Lubancat2/Android11
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
Develop
Android11/RKDocs/android/patches/gms/0001-libavb-Lock-the-device-when-the-device-init-or-write.patch
gaoyang3513 f70c521994 [Mod] Firtst commit
2023-10-13 14:01:41 +00:00

77 lines
2.5 KiB
Diff
Raw Permalink Blame History

From c7bcb913890446bb71cf3a26fee70d7fccea2ab7 Mon Sep 17 00:00:00 2001
From: Bian Jin chen <kenjc.bian@rock-chips.com>
Date: Tue, 21 Apr 2020 10:44:11 +0800
Subject: [PATCH] libavb: Lock the device when the device init or writes the
attestation_key.
Change-Id: I561a1eb6fad17bcb8241bcdc5065ef32cdde0919
Signed-off-by: Bian Jin chen <kenjc.bian@rock-chips.com>
---
common/attestation_key.c | 6 ++++++
lib/avb/libavb_user/avb_ops_user.c | 2 +-
lib/avb/rk_avb_user/rk_avb_ops_user.c | 4 ++--
3 files changed, 9 insertions(+), 3 deletions(-)
diff --git a/common/attestation_key.c b/common/attestation_key.c
index 3e3ecb6..50914e2 100644
--- a/common/attestation_key.c
+++ b/common/attestation_key.c
@@ -10,6 +10,9 @@
#include <common.h>
#include <malloc.h>
+#include <android_avb/avb_ops_user.h>
+#include <android_avb/rk_avb_ops_user.h>
+
#include <keymaster.h>
/* attestation data offset */
@@ -389,6 +392,9 @@ atap_result load_attestation_key(struct blk_desc *dev_desc,
return ATAP_RESULT_ERROR_BLOCK_WRITE;
}
+ uint8_t lock_state = 0;
+ rk_avb_write_lock_state(lock_state);
+
return ATAP_RESULT_OK;
}
diff --git a/lib/avb/libavb_user/avb_ops_user.c b/lib/avb/libavb_user/avb_ops_user.c
index 6761c40..15b4674 100644
--- a/lib/avb/libavb_user/avb_ops_user.c
+++ b/lib/avb/libavb_user/avb_ops_user.c
@@ -253,7 +253,7 @@ static AvbIOResult read_is_device_unlocked(AvbOps *ops, bool *out_is_unlocked)
case TEE_ERROR_GENERIC:
case TEE_ERROR_NO_DATA:
case TEE_ERROR_ITEM_NOT_FOUND:
- *out_is_unlocked = 1;
+ *out_is_unlocked = 0;
if (trusty_write_lock_state(*out_is_unlocked)) {
printf("%s: init lock state error\n", __FILE__);
ret = AVB_IO_RESULT_ERROR_IO;
diff --git a/lib/avb/rk_avb_user/rk_avb_ops_user.c b/lib/avb/rk_avb_user/rk_avb_ops_user.c
index 63a3d10..661ebcb 100644
--- a/lib/avb/rk_avb_user/rk_avb_ops_user.c
+++ b/lib/avb/rk_avb_user/rk_avb_ops_user.c
@@ -241,7 +241,7 @@ int rk_avb_read_flash_lock_state(uint8_t *flash_lock_state)
case TEE_ERROR_GENERIC:
case TEE_ERROR_NO_DATA:
case TEE_ERROR_ITEM_NOT_FOUND:
- *flash_lock_state = 1;
+ *flash_lock_state = 0;
if (trusty_write_flash_lock_state(*flash_lock_state)) {
avb_error("trusty_write_flash_lock_state error!");
ret = -1;
@@ -299,7 +299,7 @@ int rk_avb_read_lock_state(uint8_t *lock_state)
case TEE_ERROR_GENERIC:
case TEE_ERROR_NO_DATA:
case TEE_ERROR_ITEM_NOT_FOUND:
- *lock_state = 1;
+ *lock_state = 0;
if (rk_avb_write_lock_state(*lock_state)) {
avb_error("avb_write_lock_state error!");
ret = -1;
--
2.7.4
Reference in New Issue View Git Blame Copy Permalink