Hi everyone,
I'm currently planning a big overhaul of the current implementation of AVB/AB in U-Boot during the 2024 year, which I have barely touched since 2019. I used to believe that it was stillborn, but looks like it's being actively used now by some SoC vendors and Google folks [1][2].
This is what I have in my todo list: * Backport latest libavb from AOSP upstream and add support for Verified Boot 1.3.0 version * Sync include/android_bootloader_message.h with AOSP upstream * Check and backport fixes for AVB in AOSP U-Boot fork if needed [1] * Get acquainted with a current state of A/B support in AOSP and backport all needed changes * Re-factor libavb, switch to U-Boot existing implementation of rsa/sha256/sha512 * Add SHA512 implementation that leverage ARMv8 CE (pull it from Linux) * Enable hw acceleration of SHA256/SHA512 that supports ARMv8 Crypto Extensions to speed up verification process on ARMv8-based boards. * AVB support for NAND storage
If someone is already working on anything from the above list - please feel free to reach out to me, so we can avoid duplication of effort.
Any comments/suggestions are welcome! Thanks!
[1] https://android.googlesource.com/platform/external/u-boot [2] https://source.android.com/docs/devices/cuttlefish/bootloader-dev [3] https://android.googlesource.com/platform/bootable/recovery/+/main/bootloade...
-- Best regards - Atentamente - Meilleures salutations
Igor Opaniuk
mailto: igor.opaniuk@gmail.com skype: igor.opanyuk http://ua.linkedin.com/in/iopaniuk