From: Neil Armstrong <narmstrong@baylibre.com>
To: Mattijs Korpershoek <mkorpershoek@baylibre.com>
Cc: u-boot-amlogic@groups.io, u-boot@lists.denx.de,
Guillaume La Roque <glaroque@baylibre.com>
Subject: Re: [PATCH 3/9] configs: meson64_android: implement AVB support
Date: Thu, 5 Aug 2021 18:20:59 +0200 [thread overview]
Message-ID: <5667bca3-034f-7af8-158f-61d3452df008@baylibre.com> (raw)
In-Reply-To: <20210805151728.422329-4-mkorpershoek@baylibre.com>
On 05/08/2021 17:17, Mattijs Korpershoek wrote:
> AVB (Android Verified Boot) is well supported in U-Boot already.
> Add support for it in meson64_android.
>
> This is controlled by the "force_avb" environment variable and the
> CONFIG_CMD_AVB option.
>
> Signed-off-by: Guillaume La Roque <glaroque@baylibre.com>
> Signed-off-by: Mattijs Korpershoek <mkorpershoek@baylibre.com>
> ---
> include/configs/meson64_android.h | 23 +++++++++++++++++++++++
> 1 file changed, 23 insertions(+)
>
> diff --git a/include/configs/meson64_android.h b/include/configs/meson64_android.h
> index bc3ffb9ca5..48a23b6e41 100644
> --- a/include/configs/meson64_android.h
> +++ b/include/configs/meson64_android.h
> @@ -27,6 +27,25 @@
>
> #ifndef RECOVERY_PARTITION
> #define RECOVERY_PARTITION "recovery"
> +
> +#if defined(CONFIG_CMD_AVB)
> +#define AVB_VERIFY_CHECK \
> + "if test \"${force_avb}\" -eq 1; then " \
> + "if run avb_verify; then " \
> + "echo AVB verification OK.;" \
> + "setenv bootargs \"$bootargs $avb_bootargs\";" \
> + "else " \
> + "echo AVB verification failed.;" \
> + "exit; fi;" \
> + "else " \
> + "setenv bootargs \"$bootargs androidboot.verifiedbootstate=orange\";" \
> + "echo Running without AVB...; "\
> + "fi;"
> +
> +#define AVB_VERIFY_CMD "avb_verify=avb init ${mmcdev}; avb verify;\0"
> +#else
> +#define AVB_VERIFY_CHECK ""
> +#define AVB_VERIFY_CMD ""
> #endif
>
> #define BOOTENV_DEV_FASTBOOT(devtypeu, devtypel, instance) \
> @@ -93,6 +112,7 @@
> "echo Running Recovery...;" \
> "mmc dev ${mmcdev};" \
> "setenv bootargs \"${bootargs} androidboot.serialno=${serial#}\";" \
> + AVB_VERIFY_CHECK \
> "part start mmc ${mmcdev} " RECOVERY_PARTITION " boot_start;" \
> "part size mmc ${mmcdev} " RECOVERY_PARTITION " boot_size;" \
> "if mmc read ${loadaddr} ${boot_start} ${boot_size}; then " \
> @@ -111,6 +131,7 @@
> "echo Loading Android " BOOT_PARTITION " partition...;" \
> "mmc dev ${mmcdev};" \
> "setenv bootargs ${bootargs} androidboot.serialno=${serial#};" \
> + AVB_VERIFY_CHECK \
> "part start mmc ${mmcdev} " BOOT_PARTITION " boot_start;" \
> "part size mmc ${mmcdev} " BOOT_PARTITION " boot_size;" \
> "if mmc read ${loadaddr} ${boot_start} ${boot_size}; then " \
> @@ -142,6 +163,8 @@
> #define CONFIG_EXTRA_ENV_SETTINGS \
> "partitions=" PARTS_DEFAULT "\0" \
> "mmcdev=2\0" \
> + AVB_VERIFY_CMD \
> + "force_avb=0\0" \
> "gpio_recovery=88\0" \
> "check_button=gpio input ${gpio_recovery};test $? -eq 0;\0" \
> "load_logo=" PREBOOT_LOAD_LOGO "\0" \
>
Acked-by: Neil Armstrong <narmstrong@baylibre.com>
next prev parent reply other threads:[~2021-08-05 16:21 UTC|newest]
Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-08-05 15:17 [PATCH 0/9] meson64_android: Android boot flow using abootimg Mattijs Korpershoek
2021-08-05 15:17 ` [PATCH 1/9] configs: meson64: permit redefining SYS_MALLOC_LEN Mattijs Korpershoek
2021-08-05 16:20 ` Neil Armstrong
2021-08-05 17:16 ` Tom Rini
2021-08-06 7:54 ` Neil Armstrong
2021-08-06 9:24 ` Mattijs Korpershoek
2021-08-06 12:47 ` Tom Rini
2021-08-06 12:46 ` Tom Rini
2021-08-05 15:17 ` [PATCH 2/9] configs: meson64_android: increase SYS_MALLOC_LEN to 128M for AVB Mattijs Korpershoek
2021-08-05 16:20 ` Neil Armstrong
2021-08-05 15:17 ` [PATCH 3/9] configs: meson64_android: implement AVB support Mattijs Korpershoek
2021-08-05 16:20 ` Neil Armstrong [this message]
2021-08-05 15:17 ` [PATCH 4/9] configs: meson64_android: implement A/B slot support Mattijs Korpershoek
2021-08-05 16:21 ` Neil Armstrong
2021-08-05 15:17 ` [PATCH 5/9] configs: meson64_android: define BOOT_CMD macro Mattijs Korpershoek
2021-08-05 16:21 ` Neil Armstrong
2021-08-05 15:17 ` [PATCH 6/9] configs: meson64_android: boot android via abootimg Mattijs Korpershoek
2021-08-05 16:21 ` Neil Armstrong
2021-08-05 15:17 ` [PATCH 7/9] configs: sei510/sei610: reformat PARTS_default Mattijs Korpershoek
2021-08-05 16:21 ` Neil Armstrong
2021-08-05 15:17 ` [PATCH 8/9] configs: sei510/sei610: don't use hard-coded gpt uuids Mattijs Korpershoek
2021-08-05 16:21 ` Neil Armstrong
2021-08-05 15:17 ` [PATCH 9/9] configs: sei510/610: android bootflow via abootimg Mattijs Korpershoek
2021-08-05 16:21 ` Neil Armstrong
2021-08-05 17:23 ` [PATCH 0/9] meson64_android: Android boot flow using abootimg Tom Rini
2021-08-06 7:57 ` Neil Armstrong
2021-08-06 15:36 ` Mattijs Korpershoek
2021-08-06 15:56 ` Tom Rini
2021-08-10 8:41 ` Neil Armstrong
2021-08-10 8:47 ` Neil Armstrong
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5667bca3-034f-7af8-158f-61d3452df008@baylibre.com \
--to=narmstrong@baylibre.com \
--cc=glaroque@baylibre.com \
--cc=mkorpershoek@baylibre.com \
--cc=u-boot-amlogic@groups.io \
--cc=u-boot@lists.denx.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.