diff options
author | Haoran.Wang <elven.wang@nxp.com> | 2018-06-05 15:16:49 +0800 |
---|---|---|
committer | Ji Luo <ji.luo@nxp.com> | 2018-08-20 21:25:47 +0800 |
commit | a84bd6bf7b507bea7cd0b28a00db5677f7a9a6e9 (patch) | |
tree | 896e127d1988144d72311d5c39c34c6dcf298449 /lib | |
parent | 89e54e221c1bfd724b488b942bdb8f08efbd41fc (diff) |
[iot] Use hard code key if no perm attr fused
For the device under development, the perm attr
not fused will break unlock ATX/AVB process and
make dm-verity parameters not output for kernel.
Use hard code one if Trusty OS didn't get the
perm attr.
Bug:93961668
Test: Verify kernel command line contains avb information.
Change-Id: Idd55dde79eed793dccdd7319600fbd04e11ca12d
Signed-off-by: Haoran.Wang <elven.wang@nxp.com>
Diffstat (limited to 'lib')
-rw-r--r-- | lib/avb/fsl/fsl_avbkey.c | 22 |
1 files changed, 12 insertions, 10 deletions
diff --git a/lib/avb/fsl/fsl_avbkey.c b/lib/avb/fsl/fsl_avbkey.c index 5e723d87f43..50f6ebd6ff8 100644 --- a/lib/avb/fsl/fsl_avbkey.c +++ b/lib/avb/fsl/fsl_avbkey.c @@ -185,18 +185,20 @@ static int permanent_attributes_sha256_hash(unsigned char* output) { AvbAtxPermanentAttributes attributes; #ifdef CONFIG_IMX_TRUSTY_OS - if(trusty_read_permanent_attributes((uint8_t *)(&attributes), + if(!trusty_read_permanent_attributes((uint8_t *)(&attributes), sizeof(AvbAtxPermanentAttributes))) { - return RESULT_ERROR; + goto calc_sha256; + } else { + ERR("No perm-attr fused. Will use hard code one.\n"); } -#else +#endif /* get permanent attributes */ attributes.version = fsl_version; memcpy(attributes.product_root_public_key, fsl_product_root_public_key, sizeof(fsl_product_root_public_key)); memcpy(attributes.product_id, fsl_atx_product_id, sizeof(fsl_atx_product_id)); -#endif +calc_sha256: /* calculate sha256(permanent attributes) hash */ if (sha256((unsigned char *)&attributes, sizeof(AvbAtxPermanentAttributes), output) == RESULT_ERROR) { @@ -1196,20 +1198,20 @@ fail: AvbIOResult fsl_read_permanent_attributes( AvbAtxOps* atx_ops, AvbAtxPermanentAttributes* attributes) { #ifdef CONFIG_IMX_TRUSTY_OS - if (trusty_read_permanent_attributes((uint8_t *)attributes, + if (!trusty_read_permanent_attributes((uint8_t *)attributes, sizeof(AvbAtxPermanentAttributes))) { - ERR("Error. Failed to read permanent attributes from secure storage\n"); - return AVB_IO_RESULT_ERROR_IO; - } else return AVB_IO_RESULT_OK; -#else + } + ERR("No perm-attr fused. Will use hard code one.\n"); +#endif /* CONFIG_IMX_TRUSTY_OS */ + /* use hard code permanent attributes due to limited fuse and RPMB */ attributes->version = fsl_version; memcpy(attributes->product_root_public_key, fsl_product_root_public_key, sizeof(fsl_product_root_public_key)); memcpy(attributes->product_id, fsl_atx_product_id, sizeof(fsl_atx_product_id)); -#endif /* CONFIG_IMX_TRUSTY_OS */ + return AVB_IO_RESULT_OK; } |