[U-Boot] [PATCH v4 1/1] avb: add support for named persistent values

Igor Opaniuk igor.opaniuk at linaro.org
Fri Feb 1 20:38:04 UTC 2019


Hi Simon,

Thanks for reviewing!

> I'm assuming that this test runs with 'make qcheck'?

I've tested only by invoking test.py:
./test/py/test.py --bd sandbox --build


On Thu, Jan 31, 2019, 11:04 Simon Glass <sjg at chromium.org wrote:

> Hi Igor,
>
> On Sun, 27 Jan 2019 at 07:34, Igor Opaniuk <igor.opaniuk at linaro.org>
> wrote:
> >
> > AVB version 1.1 introduces support for named persistent values
> > that must be tamper evident and allows AVB to store arbitrary key-value
> > pairs [1].
> >
> > Introduce implementation of two additional AVB operations
> > read_persistent_value()/write_persistent_value() for retrieving/storing
> > named persistent values.
> >
> > Correspondent pull request in the OP-TEE OS project repo [2].
> >
> > [1]:
> https://android.googlesource.com/platform/external/avb/+/android-9.0.0_r22
> > [2]: https://github.com/OP-TEE/optee_os/pull/2699
> >
> > Signed-off-by: Igor Opaniuk <igor.opaniuk at linaro.org>
> > ---
> >
> > v4:
> > - extend tee sandbox tee driver to support persistent values
> > - fix/re-test avb_persistent test on sandbox configuration:
> > $ ./test/py/test.py --bd sandbox --build -s -i avb_per
> >
> > U-Boot 2019.01-06051-gd01806a-dirty (Jan 27 2019 - 11:56:41 +0200)
> >
> > Model: sandbox
> > DRAM:  128 MiB
> > MMC:   MMC probed
> > MMC probed
> > MMC probed
> > mmc2: 2 (SD), mmc1: 1 (SD), mmc0: 0 (SD)
> > In:    serial
> > Out:   vidconsole
> > Err:   vidconsole
> > Model: sandbox
> > SCSI:
> > Net:   eth0: eth at 10002000, eth5: eth at 10003000, eth3: sbe5, eth1:
> eth at 10004000
> > Hit any key to stop autoboot:  0
> > => => avb init 1
> > => => avb write_pvalue test value_value
> > Wrote 12 bytes
> > => => avb read_pvalue test 12
> > Read 12 bytes, value = value_value
> > =>
> > test/py/tests/test_avb.py .
> >
> > ===== 464 tests deselected by '-kavb_per' ======
> > === 1 passed, 464 deselected in 0.16 seconds ===
> >
> > v3:
> > - fix possible mem lick in avb_read_persistent/avb_write_persistent
> > - add additional sanity checks
> > - cover avb read_pvalue/write_pvalue commands with python tests
> >
> > v2:
> > - fix output format for avb read_pvalue/write_pvalue commands
> > - fix issue with named value buffer size
> >
> >  cmd/avb.c                  |  78 ++++++++++++++++++++++++++++
> >  common/avb_verify.c        | 125
> +++++++++++++++++++++++++++++++++++++++++++++
> >  drivers/tee/sandbox.c      |  80 +++++++++++++++++++++++++++++
> >  include/tee.h              |   2 +
> >  include/tee/optee_ta_avb.h |  16 ++++++
> >  test/py/tests/test_avb.py  |  16 ++++++
> >  6 files changed, 317 insertions(+)
>
> This looks OK. My only comment is that the variables at the top of the
> sandbox driver should really be in a driver-private data struct, using
> priv_auto_alloc_size, etc.
>
> Reviewed-by: Simon Glass <sjg at chromium.org>
>
> I'm assuming that this test runs with 'make qcheck'?
>
>
> - Simon
>


More information about the U-Boot mailing list