platform: msm_shared: avb: use build time flags to determine avb partitions
The CL updates Load_image_and_authVB2 api to detemine names of requested
partition based on build time flag. This will faciliate addition of images
in future based on build time flag.
Change-Id: Iee47ba1235678c72a209008586cafd29e2dad961
diff --git a/platform/msm_shared/avb/VerifiedBoot.c b/platform/msm_shared/avb/VerifiedBoot.c
index 4150f9a..043a5ae 100644
--- a/platform/msm_shared/avb/VerifiedBoot.c
+++ b/platform/msm_shared/avb/VerifiedBoot.c
@@ -38,12 +38,21 @@
#include <platform/timer.h>
#include "verifiedboot.h"
#include <err.h>
+#include <target.h>
#ifndef DTB_PAD_SIZE
#define DTB_PAD_SIZE 2048
#endif
#define INTERMEDIATE_DIGEST_LENGTH 64
#define MAX_PART_NAME_SIZE 10
+#define MAX_NUM_REQ_PARTITION 8
+
+char *avb_verify_partition_name[] = {
+ "boot",
+ "dtbo",
+ "vbmeta",
+ "recovery"
+};
#ifndef MDTP_SUPPORT
int mdtp_activated(bool * activated)
@@ -337,6 +346,17 @@
"aboot",
};
+VOID AddRequestedPartition(CHAR8 **requestedpartititon, UINT32 index)
+{
+ UINTN i;
+ for (i = 0; i < MAX_NUM_REQ_PARTITION; i++) {
+ if (requestedpartititon[i] == NULL){
+ requestedpartititon[i] = avb_verify_partition_name[index];
+ break;
+ }
+ }
+}
+
static EFI_STATUS load_image_and_authVB2(bootinfo *Info)
{
EFI_STATUS Status = EFI_SUCCESS;
@@ -349,8 +369,7 @@
CHAR8 *SlotSuffix = NULL;
BOOLEAN AllowVerificationError = !is_device_locked();
BOOLEAN VerityEnforcing = is_verity_enforcing();
- const CHAR8 *RequestedPartitionMission[] = {"boot", "dtbo", NULL};
- const CHAR8 *RequestedPartitionRecovery[] = {"recovery", "dtbo", NULL};
+ CHAR8 *RequestedPartitionAll[MAX_NUM_REQ_PARTITION] = {NULL};
const CHAR8 **RequestedPartition = NULL;
UINTN NumRequestedPartition = 0;
UINT32 ImageHdrSize = 0;
@@ -395,27 +414,26 @@
}
if(!Info->multi_slot_boot && Info->bootinto_recovery) {
- RequestedPartition = RequestedPartitionRecovery;
- NumRequestedPartition = ARRAY_SIZE (RequestedPartitionRecovery) - 1;
- if (Info->num_loaded_images) {
- /* fastboot boot option, skip Index 0, as boot image already
- * loaded */
- RequestedPartition = &RequestedPartitionRecovery[1];
- }
+ AddRequestedPartition(RequestedPartitionAll, IMG_RECOVERY);
+ NumRequestedPartition += 1;
} else {
- RequestedPartition = RequestedPartitionMission;
- NumRequestedPartition = ARRAY_SIZE(RequestedPartitionMission) - 1;
- if (Info->num_loaded_images) {
- /* fastboot boot option, skip Index 0, as boot image already
- * loaded */
- RequestedPartition = &RequestedPartitionMission[1];
- }
+ AddRequestedPartition(RequestedPartitionAll, IMG_BOOT);
+ NumRequestedPartition += 1;
}
+
+ /* Remove dtbo validation if target does not support dtbo image generation*/
+ if (is_target_support_dtbo()) {
+ AddRequestedPartition(RequestedPartitionAll, IMG_DTBO);
+ NumRequestedPartition += 1;
+ }
+
+ RequestedPartition = (const CHAR8 **)RequestedPartitionAll;
if (Info->num_loaded_images) {
+ /* fastboot boot option, skip Index 0, boot image already loaded */
+ RequestedPartition = (const CHAR8 **)&RequestedPartitionAll[1];
NumRequestedPartition--;
}
- // FIXME: is this correct?
VerityFlags = VerityEnforcing ?
AVB_HASHTREE_ERROR_MODE_RESTART :
AVB_HASHTREE_ERROR_MODE_EIO;
diff --git a/platform/msm_shared/include/boot_device.h b/platform/msm_shared/include/boot_device.h
index 8fe4463..c4305fc 100644
--- a/platform/msm_shared/include/boot_device.h
+++ b/platform/msm_shared/include/boot_device.h
@@ -81,6 +81,14 @@
void *vb_data;
} bootinfo;
+typedef enum {
+ IMG_BOOT = 0,
+ IMG_DTBO,
+ IMG_VBMETA,
+ IMG_RECOVERY,
+ IMG_MAX
+} img_type;
+
int getimage(const bootinfo *Info, void **image_buffer, uint32_t *imgsize,
char *imgname);