cmd: avb: Support A/B slots

Add optional parameter to 'avb verify' sub-command, so that user is able
to specify which slot to use, in case when user's partitions are
slotted. If that parameter is omitted, the behavior of 'avb verify' will
be the same as before, so user API is content.

Signed-off-by: Sam Protsenko <semen.protsenko@linaro.org>
Reviewed-by: Igor Opaniuk <igor.opaniuk@gmail.com>
Acked-by: Igor Opaniuk <igor.opaniuk@gmail.com>

diff --git a/cmd/avb.c b/cmd/avb.c
index d4e8884328980c9cb53a1e8365ec232c36ed4c90..a4de5c40a2dc9f006acaa7aa96e6b70623c56daa 100644 (file)
--- a/cmd/avb.c
+++ b/cmd/avb.c
@@ -232,6 +232,7 @@ int do_avb_verify_part(cmd_tbl_t *cmdtp, int flag,
        AvbSlotVerifyData *out_data;
        char *cmdline;
        char *extra_args;
+       char *slot_suffix = "";
 
        bool unlocked = false;
        int res = CMD_RET_FAILURE;
@@ -241,9 +242,12 @@ int do_avb_verify_part(cmd_tbl_t *cmdtp, int flag,
                return CMD_RET_FAILURE;
        }
 
-       if (argc != 1)
+       if (argc < 1 || argc > 2)
                return CMD_RET_USAGE;
 
+       if (argc == 2)
+               slot_suffix = argv[1];
+
        printf("## Android Verified Boot 2.0 version %s\n",
               avb_version_string());
 
@@ -256,7 +260,7 @@ int do_avb_verify_part(cmd_tbl_t *cmdtp, int flag,
        slot_result =
                avb_slot_verify(avb_ops,
                                requested_partitions,
-                               "",
+                               slot_suffix,
                                unlocked,
                                AVB_HASHTREE_ERROR_MODE_RESTART_AND_INVALIDATE,
                                &out_data);
@@ -416,7 +420,7 @@ static cmd_tbl_t cmd_avb[] = {
        U_BOOT_CMD_MKENT(read_part, 5, 0, do_avb_read_part, "", ""),
        U_BOOT_CMD_MKENT(read_part_hex, 4, 0, do_avb_read_part_hex, "", ""),
        U_BOOT_CMD_MKENT(write_part, 5, 0, do_avb_write_part, "", ""),
-       U_BOOT_CMD_MKENT(verify, 1, 0, do_avb_verify_part, "", ""),
+       U_BOOT_CMD_MKENT(verify, 2, 0, do_avb_verify_part, "", ""),
 #ifdef CONFIG_OPTEE_TA_AVB
        U_BOOT_CMD_MKENT(read_pvalue, 3, 0, do_avb_read_pvalue, "", ""),
        U_BOOT_CMD_MKENT(write_pvalue, 3, 0, do_avb_write_pvalue, "", ""),
@@ -459,6 +463,7 @@ U_BOOT_CMD(
        "avb read_pvalue <name> <bytes> - read a persistent value <name>\n"
        "avb write_pvalue <name> <value> - write a persistent value <name>\n"
 #endif
-       "avb verify - run verification process using hash data\n"
+       "avb verify [slot_suffix] - run verification process using hash data\n"
        "    from vbmeta structure\n"
+       "    [slot_suffix] - _a, _b, etc (if vbmeta partition is slotted)\n"
        );

diff --git a/doc/android/avb2.txt b/doc/android/avb2.txt
index a29cee1b6f50982dbef2c66da9136db7a05b6dfd..48e9297c75bfb78460753fc07c9cee59ee2b73a5 100644 (file)
--- a/doc/android/avb2.txt
+++ b/doc/android/avb2.txt
@@ -95,6 +95,10 @@ e.g.:
        mmc read ${loadaddr} ${boot_start} ${boot_size}; \
        bootm $loadaddr $loadaddr $fdtaddr;              \
 
+If partitions you want to verify are slotted (have A/B suffixes), then current
+slot suffix should be passed to 'avb verify' sub-command, e.g.:
+
+=> avb verify _a
 
 To switch on automatic generation of vbmeta partition in AOSP build, add these
 lines to device configuration mk file: