On Thu, Jan 17, 2019 at 02:17:00PM +0200, Igor Opaniuk wrote:
AVB version 1.1 introduces support for named persistent values that must be tamper evident and allows AVB to store arbitrary key-value pairs [1].
Introduce implementation of two additional AVB operations read_persistent_value()/write_persistent_value() for retrieving/storing named persistent values.
Correspondent pull request in the OP-TEE OS project repo [2].
Signed-off-by: Igor Opaniuk igor.opaniuk@linaro.org
Changes in v3:
- fix possible mem lick in avb_read_persistent/avb_write_persistent
- added additional sanity checks
- covered avb read_pvalue/write_pvalue commands with python tests
Changes in v2:
- fix output format for avb read_pvalue/write_pvalue commands
- fix issue with named value buffer size
cmd/avb.c | 78 ++++++++++++++++++++++++++++ common/avb_verify.c | 125 +++++++++++++++++++++++++++++++++++++++++++++ include/tee.h | 2 + include/tee/optee_ta_avb.h | 16 ++++++ test/py/tests/test_avb.py | 16 ++++++ 5 files changed, 237 insertions(+)
Thanks for adding a test here. It seems to fail however: https://travis-ci.org/trini/u-boot/jobs/484486111 https://travis-ci.org/trini/u-boot/jobs/484486112 https://travis-ci.org/trini/u-boot/jobs/484486114