From: Luo Ji <ji.luo@nxp.com>
Date: Wed, 28 Feb 2018 06:35:31 +0000 (+0800)
Subject: MA-11391 [Android] Don't load boot image to fixed address in AVB
X-Git-Tag: rel_imx_4.9.88_2.0.0_ga~45
X-Git-Url: https://git.somdevices.com/?a=commitdiff_plain;h=87c9f2f769cf829e9bfc857d9268e55923380489;p=u-boot.git

MA-11391 [Android] Don't load boot image to fixed address in AVB

Loading boot image to fixed address in AVB has very limited effect
on the boot time, we must recover default behavior in avb_slot_verify.c
if we want to use compressed kernel image to save boot time.

Change-Id: I35d8f09298a11197c9db4c47d41ab5f54ff2890c
Signed-off-by: Luo Ji <ji.luo@nxp.com>
---

diff --git a/drivers/usb/gadget/f_fastboot.c b/drivers/usb/gadget/f_fastboot.c
index 0745ef2e4f..6e651e2feb 100755
--- a/drivers/usb/gadget/f_fastboot.c
+++ b/drivers/usb/gadget/f_fastboot.c
@@ -1574,6 +1574,10 @@ int do_boota(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]) {
 		/* we should use avb_part_data->data as boot image */
 		/* boot image is already read by avb */
 		hdr = (struct andr_img_hdr *)avb_loadpart->data;
+		if (android_image_check_header(hdr)) {
+			printf("boota: bad boot image magic\n");
+			goto fail;
+		}
 		if (avb_result == AVB_AB_FLOW_RESULT_OK)
 			printf(" verify OK, boot '%s%s'\n",
 					avb_loadpart->partition_name, avb_out_data->ab_suffix);
@@ -1602,6 +1606,7 @@ int do_boota(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]) {
 		}
 #endif
 		image_size = avb_loadpart->data_size;
+		memcpy((void *)(ulong)(hdr->kernel_addr - hdr->page_size), (void *)hdr, image_size);
 	} else if (lock_status == FASTBOOT_LOCK) { /* && verify fail */
 		/* if in lock state, verify enforce fail */
 		printf(" verify FAIL, state: LOCK\n");
@@ -1707,9 +1712,8 @@ int do_boota(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]) {
 	if (!is_recovery_mode)
 		boot_args[2] = NULL;
 #endif
-	/* we should free the avb_out_data but should not free the bootimage */
 	if (avb_out_data != NULL)
-		avb_slot_verify_data_free_fast(avb_out_data);
+		avb_slot_verify_data_free(avb_out_data);
 
 #ifdef CONFIG_IMX_TRUSTY_OS
 	/* put ql-tipc to release resource for Linux */
diff --git a/lib/avb/libavb/avb_slot_verify.c b/lib/avb/libavb/avb_slot_verify.c
index 0cec5cb7a7..ba95351b07 100644
--- a/lib/avb/libavb/avb_slot_verify.c
+++ b/lib/avb/libavb/avb_slot_verify.c
@@ -31,8 +31,6 @@
 #include "avb_util.h"
 #include "avb_vbmeta_image.h"
 #include "avb_version.h"
-#include <common.h>
-#include "android_image.h"
 
 /* Maximum allow length (in bytes) of a partition name, including
  * ab_suffix.
@@ -71,8 +69,6 @@ static inline bool result_should_continue(AvbSlotVerifyResult result) {
   return false;
 }
 
-static struct andr_img_hdr boothdr __aligned(ARCH_DMA_MINALIGN);
-
 static AvbSlotVerifyResult load_and_verify_hash_partition(
     AvbOps* ops,
     const char* const* requested_partitions,
@@ -163,36 +159,10 @@ static AvbSlotVerifyResult load_and_verify_hash_partition(
     }
   }
 
-  /* If we are going to load bootimage, load it to
-   * hdr->kernel_addr - hdr->page_size address directly,
-   * so we don't need to copy it again!*/
-  if (strstr(part_name, "boot") != NULL) {
-    struct andr_img_hdr *hdr = &boothdr;
-    /* read boot header first so we can get the address */
-    if (ops->read_from_partition(ops, part_name,
-			    0, sizeof(boothdr), hdr, &part_num_read) != AVB_IO_RESULT_OK &&
-				part_num_read != sizeof(boothdr)) {
-    printf("Error! read bootimage head error\n");
-    ret = AVB_SLOT_VERIFY_RESULT_ERROR_IO;
-    goto out;
-    }
-    /* check bootimg header to make sure we have a vaild bootimage */
-    if (android_image_check_header(hdr)) {
-      printf("Error! bad boot image magic\n");
-      /* bad boot image magic is critical so we will return
-       * AVB_SLOT_VERIFY_RESULT_ERROR_INVALID_METADATA here,
-       * it will make this slot be marked as unbootable.*/
-      ret = AVB_SLOT_VERIFY_RESULT_ERROR_INVALID_METADATA;
-      goto out;
-    }
-
-    image_buf = (uint8_t*)(unsigned long)(hdr->kernel_addr - hdr->page_size);
-  } else {
-    image_buf = avb_malloc(hash_desc.image_size);
-    if (image_buf == NULL) {
+  image_buf = avb_malloc(image_size);
+  if (image_buf == NULL) {
     ret = AVB_SLOT_VERIFY_RESULT_ERROR_OOM;
     goto out;
-    }
   }
 
   io_ret = ops->read_from_partition(
@@ -1105,7 +1075,7 @@ static AvbSlotVerifyResult append_options(
     AvbAlgorithmType algorithm_type,
     AvbHashtreeErrorMode hashtree_error_mode) {
   AvbSlotVerifyResult ret;
-  const char* verity_mode = "enforcing";
+  const char* verity_mode = NULL;
   bool is_device_unlocked;
   AvbIOResult io_ret;
 
@@ -1207,7 +1177,7 @@ static AvbSlotVerifyResult append_options(
   if (toplevel_vbmeta->flags & AVB_VBMETA_IMAGE_FLAGS_HASHTREE_DISABLED) {
     verity_mode = "disabled";
   } else {
-    const char* dm_verity_mode = "restart_on_corruption";
+    const char* dm_verity_mode = NULL;
     char* new_ret;
 
     switch (hashtree_error_mode) {
@@ -1413,54 +1383,11 @@ AvbSlotVerifyResult avb_slot_verify(AvbOps* ops,
 
 fail:
   if (slot_data != NULL) {
-    /* the address of bootimage isn't alloced by malloc,
-     * we should not free it. */
-    avb_slot_verify_data_free_fast(slot_data);
+    avb_slot_verify_data_free(slot_data);
   }
   return ret;
 }
 
-void avb_slot_verify_data_free_fast(AvbSlotVerifyData* data) {
-  if (data->ab_suffix != NULL) {
-    avb_free(data->ab_suffix);
-  }
-  if (data->cmdline != NULL) {
-    avb_free(data->cmdline);
-  }
-  if (data->vbmeta_images != NULL) {
-    size_t n;
-    for (n = 0; n < data->num_vbmeta_images; n++) {
-      AvbVBMetaData* vbmeta_image = &data->vbmeta_images[n];
-      if (vbmeta_image->partition_name != NULL) {
-        avb_free(vbmeta_image->partition_name);
-      }
-      if (vbmeta_image->vbmeta_data != NULL) {
-        avb_free(vbmeta_image->vbmeta_data);
-      }
-    }
-    avb_free(data->vbmeta_images);
-  }
-  if (data->loaded_partitions != NULL) {
-    size_t n;
-    for (n = 0; n < data->num_loaded_partitions; n++) {
-      AvbPartitionData* loaded_partition = &data->loaded_partitions[n];
-      if (loaded_partition->partition_name != NULL) {
-	/* the address of bootimage isn't alloced by malloc, we don't
-	 * need to free it. */
-        if (strstr(loaded_partition->partition_name, "boot") != NULL)
-	  continue;
-	else
-          avb_free(loaded_partition->partition_name);
-      }
-      if (loaded_partition->data != NULL) {
-        avb_free(loaded_partition->data);
-      }
-    }
-    avb_free(data->loaded_partitions);
-  }
-  avb_free(data);
-}
-
 void avb_slot_verify_data_free(AvbSlotVerifyData* data) {
   if (data->ab_suffix != NULL) {
     avb_free(data->ab_suffix);
diff --git a/lib/avb/libavb_ab/avb_ab_flow.c b/lib/avb/libavb_ab/avb_ab_flow.c
index 4d48b7366c..b61d05c909 100644
--- a/lib/avb/libavb_ab/avb_ab_flow.c
+++ b/lib/avb/libavb_ab/avb_ab_flow.c
@@ -595,9 +595,7 @@ out:
 
   for (n = 0; n < 2; n++) {
     if (slot_data[n] != NULL) {
-      /* the address of bootimage isn't alloced by malloc,
-       * we should not free it. */
-      avb_slot_verify_data_free_fast(slot_data[n]);
+      avb_slot_verify_data_free(slot_data[n]);
     }
   }