Re: [U-Boot] [PATCH 0/8] Initial integration of AVB2.0

26 Apr 2018

      On 26 April 2018 at 06:05, Kever Yang kever.yang@rock-chips.com wrote:
...
Hi Igor,
It's great to see the patch set to support AVB2.0, the upstream

libavb(from aosp) combine the AVB with A/B which I think should be
two separate feature, are you going to split them?
Hi Kever,
Right, support of verification of A/B slots is going to be in a
separate patch-set.
...
BTW, do you have plan to update boot_android cmd to support avb?

the command is too weak for use now.
And any plan to add opptee_client/smcc to talk to OPTEE/ATF?
Did you mean boot_android cmd from this patch
https://lists.denx.de/pipermail/u-boot/2017-April/285867.html,
that was never up-streamed? I guess the main suggestion was to extend
existing bootm (by adding detection and parsing of Android boot images)
instead of introducing brand new command for booting Android.
As currently major amount of boards use sequence of mmc/bootm
commands for this purposes and bootm obviously is supposed to boot
something from RAM, I assumed that it would be wrong to invoke avb
verification from bootm itself. Because of this reason I've introduced
avb set of commands for explicitly triggering the verification process.
You can check the example how AVB2.0 is enabled on AM57xx HS
(check "am57xx_hs: avb2.0: add support of AVB 2.0" patch).
The only one prerequisite is that U-boot env itself should be also a part
of chain of trust  (so it can't be tampered and "avb verify" removed)
Best regards,
Igor
...
Thanks,

Kever

On 04/25/2018 09:17 PM, Igor Opaniuk wrote:
...
This series of patches introduces support of Android Verified Boot 2.0,
which provides integrity checking of Android partitions on MMC.
It integrates libavb/libavb_ab into the U-boot, provides implementation of
AvbOps, subset of `avb` commands to run verification chain (and for debugging
purposes), and it enables AVB2.0 verification on AM57xx HS SoC by default.
Currently, there is still no support for verification of A/B boot slots
and no rollback protection (for storing rollback indexes
there are plans to use eMMC RPMB)
Libavb/libavb_ab will be deviated from AOSP upstream in the future,
that's why minimal amount of changes were introduced into the lib sources,
so checkpatch may fail.
For additional details check [1] AVB 2.0 README and doc/README.avb2, which
is a part of this patchset.
[1] https://android.googlesource.com/platform/external/avb/+/master/README.md
Igor Opaniuk (8):
  avb2.0: add Android Verified Boot 2.0 libraries
  avb2.0: integrate avb 2.0 into the build system
  avb2.0: implement AVB ops
  cmd: avb2.0: avb command for performing verification
  avb2.0: add boot states and dm-verity support
  am57xx_hs: avb2.0: add support of AVB 2.0
  test/py: avb2.0: add tests for avb commands
  doc: avb2.0: add README about AVB2.0 integration
cmd/Kconfig                                  |   15 +
 cmd/Makefile                                 |    3 +
 cmd/avb.c                                    |  366 ++++++++
 common/Makefile                              |    2 +
 common/avb_verify.c                          |  748 ++++++++++++++++
 configs/am57xx_hs_evm_defconfig              |    3 +
 doc/README.avb2                              |  100 +++
 include/avb/avb_ab_flow.h                    |  235 ++++++
 include/avb/avb_ab_ops.h                     |   61 ++
 include/avb/avb_chain_partition_descriptor.h |   54 ++
 include/avb/avb_crypto.h                     |  147 ++++
 include/avb/avb_descriptor.h                 |  113 +++
 include/avb/avb_footer.h                     |   68 ++
 include/avb/avb_hash_descriptor.h            |   55 ++
 include/avb/avb_hashtree_descriptor.h        |   65 ++
 include/avb/avb_kernel_cmdline_descriptor.h  |   63 ++
 include/avb/avb_ops.h                        |  196 +++++
 include/avb/avb_property_descriptor.h        |   89 ++
 include/avb/avb_rsa.h                        |   55 ++
 include/avb/avb_sha.h                        |   72 ++
 include/avb/avb_slot_verify.h                |  239 ++++++
 include/avb/avb_sysdeps.h                    |   97 +++
 include/avb/avb_util.h                       |  259 ++++++
 include/avb/avb_vbmeta_image.h               |  272 ++++++
 include/avb/avb_version.h                    |   45 +
 include/avb/libavb.h                         |   32 +
 include/avb/libavb_ab.h                      |   22 +
 include/avb_verify.h                         |   97 +++
 include/configs/am57xx_evm.h                 |   11 +
 include/environment/ti/boot.h                |   15 +
 lib/Kconfig                                  |   20 +
 lib/Makefile                                 |    2 +
 lib/libavb/Makefile                          |   15 +
 lib/libavb/avb_chain_partition_descriptor.c  |   46 +
 lib/libavb/avb_crypto.c                      |  355 ++++++++
 lib/libavb/avb_descriptor.c                  |  142 ++++
 lib/libavb/avb_footer.c                      |   36 +
 lib/libavb/avb_hash_descriptor.c             |   43 +
 lib/libavb/avb_hashtree_descriptor.c         |   51 ++
 lib/libavb/avb_kernel_cmdline_descriptor.c   |   40 +
 lib/libavb/avb_property_descriptor.c         |  167 ++++
 lib/libavb/avb_rsa.c                         |  277 ++++++
 lib/libavb/avb_sha256.c                      |  364 ++++++++
 lib/libavb/avb_sha512.c                      |  362 ++++++++
 lib/libavb/avb_slot_verify.c                 | 1169 ++++++++++++++++++++++++++
 lib/libavb/avb_sysdeps_posix.c               |   57 ++
 lib/libavb/avb_util.c                        |  385 +++++++++
 lib/libavb/avb_vbmeta_image.c                |  290 +++++++
 lib/libavb/avb_version.c                     |   16 +
 lib/libavb_ab/Makefile                       |    9 +
 lib/libavb_ab/avb_ab_flow.c                  |  502 +++++++++++
 test/py/tests/test_avb.py                    |  111 +++
 52 files changed, 8058 insertions(+)
 create mode 100644 cmd/avb.c
 create mode 100644 common/avb_verify.c
 create mode 100644 doc/README.avb2
 create mode 100644 include/avb/avb_ab_flow.h
 create mode 100644 include/avb/avb_ab_ops.h
 create mode 100644 include/avb/avb_chain_partition_descriptor.h
 create mode 100644 include/avb/avb_crypto.h
 create mode 100644 include/avb/avb_descriptor.h
 create mode 100644 include/avb/avb_footer.h
 create mode 100644 include/avb/avb_hash_descriptor.h
 create mode 100644 include/avb/avb_hashtree_descriptor.h
 create mode 100644 include/avb/avb_kernel_cmdline_descriptor.h
 create mode 100644 include/avb/avb_ops.h
 create mode 100644 include/avb/avb_property_descriptor.h
 create mode 100644 include/avb/avb_rsa.h
 create mode 100644 include/avb/avb_sha.h
 create mode 100644 include/avb/avb_slot_verify.h
 create mode 100644 include/avb/avb_sysdeps.h
 create mode 100644 include/avb/avb_util.h
 create mode 100644 include/avb/avb_vbmeta_image.h
 create mode 100644 include/avb/avb_version.h
 create mode 100644 include/avb/libavb.h
 create mode 100644 include/avb/libavb_ab.h
 create mode 100644 include/avb_verify.h
 create mode 100644 lib/libavb/Makefile
 create mode 100644 lib/libavb/avb_chain_partition_descriptor.c
 create mode 100644 lib/libavb/avb_crypto.c
 create mode 100644 lib/libavb/avb_descriptor.c
 create mode 100644 lib/libavb/avb_footer.c
 create mode 100644 lib/libavb/avb_hash_descriptor.c
 create mode 100644 lib/libavb/avb_hashtree_descriptor.c
 create mode 100644 lib/libavb/avb_kernel_cmdline_descriptor.c
 create mode 100644 lib/libavb/avb_property_descriptor.c
 create mode 100644 lib/libavb/avb_rsa.c
 create mode 100644 lib/libavb/avb_sha256.c
 create mode 100644 lib/libavb/avb_sha512.c
 create mode 100644 lib/libavb/avb_slot_verify.c
 create mode 100644 lib/libavb/avb_sysdeps_posix.c
 create mode 100644 lib/libavb/avb_util.c
 create mode 100644 lib/libavb/avb_vbmeta_image.c
 create mode 100644 lib/libavb/avb_version.c
 create mode 100644 lib/libavb_ab/Makefile
 create mode 100644 lib/libavb_ab/avb_ab_flow.c
 create mode 100644 test/py/tests/test_avb.py