Broadcom-s U-Boot https://git-03.infra.openwrt.org/project/bcm63xx/u-boot/atom?h=master 2019-04-26T22:58:22Z 2019-04-26T22:58:22Z Igor Opaniuk 2019-04-09T13:38:14Z urn:sha1:fc1fe01b08cedd77a194bb82fa81af4fe1e39031 AVB 2.0 spec. revision 1.1 introduces support for named persistent values that must be tamper evident and allows AVB to store arbitrary key-value pairs [1]. Introduce implementation of two additional AVB operations read_persistent_value()/write_persistent_value() for retrieving/storing named persistent values. Correspondent pull request in the OP-TEE OS project repo [2]. [1]: https://android.googlesource.com/platform/external/avb/+/android-9.0.0_r22 [2]: https://github.com/OP-TEE/optee_os/pull/2699 Reviewed-by: Simon Glass <sjg@chromium.org> Reviewed-by: Sam Protsenko <semen.protsenko@linaro.org> Signed-off-by: Igor Opaniuk <igor.opaniuk@gmail.com> 2018-10-07T15:07:25Z Jens Wiklander 2018-09-25T14:40:20Z urn:sha1:6663e074780912b01c09afd0c139f29825f7775c With CONFIG_OPTEE_TA_AVB use the trusted application AVB provided by OP-TEE to manage rollback indexes and device-lock status. Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> 2018-08-24T17:19:53Z Eugeniu Rosca 2018-08-14T00:43:09Z urn:sha1:e1904f4530a3415efac306adc6d4f5df7a051560 Compiling U-Boot with ubsan/asan libraries and running it in sandbox may lead to below backtrace: => avb init 0 => avb verify ## Android Verified Boot 2.0 version 1.1.0 read_is_device_unlocked not supported yet common/avb_verify.c:407:31: runtime error: division by zero AddressSanitizer:DEADLYSIGNAL Reviewed-by: Igor Opaniuk <igor.opaniuk@linaro.org> ================================================================= ==9388==ERROR: AddressSanitizer: FPE on unknown address 0x0000004b467f \ (pc 0x0000004b467f bp 0x000000000000 sp 0x7ffd899fe150 T0) #0 0x4b467e in mmc_byte_io common/avb_verify.c:407 #1 0x4b4c47 in mmc_byte_io common/avb_verify.c:532 #2 0x4b4c47 in read_from_partition common/avb_verify.c:533 #3 0x69dc0d in load_and_verify_vbmeta lib/libavb/avb_slot_verify.c:560 #4 0x6a1ee6 in avb_slot_verify lib/libavb/avb_slot_verify.c:1139 #5 0x45dabd in do_avb_verify_part cmd/avb.c:245 #6 0x4af77c in cmd_call common/command.c:499 #7 0x4af77c in cmd_process common/command.c:538 #8 0x46bafc in run_pipe_real common/cli_hush.c:1677 #9 0x46bafc in run_list_real common/cli_hush.c:1875 #10 0x46c780 in run_list common/cli_hush.c:2024 #11 0x46c780 in parse_stream_outer common/cli_hush.c:3216 #12 0x46d34b in parse_file_outer common/cli_hush.c:3299 #13 0x4ad609 in cli_loop common/cli.c:217 #14 0x4625ae in main_loop common/main.c:65 #15 0x46f2d1 in run_main_loop common/board_r.c:648 #16 0x640253 in initcall_run_list lib/initcall.c:30 #17 0x46f9d0 in board_init_r common/board_r.c:879 #18 0x40539b in main arch/sandbox/cpu/start.c:321 #19 0x7fa94925f82f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f) #20 0x408908 in _start (/srv/R/u-boot-master/u-boot+0x408908) AddressSanitizer can not provide additional info. SUMMARY: AddressSanitizer: FPE common/avb_verify.c:407 in mmc_byte_io ==9388==ABORTING Signed-off-by: Eugeniu Rosca <erosca@de.adit-jv.com> 2018-08-24T17:19:53Z Eugeniu Rosca 2018-08-14T00:43:08Z urn:sha1:47e41631bbb9348eac0ee7771b08d5ba7fdd6d5f Cppcheck (v1.85) reports w/o this patch: [common/avb_verify.c:738] -> [common/avb_verify.c:741]: (warning) \ Either the condition 'ops' is redundant or there is possible null \ pointer dereference: ops. Signed-off-by: Eugeniu Rosca <erosca@de.adit-jv.com> Reviewed-by: Igor Opaniuk <igor.opaniuk@linaro.org> 2018-08-24T17:19:53Z Eugeniu Rosca 2018-08-14T00:43:07Z urn:sha1:047bc5c75503105bf8ee66db793d9d249c281521 Cppcheck (v1.85) reports w/o this patch: [common/avb_verify.c:351]: (error) Memory leak: part [common/avb_verify.c:356]: (error) Memory leak: part [common/avb_verify.c:361]: (error) Memory leak: part [common/avb_verify.c:366]: (error) Memory leak: part Signed-off-by: Eugeniu Rosca <erosca@de.adit-jv.com> Reviewed-by: Igor Opaniuk <igor.opaniuk@linaro.org> 2018-08-24T17:19:53Z Eugeniu Rosca 2018-08-14T00:43:06Z urn:sha1:55d56d23479c57e530abbcc82459ca641d2ce7d8 Fix sparse complaint: common/avb_verify.c:14:21: warning: \ symbol 'avb_root_pub' was not declared. Should it be static? Signed-off-by: Eugeniu Rosca <erosca@de.adit-jv.com> Reviewed-by: Igor Opaniuk <igor.opaniuk@linaro.org> 2018-08-24T17:19:53Z Eugeniu Rosca 2018-08-14T00:43:04Z urn:sha1:2e2067b815b0fc96f357abc8cd54eedd8148c44d Fix below compiler [1] warning: common/avb_verify.c: In function ‘avb_find_dm_args’: common/avb_verify.c:179:30: warning: left-hand operand of comma expression has no effect [-Wunused-value] for (i = 0; i < AVB_MAX_ARGS, args[i]; ++i) { [1] aarch64-linux-gnu-gcc (Linaro GCC 7.2-2017.11) Signed-off-by: Eugeniu Rosca <erosca@de.adit-jv.com> Reviewed-by: Igor Opaniuk <igor.opaniuk@linaro.org> 2018-08-13T18:03:52Z Igor Opaniuk 2018-08-10T13:59:59Z urn:sha1:7a5fbfe64154c7474a9af2f3ff0a57ea2089fd87 Implement get_size_of_partition() operation, which is required by the latest upstream libavb [1]. [1] https://android.googlesource.com/platform/external/avb/+/android-p-preview-5 Signed-off-by: Igor Opaniuk <igor.opaniuk@linaro.org> Acked-by: Andrew F. Davis <afd@ti.com> Reviewed-by: Sam Protsenko <semen.protsenko@linaro.org> 2018-07-24T13:25:23Z Igor Opaniuk 2018-07-17T11:33:26Z urn:sha1:e9ee7398d64796d441067d5456b6e65780d11dbd Use blk_dread()/blk_dwrite() in mmc_read()/mmc_write() AVB operation implementations. This fixes compilation issues when CONFIG_BLK is enabled. Signed-off-by: Igor Opaniuk <igor.opaniuk@linaro.org> Tested-by: Eugeniu Rosca <rosca.eugeniu@gmail.com> 2018-06-18T17:55:13Z Igor Opaniuk 2018-06-03T18:56:40Z urn:sha1:5d4fd8777337134dc1a1270f27569a9ccaece193 1. Add initial support of boot states mode (red, green, yellow) 2. Add functions for enforcing dm-verity configurations Signed-off-by: Igor Opaniuk <igor.opaniuk@linaro.org>