| Message ID | 20200625155927.28430-1-torben.hohn@linutronix.de |
|---|---|
| Headers | show |
| Series | ubifs: support authentication without hmac | expand |
Torben, ----- Ursprüngliche Mail ----- > Von: "Torben Hohn" <torben.hohn@linutronix.de> > An: "richard" <richard@nod.at> > CC: "bigeasy" <bigeasy@linutronix.de>, "tglx" <tglx@linutronix.de>, "linux-mtd" <linux-mtd@lists.infradead.org>, "Sascha > Hauer" <s.hauer@pengutronix.de> > Gesendet: Donnerstag, 25. Juni 2020 17:59:26 > Betreff: [PATCH 0/1] ubifs: support authentication without hmac > This patch adds support for ubifs authentication without HMAC, > which obviously only works for a read-only mount. > > ubiblock and dm-verity are not supported by u-boot, and > the kernel on the target is loaded by u-boot out of the RFS. As I said on IRC yesterday. There is a bug with UBIFS versioning. u-boot is not supposed to read from authenticated UBIFS since it has no authentication support at all an might trip over changed data structures. We forgot to raise the UBIFS version to w5r1 for authenticated images and only introduced a new feature flag. This causes old UBIFS implementations like u-boot's to not enforce the super block feature flag field. Before w4 feature flags didn't get enfocred. :-( Patches for mkfs.ubifs and kernel are on their way, I just need to carefully test them with many different old images, u-boot and kernel combinations. I think it is high noon that u-boot updates their UBIFS, then a non-authenticated should be trivial. Of course you need to verify all files you read from it manually then. > This is a first try to implement this. > It boots fine, and the WARN_ON is not triggered. > > I plan to update the docs also, but i would like to have > some positive comments on this before. I think this is a useful feature, please give me a few day to think about all implications. That said, I'm not really a fan of reading files from UBIFS in u-boot. We have UBI static volumes for that... Maybe you can give this a try and void some complexity in the bootloader. Thanks, //richard
Hello Richard, Am Freitag, 26. Juni 2020, 10:09:14 CEST schrieb Richard Weinberger: > That said, I'm not really a fan of reading files from UBIFS in u-boot. > We have UBI static volumes for that... > Maybe you can give this a try and void some complexity in the bootloader. Surprised to hear that. I saw some boards lately doing exactly that. Things like kernel image are copied in Linux to e.g. /boot and U-Boot just picks it up from there. I tried to find out more about using UBI static volumes in general and for that usecase, but neither http://linux-mtd.infradead.org/doc/ubi.html nor http://linux-mtd.infradead.org/faq/ubi.html point me in a direction where to find real world examples to look at. Are there any boards in the wild using this? Maybe with defconfigs in U-Boot already? Greets Alex
Alex, ----- Ursprüngliche Mail ----- > Von: "Alexander Dahl" <ada@thorsis.com> > An: "linux-mtd" <linux-mtd@lists.infradead.org>, "Sascha Hauer" <s.hauer@pengutronix.de> > CC: "richard" <richard@nod.at>, "Torben Hohn" <torben.hohn@linutronix.de> > Gesendet: Montag, 29. Juni 2020 08:46:10 > Betreff: Re: [PATCH 0/1] ubifs: support authentication without hmac > Hello Richard, > > Am Freitag, 26. Juni 2020, 10:09:14 CEST schrieb Richard Weinberger: >> That said, I'm not really a fan of reading files from UBIFS in u-boot. >> We have UBI static volumes for that... >> Maybe you can give this a try and void some complexity in the bootloader. > > Surprised to hear that. I saw some boards lately doing exactly that. Things > like kernel image are copied in Linux to e.g. /boot and U-Boot just picks it > up from there. Well, not everyone is using U-Boot. ;-) > I tried to find out more about using UBI static volumes in general and for > that usecase, but neither http://linux-mtd.infradead.org/doc/ubi.html nor > http://linux-mtd.infradead.org/faq/ubi.html point me in a direction where to > find real world examples to look at. Are there any boards in the wild using > this? Maybe with defconfigs in U-Boot already? U-Boot choose the UBIFS way AFAICT. But if you have your own minimal loader you can read from an UBI static volume with a few lines of C (~200 LoC). This is what I see/use most of the time. Using static volumes in U-Boot is also possible, IIRC just use "ubi read". From http://www.linux-mtd.infradead.org/doc/ubi.html#L_overview: """ There are 2 types of UBI volumes: dynamic volumes and static volumes. Static volumes are read-only and their contents are protected by CRC-32 checksums, while dynamic volumes are read-write and the upper layers (e.g., a file-system) are responsible for ensuring data integrity. Static volumes are typically used for the kernel, initramfs, and dtb. Larger static volumes may incur a significant penalty when opening, as the CRC-32 needs to be calculated at this time. If you are looking to use static volumes for anything besides the kernel, initramfs, or dtb you are likely doing something wrong and would be better off using a dynamic volume instead. """ Thanks, //richard
Dear Richard, In message <1067478399.71066.1593414287623.JavaMail.zimbra@nod.at> you wrote: > > > I tried to find out more about using UBI static volumes in general and for > > that usecase, but neither http://linux-mtd.infradead.org/doc/ubi.html nor > > http://linux-mtd.infradead.org/faq/ubi.html point me in a direction where to > > find real world examples to look at. Are there any boards in the wild using > > this? Maybe with defconfigs in U-Boot already? > > U-Boot choose the UBIFS way AFAICT. No, U-Boot does not implement any preferences here, i. e. both methods can be used out of the box. It is just the preference of the user who decides which way to go - using the file system seems more flexible to some unsers, while others care about the additional boot time needed to mount the file system or the additional memory footprint needed for the file system code. Your choice. Best regards, Wolfgang Denk
Wolfgang, ----- Ursprüngliche Mail ----- > Von: "Wolfgang Denk" <wd@denx.de> > An: "richard" <richard@nod.at> > CC: "Alexander Dahl" <ada@thorsis.com>, "Sascha Hauer" <s.hauer@pengutronix.de>, "linux-mtd" > <linux-mtd@lists.infradead.org>, "Torben Hohn" <torben.hohn@linutronix.de> > Gesendet: Montag, 29. Juni 2020 09:48:14 > Betreff: Re: [PATCH 0/1] ubifs: support authentication without hmac > Dear Richard, > > In message <1067478399.71066.1593414287623.JavaMail.zimbra@nod.at> you wrote: >> >> > I tried to find out more about using UBI static volumes in general and for >> > that usecase, but neither http://linux-mtd.infradead.org/doc/ubi.html nor >> > http://linux-mtd.infradead.org/faq/ubi.html point me in a direction where to >> > find real world examples to look at. Are there any boards in the wild using >> > this? Maybe with defconfigs in U-Boot already? >> >> U-Boot choose the UBIFS way AFAICT. > > No, U-Boot does not implement any preferences here, i. e. both > methods can be used out of the box. It is just the preference of > the user who decides which way to go - using the file system seems > more flexible to some unsers, while others care about the additional > boot time needed to mount the file system or the additional memory > footprint needed for the file system code. > > Your choice. Good to know! Thanks for pointing this out. I think for most users reading from a filesystem feels more natural since on other storage systems this is the only way to go. Thanks, //richard
Dear Richard, In message <667429184.71186.1593417085045.JavaMail.zimbra@nod.at> you wrote: > > > No, U-Boot does not implement any preferences here, i. e. both > > methods can be used out of the box. It is just the preference of > > the user who decides which way to go - using the file system seems > > more flexible to some unsers, while others care about the additional > > boot time needed to mount the file system or the additional memory > > footprint needed for the file system code. > > > > Your choice. > > Good to know! Thanks for pointing this out. > > I think for most users reading from a filesystem feels more natural > since on other storage systems this is the only way to go. It's also easier to use a file system for example during development, for example when you often switch between several different kernel images and such. But as mentioned it comes with the penalty of additional overhead, both in memory footprint and boot time, so for the production configuration it makes sense to use a static UBI volume instead. Best regards, Wolfgang Denk
Alex, On Mon, Jun 29, 2020 at 9:11 AM Richard Weinberger <richard@nod.at> wrote: > U-Boot choose the UBIFS way AFAICT. > > But if you have your own minimal loader you can read from an UBI static volume with > a few lines of C (~200 LoC). This is what I see/use most of the time. > Using static volumes in U-Boot is also possible, IIRC just use "ubi read". > > From http://www.linux-mtd.infradead.org/doc/ubi.html#L_overview: > """ > There are 2 types of UBI volumes: dynamic volumes and static volumes. Static volumes are read-only and their contents are protected by CRC-32 checksums, while dynamic volumes are read-write and the upper layers (e.g., a file-system) are responsible for ensuring data integrity. > > Static volumes are typically used for the kernel, initramfs, and dtb. Larger static volumes may incur a significant penalty when opening, as the CRC-32 needs to be calculated at this time. If you are looking to use static volumes for anything besides the kernel, initramfs, or dtb you are likely doing something wrong and would be better off using a dynamic volume instead. > """ Did this and Wolfgang's input help?
Hello Richard, thanks for asking back. Am Dienstag, 30. Juni 2020, 15:36:28 CEST schrieb Richard Weinberger: > On Mon, Jun 29, 2020 at 9:11 AM Richard Weinberger <richard@nod.at> wrote: > > U-Boot choose the UBIFS way AFAICT. > > > > But if you have your own minimal loader you can read from an UBI static > > volume with a few lines of C (~200 LoC). This is what I see/use most of > > the time. Using static volumes in U-Boot is also possible, IIRC just use > > "ubi read". > > > > From http://www.linux-mtd.infradead.org/doc/ubi.html#L_overview: > > """ > > There are 2 types of UBI volumes: dynamic volumes and static volumes. > > Static volumes are read-only and their contents are protected by CRC-32 > > checksums, while dynamic volumes are read-write and the upper layers > > (e.g., a file-system) are responsible for ensuring data integrity. > > > > Static volumes are typically used for the kernel, initramfs, and dtb. > > Larger static volumes may incur a significant penalty when opening, as > > the CRC-32 needs to be calculated at this time. If you are looking to use > > static volumes for anything besides the kernel, initramfs, or dtb you are > > likely doing something wrong and would be better off using a dynamic > > volume instead. """ > > Did this and Wolfgang's input help? Yes, it did. I see the benefits of static UBI volumes, and I wish we had known this for our projects like 10 years ago. However I also appreciated Wolfgang's input, it's basically what we do with more recent projects. The possibility to easily upgrade kernel image and/or dts speeds up development a lot and causes less headaches on system upgrade. Greets Alex