Evolution-X-Tensor/device_google_zuma
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Blow AR upon boot success in zuma

Browse source 
With otp driver migrated to trusty in zuma, use tipc to blow AR in
Android.

Bug: 232277507
Change-Id: I6908502244e96bf86f026596a395419eb3b9b877
This commit is contained in:
Dai Li 2023-01-23 23:33:27 +00:00
parent 34b65b6ab3
commit 35b3e91c75
3 changed files with 103 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
interfaces/boot/1.2/Android.bp
View file

@ -42,6 +42,7 @@ cc_binary {
"libutils",
"libcutils",
"libz",
"libtrusty",
"android.hardware.boot@1.0",
"android.hardware.boot@1.1",
"android.hardware.boot@1.2",
@ -69,6 +70,7 @@ cc_library {
"libutils",
"libcutils",
"libz",
"libtrusty",
"android.hardware.boot@1.0",
"android.hardware.boot@1.1",
"android.hardware.boot@1.2",

83
interfaces/boot/1.2/BootControl.cpp
View file

@ -24,6 +24,7 @@
#include <cutils/properties.h>
#include <libboot_control/libboot_control.h>
#include <log/log.h>
#include <trusty/tipc.h>
#include "DevInfo.h"
#include "GptUtils.h"
@ -174,6 +175,76 @@ static void DevInfoInitSlot(devinfo_ab_slot_data_t &slot_data) {
slot_data.fastboot_ok = 0;
}
static int blow_otp_AR(bool secure) {
static const char *dev_name = "/dev/trusty-ipc-dev0";
static const char *otp_name = "com.android.trusty.otp_manager.tidl";
int fd = 1, ret = 0;
uint32_t cmd = secure? OTP_CMD_write_antirbk_secure_ap : OTP_CMD_write_antirbk_non_secure_ap;
fd = tipc_connect(dev_name, otp_name);
if (fd < 0) {
ALOGI("Failed to connect to OTP_MGR ns TA - is it missing?\n");
ret = -1;
return ret;
}
struct otp_mgr_req_base req = {
.command = cmd,
.resp_payload_size = 0,
};
struct iovec iov[] = {
{
.iov_base = &req,
.iov_len = sizeof(req),
},
};
int rc = tipc_send(fd, iov, 1, NULL, 0);
if (rc != sizeof(req)) {
ALOGI("Send fail! %x\n", rc);
return rc;
}
struct otp_mgr_rsp_base resp;
rc = read(fd, &resp, sizeof(resp));
if (rc < 0) {
ALOGI("Read fail! %x\n", rc);
return rc;
}
if (rc < sizeof(resp)) {
ALOGI("Not enough data! %x\n", rc);
return -EIO;
}
if (resp.command != (cmd | OTP_RESP_BIT)) {
ALOGI("Wrong command! %x\n", resp.command);
return -EINVAL;
}
if (resp.result != 0) {
fprintf(stderr, "AR writing error! %x\n", resp.result);
return -EINVAL;
}
tipc_close(fd);
return 0;
}
static bool blowAR() {
int ret = blow_otp_AR(true);
if (ret) {
ALOGI("Blow secure anti-rollback OTP failed");
return false;
}
ret = blow_otp_AR(false);
if (ret) {
ALOGI("Blow non-secure anti-rollback OTP failed");
return false;
}
return true;
}
} // namespace
// Methods from ::android::hardware::boot::V1_0::IBootControl follow.
@ -211,7 +282,17 @@ Return<void> BootControl::markBootSuccessful(markBootSuccessful_cb _hidl_cb) {
ret = setSlotFlag(getCurrentSlot(), AB_ATTR_SUCCESSFUL);
}
!ret ? _hidl_cb({false, "Failed to set successful flag"}) : _hidl_cb({true, ""});
if (!ret) {
_hidl_cb({false, "Failed to set successful flag"});
return Void();
}
if (!blowAR()) {
ALOGE("Failed to blow anti-rollback counter");
// Ignore the error, since ABL will re-trigger it on reboot
}
_hidl_cb({true, ""});
return Void();
}

19
interfaces/boot/1.2/BootControl.h
View file

@ -62,6 +62,25 @@ struct BootControl : public IBootControl {
// FIXME: most likely delete, this is only for passthrough implementations
extern "C" IBootControl *HIDL_FETCH_IBootControl(const char *name);
enum otpmgr_command : uint32_t {
OTP_REQ_SHIFT = 1,
OTP_RESP_BIT = 1,
OTP_CMD_write_antirbk_non_secure_ap = (7 << OTP_REQ_SHIFT),
OTP_CMD_write_antirbk_secure_ap = (8 << OTP_REQ_SHIFT),
};
struct otp_mgr_req_base {
uint32_t command;
uint32_t resp_payload_size;
uint8_t handle;
}__packed;
struct otp_mgr_rsp_base {
uint32_t command;
uint32_t resp_payload_size;
int result;
}__packed;
} // namespace implementation
} // namespace V1_2
} // namespace boot