diff options
author | Ji Luo <ji.luo@nxp.com> | 2019-10-08 21:22:24 +0800 |
---|---|---|
committer | Ji Luo <ji.luo@nxp.com> | 2022-04-18 16:40:08 +0800 |
commit | 432f84dd0d7e8eca4855b880ac7d6d545ca7ffec (patch) | |
tree | 9ffadcc95ccc2c0ce004739c6efd7e74f61c10d8 /lib | |
parent | 3e32922e4e547fa2ac47399d2a044dcc4eac4fb8 (diff) |
MA-15575-3 Add support for oemlock 1.0 hal
Add commands to read oem device unlock state from
trusty avb app. Use the oem device unlock state to
determine if the device can be unlocked instead of
the state in persistdata part.
Test: Read oem device unlock state from avb app.
Change-Id: Ifccaa788ba0f681c2b3a47151c8474e8da5a2559
Signed-off-by: Ji Luo <ji.luo@nxp.com>
(cherry picked from commit c6eaf8e32987f120c0c5441ea39aa0f39a65b50d)
(cherry picked from commit 8b58afda1cd1f91048504b48b95260e930a37326)
(cherry picked from commit dc2acac3cdfe0ca77747e9c435e3f140acc07705)
Diffstat (limited to 'lib')
-rw-r--r-- | lib/Kconfig | 5 | ||||
-rw-r--r-- | lib/trusty/ql-tipc/avb.c | 7 |
2 files changed, 12 insertions, 0 deletions
diff --git a/lib/Kconfig b/lib/Kconfig index 792a2cbfa9..19db47fe99 100644 --- a/lib/Kconfig +++ b/lib/Kconfig @@ -405,6 +405,11 @@ config AT_AUTHENTICATE_UNLOCK config SECURE_UNLOCK bool "Enable secure unlock for Android devices, it can only be enabled on HAB closed board" + +config TRUSTY_UNLOCK_PERMISSION + bool "Support unlock permission protection in trusty" + depends on IMX_TRUSTY_OS + endmenu menu "Hashing Support" diff --git a/lib/trusty/ql-tipc/avb.c b/lib/trusty/ql-tipc/avb.c index 95b26fd2f8..937cafc910 100644 --- a/lib/trusty/ql-tipc/avb.c +++ b/lib/trusty/ql-tipc/avb.c @@ -260,3 +260,10 @@ int trusty_lock_boot_state(void) { return avb_do_tipc(LOCK_BOOT_STATE, NULL, 0, NULL, NULL); } + +int trusty_read_oem_unlock_device_permission(uint8_t *oem_device_unlock) +{ + uint32_t resp_size = sizeof(*oem_device_unlock); + return avb_do_tipc(READ_OEM_UNLOCK_DEVICE_PERMISSION, NULL, 0, oem_device_unlock, + &resp_size); +} |