LM
/
u-boot
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

MA-13480-1 [Auto] Fix XEN hang with wrong keymaster service 

Pass "androidboot.keystore=trusty" for trusty backed keymaster
service, pass "androidboot.keystore=software" for software
keymaster service.

Test: boot pass on imx8qm_mek.

Change-Id: I9fa38c15a7c10aef09ab29b0e9859b690e3e7a41
Signed-off-by: Ji Luo <ji.luo@nxp.com>
This commit is contained in:
Ji Luo 2018-11-21 09:44:17 +08:00
parent 566b798213
commit eb1892df16
2 changed files with 8 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
common/image-android.c
View File

@ -211,14 +211,16 @@ int android_image_get_kernel(const struct andr_img_hdr *hdr, int verify,
strncat(commandline, newbootargs, sizeof(commandline) - strlen(commandline));
#endif
#ifdef CONFIG_IMX_TRUSTY_OS
char *keystore = env_get("keystore");
if (!strncpy(keystore, "software", sizeof("software"))) {
if ((keystore == NULL) || strncmp(keystore, "trusty", sizeof("trusty"))) {
char *bootargs_trusty = "androidboot.keystore=software";
strncat(commandline, " ", sizeof(commandline) - strlen(commandline));
strncat(commandline, bootargs_trusty, sizeof(commandline) - strlen(commandline));
} else {
char *bootargs_trusty = "androidboot.keystore=trusty";
strncat(commandline, " ", sizeof(commandline) - strlen(commandline));
strncat(commandline, bootargs_trusty, sizeof(commandline) - strlen(commandline));
}
#endif
/* Add 'append_bootargs' to hold some paramemters which need to be appended
* to bootargs */

8
lib/trusty/ql-tipc/libtipc.c
View File

@ -97,16 +97,14 @@ int trusty_ipc_init(void)
/* Go to hang if the key has been destroyed. */
trusty_error("RPMB key was destroyed!\n");
hang();
} else {
/* rpmb key hasn't been set, use software keymaster.
* Don't return here because we want to initalize the
* hardware crypto service to set rpmb key. */
env_set("keystore", "software");
}
#else
return rc;
#endif
} else {
/* secure storage service init ok, use trusty backed keystore */
env_set("keystore", "trusty");
trusty_info("Initializing Trusty AVB client\n");
rc = avb_tipc_init(_ipc_dev);
if (rc != 0) {