\n", (long)offset, num_bytes); | |
563 | 160 | |
564 | -struct mmc *get_mmc(void) { | |
565 | - extern int mmc_get_env_devno(void); | |
566 | - struct mmc *mmc; | |
567 | - if (mmc_dev_no < 0 && (mmc_dev_no = mmc_get_env_dev()) < 0) | |
568 | - return NULL; | |
569 | - mmc = find_mmc_device(mmc_dev_no); | |
570 | - if (!mmc || mmc_init(mmc)) | |
571 | - return NULL; | |
572 | - return mmc; | |
161 | + if(get_margin_pos(part_start, part_end, blksz, | |
162 | + &margin, offset, num_bytes, false)) | |
163 | + return -1; | |
164 | + | |
165 | + bs = (unsigned short)margin.blk_start; | |
166 | + be = (unsigned short)margin.blk_end; | |
167 | + s = margin.start; | |
168 | + | |
169 | + /* Switch to the RPMB partition */ | |
170 | + original_part = desc->hwpart; | |
171 | + if (desc->hwpart != MMC_PART_RPMB) { | |
172 | + if (mmc_switch_part(mmc, MMC_PART_RPMB) != 0) | |
173 | + return -1; | |
174 | + desc->hwpart = MMC_PART_RPMB; | |
175 | + } | |
176 | + | |
177 | + /* get rpmb key */ | |
178 | + blob = (uint8_t *)memalign(ARCH_DMA_MINALIGN, RPMBKEY_BLOB_LEN); | |
179 | + if (read_keyslot_package(&kp)) { | |
180 | + ERR("read rpmb key error\n"); | |
181 | + ret = -1; | |
182 | + goto fail; | |
183 | + } | |
184 | + /* copy rpmb key to blob */ | |
185 | + memcpy(blob, kp.rpmb_keyblob, RPMBKEY_BLOB_LEN); | |
186 | + caam_open(); | |
187 | + if (caam_decap_blob((ulong)extract_key, (ulong)blob, | |
188 | + RPMBKEY_LENGTH)) { | |
189 | + ERR("decap rpmb key error\n"); | |
190 | + ret = -1; | |
191 | + goto fail; | |
192 | + } | |
193 | + | |
194 | + /* alloc a blksz mem */ | |
195 | + bdata = (unsigned char *)memalign(ALIGN_BYTES, blksz); | |
196 | + if (bdata == NULL) { | |
197 | + ret = -1; | |
198 | + goto fail; | |
199 | + } | |
200 | + /* one block a time */ | |
201 | + while (bs <= be) { | |
202 | + memset(bdata, 0, blksz); | |
203 | + if (mmc_rpmb_read(mmc, bdata, bs, 1, extract_key) != 1) { | |
204 | + ret = -1; | |
205 | + goto fail; | |
206 | + } | |
207 | + cnt = blksz - s; | |
208 | + if (num_read + cnt > num_bytes) | |
209 | + cnt = num_bytes - num_read; | |
210 | + VDEBUG("cur: bs=%d, start=%ld, cnt=%ld bdata=0x%p\n", | |
211 | + bs, s, cnt, bdata); | |
212 | + memcpy(out_buf, bdata + s, cnt); | |
213 | + bs++; | |
214 | + num_read += cnt; | |
215 | + out_buf += cnt; | |
216 | + s = 0; | |
217 | + } | |
218 | + ret = 0; | |
219 | + | |
220 | +fail: | |
221 | + /* Return to original partition */ | |
222 | + if (desc->hwpart != original_part) { | |
223 | + if (mmc_switch_part(mmc, original_part) != 0) | |
224 | + return -1; | |
225 | + desc->hwpart = original_part; | |
226 | + } | |
227 | + if (blob != NULL) | |
228 | + free(blob); | |
229 | + if (bdata != NULL) | |
230 | + free(bdata); | |
231 | + return ret; | |
232 | + | |
573 | 233 | } |
574 | 234 | |
575 | -int rpmb_read(struct mmc *mmc, uint8_t *buffer, size_t num_bytes, int64_t offset); | |
576 | -int rpmb_write(struct mmc *mmc, uint8_t *buffer, size_t num_bytes, int64_t offset); | |
235 | +int rpmb_write(struct mmc *mmc, uint8_t *buffer, size_t num_bytes, int64_t offset) { | |
577 | 236 | |
578 | -#if !defined(CONFIG_IMX_TRUSTY_OS) || defined(CONFIG_SPL_BUILD) | |
237 | + unsigned char *bdata = NULL; | |
238 | + unsigned char *in_buf = (unsigned char *)buffer; | |
239 | + unsigned long s, cnt; | |
240 | + unsigned long blksz; | |
241 | + size_t num_write = 0; | |
242 | + unsigned short part_start, part_length, part_end, bs; | |
243 | + margin_pos_t margin; | |
244 | + char original_part; | |
245 | + uint8_t *blob = NULL; | |
246 | + struct blk_desc *desc = mmc_get_blk_desc(mmc); | |
247 | + ALLOC_CACHE_ALIGN_BUFFER(uint8_t, extract_key, RPMBKEY_LENGTH); | |
248 | + | |
249 | + struct keyslot_package kp; | |
250 | + int ret; | |
251 | + | |
252 | + blksz = RPMB_BLKSZ; | |
253 | + part_length = mmc->capacity_rpmb >> 8; | |
254 | + part_start = 0; | |
255 | + part_end = part_start + part_length - 1; | |
256 | + | |
257 | + DEBUGAVB("[rpmb]: offset=%ld, num_bytes=%zu\n", (long)offset, num_bytes); | |
258 | + | |
259 | + if(get_margin_pos(part_start, part_end, blksz, | |
260 | + &margin, offset, num_bytes, false)) { | |
261 | + ERR("get_margin_pos err\n"); | |
262 | + return -1; | |
263 | + } | |
264 | + | |
265 | + bs = (unsigned short)margin.blk_start; | |
266 | + s = margin.start; | |
267 | + | |
268 | + /* Switch to the RPMB partition */ | |
269 | + original_part = desc->hwpart; | |
270 | + if (desc->hwpart != MMC_PART_RPMB) { | |
271 | + if (mmc_switch_part(mmc, MMC_PART_RPMB) != 0) | |
272 | + return -1; | |
273 | + desc->hwpart = MMC_PART_RPMB; | |
274 | + } | |
275 | + | |
276 | + /* get rpmb key */ | |
277 | + blob = (uint8_t *)memalign(ARCH_DMA_MINALIGN, RPMBKEY_BLOB_LEN); | |
278 | + if (read_keyslot_package(&kp)) { | |
279 | + ERR("read rpmb key error\n"); | |
280 | + ret = -1; | |
281 | + goto fail; | |
282 | + } | |
283 | + /* copy rpmb key to blob */ | |
284 | + memcpy(blob, kp.rpmb_keyblob, RPMBKEY_BLOB_LEN); | |
285 | + caam_open(); | |
286 | + if (caam_decap_blob((ulong)extract_key, (ulong)blob, | |
287 | + RPMBKEY_LENGTH)) { | |
288 | + ERR("decap rpmb key error\n"); | |
289 | + ret = -1; | |
290 | + goto fail; | |
291 | + } | |
292 | + /* alloc a blksz mem */ | |
293 | + bdata = (unsigned char *)memalign(ALIGN_BYTES, blksz); | |
294 | + if (bdata == NULL) { | |
295 | + ret = -1; | |
296 | + goto fail; | |
297 | + } | |
298 | + while (num_write < num_bytes) { | |
299 | + memset(bdata, 0, blksz); | |
300 | + cnt = blksz - s; | |
301 | + if (num_write + cnt > num_bytes) | |
302 | + cnt = num_bytes - num_write; | |
303 | + if (!s || cnt != blksz) { /* read blk first */ | |
304 | + if (mmc_rpmb_read(mmc, bdata, bs, 1, extract_key) != 1) { | |
305 | + ERR("mmc_rpmb_read err, mmc= 0x%08x\n", (uint32_t)(ulong)mmc); | |
306 | + ret = -1; | |
307 | + goto fail; | |
308 | + } | |
309 | + } | |
310 | + memcpy(bdata + s, in_buf, cnt); /* change data */ | |
311 | + VDEBUG("cur: bs=%d, start=%ld, cnt=%ld\n", bs, s, cnt); | |
312 | + if (mmc_rpmb_write(mmc, bdata, bs, 1, extract_key) != 1) { | |
313 | + ret = -1; | |
314 | + goto fail; | |
315 | + } | |
316 | + bs++; | |
317 | + num_write += cnt; | |
318 | + in_buf += cnt; | |
319 | + if (s != 0) | |
320 | + s = 0; | |
321 | + } | |
322 | + ret = 0; | |
323 | + | |
324 | +fail: | |
325 | + /* Return to original partition */ | |
326 | + if (desc->hwpart != original_part) { | |
327 | + if (mmc_switch_part(mmc, original_part) != 0) | |
328 | + return -1; | |
329 | + desc->hwpart = original_part; | |
330 | + } | |
331 | + if (blob != NULL) | |
332 | + free(blob); | |
333 | + if (bdata != NULL) | |
334 | + free(bdata); | |
335 | + | |
336 | + return ret; | |
337 | + | |
338 | +} | |
339 | + | |
579 | 340 | int rpmb_init(void) { |
580 | 341 | #if !defined(CONFIG_SPL_BUILD) || !defined(CONFIG_DUAL_BOOTLOADER) |
581 | 342 | int i; |
582 | 343 | |
... | ... | @@ -692,9 +453,7 @@ |
692 | 453 | |
693 | 454 | return 0; |
694 | 455 | } |
695 | -#endif /* !CONFIG_IMX_TRUSTY_OS || CONFIG_SPL_BUILD */ | |
696 | 456 | |
697 | -#if defined(CONFIG_SPL_BUILD) || !defined(CONFIG_ARM64) | |
698 | 457 | int gen_rpmb_key(struct keyslot_package *kp) { |
699 | 458 | char original_part; |
700 | 459 | unsigned char* fill = NULL; |
701 | 460 | |
702 | 461 | |
... | ... | @@ -715,9 +474,13 @@ |
715 | 474 | printf("boota: cannot find '%d' mmc device\n", mmcc); |
716 | 475 | return -1; |
717 | 476 | } |
477 | +#ifndef CONFIG_BLK | |
718 | 478 | original_part = mmc->block_dev.hwpart; |
719 | - | |
720 | 479 | dev_desc = blk_get_dev("mmc", mmcc); |
480 | +#else | |
481 | + dev_desc = mmc_get_blk_desc(mmc); | |
482 | + original_part = dev_desc->hwpart; | |
483 | +#endif | |
721 | 484 | if (NULL == dev_desc) { |
722 | 485 | printf("** Block device MMC %d not supported\n", mmcc); |
723 | 486 | goto fail; |
724 | 487 | |
725 | 488 | |
... | ... | @@ -766,11 +529,19 @@ |
766 | 529 | } |
767 | 530 | |
768 | 531 | /* program key to mmc */ |
532 | +#ifndef CONFIG_BLK | |
769 | 533 | if (mmc->block_dev.hwpart != MMC_PART_RPMB) { |
770 | 534 | if (mmc_switch_part(mmc, MMC_PART_RPMB) != 0) |
771 | - goto fail; | |
535 | + return -1; | |
772 | 536 | mmc->block_dev.hwpart = MMC_PART_RPMB; |
773 | 537 | } |
538 | +#else | |
539 | + if (dev_desc->hwpart != MMC_PART_RPMB) { | |
540 | + if (mmc_switch_part(mmc, MMC_PART_RPMB) != 0) | |
541 | + return -1; | |
542 | + dev_desc->hwpart = MMC_PART_RPMB; | |
543 | + } | |
544 | +#endif | |
774 | 545 | if (mmc_rpmb_set_key(mmc, plain_key)) { |
775 | 546 | ERR("Key already programmed ?\n"); |
776 | 547 | goto fail; |
777 | 548 | |
778 | 549 | |
779 | 550 | |
780 | 551 | |
781 | 552 | |
782 | 553 | |
... | ... | @@ -783,236 +554,22 @@ |
783 | 554 | free(fill); |
784 | 555 | |
785 | 556 | /* Return to original partition */ |
557 | +#ifndef CONFIG_BLK | |
786 | 558 | if (mmc->block_dev.hwpart != original_part) { |
787 | 559 | if (mmc_switch_part(mmc, original_part) != 0) |
788 | 560 | return -1; |
789 | 561 | mmc->block_dev.hwpart = original_part; |
790 | 562 | } |
791 | - return ret; | |
792 | - | |
793 | -} | |
794 | - | |
795 | -int rpmb_read(struct mmc *mmc, uint8_t *buffer, size_t num_bytes, int64_t offset) { | |
796 | - | |
797 | - unsigned char *bdata = NULL; | |
798 | - unsigned char *out_buf = (unsigned char *)buffer; | |
799 | - unsigned long s, cnt; | |
800 | - unsigned long blksz; | |
801 | - size_t num_read = 0; | |
802 | - unsigned short part_start, part_length, part_end, bs, be; | |
803 | - margin_pos_t margin; | |
804 | - char original_part; | |
805 | - uint8_t *blob = NULL; | |
806 | - struct blk_desc *desc = mmc_get_blk_desc(mmc); | |
807 | - ALLOC_CACHE_ALIGN_BUFFER(uint8_t, extract_key, RPMBKEY_LENGTH); | |
808 | - | |
809 | -#ifdef AVB_RPMB | |
810 | - struct keyslot_package kp; | |
811 | -#endif | |
812 | - | |
813 | - int ret; | |
814 | - | |
815 | - blksz = RPMB_BLKSZ; | |
816 | - part_length = mmc->capacity_rpmb >> 8; | |
817 | - part_start = 0; | |
818 | - part_end = part_start + part_length - 1; | |
819 | - | |
820 | - DEBUGAVB("[rpmb]: offset=%ld, num_bytes=%zu\n", (long)offset, num_bytes); | |
821 | - | |
822 | - if(get_margin_pos(part_start, part_end, blksz, | |
823 | - &margin, offset, num_bytes, false)) | |
824 | - return -1; | |
825 | - | |
826 | - bs = (unsigned short)margin.blk_start; | |
827 | - be = (unsigned short)margin.blk_end; | |
828 | - s = margin.start; | |
829 | - | |
830 | - /* Switch to the RPMB partition */ | |
831 | - original_part = desc->hwpart; | |
832 | - if (desc->hwpart != MMC_PART_RPMB) { | |
833 | - if (mmc_switch_part(mmc, MMC_PART_RPMB) != 0) | |
834 | - return -1; | |
835 | - desc->hwpart = MMC_PART_RPMB; | |
836 | - } | |
837 | - | |
838 | - /* get rpmb key */ | |
839 | - blob = (uint8_t *)memalign(ARCH_DMA_MINALIGN, RPMBKEY_BLOB_LEN); | |
840 | -#ifdef AVB_RPMB | |
841 | - if (read_keyslot_package(&kp)) { | |
842 | 563 | #else |
843 | - if (fsl_fuse_read((uint32_t *)blob, RPMBKEY_FUSE_LENW, RPMBKEY_FUSE_OFFSET)){ | |
844 | -#endif | |
845 | - ERR("read rpmb key error\n"); | |
846 | - ret = -1; | |
847 | - goto fail; | |
848 | - } | |
849 | - /* copy rpmb key to blob */ | |
850 | -#ifdef AVB_RPMB | |
851 | - memcpy(blob, kp.rpmb_keyblob, RPMBKEY_BLOB_LEN); | |
852 | -#endif | |
853 | - caam_open(); | |
854 | - if (caam_decap_blob((ulong)extract_key, (ulong)blob, | |
855 | - RPMBKEY_LENGTH)) { | |
856 | - ERR("decap rpmb key error\n"); | |
857 | - ret = -1; | |
858 | - goto fail; | |
859 | - } | |
860 | - | |
861 | - /* alloc a blksz mem */ | |
862 | - bdata = (unsigned char *)memalign(ALIGN_BYTES, blksz); | |
863 | - if (bdata == NULL) { | |
864 | - ret = -1; | |
865 | - goto fail; | |
866 | - } | |
867 | - /* one block a time */ | |
868 | - while (bs <= be) { | |
869 | - memset(bdata, 0, blksz); | |
870 | - if (mmc_rpmb_read(mmc, bdata, bs, 1, extract_key) != 1) { | |
871 | - ret = -1; | |
872 | - goto fail; | |
873 | - } | |
874 | - cnt = blksz - s; | |
875 | - if (num_read + cnt > num_bytes) | |
876 | - cnt = num_bytes - num_read; | |
877 | - VDEBUG("cur: bs=%d, start=%ld, cnt=%ld bdata=0x%p\n", | |
878 | - bs, s, cnt, bdata); | |
879 | - memcpy(out_buf, bdata + s, cnt); | |
880 | - bs++; | |
881 | - num_read += cnt; | |
882 | - out_buf += cnt; | |
883 | - s = 0; | |
884 | - } | |
885 | - ret = 0; | |
886 | - | |
887 | -fail: | |
888 | - /* Return to original partition */ | |
889 | - if (desc->hwpart != original_part) { | |
564 | + if (dev_desc->hwpart != original_part) { | |
890 | 565 | if (mmc_switch_part(mmc, original_part) != 0) |
891 | 566 | return -1; |
892 | - desc->hwpart = original_part; | |
567 | + dev_desc->hwpart = original_part; | |
893 | 568 | } |
894 | - if (blob != NULL) | |
895 | - free(blob); | |
896 | - if (bdata != NULL) | |
897 | - free(bdata); | |
898 | - return ret; | |
899 | - | |
900 | -} | |
901 | -int rpmb_write(struct mmc *mmc, uint8_t *buffer, size_t num_bytes, int64_t offset) { | |
902 | - | |
903 | - unsigned char *bdata = NULL; | |
904 | - unsigned char *in_buf = (unsigned char *)buffer; | |
905 | - unsigned long s, cnt; | |
906 | - unsigned long blksz; | |
907 | - size_t num_write = 0; | |
908 | - unsigned short part_start, part_length, part_end, bs; | |
909 | - margin_pos_t margin; | |
910 | - char original_part; | |
911 | - uint8_t *blob = NULL; | |
912 | - struct blk_desc *desc = mmc_get_blk_desc(mmc); | |
913 | - ALLOC_CACHE_ALIGN_BUFFER(uint8_t, extract_key, RPMBKEY_LENGTH); | |
914 | - | |
915 | -#ifdef AVB_RPMB | |
916 | - struct keyslot_package kp; | |
917 | 569 | #endif |
918 | - | |
919 | - int ret; | |
920 | - | |
921 | - blksz = RPMB_BLKSZ; | |
922 | - part_length = mmc->capacity_rpmb >> 8; | |
923 | - part_start = 0; | |
924 | - part_end = part_start + part_length - 1; | |
925 | - | |
926 | - DEBUGAVB("[rpmb]: offset=%ld, num_bytes=%zu\n", (long)offset, num_bytes); | |
927 | - | |
928 | - if(get_margin_pos(part_start, part_end, blksz, | |
929 | - &margin, offset, num_bytes, false)) { | |
930 | - ERR("get_margin_pos err\n"); | |
931 | - return -1; | |
932 | - } | |
933 | - | |
934 | - bs = (unsigned short)margin.blk_start; | |
935 | - s = margin.start; | |
936 | - | |
937 | - /* Switch to the RPMB partition */ | |
938 | - original_part = desc->hwpart; | |
939 | - if (desc->hwpart != MMC_PART_RPMB) { | |
940 | - if (mmc_switch_part(mmc, MMC_PART_RPMB) != 0) | |
941 | - return -1; | |
942 | - desc->hwpart = MMC_PART_RPMB; | |
943 | - } | |
944 | - | |
945 | - /* get rpmb key */ | |
946 | - blob = (uint8_t *)memalign(ARCH_DMA_MINALIGN, RPMBKEY_BLOB_LEN); | |
947 | -#ifdef AVB_RPMB | |
948 | - if (read_keyslot_package(&kp)) { | |
949 | -#else | |
950 | - if (fsl_fuse_read((uint32_t *)blob, RPMBKEY_FUSE_LENW, RPMBKEY_FUSE_OFFSET)){ | |
951 | -#endif | |
952 | - ERR("read rpmb key error\n"); | |
953 | - ret = -1; | |
954 | - goto fail; | |
955 | - } | |
956 | - /* copy rpmb key to blob */ | |
957 | -#ifdef AVB_RPMB | |
958 | - memcpy(blob, kp.rpmb_keyblob, RPMBKEY_BLOB_LEN); | |
959 | -#endif | |
960 | - caam_open(); | |
961 | - if (caam_decap_blob((ulong)extract_key, (ulong)blob, | |
962 | - RPMBKEY_LENGTH)) { | |
963 | - ERR("decap rpmb key error\n"); | |
964 | - ret = -1; | |
965 | - goto fail; | |
966 | - } | |
967 | - /* alloc a blksz mem */ | |
968 | - bdata = (unsigned char *)memalign(ALIGN_BYTES, blksz); | |
969 | - if (bdata == NULL) { | |
970 | - ret = -1; | |
971 | - goto fail; | |
972 | - } | |
973 | - while (num_write < num_bytes) { | |
974 | - memset(bdata, 0, blksz); | |
975 | - cnt = blksz - s; | |
976 | - if (num_write + cnt > num_bytes) | |
977 | - cnt = num_bytes - num_write; | |
978 | - if (!s || cnt != blksz) { /* read blk first */ | |
979 | - if (mmc_rpmb_read(mmc, bdata, bs, 1, extract_key) != 1) { | |
980 | - ERR("mmc_rpmb_read err, mmc= 0x%08x\n", (uint32_t)(ulong)mmc); | |
981 | - ret = -1; | |
982 | - goto fail; | |
983 | - } | |
984 | - } | |
985 | - memcpy(bdata + s, in_buf, cnt); /* change data */ | |
986 | - VDEBUG("cur: bs=%d, start=%ld, cnt=%ld\n", bs, s, cnt); | |
987 | - if (mmc_rpmb_write(mmc, bdata, bs, 1, extract_key) != 1) { | |
988 | - ret = -1; | |
989 | - goto fail; | |
990 | - } | |
991 | - bs++; | |
992 | - num_write += cnt; | |
993 | - in_buf += cnt; | |
994 | - if (s != 0) | |
995 | - s = 0; | |
996 | - } | |
997 | - ret = 0; | |
998 | - | |
999 | -fail: | |
1000 | - /* Return to original partition */ | |
1001 | - if (desc->hwpart != original_part) { | |
1002 | - if (mmc_switch_part(mmc, original_part) != 0) | |
1003 | - return -1; | |
1004 | - desc->hwpart = original_part; | |
1005 | - } | |
1006 | - if (blob != NULL) | |
1007 | - free(blob); | |
1008 | - if (bdata != NULL) | |
1009 | - free(bdata); | |
1010 | - | |
1011 | 570 | return ret; |
1012 | 571 | |
1013 | 572 | } |
1014 | -#endif /* CONFIG_SPL_BUILD || !CONFIG_ARM64 */ | |
1015 | -//#ifndef CONFIG_SPL_BUILD | |
1016 | 573 | |
1017 | 574 | int init_avbkey(void) { |
1018 | 575 | #ifndef CONFIG_ARM64 |
... | ... | @@ -1035,90 +592,7 @@ |
1035 | 592 | return RESULT_OK; |
1036 | 593 | } |
1037 | 594 | |
1038 | -#ifndef CONFIG_SPL_BUILD | |
1039 | -#ifndef CONFIG_ARM64 | |
1040 | -static int rpmb_key(struct mmc *mmc) { | |
1041 | - char original_part; | |
1042 | - int ret = 0; | |
1043 | - struct blk_desc *desc = mmc_get_blk_desc(mmc); | |
1044 | - ALLOC_CACHE_ALIGN_BUFFER(uint8_t, blob, RPMBKEY_FUSE_LEN); | |
1045 | - ALLOC_CACHE_ALIGN_BUFFER(uint8_t, plain_key, RPMBKEY_LENGTH); | |
1046 | - | |
1047 | - DEBUGAVB("[rpmb]: set kley\n"); | |
1048 | - | |
1049 | - /* Switch to the RPMB partition */ | |
1050 | - original_part = desc->hwpart; | |
1051 | - if (desc->hwpart != MMC_PART_RPMB) { | |
1052 | - if (mmc_switch_part(mmc, MMC_PART_RPMB) != 0) { | |
1053 | - ERR("failed to switch part!\n"); | |
1054 | - return -1; | |
1055 | - } | |
1056 | - desc->hwpart = MMC_PART_RPMB; | |
1057 | - } | |
1058 | - | |
1059 | - /* use caam hwrng to generate */ | |
1060 | - caam_open(); | |
1061 | - if (caam_hwrng(plain_key, RPMBKEY_LENGTH)) { | |
1062 | - ERR("ERROR - caam rng\n"); | |
1063 | - ret = -1; | |
1064 | - goto fail; | |
1065 | - } | |
1066 | - | |
1067 | - /* generate keyblob and program to fuse */ | |
1068 | - if (caam_gen_blob((ulong)plain_key, (ulong)blob, | |
1069 | - RPMBKEY_LENGTH)) { | |
1070 | - ERR("gen rpmb key blb error\n"); | |
1071 | - ret = -1; | |
1072 | - goto fail; | |
1073 | - } | |
1074 | - | |
1075 | - if (fsl_fuse_write((uint32_t *)blob, RPMBKEY_FUSE_LENW, RPMBKEY_FUSE_OFFSET)){ | |
1076 | - ERR("write rpmb key to fuse error\n"); | |
1077 | - ret = -1; | |
1078 | - goto fail; | |
1079 | - } | |
1080 | - | |
1081 | -#ifdef CONFIG_AVB_FUSE | |
1082 | - /* program key to mmc */ | |
1083 | - if (mmc_rpmb_set_key(mmc, plain_key)) { | |
1084 | - ERR("Key already programmed ?\n"); | |
1085 | - ret = -1; | |
1086 | - goto fail; | |
1087 | - } | |
1088 | -#endif | |
1089 | - | |
1090 | -#ifdef CONFIG_AVB_DEBUG | |
1091 | - /* debug */ | |
1092 | - ALLOC_CACHE_ALIGN_BUFFER(uint8_t, ext_key, RPMBKEY_LENGTH); | |
1093 | - printf(" RPMB plain kay---\n"); | |
1094 | - print_buffer(0, plain_key, HEXDUMP_WIDTH, RPMBKEY_LENGTH, 0); | |
1095 | - if (fsl_fuse_read((uint32_t *)blob, RPMBKEY_FUSE_LENW, RPMBKEY_FUSE_OFFSET)){ | |
1096 | - ERR("read rpmb key to fuse error\n"); | |
1097 | - ret = -1; | |
1098 | - goto fail; | |
1099 | - } | |
1100 | - printf(" RPMB blob---\n"); | |
1101 | - print_buffer(0, blob, HEXDUMP_WIDTH, RPMBKEY_FUSE_LEN, 0); | |
1102 | - if (caam_decap_blob((uint32_t)ext_key, (uint32_t)blob, RPMBKEY_LENGTH)) { | |
1103 | - ret = -1; | |
1104 | - goto fail; | |
1105 | - } | |
1106 | - printf(" RPMB extract---\n"); | |
1107 | - print_buffer(0, ext_key, HEXDUMP_WIDTH, RPMBKEY_LENGTH, 0); | |
1108 | - /* debug done */ | |
1109 | -#endif | |
1110 | - | |
1111 | -fail: | |
1112 | - /* Return to original partition */ | |
1113 | - if (desc->hwpart != original_part) { | |
1114 | - if (mmc_switch_part(mmc, original_part) != 0) | |
1115 | - return -1; | |
1116 | - desc->hwpart = original_part; | |
1117 | - } | |
1118 | - return ret; | |
1119 | - | |
1120 | -} | |
1121 | - | |
595 | +#ifndef CONFIG_IMX_TRUSTY_OS | |
1122 | 596 | int rbkidx_erase(void) { |
1123 | 597 | int i; |
1124 | 598 | kblb_hdr_t hdr; |
1125 | 599 | |
1126 | 600 | |
1127 | 601 | |
1128 | 602 | |
1129 | 603 | |
1130 | 604 | |
1131 | 605 | |
1132 | 606 | |
1133 | 607 | |
1134 | 608 | |
1135 | 609 | |
1136 | 610 | |
1137 | 611 | |
1138 | 612 | |
1139 | 613 | |
1140 | 614 | |
1141 | 615 | |
1142 | 616 | |
1143 | 617 | |
1144 | 618 | |
1145 | 619 | |
1146 | 620 | |
1147 | 621 | |
1148 | 622 | |
1149 | 623 | |
1150 | 624 | |
1151 | 625 | |
1152 | 626 | |
1153 | 627 | |
1154 | 628 | |
1155 | 629 | |
1156 | 630 | |
1157 | 631 | |
1158 | 632 | |
1159 | 633 | |
1160 | 634 | |
1161 | 635 | |
1162 | 636 | |
1163 | 637 | |
1164 | 638 | |
1165 | 639 | |
1166 | 640 | |
1167 | 641 | |
1168 | 642 | |
1169 | 643 | |
1170 | 644 | |
1171 | 645 | |
1172 | 646 | |
1173 | 647 | |
1174 | 648 | |
1175 | 649 | |
1176 | 650 | |
1177 | 651 | |
1178 | 652 | |
1179 | 653 | |
1180 | 654 | |
1181 | 655 | |
1182 | 656 | |
1183 | 657 | |
1184 | 658 | |
1185 | 659 | |
1186 | 660 | |
1187 | 661 | |
1188 | 662 | |
... | ... | @@ -1169,407 +643,347 @@ |
1169 | 643 | } |
1170 | 644 | return 0; |
1171 | 645 | } |
646 | +#endif /* CONFIG_FSL_CAAM_KB */ | |
647 | +#endif /* CONFIG_IMX_TRUSTY_OS */ | |
648 | +#else /* AVB_RPMB */ | |
649 | +int rbkidx_erase(void) { | |
650 | + return 0; | |
651 | +} | |
652 | +#endif /* AVB_RPMB */ | |
1172 | 653 | |
1173 | -int avbkey_init(uint8_t *plainkey, uint32_t keylen) { | |
1174 | - int i; | |
1175 | - kblb_hdr_t hdr; | |
1176 | - kblb_tag_t *tag; | |
1177 | - struct mmc *mmc_dev; | |
1178 | - uint32_t init_flag; | |
654 | +#ifdef CONFIG_SPL_BUILD | |
655 | +#if defined(CONFIG_IMX_TRUSTY_OS) && defined(CONFIG_ANDROID_AUTO_SUPPORT) | |
656 | +int check_rpmb_blob(struct mmc *mmc) | |
657 | +{ | |
658 | + int ret = 0; | |
659 | + char original_part; | |
660 | + struct keyslot_package kp; | |
1179 | 661 | |
1180 | - /* int ret; */ | |
1181 | - | |
1182 | - assert(plainkey != NULL); | |
1183 | - | |
1184 | - /* check overflow */ | |
1185 | - if (keylen > AVB_RBIDX_START - AVB_PUBKY_OFFSET) { | |
1186 | - ERR("key len overflow\n"); | |
1187 | - return -1; | |
662 | + read_keyslot_package(&kp); | |
663 | + if (strcmp(kp.magic, KEYPACK_MAGIC)) { | |
664 | + printf("keyslot package magic error, do nothing here!\n"); | |
665 | + return 0; | |
1188 | 666 | } |
667 | + /* If keyslot package valid, copy it to secure memory */ | |
668 | + fill_secure_keyslot_package(&kp); | |
1189 | 669 | |
1190 | - /* check init status */ | |
1191 | - if (fsl_fuse_read(&init_flag, 1, INITFLAG_FUSE_OFFSET)) { | |
1192 | - ERR("ERROR - read fuse init flag error\n"); | |
1193 | - return -1; | |
670 | + /* switch to boot1 partition. */ | |
671 | + original_part = mmc->block_dev.hwpart; | |
672 | + if (mmc_switch_part(mmc, KEYSLOT_HWPARTITION_ID) != 0) { | |
673 | + printf("ERROR - can't switch to boot1 partition! \n"); | |
674 | + ret = -1; | |
675 | + goto fail; | |
676 | + } else | |
677 | + mmc->block_dev.hwpart = KEYSLOT_HWPARTITION_ID; | |
678 | + /* write power-on write protection for boot1 partition. */ | |
679 | + if (mmc_switch(mmc, EXT_CSD_CMD_SET_NORMAL, | |
680 | + EXT_CSD_BOOT_WP, BOOT1_PWR_WP)) { | |
681 | + printf("ERROR - unable to set power-on write protection!\n"); | |
682 | + ret = -1; | |
683 | + goto fail; | |
1194 | 684 | } |
1195 | - if ((init_flag & INITFLAG_FUSE_MASK) == INITFLAG_FUSE) { | |
1196 | - ERR("ERROR - already inited\n"); | |
1197 | - return -1; | |
685 | +fail: | |
686 | + /* return to original partition. */ | |
687 | + if (mmc->block_dev.hwpart != original_part) { | |
688 | + if (mmc_switch_part(mmc, original_part) != 0) | |
689 | + return -1; | |
690 | + mmc->block_dev.hwpart = original_part; | |
1198 | 691 | } |
1199 | - init_flag = INITFLAG_FUSE & INITFLAG_FUSE_MASK; | |
1200 | 692 | |
1201 | - /* generate and write key to mmc/fuse */ | |
1202 | - if ((mmc_dev = get_mmc()) == NULL) { | |
1203 | - ERR("ERROR - get mmc device\n"); | |
1204 | - return -1; | |
1205 | - } | |
1206 | - if (rpmb_key(mmc_dev)) { | |
1207 | - ERR("ERROR - write mmc rpmb key\n"); | |
1208 | - return -1; | |
1209 | - } | |
693 | + return ret; | |
694 | +} | |
695 | +#endif /* CONFIG_IMX_TRUSTY_OS && CONFIG_ANDROID_AUTO_SUPPORT */ | |
696 | +#else /* CONFIG_SPL_BUILD */ | |
697 | +#ifdef CONFIG_AVB_ATX | |
698 | +static int fsl_fuse_ops(uint32_t *buffer, uint32_t length, uint32_t offset, | |
699 | + const uint8_t read) { | |
1210 | 700 | |
1211 | - if (fsl_fuse_write(&init_flag, 1, INITFLAG_FUSE_OFFSET)){ | |
1212 | - ERR("write fuse init error\n"); | |
1213 | - return -1; | |
1214 | - } | |
701 | + unsigned short bs, ws, bksz, cnt; | |
702 | + unsigned short num_done = 0; | |
703 | + margin_pos_t margin; | |
704 | + int i; | |
1215 | 705 | |
1216 | - /* init pubkey */ | |
1217 | - tag = &hdr.pubk_tag; | |
1218 | - tag->flag = AVB_PUBKY_FLAG; | |
1219 | - tag->offset = AVB_PUBKY_OFFSET; | |
1220 | - tag->len = keylen; | |
1221 | - | |
1222 | - if (rpmb_write(mmc_dev, plainkey, tag->len, tag->offset) != 0) { | |
1223 | - ERR("write RPMB error\n"); | |
706 | + /* read from fuse */ | |
707 | + bksz = CONFIG_AVB_FUSE_BANK_SIZEW; | |
708 | + if(get_margin_pos(CONFIG_AVB_FUSE_BANK_START, CONFIG_AVB_FUSE_BANK_END, bksz, | |
709 | + &margin, offset, length, false)) | |
1224 | 710 | return -1; |
1225 | - } | |
711 | + bs = (unsigned short)margin.blk_start; | |
712 | + ws = (unsigned short)margin.start; | |
1226 | 713 | |
1227 | - /* init rollback index */ | |
1228 | - uint32_t offset = AVB_RBIDX_START; | |
1229 | - uint32_t rbidx_len = AVB_RBIDX_LEN; | |
1230 | - uint8_t *rbidx = malloc(rbidx_len); | |
1231 | - if (rbidx == NULL) | |
1232 | - return -1; | |
1233 | - memset(rbidx, 0, rbidx_len); | |
1234 | - *(uint64_t *)rbidx = AVB_RBIDX_INITVAL; | |
1235 | - for (i = 0; i < AVB_MAX_NUMBER_OF_ROLLBACK_INDEX_LOCATIONS; i++) { | |
1236 | - tag = &hdr.rbk_tags[i]; | |
1237 | - tag->flag = AVB_RBIDX_FLAG; | |
1238 | - tag->offset = offset; | |
1239 | - tag->len = rbidx_len; | |
1240 | - if (rpmb_write(mmc_dev, rbidx, tag->len, tag->offset) != 0) { | |
1241 | - ERR("write RBKIDX RPMB error\n"); | |
1242 | - free(rbidx); | |
1243 | - return -1; | |
714 | + while (num_done < length) { | |
715 | + cnt = bksz - ws; | |
716 | + if (num_done + cnt > length) | |
717 | + cnt = length - num_done; | |
718 | + for (i = 0; i < cnt; i++) { | |
719 | + VDEBUG("cur: bank=%d, word=%d\n",bs, ws); | |
720 | + if (read) { | |
721 | + if (fuse_sense(bs, ws, buffer)) { | |
722 | + ERR("read fuse bank %d, word %d error\n", bs, ws); | |
723 | + return -1; | |
724 | + } | |
725 | + } else { | |
726 | +#ifdef CONFIG_AVB_FUSE | |
727 | + if (fuse_prog(bs, ws, *buffer)) { | |
728 | +#else | |
729 | + if (fuse_override(bs, ws, *buffer)) { | |
730 | +#endif | |
731 | + ERR("write fuse bank %d, word %d error\n", bs, ws); | |
732 | + return -1; | |
733 | + } | |
734 | + } | |
735 | + ws++; | |
736 | + buffer++; | |
1244 | 737 | } |
1245 | - offset += AVB_RBIDX_ALIGN; | |
738 | + bs++; | |
739 | + num_done += cnt; | |
740 | + ws = 0; | |
1246 | 741 | } |
1247 | - free(rbidx); | |
742 | + return 0; | |
743 | +} | |
1248 | 744 | |
1249 | - /* init hdr */ | |
1250 | - memcpy(hdr.magic, AVB_KBLB_MAGIC, AVB_KBLB_MAGIC_LEN); | |
1251 | - if (rpmb_write(mmc_dev, (uint8_t *)&hdr, sizeof(hdr), 0) != 0) { | |
1252 | - ERR("write RPMB hdr error\n"); | |
1253 | - return -1; | |
1254 | - } | |
745 | +int fsl_fuse_read(uint32_t *buffer, uint32_t length, uint32_t offset) { | |
1255 | 746 | |
1256 | - return 0; | |
747 | + return fsl_fuse_ops( | |
748 | + buffer, | |
749 | + length, | |
750 | + offset, | |
751 | + 1 | |
752 | + ); | |
1257 | 753 | } |
1258 | -#endif /* CONFIG_ARM64 */ | |
1259 | 754 | |
1260 | -/* Checks if the given public key used to sign the 'vbmeta' | |
1261 | - * partition is trusted. Boot loaders typically compare this with | |
1262 | - * embedded key material generated with 'avbtool | |
1263 | - * extract_public_key'. | |
1264 | - * | |
1265 | - * If AVB_IO_RESULT_OK is returned then |out_is_trusted| is set - | |
1266 | - * true if trusted or false if untrusted. | |
1267 | - */ | |
1268 | -AvbIOResult fsl_validate_vbmeta_public_key_rpmb(AvbOps* ops, | |
1269 | - const uint8_t* public_key_data, | |
1270 | - size_t public_key_length, | |
1271 | - const uint8_t* public_key_metadata, | |
1272 | - size_t public_key_metadata_length, | |
1273 | - bool* out_is_trusted) { | |
1274 | - AvbIOResult ret; | |
1275 | - assert(ops != NULL && out_is_trusted != NULL); | |
1276 | - *out_is_trusted = false; | |
755 | +int fsl_fuse_write(const uint32_t *buffer, uint32_t length, uint32_t offset) { | |
1277 | 756 | |
1278 | - /* match given public key */ | |
1279 | - if (memcmp(fsl_public_key, public_key_data, public_key_length)) { | |
1280 | - ret = AVB_IO_RESULT_ERROR_IO; | |
1281 | - ERR("public key not match\n"); | |
1282 | - return AVB_IO_RESULT_ERROR_IO; | |
1283 | - } | |
757 | + return fsl_fuse_ops( | |
758 | + (uint32_t *)buffer, | |
759 | + length, | |
760 | + offset, | |
761 | + 0 | |
762 | + ); | |
763 | +} | |
1284 | 764 | |
1285 | - *out_is_trusted = true; | |
1286 | - ret = AVB_IO_RESULT_OK; | |
765 | +static int sha256(unsigned char* data, int len, unsigned char* output) { | |
766 | + struct hash_algo *algo; | |
767 | + void *buf; | |
1287 | 768 | |
1288 | - return ret; | |
769 | + if (hash_lookup_algo("sha256", &algo)) { | |
770 | + printf("error in lookup sha256 algo!\n"); | |
771 | + return RESULT_ERROR; | |
772 | + } | |
773 | + buf = map_sysmem((ulong)data, len); | |
774 | + algo->hash_func_ws(buf, len, output, algo->chunk_size); | |
775 | + unmap_sysmem(buf); | |
776 | + | |
777 | + return algo->digest_size; | |
1289 | 778 | } |
1290 | 779 | |
1291 | -/* Gets the rollback index corresponding to the slot given by | |
1292 | - * |rollback_index_slot|. The value is returned in | |
1293 | - * |out_rollback_index|. Returns AVB_IO_RESULT_OK if the rollback | |
1294 | - * index was retrieved, otherwise an error code. | |
1295 | - * | |
1296 | - * A device may have a limited amount of rollback index slots (say, | |
1297 | - * one or four) so may error out if |rollback_index_slot| exceeds | |
1298 | - * this number. | |
1299 | - */ | |
1300 | -AvbIOResult fsl_read_rollback_index_rpmb(AvbOps* ops, size_t rollback_index_slot, | |
1301 | - uint64_t* out_rollback_index) { | |
1302 | - AvbIOResult ret; | |
780 | +int permanent_attributes_sha256_hash(unsigned char* output) { | |
781 | + AvbAtxPermanentAttributes attributes; | |
782 | + | |
1303 | 783 | #ifdef CONFIG_IMX_TRUSTY_OS |
1304 | - if (trusty_read_rollback_index(rollback_index_slot, out_rollback_index)) { | |
1305 | - ERR("read rollback from Trusty error!"); | |
1306 | - ret = AVB_IO_RESULT_ERROR_IO; | |
784 | + if(!trusty_read_permanent_attributes((uint8_t *)(&attributes), | |
785 | + sizeof(AvbAtxPermanentAttributes))) { | |
786 | + goto calc_sha256; | |
1307 | 787 | } else { |
1308 | - ret = AVB_IO_RESULT_OK; | |
788 | + ERR("No perm-attr fused. Will use hard code one.\n"); | |
1309 | 789 | } |
1310 | - return ret; | |
1311 | -#else | |
1312 | - kblb_hdr_t hdr; | |
1313 | - kblb_tag_t *rbk; | |
1314 | - uint64_t *extract_idx = NULL; | |
1315 | - struct mmc *mmc_dev; | |
1316 | -#ifdef CONFIG_AVB_ATX | |
1317 | - static const uint32_t kTypeMask = 0xF000; | |
1318 | - static const unsigned int kTypeShift = 12; | |
1319 | 790 | #endif |
791 | + /* get permanent attributes */ | |
792 | + attributes.version = fsl_version; | |
793 | + memcpy(attributes.product_root_public_key, fsl_product_root_public_key, | |
794 | + sizeof(fsl_product_root_public_key)); | |
795 | + memcpy(attributes.product_id, fsl_atx_product_id, | |
796 | + sizeof(fsl_atx_product_id)); | |
797 | +#ifdef CONFIG_IMX_TRUSTY_OS | |
798 | +calc_sha256: | |
799 | +#endif | |
800 | + /* calculate sha256(permanent attributes) hash */ | |
801 | + if (sha256((unsigned char *)&attributes, sizeof(AvbAtxPermanentAttributes), | |
802 | + output) == RESULT_ERROR) { | |
803 | + printf("ERROR - calculate permanent attributes hash error"); | |
804 | + return RESULT_ERROR; | |
805 | + } | |
1320 | 806 | |
1321 | - assert(ops != NULL && out_rollback_index != NULL); | |
1322 | - *out_rollback_index = ~0; | |
807 | + return RESULT_OK; | |
808 | +} | |
1323 | 809 | |
1324 | - DEBUGAVB("[rpmb] read rollback slot: %zu\n", rollback_index_slot); | |
810 | +static int init_permanent_attributes_fuse(void) { | |
1325 | 811 | |
1326 | - /* check if the rollback index location exceed the limit */ | |
1327 | -#ifdef CONFIG_AVB_ATX | |
1328 | - if ((rollback_index_slot & ~kTypeMask) >= AVB_MAX_NUMBER_OF_ROLLBACK_INDEX_LOCATIONS) | |
812 | +#ifdef CONFIG_ARM64 | |
813 | + return RESULT_OK; | |
1329 | 814 | #else |
1330 | - if (rollback_index_slot >= AVB_MAX_NUMBER_OF_ROLLBACK_INDEX_LOCATIONS) | |
1331 | -#endif | |
1332 | - return AVB_IO_RESULT_ERROR_IO; | |
815 | + uint8_t sha256_hash[AVB_SHA256_DIGEST_SIZE]; | |
816 | + uint32_t buffer[ATX_FUSE_BANK_NUM]; | |
817 | + int num = 0; | |
1333 | 818 | |
1334 | - if ((mmc_dev = get_mmc()) == NULL) { | |
1335 | - ERR("err get mmc device\n"); | |
1336 | - return AVB_IO_RESULT_ERROR_IO; | |
819 | + /* read first 112 bits of sha256(permanent attributes) from fuse */ | |
820 | + if (fsl_fuse_read(buffer, ATX_FUSE_BANK_NUM, PERMANENT_ATTRIBUTE_HASH_OFFSET)) { | |
821 | + printf("ERROR - read permanent attributes hash from fuse error\n"); | |
822 | + return RESULT_ERROR; | |
1337 | 823 | } |
1338 | - /* read the kblb header */ | |
1339 | - if (rpmb_read(mmc_dev, (uint8_t *)&hdr, sizeof(hdr), 0) != 0) { | |
1340 | - ERR("read RPMB error\n"); | |
1341 | - return AVB_IO_RESULT_ERROR_IO; | |
824 | + /* only take the lower 2 bytes of the last bank */ | |
825 | + buffer[ATX_FUSE_BANK_NUM - 1] &= ATX_FUSE_BANK_MASK; | |
826 | + | |
827 | + /* return RESULT_OK if fuse has been initialized before */ | |
828 | + for (num = 0; num < ATX_FUSE_BANK_NUM; num++) { | |
829 | + if (buffer[num]) | |
830 | + return RESULT_OK; | |
1342 | 831 | } |
1343 | 832 | |
1344 | - if (memcmp(hdr.magic, AVB_KBLB_MAGIC, AVB_KBLB_MAGIC_LEN) != 0) { | |
1345 | - ERR("magic not match\n"); | |
1346 | - return AVB_IO_RESULT_ERROR_IO; | |
833 | + /* calculate sha256(permanent attributes) */ | |
834 | + if (permanent_attributes_sha256_hash(sha256_hash) != RESULT_OK) { | |
835 | + printf("ERROR - calculating permanent attributes SHA256 error!\n"); | |
836 | + return RESULT_ERROR; | |
1347 | 837 | } |
1348 | - /* choose rollback index type */ | |
1349 | -#ifdef CONFIG_AVB_ATX | |
1350 | - if ((rollback_index_slot & kTypeMask) >> kTypeShift) { | |
1351 | - /* rollback index for Android Things key versions */ | |
1352 | - rbk = &hdr.atx_rbk_tags[rollback_index_slot & ~kTypeMask]; | |
1353 | - } else { | |
1354 | - /* rollback index for vbmeta */ | |
1355 | - rbk = &hdr.rbk_tags[rollback_index_slot & ~kTypeMask]; | |
1356 | - } | |
1357 | -#else | |
1358 | - rbk = &hdr.rbk_tags[rollback_index_slot]; | |
1359 | -#endif /* CONFIG_AVB_ATX */ | |
1360 | - extract_idx = malloc(rbk->len); | |
1361 | - if (extract_idx == NULL) | |
1362 | - return AVB_IO_RESULT_ERROR_OOM; | |
1363 | 838 | |
1364 | - /* read rollback_index keyblob */ | |
1365 | - if (rpmb_read(mmc_dev, (uint8_t *)extract_idx, rbk->len, rbk->offset) != 0) { | |
1366 | - ERR("read rollback index error\n"); | |
1367 | - ret = AVB_IO_RESULT_ERROR_IO; | |
1368 | - goto fail; | |
839 | + /* write first 112 bits of sha256(permanent attributes) into fuse */ | |
840 | + memset(buffer, 0, sizeof(buffer)); | |
841 | + memcpy(buffer, sha256_hash, ATX_HASH_LENGTH); | |
842 | + if (fsl_fuse_write(buffer, ATX_FUSE_BANK_NUM, PERMANENT_ATTRIBUTE_HASH_OFFSET)) { | |
843 | + printf("ERROR - write permanent attributes hash to fuse error\n"); | |
844 | + return RESULT_ERROR; | |
1369 | 845 | } |
1370 | 846 | |
1371 | -#ifdef AVB_VVDEBUG | |
1372 | - printf("\n----idx dump: ---\n"); | |
1373 | - print_buffer(0, extract_idx, HEXDUMP_WIDTH, rbk->len, 0); | |
1374 | - printf("--- end ---\n"); | |
1375 | -#endif | |
1376 | - *out_rollback_index = *extract_idx; | |
1377 | - DEBUGAVB("rollback_index = %" PRIu64 "\n", *out_rollback_index); | |
1378 | - ret = AVB_IO_RESULT_OK; | |
1379 | -fail: | |
1380 | - if (extract_idx != NULL) | |
1381 | - free(extract_idx); | |
1382 | - return ret; | |
1383 | -#endif /* CONFIG_IMX_TRUSTY_OS */ | |
847 | + return RESULT_OK; | |
848 | +#endif /* CONFIG_ARM64 */ | |
1384 | 849 | } |
1385 | 850 | |
1386 | -/* Sets the rollback index corresponding to the slot given by | |
1387 | - * |rollback_index_slot| to |rollback_index|. Returns | |
1388 | - * AVB_IO_RESULT_OK if the rollback index was set, otherwise an | |
1389 | - * error code. | |
1390 | - * | |
1391 | - * A device may have a limited amount of rollback index slots (say, | |
1392 | - * one or four) so may error out if |rollback_index_slot| exceeds | |
1393 | - * this number. | |
1394 | - */ | |
1395 | -AvbIOResult fsl_write_rollback_index_rpmb(AvbOps* ops, size_t rollback_index_slot, | |
1396 | - uint64_t rollback_index) { | |
1397 | - AvbIOResult ret; | |
851 | +int avb_atx_fuse_perm_attr(uint8_t *staged_buffer, uint32_t size) { | |
852 | + | |
853 | + if (staged_buffer == NULL) { | |
854 | + ERR("Error. Get null staged_buffer\n"); | |
855 | + return -1; | |
856 | + } | |
857 | + if (size != sizeof(AvbAtxPermanentAttributes)) { | |
858 | + ERR("Error. expect perm_attr length %u, but get %u.\n", | |
859 | + (uint32_t)sizeof(AvbAtxPermanentAttributes), size); | |
860 | + return -1; | |
861 | + } | |
1398 | 862 | #ifdef CONFIG_IMX_TRUSTY_OS |
1399 | - if (trusty_write_rollback_index(rollback_index_slot, rollback_index)) { | |
1400 | - ERR("write rollback from Trusty error!"); | |
1401 | - ret = AVB_IO_RESULT_ERROR_IO; | |
1402 | - } else { | |
1403 | - ret = AVB_IO_RESULT_OK; | |
863 | + if (trusty_write_permanent_attributes(staged_buffer, size)) { | |
864 | + ERR("Error. Failed to write permanent attributes into secure storage\n"); | |
865 | + return -1; | |
1404 | 866 | } |
1405 | - return ret; | |
867 | + else | |
868 | + return init_permanent_attributes_fuse(); | |
1406 | 869 | #else |
1407 | - kblb_hdr_t hdr; | |
1408 | - kblb_tag_t *rbk; | |
1409 | - uint64_t *plain_idx = NULL; | |
1410 | - struct mmc *mmc_dev; | |
1411 | -#ifdef CONFIG_AVB_ATX | |
1412 | - static const uint32_t kTypeMask = 0xF000; | |
1413 | - static const unsigned int kTypeShift = 12; | |
870 | + /* | |
871 | + * TODO: | |
872 | + * Need to handle this when no Trusty OS support. | |
873 | + * But now every Android Things will have Trusty OS support. | |
874 | + */ | |
875 | + ERR("No Trusty OS enabled in bootloader.\n"); | |
876 | + return 0; | |
1414 | 877 | #endif |
878 | +} | |
1415 | 879 | |
1416 | - DEBUGAVB("[rpmb] write to rollback slot: (%zu, %" PRIu64 ")\n", | |
1417 | - rollback_index_slot, rollback_index); | |
880 | +int avb_atx_get_unlock_challenge(struct AvbAtxOps* atx_ops, | |
881 | + uint8_t *upload_buffer, uint32_t *upload_size) | |
882 | +{ | |
883 | + struct AvbAtxUnlockChallenge *buf = NULL; | |
884 | + int ret, size; | |
1418 | 885 | |
1419 | - assert(ops != NULL); | |
1420 | - /* check if the rollback index location exceed the limit */ | |
1421 | -#ifdef CONFIG_AVB_ATX | |
1422 | - if ((rollback_index_slot & ~kTypeMask) >= AVB_MAX_NUMBER_OF_ROLLBACK_INDEX_LOCATIONS) | |
1423 | -#else | |
1424 | - if (rollback_index_slot >= AVB_MAX_NUMBER_OF_ROLLBACK_INDEX_LOCATIONS) | |
1425 | -#endif /* CONFIG_AVB_ATX */ | |
1426 | - return AVB_IO_RESULT_ERROR_IO; | |
1427 | - | |
1428 | - if ((mmc_dev = get_mmc()) == NULL) { | |
1429 | - ERR("err get mmc device\n"); | |
1430 | - return AVB_IO_RESULT_ERROR_IO; | |
886 | + size = sizeof(struct AvbAtxUnlockChallenge); | |
887 | + buf = (struct AvbAtxUnlockChallenge *)malloc(size); | |
888 | + if (buf == NULL) { | |
889 | + ERR("unable to alloc memory!\n"); | |
890 | + return -1; | |
1431 | 891 | } |
1432 | - /* read the kblb header */ | |
1433 | - if (rpmb_read(mmc_dev, (uint8_t *)&hdr, sizeof(hdr), 0) != 0) { | |
1434 | - ERR("read RPMB error\n"); | |
1435 | - return AVB_IO_RESULT_ERROR_IO; | |
1436 | - } | |
1437 | 892 | |
1438 | - if (memcmp(hdr.magic, AVB_KBLB_MAGIC, AVB_KBLB_MAGIC_LEN) != 0) { | |
1439 | - ERR("magic not match\n"); | |
1440 | - return AVB_IO_RESULT_ERROR_IO; | |
1441 | - } | |
1442 | - /* choose rollback index type */ | |
1443 | -#ifdef CONFIG_AVB_ATX | |
1444 | - if ((rollback_index_slot & kTypeMask) >> kTypeShift) { | |
1445 | - /* rollback index for Android Things key versions */ | |
1446 | - rbk = &hdr.atx_rbk_tags[rollback_index_slot & ~kTypeMask]; | |
1447 | - } else { | |
1448 | - /* rollback index for vbmeta */ | |
1449 | - rbk = &hdr.rbk_tags[rollback_index_slot & ~kTypeMask]; | |
1450 | - } | |
1451 | -#else | |
1452 | - rbk = &hdr.rbk_tags[rollback_index_slot]; | |
1453 | -#endif /* CONFIG_AVB_ATX */ | |
1454 | - plain_idx = malloc(rbk->len); | |
1455 | - if (plain_idx == NULL) | |
1456 | - return AVB_IO_RESULT_ERROR_OOM; | |
1457 | - memset(plain_idx, 0, rbk->len); | |
1458 | - *plain_idx = rollback_index; | |
1459 | - | |
1460 | - /* write rollback_index keyblob */ | |
1461 | - if (rpmb_write(mmc_dev, (uint8_t *)plain_idx, rbk->len, rbk->offset) != | |
1462 | - 0) { | |
1463 | - ERR("write rollback index error\n"); | |
1464 | - ret = AVB_IO_RESULT_ERROR_IO; | |
893 | + if (avb_atx_generate_unlock_challenge(atx_ops, buf) != | |
894 | + AVB_IO_RESULT_OK) { | |
895 | + ERR("generate unlock challenge fail!\n"); | |
896 | + ret = -1; | |
1465 | 897 | goto fail; |
1466 | 898 | } |
1467 | - ret = AVB_IO_RESULT_OK; | |
899 | + /* Current avbtool only accept 16 bytes random numbers as unlock | |
900 | + * challenge, need to return the whole 'AvbAtxUnlockChallenge' | |
901 | + * when avbtool is ready. | |
902 | + */ | |
903 | + memcpy(upload_buffer, buf->challenge, AVB_ATX_UNLOCK_CHALLENGE_SIZE); | |
904 | + *upload_size = AVB_ATX_UNLOCK_CHALLENGE_SIZE; | |
905 | + ret = 0; | |
1468 | 906 | fail: |
1469 | - if (plain_idx != NULL) | |
1470 | - free(plain_idx); | |
907 | + if (buf != NULL) | |
908 | + free(buf); | |
1471 | 909 | return ret; |
1472 | -#endif /* CONFIG_IMX_TRUSTY_OS */ | |
1473 | 910 | } |
1474 | -#endif /* CONFIG_SPL_BUILD */ | |
1475 | -#endif /* AVB_RPMB */ | |
1476 | 911 | |
1477 | -#if defined(AVB_RPMB) && defined(CONFIG_AVB_ATX) && !defined(CONFIG_SPL_BUILD) | |
1478 | -/* Provides the key version of a key used during verification. This may be | |
1479 | - * useful for managing the minimum key version. | |
1480 | - */ | |
1481 | -void fsl_set_key_version(AvbAtxOps* atx_ops, | |
1482 | - size_t rollback_index_location, | |
1483 | - uint64_t key_version) { | |
1484 | - kblb_hdr_t hdr; | |
1485 | - kblb_tag_t *rbk; | |
1486 | - uint64_t *plain_idx = NULL; | |
1487 | - struct mmc *mmc_dev; | |
1488 | - static const uint32_t kTypeMask = 0xF000; | |
912 | +int avb_atx_verify_unlock_credential(struct AvbAtxOps* atx_ops, | |
913 | + uint8_t *staged_buffer) | |
914 | +{ | |
915 | + bool out_is_trusted; | |
916 | + AvbIOResult ret; | |
917 | + const AvbAtxUnlockCredential* buf = NULL; | |
1489 | 918 | |
1490 | - DEBUGAVB("[rpmb] write to rollback slot: (%zu, %" PRIu64 ")\n", | |
1491 | - rollback_index_location, key_version); | |
919 | + buf = (const AvbAtxUnlockCredential*)staged_buffer; | |
920 | + ret = avb_atx_validate_unlock_credential(atx_ops, buf, &out_is_trusted); | |
921 | + if ((ret != AVB_IO_RESULT_OK) || (out_is_trusted != true)) { | |
922 | + ERR("validate unlock credential fail!\n"); | |
923 | + return -1; | |
924 | + } else | |
925 | + return 0; | |
926 | +} | |
1492 | 927 | |
1493 | - assert(atx_ops != NULL); | |
1494 | - | |
1495 | - if ((mmc_dev = get_mmc()) == NULL) { | |
1496 | - ERR("err get mmc device\n"); | |
928 | +bool perm_attr_are_fused(void) | |
929 | +{ | |
930 | +#ifdef CONFIG_IMX_TRUSTY_OS | |
931 | + AvbAtxPermanentAttributes attributes; | |
932 | + if(!trusty_read_permanent_attributes((uint8_t *)(&attributes), | |
933 | + sizeof(AvbAtxPermanentAttributes))) { | |
934 | + return true; | |
935 | + } else { | |
936 | + ERR("No perm-attr fused, please fuse your perm-attr first!.\n"); | |
937 | + return false; | |
1497 | 938 | } |
1498 | - /* read the kblb header */ | |
1499 | - if (rpmb_read(mmc_dev, (uint8_t *)&hdr, sizeof(hdr), 0) != 0) { | |
1500 | - ERR("read RPMB error\n"); | |
1501 | - } | |
939 | +#else | |
940 | + /* We hard code the perm-attr if trusty is not enabled. */ | |
941 | + return true; | |
942 | +#endif | |
943 | +} | |
1502 | 944 | |
1503 | - if (memcmp(hdr.magic, AVB_KBLB_MAGIC, AVB_KBLB_MAGIC_LEN) != 0) { | |
1504 | - ERR("magic not match\n"); | |
1505 | - } | |
945 | +bool at_unlock_vboot_is_disabled(void) | |
946 | +{ | |
947 | + uint32_t unlock_vboot_status; | |
1506 | 948 | |
1507 | - /* rollback index for Android Things key versions */ | |
1508 | - rbk = &hdr.atx_rbk_tags[rollback_index_location & ~kTypeMask]; | |
1509 | - | |
1510 | - plain_idx = malloc(rbk->len); | |
1511 | - if (plain_idx == NULL) | |
1512 | - printf("\nError! allocate memory fail!\n"); | |
1513 | - memset(plain_idx, 0, rbk->len); | |
1514 | - *plain_idx = key_version; | |
1515 | - | |
1516 | - /* write rollback_index keyblob */ | |
1517 | - if (rpmb_write(mmc_dev, (uint8_t *)plain_idx, rbk->len, rbk->offset) != | |
1518 | - 0) { | |
1519 | - ERR("write rollback index error\n"); | |
1520 | - goto fail; | |
949 | + if (fsl_fuse_read(&unlock_vboot_status, 1, | |
950 | + UNLOCK_VBOOT_STATUS_OFFSET_IN_WORD)) { | |
951 | + printf("Read at unlock vboot status error!\n"); | |
952 | + return false; | |
1521 | 953 | } |
1522 | -fail: | |
1523 | - if (plain_idx != NULL) | |
1524 | - free(plain_idx); | |
954 | + | |
955 | + if (unlock_vboot_status & (1 << UNLOCK_VBOOT_STATUS_OFFSET_IN_BIT)) | |
956 | + return true; | |
957 | + else | |
958 | + return false; | |
1525 | 959 | } |
1526 | -#endif /* AVB_RPMB && CONFIG_AVB_ATX */ | |
1527 | 960 | |
1528 | -#if defined(CONFIG_IMX_TRUSTY_OS) && defined(CONFIG_ANDROID_AUTO_SUPPORT) | |
1529 | - | |
1530 | -extern int mmc_switch(struct mmc *mmc, u8 set, u8 index, u8 value); | |
1531 | - | |
1532 | -#ifdef CONFIG_SPL_BUILD | |
1533 | -int check_rpmb_blob(struct mmc *mmc) | |
961 | +int at_disable_vboot_unlock(void) | |
1534 | 962 | { |
1535 | - int ret = 0; | |
1536 | - char original_part; | |
1537 | - struct keyslot_package kp; | |
963 | + uint32_t unlock_vboot_status = 0; | |
1538 | 964 | |
1539 | - read_keyslot_package(&kp); | |
1540 | - if (strcmp(kp.magic, KEYPACK_MAGIC)) { | |
1541 | - printf("keyslot package magic error, do nothing here!\n"); | |
1542 | - return 0; | |
965 | + /* Read the status first */ | |
966 | + if (fsl_fuse_read(&unlock_vboot_status, 1, | |
967 | + UNLOCK_VBOOT_STATUS_OFFSET_IN_WORD)) { | |
968 | + ERR("Read unlock vboot status error!\n"); | |
969 | + return -1; | |
1543 | 970 | } |
1544 | - /* If keyslot package valid, copy it to secure memory */ | |
1545 | - fill_secure_keyslot_package(&kp); | |
1546 | 971 | |
1547 | - /* switch to boot1 partition. */ | |
1548 | - original_part = mmc->block_dev.hwpart; | |
1549 | - if (mmc_switch_part(mmc, KEYSLOT_HWPARTITION_ID) != 0) { | |
1550 | - printf("ERROR - can't switch to boot1 partition! \n"); | |
1551 | - ret = -1; | |
1552 | - goto fail; | |
1553 | - } else | |
1554 | - mmc->block_dev.hwpart = KEYSLOT_HWPARTITION_ID; | |
1555 | - /* write power-on write protection for boot1 partition. */ | |
1556 | - if (mmc_switch(mmc, EXT_CSD_CMD_SET_NORMAL, | |
1557 | - EXT_CSD_BOOT_WP, BOOT1_PWR_WP)) { | |
1558 | - printf("ERROR - unable to set power-on write protection!\n"); | |
1559 | - ret = -1; | |
1560 | - goto fail; | |
972 | + /* Set the disable unlock vboot bit */ | |
973 | + unlock_vboot_status |= (1 << UNLOCK_VBOOT_STATUS_OFFSET_IN_BIT); | |
974 | + | |
975 | + /* Write disable unlock vboot bit to fuse */ | |
976 | + if (fsl_fuse_write(&unlock_vboot_status, 1, | |
977 | + UNLOCK_VBOOT_STATUS_OFFSET_IN_WORD)) { | |
978 | + ERR("Write unlock vboot status fail!\n"); | |
979 | + return -1; | |
1561 | 980 | } |
1562 | -fail: | |
1563 | - /* return to original partition. */ | |
1564 | - if (mmc->block_dev.hwpart != original_part) { | |
1565 | - if (mmc_switch_part(mmc, original_part) != 0) | |
1566 | - return -1; | |
1567 | - mmc->block_dev.hwpart = original_part; | |
1568 | - } | |
1569 | 981 | |
1570 | - return ret; | |
982 | + return 0; | |
1571 | 983 | } |
1572 | -#else /* CONFIG_SPL_BUILD */ | |
984 | +#endif /* CONFIG_AVB_ATX */ | |
985 | + | |
986 | +#if defined(CONFIG_IMX_TRUSTY_OS) && defined(CONFIG_ANDROID_AUTO_SUPPORT) | |
1573 | 987 | bool rpmbkey_is_set(void) |
1574 | 988 | { |
1575 | 989 | int mmcc; |
1576 | 990 | |
... | ... | @@ -1715,6 +1129,6 @@ |
1715 | 1129 | |
1716 | 1130 | return ret; |
1717 | 1131 | } |
1132 | +#endif /* CONFIG_IMX_TRUSTY_OS && CONFIG_ANDROID_AUTO_SUPPORT */ | |
1718 | 1133 | #endif /* CONFIG_SPL_BUILD */ |
1719 | -#endif |
lib/avb/fsl/fsl_avbkey.h
... | ... | @@ -44,6 +44,15 @@ |
44 | 44 | #define RPMB_KEY_MAGIC "RPMB" |
45 | 45 | #endif |
46 | 46 | |
47 | +#ifdef CONFIG_AVB_ATX | |
48 | +#define ATX_FUSE_BANK_NUM 4 | |
49 | +#define ATX_FUSE_BANK_MASK 0xFFFF | |
50 | +#define ATX_HASH_LENGTH 14 | |
51 | +#endif | |
52 | + | |
53 | +#define RESULT_ERROR -1 | |
54 | +#define RESULT_OK 0 | |
55 | + | |
47 | 56 | struct kblb_tag { |
48 | 57 | uint32_t flag; |
49 | 58 | uint32_t offset; |
... | ... | @@ -59,7 +68,7 @@ |
59 | 68 | */ |
60 | 69 | #if defined(CONFIG_DUAL_BOOTLOADER) && defined(CONFIG_SPL_BUILD) |
61 | 70 | kblb_tag_t bootloader_rbk_tags; |
62 | -#else | |
71 | +#endif | |
63 | 72 | /* public key keyblb tag */ |
64 | 73 | kblb_tag_t pubk_tag; |
65 | 74 | /* vbmeta rollback index keyblb tag */ |
... | ... | @@ -68,7 +77,6 @@ |
68 | 77 | /* Android Things key versions rollback index keyblb tag */ |
69 | 78 | kblb_tag_t atx_rbk_tags[AVB_MAX_NUMBER_OF_ROLLBACK_INDEX_LOCATIONS]; |
70 | 79 | #endif |
71 | -#endif | |
72 | 80 | }; |
73 | 81 | typedef struct kblb_hdr kblb_hdr_t; |
74 | 82 | |
... | ... | @@ -93,5 +101,9 @@ |
93 | 101 | |
94 | 102 | int check_rpmb_blob(struct mmc *mmc); |
95 | 103 | bool rpmbkey_is_set(void); |
104 | +int fsl_fuse_write(const uint32_t *buffer, uint32_t length, uint32_t offset); | |
105 | +int fsl_fuse_read(uint32_t *buffer, uint32_t length, uint32_t offset); | |
106 | +int permanent_attributes_sha256_hash(unsigned char* output); | |
107 | +struct mmc *get_mmc(void); | |
96 | 108 | #endif |