24 Dec, 2018
2 commits
-
Sometimes we need to set random rpmb key which is invisible
except for the device.
Generate the random key with hwcrypto interface and support
fastboot command "fastboot oem set-rpmb-random-key" to set it.Test: build and boot on imx8q.
Change-Id: I44e1b6b091366d8ffceb1159fc65c17610ce5243
Signed-off-by: Ji Luo -
Add new hwcrypto command to support rng generation with CAAM.
Test: rng generated on imx8qxp_mek.
Change-Id: I756f3e99423f0f9dfc2bcd30117a3f96e9f5f2f7
Signed-off-by: Ji Luo
12 Dec, 2018
1 commit
-
Open configs to enable trusty for imx8mm_evk and also
add new config imx8mm_evk_android_trusty_defconfig based
on imx8mm_evk_android_defconfig.Test: Trusty starts ok.
Change-Id: Iaea90de21f886ed23082a5e8e8d2fa7fb139a9cb
Signed-off-by: Ji Luo
07 Dec, 2018
1 commit
-
It's "Copyright" instead of "opyright".
Change-Id: I4e66ea402e06ee03b5268d1d70c95e066ad35fd0
Signed-off-by: Ji Luo
04 Dec, 2018
2 commits
-
Add commands to write/read vbmeta public key to/from secure
storage. The vbmeta public key can only be set once.
Comands to set the public key:
fastboot stage
fastboot oem set-public-keyTest: build and boot on imx8qxp_mek.
Change-Id: Id3ad4aa5aacef4fc8443f6a2d6ccb931310970ca
Signed-off-by: Ji Luo -
Secure storage is ready in trusty so we should read/write the rollback
index from rpmb.
But for borads without rpmb key, read/write the rpmb will fail and will
block the following avb verify process. In this case, check if the rpmb
key has been set and always return AVB_IO_RESULT_OK for the boards without
rpmb key.Test: build and boot pass on imx8qm_mek.
Change-Id: I10c438e56d049ae97ebedfc446c8202642630d8b
Signed-off-by: Ji Luo
26 Nov, 2018
2 commits
-
Get build warning below because the CONFIG_SERIAL_TAG is not defined.
drivers/usb/gadget/f_fastboot.c: In function ‘fastboot_setup’:
drivers/usb/gadget/f_fastboot.c:1768:2: warning: ‘serialnr.high’ is used
uninitialized in this function [-Wuninitialized]
sprintf(serial, "%08x%08x", serialnr.high, serialnr.low);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/usb/gadget/f_fastboot.c:1768:2: warning: ‘serialnr.low’ is used
uninitialized in this function [-Wuninitialized]Signed-off-by: Ye Li
(cherry picked from commit 5a438e8daa7dfe9ae8c8e782a2656e9329c7d4a1) -
Remove the fuse operation commands for imx8qm, this will
help reduce the u-boot binary size.Test: build and boot ok on imx8qm.
Change-Id: I45fd7a86abe5ce7a9a8b9284974190d72b203e1b
Signed-off-by: Luo Ji
23 Nov, 2018
3 commits
-
Need loadimage before execute mmcboot.
Signed-off-by: Peng Fan
Reviewed-by: Ye Li
(cherry picked from commit 016bb84267ff3882228ffbde64c2c670be7a8f16) -
When OP-TEE is enabled a share memory is created between Linux and OP-TEE.
On i.MX 8QM with the use of the SC subsystem, this creates a new chunk of
memory.
Add a new DRAM BANK, so that u-boot is able to capture correctly all
the chunks of memory in meminfo.Signed-off-by: Silvano di Ninno
(cherry picked from commit c89c493cd8657f5d520647c3a9a61861b3f267e0) -
When OP-TEE is enabled a share memory is created
between Linux and OP-TEE. on QxP with the use of the SC
subsystem, this creates a new chunk of memory.
Add a new DRAM BANK, so that u-boot is able to capture
correctly all the chunks of memory in meminfo.Signed-off-by: Silvano di Ninno
(cherry picked from commit abda1b4728f573a43a5b95db675821d2829de99b)
22 Nov, 2018
2 commits
-
The CONFIG_MMC_ENV_DEV binds with CONFIG_ENV_IS_IN_MMC on mx6sabreauto.
When booting from other boot devices like EIMNOR, SPINOR, they need to
load kernel from SD, if the configuration is not set, the loading will fail.Signed-off-by: Ye Li
(cherry picked from commit 59f6322db37945cf69cd418704ffef39b6fd5b31) -
Too many macros are used in fsl_avbkey.c and
make it difficult to maintain.
This patch made some refine by:
1. Move all avb/atx operations to fsl_avb.c.
2. Refine the functions logic.
3. Drop some unsupported conditions/functions.Test: build and boot on
imx8qm_mek/imx8mq_evk/imx6qp_sabresd/imx7d_pico/imx8m_aiy.Change-Id: I5c99732acfc47d53cdf188d69223983777e577f4
Signed-off-by: Luo Ji
16 Nov, 2018
1 commit
-
Enlarge dom0 mem to 2048M
Signed-off-by: Peng Fan
(cherry picked from commit 2f756c93a265e96bf524bfbe224fbbeceecd1417)
15 Nov, 2018
2 commits
-
Introduce puts hook for dm serial driver.
Signed-off-by: Peng Fan
Reviewed-by: Peng Fan
Reviewed-by: Flynn xu -
Introduce xen header files from Linux Kernel commit
e2b623fbe6a3("Merge tag 's390-4.20-1' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux")Signed-off-by: Peng Fan
Reviewed-by: Peng Fan
Reviewed-by: Flynn xu
12 Nov, 2018
17 commits
-
The rollback index should be updated when avb verify pass
and the slot has been marked as successful, update the
rollback index also for those enabled dual bootloader
feature.
This commit also fix some configs condition issue so
read/write rollback index with trusty will work.Test: rollback index updated successfully on
imx7d_pico and AIY.Change-Id: I2344d6462249d8d88f0622d331cdeffc7e12f885
Signed-off-by: Ji Luo -
SHA256 hash of the entire verified software stack should be calculated
and passed to 'trusty_set_boot_params'. This commit will calculate the
SHA256 hash which represents spl.bin and bootloader.img, and then extend
that hash with the hash of vbmeta image into the final VBH.Bug: 110905171
Test: VBH is calculated and passed ok on AIY.
Change-Id: Id83ad36f3de79bedd435ca8f26035a35cca66b07
Signed-off-by: Ji Luo -
Add support for fastboot variable 'at-vboot-state', it's composed
by 6 sub-variable: 'bootloader-locked', 'bootloader-min-versions',
'avb-perm-attr-set', 'avb-locked', 'avb-unlock-disabled' and
'avb-min-versions'.Test: All 'at-vboot-state' variables are returned
correctly on imx7d_pico and AIY.Change-Id: Ibb855cbcc7c41657af62dafb98a96c4dfb96ef22
Signed-off-by: Ji Luo -
Device will be locked permanently after disabling the unlcok vboot, store
the disable unlock vboot status into fuse. Since the fuse write operation
is irreversible so config 'CONFIG_AVB_FUSE' is disabled by default, user
need to add this config manually and run this command again.Test: Disable unlock vboot bit is set after enabling "CONFIG_AVB_FUSE",
device was locked permanently after running this command. This is
verified on both imx7d_pico and AIY.Change-Id: Iad8991a238763b1d662e33cba65f0b9eb44e97ef
Signed-off-by: Ji Luo -
Supoort "fastboot oem at-lock-vboot" command for Android
Things, this command can only be called after perm-attr
have been fused.Test: build and boot ok on imx7d_pico and AIY.
Change-Id: Ifcfeb2a38d88c5d12b46a1d9ea61b182ae2e7bcb
Signed-off-by: Ji Luo -
Add fastboot commands "fastboot oem at-get-vboot-unlock-challenge"
and "fastboot oem at-unlock-vboot" to support the authenticated
unlock feature for Android Things devices. Use software random
numbers generator to generate the 16 bytes random challenge, it
should be replaced with hardware encrypted random generator when
the TEE part is ready.Test: Generate unlock challenge by:
./avbtool make_atx_unlock_credential
--output=atx_unlock_credential.bin
--intermediate_key_certificate=atx_pik_certificate.bin
--unlock_key_certificate=atx_puk_certificate.bin
--challenge=my_generated_challenge.bin
--unlock_key=testkey_atx_puk.pem
validated the unlock credential successfully on imx7d_pico
and AIY.Change-Id: I4b8cee87c9e96924169479b65020a081136681f6
Signed-off-by: Ji Luo -
Change-Id: Ia9e76742d0501d3222d5837057d8bc916f2ff989
Signed-off-by: Haoran.Wang -
Change some includes in include/trusty/sysdeps.h
to match our platform.Test: build pass for imx7d and imx8m.
Change-Id: I01fd3634413f358ead8c9b67d05def544682c274
Signed-off-by: Luo Ji -
Trusty image should be loaded to different address for AIY 1G/3G ddr
board which have different ddr size. Use board id to distinguish
different baseboard, load trusty image to 0x7e00_0000 for AIY 1G ddr
board and 0xfe00_0000 for AIY 3G ddr board.Test: build and boot Trusty ok for AIY 1G/3G ddr board.
Change-Id: I62d8a19b13fe19f38075512a6faa4bbb36f74791
Signed-off-by: Ji Luo -
Test: Modify imx7d bootloader in b/1074236 and test with new
keymaster app.
Bug: 77873456Change-Id: I0083630fa44c2c9fd0cabba7e7c1553488579d4e
-
Change-Id: I1c800fe39b5999169edd6e2acb9f66e557a3a86e
-
Obtaining the memory attributes can be done indepentently of the
bootloader environment and is now done by the ipc layer.Updated u-boot example to reflect this.
Change-Id: I8e649a1367ba02981419c43aac6e55b469dcf651
-
Changed trusty_membuf_alloc and trusty_membuf_free to trusty_alloc_pages and
trusty_free_pages. The memory allocated by these functions is intended
to be shared with the secure world so it should be inherently page based.Updated u-boot sysdeps and trusty_ipc_dev_create/shutdown to use these
new functionsChange-Id: Ica1aa5b0cb50eba6ce18914d048e731133d94c4f
-
Change-Id: I53c44e1b6641a8b7fddfa24d125b20868ef3496b
-
This allows ipc devices to provide service callbacks (e.g. rpmb) transparently
to the application instead of needing to have prior knowledge of the expected
request and having to poll the individual services' channels separately.Change-Id: I3257ae5e429f4a0c279f070d750b56c5600c38d5
-
Change-Id: I28e55ebf15a8bff33c9f03373747c10e914126fa
-
Change-Id: Ib4d648cf939d62f59030f43faaaf7eb37c718d4d
07 Nov, 2018
1 commit
-
This intends to replace the FIT image support since that cannot be
authenticated. Instead, we append another container at the end of
flash.bin, this new one containing a new container with two
images representing the ATF and uboot proper.Signed-off-by: Abel Vesa
Reviewed-by: Ye Li
06 Nov, 2018
1 commit
-
When using gcc 4.9 to build SPL, the image size is beyond current
limitation 128KB. This gcc version is used in android tool chain. So
enlarge the SPL max size to 148KB. This value is also aligned with
other imx8mq/mm boards settings.Signed-off-by: Ye Li
Reviewed-by: Peng Fan
03 Nov, 2018
5 commits
-
added emmc_dev and sd_dev
Signed-off-by: Frank Li
-
Because the iMX8MQ DDR4 ARM2 has 4GB DDR. To fit new MMU settings, we split
it to two banks. The first bank has 3GB DDR, reach to 4GB memory map.
The second bank has 1GB DDR, is beyond 4GB memory map.Notice: there is no OPTEE for ARM2 board. The trust zone setting in OPTEE
for iMX8MQ EVK is not match with DDR size on ARM2 board. So ARM2 Only can
work without OPTEE.Signed-off-by: Ye Li
Reviewed-by: Peng Fan -
iMX8MM DDR3L validation board uses FPGA to link with SPI NOR flash
on ECSPI1 port. Update the codes and configurations to enable the
ECSPI1 to access SPI NOR in u-boot.Signed-off-by: Ye Li
Reviewed-by: Peng Fan -
Generate the key blob and store it to the last block of boot1 partition
after setting the rpmb key. The key blob should be checked in spl and be
passed to Trusty OS if it's valid. If the key blob are damaged, RPMB
storage proxy service will return fail and should make the device hang.Test: Build and boot ok on imx8qm/qxp.
Change-Id: Ia274cd72109ab6ae15920e91b2a2008e1f1e667c
Signed-off-by: Ji Luo -
Add new hwcrypto tipc command and handler to generate blob with
CAAM.Test: Message exchange with trusty and blob encapsulate/decapsulate ok.
Change-Id: I925b47cb3e22eeddf4c89e84a9c994d2f30423fe
Signed-off-by: Ji Luo