[v2,2/8] avb2.0: integrate avb 2.0 into the build system

Message ID	1528052203-29689-3-git-send-email-igor.opaniuk@linaro.org
State	Accepted
Commit	3330584d2c5247d65744939c139160502b4b8c87
Headers	show Delivered-To: patch@linaro.org Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; From: Igor Opaniuk <igor.opaniuk@linaro.org> To: u-boot@lists.denx.de Date: Sun, 3 Jun 2018 21:56:37 +0300 Message-Id: <1528052203-29689-3-git-send-email-igor.opaniuk@linaro.org> In-Reply-To: <1528052203-29689-1-git-send-email-igor.opaniuk@linaro.org> References: <1528052203-29689-1-git-send-email-igor.opaniuk@linaro.org> Cc: trini@konsulko.com, praneeth@ti.com, misael.lopez@ti.com, erosca@de.adit-jv.com, joakim.bech@linaro.org Subject: [U-Boot] [PATCH v2 2/8] avb2.0: integrate avb 2.0 into the build system Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" <u-boot-bounces@lists.denx.de>
Series	Initial integration of AVB2.0 \| expand [v2,0/8] Initial integration of AVB2.0 [v2,1/8] avb2.0: add Android Verified Boot 2.0 library [v2,2/8] avb2.0: integrate avb 2.0 into the build system [v2,3/8] avb2.0: implement AVB ops [v2,4/8] cmd: avb2.0: avb command for performing verification [v2,5/8] avb2.0: add boot states and dm-verity support [v2,6/8] am57xx_hs: avb2.0: add support of AVB 2.0 [v2,7/8] test/py: avb2.0: add tests for avb commands [v2,8/8] doc: avb2.0: add README about AVB2.0 integration

Message ID

1528052203-29689-3-git-send-email-igor.opaniuk@linaro.org

State

Accepted

Commit

3330584d2c5247d65744939c139160502b4b8c87

Headers

Received-SPF: pass (google.com: best guess record for domain of
	u-boot-bounces@lists.denx.de designates 81.169.180.215 as
	permitted sender) client-ip=81.169.180.215; 
From: Igor Opaniuk <igor.opaniuk@linaro.org>
To: u-boot@lists.denx.de
Date: Sun,  3 Jun 2018 21:56:37 +0300
Message-Id: <1528052203-29689-3-git-send-email-igor.opaniuk@linaro.org>
In-Reply-To: <1528052203-29689-1-git-send-email-igor.opaniuk@linaro.org>
References: <1528052203-29689-1-git-send-email-igor.opaniuk@linaro.org>
Cc: trini@konsulko.com, praneeth@ti.com, misael.lopez@ti.com,
	erosca@de.adit-jv.com, joakim.bech@linaro.org
Subject: [U-Boot] [PATCH v2 2/8] avb2.0: integrate avb 2.0 into the build
	system
Precedence: list
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
Errors-To: u-boot-bounces@lists.denx.de
Sender: "U-Boot" <u-boot-bounces@lists.denx.de>

Series

Initial integration of AVB2.0 | expand

Commit Message

Igor Opaniuk June 3, 2018, 6:56 p.m. UTC

Integrate libavb into the build system. Introduce CONFIG_LIBAVB
build option.

Signed-off-by: Igor Opaniuk <igor.opaniuk@linaro.org>
---
 lib/Kconfig         | 14 ++++++++++++++
 lib/Makefile        |  1 +
 lib/libavb/Makefile | 15 +++++++++++++++
 3 files changed, 30 insertions(+)
 create mode 100644 lib/libavb/Makefile

Comments

Tom Rini June 19, 2018, 6:40 p.m. UTC | #1

On Sun, Jun 03, 2018 at 09:56:37PM +0300, Igor Opaniuk wrote:

> Integrate libavb into the build system. Introduce CONFIG_LIBAVB

> build option.

> 

> Signed-off-by: Igor Opaniuk <igor.opaniuk@linaro.org>


Applied to u-boot/master, thanks!

-- 
Tom

diff --git a/lib/Kconfig b/lib/Kconfig
index 436b90f..0bed93b 100644
--- a/lib/Kconfig
+++ b/lib/Kconfig
@@ -142,6 +142,20 @@  config TPM
 
 endmenu
 
+menu "Android Verified Boot"
+
+config LIBAVB
+	bool "Android Verified Boot 2.0 support"
+	depends on ANDROID_BOOT_IMAGE
+	default n
+	help
+	  This enables support of Android Verified Boot 2.0 which can be used
+	  to assure the end user of the integrity of the software running on a
+	  device. Introduces such features as boot chain of trust, rollback
+	  protection etc.
+
+endmenu
+
 menu "Hashing Support"
 
 config SHA1
diff --git a/lib/Makefile b/lib/Makefile
index 35da570..2d8480c 100644
--- a/lib/Makefile
+++ b/lib/Makefile
@@ -55,6 +55,7 @@  obj-$(CONFIG_$(SPL_)ZLIB) += zlib/
 obj-$(CONFIG_$(SPL_)GZIP) += gunzip.o
 obj-$(CONFIG_$(SPL_)LZO) += lzo/
 
+obj-$(CONFIG_LIBAVB) += libavb/
 
 obj-$(CONFIG_$(SPL_TPL_)SAVEENV) += qsort.o
 obj-$(CONFIG_$(SPL_TPL_)OF_LIBFDT) += libfdt/
diff --git a/lib/libavb/Makefile b/lib/libavb/Makefile
new file mode 100644
index 0000000..c8ff080
--- /dev/null
+++ b/lib/libavb/Makefile
@@ -0,0 +1,15 @@ 
+#
+# (C) Copyright 2017 Linaro Limited
+#
+# SPDX-License-Identifier:	GPL-2.0+
+#
+
+obj-$(CONFIG_LIBAVB) += avb_chain_partition_descriptor.o avb_cmdline.o
+obj-$(CONFIG_LIBAVB) += avb_crypto.o avb_footer.o avb_hashtree_descriptor.o
+obj-$(CONFIG_LIBAVB) += avb_property_descriptor.o avb_sha256.o
+obj-$(CONFIG_LIBAVB) += avb_slot_verify.o avb_util.o avb_version.o
+obj-$(CONFIG_LIBAVB) += avb_descriptor.o avb_hash_descriptor.o
+obj-$(CONFIG_LIBAVB) += avb_kernel_cmdline_descriptor.o avb_rsa.o avb_sha512.o
+obj-$(CONFIG_LIBAVB) += avb_sysdeps_posix.o avb_vbmeta_image.o
+
+ccflags-y = -DAVB_COMPILATION

[v2,2/8] avb2.0: integrate avb 2.0 into the build system

Commit Message

Comments

Patch