Qnx optee #147
Open
Qnx optee #147
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Only erase the first 4KB of the partition and set to 0. fs_mgr will format the partiton if all 0 in first 4kB. 1. Reduce flash time for installer.efi 2. Reduce flash time for fastboot on userdebug build Tracked-On: OAM-103807 Signed-off-by: Chen, Gang G <[email protected]>
If you use PC to burn the ISO image to USB stick, and forget to plug out the USB stick from PC, then reboot your PC with USB stick plugged. Celadon ISO image will be installed to the PC automatically without notification. Thus it will damage the data in your PC. So we add UI to ask the user to confirm if continue or stop flashing celadon images to this device to avoid data damage. Tracked-On: OAM-103809 Signed-off-by: Chen, Gang G <[email protected]>
This can reduce 5 seconds boot delay in un-secure boot case Tracked-On: OAM-108914 Signed-off-by: Chen Gang G <[email protected]>
Tracked-On: OAM-110767 Signed-off-by: Chen, Gang G <[email protected]>
Stored rollback slots should be removed when status changes during fastboot flash scenario. Tracked-On: OAM-110761 Signed-off-by: Zhong,Fangjian <[email protected]>
1. Add efiwrapper and libpayload library to support SBL 2. Reuse kerneflinger.c for SBL entry 3. Solve compile issues Tracked-On: OAM-110183 Signed-off-by: Chen, Gang G <[email protected]>
This reverts commit 0dd202a. Tracked-On: OAM-110883 Signed-off-by: Zhang, Qi <[email protected]>
SBL UEFI payload is only able to boot EFI app and OSloader payload only support ELF image. In SBL, we only build kernelflinger as ELF image. If includes both kf4sbl.elf and kernelflinger.efi to bootloader.img, android can always boot whether uses SBL UEFI payload or Osloader payload. If will convenient for developer and validation. Tracked-On: OAM-111021 Signed-off-by: Chen, Gang G <[email protected]>
UEFI provides TPM boot time services for kernerlflinger. But SBL doesn't provide such services. So TPM driver is required to communicate to TPM hardware module for SBL. TPM driver is ported from SBL firmware which is BSD-2 license. Tracked-On: OAM-110881 Signed-off-by: Chen, Gang G <[email protected]>
Build kernelfliner as fb4sbl.elf file to support fastboot features Tracked-On: OAM-111239 Signed-off-by: Chen, Gang G <[email protected]>
Stored rollback slots should be removed when status changes during fastboot flashing unlock scenario. Tracked-On: OAM-111252 Signed-off-by: Zhong,Fangjian <[email protected]>
If the bootloader partition is NON EFI System partition, perform "safe flash procedure" is not required. Because for NON-EFI, it can't leverage UEFI runtime service to verify new flashed image Tracked-On: OAM-111722 Signed-off-by: Chen, Gang G <[email protected]>
Improve boot performance Tracked-On: OAM-111735 Signed-off-by: Chen, Gang G <[email protected]>
Use TPM to store lock/rollback_index status Tracked-On: OAM-111924 Signed-off-by: Chen, Gang G <[email protected]>
logs output speed becomes very slow if there are too many logs. Tracked-On: OAM-112113 Signed-off-by: Chen, Gang G <[email protected]>
Get boot device diskbus from efiwrapper Tracked-On: OAM-112165 Signed-off-by: Chen, Gang G <[email protected]>
IVSHMEM is used for communication with OP-TEE. Tracked-On: OAM-112790 Signed-off-by: Jingdong Lu <[email protected]>
Update installer and kernelflinger EFI binaries to support bootloader a/b slots. Tracked-On: OAM-112770 Signed-off-by: jizhenlo <[email protected]>
1. share_data partition is very large, it'd better support fast erase for share_data partition in userdebug build. 2. Currently slot_label return NULL if there is no active slot, return the first suffix instead. Tracked-On: OAM-112930 Signed-off-by: jizhenlo <[email protected]>
Fix the following error while compiling installer: error: cast to 'void *' from smaller integer type 'unsigned int'. Tracked-On: OAM-112948 Signed-off-by: Jingdong Lu <[email protected]>
Pass bootreason from SBL to kernel command line Tracked-On: OAM-112951 Signed-off-by: Guo, Jade <[email protected]>
Currently kernelflinger assumes the boot device is always behind a PCI bridge. But the device might be directly on the root complex, like the passthrough device or emulated device in ACRN, such assumption causes boot failure. Fix it by using the BDF directly when boot device is on bus 0. Tracked-On: OAM-113030 Signed-off-by: Jiaqing Zhao <[email protected]>
installer and fastboot may use installer.cmd file simultaneously. For format command, fastboot support creating file system by using 'format:fs_type', such as 'format:f2fs'. But installer doesn't support this syntax, since it only supports 2 arguments for format command currently. Add support for format type syntax in installer so file system can be formatted based on the fs_type provided. Tracked-On: OAM-113370 Signed-off-by: jizhenlo <[email protected]>
Add delay back to some functions of tpm, since the removement of delay may result in abnormal behavior of tpm operations, such as timeout for read/write operations. Tracked-On: OAM-113370 Signed-off-by: jizhenlo <[email protected]>
kernelflinger boot time will take an additional 8 seconds when the print is enabled. "handover jump ..." is kept to indicate the kernelflinger has loaded Android kernel successfully, and handover execution to kernel. Tracked-On: OAM-113005 Signed-off-by: jizhenlo <[email protected]>
We will pass ACRN cmdline from SBL to OS. Any parameter passing from cmd_for_kernel, like cmd_for_kernel=key1=value\\key2=value2 \\key3=value3 will be passed without any check as key1=value1 key2=value2 key3=value3 Tracked-On: OAM-113545 Signed-off-by: Guo, Jade <[email protected]>
Notify TEE side security infomation such as Root of Trust or rollback index need to be handled. Tracked-On: OAM-113296 Signed-off-by: Jingdong Lu <[email protected]>
Blizzard_ivi uses shared images between VMs Tracked-On: OAM-113435 Signed-off-by: Chen, Gang G <[email protected]>
Pass the whole serial number to avoid conflict. Tracked-On: OAM-113638 Signed-off-by: Guo, Jade <[email protected]>
on optee side, the keymaster ta will bind these information into each user generated keys. Tracked-On: OAM-113489 Signed-off-by: Yan, Shaopu <[email protected]>
Tracked-On: OAM-113720 Signed-off-by: Chen, Gang G <[email protected]>
After OPTEE is enabled, TPM is only available to OPTEE but not Android. All TPM access requests from Android should be forwarded to OPTEE OS to handle. TPM PCR binding is removed. Tests done: fastboot flash, adb reboot. Tracked-On:OAM-114029 Signed-off-by: Huang, Yang <[email protected]> Signed-off-by: Yan, Shaopu <[email protected]>
SBL only loads and verifies kf4sbl.elf file, it does not calulate the whole partition Tracked-On: OAM-113633 Signed-off-by: Chen, Gang G <[email protected]>
It will reduce the TPM FlushContext failure rate Tracked-On: OAM-114168 Signed-off-by: Chen, Gang G <[email protected]>
add TPMA_NV_NO_DA to make authorization of the index is not blocked when the TPM is in Lockout mode. Tests done: fastboot flash, adb reboot. Tracked-On: OAM-114240 Signed-off-by: Yan, Shaopu <[email protected]>
memcpy_s will report BAD_BUFFER_SIZE when source is NULL. That prevents developers from pulling the entire ram under Crashmode. This patch add a less secury function memdump. This function just print a warning message instead of reporting an error when source is NULL. Tracked-On: OAM-110650 Signed-off-by: Guo, Jade <[email protected]>
This reverts commit 8127f51. Tests done: fastboot flash, adb reboot. Tracked-On: OAM-114415 Signed-off-by: Yan, Shaopu <[email protected]>
Tracked-On: OAM-114519 Signed-off-by: Huang, Yang <[email protected]>
SBL diskbus to BDF convertion may be used multiple times in some projects, it's better to be put in a separate function. Tracked-On: OAM-114775 Signed-off-by: Jiaqing Zhao <[email protected]>
Some device uses a different "booting from two block devices" design, requiring kernelflinger to pass the 2nd boot device to Android by androidboot.boot_devices. Add "secondary_diskbus" option for setting that value, the format is the same as "diskbus". This feature is controlled by "TARGET_HAS_2ND_BOOTDEV" compile flag. Tracked-On: OAM-114775 Signed-off-by: Jiaqing Zhao <[email protected]>
Dyncmically checks "secondary_diskbus" parameter and pass it to android according, which makes the "TARGET_HAS_2ND_BOOTDEV" compile flag no longer needed and different platform can use a unified kernelflinger. Tracked-On: OAM-115635 Signed-off-by: Jiaqing Zhao <[email protected]>
Test Done: Boot success Tracked-On: OAM-117201 Signed-off-by: Chen, Gang G <[email protected]>
Firmware will pass reset reason/boot_target/Version/silent information through commmand line to kernelflinger. Kernelflinger should process these command to enter into required mode or pass the information to Android Tracked-On: OAM-117246 Signed-off-by: Chen, Gang G <[email protected]>
Tracked-On: OAM-117281 Signed-off-by: Zheng, XianjunX <[email protected]> Signed-off-by: Chen, Gang G <[email protected]>
Androidboot paramaters will be passed to bootconfig, Others pass to kernel cmdline Tracked-On: OAM-117279 Signed-off-by: Chen, Gang G <[email protected]>
The old code append abl_cmd_line to the end of cmd_conf. Now we prepand abl_cmd_line to cmd_conf. Tracked-On: OAM-117889 Signed-off-by: Ni, Erchang <[email protected]> Signed-off-by: Chen Gang G <[email protected]>
Call pause_us() to sleep 1S doesn't take effect, the reason is that multiply overflow Tracked-On: OAM-120825 Signed-off-by: Chen, Gang G <[email protected]>
Signed-off-by: jizhenlo <[email protected]>
dyang23
approved these changes
Jun 25, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.