X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=cmd%2Favb.c;h=a4de5c40a2dc9f006acaa7aa96e6b70623c56daa;hb=634fe73eedb9551a13296f356afae67539583f17;hp=f045a0c64c4a6961fd5e64a9f6b7f8da5f44afdf;hpb=de76610545f4350f8e3eac7c0c4ff6349106a9bf;p=oweals%2Fu-boot.git

diff --git a/cmd/avb.c b/cmd/avb.c
index f045a0c64c..a4de5c40a2 100644
--- a/cmd/avb.c
+++ b/cmd/avb.c
@@ -7,6 +7,7 @@
 
 #include <avb_verify.h>
 #include <command.h>
+#include <env.h>
 #include <image.h>
 #include <malloc.h>
 #include <mmc.h>
@@ -14,11 +15,6 @@
 #define AVB_BOOTARGS	"avb_bootargs"
 static struct AvbOps *avb_ops;
 
-static const char * const requested_partitions[] = {"boot",
-					     "system",
-					     "vendor",
-					     NULL};
-
 int do_avb_init(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[])
 {
 	unsigned long mmc_dev;
@@ -35,6 +31,8 @@ int do_avb_init(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[])
 	if (avb_ops)
 		return CMD_RET_SUCCESS;
 
+	printf("Failed to initialize avb2\n");
+
 	return CMD_RET_FAILURE;
 }
 
@@ -65,6 +63,8 @@ int do_avb_read_part(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[])
 		return CMD_RET_SUCCESS;
 	}
 
+	printf("Failed to read from partition\n");
+
 	return CMD_RET_FAILURE;
 }
 
@@ -108,6 +108,8 @@ int do_avb_read_part_hex(cmd_tbl_t *cmdtp, int flag, int argc,
 		return CMD_RET_SUCCESS;
 	}
 
+	printf("Failed to read from partition\n");
+
 	free(buffer);
 	return CMD_RET_FAILURE;
 }
@@ -138,6 +140,8 @@ int do_avb_write_part(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[])
 		return CMD_RET_SUCCESS;
 	}
 
+	printf("Failed to write in partition\n");
+
 	return CMD_RET_FAILURE;
 }
 
@@ -158,9 +162,12 @@ int do_avb_read_rb(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[])
 
 	if (avb_ops->read_rollback_index(avb_ops, index, &rb_idx) ==
 	    AVB_IO_RESULT_OK) {
-		printf("Rollback index: %llu\n", rb_idx);
+		printf("Rollback index: %llx\n", rb_idx);
 		return CMD_RET_SUCCESS;
 	}
+
+	printf("Failed to read rollback index\n");
+
 	return CMD_RET_FAILURE;
 }
 
@@ -184,6 +191,8 @@ int do_avb_write_rb(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[])
 	    AVB_IO_RESULT_OK)
 		return CMD_RET_SUCCESS;
 
+	printf("Failed to write rollback index\n");
+
 	return CMD_RET_FAILURE;
 }
 
@@ -210,16 +219,20 @@ int do_avb_get_uuid(cmd_tbl_t *cmdtp, int flag,
 		return CMD_RET_SUCCESS;
 	}
 
+	printf("Failed to read UUID\n");
+
 	return CMD_RET_FAILURE;
 }
 
 int do_avb_verify_part(cmd_tbl_t *cmdtp, int flag,
 		       int argc, char *const argv[])
 {
+	const char * const requested_partitions[] = {"boot", NULL};
 	AvbSlotVerifyResult slot_result;
 	AvbSlotVerifyData *out_data;
 	char *cmdline;
 	char *extra_args;
+	char *slot_suffix = "";
 
 	bool unlocked = false;
 	int res = CMD_RET_FAILURE;
@@ -229,9 +242,12 @@ int do_avb_verify_part(cmd_tbl_t *cmdtp, int flag,
 		return CMD_RET_FAILURE;
 	}
 
-	if (argc != 1)
+	if (argc < 1 || argc > 2)
 		return CMD_RET_USAGE;
 
+	if (argc == 2)
+		slot_suffix = argv[1];
+
 	printf("## Android Verified Boot 2.0 version %s\n",
 	       avb_version_string());
 
@@ -244,7 +260,7 @@ int do_avb_verify_part(cmd_tbl_t *cmdtp, int flag,
 	slot_result =
 		avb_slot_verify(avb_ops,
 				requested_partitions,
-				"",
+				slot_suffix,
 				unlocked,
 				AVB_HASHTREE_ERROR_MODE_RESTART_AND_INVALIDATE,
 				&out_data);
@@ -320,6 +336,78 @@ int do_avb_is_unlocked(cmd_tbl_t *cmdtp, int flag,
 		return CMD_RET_SUCCESS;
 	}
 
+	printf("Can't determine device lock state.\n");
+
+	return CMD_RET_FAILURE;
+}
+
+int do_avb_read_pvalue(cmd_tbl_t *cmdtp, int flag, int argc,
+		       char * const argv[])
+{
+	const char *name;
+	size_t bytes;
+	size_t bytes_read;
+	void *buffer;
+	char *endp;
+
+	if (!avb_ops) {
+		printf("AVB 2.0 is not initialized, run 'avb init' first\n");
+		return CMD_RET_FAILURE;
+	}
+
+	if (argc != 3)
+		return CMD_RET_USAGE;
+
+	name = argv[1];
+	bytes = simple_strtoul(argv[2], &endp, 10);
+	if (*endp && *endp != '\n')
+		return CMD_RET_USAGE;
+
+	buffer = malloc(bytes);
+	if (!buffer)
+		return CMD_RET_FAILURE;
+
+	if (avb_ops->read_persistent_value(avb_ops, name, bytes, buffer,
+					   &bytes_read) == AVB_IO_RESULT_OK) {
+		printf("Read %zu bytes, value = %s\n", bytes_read,
+		       (char *)buffer);
+		free(buffer);
+		return CMD_RET_SUCCESS;
+	}
+
+	printf("Failed to read persistent value\n");
+
+	free(buffer);
+
+	return CMD_RET_FAILURE;
+}
+
+int do_avb_write_pvalue(cmd_tbl_t *cmdtp, int flag, int argc,
+			char * const argv[])
+{
+	const char *name;
+	const char *value;
+
+	if (!avb_ops) {
+		printf("AVB 2.0 is not initialized, run 'avb init' first\n");
+		return CMD_RET_FAILURE;
+	}
+
+	if (argc != 3)
+		return CMD_RET_USAGE;
+
+	name = argv[1];
+	value = argv[2];
+
+	if (avb_ops->write_persistent_value(avb_ops, name, strlen(value) + 1,
+					    (const uint8_t *)value) ==
+	    AVB_IO_RESULT_OK) {
+		printf("Wrote %zu bytes\n", strlen(value) + 1);
+		return CMD_RET_SUCCESS;
+	}
+
+	printf("Failed to write persistent value\n");
+
 	return CMD_RET_FAILURE;
 }
 
@@ -332,7 +420,11 @@ static cmd_tbl_t cmd_avb[] = {
 	U_BOOT_CMD_MKENT(read_part, 5, 0, do_avb_read_part, "", ""),
 	U_BOOT_CMD_MKENT(read_part_hex, 4, 0, do_avb_read_part_hex, "", ""),
 	U_BOOT_CMD_MKENT(write_part, 5, 0, do_avb_write_part, "", ""),
-	U_BOOT_CMD_MKENT(verify, 1, 0, do_avb_verify_part, "", ""),
+	U_BOOT_CMD_MKENT(verify, 2, 0, do_avb_verify_part, "", ""),
+#ifdef CONFIG_OPTEE_TA_AVB
+	U_BOOT_CMD_MKENT(read_pvalue, 3, 0, do_avb_read_pvalue, "", ""),
+	U_BOOT_CMD_MKENT(write_pvalue, 3, 0, do_avb_write_pvalue, "", ""),
+#endif
 };
 
 static int do_avb(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[])
@@ -367,6 +459,11 @@ U_BOOT_CMD(
 	"    partition <partname> and print to stdout\n"
 	"avb write_part <partname> <offset> <num> <addr> - write <num> bytes to\n"
 	"    <partname> by <offset> using data from <addr>\n"
-	"avb verify - run verification process using hash data\n"
+#ifdef CONFIG_OPTEE_TA_AVB
+	"avb read_pvalue <name> <bytes> - read a persistent value <name>\n"
+	"avb write_pvalue <name> <value> - write a persistent value <name>\n"
+#endif
+	"avb verify [slot_suffix] - run verification process using hash data\n"
 	"    from vbmeta structure\n"
+	"    [slot_suffix] - _a, _b, etc (if vbmeta partition is slotted)\n"
 	);