Merge "app: aboot: Blocked fastboot boot when MDTP is activated"
diff --git a/app/aboot/aboot.c b/app/aboot/aboot.c
index 553bca4..0800957 100644
--- a/app/aboot/aboot.c
+++ b/app/aboot/aboot.c
@@ -1912,10 +1912,8 @@
#ifdef MDTP_SUPPORT
else
{
- /* Verify MDTP lock before continue with boot process.
- * For boot & recovery partitions, MDTP will use boot_verifier APIs,
- * since verification was skipped in aboot. The signarue is already part of the loaded image.
- */
+ /* fastboot boot is not allowed when MDTP is activated */
+
mdtp_ext_partition_verification_t ext_partition;
ext_partition.partition = boot_into_recovery ? MDTP_PARTITION_RECOVERY : MDTP_PARTITION_BOOT;
ext_partition.integrity_state = MDTP_PARTITION_STATE_UNSET;
@@ -1925,6 +1923,13 @@
ext_partition.sig_avail = TRUE;
mdtp_fwlock_verify_lock(&ext_partition);
}
+
+ bool is_mdtp_activated = 0;
+ mdtp_activated(&is_mdtp_activated);
+ if(is_mdtp_activated){
+ dprintf(CRITICAL, "fastboot boot command is not available.\n");
+ return;
+ }
#endif /* MDTP_SUPPORT */
/*