28 Aug, 2019
1 commit
-
Don't skip vbmeta public key verify for non-trusty
platforms.Test: boot on imx8mm.
Change-Id: I4712e5dd6e5c8848468e9d85c6b38eb5fb11377f
Signed-off-by: Ji Luo
20 Aug, 2019
1 commit
-
Decrypt and verify the secure credential in keymaster TA, unlock
operation can only be allowed after secure credential verify pass.Since the mppubk can only be generated on hab closed imx8q, so secure
unlock feature can only supported when hab is closed.Test: secure unlock credential verify on hab closed imx8mm_evk.
Change-Id: I1ab5e24df28d1e75ff853de3adf29f34da1d0a71
Signed-off-by: Ji Luo
01 Aug, 2019
1 commit
-
We may need to enable the dual bootloader feature on non-trusty
platforms, skip the bootloader rollback index check in spl if
trusty is not enabled.Don't generate rpmb key in spl, it should be generated in u-boot
proper with u-boot commands.Test: dual bootloader on imx8mm.
Change-Id: Iac454e0140cd6f4472a66d267d9ba0d40df7102c
Signed-off-by: Ji Luo
25 Jul, 2019
3 commits
-
MMC device id remap function "board_mmc_get_env_dev()" was
removed in u-boot v2019 because we add the mmc device aliases
in dts file. But we still need to remap the mmc device id in
spl or read/write rpmb keyslot package will fail.This patch adds mmc device id remap function in spl to get the
correct device id.Test: boot on imx8mm with trusty enabled.
Change-Id: I41c46494326d9eb2658d2cda692968fb895d0292
Signed-off-by: Ji Luo -
The A/B slot selection is moved to spl, it may lead to hang
if no bootable slots found. The only way to recover the board
is re-flash images with uuu tool, which is quite inconvenient
for some customers who can't enter serial download mode.This patch will set "spl recovery mode" which will give us a
chance to re-flash images with fastboot commands.Test: Enter spl recovery mode and flash images when no bootable
slots found.Change-Id: I31278f5212bde7609fe2f49e77b3849e92c0c516
Signed-off-by: Ji Luo -
Add new keymaster commands to get Manufacure Production key (mppubk).
Since the mppubk can only be generated in OEM CLOSED imx8q board, so
we can only use this command when the board is HAB/AHAB closed.Commands to extract the mppubk:
* $fastboot oem get-mppubk
* $fastboot get_staged mppubk.binTest: Generate and dump the mppubk.bin
Change-Id: Idc59e78ca6345497e744162664b8293f50d1eda4
Signed-off-by: Ji Luo
22 Jul, 2019
1 commit
-
Due SPL doesn't have env, so cannot use mmc_get_env_dev() get
the mmc index.
Following spl_mmc.c get correct mmc index in SPL.Change-Id: I0f07a9ea35d5b3ba0d638af436238d0cfe925981
Signed-off-by: Haoran.Wang
10 Jul, 2019
2 commits
-
Driver Module may be used in SPL, with CONFIG_BLK enabled for U-Boot,
CONFIG_SPL_BLK will be enabled, struct mmc definition will be different.
comply with that mmc struct definition in fsl_avbkey.c file to handle
conditions when DM is used in SPL.Change-Id: I632600556e764b25228ba467a5e5141cf3fc3dfe
Signed-off-by: faqiang.zhu -
libavb is now under the directory of lib/, not lib/avb/ as before, to
adapt to this change, some modifications are made:
1. header file inclusion change, including parameter of -I option in
Makefile
2. remove avb_sysdeps_posix.o in Makefile since the functions in
avb_sysdeps_posix.c has beed redefined in fsl_avb_sysdeps_uboot.cChange-Id: I4216e3ddb4e3e810783e4f46b953eda510c2627b
Signed-off-by: faqiang.zhu
02 Jul, 2019
1 commit
-
to fix build issues, add two header files, "fastboot_lock_unlock.h" is
copied from imx_v2018.03 branch, "fb_fsl_common.h" contains some
varialbes and a function used in more than one files.the places where "fastboot_lock_unlock.h" is included is modified to
adapt to this change.
"fsl_fastboot.h" is renamed to "fb_fsl.h", the places where
"fsl_fastboot.h" is included is modified to adapt to this change.to fix function issues, command handle function in "fb_fsl_command.c" is
modified.build based on imx8mm_ddr4_evk, the board can boot and basic fastboot
function can work.Change-Id: I34961ef70351a1ee4c84b6721dba5ac7b261a0d3
Signed-off-by: faqiang.zhu
24 May, 2019
1 commit
-
Porting the android AVB lib from imx u-boot v2018.03. Since 2019 u-boot
has added latest AVB library, try to reuse it.Signed-off-by: Ye Li
(cherry picked from commit 2105662ada738a271e12a81d775134a5821dc38f)
(cherry picked from commit f7291d86c4183ce2e299ad271aa5618c71507ffc)