diff mbox series

[U-Boot,v2] cmd: avb: Support A/B slots

Message ID 20191021105516.29134-1-semen.protsenko@linaro.org
State Accepted
Commit 965ec3caa8fcaafe3d18ad7c3810a13b09ee8abe
Delegated to: Tom Rini
Headers show
Series [U-Boot,v2] cmd: avb: Support A/B slots | expand

Commit Message

Sam Protsenko Oct. 21, 2019, 10:55 a.m. UTC 
Add optional parameter to 'avb verify' sub-command, so that user is able
to specify which slot to use, in case when user's partitions are
slotted. If that parameter is omitted, the behavior of 'avb verify' will
be the same as before, so user API is content.

Signed-off-by: Sam Protsenko <semen.protsenko@linaro.org>
Reviewed-by: Igor Opaniuk <igor.opaniuk@gmail.com>
---
Changes in v2:
  - Add corresponding documentation as per Igor's request

 cmd/avb.c            | 13 +++++++++----
 doc/android/avb2.txt |  4 ++++
 2 files changed, 13 insertions(+), 4 deletions(-)

Comments

Igor Opaniuk Oct. 21, 2019, 1:40 p.m. UTC | #1 
Hi Sam,

On Mon, Oct 21, 2019 at 1:55 PM Sam Protsenko
<semen.protsenko@linaro.org> wrote:
>
> Add optional parameter to 'avb verify' sub-command, so that user is able
> to specify which slot to use, in case when user's partitions are
> slotted. If that parameter is omitted, the behavior of 'avb verify' will
> be the same as before, so user API is content.
>
> Signed-off-by: Sam Protsenko <semen.protsenko@linaro.org>
> Reviewed-by: Igor Opaniuk <igor.opaniuk@gmail.com>
> ---
> Changes in v2:
>   - Add corresponding documentation as per Igor's request
>
>  cmd/avb.c            | 13 +++++++++----
>  doc/android/avb2.txt |  4 ++++
>  2 files changed, 13 insertions(+), 4 deletions(-)
>
> diff --git a/cmd/avb.c b/cmd/avb.c
> index 5bc158252b..a8a95034ca 100644
> --- a/cmd/avb.c
> +++ b/cmd/avb.c
> @@ -236,6 +236,7 @@ int do_avb_verify_part(cmd_tbl_t *cmdtp, int flag,
>         AvbSlotVerifyData *out_data;
>         char *cmdline;
>         char *extra_args;
> +       char *slot_suffix = "";
>
>         bool unlocked = false;
>         int res = CMD_RET_FAILURE;
> @@ -245,9 +246,12 @@ int do_avb_verify_part(cmd_tbl_t *cmdtp, int flag,
>                 return CMD_RET_FAILURE;
>         }
>
> -       if (argc != 1)
> +       if (argc < 1 || argc > 2)
>                 return CMD_RET_USAGE;
>
> +       if (argc == 2)
> +               slot_suffix = argv[1];
> +
>         printf("## Android Verified Boot 2.0 version %s\n",
>                avb_version_string());
>
> @@ -260,7 +264,7 @@ int do_avb_verify_part(cmd_tbl_t *cmdtp, int flag,
>         slot_result =
>                 avb_slot_verify(avb_ops,
>                                 requested_partitions,
> -                               "",
> +                               slot_suffix,
>                                 unlocked,
>                                 AVB_HASHTREE_ERROR_MODE_RESTART_AND_INVALIDATE,
>                                 &out_data);
> @@ -420,7 +424,7 @@ static cmd_tbl_t cmd_avb[] = {
>         U_BOOT_CMD_MKENT(read_part, 5, 0, do_avb_read_part, "", ""),
>         U_BOOT_CMD_MKENT(read_part_hex, 4, 0, do_avb_read_part_hex, "", ""),
>         U_BOOT_CMD_MKENT(write_part, 5, 0, do_avb_write_part, "", ""),
> -       U_BOOT_CMD_MKENT(verify, 1, 0, do_avb_verify_part, "", ""),
> +       U_BOOT_CMD_MKENT(verify, 2, 0, do_avb_verify_part, "", ""),
>  #ifdef CONFIG_OPTEE_TA_AVB
>         U_BOOT_CMD_MKENT(read_pvalue, 3, 0, do_avb_read_pvalue, "", ""),
>         U_BOOT_CMD_MKENT(write_pvalue, 3, 0, do_avb_write_pvalue, "", ""),
> @@ -463,6 +467,7 @@ U_BOOT_CMD(
>         "avb read_pvalue <name> <bytes> - read a persistent value <name>\n"
>         "avb write_pvalue <name> <value> - write a persistent value <name>\n"
>  #endif
> -       "avb verify - run verification process using hash data\n"
> +       "avb verify [slot_suffix] - run verification process using hash data\n"
>         "    from vbmeta structure\n"
> +       "    [slot_suffix] - _a, _b, etc (if vbmeta partition is slotted)\n"
>         );
> diff --git a/doc/android/avb2.txt b/doc/android/avb2.txt
> index a29cee1b6f..48e9297c75 100644
> --- a/doc/android/avb2.txt
> +++ b/doc/android/avb2.txt
> @@ -95,6 +95,10 @@ e.g.:
>         mmc read ${loadaddr} ${boot_start} ${boot_size}; \
>         bootm $loadaddr $loadaddr $fdtaddr;              \
>
> +If partitions you want to verify are slotted (have A/B suffixes), then current
> +slot suffix should be passed to 'avb verify' sub-command, e.g.:
> +
> +=> avb verify _a
>
>  To switch on automatic generation of vbmeta partition in AOSP build, add these
>  lines to device configuration mk file:
> --
> 2.23.0
>

Acked-by: Igor Opaniuk <igor.opaniuk@gmail.com>
Tom Rini Nov. 1, 2019, 1:31 p.m. UTC | #2 
On Mon, Oct 21, 2019 at 01:55:16PM +0300, Sam Protsenko wrote:

> Add optional parameter to 'avb verify' sub-command, so that user is able
> to specify which slot to use, in case when user's partitions are
> slotted. If that parameter is omitted, the behavior of 'avb verify' will
> be the same as before, so user API is content.
> 
> Signed-off-by: Sam Protsenko <semen.protsenko@linaro.org>
> Reviewed-by: Igor Opaniuk <igor.opaniuk@gmail.com>
> Acked-by: Igor Opaniuk <igor.opaniuk@gmail.com>

Applied to u-boot/master, thanks!
diff mbox series

Patch

diff --git a/cmd/avb.c b/cmd/avb.c
index 5bc158252b..a8a95034ca 100644
--- a/cmd/avb.c
+++ b/cmd/avb.c
@@ -236,6 +236,7 @@  int do_avb_verify_part(cmd_tbl_t *cmdtp, int flag,
 	AvbSlotVerifyData *out_data;
 	char *cmdline;
 	char *extra_args;
+	char *slot_suffix = "";
 
 	bool unlocked = false;
 	int res = CMD_RET_FAILURE;
@@ -245,9 +246,12 @@  int do_avb_verify_part(cmd_tbl_t *cmdtp, int flag,
 		return CMD_RET_FAILURE;
 	}
 
-	if (argc != 1)
+	if (argc < 1 || argc > 2)
 		return CMD_RET_USAGE;
 
+	if (argc == 2)
+		slot_suffix = argv[1];
+
 	printf("## Android Verified Boot 2.0 version %s\n",
 	       avb_version_string());
 
@@ -260,7 +264,7 @@  int do_avb_verify_part(cmd_tbl_t *cmdtp, int flag,
 	slot_result =
 		avb_slot_verify(avb_ops,
 				requested_partitions,
-				"",
+				slot_suffix,
 				unlocked,
 				AVB_HASHTREE_ERROR_MODE_RESTART_AND_INVALIDATE,
 				&out_data);
@@ -420,7 +424,7 @@  static cmd_tbl_t cmd_avb[] = {
 	U_BOOT_CMD_MKENT(read_part, 5, 0, do_avb_read_part, "", ""),
 	U_BOOT_CMD_MKENT(read_part_hex, 4, 0, do_avb_read_part_hex, "", ""),
 	U_BOOT_CMD_MKENT(write_part, 5, 0, do_avb_write_part, "", ""),
-	U_BOOT_CMD_MKENT(verify, 1, 0, do_avb_verify_part, "", ""),
+	U_BOOT_CMD_MKENT(verify, 2, 0, do_avb_verify_part, "", ""),
 #ifdef CONFIG_OPTEE_TA_AVB
 	U_BOOT_CMD_MKENT(read_pvalue, 3, 0, do_avb_read_pvalue, "", ""),
 	U_BOOT_CMD_MKENT(write_pvalue, 3, 0, do_avb_write_pvalue, "", ""),
@@ -463,6 +467,7 @@  U_BOOT_CMD(
 	"avb read_pvalue <name> <bytes> - read a persistent value <name>\n"
 	"avb write_pvalue <name> <value> - write a persistent value <name>\n"
 #endif
-	"avb verify - run verification process using hash data\n"
+	"avb verify [slot_suffix] - run verification process using hash data\n"
 	"    from vbmeta structure\n"
+	"    [slot_suffix] - _a, _b, etc (if vbmeta partition is slotted)\n"
 	);
diff --git a/doc/android/avb2.txt b/doc/android/avb2.txt
index a29cee1b6f..48e9297c75 100644
--- a/doc/android/avb2.txt
+++ b/doc/android/avb2.txt
@@ -95,6 +95,10 @@  e.g.:
        mmc read ${loadaddr} ${boot_start} ${boot_size}; \
        bootm $loadaddr $loadaddr $fdtaddr;              \
 
+If partitions you want to verify are slotted (have A/B suffixes), then current
+slot suffix should be passed to 'avb verify' sub-command, e.g.:
+
+=> avb verify _a
 
 To switch on automatic generation of vbmeta partition in AOSP build, add these
 lines to device configuration mk file: