ヘルプ
英语(美国) | English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

i.MX8MQuad Android P9.0.0_2.0.0 (4.14.98 kernel) AVB support

キャンセル
提案をオンにする
自動提案では、入力時に可能な一致が提案されるので検索結果を素早く絞り込むことができます。
次の結果を表示 
表示  限定  | 次の代わりに検索 
もしかして: 

i.MX8MQuad Android P9.0.0_2.0.0 (4.14.98 kernel) AVB support

‎05-26-2020 05:27 AM
1,124件の閲覧回数
bl
Contributor II

Does i.MX8MQuad support Android Verified Boot (AVB) using Android P9.0.0_2.0.0 (4.14.98 kernel)?

I notice there is no i.MX_Android_Seurity_User_Guide.pdf file under Android P9.0.0_2.0.0 document pack.  There is one for i.MX8MM under Android P9.0.0_2.3.0., which does not mentioned i.MX8MQuad support.

ラベル(2)
0 件の賞賛
返信
4 返答(返信)

‎05-26-2020 11:56 AM
1,011件の閲覧回数
bl
Contributor II

Hi gusarambula‌,

If we are to use i.MX8MM instead of i.MX8MQ and upgrade to Android P9.0.0_2.3.0.  Will the i.MX8MM BSP support AVB as those steps stated on the i.MX_Android_Seurity_User_Guide.pdf of P9.0.0_2.3.0?  Or that portion is just for the i.MX8QuadMax, not applying to the i.MX8MM or i.MX8MN?

How about Android-10.0.0_1.0.0?  Will any of the newer GA release BSP support AVB on i.MX8MQ? 

Thanks,

Bin

0 件の賞賛
返信

‎05-26-2020 09:57 AM
1,011件の閲覧回数
gusarambula
NXP TechSupport
NXP TechSupport

Hello Bin Lin,

The Android Verified Boot feature is present on the Android Automotive BSPs, which is why this feature is found on the releases focused primarily on the i.MX8QuadMax. Android BSPs that support the i.MX8MQ or other i.MX Processors do not include this feature as part of the BSP.

You may implement it yourself, but it’s not a trivial task. There is some resources on Androids website.

https://source.android.com/security/verifiedboot/avb

My apologies for the inconvenience.

Regards,

0 件の賞賛
返信

‎05-27-2020 12:19 PM
1,011件の閲覧回数
bl
Contributor II

Hello Gusarambula,

How about the AVB support for i.MX8MM on P9.0.0_2.3.0?

Or the for i.MX8MQ or i.MX8MM on Android-10.0.0_1.0.0?

We tried the AVB configuration steps on the i.MX8MM EVK based on instructions of P9.0.0_2.3.0 Security User's Guide (page 25) and got a error when trying to save the public key to RPMB.  

$ fastboot stage custom_rsa4096_public.bin           -  passed
$ fastboot oem set-public-key                                    - errored

Is that because the instructions only apply to i.MX8QuadMax, not the i.MX8MM or i.MX8MQ?

Thanks,

Bin

0 件の賞賛
返信

‎05-26-2020 06:55 PM
1,011件の閲覧回数
aber
Contributor III

Hello gusarambula

   I have similar problems and would like to consult you . In BSP device/fsl/imx8m/evk_8mm/BoardConfig.mk 

    BOARD_AVB_ENABLE := true
   BOARD_AVB_ALGORITHM := SHA256_RSA4096
   # The testkey_rsa4096.pem is copied from external/avb/test/data/testkey_rsa4096.pem
   BOARD_AVB_KEY_PATH := device/fsl/common/security/testkey_rsa4096.pem

these configurations do not enable AVB and configure the AVB key function? What are the specific functions of these configurations.

Tks!

0 件の賞賛
返信