[DESCRIPTION]
android P上面默认会打开security boot。客户在研发初期,如果想关闭security boot,可以参考以下内容
[SOLUTION]
Enable/Disable Verified Boot
- Verified boot is a chain starting from boot ROM.
- Whether boot ROM verifies preloader is determined by efuse SBC_EN. (SW default on from Android P)
- Security boot starting from preloader can be enabled/disabled with preloader feature option.
- Modify preloader custom file. vendor/mediatek/proprietary/bootable/bootloader/preloader/custom/[project]/[project].mk
- Disable verified boot:
- MTK_SEC_USBDL=ATTR_SUSBDL_DISABLE
- MTK_SEC_BOOT=ATTR_SBOOT_DISABLE
- Enable verified boot:
- MTK_SEC_USBDL=ATTR_SUSBDL_ENABLE
- MTK_SEC_BOOT=ATTR_SBOOT_ENABLE
- After this preloader has been flashed into device:
-
- You can only flash signed image (package_name-verified.img) and can only boot device with signed image.
- Preloader will reject MTK_AllInOne_DA.bin. You must press USBDL key in order to use MTK_AllInOne_DA.bin.
How to Disable Verified Boot from Android P
Download preloader with verified boot disabled (preloader_[project_name]_SBOOT_DIS.bin), which is in out folder.
After that, image which is not signed can be downloaded and booted.
Hey can you send me your preloader source code?
please send it to parthibcoc01@gmail.com if you can.
Regards
Parthib
Sorry, Our preloader source code is subject to a non-disclosure agreement and cannot be sent out.
你好,
我修改vendor/mediatek/proprietary/bootable/bootloader、preloader/custom/k65v1_64_bsp/k65v1_64_bsp.mk
MTK_SEC_USBDL=ATTR_SUSBDL_DISABLE
MTK_SEC_BOOT=ATTR_SBOOT_DISABLE
后 remake 整个Project , out下没有生成xxx_SBOOT_DIS.bin文件。
请问这可能是怎么问题呢?