[U-Boot] [PATCH v4 1/1] avb: add support for named persistent values
Igor Opaniuk
igor.opaniuk at linaro.org
Fri Feb 1 20:38:04 UTC 2019
Hi Simon,
Thanks for reviewing!
> I'm assuming that this test runs with 'make qcheck'?
I've tested only by invoking test.py:
./test/py/test.py --bd sandbox --build
On Thu, Jan 31, 2019, 11:04 Simon Glass <sjg at chromium.org wrote:
> Hi Igor,
>
> On Sun, 27 Jan 2019 at 07:34, Igor Opaniuk <igor.opaniuk at linaro.org>
> wrote:
> >
> > AVB version 1.1 introduces support for named persistent values
> > that must be tamper evident and allows AVB to store arbitrary key-value
> > pairs [1].
> >
> > Introduce implementation of two additional AVB operations
> > read_persistent_value()/write_persistent_value() for retrieving/storing
> > named persistent values.
> >
> > Correspondent pull request in the OP-TEE OS project repo [2].
> >
> > [1]:
> https://android.googlesource.com/platform/external/avb/+/android-9.0.0_r22
> > [2]: https://github.com/OP-TEE/optee_os/pull/2699
> >
> > Signed-off-by: Igor Opaniuk <igor.opaniuk at linaro.org>
> > ---
> >
> > v4:
> > - extend tee sandbox tee driver to support persistent values
> > - fix/re-test avb_persistent test on sandbox configuration:
> > $ ./test/py/test.py --bd sandbox --build -s -i avb_per
> >
> > U-Boot 2019.01-06051-gd01806a-dirty (Jan 27 2019 - 11:56:41 +0200)
> >
> > Model: sandbox
> > DRAM: 128 MiB
> > MMC: MMC probed
> > MMC probed
> > MMC probed
> > mmc2: 2 (SD), mmc1: 1 (SD), mmc0: 0 (SD)
> > In: serial
> > Out: vidconsole
> > Err: vidconsole
> > Model: sandbox
> > SCSI:
> > Net: eth0: eth at 10002000, eth5: eth at 10003000, eth3: sbe5, eth1:
> eth at 10004000
> > Hit any key to stop autoboot: 0
> > => => avb init 1
> > => => avb write_pvalue test value_value
> > Wrote 12 bytes
> > => => avb read_pvalue test 12
> > Read 12 bytes, value = value_value
> > =>
> > test/py/tests/test_avb.py .
> >
> > ===== 464 tests deselected by '-kavb_per' ======
> > === 1 passed, 464 deselected in 0.16 seconds ===
> >
> > v3:
> > - fix possible mem lick in avb_read_persistent/avb_write_persistent
> > - add additional sanity checks
> > - cover avb read_pvalue/write_pvalue commands with python tests
> >
> > v2:
> > - fix output format for avb read_pvalue/write_pvalue commands
> > - fix issue with named value buffer size
> >
> > cmd/avb.c | 78 ++++++++++++++++++++++++++++
> > common/avb_verify.c | 125
> +++++++++++++++++++++++++++++++++++++++++++++
> > drivers/tee/sandbox.c | 80 +++++++++++++++++++++++++++++
> > include/tee.h | 2 +
> > include/tee/optee_ta_avb.h | 16 ++++++
> > test/py/tests/test_avb.py | 16 ++++++
> > 6 files changed, 317 insertions(+)
>
> This looks OK. My only comment is that the variables at the top of the
> sandbox driver should really be in a driver-private data struct, using
> priv_auto_alloc_size, etc.
>
> Reviewed-by: Simon Glass <sjg at chromium.org>
>
> I'm assuming that this test runs with 'make qcheck'?
>
>
> - Simon
>
More information about the U-Boot
mailing list