From: Mattijs Korpershoek <mkorpershoek@baylibre.com>
To: Simon Glass <sjg@chromium.org>, Tom Rini <trini@konsulko.com>,
Julien Masson <jmasson@baylibre.com>,
Guillaume La Roque <glaroque@baylibre.com>
Cc: u-boot@lists.denx.de
Subject: Re: [PATCH 2/2] bootstd: android: Allow boot with AVB failures when unlocked
Date: Wed, 08 Jan 2025 14:58:25 +0100 [thread overview]
Message-ID: <87tta9be66.fsf@baylibre.com> (raw)
In-Reply-To: <20250108-avb-disable-verif-v1-2-009c35710ef4@baylibre.com>
Hi,
Please ignore this patch, I've send this a bit too fast and did not test
all the cases.
Sorry for the noise.
Mattijs
On mer., janv. 08, 2025 at 14:43, Mattijs Korpershoek <mkorpershoek@baylibre.com> wrote:
> When the bootloader is UNLOCKED, it should be possible to boot Android
> even if AVB reports verification errors [1].
>
> This allows developers to flash modified partitions on
> userdebug/engineering builds.
>
> Developers can do so on unlocked devices with:
> $ fastboot flash --disable-verity --disable-verification vbmeta vbmeta.img
>
> In such case, bootmeth_android refuses to boot.
>
> Allow the boot to continue when the device is UNLOCKED and AVB reports
> verification errors.
>
> [1] https://source.android.com/docs/security/features/verifiedboot/boot-flow#unlocked-devices
> Fixes: 125d9f3306ea ("bootstd: Add a bootmeth for Android")
> Signed-off-by: Mattijs Korpershoek <mkorpershoek@baylibre.com>
> ---
> boot/bootmeth_android.c | 15 +++++++++++----
> 1 file changed, 11 insertions(+), 4 deletions(-)
>
> diff --git a/boot/bootmeth_android.c b/boot/bootmeth_android.c
> index 2cd167f80280801618a317a65e93a10e70a0d9ee..564d21784feb0667bf9bed2a59be0a232601a7dd 100644
> --- a/boot/bootmeth_android.c
> +++ b/boot/bootmeth_android.c
> @@ -407,11 +407,16 @@ static int run_avb_verification(struct bootflow *bflow)
> AVB_HASHTREE_ERROR_MODE_RESTART_AND_INVALIDATE,
> &out_data);
>
> - if (result != AVB_SLOT_VERIFY_RESULT_OK) {
> + if (result != AVB_SLOT_VERIFY_RESULT_OK && !unlocked) {
> printf("Verification failed, reason: %s\n",
> str_avb_slot_error(result));
> avb_slot_verify_data_free(out_data);
> return log_msg_ret("avb verify", -EIO);
> + } else if (result != AVB_SLOT_VERIFY_RESULT_ERROR_VERIFICATION && unlocked) {
> + printf("Unlocked verification failed, reason: %s\n",
> + str_avb_slot_error(result));
> + avb_slot_verify_data_free(out_data);
> + return log_msg_ret("avb verify unlocked", -EIO);
> }
>
> if (unlocked)
> @@ -427,9 +432,11 @@ static int run_avb_verification(struct bootflow *bflow)
> goto free_out_data;
> }
>
> - ret = avb_append_commandline(bflow, out_data->cmdline);
> - if (ret < 0)
> - goto free_out_data;
> + if (result == AVB_SLOT_VERIFY_RESULT_OK) {
> + ret = avb_append_commandline(bflow, out_data->cmdline);
> + if (ret < 0)
> + goto free_out_data;
> + }
>
> return 0;
>
>
> --
> 2.47.1
prev parent reply other threads:[~2025-01-08 13:58 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-01-08 13:43 [PATCH 0/2] bootstd: android: Allow booting with AVB failures when unlocked Mattijs Korpershoek
2025-01-08 13:43 ` [PATCH 1/2] bootstd: android: Add missing NULL in the avb partition list Mattijs Korpershoek
2025-01-08 13:43 ` [PATCH 2/2] bootstd: android: Allow boot with AVB failures when unlocked Mattijs Korpershoek
2025-01-08 13:58 ` Mattijs Korpershoek [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87tta9be66.fsf@baylibre.com \
--to=mkorpershoek@baylibre.com \
--cc=glaroque@baylibre.com \
--cc=jmasson@baylibre.com \
--cc=sjg@chromium.org \
--cc=trini@konsulko.com \
--cc=u-boot@lists.denx.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.