From 3af30e4443aa2c8224bf15ba352a5ef81b02711a Mon Sep 17 00:00:00 2001 From: Igor Opaniuk Date: Sun, 3 Jun 2018 21:56:38 +0300 Subject: avb2.0: implement AVB ops MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Implement AVB ops on top of existing mmc subsystem API. Currently there is a full implementation of such operations, defined by [1] AVB2.0 specification: .read_from_partition() - reads N bytes from a partition identified by a name. .write_to_partition() - Writes N bytes to a partition identified by a name. .validate_vbmeta_public_key() - checks if the given public ‘vbmeta’ partition is trusted. .get_unique_guid_for_partition() - Gets the GUID for a partition identified by a string name. As [1] specification recommends to use tamper-evident storage for storing rollback indexes and device state (LOCKED/UNLOCKED), currently are only stubs instead of full implementation for these ops: .read_rollback_index() - Gets the rollback index for a given index location .write_rollback_index() - Sets the rollback index to a given location .read_is_device_unlocked() - Gets where the device is unlocked [1] https://android.googlesource.com/platform/external/avb/+/master/README.md Signed-off-by: Igor Opaniuk --- include/avb_verify.h | 79 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 79 insertions(+) create mode 100644 include/avb_verify.h (limited to 'include/avb_verify.h') diff --git a/include/avb_verify.h b/include/avb_verify.h new file mode 100644 index 0000000000..428c69a2bc --- /dev/null +++ b/include/avb_verify.h @@ -0,0 +1,79 @@ + +/* + * (C) Copyright 2018, Linaro Limited + * + * SPDX-License-Identifier: GPL-2.0+ + */ + +#ifndef _AVB_VERIFY_H +#define _AVB_VERIFY_H + +#include <../lib/libavb/libavb.h> +#include + +#define ALLOWED_BUF_ALIGN 8 + +struct AvbOpsData { + struct AvbOps ops; + int mmc_dev; +}; + +struct mmc_part { + int dev_num; + struct mmc *mmc; + struct blk_desc *mmc_blk; + disk_partition_t info; +}; + +enum mmc_io_type { + IO_READ, + IO_WRITE +}; + +AvbOps *avb_ops_alloc(int boot_device); +void avb_ops_free(AvbOps *ops); + +/** + * ============================================================================ + * I/O helper inline functions + * ============================================================================ + */ +static inline uint64_t calc_offset(struct mmc_part *part, int64_t offset) +{ + u64 part_size = part->info.size * part->info.blksz; + + if (offset < 0) + return part_size + offset; + + return offset; +} + +static inline size_t get_sector_buf_size(void) +{ + return (size_t)CONFIG_FASTBOOT_BUF_SIZE; +} + +static inline void *get_sector_buf(void) +{ + return (void *)CONFIG_FASTBOOT_BUF_ADDR; +} + +static inline bool is_buf_unaligned(void *buffer) +{ + return (bool)((uintptr_t)buffer % ALLOWED_BUF_ALIGN); +} + +static inline int get_boot_device(AvbOps *ops) +{ + struct AvbOpsData *data; + + if (ops) { + data = ops->user_data; + if (data) + return data->mmc_dev; + } + + return -1; +} + +#endif /* _AVB_VERIFY_H */ -- cgit v1.2.3