From 965ec3caa8fcaafe3d18ad7c3810a13b09ee8abe Mon Sep 17 00:00:00 2001 From: Sam Protsenko Date: Mon, 21 Oct 2019 13:55:16 +0300 Subject: [PATCH] cmd: avb: Support A/B slots Add optional parameter to 'avb verify' sub-command, so that user is able to specify which slot to use, in case when user's partitions are slotted. If that parameter is omitted, the behavior of 'avb verify' will be the same as before, so user API is content. Signed-off-by: Sam Protsenko Reviewed-by: Igor Opaniuk Acked-by: Igor Opaniuk --- cmd/avb.c | 13 +++++++++---- doc/android/avb2.txt | 4 ++++ 2 files changed, 13 insertions(+), 4 deletions(-) diff --git a/cmd/avb.c b/cmd/avb.c index d4e8884..a4de5c4 100644 --- a/cmd/avb.c +++ b/cmd/avb.c @@ -232,6 +232,7 @@ int do_avb_verify_part(cmd_tbl_t *cmdtp, int flag, AvbSlotVerifyData *out_data; char *cmdline; char *extra_args; + char *slot_suffix = ""; bool unlocked = false; int res = CMD_RET_FAILURE; @@ -241,9 +242,12 @@ int do_avb_verify_part(cmd_tbl_t *cmdtp, int flag, return CMD_RET_FAILURE; } - if (argc != 1) + if (argc < 1 || argc > 2) return CMD_RET_USAGE; + if (argc == 2) + slot_suffix = argv[1]; + printf("## Android Verified Boot 2.0 version %s\n", avb_version_string()); @@ -256,7 +260,7 @@ int do_avb_verify_part(cmd_tbl_t *cmdtp, int flag, slot_result = avb_slot_verify(avb_ops, requested_partitions, - "", + slot_suffix, unlocked, AVB_HASHTREE_ERROR_MODE_RESTART_AND_INVALIDATE, &out_data); @@ -416,7 +420,7 @@ static cmd_tbl_t cmd_avb[] = { U_BOOT_CMD_MKENT(read_part, 5, 0, do_avb_read_part, "", ""), U_BOOT_CMD_MKENT(read_part_hex, 4, 0, do_avb_read_part_hex, "", ""), U_BOOT_CMD_MKENT(write_part, 5, 0, do_avb_write_part, "", ""), - U_BOOT_CMD_MKENT(verify, 1, 0, do_avb_verify_part, "", ""), + U_BOOT_CMD_MKENT(verify, 2, 0, do_avb_verify_part, "", ""), #ifdef CONFIG_OPTEE_TA_AVB U_BOOT_CMD_MKENT(read_pvalue, 3, 0, do_avb_read_pvalue, "", ""), U_BOOT_CMD_MKENT(write_pvalue, 3, 0, do_avb_write_pvalue, "", ""), @@ -459,6 +463,7 @@ U_BOOT_CMD( "avb read_pvalue - read a persistent value \n" "avb write_pvalue - write a persistent value \n" #endif - "avb verify - run verification process using hash data\n" + "avb verify [slot_suffix] - run verification process using hash data\n" " from vbmeta structure\n" + " [slot_suffix] - _a, _b, etc (if vbmeta partition is slotted)\n" ); diff --git a/doc/android/avb2.txt b/doc/android/avb2.txt index a29cee1..48e9297 100644 --- a/doc/android/avb2.txt +++ b/doc/android/avb2.txt @@ -95,6 +95,10 @@ e.g.: mmc read ${loadaddr} ${boot_start} ${boot_size}; \ bootm $loadaddr $loadaddr $fdtaddr; \ +If partitions you want to verify are slotted (have A/B suffixes), then current +slot suffix should be passed to 'avb verify' sub-command, e.g.: + +=> avb verify _a To switch on automatic generation of vbmeta partition in AOSP build, add these lines to device configuration mk file: -- 2.7.4