summaryrefslogtreecommitdiff
path: root/lib/avb/fsl/fsl_avbkey.c
diff options
context:
space:
mode:
Diffstat (limited to 'lib/avb/fsl/fsl_avbkey.c')
-rw-r--r--lib/avb/fsl/fsl_avbkey.c717
1 files changed, 717 insertions, 0 deletions
diff --git a/lib/avb/fsl/fsl_avbkey.c b/lib/avb/fsl/fsl_avbkey.c
new file mode 100644
index 0000000..9f2f11a
--- /dev/null
+++ b/lib/avb/fsl/fsl_avbkey.c
@@ -0,0 +1,717 @@
+/*
+ * Copyright (C) 2016 Freescale Semiconductor, Inc.
+ *
+ * SPDX-License-Identifier: GPL-2.0+
+ */
+
+#include <common.h>
+#include <stdlib.h>
+#include <fsl_caam.h>
+#include <fuse.h>
+#include <mmc.h>
+
+#include <fsl_avb.h>
+#include "fsl_avbkey.h"
+#include "utils.h"
+#include "debug.h"
+
+#define INITFLAG_FUSE_OFFSET 0
+#define INITFLAG_FUSE_MASK 0x00000001
+#define INITFLAG_FUSE 0x00000001
+
+#define RPMB_BLKSZ 256
+#define RPMBKEY_FUSE_OFFSET 1
+#define RPMBKEY_LENGTH 32
+#define RPMBKEY_FUSE_LEN ((RPMBKEY_LENGTH) + (CAAM_PAD))
+#define RPMBKEY_FUSE_LENW (RPMBKEY_FUSE_LEN / 4)
+
+static int mmc_dev_no = -1;
+
+static struct mmc *get_mmc(void) {
+ extern int mmc_get_env_devno(void);
+ struct mmc *mmc;
+ if (mmc_dev_no < 0 && (mmc_dev_no = mmc_get_env_dev()) < 0)
+ return NULL;
+ mmc = find_mmc_device(mmc_dev_no);
+ if (!mmc || mmc_init(mmc))
+ return NULL;
+ return mmc;
+}
+
+static int fsl_fuse_ops(uint32_t *buffer, uint32_t length, uint32_t offset,
+ const uint8_t read) {
+
+ unsigned short bs, ws, bksz, cnt;
+ unsigned short num_done = 0;
+ margin_pos_t margin;
+ int i;
+
+ /* read from fuse */
+ bksz = CONFIG_AVB_FUSE_BANK_SIZEW;
+ if(get_margin_pos(CONFIG_AVB_FUSE_BANK_START, CONFIG_AVB_FUSE_BANK_END, bksz,
+ &margin, offset, length, false))
+ return -1;
+ bs = (unsigned short)margin.blk_start;
+ ws = (unsigned short)margin.start;
+
+ while (num_done < length) {
+ cnt = bksz - ws;
+ if (num_done + cnt > length)
+ cnt = length - num_done;
+ for (i = 0; i < cnt; i++) {
+ VDEBUG("cur: bank=%d, word=%d\n",bs, ws);
+ if (read) {
+#ifdef CONFIG_AVB_FUSE
+ if (fuse_sense(bs, ws, buffer)) {
+#else
+ if (fuse_read(bs, ws, buffer)) {
+#endif
+ ERR("read fuse bank %d, word %d error\n", bs, ws);
+ return -1;
+ }
+ } else {
+#ifdef CONFIG_AVB_FUSE
+ if (fuse_prog(bs, ws, *buffer)) {
+#else
+ if (fuse_override(bs, ws, *buffer)) {
+#endif
+ ERR("write fuse bank %d, word %d error\n", bs, ws);
+ return -1;
+ }
+ }
+ ws++;
+ buffer++;
+ }
+ bs++;
+ num_done += cnt;
+ ws = 0;
+ }
+ return 0;
+}
+
+static int fsl_fuse_read(uint32_t *buffer, uint32_t length, uint32_t offset) {
+
+ return fsl_fuse_ops(
+ buffer,
+ length,
+ offset,
+ 1
+ );
+}
+
+static int fsl_fuse_write(const uint32_t *buffer, uint32_t length, uint32_t offset) {
+
+ return fsl_fuse_ops(
+ (uint32_t *)buffer,
+ length,
+ offset,
+ 0
+ );
+}
+
+static int rpmb_key(struct mmc *mmc) {
+
+ char original_part;
+ uint8_t blob[RPMBKEY_FUSE_LEN];
+ uint8_t plain_key[RPMBKEY_LENGTH];
+
+ int ret;
+
+ DEBUGAVB("[rpmb]: set kley\n");
+
+ /* Switch to the RPMB partition */
+ original_part = mmc->block_dev.hwpart;
+ if (mmc->block_dev.hwpart != MMC_PART_RPMB) {
+ if (mmc_switch_part(mmc, MMC_PART_RPMB) != 0)
+ return -1;
+ mmc->block_dev.hwpart = MMC_PART_RPMB;
+ }
+
+ /* use caam hwrng to generate */
+ caam_open();
+ if (caam_hwrng(plain_key, RPMBKEY_LENGTH)) {
+ ERR("ERROR - caam rng\n");
+ ret = -1;
+ goto fail;
+ }
+
+ /* generate keyblob and program to fuse */
+ if (caam_gen_blob((uint32_t)plain_key, (uint32_t)blob, RPMBKEY_LENGTH)) {
+ ERR("gen rpmb key blb error\n");
+ ret = -1;
+ goto fail;
+ }
+
+ if (fsl_fuse_write((uint32_t *)blob, RPMBKEY_FUSE_LENW, RPMBKEY_FUSE_OFFSET)){
+ ERR("write rpmb key to fuse error\n");
+ ret = -1;
+ goto fail;
+ }
+
+#ifdef CONFIG_AVB_FUSE
+ /* program key to mmc */
+ if (mmc_rpmb_set_key(mmc, plain_key)) {
+ ERR("Key already programmed ?\n");
+ ret = -1;
+ goto fail;
+ }
+#endif
+ ret = 0;
+
+#ifdef CONFIG_AVB_DEBUG
+ /* debug */
+ uint8_t ext_key[RPMBKEY_LENGTH];
+ printf(" RPMB plain kay---\n");
+ print_buffer(0, plain_key, HEXDUMP_WIDTH, RPMBKEY_LENGTH, 0);
+ if (fsl_fuse_read((uint32_t *)blob, RPMBKEY_FUSE_LENW, RPMBKEY_FUSE_OFFSET)){
+ ERR("read rpmb key to fuse error\n");
+ ret = -1;
+ goto fail;
+ }
+ printf(" RPMB blob---\n");
+ print_buffer(0, blob, HEXDUMP_WIDTH, RPMBKEY_FUSE_LEN, 0);
+ if (caam_decap_blob((uint32_t)ext_key, (uint32_t)blob, RPMBKEY_LENGTH)) {
+ ret = -1;
+ goto fail;
+ }
+ printf(" RPMB extract---\n");
+ print_buffer(0, ext_key, HEXDUMP_WIDTH, RPMBKEY_LENGTH, 0);
+ /* debug done */
+#endif
+
+fail:
+ /* Return to original partition */
+ if (mmc->block_dev.hwpart != original_part) {
+ if (mmc_switch_part(mmc, original_part) != 0)
+ return -1;
+ mmc->block_dev.hwpart = original_part;
+ }
+ return ret;
+
+}
+
+static int rpmb_read(struct mmc *mmc, uint8_t *buffer, size_t num_bytes, int64_t offset) {
+
+ unsigned char *bdata = NULL;
+ unsigned char *out_buf = (unsigned char *)buffer;
+ unsigned long s, cnt;
+ unsigned long blksz;
+ size_t num_read = 0;
+ unsigned short part_start, part_length, part_end, bs, be;
+ margin_pos_t margin;
+ char original_part;
+ uint8_t extract_key[RPMBKEY_LENGTH];
+ uint8_t blob[RPMBKEY_FUSE_LEN];
+
+ int ret;
+
+ blksz = RPMB_BLKSZ;
+ part_length = mmc->capacity_rpmb >> 8;
+ part_start = 0;
+ part_end = part_start + part_length - 1;
+
+ DEBUGAVB("[rpmb]: offset=%ld, num_bytes=%zu\n", (long)offset, num_bytes);
+
+ if(get_margin_pos(part_start, part_end, blksz,
+ &margin, offset, num_bytes, false))
+ return -1;
+
+ bs = (unsigned short)margin.blk_start;
+ be = (unsigned short)margin.blk_end;
+ s = margin.start;
+
+ /* Switch to the RPMB partition */
+ original_part = mmc->block_dev.hwpart;
+ if (mmc->block_dev.hwpart != MMC_PART_RPMB) {
+ if (mmc_switch_part(mmc, MMC_PART_RPMB) != 0)
+ return -1;
+ mmc->block_dev.hwpart = MMC_PART_RPMB;
+ }
+
+ /* get rpmb key */
+ if (fsl_fuse_read((uint32_t *)blob, RPMBKEY_FUSE_LENW, RPMBKEY_FUSE_OFFSET)){
+ ERR("read rpmb key error\n");
+ ret = -1;
+ goto fail;
+ }
+ caam_open();
+ if (caam_decap_blob((uint32_t)extract_key, (uint32_t)blob, RPMBKEY_LENGTH)) {
+ ERR("decap rpmb key error\n");
+ ret = -1;
+ goto fail;
+ }
+
+ // alloc a blksz mem
+ bdata = (unsigned char *)memalign(ALIGN_BYTES, blksz);
+ if (bdata == NULL) {
+ ret = -1;
+ goto fail;
+ }
+ // one block a time
+ while (bs <= be) {
+ memset(bdata, 0, blksz);
+ if (mmc_rpmb_read(mmc, bdata, bs, 1, extract_key) != 1) {
+ ret = -1;
+ goto fail;
+ }
+ cnt = blksz - s;
+ if (num_read + cnt > num_bytes)
+ cnt = num_bytes - num_read;
+ VDEBUG("cur: bs=%d, start=%ld, cnt=%ld bdata=0x%p\n",
+ bs, s, cnt, bdata);
+ memcpy(out_buf, bdata + s, cnt);
+ bs++;
+ num_read += cnt;
+ out_buf += cnt;
+ s = 0;
+ }
+ ret = 0;
+
+fail:
+ /* Return to original partition */
+ if (mmc->block_dev.hwpart != original_part) {
+ if (mmc_switch_part(mmc, original_part) != 0)
+ return -1;
+ mmc->block_dev.hwpart = original_part;
+ }
+ if (bdata != NULL)
+ free(bdata);
+ return ret;
+
+}
+static int rpmb_write(struct mmc *mmc, uint8_t *buffer, size_t num_bytes, int64_t offset) {
+
+ unsigned char *bdata = NULL;
+ unsigned char *in_buf = (unsigned char *)buffer;
+ unsigned long s, cnt;
+ unsigned long blksz;
+ size_t num_write = 0;
+ unsigned short part_start, part_length, part_end, bs;
+ margin_pos_t margin;
+ char original_part;
+ uint8_t extract_key[RPMBKEY_LENGTH];
+ uint8_t blob[RPMBKEY_FUSE_LEN];
+
+ int ret;
+
+ blksz = RPMB_BLKSZ;
+ part_length = mmc->capacity_rpmb >> 8;
+ part_start = 0;
+ part_end = part_start + part_length - 1;
+
+ DEBUGAVB("[rpmb]: offset=%ld, num_bytes=%zu\n", (long)offset, num_bytes);
+
+ if(get_margin_pos(part_start, part_end, blksz,
+ &margin, offset, num_bytes, false)) {
+ ERR("get_margin_pos err\n");
+ return -1;
+ }
+
+ bs = (unsigned short)margin.blk_start;
+ s = margin.start;
+
+ /* Switch to the RPMB partition */
+ original_part = mmc->block_dev.hwpart;
+ if (mmc->block_dev.hwpart != MMC_PART_RPMB) {
+ if (mmc_switch_part(mmc, MMC_PART_RPMB) != 0)
+ return -1;
+ mmc->block_dev.hwpart = MMC_PART_RPMB;
+ }
+
+ /* get rpmb key */
+ if (fsl_fuse_read((uint32_t *)blob, RPMBKEY_FUSE_LENW, RPMBKEY_FUSE_OFFSET)){
+ ERR("read rpmb key error\n");
+ ret = -1;
+ goto fail;
+ }
+ caam_open();
+ if (caam_decap_blob((uint32_t)extract_key, (uint32_t)blob, RPMBKEY_LENGTH)) {
+ ERR("decap rpmb key error\n");
+ ret = -1;
+ goto fail;
+ }
+
+ // alloc a blksz mem
+ bdata = (unsigned char *)memalign(ALIGN_BYTES, blksz);
+ if (bdata == NULL) {
+ ret = -1;
+ goto fail;
+ }
+ while (num_write < num_bytes) {
+ memset(bdata, 0, blksz);
+ cnt = blksz - s;
+ if (num_write + cnt > num_bytes)
+ cnt = num_bytes - num_write;
+ if (!s || cnt != blksz) { //read blk first
+ if (mmc_rpmb_read(mmc, bdata, bs, 1, extract_key) != 1) {
+ ERR("mmc_rpmb_read err, mmc= 0x%08x\n", (unsigned int)mmc);
+ ret = -1;
+ goto fail;
+ }
+ }
+ memcpy(bdata + s, in_buf, cnt); //change data
+ VDEBUG("cur: bs=%d, start=%ld, cnt=%ld\n", bs, s, cnt);
+ if (mmc_rpmb_write(mmc, bdata, bs, 1, extract_key) != 1) {
+ ret = -1;
+ goto fail;
+ }
+ bs++;
+ num_write += cnt;
+ in_buf += cnt;
+ if (s != 0)
+ s = 0;
+ }
+ ret = 0;
+
+fail:
+ /* Return to original partition */
+ if (mmc->block_dev.hwpart != original_part) {
+ if (mmc_switch_part(mmc, original_part) != 0)
+ return -1;
+ mmc->block_dev.hwpart = original_part;
+ }
+ if (bdata != NULL)
+ free(bdata);
+ return ret;
+
+}
+
+int rbkidx_erase(void) {
+ int i;
+ kblb_hdr_t hdr;
+ kblb_tag_t *tag;
+ struct mmc *mmc_dev;
+
+ if ((mmc_dev = get_mmc()) == NULL) {
+ ERR("err get mmc device\n");
+ return -1;
+ }
+
+ /* read the kblb header */
+ if (rpmb_read(mmc_dev, (uint8_t *)&hdr, sizeof(hdr), 0) != 0) {
+ ERR("read RPMB error\n");
+ return -1;
+ }
+ if (memcmp(hdr.magic, AVB_KBLB_MAGIC, AVB_KBLB_MAGIC_LEN) != 0) {
+ ERR("magic not match\n");
+ return -1;
+ }
+
+ /* reset rollback index */
+ uint32_t offset = AVB_RBIDX_START;
+ uint32_t rbidx_len = AVB_RBIDX_LEN;
+ uint8_t *rbidx = malloc(rbidx_len);
+ if (rbidx == NULL)
+ return -1;
+ memset(rbidx, 0, rbidx_len);
+ *(uint64_t *)rbidx = AVB_RBIDX_INITVAL;
+ for (i = 0; i < AVB_MAX_NUMBER_OF_ROLLBACK_INDEX_LOCATIONS; i++) {
+ tag = &hdr.rbk_tags[i];
+ tag->flag = AVB_RBIDX_FLAG;
+ tag->offset = offset;
+ tag->len = rbidx_len;
+ /* write */
+ if (rpmb_write(mmc_dev, rbidx, tag->len, tag->offset) != 0) {
+ ERR("write RBKIDX RPMB error\n");
+ free(rbidx);
+ return -1;
+ }
+ offset += AVB_RBIDX_ALIGN;
+ }
+ free(rbidx);
+ /* write back hdr */
+ if (rpmb_write(mmc_dev, (uint8_t *)&hdr, sizeof(hdr), 0) != 0) {
+ ERR("write RPMB hdr error\n");
+ return -1;
+ }
+ return 0;
+}
+
+
+int avbkey_init(uint8_t *plainkey, uint32_t keylen) {
+ int i;
+ kblb_hdr_t hdr;
+ kblb_tag_t *tag;
+ struct mmc *mmc_dev;
+ uint32_t init_flag;
+
+ /* int ret; */
+
+ assert(plainkey != NULL);
+
+ /* check overflow */
+ if (keylen > AVB_RBIDX_START - AVB_PUBKY_OFFSET) {
+ ERR("key len overflow\n");
+ return -1;
+ }
+
+ /* check init status */
+ if (fsl_fuse_read(&init_flag, 1, INITFLAG_FUSE_OFFSET)) {
+ ERR("ERROR - read fuse init flag error\n");
+ return -1;
+ }
+ if ((init_flag & INITFLAG_FUSE_MASK) == INITFLAG_FUSE) {
+ ERR("ERROR - already inited\n");
+ return -1;
+ }
+ init_flag = INITFLAG_FUSE & INITFLAG_FUSE_MASK;
+
+ /* generate and write key to mmc/fuse */
+ if ((mmc_dev = get_mmc()) == NULL) {
+ ERR("ERROR - get mmc device\n");
+ return -1;
+ }
+ if (rpmb_key(mmc_dev)) {
+ ERR("ERROR - write mmc rpmb key\n");
+ return -1;
+ }
+
+ if (fsl_fuse_write(&init_flag, 1, INITFLAG_FUSE_OFFSET)){
+ ERR("write fuse init error\n");
+ return -1;
+ }
+
+ /* init pubkey */
+ tag = &hdr.pubk_tag;
+ tag->flag = AVB_PUBKY_FLAG;
+ tag->offset = AVB_PUBKY_OFFSET;
+ tag->len = keylen;
+
+ if (rpmb_write(mmc_dev, plainkey, tag->len, tag->offset) != 0) {
+ ERR("write RPMB error\n");
+ return -1;
+ }
+
+ /* init rollback index */
+ uint32_t offset = AVB_RBIDX_START;
+ uint32_t rbidx_len = AVB_RBIDX_LEN;
+ uint8_t *rbidx = malloc(rbidx_len);
+ if (rbidx == NULL)
+ return -1;
+ memset(rbidx, 0, rbidx_len);
+ *(uint64_t *)rbidx = AVB_RBIDX_INITVAL;
+ for (i = 0; i < AVB_MAX_NUMBER_OF_ROLLBACK_INDEX_LOCATIONS; i++) {
+ tag = &hdr.rbk_tags[i];
+ tag->flag = AVB_RBIDX_FLAG;
+ tag->offset = offset;
+ tag->len = rbidx_len;
+ if (rpmb_write(mmc_dev, rbidx, tag->len, tag->offset) != 0) {
+ ERR("write RBKIDX RPMB error\n");
+ free(rbidx);
+ return -1;
+ }
+ offset += AVB_RBIDX_ALIGN;
+ }
+ free(rbidx);
+
+ /* init hdr */
+ memcpy(hdr.magic, AVB_KBLB_MAGIC, AVB_KBLB_MAGIC_LEN);
+ if (rpmb_write(mmc_dev, (uint8_t *)&hdr, sizeof(hdr), 0) != 0) {
+ ERR("write RPMB hdr error\n");
+ return -1;
+ }
+
+ return 0;
+}
+
+/* Checks if the given public key used to sign the 'vbmeta'
+ * partition is trusted. Boot loaders typically compare this with
+ * embedded key material generated with 'avbtool
+ * extract_public_key'.
+ *
+ * If AVB_IO_RESULT_OK is returned then |out_is_trusted| is set -
+ * true if trusted or false if untrusted.
+ */
+AvbIOResult fsl_validate_vbmeta_public_key_rpmb(AvbOps* ops,
+ const uint8_t* public_key_data,
+ size_t public_key_length,
+ const uint8_t* public_key_metadata,
+ size_t public_key_metadata_length,
+ bool* out_is_trusted) {
+ kblb_hdr_t hdr;
+ kblb_tag_t *pubk;
+ uint8_t *extract_key = NULL;
+ struct mmc *mmc_dev;
+ AvbIOResult ret;
+
+ assert(ops != NULL && out_is_trusted != NULL);
+ *out_is_trusted = false;
+
+ if ((mmc_dev = get_mmc()) == NULL) {
+ ERR("err get mmc device\n");
+ return AVB_IO_RESULT_ERROR_IO;
+ }
+ /* read the kblb header */
+ if (rpmb_read(mmc_dev, (uint8_t *)&hdr, sizeof(hdr), 0) != 0) {
+ ERR("read RPMB error\n");
+ return AVB_IO_RESULT_ERROR_IO;
+ }
+
+ if (memcmp(hdr.magic, AVB_KBLB_MAGIC, AVB_KBLB_MAGIC_LEN) != 0) {
+ ERR("magic not match\n");
+ return AVB_IO_RESULT_ERROR_IO;
+ }
+
+ /* read public key */
+ pubk = &hdr.pubk_tag;
+ if (pubk->len != public_key_length){
+ ERR("avbkey len not match\n");
+ return AVB_IO_RESULT_ERROR_IO;
+ }
+ extract_key = malloc(pubk->len);
+ if (extract_key == NULL)
+ return AVB_IO_RESULT_ERROR_OOM;
+
+ if (rpmb_read(mmc_dev, extract_key, pubk->len, pubk->offset) != 0) {
+ ERR("read public keyblob error\n");
+ ret = AVB_IO_RESULT_ERROR_IO;
+ goto fail;
+ }
+
+ /* match given public key */
+ if (memcmp(extract_key, public_key_data, public_key_length)) {
+ ret = AVB_IO_RESULT_OK;
+ goto fail;
+ }
+#ifdef AVB_VDEBUG
+ printf("\n----key dump: stored---\n");
+ print_buffer(0, extract_key, HEXDUMP_WIDTH, pubk->len, 0);
+ printf("\n----key dump: vbmeta---\n");
+ print_buffer(0, public_key_data, HEXDUMP_WIDTH, public_key_length, 0);
+ printf("--- end ---\n");
+#endif
+
+ *out_is_trusted = true;
+ ret = AVB_IO_RESULT_OK;
+fail:
+ if (extract_key != NULL)
+ free(extract_key);
+ return ret;
+}
+
+/* Gets the rollback index corresponding to the slot given by
+ * |rollback_index_slot|. The value is returned in
+ * |out_rollback_index|. Returns AVB_IO_RESULT_OK if the rollback
+ * index was retrieved, otherwise an error code.
+ *
+ * A device may have a limited amount of rollback index slots (say,
+ * one or four) so may error out if |rollback_index_slot| exceeds
+ * this number.
+ */
+AvbIOResult fsl_read_rollback_index_rpmb(AvbOps* ops, size_t rollback_index_slot,
+ uint64_t* out_rollback_index) {
+ kblb_hdr_t hdr;
+ kblb_tag_t *rbk;
+ uint64_t *extract_idx = NULL;
+ struct mmc *mmc_dev;
+ AvbIOResult ret;
+
+ assert(ops != NULL && out_rollback_index != NULL);
+ *out_rollback_index = ~0;
+
+ DEBUGAVB("[rpmb] read rollback slot: %zu\n", rollback_index_slot);
+
+ if (rollback_index_slot >= AVB_MAX_NUMBER_OF_ROLLBACK_INDEX_LOCATIONS)
+ return AVB_IO_RESULT_ERROR_IO;
+
+ if ((mmc_dev = get_mmc()) == NULL) {
+ ERR("err get mmc device\n");
+ return AVB_IO_RESULT_ERROR_IO;
+ }
+ /* read the kblb header */
+ if (rpmb_read(mmc_dev, (uint8_t *)&hdr, sizeof(hdr), 0) != 0) {
+ ERR("read RPMB error\n");
+ return AVB_IO_RESULT_ERROR_IO;
+ }
+
+ if (memcmp(hdr.magic, AVB_KBLB_MAGIC, AVB_KBLB_MAGIC_LEN) != 0) {
+ ERR("magic not match\n");
+ return AVB_IO_RESULT_ERROR_IO;
+ }
+
+ rbk = &hdr.rbk_tags[rollback_index_slot];
+ extract_idx = malloc(rbk->len);
+ if (extract_idx == NULL)
+ return AVB_IO_RESULT_ERROR_OOM;
+
+ /* read rollback_index keyblob */
+ if (rpmb_read(mmc_dev, (uint8_t *)extract_idx, rbk->len, rbk->offset) != 0) {
+ ERR("read rollback index error\n");
+ ret = AVB_IO_RESULT_ERROR_IO;
+ goto fail;
+ }
+
+#ifdef AVB_VVDEBUG
+ printf("\n----idx dump: ---\n");
+ print_buffer(0, extract_idx, HEXDUMP_WIDTH, rbk->len, 0);
+ printf("--- end ---\n");
+#endif
+
+ *out_rollback_index = *extract_idx;
+ DEBUGAVB("rollback_index = %" PRIu64 "\n", *out_rollback_index);
+ ret = AVB_IO_RESULT_OK;
+fail:
+ if (extract_idx != NULL)
+ free(extract_idx);
+ return ret;
+}
+
+/* Sets the rollback index corresponding to the slot given by
+ * |rollback_index_slot| to |rollback_index|. Returns
+ * AVB_IO_RESULT_OK if the rollback index was set, otherwise an
+ * error code.
+ *
+ * A device may have a limited amount of rollback index slots (say,
+ * one or four) so may error out if |rollback_index_slot| exceeds
+ * this number.
+ */
+AvbIOResult fsl_write_rollback_index_rpmb(AvbOps* ops, size_t rollback_index_slot,
+ uint64_t rollback_index) {
+ kblb_hdr_t hdr;
+ kblb_tag_t *rbk;
+ uint64_t *plain_idx = NULL;
+ struct mmc *mmc_dev;
+ AvbIOResult ret;
+
+ DEBUGAVB("[rpmb] write to rollback slot: (%zu, %" PRIu64 ")\n",
+ rollback_index_slot, rollback_index);
+
+ assert(ops != NULL);
+
+ if (rollback_index_slot >= AVB_MAX_NUMBER_OF_ROLLBACK_INDEX_LOCATIONS)
+ return AVB_IO_RESULT_ERROR_IO;
+
+ if ((mmc_dev = get_mmc()) == NULL) {
+ ERR("err get mmc device\n");
+ return AVB_IO_RESULT_ERROR_IO;
+ }
+ /* read the kblb header */
+ if (rpmb_read(mmc_dev, (uint8_t *)&hdr, sizeof(hdr), 0) != 0) {
+ ERR("read RPMB error\n");
+ return AVB_IO_RESULT_ERROR_IO;
+ }
+
+ if (memcmp(hdr.magic, AVB_KBLB_MAGIC, AVB_KBLB_MAGIC_LEN) != 0) {
+ ERR("magic not match\n");
+ return AVB_IO_RESULT_ERROR_IO;
+ }
+
+ rbk = &hdr.rbk_tags[rollback_index_slot];
+ plain_idx = malloc(rbk->len);
+ if (plain_idx == NULL)
+ return AVB_IO_RESULT_ERROR_OOM;
+ memset(plain_idx, 0, rbk->len);
+ *plain_idx = rollback_index;
+
+ /* write rollback_index keyblob */
+ if (rpmb_write(mmc_dev, (uint8_t *)plain_idx, rbk->len, rbk->offset) != 0) {
+ ERR("write rollback index error\n");
+ ret = AVB_IO_RESULT_ERROR_IO;
+ goto fail;
+ }
+ ret = AVB_IO_RESULT_OK;
+fail:
+ if (plain_idx != NULL)
+ free(plain_idx);
+ return ret;
+}
generated by cgit v1.1 at 2024-10-03 23:55:39 +0000