diff options
author | Ji Luo <ji.luo@nxp.com> | 2018-08-23 19:12:45 +0800 |
---|---|---|
committer | faqiang.zhu <faqiang.zhu@nxp.com> | 2018-11-12 09:18:37 +0800 |
commit | c14e9d4e276c408db200a632029a8193944348f3 (patch) | |
tree | 92582988f4a35fa40766fd34842436d91feb9e72 /lib | |
parent | d4a0dbd9a467984d7f4a4861213298e2b95a3327 (diff) |
[iot] Support lock vboot for Android Things
Supoort "fastboot oem at-lock-vboot" command for Android
Things, this command can only be called after perm-attr
have been fused.
Test: build and boot ok on imx7d_pico and AIY.
Change-Id: Ifcfeb2a38d88c5d12b46a1d9ea61b182ae2e7bcb
Signed-off-by: Ji Luo <ji.luo@nxp.com>
Diffstat (limited to 'lib')
-rw-r--r-- | lib/avb/fsl/fsl_avbkey.c | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/lib/avb/fsl/fsl_avbkey.c b/lib/avb/fsl/fsl_avbkey.c index 9436e9b865d..5ac88a3bb33 100644 --- a/lib/avb/fsl/fsl_avbkey.c +++ b/lib/avb/fsl/fsl_avbkey.c @@ -283,6 +283,23 @@ int avb_atx_verify_unlock_credential(struct AvbAtxOps* atx_ops, return 0; } +bool perm_attr_are_fused(void) +{ +#ifdef CONFIG_IMX_TRUSTY_OS + AvbAtxPermanentAttributes attributes; + if(!trusty_read_permanent_attributes((uint8_t *)(&attributes), + sizeof(AvbAtxPermanentAttributes))) { + return true; + } else { + ERR("No perm-attr fused, please fuse your perm-attr first!.\n"); + return false; + } +#else + /* We hard code the perm-attr if trusty is not enabled. */ + return true; +#endif +} + /* Reads permanent |attributes| data. There are no restrictions on where this * data is stored. On success, returns AVB_IO_RESULT_OK and populates * |attributes|. |