Open configs to enable trusty for imx8mm_evk and also
add new config imx8mm_evk_android_trusty_defconfig based
on imx8mm_evk_android_defconfig.
Test: Trusty starts ok.
Change-Id: Iaea90de21f886ed23082a5e8e8d2fa7fb139a9cb
Signed-off-by: Ji Luo <ji.luo@nxp.com>
Pass "androidboot.keystore=trusty" for trusty backed keymaster
service, pass "androidboot.keystore=software" for software
keymaster service.
Test: boot pass on imx8qm_mek.
Change-Id: I9fa38c15a7c10aef09ab29b0e9859b690e3e7a41
Signed-off-by: Ji Luo <ji.luo@nxp.com>
Commit "ql-tipc: trusty_ipc: Change ipc polling to be per device" removes
rpmb_storage_proxy_poll() call in avb_do_tipc() which will return early
if the rpmb proxy service isn't initialized properly, this will make boards
hang if the rpmb key is not set.
Skip initializing AVB and Keymaster client if the rpmb key hasn't been
set, but keep the hwcrypto client initialization since we need it to
generate the rpmb key blob.
Test: Build and boot ok on imx8q.
Change-Id: I1ead849e812da55edae8b739d9ae56a7d4951af4
Signed-off-by: Ji Luo <ji.luo@nxp.com>
for Android Things, sha256 is caculated with software, for Android Auto,
sha256 is caculated with CAAM hardware module. so use macro to seperate
the code about hardware crypto service.
Change-Id: Ibf4cad2c98240ab2c826869e9cb28ad09bded2f6
Signed-off-by: faqiang.zhu <faqiang.zhu@nxp.com>
RPMB storage proxy service will return fail if the rpmb key is not
correct, we should not return early here if the rpmb key has not
been set because we still need to initialize the hwcrypto service
to generate the rpmb key blob.
This commit also adds more hint when set the rpmb key.
Change-Id: I8ee59e4e277b545283d63b1070e671d508dbe0c2
Signed-off-by: Luo Ji <ji.luo@nxp.com>
Generate the key blob and store it to the last block of boot1 partition
after setting the rpmb key. The key blob should be checked in spl and be
passed to Trusty OS if it's valid. If the key blob are damaged, RPMB
storage proxy service will return fail and should make the device hang.
Test: Build and boot ok on imx8qm/qxp.
Change-Id: Ia274cd72109ab6ae15920e91b2a2008e1f1e667c
Signed-off-by: Ji Luo <ji.luo@nxp.com>
Add new service 'hwcrypto' to handle CAAM related work
with Trusty OS. Add tipc interface to accelerate hash
calculation with CAAM.
Test: Service connect and message exchange with Trusty OS
are ok.
Change-Id: Ia870c3ad2ff30af987f327a9777a8b32f53593db
Signed-off-by: Ji Luo <ji.luo@nxp.com>
The lib provided ql-tipc communication channel with
Trusty OS.
Also the AVB, Keymaster and SecureStorage service
tipc client implement in this lib.
Change-Id: I0ab1ec9ee1b6f272b960c2e944008283c2c9249a
Signed-off-by: Haoran.Wang <elven.wang@nxp.com>
(cherry picked from commit 8fb370dd80fbb293b58115d2e7fc4970813773c7)
Ji Luo
faqiang.zhu
Haoran.Wang