summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJi Luo <ji.luo@nxp.com>2020-09-21 16:10:32 +0800
committerJi Luo <ji.luo@nxp.com>2022-04-18 16:40:09 +0800
commit6c9550d1406108879b786fd58f610f213d7a20ca (patch)
treed373e0f86334e3c35cb4638c6dfa43fa90f1c70d
parent2f0c41c742acb72427751c198e998231ff8172b5 (diff)
MA-17910-1 Add config to guard avb public key load
Add config "CONFIG_LOAD_KEY_FROM_RPMB" to decide loading the avb public key from RPMB storage or building it statically. Test: AVB verify. Signed-off-by: Ji Luo <ji.luo@nxp.com> Change-Id: I1ca09c28bbfa18dd00aa28405389b382e09fe07e (cherry picked from commit 5a7973e8f42e54b3cd8ce15624478dcbe19c49fd) (cherry picked from commit 29f15078f00ed862abf6ca9592e68815046a38f3) (cherry picked from commit 29ed198ffe8f46715a7ccee21c2eb6f1d53392a5)
Diffstat
-rw-r--r--lib/Kconfig5
-rw-r--r--lib/avb/fsl/fsl_avb.c4
2 files changed, 7 insertions, 2 deletions
diff --git a/lib/Kconfig b/lib/Kconfig
index 1b71c95e3d8..2120706ff4c 100644
--- a/lib/Kconfig
+++ b/lib/Kconfig
@@ -413,6 +413,11 @@ config TRUSTY_UNLOCK_PERMISSION
config VIRTUAL_AB_SUPPORT
bool "Support virtual AB update"
+config LOAD_KEY_FROM_RPMB
+ bool "Support load AVB public key from RPMB storage"
+ default n
+ depends on IMX_TRUSTY_OS
+
endmenu
menu "Hashing Support"
diff --git a/lib/avb/fsl/fsl_avb.c b/lib/avb/fsl/fsl_avb.c
index fc67e949af9..f4797f1eea0 100644
--- a/lib/avb/fsl/fsl_avb.c
+++ b/lib/avb/fsl/fsl_avb.c
@@ -16,7 +16,7 @@
#include "utils.h"
#include "debug.h"
#include "trusty/avb.h"
-#if !defined(CONFIG_IMX_TRUSTY_OS)
+#ifndef CONFIG_LOAD_KEY_FROM_RPMB
#include "fsl_public_key.h"
#endif
#include "fsl_atx_attributes.h"
@@ -578,7 +578,7 @@ AvbIOResult fsl_validate_vbmeta_public_key_rpmb(AvbOps* ops,
assert(ops != NULL && out_is_trusted != NULL);
*out_is_trusted = false;
-#if defined(CONFIG_IMX_TRUSTY_OS) && !defined(CONFIG_AVB_ATX)
+#ifdef CONFIG_LOAD_KEY_FROM_RPMB
uint8_t public_key_buf[AVB_MAX_BUFFER_LENGTH];
if (trusty_read_vbmeta_public_key(public_key_buf,
public_key_length) != 0) {
generated by cgit v1.2.3 (git 2.0.4) at 2024-09-17 19:11:52 +0000