From: Igor Opaniuk <igor.opaniuk@linaro.org>
To: u-boot@lists.denx.de
Subject: [U-Boot] [PATCH 5/8] avb2.0: add boot states and dm-verity support
Date: Wed, 25 Apr 2018 16:18:02 +0300 [thread overview]
Message-ID: <1524662285-19617-6-git-send-email-igor.opaniuk@linaro.org> (raw)
In-Reply-To: <1524662285-19617-1-git-send-email-igor.opaniuk@linaro.org>
1. Add initial support of boot states mode (red, green, yellow)
2. Add functions for enforcing dm-verity configurations
Signed-off-by: Igor Opaniuk <igor.opaniuk@linaro.org>
---
cmd/avb.c | 17 ++++++-
common/avb_verify.c | 140 +++++++++++++++++++++++++++++++++++++++++++++++++--
include/avb_verify.h | 19 ++++++-
3 files changed, 171 insertions(+), 5 deletions(-)
diff --git a/cmd/avb.c b/cmd/avb.c
index d040906..2c15b47 100644
--- a/cmd/avb.c
+++ b/cmd/avb.c
@@ -218,6 +218,8 @@ int do_avb_verify_part(cmd_tbl_t *cmdtp, int flag,
{
AvbSlotVerifyResult slot_result;
AvbSlotVerifyData *out_data;
+ char *cmdline;
+ char *extra_args;
bool unlocked = false;
int res = CMD_RET_FAILURE;
@@ -243,10 +245,23 @@ int do_avb_verify_part(cmd_tbl_t *cmdtp, int flag,
"", unlocked, &out_data);
switch (slot_result) {
case AVB_SLOT_VERIFY_RESULT_OK:
+ /* Until we don't have support of changing unlock states, we
+ * assume that we are by default in locked state.
+ * So in this case we can boot only when verification is
+ * successful; we also supply in cmdline GREEN boot state
+ */
printf("Verification passed successfully\n");
/* export additional bootargs to AVB_BOOTARGS env var */
- env_set(AVB_BOOTARGS, out_data->cmdline);
+
+ extra_args = avb_set_state(avb_ops, AVB_GREEN);
+ if (extra_args)
+ cmdline = append_cmd_line(out_data->cmdline,
+ extra_args);
+ else
+ cmdline = out_data->cmdline;
+
+ env_set(AVB_BOOTARGS, cmdline);
res = CMD_RET_SUCCESS;
break;
diff --git a/common/avb_verify.c b/common/avb_verify.c
index b3d1229..df5e407 100644
--- a/common/avb_verify.c
+++ b/common/avb_verify.c
@@ -119,6 +119,140 @@ const unsigned char avb_root_pub[1032] = {
/**
* ============================================================================
+ * Boot states support (GREEN, YELLOW, ORANGE, RED) and dm_verity
+ * ============================================================================
+ */
+char *avb_set_state(AvbOps *ops, enum avb_boot_state boot_state)
+{
+ struct AvbOpsData *data;
+ char *cmdline = NULL;
+
+ if (!ops)
+ return NULL;
+
+ data = (struct AvbOpsData *)ops->user_data;
+ if (!data)
+ return NULL;
+
+ data->boot_state = boot_state;
+ switch (boot_state) {
+ case AVB_GREEN:
+ cmdline = "androidboot.verifiedbootstate=green";
+ break;
+ case AVB_YELLOW:
+ cmdline = "androidboot.verifiedbootstate=yellow";
+ break;
+ case AVB_ORANGE:
+ cmdline = "androidboot.verifiedbootstate=orange";
+ case AVB_RED:
+ break;
+ }
+
+ return cmdline;
+}
+
+char *append_cmd_line(char *cmdline_orig, char *cmdline_new)
+{
+ char *cmd_line;
+
+ if (!cmdline_new)
+ return cmdline_orig;
+
+ if (cmdline_orig)
+ cmd_line = cmdline_orig;
+ else
+ cmd_line = " ";
+
+ cmd_line = avb_strdupv(cmd_line, " ", cmdline_new, NULL);
+
+ return cmd_line;
+}
+
+static int avb_find_dm_args(char **args, char *str)
+{
+ int i = 0;
+
+ if (!str)
+ return -1;
+
+ do {
+ if ((!args[i]) || (i >= AVB_MAX_ARGS))
+ return -1;
+
+ if (strstr(args[i], str))
+ return i;
+
+ i++;
+ } while (1);
+}
+
+static char *avb_set_enforce_option(const char *cmdline, const char *option)
+{
+ char *cmdarg[AVB_MAX_ARGS];
+ char *newargs = NULL;
+ int i = 0;
+ int total_args;
+
+ memset(cmdarg, 0, sizeof(cmdarg));
+ cmdarg[i++] = strtok((char *)cmdline, " ");
+
+ do {
+ cmdarg[i] = strtok(NULL, " ");
+ if (!cmdarg[i])
+ break;
+
+ if (++i >= AVB_MAX_ARGS) {
+ printf("%s: Can't handle more then %d args\n",
+ __func__, i);
+ return NULL;
+ }
+ } while (true);
+
+ total_args = i;
+ i = avb_find_dm_args(&cmdarg[0], VERITY_TABLE_OPT_LOGGING);
+ if (i >= 0) {
+ cmdarg[i] = (char *)option;
+ } else {
+ i = avb_find_dm_args(&cmdarg[0], VERITY_TABLE_OPT_RESTART);
+ if (i < 0) {
+ printf("%s: No verity options found\n", __func__);
+ return NULL;
+ }
+
+ cmdarg[i] = (char *)option;
+ }
+
+ for (i = 0; i <= total_args; i++)
+ newargs = append_cmd_line(newargs, cmdarg[i]);
+
+ return newargs;
+}
+
+char *avb_set_ignore_corruption(const char *cmdline)
+{
+ char *newargs = NULL;
+
+ newargs = avb_set_enforce_option(cmdline, VERITY_TABLE_OPT_LOGGING);
+ if (newargs)
+ newargs = append_cmd_line(newargs,
+ "androidboot.veritymode=eio");
+
+ return newargs;
+}
+
+char *avb_set_enforce_verity(const char *cmdline)
+{
+ char *newargs;
+
+ newargs = avb_set_enforce_option(cmdline, VERITY_TABLE_OPT_RESTART);
+ if (newargs)
+ newargs = append_cmd_line(newargs,
+ "androidboot.veritymode=enforcing");
+ return newargs;
+}
+
+/**
+ * ============================================================================
* IO(mmc) auxiliary functions
* ============================================================================
*/
@@ -478,7 +612,7 @@ static AvbIOResult read_rollback_index(AvbOps *ops,
u64 *out_rollback_index)
{
/* For now we always return 0 as the stored rollback index. */
- printf("TODO: implement %s.\n", __func__);
+ printf("%s not supported yet\n", __func__);
if (out_rollback_index)
*out_rollback_index = 0;
@@ -502,7 +636,7 @@ static AvbIOResult write_rollback_index(AvbOps *ops,
u64 rollback_index)
{
/* For now this is a no-op. */
- printf("TODO: implement %s.\n", __func__);
+ printf("%s not supported yet\n", __func__);
return AVB_IO_RESULT_OK;
}
@@ -522,7 +656,7 @@ static AvbIOResult read_is_device_unlocked(AvbOps *ops, bool *out_is_unlocked)
{
/* For now we always return that the device is unlocked. */
- printf("TODO: implement %s.\n", __func__);
+ printf("%s not supported yet\n", __func__);
*out_is_unlocked = true;
diff --git a/include/avb_verify.h b/include/avb_verify.h
index fb7ab23..9363ca5 100644
--- a/include/avb_verify.h
+++ b/include/avb_verify.h
@@ -11,12 +11,23 @@
#include <avb/libavb_ab.h>
#include <mmc.h>
-#define ALLOWED_BUF_ALIGN 8
+#define AVB_MAX_ARGS 1024
+#define VERITY_TABLE_OPT_RESTART "restart_on_corruption"
+#define VERITY_TABLE_OPT_LOGGING "ignore_corruption"
+#define ALLOWED_BUF_ALIGN 8
+
+enum avb_boot_state {
+ AVB_GREEN,
+ AVB_YELLOW,
+ AVB_ORANGE,
+ AVB_RED,
+};
struct AvbOpsData {
struct AvbOps ops;
struct AvbABOps ab_ops;
int mmc_dev;
+ enum avb_boot_state boot_state;
};
struct mmc_part {
@@ -34,6 +45,12 @@ enum mmc_io_type {
AvbOps *avb_ops_alloc(int boot_device);
void avb_ops_free(AvbOps *ops);
+char *avb_set_state(AvbOps *ops, enum avb_boot_state boot_state);
+char *avb_set_enforce_verity(const char *cmdline);
+char *avb_set_ignore_corruption(const char *cmdline);
+
+char *append_cmd_line(char *cmdline_orig, char *cmdline_new);
+
/**
* ============================================================================
* I/O helper inline functions
--
2.7.4
next prev parent reply other threads:[~2018-04-25 13:18 UTC|newest]
Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-04-25 13:17 [U-Boot] [PATCH 0/8] Initial integration of AVB2.0 Igor Opaniuk
2018-04-25 13:17 ` [U-Boot] [PATCH 1/8] avb2.0: add Android Verified Boot 2.0 libraries Igor Opaniuk
2018-04-25 13:17 ` [U-Boot] [PATCH 2/8] avb2.0: integrate avb 2.0 into the build system Igor Opaniuk
2018-04-25 13:18 ` [U-Boot] [PATCH 3/8] avb2.0: implement AVB ops Igor Opaniuk
2018-04-25 13:18 ` [U-Boot] [PATCH 4/8] cmd: avb2.0: avb command for performing verification Igor Opaniuk
2018-05-02 18:52 ` Sam Protsenko
2018-05-03 2:31 ` Simon Glass
2018-05-15 15:44 ` Igor Opaniuk
2018-05-15 16:26 ` Simon Glass
2018-05-15 17:31 ` Igor Opaniuk
2018-05-15 18:28 ` Simon Glass
2018-05-16 8:20 ` Igor Opaniuk
2018-05-16 15:40 ` Simon Glass
2018-04-25 13:18 ` Igor Opaniuk [this message]
2018-05-02 18:59 ` [U-Boot] [PATCH 5/8] avb2.0: add boot states and dm-verity support Sam Protsenko
2018-04-25 13:18 ` [U-Boot] [PATCH 6/8] am57xx_hs: avb2.0: add support of AVB 2.0 Igor Opaniuk
2018-05-02 19:06 ` Sam Protsenko
2018-04-25 13:18 ` [U-Boot] [PATCH 7/8] test/py: avb2.0: add tests for avb commands Igor Opaniuk
2018-04-25 13:18 ` [U-Boot] [PATCH 8/8] doc: avb2.0: add README about AVB2.0 integration Igor Opaniuk
2018-05-02 19:12 ` Sam Protsenko
2018-05-16 9:20 ` Igor Opaniuk
2018-04-26 3:05 ` [U-Boot] [PATCH 0/8] Initial integration of AVB2.0 Kever Yang
2018-04-26 13:00 ` Igor Opaniuk
2018-04-26 18:35 ` Alex Deymo
2018-04-27 9:53 ` Igor Opaniuk
2018-04-30 10:47 ` Alex Deymo
2018-05-06 11:31 ` Eugeniu Rosca
2018-05-15 15:31 ` Eugeniu Rosca
2018-05-15 16:58 ` Igor Opaniuk
2018-05-15 17:10 ` Eugeniu Rosca
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1524662285-19617-6-git-send-email-igor.opaniuk@linaro.org \
--to=igor.opaniuk@linaro.org \
--cc=u-boot@lists.denx.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.