The optee is used to storage security data in U-Boot, and a file
which occupy 16KB is created when write a rollback index. But the
security space is only 512KB, the sapce is not enough when write
too many items.
And here we write rollback index 32 times, but the avb only use
rollback_index_location 0 to verify the rollback index with vbmeta.
So just get the rollback_index_location 0 in this process.
Test:
fastboot getvar at-vboot-state
Error log:
TEEC: reference out of data: -1
TEEC: Not enough space available in secure storage!
Signed-off-by: Jason Zhu <jason.zhu@rock-chips.com>
Change-Id: Id69b852553a4ef9111dabe6f23e25038b0928bb3
Return flash unlock status when close CONFIG_OPTEE_CLIENT.
Signed-off-by: Jason Zhu <jason.zhu@rock-chips.com>
Change-Id: I7a7a03b8305c864d83d3d2c14b0f9aa104b2ef59
SPL requires key hash to verify and flash it to OTP/EFUSE.
- hash@c: n, e, c
- hash@np: n, e, np
/ {
signature {
key-dev {
required = "conf";
algo = "sha256,rsa2048";
rsa,np = <...>;
rsa,c = <...>;
rsa,modulus = <...>;
rsa,exponent-BN = <...>;
...
key-name-hint = "dev";
hash@np {
algo = "sha256";
value = <0x0934bc4d 0xfbc31ffe 0x9224d6c2 0x1a3aa280 0x881d881e 0xe2006246 0x01b9e724 0x35c03428>;
};
hash@c {
algo = "sha256";
value = <0x08962385 0x34585e06 0x0b73a496 0x374b148d 0xa2700a75 0x4aae08ad 0xb2a324a3 0x95ee6b52>;
};
};
};
...
};
But after processed by scripts/fit.sh, only one of "hash@c" and "hash@np" would be left.
Signed-off-by: Joseph Chen <chenjh@rock-chips.com>
Change-Id: Id9454100f9fdb06b30f9a4b2a7bdd180f117cb68
Open CONFIG_AVB_LIBAVB_USER & CONFIG_ANDROID_AB &
CONFIG_AVB_LIBAVB_AB to enable ab.
Signed-off-by: Jason Zhu <jason.zhu@rock-chips.com>
Change-Id: I1611907b3cb82f72d5e706ed966ee98c7569d230
1.read_from_partition: support read vbmeta from the partition tail.
2.validate_public_key_for_partition: support this function
Signed-off-by: Jason Zhu <jason.zhu@rock-chips.com>
Change-Id: I5372848a9339b10f5b1a66e92f5217a0a3122392
Add README file to record some important information of optee_client.
Signed-off-by: Elon Zhang <zhangzj@rock-chips.com>
Change-Id: I66788f021d38c4617c87b46b6e3640ed7dd9e22f
The cache fixup is for the data coherence when communication
between U-Boot and OP-TEE. And data abort exception appeares on
OP-TEE V1 32bit platform due to unknown reason.
So only the share memory need be mapped as dcache enabled.
Signed-off-by: Elon Zhang <zhangzj@rock-chips.com>
Change-Id: I92b62ef5fbdf47adc0328a14034a5861e8e77fed
optee v1 smc message is deprecated and update to new optee msg,
api revision smc call is add in init func to check capcibility.
Change-Id: Ia54a1257050b5e3776a00b6b76ca608c939bb401
Signed-off-by: Hisping Lin <hisping.lin@rock-chips.com>
Signed-off-by: Elon Zhang <zhangzj@rock-chips.com>
We don't clearly know why there is odd address, maybe the
compression itself does.
Signed-off-by: Joseph Chen <chenjh@rock-chips.com>
Change-Id: Iabf2c09839485a0b12301ea003f945e1de414d83
We add the support of the padding pss for rsa signature.
This new padding is often recommended instead of pkcs-1.5.
Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
(cherry picked from commit 061daa0b61f0fbeb214c566f3adb23da05545320)
Signed-off-by: Joseph Chen <chenjh@rock-chips.com>
Change-Id: I28e5722504bfd0428cd119b2aaae60682a720648
The rsa signature use a padding algorithm. By default, we use the
padding pkcs-1.5. In order to add some new padding algorithm, we
add a padding framework to manage several padding algorithm.
The choice of the padding is done in the file .its.
Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
(cherry picked from commit 20031567e12bb312bff95b70767f6275e20f0346)
Conflicts:
common/image-fit.c
lib/rsa/rsa-sign.c
lib/rsa/rsa-verify.c
Change-Id: Ie522fec1ea69e6b86ebde0f7dad91a45670da66b
Signed-off-by: Joseph Chen <chenjh@rock-chips.com>
Previous implementation of the rsa signature was using
the openssl API EVP_Sign*, but the new openssl API
EVP_DigestSign* is more flexible. So we move to this
new API.
Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
(cherry picked from commit 3b5d6979fcb80ffae3b140be6edc04cbde1a0b72)
Conflicts:
lib/rsa/rsa-sign.c
Change-Id: I6016a13904024a63d6fb8110cef37e57a164eed9
Signed-off-by: Joseph Chen <chenjh@rock-chips.com>
1.use get_rkss_version function to get rkss version,
if security partition have data with rkss version 1, then
we choice rkss version 1, if security partition is empty,
then we choice rkss version 2
2.rkss version 2 support dual backup mechanism,
security partition total use 1M
3.rkss version 2 R&W 256k data one time
Change-Id: I2f17b22d6a442df84be0d94a808b03465dc6fefe
Signed-off-by: Hisping Lin <hisping.lin@rock-chips.com>
1.use get_rkss_version function to get rkss version,
if security partition have data with rkss version 1, then
we choice rkss version 1, if security partition is empty,
then we choice rkss version 2
2.rkss version 2 support dual backup mechanism,
security partition total use 1M
3.rkss version 2 R&W 256k data one time
Change-Id: I4103b6600666dffccf473ec4ed8854776a46da31
Signed-off-by: Hisping Lin <hisping.lin@rock-chips.com>
It seems fdt64_to_cpu() input param address must be 8-bytes
align, otherwise it brings a data-abort.
No root cause was found, let's workaround it.
Signed-off-by: Joseph Chen <chenjh@rock-chips.com>
Change-Id: Ic9f47d657b89b458bbd9ee52f0f931a689aec321
If the user can't make sure where the region is available
and safe for use, this command handles it.
Rename commands with prefix: sysmem_xxx.
Signed-off-by: Joseph Chen <chenjh@rock-chips.com>
Change-Id: I37ea76bf33a3fcb8c16baeecae3980d746775ec7
Get rid of the hacky fake boot-device and duplicate device-path
constructing (which needs to match what efi_disk and efi_net do).
Instead convert over to use efi_device_path helpers to construct
device-paths, and use that to look up the actual boot device.
Also, extract out a helper to plug things in properly to the
loaded_image. In a following patch we'll want to re-use this in
efi_load_image() to handle the case of loading an image from a
file_path.
Signed-off-by: Rob Clark <robdclark@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
(cherry picked from commit 95c5553ea268144056c4bafc318b9e8b5c096a6c)
Change-Id: Iaa6a9865f2cbd15d6537d200bd86662fa4baf5a0
Signed-off-by: Jeffy Chen <jeffy.chen@rock-chips.com>
Also, create disk objects for the disk itself, in addition to the
partitions. (UEFI terminology is a bit confusing, a "disk" object is
really a partition.) This helps grub properly identify the boot device
since it is trying to match up partition "disk" object with it's parent
device.
Now instead of seeing devices like:
/File(sdhci@07864000.blk)/EndEntire
/File(usb_mass_storage.lun0)/EndEntire
You see:
/ACPI(133741d0,0)/UnknownMessaging(1d)/EndEntire
/ACPI(133741d0,0)/UnknownMessaging(1d)/HD(0,800,64000,dd904a8c00000000,1,1)/EndEntire
/ACPI(133741d0,0)/UnknownMessaging(1d)/HD(1,64800,200000,dd904a8c00000000,1,1)/EndEntire
/ACPI(133741d0,0)/UnknownMessaging(1d)/HD(2,264800,19a000,dd904a8c00000000,1,1)/EndEntire
/ACPI(133741d0,0)/USB(0,0)/USB(0,0)/USB(0,0)/EndEntire
/ACPI(133741d0,0)/USB(0,0)/USB(0,0)/USB(0,0)/HD(0,800,60000,38ca680200000000,1,1)/EndEntire
/ACPI(133741d0,0)/USB(0,0)/USB(0,0)/USB(0,0)/HD(1,61000,155000,38ca680200000000,1,1)/EndEntire
/ACPI(133741d0,0)/USB(0,0)/USB(0,0)/USB(0,0)/HD(2,20fa800,1bbf8800,38ca680200000000,1,1)/EndEntire
/ACPI(133741d0,0)/USB(0,0)/USB(0,0)/USB(0,0)/HD(3,1b6800,1f44000,38ca680200000000,1,1)/EndEntire
This is on a board with single USB disk and single sd-card. The
UnknownMessaging(1d) node in the device-path is the MMC device,
but grub_efi_print_device_path() hasn't been updated yet for some
of the newer device-path sub-types.
This patch is inspired by a patch originally from Peter Jones, but
re-worked to use efi_device_path, so it doesn't much resemble the
original.
Signed-off-by: Rob Clark <robdclark@gmail.com>
[agraf: s/unsigned/unsigned int/]
Signed-off-by: Alexander Graf <agraf@suse.de>
(cherry picked from commit 884bcf6f65c414dce3b3d2a91e2c9eba0e5e08f8)
Change-Id: I8d891a25dd321b718b0429d8b8a895cc4490f272
Signed-off-by: Jeffy Chen <jeffy.chen@rock-chips.com>
Helpers to construct device-paths from devices, partitions, files, and
for parsing and manipulating device-paths.
For non-legacy devices, this will use u-boot's device-model to construct
device-paths which include bus hierarchy to construct device-paths. For
legacy devices we still fake it, but slightly more convincingly.
Signed-off-by: Rob Clark <robdclark@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
(cherry picked from commit b66c60dde9d48889b93694326d40f7e5208cff25)
Change-Id: I9825d4132ec08bef46a3b5b7c6946a5636d73ce9
Signed-off-by: Jeffy Chen <jeffy.chen@rock-chips.com>
This function is called to alloc buffer for storage driver
access, make sure the address is cacheline align.
Also better for any module which calls it.
Signed-off-by: Joseph Chen <chenjh@rock-chips.com>
Change-Id: I520d16ea28764671eb566cc96cab744ca6b13fc2
It works only when verification error is allowed, it avoids
AVB workflow to load the full partition which wastes time.
Signed-off-by: Joseph Chen <chenjh@rock-chips.com>
Change-Id: Icbcd48b7bf97d826663523099c944e269f17b709
- On ARMv7: LPAE seems to be not friendly that brings a lot of
compile errors.
- On ARMv8: MMU translate table is static defined by mem_map[]
and max 4GB as usual. It is not created dynamically according
to real memory size, that is different from ARMv7.
- 4GB memory is enough for U-Boot on both ARMv7 an ARMv8.
Considering all that, we decide to make max 4GB size to be visiable
for U-Boot, but still pass the real available memory size to kernel
by bidram_fixup() called at late before fixup "/memory" node.
Signed-off-by: Joseph Chen <chenjh@rock-chips.com>
Change-Id: Idd5fa769e940b0618446909f8f9edc39f596f072
The dts/kern.dtb is appended after u-boot-dtb.bin for U-disk boot.
Make sure u-boot-dtb.bin is 8-byte aligned to avoid data-abort on
calling: fdt_check_header(gd->fdt_blob_kern).
Signed-off-by: Joseph Chen <chenjh@rock-chips.com>
Change-Id: Id5f2daf0c5446e7ea828cb970d3d4879e3acda86
Jason Zhu
Joseph Chen
Elon Zhang
Hisping Lin
Philippe Reynes
Rob Clark