summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorJi Luo <ji.luo@nxp.com>2018-11-30 09:59:36 +0800
committerJi Luo <ji.luo@nxp.com>2018-12-04 09:53:12 +0800
commitd7c768a690529017a476552091ffd4bc9a6159c7 (patch)
tree874720aaf290bd19f39990cde8b00c3ece746c2b /lib
parent69142ab1d90b1eef1d8d6a0137b24a9f75c14b83 (diff)
MA-13628 [Auto] Read/Write rollback index from rpmb
Secure storage is ready in trusty so we should read/write the rollback index from rpmb. But for borads without rpmb key, read/write the rpmb will fail and will block the following avb verify process. In this case, check if the rpmb key has been set and always return AVB_IO_RESULT_OK for the boards without rpmb key. Test: build and boot pass on imx8qm_mek. Change-Id: I10c438e56d049ae97ebedfc446c8202642630d8b Signed-off-by: Ji Luo <ji.luo@nxp.com>
Diffstat (limited to 'lib')
-rw-r--r--lib/avb/fsl/fsl_avb.c22
-rw-r--r--lib/avb/fsl/fsl_avbkey.c2
2 files changed, 18 insertions, 6 deletions
diff --git a/lib/avb/fsl/fsl_avb.c b/lib/avb/fsl/fsl_avb.c
index a1c56b196f6..ee9f34f2058 100644
--- a/lib/avb/fsl/fsl_avb.c
+++ b/lib/avb/fsl/fsl_avb.c
@@ -631,8 +631,16 @@ AvbIOResult fsl_write_rollback_index_rpmb(AvbOps* ops, size_t rollback_index_slo
AvbIOResult ret;
#ifdef CONFIG_IMX_TRUSTY_OS
if (trusty_write_rollback_index(rollback_index_slot, rollback_index)) {
- ERR("write rollback from Trusty error!");
- ret = AVB_IO_RESULT_ERROR_IO;
+ ERR("write rollback from Trusty error!\n");
+#ifdef CONFIG_ANDROID_AUTO_SUPPORT
+ /* Read/write rollback index from rpmb will fail if the rpmb
+ * key hasn't been set, return AVB_IO_RESULT_OK in this case.
+ */
+ if (!rpmbkey_is_set())
+ ret = AVB_IO_RESULT_OK;
+ else
+#endif
+ ret = AVB_IO_RESULT_ERROR_IO;
} else {
ret = AVB_IO_RESULT_OK;
}
@@ -720,8 +728,14 @@ AvbIOResult fsl_read_rollback_index_rpmb(AvbOps* ops, size_t rollback_index_slot
AvbIOResult ret;
#ifdef CONFIG_IMX_TRUSTY_OS
if (trusty_read_rollback_index(rollback_index_slot, out_rollback_index)) {
- ERR("read rollback from Trusty error!");
- ret = AVB_IO_RESULT_ERROR_IO;
+ ERR("read rollback from Trusty error!\n");
+#ifdef CONFIG_ANDROID_AUTO_SUPPORT
+ if (!rpmbkey_is_set()) {
+ *out_rollback_index = 0;
+ ret = AVB_IO_RESULT_OK;
+ } else
+#endif
+ ret = AVB_IO_RESULT_ERROR_IO;
} else {
ret = AVB_IO_RESULT_OK;
}
diff --git a/lib/avb/fsl/fsl_avbkey.c b/lib/avb/fsl/fsl_avbkey.c
index 56adf44c5a2..890ff713226 100644
--- a/lib/avb/fsl/fsl_avbkey.c
+++ b/lib/avb/fsl/fsl_avbkey.c
@@ -572,7 +572,6 @@ fail:
}
int init_avbkey(void) {
-#ifndef CONFIG_ARM64
struct keyslot_package kp;
read_keyslot_package(&kp);
if (strcmp(kp.magic, KEYPACK_MAGIC)) {
@@ -588,7 +587,6 @@ int init_avbkey(void) {
return RESULT_ERROR;
#endif
fill_secure_keyslot_package(&kp);
-#endif
return RESULT_OK;
}