Hi Igor, On ven., févr. 09, 2024 at 11:14, Igor Opaniuk <[email protected]> wrote:
> Hi everyone, > > I'm currently planning a big overhaul of the current implementation of > AVB/AB in U-Boot during the 2024 year, which I have barely touched since > 2019. I used to believe that it was stillborn, but looks like it's > being actively used > now by some SoC vendors and Google folks [1][2]. This is great news! I am not aware of any development related to the above but I'm looking forward to this. I can't speak for all vendors but I know that TI uses both the AVB and AB implementation on their AM62x Android solution. > > This is what I have in my todo list: > * Backport latest libavb from AOSP upstream and add support for > Verified Boot 1.3.0 version > * Sync include/android_bootloader_message.h with AOSP upstream > * Check and backport fixes for AVB in AOSP U-Boot fork if needed [1] > * Get acquainted with a current state of A/B support in AOSP and > backport all needed changes > * Re-factor libavb, switch to U-Boot existing implementation of > rsa/sha256/sha512 > * Add SHA512 implementation that leverage ARMv8 CE > (pull it from Linux) > * Enable hw acceleration of SHA256/SHA512 that supports ARMv8 > Crypto Extensions to speed up verification process on ARMv8-based boards. > * AVB support for NAND storage I know that this has been send but I don't think Alistair has send any follow-up on this: https://patchwork.ozlabs.org/project/uboot/patch/[email protected]/ > > If someone is already working on anything from the above list - > please feel free to reach out to me, so we can avoid duplication of effort. > > Any comments/suggestions are welcome! Thanks! >From my understanding, the AOSP version of U-Boot has quite a different bootflow since it relies on the (out-of-tree) boot_android command [3] [3] https://android.googlesource.com/platform/external/u-boot/+/refs/heads/main/cmd/boot_android.c Please keep me in the loop with your progress. If you want, you can reach me on IRC as well (libera: #u-boot, nick: mkorpershoek) > > [1] https://android.googlesource.com/platform/external/u-boot > [2] https://source.android.com/docs/devices/cuttlefish/bootloader-dev > [3] > https://android.googlesource.com/platform/bootable/recovery/+/main/bootloader_message/include/bootloader_message/bootloader_message.h > > -- > Best regards - Atentamente - Meilleures salutations > > Igor Opaniuk > > mailto: [email protected] > skype: igor.opanyuk > http://ua.linkedin.com/in/iopaniuk
