From patchwork Mon Jul 18 08:47:24 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Joel Stanley X-Patchwork-Id: 1657321 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: bilbo.ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20210112 header.b=Ln62WRv3; dkim-atps=neutral Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.ozlabs.org (client-ip=2404:9400:2:0:216:3eff:fee1:b9f1; helo=lists.ozlabs.org; envelope-from=openbmc-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org; receiver=) Received: from lists.ozlabs.org (lists.ozlabs.org [IPv6:2404:9400:2:0:216:3eff:fee1:b9f1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by bilbo.ozlabs.org (Postfix) with ESMTPS id 4LmbGW51ztz9sFr for ; Mon, 18 Jul 2022 18:48:35 +1000 (AEST) Received: from boromir.ozlabs.org (localhost [IPv6:::1]) by lists.ozlabs.org (Postfix) with ESMTP id 4LmbGW3cBBz3c36 for ; Mon, 18 Jul 2022 18:48:35 +1000 (AEST) Authentication-Results: lists.ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20210112 header.b=Ln62WRv3; dkim-atps=neutral X-Original-To: openbmc@lists.ozlabs.org Delivered-To: openbmc@lists.ozlabs.org Authentication-Results: lists.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=gmail.com (client-ip=2607:f8b0:4864:20::436; helo=mail-pf1-x436.google.com; envelope-from=joel.stan@gmail.com; receiver=) Authentication-Results: lists.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20210112 header.b=Ln62WRv3; dkim-atps=neutral Received: from mail-pf1-x436.google.com (mail-pf1-x436.google.com [IPv6:2607:f8b0:4864:20::436]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 4LmbFY3qWVz2xKl for ; Mon, 18 Jul 2022 18:47:44 +1000 (AEST) Received: by mail-pf1-x436.google.com with SMTP id v7so10078341pfb.0 for ; Mon, 18 Jul 2022 01:47:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=sender:from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=p3qawsMBQemG9z7CYKzOqPaywiUF1dm/lF9v4RvLZ34=; b=Ln62WRv3g/mGvTy8kyUDED3ZuIVC7HsjIBuSKV2UuuEOCmF9XpPYhMvT42aIrab+g6 5mG0zEGaJ/+h7wAm2zb/F3foCV7oBL+cCDKywbGs+1x5iaap3Zi3lvFBj+0hRmfvnEpH HbgmHlpseUs4omSvcb/by6xJPBF+Z2xE81/XxiydhO31G0QoyFRvx8B/sYW4eTHm32ou wuEpoLjmrm16KqYYNHMEpD7orApDEgk1tHJr2AOplBdhtXwIIaF8HZKz5Hz2EkAF2e1T 6qZ9/Au4wxfehInh5eRfadjMwLOFbBtc4BT1Lv/xVEn3xHEfwxuJpqz1wgsiOOdsspwo XIBg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:sender:from:to:cc:subject:date:message-id :in-reply-to:references:mime-version:content-transfer-encoding; bh=p3qawsMBQemG9z7CYKzOqPaywiUF1dm/lF9v4RvLZ34=; b=6/cCACr9IjgPD9um90NWArEqj0JiCJ2L9/U6Lw2faV25aLdqNXGnvn23xSS1Bln/C1 KjxuBS27Z++0ZDCfxgIEfEVW/SnJTm/vMGG6zSbOzxS1gBWcxS43Ai4BJOy6wp24EiLG 2+6gQ8d0vageengpeLHD3KT1v1LAo9b4lVqkEIFzjzDa13kHsSEmlwz4/mvGLX758fo6 A2OKzsIBiPRfH6ioyffKNUgVOIJGjYuWW+QicVDGKz/oRW+XTIBgOHopIhvkSIfJ1bP+ NeEIhNoH7bDpRJEOEcE3ZdvcwmNItpASXPdsM7+s2ESreIMmqyu1idbbbZtLyeE7U5nq Tm3g== X-Gm-Message-State: AJIora8IcjmEf7DbzumrMR9RMd8p6XMi3BHoz/wUINcoJCdMFhVN0Cec uIyBSEOspCs5kIjOPesOy+gtJEtIVeg= X-Google-Smtp-Source: AGRyM1s+9dhRpRcfJI+p1EfgwWJ6J+nmZDsOD5IVo6dQ5FtbimL7wUCJeF3IhPCBStVuvV4+oKUtUw== X-Received: by 2002:a63:e20f:0:b0:41a:3744:ee8f with SMTP id q15-20020a63e20f000000b0041a3744ee8fmr843898pgh.443.1658134061702; Mon, 18 Jul 2022 01:47:41 -0700 (PDT) Received: from localhost.localdomain ([45.124.203.18]) by smtp.gmail.com with ESMTPSA id i28-20020a056a00225c00b005289521b656sm8806095pfu.92.2022.07.18.01.47.39 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 18 Jul 2022 01:47:40 -0700 (PDT) From: Joel Stanley To: openbmc@lists.ozlabs.org Subject: [PATCH u-boot v2019.04-aspeed-openbmc 1/5] config/openbmc: Enable SHA384 Date: Mon, 18 Jul 2022 18:17:24 +0930 Message-Id: <20220718084728.1140108-2-joel@jms.id.au> X-Mailer: git-send-email 2.35.1 In-Reply-To: <20220718084728.1140108-1-joel@jms.id.au> References: <20220718084728.1140108-1-joel@jms.id.au> MIME-Version: 1.0 X-BeenThere: openbmc@lists.ozlabs.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development list for OpenBMC List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Zev Weiss Errors-To: openbmc-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org Sender: "openbmc" This is now required by the otp command. Signed-off-by: Joel Stanley --- configs/ast2600_openbmc_spl_emmc_defconfig | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/configs/ast2600_openbmc_spl_emmc_defconfig b/configs/ast2600_openbmc_spl_emmc_defconfig index 8c2acb7e6efe..45c9fa162cd7 100644 --- a/configs/ast2600_openbmc_spl_emmc_defconfig +++ b/configs/ast2600_openbmc_spl_emmc_defconfig @@ -9,7 +9,6 @@ CONFIG_SPL_LDSCRIPT="arch/$(ARCH)/mach-aspeed/ast2600/u-boot-spl.lds" CONFIG_ARCH_ASPEED=y CONFIG_SYS_TEXT_BASE=0x81000000 CONFIG_ASPEED_AST2600=y -# CONFIG_ASPEED_LOADERS is not set CONFIG_SPL_GPIO_SUPPORT=y CONFIG_SPL_LIBCOMMON_SUPPORT=y CONFIG_SPL_LIBGENERIC_SUPPORT=y @@ -134,4 +133,5 @@ CONFIG_WDT=y CONFIG_USE_TINY_PRINTF=y CONFIG_SPL_TINY_MEMSET=y CONFIG_TPM=y +CONFIG_SHA384=y # CONFIG_EFI_LOADER is not set From patchwork Mon Jul 18 08:47:25 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Joel Stanley X-Patchwork-Id: 1657323 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: bilbo.ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20210112 header.b=MIc9pbE0; dkim-atps=neutral Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.ozlabs.org (client-ip=112.213.38.117; helo=lists.ozlabs.org; envelope-from=openbmc-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org; receiver=) Received: from lists.ozlabs.org (lists.ozlabs.org [112.213.38.117]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by bilbo.ozlabs.org (Postfix) with ESMTPS id 4LmbHF4pQ9z9sFr for ; Mon, 18 Jul 2022 18:49:13 +1000 (AEST) Received: from boromir.ozlabs.org (localhost [IPv6:::1]) by lists.ozlabs.org (Postfix) with ESMTP id 4LmbHD6xSwz2yh9 for ; Mon, 18 Jul 2022 18:49:12 +1000 (AEST) Authentication-Results: lists.ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20210112 header.b=MIc9pbE0; dkim-atps=neutral X-Original-To: openbmc@lists.ozlabs.org Delivered-To: openbmc@lists.ozlabs.org Authentication-Results: lists.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=gmail.com (client-ip=2607:f8b0:4864:20::1030; helo=mail-pj1-x1030.google.com; envelope-from=joel.stan@gmail.com; receiver=) Authentication-Results: lists.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20210112 header.b=MIc9pbE0; dkim-atps=neutral Received: from mail-pj1-x1030.google.com (mail-pj1-x1030.google.com [IPv6:2607:f8b0:4864:20::1030]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 4LmbFb0zpRz2y8Q for ; Mon, 18 Jul 2022 18:47:46 +1000 (AEST) Received: by mail-pj1-x1030.google.com with SMTP id o31-20020a17090a0a2200b001ef7bd037bbso11991464pjo.0 for ; Mon, 18 Jul 2022 01:47:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=sender:from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=UR8vfJwi1JHeYXJ5rvJbe3Bu5zdg9NFprU1ttfUHBmg=; b=MIc9pbE0Sw+pzwOQmKunh9BuSE7tQZSxqDJ9OT/ZYs4KzV4QPWi8g/fyWZca8ss0wx gRcxwS+JYJIF8z2YDBGo75hia1oJUeApgiWPjvCfOlUgpIcc5YwECj+3vNK18L06PET8 8yW9TLe6rzP0vvjo6GEi6ikbbRSklGlVR1SeRpFJh8QnBSLSlExE3hN4lezPexnVmMWw BnoCD/7bUuDDSVzh/QOmLKTNiBae7tHUCyi8h4CJJNp4UF9qM5Ur76Ri9rp4JEu/CXrN jeEvWRJPxxofOo7WNsRGvTsAIin/mEeGiFcsn900qNNeCJ/rkGRnl7EXjHtiaVsVp6W/ A3gw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:sender:from:to:cc:subject:date:message-id :in-reply-to:references:mime-version:content-transfer-encoding; bh=UR8vfJwi1JHeYXJ5rvJbe3Bu5zdg9NFprU1ttfUHBmg=; b=xYKpWdC1h+cMojlnoTkb04N78DT3+j2mzbUDX1/XwhvYx/qzPCgggJVnWMcNQkubae yRXrQNrvmfw523zFraexa8EOnY+WMTfwOjUhlc8CqbT5ej5Fs0SVsfmU+w0BZYHmm/Cp ks0gwLMMdsPvKtYkBRaYB5OWUyhllAsLKdKpbXYOIn6mpUCaXNHN0TEz/HJ+ew9gZDME VvymCkJI+VJclXLYCwnRvoOHtHdHPZORIZnwphx44Yi9mXvGsXnNZeHIxmwL2pKG0/ny +aYbHCM/Su5RAGrOSz24ZOwjyoQgsjwSm2Vbq9pbQtTbbplkcxD47qw82U2rt/+cTlVL mfIw== X-Gm-Message-State: AJIora9xdaK+53uBq42NC7QyiiDWiPE6TERiaYnNXr+K2GCF0emL2Mr8 zOBrvWWc2VgdQcrKi4LfZdm006VsSdE= X-Google-Smtp-Source: AGRyM1uMfKCQT7dgi/L6slGWvmIGRgOoxmA2/gpvL1BCmwQffMWIgdul6OZOakIyQJzhGWZON5IzuQ== X-Received: by 2002:a17:903:3011:b0:16c:3dba:37e4 with SMTP id o17-20020a170903301100b0016c3dba37e4mr26782732pla.122.1658134064247; Mon, 18 Jul 2022 01:47:44 -0700 (PDT) Received: from localhost.localdomain ([45.124.203.18]) by smtp.gmail.com with ESMTPSA id i28-20020a056a00225c00b005289521b656sm8806095pfu.92.2022.07.18.01.47.42 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 18 Jul 2022 01:47:43 -0700 (PDT) From: Joel Stanley To: openbmc@lists.ozlabs.org Subject: [PATCH u-boot v2019.04-aspeed-openbmc 2/5] cmd/otp: Use any MOD_EXP driver Date: Mon, 18 Jul 2022 18:17:25 +0930 Message-Id: <20220718084728.1140108-3-joel@jms.id.au> X-Mailer: git-send-email 2.35.1 In-Reply-To: <20220718084728.1140108-1-joel@jms.id.au> References: <20220718084728.1140108-1-joel@jms.id.au> MIME-Version: 1.0 X-BeenThere: openbmc@lists.ozlabs.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development list for OpenBMC List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Zev Weiss Errors-To: openbmc-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org Sender: "openbmc" Instead of requesting the ACRY driver specifically, ask for the first DM device that implements MOD_EXP. Selecting RSA ensures that one of the MOD_EXP drivers will be built in. On Aspeed platforms this will be either the ACRY or the software implementation; Kconfig logic stops both from being built in. Signed-off-by: Joel Stanley --- cmd/otp.c | 4 ++-- cmd/Kconfig | 1 - 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/cmd/otp.c b/cmd/otp.c index 4e901fbff996..049c217d6048 100644 --- a/cmd/otp.c +++ b/cmd/otp.c @@ -2642,9 +2642,9 @@ static int otp_verify_boot_image(phys_addr_t addr) int i; int pass = 0; - ret = uclass_get_device_by_driver(UCLASS_MOD_EXP, DM_GET_DRIVER(aspeed_acry), &mod_exp_dev); + ret = uclass_get_device(UCLASS_MOD_EXP, 0, &mod_exp_dev); if (ret) { - printf("RSA engine: Can't find aspeed_acry\n"); + printf("RSA: Can't find RSA driver\n"); return OTP_FAILURE; } diff --git a/cmd/Kconfig b/cmd/Kconfig index 1df26de5ed23..ff90a5d99acc 100644 --- a/cmd/Kconfig +++ b/cmd/Kconfig @@ -622,7 +622,6 @@ config CMD_OTP select SHA384 select SHA256 select RSA - select ASPEED_ACRY default y config CMD_RNG From patchwork Mon Jul 18 08:47:26 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Joel Stanley X-Patchwork-Id: 1657324 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: bilbo.ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20210112 header.b=O0gyfJw4; dkim-atps=neutral Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.ozlabs.org (client-ip=2404:9400:2:0:216:3eff:fee1:b9f1; helo=lists.ozlabs.org; envelope-from=openbmc-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org; receiver=) Received: from lists.ozlabs.org (lists.ozlabs.org [IPv6:2404:9400:2:0:216:3eff:fee1:b9f1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by bilbo.ozlabs.org (Postfix) with ESMTPS id 4LmbHy2qk9z9sFr for ; Mon, 18 Jul 2022 18:49:50 +1000 (AEST) Received: from boromir.ozlabs.org (localhost [IPv6:::1]) by lists.ozlabs.org (Postfix) with ESMTP id 4LmbHy1fJpz3c3X for ; Mon, 18 Jul 2022 18:49:50 +1000 (AEST) Authentication-Results: lists.ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20210112 header.b=O0gyfJw4; dkim-atps=neutral X-Original-To: openbmc@lists.ozlabs.org Delivered-To: openbmc@lists.ozlabs.org Authentication-Results: lists.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=gmail.com (client-ip=2607:f8b0:4864:20::102b; helo=mail-pj1-x102b.google.com; envelope-from=joel.stan@gmail.com; receiver=) Authentication-Results: lists.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20210112 header.b=O0gyfJw4; dkim-atps=neutral Received: from mail-pj1-x102b.google.com (mail-pj1-x102b.google.com [IPv6:2607:f8b0:4864:20::102b]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 4LmbFf4zzdz3c36 for ; Mon, 18 Jul 2022 18:47:49 +1000 (AEST) Received: by mail-pj1-x102b.google.com with SMTP id b10so200361pjq.5 for ; Mon, 18 Jul 2022 01:47:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=sender:from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=yifBd2n4QDMYqazu6CfgI4lc8zpl2b/rWdFJCdaCing=; b=O0gyfJw4UxNUkRw86oTixGMug3BUIIKqri++gw4qfQh3tRLnouxQ9a0K5tLgU7vmDE 1H5+YwCosxeeOH0gxlsMjI1Yhn7F8mtgvDPfW0VoFa5RZVIx98Fiu52Rebc4+e7mmrlH K4KpbfXva+mYl7huuz9q0BuqIpk86tYKdABP9LGYkmitpzLgkfidn+ExB0+xdkAOi0Ws TQlPCpBnuxPIilHLWoLhA/b26gjLub2K79mpzT5eGR8W4odxSpfTTmHIQoSxOSPL9R3R xQWASVQO5jztZm6uyCD+RM5P/4pGlKLgtOOY7CTfKLWs1BkkJOD/8l7NwVqKT0GTH/1K 3KTQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:sender:from:to:cc:subject:date:message-id :in-reply-to:references:mime-version:content-transfer-encoding; bh=yifBd2n4QDMYqazu6CfgI4lc8zpl2b/rWdFJCdaCing=; b=Epkf5xZ0afc9ieAznVtMgxbUQR/vg9+5/uVq6iul2MYyWt7JNuVib0WF8l4XRtjdjC HHliGZEDACMn/kSLWSYYJtm/OjtsAkDmu3+C+XTgfK/4TxI2nldgYac+9H79RLL4Ex7m JqGml0puYU/IT1C9kOjrtK7vdr29eBZkN47wPYkwT7gTj7PeeunlyVHwHQFNjYd5D4RY 9cbmmZryJQtBcOQMbLvho0lMrSbZMA8BXtES8AEuCU9BLUGWu1y2fLxmiYlDHauCTOYX c56QkUTKPekfWdRH5A3LXE4vMVXETrpardfuca3l1HhRW3SkqWxq+XnMvIQ/ZUOMcaUc 0WAw== X-Gm-Message-State: AJIora8Oi4Ok71CcorOOXRR2QNoKJ8HuUMA+an/q1SIjQ/Uvw/s98Nnq l1ug/kaqDwDLmn9BWpvJbQTUyHZSeeo= X-Google-Smtp-Source: AGRyM1t3UwTtNN+S0ERhXW7uDH2KXe7maLgbRMG4ITY8qYaCT/40XrGNAisTL0+rMRl63p8VCApxiQ== X-Received: by 2002:a17:90b:1206:b0:1ef:7bcd:e8d1 with SMTP id gl6-20020a17090b120600b001ef7bcde8d1mr31594946pjb.156.1658134066871; Mon, 18 Jul 2022 01:47:46 -0700 (PDT) Received: from localhost.localdomain ([45.124.203.18]) by smtp.gmail.com with ESMTPSA id i28-20020a056a00225c00b005289521b656sm8806095pfu.92.2022.07.18.01.47.44 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 18 Jul 2022 01:47:46 -0700 (PDT) From: Joel Stanley To: openbmc@lists.ozlabs.org Subject: [PATCH u-boot v2019.04-aspeed-openbmc 3/5] cmd/otp: Depend on SHA variants Date: Mon, 18 Jul 2022 18:17:26 +0930 Message-Id: <20220718084728.1140108-4-joel@jms.id.au> X-Mailer: git-send-email 2.35.1 In-Reply-To: <20220718084728.1140108-1-joel@jms.id.au> References: <20220718084728.1140108-1-joel@jms.id.au> MIME-Version: 1.0 X-BeenThere: openbmc@lists.ozlabs.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development list for OpenBMC List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Zev Weiss Errors-To: openbmc-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org Sender: "openbmc" Indicate which SHA algorithms are required by depending on them. Don't select them, as this force enables the options. Signed-off-by: Joel Stanley --- cmd/Kconfig | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/cmd/Kconfig b/cmd/Kconfig index ff90a5d99acc..8b90f0f23406 100644 --- a/cmd/Kconfig +++ b/cmd/Kconfig @@ -616,11 +616,9 @@ menu "Device access commands" config CMD_OTP depends on ASPEED_AST2600 + depends on SHA256 && SHA384 && SHA512 bool "ASPEED otp program" - select SHA512_ALGO - select SHA512 - select SHA384 - select SHA256 + select HASH select RSA default y From patchwork Mon Jul 18 08:47:27 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Joel Stanley X-Patchwork-Id: 1657325 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: bilbo.ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20210112 header.b=OS4dBJZd; dkim-atps=neutral Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.ozlabs.org (client-ip=112.213.38.117; helo=lists.ozlabs.org; envelope-from=openbmc-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org; receiver=) Received: from lists.ozlabs.org (lists.ozlabs.org [112.213.38.117]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by bilbo.ozlabs.org (Postfix) with ESMTPS id 4LmbJd6yR0z9sFr for ; Mon, 18 Jul 2022 18:50:25 +1000 (AEST) Received: from boromir.ozlabs.org (localhost [IPv6:::1]) by lists.ozlabs.org (Postfix) with ESMTP id 4LmbJd3wqGz3c4Z for ; Mon, 18 Jul 2022 18:50:25 +1000 (AEST) Authentication-Results: lists.ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20210112 header.b=OS4dBJZd; dkim-atps=neutral X-Original-To: openbmc@lists.ozlabs.org Delivered-To: openbmc@lists.ozlabs.org Authentication-Results: lists.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=gmail.com (client-ip=2607:f8b0:4864:20::52e; helo=mail-pg1-x52e.google.com; envelope-from=joel.stan@gmail.com; receiver=) Authentication-Results: lists.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20210112 header.b=OS4dBJZd; dkim-atps=neutral Received: from mail-pg1-x52e.google.com (mail-pg1-x52e.google.com [IPv6:2607:f8b0:4864:20::52e]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 4LmbFh45Sdz3c5h for ; Mon, 18 Jul 2022 18:47:52 +1000 (AEST) Received: by mail-pg1-x52e.google.com with SMTP id 23so9964465pgc.8 for ; Mon, 18 Jul 2022 01:47:52 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=sender:from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=gGTNzPjEZYpLT4vW76g3OPKhcCsIvw3YoUWlJme06UI=; b=OS4dBJZd6Su+QhDeXDmADUCzoS+jsVW2HA1v8BWUQwrAVPfLywK+UMrEmQ1dgPp2l+ osSh+Xr6sXTDvPsNX/uN2cLVofOLDBhkmkL12QOm2OZ1FJ2yYegIzugBDZulV95su6in bb3UrQh+I9mio2pxjyey5H3fD7smV7KLqflXKED/p57w+AcWFelHqFaE/jKht/41j/KE ZbaBfCXQa+o7Zoto5GKHV9Qq/8P07KrDOO/4OVmBPg9KdlZMgp3y0voJmw8NciEf9a1w PNAOh70vFi1WyvIRIAWtKvmuClJx4QIz2qFv4JrcP2GqEF/l8lf945/YzU+imb3sgdJc MoYg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:sender:from:to:cc:subject:date:message-id :in-reply-to:references:mime-version:content-transfer-encoding; bh=gGTNzPjEZYpLT4vW76g3OPKhcCsIvw3YoUWlJme06UI=; b=7bQWrqEQ30WYzH11yKdhsOl882mIg3hn3HYGtdiTDCAMd4jK1AJ55imQ3LOWfmKZj6 V3eip9mqc+B4qJoJq7RPKAGvoSSSzypps3TvUx5VdNpo7WXEtHuDp9/uekgpA73gfHYH 3BcS9UTquOJQy1pcWbxNQrtYzKkxin/89sPGghdoJu+X06aNoRWvrTNmzL/ol337BfiG zUHaYkf+QD0twjVI/t7R5Chbe4oSaJZLa5t6zAExeIhdxhx1caLphDS5WnuN5xz9SR3M NK8cTHkP3GV176V0yVhUF3gBPJNMkboAgE2MUIk7brSnCCytSTyLEMwufRDeOVc0jfPh nYFQ== X-Gm-Message-State: AJIora+Fcv8X8TBKtJ5KKWZEgrL3JadF5TRgISigxTkwtc6wLjb1s2VA dqCJL3086FY0SrLzem2i5weMzf4FW5M= X-Google-Smtp-Source: AGRyM1twgx12QOOdRHdzxu16oPB836sd4SbrT8ro2XapNG/Oq3PrxCByAhNw5luBT+GmgvRYulywMg== X-Received: by 2002:a05:6a00:1703:b0:52b:39a4:4632 with SMTP id h3-20020a056a00170300b0052b39a44632mr16845001pfc.29.1658134069399; Mon, 18 Jul 2022 01:47:49 -0700 (PDT) Received: from localhost.localdomain ([45.124.203.18]) by smtp.gmail.com with ESMTPSA id i28-20020a056a00225c00b005289521b656sm8806095pfu.92.2022.07.18.01.47.47 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 18 Jul 2022 01:47:48 -0700 (PDT) From: Joel Stanley To: openbmc@lists.ozlabs.org Subject: [PATCH u-boot v2019.04-aspeed-openbmc 4/5] cmd/otp: Use hashing API Date: Mon, 18 Jul 2022 18:17:27 +0930 Message-Id: <20220718084728.1140108-5-joel@jms.id.au> X-Mailer: git-send-email 2.35.1 In-Reply-To: <20220718084728.1140108-1-joel@jms.id.au> References: <20220718084728.1140108-1-joel@jms.id.au> MIME-Version: 1.0 X-BeenThere: openbmc@lists.ozlabs.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development list for OpenBMC List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Zev Weiss Errors-To: openbmc-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org Sender: "openbmc" Instead of calling the hashing functions directly, which uses the software implementation of the algorithms, use the hash API which allows the use of the HACE driver. Saves 12.5KB: Before=279327, After=266547, chg -4.58% Signed-off-by: Joel Stanley --- cmd/otp.c | 49 +++++++++++++++++-------------------------------- 1 file changed, 17 insertions(+), 32 deletions(-) diff --git a/cmd/otp.c b/cmd/otp.c index 049c217d6048..add70c841405 100644 --- a/cmd/otp.c +++ b/cmd/otp.c @@ -305,33 +305,6 @@ static int get_rid_num(u32 *rid) return rid_num; } -static void sb_sha256(u8 *src, u32 len, u8 *digest_ret) -{ - sha256_context ctx; - - sha256_starts(&ctx); - sha256_update(&ctx, src, len); - sha256_finish(&ctx, digest_ret); -} - -static void sb_sha384(u8 *src, u32 len, u8 *digest_ret) -{ - sha512_context ctx; - - sha384_starts(&ctx); - sha384_update(&ctx, src, len); - sha384_finish(&ctx, digest_ret); -} - -static void sb_sha512(u8 *src, u32 len, u8 *digest_ret) -{ - sha512_context ctx; - - sha512_starts(&ctx); - sha512_update(&ctx, src, len); - sha512_finish(&ctx, digest_ret); -} - static u32 chip_version(void) { u32 revid0, revid1; @@ -1912,6 +1885,18 @@ static int otp_check_scu_image(struct otp_image_layout *image_layout, u32 *scu_p return OTP_SUCCESS; } +static void do_hash(const void *data, int data_len, const char *algo_name, uint8_t *value) +{ + struct hash_algo *algo; + + if (hash_lookup_algo(algo_name, &algo)) { + debug("Unsupported hash alogrithm\n"); + return; + } + + algo->hash_func_ws(data, data_len, value, algo->chunk_size); +} + static int otp_verify_image(u8 *src_buf, u32 length, u8 *digest_buf, int version) { u8 digest_ret[48]; @@ -1919,11 +1904,11 @@ static int otp_verify_image(u8 *src_buf, u32 length, u8 *digest_buf, int version switch (version) { case 1: - sb_sha256(src_buf, length, digest_ret); + do_hash(src_buf, length, "sha256", digest_ret); digest_len = 32; break; case 2: - sb_sha384(src_buf, length, digest_ret); + do_hash(src_buf, length, "sha384", digest_ret); digest_len = 48; break; default: @@ -2549,13 +2534,13 @@ static int sb_sha(struct sb_info *si, u8 *sec_image, u32 sign_image_size, u8 *di printf("otp verify does not support SHA224\n"); return OTP_FAILURE; case 256: - sb_sha256(sec_image, sign_image_size, digest_ret); + do_hash(sec_image, sign_image_size, "sha256", digest_ret); break; case 384: - sb_sha384(sec_image, sign_image_size, digest_ret); + do_hash(sec_image, sign_image_size, "sha384", digest_ret); break; case 512: - sb_sha512(sec_image, sign_image_size, digest_ret); + do_hash(sec_image, sign_image_size, "sha512", digest_ret); break; default: printf("SHA Algorithm is invalid\n"); From patchwork Mon Jul 18 08:47:28 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Joel Stanley X-Patchwork-Id: 1657326 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: bilbo.ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20210112 header.b=Bck3INmc; dkim-atps=neutral Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.ozlabs.org (client-ip=112.213.38.117; helo=lists.ozlabs.org; envelope-from=openbmc-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org; receiver=) Received: from lists.ozlabs.org (lists.ozlabs.org [112.213.38.117]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by bilbo.ozlabs.org (Postfix) with ESMTPS id 4LmbKL4bgVz9sFr for ; Mon, 18 Jul 2022 18:51:02 +1000 (AEST) Received: from boromir.ozlabs.org (localhost [IPv6:::1]) by lists.ozlabs.org (Postfix) with ESMTP id 4LmbKL2r9qz3c3m for ; Mon, 18 Jul 2022 18:51:02 +1000 (AEST) Authentication-Results: lists.ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20210112 header.b=Bck3INmc; dkim-atps=neutral X-Original-To: openbmc@lists.ozlabs.org Delivered-To: openbmc@lists.ozlabs.org Authentication-Results: lists.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=gmail.com (client-ip=2607:f8b0:4864:20::430; helo=mail-pf1-x430.google.com; envelope-from=joel.stan@gmail.com; receiver=) Authentication-Results: lists.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20210112 header.b=Bck3INmc; dkim-atps=neutral Received: from mail-pf1-x430.google.com (mail-pf1-x430.google.com [IPv6:2607:f8b0:4864:20::430]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 4LmbFl16cQz3bkd for ; Mon, 18 Jul 2022 18:47:54 +1000 (AEST) Received: by mail-pf1-x430.google.com with SMTP id c139so3712406pfc.2 for ; Mon, 18 Jul 2022 01:47:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=sender:from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=tTsaJi/aBfMLOUcGWJTKcmgimxno0ovagRBeaRXx9y4=; b=Bck3INmcAU6tBIJ1BFvx4k9lHO7OP+tek5Gy44OIvfRWUrX0zMT3MEMmhMEnvL3H3Z Ob+TUJ0txgxj7zc8G+ZZk4pYgBEs6OdkDk89pfvP6C49Nc63embxrttFzGTuZX1yeD/w nj9GBmGk+xD13IMKqaRug94VXG4MABe5wMazabB7PT02jJQL8TfMjLpU36YQAPuPmD4I LExo/lE0iNAgE6v/sCnr0uGGtJgbKxsmMFx0CWMlZnZ4x22r5Gi+aALcD5Ho43w392em yuAtDrxM3gp4USTSemCDZvdovzrVe5H/SZwjAFOjfgVX60/tu4NzqNOuywZhNFBlekeb 1Mrg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:sender:from:to:cc:subject:date:message-id :in-reply-to:references:mime-version:content-transfer-encoding; bh=tTsaJi/aBfMLOUcGWJTKcmgimxno0ovagRBeaRXx9y4=; b=a9l+4XlG86IWFCirj+5JwZSSmUdRa6lQ/yCIz44yKEB9+atczW+1B6kR1r4LRjVPSY nlgHmEGGGpd2xTE7Y+H84s5troy1kth2qwJQP2QAnQM22riFBiEmmziAOogKnaBiJfEP oVD1BeTUJfZz4i1GHjyTei/s/qIgDe2x3GJxZTjkw0DF/kjjClsJhmnUv4pDpsGAQC+g OsQlOM9looNPSnbbrA9+HnY0wprXLpelRlenfMb7CGQOe00RiIyzoKq0so3UDYe9r2qZ ol82k71tToyeN+a752XgqiWOALSJWbEYMeCv7SX7KjvYybWypWf8y/LrTt0e7iWOAh6D DP4A== X-Gm-Message-State: AJIora+YbniqMLoCV1mxTITe0VPceA0ykSBPTx8LKQydVaId421v1oZh RiVtJmeVNBG2t1Oh8xol+3QO3Y9dLso= X-Google-Smtp-Source: AGRyM1tqQoKDSqhX3qpnBVurJz2HVXfNJbMVJxYn45QV5Vx6hQ/pPKIK4gnbfeu+3q/kPpMExMCZFg== X-Received: by 2002:a05:6a00:1a92:b0:52b:ac3:7964 with SMTP id e18-20020a056a001a9200b0052b0ac37964mr26755785pfv.31.1658134071935; Mon, 18 Jul 2022 01:47:51 -0700 (PDT) Received: from localhost.localdomain ([45.124.203.18]) by smtp.gmail.com with ESMTPSA id i28-20020a056a00225c00b005289521b656sm8806095pfu.92.2022.07.18.01.47.49 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 18 Jul 2022 01:47:51 -0700 (PDT) From: Joel Stanley To: openbmc@lists.ozlabs.org Subject: [PATCH u-boot v2019.04-aspeed-openbmc 5/5] cmd/otp: Reduce size of otpkey Date: Mon, 18 Jul 2022 18:17:28 +0930 Message-Id: <20220718084728.1140108-6-joel@jms.id.au> X-Mailer: git-send-email 2.35.1 In-Reply-To: <20220718084728.1140108-1-joel@jms.id.au> References: <20220718084728.1140108-1-joel@jms.id.au> MIME-Version: 1.0 X-BeenThere: openbmc@lists.ozlabs.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development list for OpenBMC List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Zev Weiss Errors-To: openbmc-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org Sender: "openbmc" Don't store more information than is used. Saves 3KB. Function old new delta _otp_print_key 540 580 +40 otp_verify_boot_image 1276 1268 -8 a2_key_type 640 40 -600 a1_key_type 640 40 -600 a3_key_type 1024 64 -960 a0_key_type 1024 64 -960 Total: Before=266547, After=263459, chg -1.16% Signed-off-by: Joel Stanley --- This patch includes Zev's suggestion to make the bitfields unsigned: https://lore.kernel.org/openbmc/20220716090847.GC9659@packtop/ cmd/otp.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/cmd/otp.c b/cmd/otp.c index add70c841405..2df410dfd024 100644 --- a/cmd/otp.c +++ b/cmd/otp.c @@ -133,11 +133,11 @@ struct otpstrap_status { }; struct otpkey_type { - int value; - int key_type; - int order; - int need_id; - char information[110]; + unsigned int value: 4; + unsigned int key_type: 4; + unsigned int order: 1; + unsigned int need_id: 1; + char *information; }; struct otp_pro_sts {