aboot: mdtp : Add generic MTDP image file
This change abstracts MDTP UI target specifics picture parameters from
LK code.
with this change, picture parameters such as width, height, and
offset of the picture inside mdtp.img, comes from mdtp.img
header, rather than hard-coded in LK.
Change-Id: Ife509642014cd4b6033a34d5dc0d3c1c73a89698
diff --git a/app/aboot/mdtp.c b/app/aboot/mdtp.c
index d44efa3..a2d52bf 100644
--- a/app/aboot/mdtp.c
+++ b/app/aboot/mdtp.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2015, The Linux Foundation. All rights reserved.
+/* Copyright (c) 2015-2016, The Linux Foundation. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are
@@ -42,6 +42,8 @@
#include <image_verify.h>
#include "scm.h"
#include "mdtp.h"
+#include "mdtp_fs.h"
+
#define DIP_ENCRYPT (0)
#define DIP_DECRYPT (1)
@@ -208,6 +210,12 @@
/* calculating the hash value using HW crypto */
target_crypto_init_params();
+
+ if(strcmp(name, "mdtp") == 0){
+ buf[0] = 0; // removes first byte
+ dprintf(INFO, "mdtp: verify_partition_single_hash: removes 1st byte\n");
+ }
+
hash_find(buf, size, digest, CRYPTO_AUTH_ALG_SHA256);
if (memcmp(digest, hash_table->hash, HASH_LEN))
@@ -383,6 +391,11 @@
return 0;
}
+/* Display the recovery UI in case mdtp image is corrupted */
+static void display_mdtp_fail_recovery_ui(){
+ display_error_msg_mdtp();
+}
+
/* Display the recovery UI to allow the user to enter the PIN and continue boot */
static void display_recovery_ui(mdtp_cfg_t *mdtp_cfg)
{
@@ -554,6 +567,7 @@
{
int i;
int verify_failure = 0;
+ int verify_temp_result = 0;
int ext_partition_verify_failure = 0;
uint32_t total_num_blocks;
@@ -579,6 +593,7 @@
{
for(i=0; i<MAX_PARTITIONS; i++)
{
+ verify_temp_result = 0;
if(dip->partition_cfg[i].lock_enabled && dip->partition_cfg[i].size)
{
total_num_blocks = ((dip->partition_cfg[i].size - 1) / MDTP_FWLOCK_BLOCK_SIZE);
@@ -591,12 +606,18 @@
break;
}
- verify_failure |= (verify_partition(dip->partition_cfg[i].name,
+ verify_temp_result |= (verify_partition(dip->partition_cfg[i].name,
dip->partition_cfg[i].size,
dip->partition_cfg[i].hash_mode,
(dip->partition_cfg[i].verify_ratio * total_num_blocks) / 100,
dip->partition_cfg[i].hash_table,
dip->partition_cfg[i].force_verify_block) != 0);
+
+ if((verify_temp_result) && (strcmp("mdtp",dip->partition_cfg[i].name) == 0)){
+ *verify_result = VERIFY_MDTP_FAILED;
+ }
+
+ verify_failure |= verify_temp_result;
}
}
@@ -680,7 +701,13 @@
else if (verify_result == VERIFY_SKIPPED)
{
dprintf(SPEW, "mdtp: validate_DIP_and_firmware: Verify skipped\n");
- } else /* VERIFY_FAILED */
+ }
+ else if(verify_result == VERIFY_MDTP_FAILED)
+ {
+ dprintf(CRITICAL, "mdtp: validate_DIP_and_firmware: ERROR, corrupted mdtp image\n");
+ display_mdtp_fail_recovery_ui();
+ }
+ else /* VERIFY_FAILED */
{
dprintf(CRITICAL, "mdtp: validate_DIP_and_firmware: ERROR, corrupted firmware\n");
display_recovery_ui(&mdtp_cfg);
@@ -694,6 +721,7 @@
return;
}
+
/********************************************************************************/
/** Entry point of the MDTP Firmware Lock.
@@ -707,6 +735,10 @@
int ret;
bool enabled;
+ if(mdtp_fs_init() != 0){
+ dprintf(CRITICAL, "mdtp: mdtp_img: ERROR, image file could not be loaded\n");
+ display_error_msg_mdtp(); /* This will never return */
+ }
/* sets the default value of this global to be MDTP not activated */
is_mdtp_activated = 0;