From patchwork Sun Jun 3 18:56:37 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Igor Opaniuk X-Patchwork-Id: 137605 Delivered-To: patch@linaro.org Received: by 2002:a2e:970d:0:0:0:0:0 with SMTP id r13-v6csp658409lji; Sun, 3 Jun 2018 11:58:53 -0700 (PDT) X-Google-Smtp-Source: ADUXVKKEGr8pZOS4QexQWBHgMWQ04ppym3GExf/cuAZ+aC1mz3ICWrDpSg0/5Y1EtlyM69fusdz5 X-Received: by 2002:a50:ada1:: with SMTP id a30-v6mr7555802edd.88.1528052332968; Sun, 03 Jun 2018 11:58:52 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1528052332; cv=none; d=google.com; s=arc-20160816; b=Qw9CHGxVNV/CqeboVcGAY9PIRrvsbS0y26RlWd4DRrZKThdgvJZyTR9NcBxvgbNVbt MWY1jFPZGFt1T5AKaMegKuEfbqYIPsx31ZSqwZzpaq280bxYe6MneiGBG5AEdyFoj2U5 zfXVyjOKNPzVshHstgIL3TXuK/YQQqukMPQlZkxZbbrqEu55E7JdXwPG1TzsFMCx6ZU2 D9WPGCxog7cM7FRnlSl7I9CLsn/dCpa3YIHYvi/cEf3cNtG/diGeYb7KrVUKa9H5b/94 ky+wsrMtZP8J8EaVLla6d2qSQCHblJQiy6SL9EUupwN5rZ9JNCTzckg+C/OTUQ0L5/VN K7TA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:cc:references:in-reply-to:message-id :date:to:from:dkim-signature:arc-authentication-results; bh=Yljc/ORx8qTnkggmcI6nRJ6Kfbp67CQ9/ESFYAeaSv4=; b=GGw83Ad6C300F+5tXOFnh/hxh5KIKSe+0o5DarAdKGZw4MtFla/KzgKLlPuI59Yn8K 6MeknMkHBFnWyxYqSI/aG6rzgPSjq1079uOsv8SkYZbr35N28aZjWK6yV9a9TvzR+v4s IKk/jj0ApOitasHlDKr8p+5+AbtXq5Uwruv5g8h+HNlNF+9tz9PoiwdqeWWQt7Qkjvmj NjybaLnPlF+UXlfhp8to79+gX4ooz8dmsMH5q1eJKPiYRH13QiaecekXOXrL5ROW9Oay suSXtCsbgcsX9kHhCb3j3kLMVtcWSaL+LlYrDSibWuRlheRhWZxOUbLs3FikLmBZkmQK cLAw== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=O2M/8mW1; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id h9-v6si9023165edk.225.2018.06.03.11.58.52; Sun, 03 Jun 2018 11:58:52 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=O2M/8mW1; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 77915C21E2C; Sun, 3 Jun 2018 18:58:16 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id E4FEBC21E3E; Sun, 3 Jun 2018 18:57:02 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 48932C21E12; Sun, 3 Jun 2018 18:56:55 +0000 (UTC) Received: from mail-lf0-f67.google.com (mail-lf0-f67.google.com [209.85.215.67]) by lists.denx.de (Postfix) with ESMTPS id 4B6F8C21E2F for ; Sun, 3 Jun 2018 18:56:55 +0000 (UTC) Received: by mail-lf0-f67.google.com with SMTP id r2-v6so21831725lff.4 for ; Sun, 03 Jun 2018 11:56:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=Kx6Tkor19vJ2kRMVAEzyqoB/TIBJjGS8bbAWYDUmZkg=; b=O2M/8mW1Md2Bi4GqZmU1mRPGXvoG/Gc/4HTstjTSUzIIzzPsGgNqf/Q2xrhB37qVMU pJFw2i+S1TVA8DYGNfDT8YuNCUPe1CJhtqBArdnr4T7zdvBq1YQFA6OTmj3AdyP/PjJg s4v3KeLnnqMcACHhCRDkbV+oHC3809lrd9Ie0= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=Kx6Tkor19vJ2kRMVAEzyqoB/TIBJjGS8bbAWYDUmZkg=; b=iKtj0KL4aeYQPuI84Vflo3NChpSVcLPqfYv99R0YaQA6xR6TqfmpwAovmIaOPFnNBn SnOJB3MK9UKrSxaQND/HtqklLutQ8QpRNXVlM1NPOT6k2KGgEw0oVAkMv41j+NWHUWJ0 DyELss2ySXwou+0Jr74daCJZ3M2FjF/HpVKt6YLAJxulgbRJU69u4PPFGM018C5wEuF4 THfhpdHjsGC0XYT4TRIWK4aQxqC/sScx9Qm+Fa0pBKv/5HtUiRi+fs5p9iPSJYT5SI7b Mtumtvd6CxlS4+ZFobi6O8q3tKjtzKnS/AozEEul9oFduK9FfcEpFCdTmlxWvKjp5oqT MWlg== X-Gm-Message-State: APt69E3n4TRFsvwcolU8OzasehUp0nfsxLZTkO8uCb6xXVBW13pQCRJD f3w0MaJQlXLoNkdpsTr7Z+VNyRoCcIp4GA== X-Received: by 2002:a2e:9890:: with SMTP id b16-v6mr1830086ljj.80.1528052214493; Sun, 03 Jun 2018 11:56:54 -0700 (PDT) Received: from localhost (host-176-36-145-117.la.net.ua. [176.36.145.117]) by smtp.gmail.com with ESMTPSA id k5-v6sm9446869lji.39.2018.06.03.11.56.53 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sun, 03 Jun 2018 11:56:53 -0700 (PDT) From: Igor Opaniuk To: u-boot@lists.denx.de Date: Sun, 3 Jun 2018 21:56:37 +0300 Message-Id: <1528052203-29689-3-git-send-email-igor.opaniuk@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1528052203-29689-1-git-send-email-igor.opaniuk@linaro.org> References: <1528052203-29689-1-git-send-email-igor.opaniuk@linaro.org> Cc: trini@konsulko.com, praneeth@ti.com, misael.lopez@ti.com, erosca@de.adit-jv.com, joakim.bech@linaro.org Subject: [U-Boot] [PATCH v2 2/8] avb2.0: integrate avb 2.0 into the build system X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" Integrate libavb into the build system. Introduce CONFIG_LIBAVB build option. Signed-off-by: Igor Opaniuk --- lib/Kconfig | 14 ++++++++++++++ lib/Makefile | 1 + lib/libavb/Makefile | 15 +++++++++++++++ 3 files changed, 30 insertions(+) create mode 100644 lib/libavb/Makefile diff --git a/lib/Kconfig b/lib/Kconfig index 436b90f..0bed93b 100644 --- a/lib/Kconfig +++ b/lib/Kconfig @@ -142,6 +142,20 @@ config TPM endmenu +menu "Android Verified Boot" + +config LIBAVB + bool "Android Verified Boot 2.0 support" + depends on ANDROID_BOOT_IMAGE + default n + help + This enables support of Android Verified Boot 2.0 which can be used + to assure the end user of the integrity of the software running on a + device. Introduces such features as boot chain of trust, rollback + protection etc. + +endmenu + menu "Hashing Support" config SHA1 diff --git a/lib/Makefile b/lib/Makefile index 35da570..2d8480c 100644 --- a/lib/Makefile +++ b/lib/Makefile @@ -55,6 +55,7 @@ obj-$(CONFIG_$(SPL_)ZLIB) += zlib/ obj-$(CONFIG_$(SPL_)GZIP) += gunzip.o obj-$(CONFIG_$(SPL_)LZO) += lzo/ +obj-$(CONFIG_LIBAVB) += libavb/ obj-$(CONFIG_$(SPL_TPL_)SAVEENV) += qsort.o obj-$(CONFIG_$(SPL_TPL_)OF_LIBFDT) += libfdt/ diff --git a/lib/libavb/Makefile b/lib/libavb/Makefile new file mode 100644 index 0000000..c8ff080 --- /dev/null +++ b/lib/libavb/Makefile @@ -0,0 +1,15 @@ +# +# (C) Copyright 2017 Linaro Limited +# +# SPDX-License-Identifier: GPL-2.0+ +# + +obj-$(CONFIG_LIBAVB) += avb_chain_partition_descriptor.o avb_cmdline.o +obj-$(CONFIG_LIBAVB) += avb_crypto.o avb_footer.o avb_hashtree_descriptor.o +obj-$(CONFIG_LIBAVB) += avb_property_descriptor.o avb_sha256.o +obj-$(CONFIG_LIBAVB) += avb_slot_verify.o avb_util.o avb_version.o +obj-$(CONFIG_LIBAVB) += avb_descriptor.o avb_hash_descriptor.o +obj-$(CONFIG_LIBAVB) += avb_kernel_cmdline_descriptor.o avb_rsa.o avb_sha512.o +obj-$(CONFIG_LIBAVB) += avb_sysdeps_posix.o avb_vbmeta_image.o + +ccflags-y = -DAVB_COMPILATION