diff options
| author | Ji Luo <ji.luo@nxp.com> | 2018-11-21 09:44:17 +0800 |
|---|---|---|
| committer | Ji Luo <ji.luo@nxp.com> | 2018-11-21 13:39:54 +0800 |
| commit | 378fa741725e000cd1ea4d2ddd55b5042233d6b2 (patch) | |
| tree | 5277a81f291717b455ba3d68f89130e9efe02406 | |
| parent | 71398b89a06fada6c53a31e17101c3cc3a47d049 (diff) | |
MA-13480-1 [Auto] Fix XEN hang with wrong keymaster service
Pass "androidboot.keystore=trusty" for trusty backed keymaster
service, pass "androidboot.keystore=software" for software
keymaster service.
Test: boot pass on imx8qm_mek.
Change-Id: I9fa38c15a7c10aef09ab29b0e9859b690e3e7a41
Signed-off-by: Ji Luo <ji.luo@nxp.com>
| -rw-r--r-- | common/image-android.c | 8 | ||||
| -rw-r--r-- | lib/trusty/ql-tipc/libtipc.c | 8 |
2 files changed, 8 insertions, 8 deletions
diff --git a/common/image-android.c b/common/image-android.c index bd47a6fcd4..67cb86f0fe 100644 --- a/common/image-android.c +++ b/common/image-android.c @@ -211,14 +211,16 @@ int android_image_get_kernel(const struct andr_img_hdr *hdr, int verify, strncat(commandline, newbootargs, sizeof(commandline) - strlen(commandline)); #endif -#ifdef CONFIG_IMX_TRUSTY_OS char *keystore = env_get("keystore"); - if (!strncpy(keystore, "software", sizeof("software"))) { + if ((keystore == NULL) || strncmp(keystore, "trusty", sizeof("trusty"))) { + char *bootargs_trusty = "androidboot.keystore=software"; + strncat(commandline, " ", sizeof(commandline) - strlen(commandline)); + strncat(commandline, bootargs_trusty, sizeof(commandline) - strlen(commandline)); + } else { char *bootargs_trusty = "androidboot.keystore=trusty"; strncat(commandline, " ", sizeof(commandline) - strlen(commandline)); strncat(commandline, bootargs_trusty, sizeof(commandline) - strlen(commandline)); } -#endif /* Add 'append_bootargs' to hold some paramemters which need to be appended * to bootargs */ diff --git a/lib/trusty/ql-tipc/libtipc.c b/lib/trusty/ql-tipc/libtipc.c index f1d523e763..33087b8d86 100644 --- a/lib/trusty/ql-tipc/libtipc.c +++ b/lib/trusty/ql-tipc/libtipc.c @@ -97,16 +97,14 @@ int trusty_ipc_init(void) /* Go to hang if the key has been destroyed. */ trusty_error("RPMB key was destroyed!\n"); hang(); - } else { - /* rpmb key hasn't been set, use software keymaster. - * Don't return here because we want to initalize the - * hardware crypto service to set rpmb key. */ - env_set("keystore", "software"); } #else return rc; #endif } else { + /* secure storage service init ok, use trusty backed keystore */ + env_set("keystore", "trusty"); + trusty_info("Initializing Trusty AVB client\n"); rc = avb_tipc_init(_ipc_dev); if (rc != 0) { |