diff options
author | Yu Shan <shanyu@google.com> | 2017-08-31 15:12:43 +0800 |
---|---|---|
committer | Ji Luo <ji.luo@nxp.com> | 2018-08-20 21:25:45 +0800 |
commit | b92b0e1d49778cd31ac33d209fa064caa2bec6ef (patch) | |
tree | 2d6d8805fe415eaf806d02a8db4aa9af64049e3a /drivers | |
parent | d2275a5926ac2ff7e9f656ac7803de010b51e870 (diff) |
[iot] Use Trusty OS handle RollbackIndex and lock status
Use Trusty OS AVB manager handle RollbackIndex and
lock status into RPMB partition.
Change-Id: Idfe7234cfa31b2169af59b64e00f028542c49240
Signed-off-by: Haoran.Wang <elven.wang@nxp.com>
Diffstat (limited to 'drivers')
-rw-r--r-- | drivers/usb/gadget/f_fastboot.c | 4 | ||||
-rw-r--r-- | drivers/usb/gadget/fastboot_lock_unlock.c | 28 |
2 files changed, 31 insertions, 1 deletions
diff --git a/drivers/usb/gadget/f_fastboot.c b/drivers/usb/gadget/f_fastboot.c index 2d05ca7bb7..4ba1ae3106 100644 --- a/drivers/usb/gadget/f_fastboot.c +++ b/drivers/usb/gadget/f_fastboot.c @@ -2217,6 +2217,8 @@ dt_read_done: #ifdef CONFIG_IMX_TRUSTY_OS /* Trusty keymaster needs some parameters before it work */ trusty_setbootparameter(hdr, avb_result); + /* lock the boot status and rollback_idx preventing Linux modify it */ + trusty_lock_boot_state(); /* put ql-tipc to release resource for Linux */ trusty_ipc_shutdown(); #endif @@ -3132,7 +3134,7 @@ static FbLockState do_fastboot_unlock(bool force) fastboot_wipe_data_partition(); printf("Wipe /data completed.\n"); -#ifdef CONFIG_AVB_SUPPORT +#if defined(CONFIG_AVB_SUPPORT) && !defined(CONFIG_IMX_TRUSTY_OS) printf("Start stored_rollback_index wipe process....\n"); rbkidx_erase(); printf("Wipe stored_rollback_index completed.\n"); diff --git a/drivers/usb/gadget/fastboot_lock_unlock.c b/drivers/usb/gadget/fastboot_lock_unlock.c index 991cddf7ca..953bad1017 100644 --- a/drivers/usb/gadget/fastboot_lock_unlock.c +++ b/drivers/usb/gadget/fastboot_lock_unlock.c @@ -37,6 +37,9 @@ #include <stdlib.h> #include "fastboot_lock_unlock.h" #include <fsl_fastboot.h> +#ifdef CONFIG_IMX_TRUSTY_OS +#include <trusty/libtipc.h> +#endif #ifdef FASTBOOT_ENCRYPT_LOCK @@ -214,6 +217,30 @@ static inline unsigned char lock_enable_parse(unsigned char* bdata) { } static FbLockState g_lockstat = FASTBOOT_UNLOCK; + +#ifdef CONFIG_IMX_TRUSTY_OS +FbLockState fastboot_get_lock_stat(void) { + uint8_t l_status; + int ret; + ret = trusty_read_lock_state(&l_status); + if (ret < 0) + return g_lockstat; + else + return l_status; + +} + +int fastboot_set_lock_stat(FbLockState lock) { + int ret; + ret = trusty_write_lock_state(lock); + if (ret < 0) { + printf("cannot set lock status due Trusty return %d\n", ret); + return ret; + } + return 0; +} +#else + /* * Set status of the lock&unlock to FSL_FASTBOOT_FB_PART * Currently use the very first Byte of FSL_FASTBOOT_FB_PART @@ -306,6 +333,7 @@ fail: free(bdata); return ret; } +#endif /* Return the last byte of of FSL_FASTBOOT_PR_DATA |