With CONFIG_OPTEE_TA_AVB use the trusted application AVB provided by
OP-TEE to manage rollback indexes and device-lock status.
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
1. Since libavb library alone is highly portable, introduce dedicated
Kconfig symbol for AVB bootloader-dependent operations, so it's possible
to build libavb separately. AVB bootloader-dependent operations include:
* Helpers to process strings in order to build OS bootargs.
* Helpers to access MMC, similar to drivers/fastboot/fb_mmc.c.
* Helpers to alloc/init/free avb ops.
2. Add CONFIG_FASTBOOT dependency, as fastboot buffer is
re-used in partition verification operations.
Reported-by: Eugeniu Rosca <rosca.eugeniu@gmail.com>
Signed-off-by: Igor Opaniuk <igor.opaniuk@linaro.org>
Reviewed-by: Eugeniu Rosca <rosca.eugeniu@gmail.com>
Tested-by: Eugeniu Rosca <rosca.eugeniu@gmail.com>
Contains:
1. Overview of Android Verified Boot 2.0
2. Description of avb subset of commands
3. Examples of errors when boot/vendor/system/vbmeta partitions
are tampered
4. Examples of enabling AVB2.0 on your setup
Signed-off-by: Igor Opaniuk <igor.opaniuk@linaro.org>
