| #
bbddbef9 |
| 25-Sep-2018 |
Jens Wiklander <jens.wiklander@linaro.org> |
avb_verify: support sandbox configuration
Change get_sector_buf() to use map_sysmem() to get a pointer to the
CONFIG_FASTBOOT_BUF_ADDR in memory.
Signed-off-by: Jens Wiklander <
avb_verify: support sandbox configuration
Change get_sector_buf() to use map_sysmem() to get a pointer to the
CONFIG_FASTBOOT_BUF_ADDR in memory.
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
show more ...
|
| #
6663e074 |
| 25-Sep-2018 |
Jens Wiklander <jens.wiklander@linaro.org> |
avb_verify: support using OP-TEE TA AVB
With CONFIG_OPTEE_TA_AVB use the trusted application AVB provided by
OP-TEE to manage rollback indexes and device-lock status.
Reviewed-b
avb_verify: support using OP-TEE TA AVB
With CONFIG_OPTEE_TA_AVB use the trusted application AVB provided by
OP-TEE to manage rollback indexes and device-lock status.
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| #
4ac5df4b |
| 03-Jul-2018 |
Tom Rini <trini@konsulko.com> |
Merge branch 'master' of git://git.denx.de/u-boot-sunxi
|
| #
de766105 |
| 27-Jun-2018 |
Tom Rini <trini@konsulko.com> |
Merge git://git.denx.de/u-boot-imx
|
| #
dc7df68f |
| 21-Jun-2018 |
Tom Rini <trini@konsulko.com> |
Merge branch 'master' of git://git.denx.de/u-boot-sh
|
| #
5d4fd877 |
| 03-Jun-2018 |
Igor Opaniuk <igor.opaniuk@linaro.org> |
avb2.0: add boot states and dm-verity support
1. Add initial support of boot states mode (red, green, yellow)
2. Add functions for enforcing dm-verity configurations
Signed-off-
avb2.0: add boot states and dm-verity support
1. Add initial support of boot states mode (red, green, yellow)
2. Add functions for enforcing dm-verity configurations
Signed-off-by: Igor Opaniuk <igor.opaniuk@linaro.org>
show more ...
|
| #
3af30e44 |
| 03-Jun-2018 |
Igor Opaniuk <igor.opaniuk@linaro.org> |
avb2.0: implement AVB ops
Implement AVB ops on top of existing mmc subsystem API. Currently there
is a full implementation of such operations, defined by [1]
AVB2.0 specification:
avb2.0: implement AVB ops
Implement AVB ops on top of existing mmc subsystem API. Currently there
is a full implementation of such operations, defined by [1]
AVB2.0 specification:
.read_from_partition() - reads N bytes from a partition identified by
a name.
.write_to_partition() - Writes N bytes to a partition identified by a name.
.validate_vbmeta_public_key() - checks if the given public ‘vbmeta’
partition is trusted.
.get_unique_guid_for_partition() - Gets the GUID for a partition identified
by a string name.
As [1] specification recommends to use tamper-evident storage for storing
rollback indexes and device state (LOCKED/UNLOCKED),
currently are only stubs instead of full implementation for these ops:
.read_rollback_index() - Gets the rollback index for a given index location
.write_rollback_index() - Sets the rollback index to a given location
.read_is_device_unlocked() - Gets where the device is unlocked
[1] https://android.googlesource.com/platform/external/avb/+/master/README.md
Signed-off-by: Igor Opaniuk <igor.opaniuk@linaro.org>
show more ...
|