| Message ID | 20240816214436.1877263-1-raymond.mao@linaro.org |
|---|---|
| Headers | show |
| Series | Integrate MbedTLS v3.6 LTS with U-Boot | expand |
Hi Raymond, On Fri, 16 Aug 2024 at 15:44, Raymond Mao <raymond.mao@linaro.org> wrote: > > Integrate MbedTLS v3.6 LTS (currently v3.6.0) with U-Boot. > > Motivations: > ------------ > > 1. MbedTLS is well maintained with LTS versions. > 2. LWIP is integrated with MbedTLS and easily to enable HTTPS. > 3. MbedTLS recently switched license back to GPLv2. > > Prerequisite: > ------------- > > This patch series requires mbedtls git repo to be added as a > subtree to the main U-Boot repo via: > $ git subtree add --prefix lib/mbedtls/external/mbedtls \ > https://github.com/Mbed-TLS/mbedtls.git \ > v3.6.0 --squash > Moreover, due to the Windows-style files from mbedtls git repo, > we need to convert the CRLF endings to LF and do a commit manually: > $ git add --renormalize . > $ git commit > > New Kconfig options: > -------------------- > > `MBEDTLS_LIB` is for MbedTLS general switch. > `MBEDTLS_LIB_CRYPTO` is for replacing original digest and crypto libs with > MbedTLS. > `MBEDTLS_LIB_X509` is for replacing original X509, PKCS7, MSCode, ASN1, > and Pubkey parser with MbedTLS. > `LEGACY_CRYPTO` is introduced as a main switch for legacy crypto library. > `LEGACY_CRYPTO_BASIC` is for the basic crypto functionalities and > `LEGACY_CRYPTO_CERT` is for the certificate related functionalities. > For each of the algorithm, a pair of `<alg>_LEGACY` and `<alg>_MBEDTLS` > Kconfig options are introduced. Meanwhile, `SPL_` Kconfig options are > introduced. > > In this patch set, MBEDTLS_LIB, MBEDTLS_LIB_CRYPTO and MBEDTLS_LIB_X509 > are by default enabled in qemu_arm64_defconfig and sandbox_defconfig > for testing purpose. > > Patches for external MbedTLS project: > ------------------------------------- > > Since U-Boot uses Microsoft Authentication Code to verify PE/COFFs > executables which is not supported by MbedTLS at the moment, > addtional patches for MbedTLS are created to adapt with the EFI loader: > 1. Decoding of Microsoft Authentication Code. > 2. Decoding of PKCS#9 Authenticate Attributes. > 3. Extending MbedTLS PKCS#7 lib to support multiple signer's certificates. > 4. MbedTLS native test suites for PKCS#7 signer's info. > > All above 4 patches (tagged with `mbedtls/external`) are submitted to > MbedTLS project and being reviewed, eventually they should be part of > MbedTLS LTS release. > But before that, please merge them into U-Boot, otherwise the building > will be broken when MBEDTLS_LIB_X509 is enabled. > > See below PR link for the reference: > https://github.com/Mbed-TLS/mbedtls/pull/9001 > > Miscellaneous: > -------------- > > Optimized MbedTLS library size by tailoring the config file > and disabling all unnecessary features for EFI loader. > From v2, original libs (rsa, asn1_decoder, rsa_helper, md5, sha1, sha256, > sha512) are completely replaced when MbedTLS is enabled. > From v3, the size-growth is slightly reduced by refactoring Hash functions. > From v6, smaller implementations for SHA256 and SHA512 are enabled and > target size reduce significantly. > Target(QEMU arm64) size-growth when enabling MbedTLS: > v1: 6.03% > v2: 4.66% > v3 - v5: 4.55% > v6: 2.90% > > Please see the latest output from buildman for size-growth on QEMU arm64, > Sandbox and Nanopi A64. [1] > > Tests done: > ----------- > > EFI Secure Boot test (EFI variables loading and verifying, EFI signed image > verifying and booting) via U-Boot console. > EFI Secure Boot and Capsule sandbox test passed. > > Known issues: > ------------- > > None. I wonder if we could leave out the SHA stuff? The algorithms are stable and this would seem to avoid much of the size growth, and all the pain of trying to integrate another yet another hashing layer (we already have normal, progressive and h/w acceleration, plus UCLASS_HASH which h/w acceleration should use but that migration never happened). I struggle to see any benefit in replacing U-Boot's very solid hashing infra with something else, particularly as this series adds yet another. Better to invest the time to refactor it. I asked about this before and was told that it would happen 'later'. Let's just not change it at all, then it is more likely someone will sort it out. Also, if MbedTLS is wanting to be a general library for TLS (I assume transport-local security, not thread-local storage) perhaps it might consider changing to non-Windows newlines, or perhaps even kernel code style? Regards, Simon > > [1]: buildman output for size comparison > (qemu_arm64, sandbox and nanopi_a64) > ``` > aarch64: (for 2/2 boards) all -1468.0 bss +16.0 data -64.0 rodata +200.0 text -1620.0 > qemu_arm64 : all +4608 bss +80 data -64 rodata +200 text +4392 > u-boot: add: 29/-17, grow: 12/-16 bytes: 13072/-8304 (4768) > function old new delta > mbedtls_internal_sha1_process - 4540 +4540 > mbedtls_internal_md5_process - 2928 +2928 > K - 896 +896 > mbedtls_sha256_finish - 484 +484 > mbedtls_internal_sha256_process - 432 +432 > mbedtls_sha1_finish - 420 +420 > mbedtls_internal_sha512_process - 412 +412 > mbedtls_sha512_finish - 360 +360 > mbedtls_sha512_starts - 340 +340 > mbedtls_md5_finish - 336 +336 > mbedtls_sha512_update - 264 +264 > mbedtls_sha256_update - 252 +252 > mbedtls_sha1_update - 236 +236 > mbedtls_md5_update - 236 +236 > mbedtls_sha512 - 148 +148 > mbedtls_sha256_starts - 124 +124 > hash_init_sha512 52 128 +76 > hash_init_sha256 52 128 +76 > mbedtls_sha1_starts - 72 +72 > mbedtls_md5_starts - 60 +60 > hash_init_sha1 52 112 +60 > mbedtls_platform_zeroize - 56 +56 > sha512_put_uint64_be - 40 +40 > mbedtls_sha512_free - 16 +16 > mbedtls_sha256_free - 16 +16 > mbedtls_sha1_free - 16 +16 > mbedtls_md5_free - 16 +16 > hash_finish_sha512 72 88 +16 > hash_finish_sha256 72 88 +16 > hash_finish_sha1 72 88 +16 > sha512_csum_wd 68 80 +12 > sha256_csum_wd 68 80 +12 > sha1_csum_wd 68 80 +12 > md5_wd 68 80 +12 > mbedtls_sha512_init - 12 +12 > mbedtls_sha256_init - 12 +12 > mbedtls_sha1_init - 12 +12 > mbedtls_md5_init - 12 +12 > memset_func - 8 +8 > sha512_update 4 8 +4 > sha384_update 4 8 +4 > sha256_update 12 8 -4 > sha1_update 12 8 -4 > sha256_process 16 - -16 > sha1_process 16 - -16 > hash_update_sha512 36 16 -20 > hash_update_sha256 36 16 -20 > hash_update_sha1 36 16 -20 > MD5Init 56 36 -20 > sha1_starts 60 36 -24 > hash_update_sha384 36 - -36 > hash_init_sha384 52 - -52 > sha384_csum_wd 68 12 -56 > sha256_starts 104 40 -64 > sha256_padding 64 - -64 > sha1_padding 64 - -64 > hash_finish_sha384 72 - -72 > sha512_finish 152 36 -116 > sha512_starts 168 40 -128 > sha384_starts 168 40 -128 > sha384_finish 152 4 -148 > MD5Final 196 44 -152 > sha512_base_do_finalize 160 - -160 > static.sha256_update 228 - -228 > static.sha1_update 240 - -240 > sha512_base_do_update 244 - -244 > MD5Update 260 - -260 > sha1_finish 300 36 -264 > sha256_finish 404 36 -368 > sha256_armv8_ce_process 428 - -428 > sha1_armv8_ce_process 484 - -484 > sha512_K 640 - -640 > sha512_block_fn 1212 - -1212 > MD5Transform 2552 - -2552 > nanopi_a64 : all -7544 bss -48 data -64 rodata +200 text -7632 > u-boot: add: 21/-8, grow: 4/-8 bytes: 10692/-4364 (6328) > function old new delta > mbedtls_internal_sha1_process - 4540 +4540 > mbedtls_internal_md5_process - 2928 +2928 > mbedtls_sha256_finish - 484 +484 > mbedtls_internal_sha256_process - 432 +432 > mbedtls_sha1_finish - 420 +420 > mbedtls_md5_finish - 336 +336 > K - 256 +256 > mbedtls_sha256_update - 252 +252 > mbedtls_sha1_update - 236 +236 > mbedtls_md5_update - 236 +236 > mbedtls_sha256_starts - 124 +124 > hash_init_sha256 52 128 +76 > mbedtls_sha1_starts - 72 +72 > mbedtls_md5_starts - 60 +60 > hash_init_sha1 52 112 +60 > mbedtls_platform_zeroize - 56 +56 > mbedtls_sha256_free - 16 +16 > mbedtls_sha1_free - 16 +16 > mbedtls_md5_free - 16 +16 > hash_finish_sha256 72 88 +16 > hash_finish_sha1 72 88 +16 > mbedtls_sha256_init - 12 +12 > mbedtls_sha1_init - 12 +12 > mbedtls_md5_init - 12 +12 > memset_func - 8 +8 > sha256_update 12 - -12 > sha1_update 12 - -12 > hash_update_sha256 36 16 -20 > hash_update_sha1 36 16 -20 > MD5Init 56 36 -20 > sha1_starts 60 36 -24 > sha256_starts 104 40 -64 > sha256_padding 64 - -64 > sha1_padding 64 - -64 > MD5Final 196 44 -152 > static.sha256_update 228 - -228 > static.sha1_update 240 - -240 > MD5Update 260 - -260 > sha1_finish 300 36 -264 > sha256_finish 404 36 -368 > MD5Transform 2552 - -2552 > sandbox: (for 1/1 boards) all +19312.0 data +1440.0 rodata -4128.0 text +22000.0 > sandbox : all +19312 data +1440 rodata -4128 text +22000 > u-boot: add: 258/-206, grow: 122/-59 bytes: 90286/-76286 (14000) > function old new delta > mbedtls_internal_sha1_process - 4982 +4982 > static.mbedtls_x509_crt_parse_der_internal - 4184 +4184 > static.pci_uclass_post_probe - 3570 +3570 > pkcs7_parse_message 361 3638 +3277 > static.sandbox_tpm2_xfer - 2605 +2605 > rsa_verify 541 2794 +2253 > mbedtls_internal_md5_process - 2189 +2189 > mbedtls_rsa_parse_pubkey - 2053 +2053 > mbedtls_rsa_private - 1813 +1813 > run_test 2220 3932 +1712 > mbedtls_mpi_exp_mod - 1649 +1649 > read_one_chunk - 1606 +1606 > x509_populate_cert - 1462 +1462 > mbedtls_mpi_div_mpi - 1459 +1459 > static.simple_panel_get_edid_timing - 1385 +1385 > static.sqfs_search_dir - 1336 +1336 > static.mbedtls_x509_dn_gets - 1305 +1305 > mbedtls_mpi_inv_mod - 1214 +1214 > mbedtls_rsa_rsaes_pkcs1_v15_decrypt - 1156 +1156 > mbedtls_x509_get_subject_alt_name_ext - 1155 +1155 > rsa_check_pair_wrap - 1018 +1018 > static.K - 896 +896 > oid_x520_attr_type - 840 +840 > static.pci_uclass_pre_probe - 832 +832 > read_persistent_digest - 825 +825 > ta_rpc_test_invoke_func - 812 +812 > ta_avb_invoke_func - 783 +783 > static.dm_pciauto_setup_device - 747 +747 > efi_load_image 4418 5157 +739 > static.pkcs7_get_signer_info - 671 +671 > static.dfu_bind - 637 +637 > efi_tcg2_hash_log_extend_event - 622 +622 > static.sqfs_frag_lookup - 605 +605 > mbedtls_mpi_core_montmul - 537 +537 > mbedtls_internal_sha512_process - 536 +536 > mbedtls_mpi_core_mla - 520 +520 > mbedtls_sha256_finish - 519 +519 > static.sqfs_resolve_symlink - 509 +509 > mbedtls_internal_sha256_process - 487 +487 > static.overlay_update_local_node_references - 483 +483 > mbedtls_x509_get_time - 483 +483 > mbedtls_mpi_mul_mpi - 479 +479 > mbedtls_x509_get_name - 470 +470 > mbedtls_pk_parse_subpubkey - 463 +463 > efi_tcg2_get_capability - 462 +462 > find_and_setup_root - 456 +456 > static.new_string - 450 +450 > static.set_string - 448 +448 > mbedtls_sha1_finish - 445 +445 > longest_match - 424 +424 > rsa_rsassa_pkcs1_v15_encode - 414 +414 > mbedtls_mpi_gcd - 413 +413 > load_full_partition - 413 +413 > static.get_languages - 402 +402 > static.efi_uninstall_protocol - 400 +400 > static.list_package_lists - 398 +398 > static.update_package_list - 374 +374 > static.efi_disconnect_all_drivers - 363 +363 > efi_tcg2_get_eventlog - 361 +361 > static.get_string - 360 +360 > oid_x509_ext - 360 +360 > static.new_package_list - 359 +359 > static.efi_convert_device_path_to_text - 359 +359 > static.get_keyboard_layout - 355 +355 > rsa_sign_wrap - 355 +355 > add_sub_mpi - 355 +355 > mbedtls_sha512_finish - 352 +352 > efi_tcg2_submit_command - 351 +351 > static.find_keyboard_layouts - 339 +339 > rsa_verify_wrap - 324 +324 > oid_sig_alg - 320 +320 > efi_tcg2_notify_exit_boot_services - 316 +316 > mbedtls_mpi_sub_abs - 315 +315 > static.append_device_path_instance - 311 +311 > static.get_secondary_languages - 301 +301 > rsa_encrypt_wrap - 294 +294 > static.hash_init_sha512 41 334 +293 > static.efi_convert_device_node_to_text - 293 +293 > static.get_next_device_path_instance - 290 +290 > spi_set_speed_mode - 287 +287 > static.buck_get_suspend_enable - 276 +276 > mbedtls_mpi_core_get_mont_r2_unsafe - 276 +276 > efi_tcg2_get_active_pcr_banks - 273 +273 > public_key - 270 +270 > static.buck_set_suspend_enable - 264 +264 > static.rsa_check_context - 260 +260 > public_key_verify_signature 419 678 +259 > __udivti3 - 248 +248 > mbedtls_rsa_public - 242 +242 > static.oid_md_alg - 240 +240 > mbedtls_asn1_get_alg - 238 +238 > static.get_package_list_handle - 231 +231 > static.dm_pciauto_exp_link_stable - 231 +231 > static.overlay_get_target - 224 +224 > mbedtls_mpi_shift_l - 224 +224 > mbedtls_pkcs7_free - 223 +223 > static.register_package_notify - 222 +222 > static.create_device_node - 222 +222 > mbedtls_mpi_fill_random - 221 +221 > static.dfu_handle - 213 +213 > static.usb_emul_find_devnum - 210 +210 > mbedtls_sha512_update - 209 +209 > static.remove_package_list - 208 +208 > static.export_package_lists - 206 +206 > static.montMul - 202 +202 > static.sqfs_tokenize - 201 +201 > static.is_device_path_multi_instance - 201 +201 > mbedtls_mpi_copy - 200 +200 > mbedtls_sha256_update - 197 +197 > static.set_keyboard_layout - 196 +196 > static.ldo_set_suspend_enable - 195 +195 > static.asn1_get_tagged_int - 194 +194 > static.get_device_path_size - 191 +191 > static.efi_open_volume - 191 +191 > static.append_device_path - 190 +190 > static.append_device_node - 188 +188 > static.ldo_get_suspend_enable - 182 +182 > mbedtls_pk_parse_public_key - 182 +182 > static.duplicate_device_path - 180 +180 > mbedtls_x509_crt_free - 177 +177 > static.mbedtls_sha1_update - 176 +176 > mbedtls_mpi_shift_r - 174 +174 > static.unregister_package_notify - 169 +169 > rsa_free_wrap - 161 +161 > mbedtls_mpi_cmp_mpi - 161 +161 > static.pkcs7_get_one_cert - 160 +160 > oid_pk_alg - 160 +160 > mbedtls_mpi_read_binary - 159 +159 > md5_wd 571 729 +158 > mbedtls_mpi_core_write_be - 154 +154 > static.switch_set_enable - 150 +150 > mbedtls_mpi_mod_mpi - 146 +146 > mbedtls_asn1_get_alg_null - 142 +142 > __alloc_extent_buffer - 142 +142 > static.pldo_set_enable - 141 +141 > mbedtls_mpi_cmp_abs - 141 +141 > mbedtls_mpi_mul_int - 138 +138 > mbedtls_asn1_get_len - 133 +133 > static.switch_get_enable - 130 +130 > static.nldo_set_enable - 130 +130 > static.overlay_adjust_node_phandles - 121 +121 > static.hash_init_sha256 41 161 +120 > mbedtls_mpi_grow - 120 +120 > reg_set_enable - 118 +118 > static.load_and_verify_vbmeta 10699 10814 +115 > mbedtls_rsa_check_pubkey - 109 +109 > static.pldo_get_enable - 108 +108 > static.mbedtls_asn1_get_bitstring - 108 +108 > x509_get_timestamp - 106 +106 > static.buck_get_suspend_value - 101 +101 > mbedtls_asn1_get_bool - 99 +99 > static.asn1_get_sequence_of_cb - 98 +98 > efi_reserve_memory - 97 +97 > mbedtls_rsa_info - 96 +96 > static.buck_set_suspend_value - 93 +93 > ldo_get_enable - 92 +92 > buck_get_enable - 92 +92 > data_gz 21219 21309 +90 > mbedtls_x509_get_serial - 88 +88 > mbedtls_mpi_resize_clear - 87 +87 > static.sqfs_read_entry - 86 +86 > static.nldo_get_enable - 83 +83 > mbedtls_mpi_bitlen - 82 +82 > static.x509_get_uid - 81 +81 > static.mbedtls_mpi_sub_int - 81 +81 > static.pldo_set_suspend_enable - 78 +78 > mbedtls_oid_get_md_alg - 78 +78 > ldo_set_enable - 77 +77 > buck_set_enable - 77 +77 > static.sqfs_count_tokens - 76 +76 > static.pldo_set_value - 75 +75 > static.pldo_set_suspend_value - 75 +75 > static.pldo_get_suspend_enable - 75 +75 > static.nldo_set_value - 75 +75 > static.nldo_set_suspend_value - 75 +75 > mbedtls_mpi_cmp_int - 75 +75 > find_device - 75 +75 > rsa_decrypt_wrap - 73 +73 > pta_scp03_invoke_func - 73 +73 > mbedtls_mpi_lset - 73 +73 > sha512_put_uint64_be - 72 +72 > mbedtls_md_info_from_type - 72 +72 > static.sqfs_disk_read - 69 +69 > static.sqfs_calc_n_blks - 69 +69 > static.simple_panel_set_backlight - 68 +68 > ldo_get_value - 67 +67 > buck_get_value - 67 +67 > static.nldo_set_suspend_enable - 65 +65 > free_extent_state_func - 65 +65 > static.nldo_get_suspend_enable - 64 +64 > sha1_starts - 64 +64 > mbedtls_mpi_lsb - 64 +64 > rsa_alloc_wrap - 62 +62 > mbedtls_pk_setup - 62 +62 > pkcs7_free_message 115 176 +61 > static.unicode_test_u16_strcmp - 60 +60 > rsa_debug - 60 +60 > lib_test_strlcat 1195 1255 +60 > public_key_signature_free - 58 +58 > static.x509_free_mbedtls_ctx - 57 +57 > static.nldo_get_value - 57 +57 > static.nldo_get_suspend_value - 57 +57 > x509_populate_dn_name_string - 56 +56 > efi_tcg2_protocol - 56 +56 > mbedtls_mpi_core_montmul_init - 55 +55 > static.pldo_get_value - 54 +54 > static.pldo_get_suspend_value - 54 +54 > mbedtls_asn1_get_bitstring_null - 53 +53 > efi_launch_capsules 3090 3142 +52 > static.pkcs7_free_signer_info - 51 +51 > static.ldo_set_suspend_value - 51 +51 > mbedtls_mpi_free - 51 +51 > static.mbedtls_mpi_core_bigendian_to_host - 50 +50 > mbedtls_asn1_get_tag - 50 +50 > event_log - 48 +48 > static.subM - 47 +47 > mbedtls_pk_free - 45 +45 > mbedtls_zeroize_and_free - 42 +42 > static.ldo_get_suspend_value - 38 +38 > static.sandbox_tpm2_get_desc - 35 +35 > efi_capsule_update_firmware 1354 1389 +35 > static.simple_panel_enable_backlight - 34 +34 > static.efi_firmware_get_image_info 696 730 +34 > x509_parse2_int - 33 +33 > ldo_set_value - 32 +32 > buck_set_value - 32 +32 > static.hash_init_sha1 75 105 +30 > mbedtls_asn1_sequence_free - 30 +30 > mbedtls_asn1_free_named_data_list_shallow - 30 +30 > efi_start_image 2492 2522 +30 > static.hash_finish_sha512 40 66 +26 > static.hash_finish_sha256 40 66 +26 > static.hash_finish_sha1 40 66 +26 > generic_phy_get_bulk 366 392 +26 > static.set_descriptors - 25 +25 > reboot_mode_probe 139 164 +25 > static.efi_open_protocol 495 519 +24 > static.mbedtls_mpi_get_bit - 23 +23 > sqfs_opendir 1655 1677 +22 > rsa_can_do - 22 +22 > efi_install_fdt 572 594 +22 > sha512_starts 132 152 +20 > mbedtls_sha512_free - 20 +20 > mbedtls_sha256_free - 20 +20 > mbedtls_sha1_free - 20 +20 > efi_query_capsule_caps 210 229 +19 > static.mbedtls_platform_zeroize - 18 +18 > sha256_starts 68 86 +18 > pta_scp03_open_session - 18 +18 > mbedtls_mpi_size - 18 +18 > c2 - 18 +18 > static.efi_cout_set_cursor_position 257 274 +17 > rsa_get_bitlen - 17 +17 > static.efi_register_notify_events - 16 +16 > static.efi_cout_query_mode 241 257 +16 > static.dfu_runtime_descs - 16 +16 > static.__reset_get_bulk 166 182 +16 > mbedtls_sha512_init - 16 +16 > efi_guid_tcg2_protocol - 16 +16 > efi_guid_final_events - 16 +16 > efi_file_info_guid - 16 +16 > clk_get_bulk 157 173 +16 > efi_tcg2_set_active_pcr_banks - 15 +15 > efi_tcg2_get_result_of_set_active_pcr_banks - 15 +15 > efi_pxe_base_code_arp - 15 +15 > unicode_test_utf8_utf16_strcpy 946 960 +14 > mbedtls_mpi_add_mpi - 14 +14 > c4 - 14 +14 > c1 - 14 +14 > efi_locate_device_path 541 554 +13 > efi_file_read_int 610 623 +13 > d4 - 13 +13 > rtc_days_in_month - 12 +12 > mbedtls_mpi_sub_mpi - 12 +12 > i2 - 12 +12 > static.efi_cin_unregister_key_notify 257 268 +11 > efi_auth_var_get_type 102 113 +11 > static.count_descriptors - 10 +10 > i1 - 10 +10 > fdt_overlay_apply 1887 1897 +10 > x509_free_certificate 115 124 +9 > static.efi_cout_output_string 534 543 +9 > static.efi_cin_reset_ex 185 194 +9 > static.efi_cin_reset 185 194 +9 > static.dfu_intf_runtime - 9 +9 > free_map_lookup - 9 +9 > static.memset_func - 8 +8 > static.efi_connect_controller 685 693 +8 > mbedtls_sha512_info - 8 +8 > mbedtls_sha384_info - 8 +8 > mbedtls_sha256_info - 8 +8 > mbedtls_sha1_info - 8 +8 > mbedtls_md5_info - 8 +8 > mbedtls_ct_zero - 8 +8 > i3 - 8 +8 > c3 - 8 +8 > unicode_test_utf8_utf16_strlen 443 450 +7 > unicode_test_utf16_utf8_strlen 443 450 +7 > unicode_test_utf16_utf8_strcpy 1021 1028 +7 > static.efi_firmware_raw_set_image 2312 2319 +7 > static.efi_cin_register_key_notify 296 303 +7 > static.efi_cin_read_key_stroke_ex 386 393 +7 > static.efi_cin_read_key_stroke 247 254 +7 > pci_bus_read_config 83 90 +7 > mpi_bigendian_to_host - 7 +7 > check_node_type 171 178 +7 > ta_rpc_test_open_session - 6 +6 > ta_avb_open_session - 6 +6 > j3 - 6 +6 > efi_signature_verify 1640 1646 +6 > j1 - 5 +5 > eficonfig_process_select_file 2179 2184 +5 > efi_protocol_open 408 413 +5 > efi_dp_from_file 274 279 +5 > crypt_sha512crypt_rn_wrapped 2408 2413 +5 > crypt_sha256crypt_rn_wrapped 1669 1674 +5 > unicode_test_u16_strlen 269 273 +4 > static.eficonfig_edit_boot_option 1567 1571 +4 > static.efi_purge_handle 150 154 +4 > static.avb_safe_memcmp 36 40 +4 > sqfs_find_inode 347 351 +4 > sqfs_dir_offset 101 105 +4 > pci_conv_32_to_size 46 50 +4 > pci_bus_find_devfn 121 125 +4 > fdt_subnode_offset_namelen 240 244 +4 > efi_unload_image 403 407 +4 > efi_search_obj 43 47 +4 > efi_delete_image 150 154 +4 > efi_close_protocol 229 233 +4 > efi_add_memory_map 34 38 +4 > do_bootefi_exec 444 448 +4 > dm_spi_release_bus 23 27 +4 > dm_spi_claim_bus 153 157 +4 > dm_pci_write_config8 10 14 +4 > dm_pci_write_config16 13 17 +4 > avb_validate_utf8 95 99 +4 > avb_descriptor_validate_and_byteswap 96 100 +4 > avb_descriptor_foreach 715 719 +4 > avb_be64toh 7 11 +4 > avb_be32toh 5 9 +4 > asymmetric_key_generate_id 109 113 +4 > unicode_test_u16_strncmp 377 380 +3 > unicode_test_u16_strlcat 840 843 +3 > unflatten_device_tree 274 277 +3 > str_upper 648 651 +3 > static.efi_reinstall_protocol_interface 277 280 +3 > static.efi_exit 668 671 +3 > sandbox_hub_bind 20 23 +3 > find_handle 314 317 +3 > eficonfig_file_selected 484 487 +3 > efi_firmware_get_lsv_from_dtb 369 372 +3 > efi_create_indexed_name 174 177 +3 > efi_auth_var_get_guid 85 88 +3 > SHA256_Update_recycled 76 79 +3 > unicode_test_utf8_utf16_strncpy 929 931 +2 > unicode_test_utf16_utf8_strncpy 921 923 +2 > static.tcg2_measure_variable 236 238 +2 > static.efi_cout_set_mode 222 224 +2 > static.do_env_print 1278 1280 +2 > prepare_file_selection_entry 400 402 +2 > eficonfig_boot_edit_save 96 98 +2 > eficonfig_add_change_boot_order_entry 346 348 +2 > eficonfig_add_boot_selection_entry 461 463 +2 > efi_str_to_u16 103 105 +2 > efi_serialize_load_option 260 262 +2 > efi_get_variable_mem 492 494 +2 > efi_file_setinfo 523 525 +2 > efi_file_getinfo 783 785 +2 > efi_convert_string 109 111 +2 > efi_binary_run 790 792 +2 > do_bootmenu 2154 2156 +2 > create_boot_option_entry 206 208 +2 > bootdev_hunt 366 368 +2 > add_packages 890 892 +2 > unicode_test_efi_create_indexed_name 481 482 +1 > u16_strsize 20 21 +1 > u16_strlcat 106 107 +1 > file_open 738 739 +1 > efi_var_mem_ins 257 258 +1 > cros_ec_spi_command 420 421 +1 > efi_update_capsule 427 426 -1 > byteReverse 1 - -1 > static.efi_cout_set_attribute 249 247 -2 > sha256_csum_wd 155 153 -2 > vidconsole_sync_copy 13 9 -4 > vidconsole_memmove 51 47 -4 > tcg2_uninit 212 208 -4 > static.hash_update_sha1 29 25 -4 > spi_find_chip_select 440 436 -4 > sha512_csum_wd 169 165 -4 > read_tree_block 1566 1562 -4 > read_allocated_block 2304 2300 -4 > put_ext4 383 379 -4 > free_extent_buffer 321 317 -4 > ext4fs_update_journal 893 889 -4 > ext4fs_read_inode 392 388 -4 > ext4fs_devread 34 30 -4 > efi_init_early 1055 1051 -4 > cros_ec_register 291 287 -4 > cros_ec_calc_checksum 27 23 -4 > cache_tree_free_extents 57 53 -4 > btrfs_setup_root 101 97 -4 > btrfs_scan_one_device 675 671 -4 > btrfs_release_all_roots 62 58 -4 > btrfs_read_dev_super 1228 1224 -4 > btrfs_free_path 38 34 -4 > btrfs_free_fs_info 53 49 -4 > btrfs_close_devices 136 132 -4 > static.hash_update_sha512 22 17 -5 > static.hash_update_sha256 22 17 -5 > lib_test_efi_dp_check_length 593 588 -5 > efi_stri_coll 252 247 -5 > cros_ec_i2c_command 409 404 -5 > static.ta_rpc_test_open_session 6 - -6 > static.ta_avb_open_session 6 - -6 > efi_str_to_fat 369 362 -7 > static.free_map_lookup 9 - -9 > efi_init_obj_list 5665 5656 -9 > dfu_intf_runtime 9 - -9 > count_descriptors 10 - -10 > rsa_verify_key 383 372 -11 > install_smbios_table 583 571 -12 > d5 12 - -12 > sha256_update 14 - -14 > efi_runtime_relocate 240 226 -14 > x509_akid_note_name 15 - -15 > static.efi_tcg2_set_active_pcr_banks 15 - -15 > static.efi_tcg2_get_result_of_set_active_pcr_banks 15 - -15 > static.efi_pxe_base_code_arp 15 - -15 > pkcs7_sig_note_skid 15 - -15 > pkcs7_sig_note_serial 15 - -15 > pkcs7_sig_note_issuer 15 - -15 > static.rsapubkey_action_table 16 - -16 > efi_register_notify_events 16 - -16 > efi_guid_event_group_return_to_efibootmgr 16 - -16 > efi_disk_probe 571 555 -16 > dfu_runtime_descs 16 - -16 > static.pta_scp03_open_session 18 - -18 > sha384_csum_wd 296 276 -20 > x509_note_serial 21 - -21 > tcg2_create_digest 718 697 -21 > static.hash_update_sha384 22 - -22 > pkcs7_check_content_type 22 - -22 > do_net_stats 371 349 -22 > x509_decoder 24 - -24 > x509_akid_decoder 24 - -24 > rsapubkey_decoder 24 - -24 > pkcs7_decoder 24 - -24 > mscode_machine 24 - -24 > mscode_decoder 24 - -24 > mscode_action_table 24 - -24 > set_descriptors 25 - -25 > efi_set_variable_int 2130 2105 -25 > x509_note_tbs_certificate 26 - -26 > x509_note_not_before 28 - -28 > x509_note_not_after 28 - -28 > pkcs7_note_data 28 - -28 > x509_note_issuer 30 - -30 > rsa_get_n 30 - -30 > static.ldo_set_value 113 81 -32 > static.buck_set_value 203 171 -32 > _u_boot_list_2_ut_lib_test_2_lib_asn1_x509 32 - -32 > _u_boot_list_2_ut_lib_test_2_lib_asn1_pkey 32 - -32 > _u_boot_list_2_ut_lib_test_2_lib_asn1_pkcs7 32 - -32 > sandbox_tpm2_get_desc 35 - -35 > x509_note_subject 36 - -36 > pkcs7_note_content 36 - -36 > simple_panel_enable_backlight 37 - -37 > sha1_csum_wd 209 171 -38 > ldo_get_suspend_value 38 - -38 > x509_akid_action_table 40 - -40 > static.hash_finish_sha384 40 - -40 > x509_note_params 41 - -41 > pkcs7_note_signeddata_version 41 - -41 > asn1_op_lengths 41 - -41 > subM 43 - -43 > efi_esrt_populate 1209 1165 -44 > ZSTD_decompressDCtx 7789 7745 -44 > pkcs7_note_certificate_list 46 - -46 > static.public_key_signature_free 48 - -48 > static.event_log 48 - -48 > mscode_note_digest 51 - -51 > ldo_set_suspend_value 51 - -51 > pldo_get_value 54 - -54 > pldo_get_suspend_value 54 - -54 > unicode_test_u16_strcmp 56 - -56 > static.efi_tcg2_protocol 56 - -56 > rsa_get_e 56 - -56 > nldo_get_value 57 - -57 > nldo_get_suspend_value 57 - -57 > x509_extract_name_segment 62 - -62 > sha256_padding 64 - -64 > sha1_padding 64 - -64 > nldo_get_suspend_enable 64 - -64 > static.free_extent_state_func 65 - -65 > sqfs_disk_read 65 - -65 > sqfs_calc_n_blks 65 - -65 > nldo_set_suspend_enable 65 - -65 > static.ldo_get_value 133 66 -67 > static.buck_get_value 196 129 -67 > simple_panel_set_backlight 68 - -68 > pkcs7_sig_note_signature 68 - -68 > static.__func__ 32530 32459 -71 > sqfs_count_tokens 72 - -72 > pkcs7_sig_note_set_of_authattrs 72 - -72 > static.pta_scp03_invoke_func 73 - -73 > pldo_set_value 75 - -75 > pldo_set_suspend_value 75 - -75 > pldo_get_suspend_enable 75 - -75 > pkcs7_sig_note_pkey_algo 75 - -75 > nldo_set_value 75 - -75 > nldo_set_suspend_value 75 - -75 > static.ldo_set_enable 370 293 -77 > static.buck_set_enable 482 405 -77 > pldo_set_suspend_enable 78 - -78 > static.find_device 79 - -79 > pkcs7_note_signerinfo_version 79 - -79 > x509_akid_note_kid 80 - -80 > x509_akid_note_serial 81 - -81 > pkcs7_extract_cert 81 - -81 > sqfs_read_entry 82 - -82 > nldo_get_enable 83 - -83 > sha512_finish 123 32 -91 > sha384_finish 123 32 -91 > static.ldo_get_enable 386 294 -92 > static.buck_get_enable 443 351 -92 > x509_akid_machine 93 - -93 > buck_set_suspend_value 93 - -93 > x509_extract_key_data 98 - -98 > static.efi_reserve_memory 101 - -101 > buck_get_suspend_value 101 - -101 > x509_action_table 104 - -104 > x509_note_OID 105 - -105 > pldo_get_enable 108 - -108 > x509_machine 113 - -113 > overlay_adjust_node_phandles 117 - -117 > static.reg_set_enable 118 - -118 > x509_process_extension 125 - -125 > x509_note_signature 129 - -129 > switch_get_enable 130 - -130 > nldo_set_enable 130 - -130 > pkcs7_note_OID 136 - -136 > pkcs7_action_table 136 - -136 > pldo_set_enable 141 - -141 > static.__alloc_extent_buffer 146 - -146 > switch_set_enable 150 - -150 > oid_index 150 - -150 > static.hash_init_sha384 152 - -152 > sha512_base_do_finalize 154 - -154 > unregister_package_notify 169 - -169 > duplicate_device_path 180 - -180 > ldo_get_suspend_enable 182 - -182 > pkcs7_note_signed_info 187 - -187 > append_device_node 188 - -188 > mscode_note_content_type 189 - -189 > pkcs7_sig_note_digest_algo 190 - -190 > append_device_path 190 - -190 > get_device_path_size 191 - -191 > efi_open_volume 191 - -191 > static.sha256_update 194 - -194 > static.sha512_base_do_update 195 - -195 > ldo_set_suspend_enable 195 - -195 > set_keyboard_layout 196 - -196 > sqfs_tokenize 197 - -197 > montMul 198 - -198 > is_device_path_multi_instance 201 - -201 > usb_emul_find_devnum 206 - -206 > export_package_lists 206 - -206 > look_up_OID 207 - -207 > remove_package_list 208 - -208 > dfu_handle 213 - -213 > static.sha1_update 216 - -216 > overlay_get_target 220 - -220 > register_package_notify 222 - -222 > create_device_node 222 - -222 > dm_pciauto_exp_link_stable 227 - -227 > get_package_list_handle 231 - -231 > pkcs7_machine 239 - -239 > static.sprint_oid 241 - -241 > lib_asn1_pkcs7 244 - -244 > sha256_k 256 - -256 > buck_set_suspend_enable 264 - -264 > pkcs7_sig_note_authenticated_attr 268 - -268 > static.efi_tcg2_get_active_pcr_banks 273 - -273 > buck_get_suspend_enable 276 - -276 > sha1_finish 288 - -288 > lib_asn1_pkey 290 - -290 > get_next_device_path_instance 290 - -290 > x509_note_pkey_algo 291 - -291 > static.spi_set_speed_mode 291 - -291 > efi_convert_device_node_to_text 293 - -293 > oid_search_table 296 - -296 > get_secondary_languages 301 - -301 > append_device_path_instance 311 - -311 > static.efi_tcg2_notify_exit_boot_services 316 - -316 > sha256_finish 357 32 -325 > mscode_note_digest_algo 327 - -327 > find_keyboard_layouts 339 - -339 > static.efi_tcg2_submit_command 351 - -351 > get_keyboard_layout 355 - -355 > new_package_list 359 - -359 > efi_disconnect_all_drivers 359 - -359 > efi_convert_device_path_to_text 359 - -359 > get_string 526 166 -360 > static.efi_tcg2_get_eventlog 361 - -361 > update_package_list 374 - -374 > efi_uninstall_protocol 396 - -396 > list_package_lists 398 - -398 > get_languages 402 - -402 > static.load_full_partition 417 - -417 > lib_asn1_x509 423 - -423 > static.x509_fabricate_name 428 - -428 > static.longest_match 428 - -428 > set_string 448 - -448 > new_string 450 - -450 > static.find_and_setup_root 460 - -460 > static.efi_tcg2_get_capability 462 - -462 > overlay_update_local_node_references 479 - -479 > sqfs_resolve_symlink 505 - -505 > oid_data 513 - -513 > static.public_key 540 - -540 > sqfs_frag_lookup 601 - -601 > static.efi_tcg2_hash_log_extend_event 622 - -622 > dfu_bind 637 - -637 > dm_pciauto_setup_device 743 - -743 > static.x509_decode_time 779 - -779 > static.ta_avb_invoke_func 783 - -783 > x509_cert_parse 973 179 -794 > static.ta_rpc_test_invoke_func 812 - -812 > static.read_persistent_digest 829 - -829 > pci_uclass_pre_probe 832 - -832 > cert_data 971 - -971 > sqfs_search_dir 1332 - -1332 > simple_panel_get_edid_timing 1381 - -1381 > asn1_ber_decoder 1511 - -1511 > static.read_one_chunk 1610 - -1610 > rsa_verify_with_pkey 1680 - -1680 > static.run_test 1710 - -1710 > sha512_block_fn 1714 - -1714 > image_pk7 1811 - -1811 > MD5Transform 1812 - -1812 > sandbox_tpm2_xfer 2605 - -2605 > pci_uclass_post_probe 3570 - -3570 > sha1_process_one 8090 - -8090 > sha256_process_one 9972 - -9972 > ``` > > Raymond Mao (28): > CI: Exclude MbedTLS subtree for CONFIG checks > mbedtls: add mbedtls into the build system > lib: Adapt digest header files to MbedTLS > md5: Remove md5 non-watchdog API > sha1: Remove sha1 non-watchdog API > mbedtls: add digest shim layer for MbedTLS > hash: integrate hash on mbedtls > mbedtls: Enable smaller implementation for SHA256/512 > mbedtls/external: support Microsoft Authentication Code > mbedtls/external: support PKCS9 Authenticate Attributes > mbedtls/external: support decoding multiple signer's cert > mbedtls/external: update MbedTLS PKCS7 test suites > public_key: move common functions to public key helper > x509: move common functions to x509 helper > pkcs7: move common functions to PKCS7 helper > mbedtls: add public key porting layer > lib/crypto: Adapt public_key header with MbedTLS > mbedtls: add X509 cert parser porting layer > lib/crypto: Adapt x509_cert_parser to MbedTLS > mbedtls: add PKCS7 parser porting layer > lib/crypto: Adapt PKCS7 parser to MbedTLS > mbedtls: add MSCode parser porting layer > lib/crypto: Adapt mscode_parser to MbedTLS > mbedtls: add RSA helper layer on MbedTLS > lib/rypto: Adapt rsa_helper to MbedTLS > asn1_decoder: add build options for ASN1 decoder > test: Remove ASN1 library test > configs: enable MbedTLS as default setting > > .azure-pipelines.yml | 3 +- > .gitlab-ci.yml | 3 +- > Makefile | 6 + > board/friendlyarm/nanopi2/board.c | 3 +- > board/gdsys/a38x/hre.c | 2 +- > board/intel/edison/edison.c | 3 +- > board/xilinx/zynq/bootimg.c | 2 +- > common/hash.c | 146 +++++ > configs/qemu_arm64_defconfig | 1 + > configs/sandbox_defconfig | 1 + > include/crypto/mscode.h | 4 + > include/crypto/pkcs7_parser.h | 56 ++ > include/crypto/public_key.h | 6 + > include/crypto/x509_parser.h | 55 ++ > include/limits.h | 25 + > include/linux/kernel.h | 13 +- > include/stdlib.h | 1 + > include/u-boot/md5.h | 14 +- > include/u-boot/sha1.h | 37 +- > include/u-boot/sha256.h | 20 + > include/u-boot/sha512.h | 9 + > lib/Kconfig | 4 + > lib/Makefile | 14 +- > lib/crypto/Kconfig | 2 +- > lib/crypto/Makefile | 16 +- > lib/crypto/asymmetric_type.c | 2 +- > lib/crypto/pkcs7_helper.c | 37 ++ > lib/crypto/pkcs7_parser.c | 28 - > lib/crypto/public_key.c | 31 -- > lib/crypto/public_key_helper.c | 39 ++ > lib/crypto/x509_helper.c | 64 +++ > lib/crypto/x509_public_key.c | 58 +- > lib/mbedtls/Kconfig | 424 +++++++++++++++ > lib/mbedtls/Makefile | 56 ++ > .../external/mbedtls/include/mbedtls/oid.h | 35 ++ > .../external/mbedtls/include/mbedtls/pkcs7.h | 21 + > lib/mbedtls/external/mbedtls/library/pkcs7.c | 154 ++++-- > .../tests/suites/test_suite_pkcs7.data | 4 +- > lib/mbedtls/mbedtls_def_config.h | 75 +++ > lib/mbedtls/md5.c | 57 ++ > lib/mbedtls/mscode_parser.c | 123 +++++ > lib/mbedtls/pkcs7_parser.c | 506 ++++++++++++++++++ > lib/mbedtls/port/assert.h | 12 + > lib/mbedtls/public_key.c | 82 +++ > lib/mbedtls/rsa_helper.c | 95 ++++ > lib/mbedtls/sha1.c | 99 ++++ > lib/mbedtls/sha256.c | 62 +++ > lib/mbedtls/sha512.c | 93 ++++ > lib/mbedtls/x509_cert_parser.c | 447 ++++++++++++++++ > lib/md5.c | 14 - > lib/sha1.c | 13 - > lib/tpm-v1.c | 2 +- > test/Kconfig | 2 +- > 53 files changed, 2849 insertions(+), 232 deletions(-) > create mode 100644 include/limits.h > create mode 100644 lib/crypto/pkcs7_helper.c > create mode 100644 lib/crypto/public_key_helper.c > create mode 100644 lib/crypto/x509_helper.c > create mode 100644 lib/mbedtls/Kconfig > create mode 100644 lib/mbedtls/Makefile > create mode 100644 lib/mbedtls/mbedtls_def_config.h > create mode 100644 lib/mbedtls/md5.c > create mode 100644 lib/mbedtls/mscode_parser.c > create mode 100644 lib/mbedtls/pkcs7_parser.c > create mode 100644 lib/mbedtls/port/assert.h > create mode 100644 lib/mbedtls/public_key.c > create mode 100644 lib/mbedtls/rsa_helper.c > create mode 100644 lib/mbedtls/sha1.c > create mode 100644 lib/mbedtls/sha256.c > create mode 100644 lib/mbedtls/sha512.c > create mode 100644 lib/mbedtls/x509_cert_parser.c > > -- > 2.25.1 >
On Fri, Aug 16, 2024 at 02:43:49PM -0700, Raymond Mao wrote: > Integrate MbedTLS v3.6 LTS (currently v3.6.0) with U-Boot. > > Motivations: > ------------ > > 1. MbedTLS is well maintained with LTS versions. > 2. LWIP is integrated with MbedTLS and easily to enable HTTPS. > 3. MbedTLS recently switched license back to GPLv2. Whereas I think v5 did well with global build with mbedTLS being the default option, v6 blows up so many places.
On Fri, 16 Aug 2024 14:43:49 -0700, Raymond Mao wrote: > Integrate MbedTLS v3.6 LTS (currently v3.6.0) with U-Boot. > > Motivations: > ------------ > > 1. MbedTLS is well maintained with LTS versions. > 2. LWIP is integrated with MbedTLS and easily to enable HTTPS. > 3. MbedTLS recently switched license back to GPLv2. > > [...] Applied to u-boot/next, thanks!
On Mon, Aug 19, 2024 at 06:28:39PM -0600, Tom Rini wrote: > On Fri, 16 Aug 2024 14:43:49 -0700, Raymond Mao wrote: > > > Integrate MbedTLS v3.6 LTS (currently v3.6.0) with U-Boot. > > > > Motivations: > > ------------ > > > > 1. MbedTLS is well maintained with LTS versions. > > 2. LWIP is integrated with MbedTLS and easily to enable HTTPS. > > 3. MbedTLS recently switched license back to GPLv2. > > > > [...] > > Applied to u-boot/next, thanks! ... I did not, I just forgot to remove this from my b4 list.
Hi Simon, On Sat, 17 Aug 2024 at 11:58, Simon Glass <sjg@chromium.org> wrote: > Hi Raymond, > > On Fri, 16 Aug 2024 at 15:44, Raymond Mao <raymond.mao@linaro.org> wrote: > > > > Integrate MbedTLS v3.6 LTS (currently v3.6.0) with U-Boot. > > > > Motivations: > > ------------ > > > > 1. MbedTLS is well maintained with LTS versions. > > 2. LWIP is integrated with MbedTLS and easily to enable HTTPS. > > 3. MbedTLS recently switched license back to GPLv2. > > > > Prerequisite: > > ------------- > > > > This patch series requires mbedtls git repo to be added as a > > subtree to the main U-Boot repo via: > > $ git subtree add --prefix lib/mbedtls/external/mbedtls \ > > https://github.com/Mbed-TLS/mbedtls.git \ > > v3.6.0 --squash > > Moreover, due to the Windows-style files from mbedtls git repo, > > we need to convert the CRLF endings to LF and do a commit manually: > > $ git add --renormalize . > > $ git commit > > > > New Kconfig options: > > -------------------- > > > > `MBEDTLS_LIB` is for MbedTLS general switch. > > `MBEDTLS_LIB_CRYPTO` is for replacing original digest and crypto libs > with > > MbedTLS. > > `MBEDTLS_LIB_X509` is for replacing original X509, PKCS7, MSCode, ASN1, > > and Pubkey parser with MbedTLS. > > `LEGACY_CRYPTO` is introduced as a main switch for legacy crypto library. > > `LEGACY_CRYPTO_BASIC` is for the basic crypto functionalities and > > `LEGACY_CRYPTO_CERT` is for the certificate related functionalities. > > For each of the algorithm, a pair of `<alg>_LEGACY` and `<alg>_MBEDTLS` > > Kconfig options are introduced. Meanwhile, `SPL_` Kconfig options are > > introduced. > > > > In this patch set, MBEDTLS_LIB, MBEDTLS_LIB_CRYPTO and MBEDTLS_LIB_X509 > > are by default enabled in qemu_arm64_defconfig and sandbox_defconfig > > for testing purpose. > > > > Patches for external MbedTLS project: > > ------------------------------------- > > > > Since U-Boot uses Microsoft Authentication Code to verify PE/COFFs > > executables which is not supported by MbedTLS at the moment, > > addtional patches for MbedTLS are created to adapt with the EFI loader: > > 1. Decoding of Microsoft Authentication Code. > > 2. Decoding of PKCS#9 Authenticate Attributes. > > 3. Extending MbedTLS PKCS#7 lib to support multiple signer's > certificates. > > 4. MbedTLS native test suites for PKCS#7 signer's info. > > > > All above 4 patches (tagged with `mbedtls/external`) are submitted to > > MbedTLS project and being reviewed, eventually they should be part of > > MbedTLS LTS release. > > But before that, please merge them into U-Boot, otherwise the building > > will be broken when MBEDTLS_LIB_X509 is enabled. > > > > See below PR link for the reference: > > https://github.com/Mbed-TLS/mbedtls/pull/9001 > > > > Miscellaneous: > > -------------- > > > > Optimized MbedTLS library size by tailoring the config file > > and disabling all unnecessary features for EFI loader. > > From v2, original libs (rsa, asn1_decoder, rsa_helper, md5, sha1, sha256, > > sha512) are completely replaced when MbedTLS is enabled. > > From v3, the size-growth is slightly reduced by refactoring Hash > functions. > > From v6, smaller implementations for SHA256 and SHA512 are enabled and > > target size reduce significantly. > > Target(QEMU arm64) size-growth when enabling MbedTLS: > > v1: 6.03% > > v2: 4.66% > > v3 - v5: 4.55% > > v6: 2.90% > > > > Please see the latest output from buildman for size-growth on QEMU arm64, > > Sandbox and Nanopi A64. [1] > > > > Tests done: > > ----------- > > > > EFI Secure Boot test (EFI variables loading and verifying, EFI signed > image > > verifying and booting) via U-Boot console. > > EFI Secure Boot and Capsule sandbox test passed. > > > > Known issues: > > ------------- > > > > None. > > I wonder if we could leave out the SHA stuff? The algorithms are > stable and this would seem to avoid much of the size growth, and all > the pain of trying to integrate another yet another hashing layer (we > already have normal, progressive and h/w acceleration, plus > UCLASS_HASH which h/w acceleration should use but that migration never > happened). I struggle to see any benefit in replacing U-Boot's very > solid hashing infra with something else, particularly as this series > adds yet another. Better to invest the time to refactor it. I asked > about this before and was told that it would happen 'later'. Let's > just not change it at all, then it is more likely someone will sort it > out. > > Unfortunately, MbedTLS depends on its own digest layer. Unless we patch MbedTLS to allow an external digest library from U-Boot ... > Also, if MbedTLS is wanting to be a general library for TLS (I assume > transport-local security, not thread-local storage) perhaps it might > consider changing to non-Windows newlines, or perhaps even kernel code > style? > > We can feedback this to the MbedTLS project when the first series are accepted. Regards, Raymond
Hi Tom, On Mon, 19 Aug 2024 at 17:04, Tom Rini <trini@konsulko.com> wrote: > On Fri, Aug 16, 2024 at 02:43:49PM -0700, Raymond Mao wrote: > > > Integrate MbedTLS v3.6 LTS (currently v3.6.0) with U-Boot. > > > > Motivations: > > ------------ > > > > 1. MbedTLS is well maintained with LTS versions. > > 2. LWIP is integrated with MbedTLS and easily to enable HTTPS. > > 3. MbedTLS recently switched license back to GPLv2. > > Whereas I think v5 did well with global build with mbedTLS being the > default option, v6 blows up so many places. > I didn't enable it except qemu_arm64, sandbox and nanopi_a64, I will run it on more platforms via CI. Regards, Raymond
Hi Simon, > I wonder if we could leave out the SHA stuff? The algorithms are One of the big advantages of the mbedtls when it comes to all things security is that it's seen a wide audit of it's code which for a lot of usecases is very useful from a security PoV, I'm not sure the amount of audit the U-Boot in project code has had, I'm sure there has been but I've not seen anything published. > stable and this would seem to avoid much of the size growth, and all > the pain of trying to integrate another yet another hashing layer (we > already have normal, progressive and h/w acceleration, plus What's the difference between the first two? > UCLASS_HASH which h/w acceleration should use but that migration never How hard would it be for UCLASS_HASH to use the mbed hashing underneath? > happened). I struggle to see any benefit in replacing U-Boot's very > solid hashing infra with something else, particularly as this series I would need to look at the HW support in both U-Boot and mbedtls but given wider use of mbedtls I bet adding HW support there that U-Boot could utilise may be more apertising to most HW vendors as it means they only have to write one set of code and have it used much more widely. > adds yet another. Better to invest the time to refactor it. I asked > about this before and was told that it would happen 'later'. Let's > just not change it at all, then it is more likely someone will sort it What, like the HW support in UCLASS_HASH? Things clearly don't work like that. > Also, if MbedTLS is wanting to be a general library for TLS (I assume > transport-local security, not thread-local storage) perhaps it might > consider changing to non-Windows newlines, or perhaps even kernel code > style? I think the newlines might be a possible ask, they are generally receptive to change (they relicensed it to be a dual license compatible with U-Boot when asked), I don't think forcing a separate to the kernel project to a kernel code style is a fair request. Regards, Peter
On Wed, Sep 04, 2024 at 01:48:43PM +0100, Peter Robinson wrote: > Hi Simon, > > > I wonder if we could leave out the SHA stuff? The algorithms are > > One of the big advantages of the mbedtls when it comes to all things > security is that it's seen a wide audit of it's code which for a lot > of usecases is very useful from a security PoV, I'm not sure the > amount of audit the U-Boot in project code has had, I'm sure there has > been but I've not seen anything published. Yes, it's a positive in my mind to bring in the assorted hashing algorithms from mbedTLS here. > > stable and this would seem to avoid much of the size growth, and all > > the pain of trying to integrate another yet another hashing layer (we > > already have normal, progressive and h/w acceleration, plus > > What's the difference between the first two? > > > UCLASS_HASH which h/w acceleration should use but that migration never > > How hard would it be for UCLASS_HASH to use the mbed hashing underneath? This, long term, is what I would like to see figured out how to do. > > happened). I struggle to see any benefit in replacing U-Boot's very > > solid hashing infra with something else, particularly as this series > > I would need to look at the HW support in both U-Boot and mbedtls but > given wider use of mbedtls I bet adding HW support there that U-Boot > could utilise may be more apertising to most HW vendors as it means > they only have to write one set of code and have it used much more > widely. We had some discussion in earlier iterations about HW acceleration for the algorithms for mbedTLS and I thought this version of the series exposed what was available when it's available (like the ARM crc32 instructions can be used, but not the full HW accelerators of some other HW platforms) ? > > adds yet another. Better to invest the time to refactor it. I asked > > about this before and was told that it would happen 'later'. Let's > > just not change it at all, then it is more likely someone will sort it > > What, like the HW support in UCLASS_HASH? Things clearly don't work like that. Yes, I too am OK with figuring out what needs to be done here, if all that much / anything really, honestly, afterwards. Maybe common/hash.c needs to be split up, but "do something very clever to the hash_algo table" sounds like something that could be a lot of effort for questionable gains (and possibly some losses wrt code size). > > Also, if MbedTLS is wanting to be a general library for TLS (I assume > > transport-local security, not thread-local storage) perhaps it might > > consider changing to non-Windows newlines, or perhaps even kernel code > > style? > > I think the newlines might be a possible ask, they are generally > receptive to change (they relicensed it to be a dual license > compatible with U-Boot when asked), I don't think forcing a separate > to the kernel project to a kernel code style is a fair request. While it would be nice for newlines to change, I'm not sure it's strictly needed? One of the first steps in the process is fixing those, and I believe git handles subsequent re-merges fine. And yes, just like other external code we aren't really in a position to demand (nor should we, nor expect someone else to) rework their codebase.
Hi Raymond, On Tue, 3 Sept 2024 at 08:59, Raymond Mao <raymond.mao@linaro.org> wrote: > > Hi Simon, > > On Sat, 17 Aug 2024 at 11:58, Simon Glass <sjg@chromium.org> wrote: >> >> Hi Raymond, >> >> On Fri, 16 Aug 2024 at 15:44, Raymond Mao <raymond.mao@linaro.org> wrote: >> > >> > Integrate MbedTLS v3.6 LTS (currently v3.6.0) with U-Boot. >> > >> > Motivations: >> > ------------ >> > >> > 1. MbedTLS is well maintained with LTS versions. >> > 2. LWIP is integrated with MbedTLS and easily to enable HTTPS. >> > 3. MbedTLS recently switched license back to GPLv2. >> > >> > Prerequisite: >> > ------------- >> > >> > This patch series requires mbedtls git repo to be added as a >> > subtree to the main U-Boot repo via: >> > $ git subtree add --prefix lib/mbedtls/external/mbedtls \ >> > https://github.com/Mbed-TLS/mbedtls.git \ >> > v3.6.0 --squash >> > Moreover, due to the Windows-style files from mbedtls git repo, >> > we need to convert the CRLF endings to LF and do a commit manually: >> > $ git add --renormalize . >> > $ git commit >> > >> > New Kconfig options: >> > -------------------- >> > >> > `MBEDTLS_LIB` is for MbedTLS general switch. >> > `MBEDTLS_LIB_CRYPTO` is for replacing original digest and crypto libs with >> > MbedTLS. >> > `MBEDTLS_LIB_X509` is for replacing original X509, PKCS7, MSCode, ASN1, >> > and Pubkey parser with MbedTLS. >> > `LEGACY_CRYPTO` is introduced as a main switch for legacy crypto library. >> > `LEGACY_CRYPTO_BASIC` is for the basic crypto functionalities and >> > `LEGACY_CRYPTO_CERT` is for the certificate related functionalities. >> > For each of the algorithm, a pair of `<alg>_LEGACY` and `<alg>_MBEDTLS` >> > Kconfig options are introduced. Meanwhile, `SPL_` Kconfig options are >> > introduced. >> > >> > In this patch set, MBEDTLS_LIB, MBEDTLS_LIB_CRYPTO and MBEDTLS_LIB_X509 >> > are by default enabled in qemu_arm64_defconfig and sandbox_defconfig >> > for testing purpose. >> > >> > Patches for external MbedTLS project: >> > ------------------------------------- >> > >> > Since U-Boot uses Microsoft Authentication Code to verify PE/COFFs >> > executables which is not supported by MbedTLS at the moment, >> > addtional patches for MbedTLS are created to adapt with the EFI loader: >> > 1. Decoding of Microsoft Authentication Code. >> > 2. Decoding of PKCS#9 Authenticate Attributes. >> > 3. Extending MbedTLS PKCS#7 lib to support multiple signer's certificates. >> > 4. MbedTLS native test suites for PKCS#7 signer's info. >> > >> > All above 4 patches (tagged with `mbedtls/external`) are submitted to >> > MbedTLS project and being reviewed, eventually they should be part of >> > MbedTLS LTS release. >> > But before that, please merge them into U-Boot, otherwise the building >> > will be broken when MBEDTLS_LIB_X509 is enabled. >> > >> > See below PR link for the reference: >> > https://github.com/Mbed-TLS/mbedtls/pull/9001 >> > >> > Miscellaneous: >> > -------------- >> > >> > Optimized MbedTLS library size by tailoring the config file >> > and disabling all unnecessary features for EFI loader. >> > From v2, original libs (rsa, asn1_decoder, rsa_helper, md5, sha1, sha256, >> > sha512) are completely replaced when MbedTLS is enabled. >> > From v3, the size-growth is slightly reduced by refactoring Hash functions. >> > From v6, smaller implementations for SHA256 and SHA512 are enabled and >> > target size reduce significantly. >> > Target(QEMU arm64) size-growth when enabling MbedTLS: >> > v1: 6.03% >> > v2: 4.66% >> > v3 - v5: 4.55% >> > v6: 2.90% >> > >> > Please see the latest output from buildman for size-growth on QEMU arm64, >> > Sandbox and Nanopi A64. [1] >> > >> > Tests done: >> > ----------- >> > >> > EFI Secure Boot test (EFI variables loading and verifying, EFI signed image >> > verifying and booting) via U-Boot console. >> > EFI Secure Boot and Capsule sandbox test passed. >> > >> > Known issues: >> > ------------- >> > >> > None. >> >> I wonder if we could leave out the SHA stuff? The algorithms are >> stable and this would seem to avoid much of the size growth, and all >> the pain of trying to integrate another yet another hashing layer (we >> already have normal, progressive and h/w acceleration, plus >> UCLASS_HASH which h/w acceleration should use but that migration never >> happened). I struggle to see any benefit in replacing U-Boot's very >> solid hashing infra with something else, particularly as this series >> adds yet another. Better to invest the time to refactor it. I asked >> about this before and was told that it would happen 'later'. Let's >> just not change it at all, then it is more likely someone will sort it >> out. >> > Unfortunately, MbedTLS depends on its own digest layer. Unless we patch MbedTLS > to allow an external digest library from U-Boot ... Yes that sounds best. It looks like only a few call sites, so it should be a matter of leaving out the MbedTLS code and adding some static inlines. > >> >> Also, if MbedTLS is wanting to be a general library for TLS (I assume >> transport-local security, not thread-local storage) perhaps it might >> consider changing to non-Windows newlines, or perhaps even kernel code >> style? >> > We can feedback this to the MbedTLS project when the first series are accepted. OK. Regards, Simon
Hi, On Wed, 4 Sept 2024 at 06:48, Peter Robinson <pbrobinson@gmail.com> wrote: > > Hi Simon, > > > I wonder if we could leave out the SHA stuff? The algorithms are > > One of the big advantages of the mbedtls when it comes to all things > security is that it's seen a wide audit of it's code which for a lot > of usecases is very useful from a security PoV, I'm not sure the > amount of audit the U-Boot in project code has had, I'm sure there has > been but I've not seen anything published. Definitely the hash routines and signing have been audited, in fact there was at least one bug that came out of it, although not in the hash routines themselves, which are solid. > > > stable and this would seem to avoid much of the size growth, and all > > the pain of trying to integrate another yet another hashing layer (we > > already have normal, progressive and h/w acceleration, plus > > What's the difference between the first two? Normal hashes the whole lot at once. Progressive does things a chunk at a time, to be watchdog-friendly. If CPUs are fast enough (and watchdogs lax enough), perhaps we don't need that code? > > > UCLASS_HASH which h/w acceleration should use but that migration never > > How hard would it be for UCLASS_HASH to use the mbed hashing underneath? I really don't see the point as there is nothing wrong with U-Boot's hashing, so far as I know. Half the patches in this series would likely not be necessary? But there is a hash_sw driver for UCLASS_HASH, which results in using software hashing, if hardware acceleration is not available. > > > happened). I struggle to see any benefit in replacing U-Boot's very > > solid hashing infra with something else, particularly as this series > > I would need to look at the HW support in both U-Boot and mbedtls but > given wider use of mbedtls I bet adding HW support there that U-Boot > could utilise may be more apertising to most HW vendors as it means > they only have to write one set of code and have it used much more > widely. I'm really not sure that mbedtls has wider use than U-Boot :-) Yes, anything is possible in software, but I worry we might create Frankenstein's monster. U-Boot's acceleration stuff works fine and has a proper drive model. For example, with ast2500 it automatically does the right thing with the "aspeed,ast2600-hace" (compatible) node. > > > adds yet another. Better to invest the time to refactor it. I asked > > about this before and was told that it would happen 'later'. Let's > > just not change it at all, then it is more likely someone will sort it > > What, like the HW support in UCLASS_HASH? Things clearly don't work like that. Well, the big challenge here was the difficulty of avoiding *any* size growth, when I wrote common/hash.c - perhaps with the large features going in, this might be less important. > > > Also, if MbedTLS is wanting to be a general library for TLS (I assume > > transport-local security, not thread-local storage) perhaps it might > > consider changing to non-Windows newlines, or perhaps even kernel code > > style? > > I think the newlines might be a possible ask, they are generally > receptive to change (they relicensed it to be a dual license > compatible with U-Boot when asked), I don't think forcing a separate > to the kernel project to a kernel code style is a fair request. OK. So long as I don't have to change the code... but with this series there is an increase in the code debt in common/hash.c which I'm really not keen on, sorry. Regards, Simon
Hi Tom On Wed, 4 Sept 2024 at 19:43, Tom Rini <trini@konsulko.com> wrote: > > On Wed, Sep 04, 2024 at 01:48:43PM +0100, Peter Robinson wrote: > > Hi Simon, > > > > > I wonder if we could leave out the SHA stuff? The algorithms are > > > > One of the big advantages of the mbedtls when it comes to all things > > security is that it's seen a wide audit of it's code which for a lot > > of usecases is very useful from a security PoV, I'm not sure the > > amount of audit the U-Boot in project code has had, I'm sure there has > > been but I've not seen anything published. > > Yes, it's a positive in my mind to bring in the assorted hashing > algorithms from mbedTLS here. Exactly. So apart from the know shaXXX there's other alogrithms we can pull directly -- e.g SM2/3/4. In any case, I looked into mbedTLS. You can override the default hashing algos with MBEDTLS_SHA256_ALT etc definitions in the config entry but I don't see the point. > > > > stable and this would seem to avoid much of the size growth, and all > > > the pain of trying to integrate another yet another hashing layer (we > > > already have normal, progressive and h/w acceleration, plus > > > > What's the difference between the first two? > > > > > UCLASS_HASH which h/w acceleration should use but that migration never > > [...] Thanks /Ilias
On Fri, 6 Sept 2024 at 01:44, Simon Glass <sjg@chromium.org> wrote: > > Hi, > > On Wed, 4 Sept 2024 at 06:48, Peter Robinson <pbrobinson@gmail.com> wrote: > > > > Hi Simon, > > > > > I wonder if we could leave out the SHA stuff? The algorithms are > > > > One of the big advantages of the mbedtls when it comes to all things > > security is that it's seen a wide audit of it's code which for a lot > > of usecases is very useful from a security PoV, I'm not sure the > > amount of audit the U-Boot in project code has had, I'm sure there has > > been but I've not seen anything published. > > Definitely the hash routines and signing have been audited, in fact > there was at least one bug that came out of it, although not in the > hash routines themselves, which are solid. > > > > > > stable and this would seem to avoid much of the size growth, and all > > > the pain of trying to integrate another yet another hashing layer (we > > > already have normal, progressive and h/w acceleration, plus > > > > What's the difference between the first two? > > Normal hashes the whole lot at once. Progressive does things a chunk > at a time, to be watchdog-friendly. If CPUs are fast enough (and > watchdogs lax enough), perhaps we don't need that code? > > > > > > UCLASS_HASH which h/w acceleration should use but that migration never > > > > How hard would it be for UCLASS_HASH to use the mbed hashing underneath? > > I really don't see the point as there is nothing wrong with U-Boot's > hashing, so far as I know. Half the patches in this series would > likely not be necessary? > > But there is a hash_sw driver for UCLASS_HASH, which results in using > software hashing, if hardware acceleration is not available. > > > > > > happened). I struggle to see any benefit in replacing U-Boot's very > > > solid hashing infra with something else, particularly as this series > > > > I would need to look at the HW support in both U-Boot and mbedtls but > > given wider use of mbedtls I bet adding HW support there that U-Boot > > could utilise may be more apertising to most HW vendors as it means > > they only have to write one set of code and have it used much more > > widely. > > I'm really not sure that mbedtls has wider use than U-Boot :-) It's used extensively in RTOSes such as zephyr, micropython, FreeRTOS just to name a few places I'm aware of. > Yes, anything is possible in software, but I worry we might create > Frankenstein's monster. U-Boot's acceleration stuff works fine and has > a proper drive model. For example, with ast2500 it automatically does > the right thing with the "aspeed,ast2600-hace" (compatible) node. > > > > > > adds yet another. Better to invest the time to refactor it. I asked > > > about this before and was told that it would happen 'later'. Let's > > > just not change it at all, then it is more likely someone will sort it > > > > What, like the HW support in UCLASS_HASH? Things clearly don't work like that. > > Well, the big challenge here was the difficulty of avoiding *any* size > growth, when I wrote common/hash.c - perhaps with the large features > going in, this might be less important. > > > > > > Also, if MbedTLS is wanting to be a general library for TLS (I assume > > > transport-local security, not thread-local storage) perhaps it might > > > consider changing to non-Windows newlines, or perhaps even kernel code > > > style? > > > > I think the newlines might be a possible ask, they are generally > > receptive to change (they relicensed it to be a dual license > > compatible with U-Boot when asked), I don't think forcing a separate > > to the kernel project to a kernel code style is a fair request. > > OK. So long as I don't have to change the code... but with this series > there is an increase in the code debt in common/hash.c which I'm > really not keen on, sorry. > > Regards, > Simon
Hi Simon, On Thu, 5 Sept 2024 at 20:43, Simon Glass <sjg@chromium.org> wrote: > Hi Raymond, > > On Tue, 3 Sept 2024 at 08:59, Raymond Mao <raymond.mao@linaro.org> wrote: > > > > Hi Simon, > > > > On Sat, 17 Aug 2024 at 11:58, Simon Glass <sjg@chromium.org> wrote: > >> > >> Hi Raymond, > >> > >> On Fri, 16 Aug 2024 at 15:44, Raymond Mao <raymond.mao@linaro.org> > wrote: > >> > > >> > Integrate MbedTLS v3.6 LTS (currently v3.6.0) with U-Boot. > >> > > >> > Motivations: > >> > ------------ > >> > > >> > 1. MbedTLS is well maintained with LTS versions. > >> > 2. LWIP is integrated with MbedTLS and easily to enable HTTPS. > >> > 3. MbedTLS recently switched license back to GPLv2. > >> > > >> > Prerequisite: > >> > ------------- > >> > > >> > This patch series requires mbedtls git repo to be added as a > >> > subtree to the main U-Boot repo via: > >> > $ git subtree add --prefix lib/mbedtls/external/mbedtls \ > >> > https://github.com/Mbed-TLS/mbedtls.git \ > >> > v3.6.0 --squash > >> > Moreover, due to the Windows-style files from mbedtls git repo, > >> > we need to convert the CRLF endings to LF and do a commit manually: > >> > $ git add --renormalize . > >> > $ git commit > >> > > >> > New Kconfig options: > >> > -------------------- > >> > > >> > `MBEDTLS_LIB` is for MbedTLS general switch. > >> > `MBEDTLS_LIB_CRYPTO` is for replacing original digest and crypto libs > with > >> > MbedTLS. > >> > `MBEDTLS_LIB_X509` is for replacing original X509, PKCS7, MSCode, > ASN1, > >> > and Pubkey parser with MbedTLS. > >> > `LEGACY_CRYPTO` is introduced as a main switch for legacy crypto > library. > >> > `LEGACY_CRYPTO_BASIC` is for the basic crypto functionalities and > >> > `LEGACY_CRYPTO_CERT` is for the certificate related functionalities. > >> > For each of the algorithm, a pair of `<alg>_LEGACY` and > `<alg>_MBEDTLS` > >> > Kconfig options are introduced. Meanwhile, `SPL_` Kconfig options are > >> > introduced. > >> > > >> > In this patch set, MBEDTLS_LIB, MBEDTLS_LIB_CRYPTO and > MBEDTLS_LIB_X509 > >> > are by default enabled in qemu_arm64_defconfig and sandbox_defconfig > >> > for testing purpose. > >> > > >> > Patches for external MbedTLS project: > >> > ------------------------------------- > >> > > >> > Since U-Boot uses Microsoft Authentication Code to verify PE/COFFs > >> > executables which is not supported by MbedTLS at the moment, > >> > addtional patches for MbedTLS are created to adapt with the EFI > loader: > >> > 1. Decoding of Microsoft Authentication Code. > >> > 2. Decoding of PKCS#9 Authenticate Attributes. > >> > 3. Extending MbedTLS PKCS#7 lib to support multiple signer's > certificates. > >> > 4. MbedTLS native test suites for PKCS#7 signer's info. > >> > > >> > All above 4 patches (tagged with `mbedtls/external`) are submitted to > >> > MbedTLS project and being reviewed, eventually they should be part of > >> > MbedTLS LTS release. > >> > But before that, please merge them into U-Boot, otherwise the building > >> > will be broken when MBEDTLS_LIB_X509 is enabled. > >> > > >> > See below PR link for the reference: > >> > https://github.com/Mbed-TLS/mbedtls/pull/9001 > >> > > >> > Miscellaneous: > >> > -------------- > >> > > >> > Optimized MbedTLS library size by tailoring the config file > >> > and disabling all unnecessary features for EFI loader. > >> > From v2, original libs (rsa, asn1_decoder, rsa_helper, md5, sha1, > sha256, > >> > sha512) are completely replaced when MbedTLS is enabled. > >> > From v3, the size-growth is slightly reduced by refactoring Hash > functions. > >> > From v6, smaller implementations for SHA256 and SHA512 are enabled and > >> > target size reduce significantly. > >> > Target(QEMU arm64) size-growth when enabling MbedTLS: > >> > v1: 6.03% > >> > v2: 4.66% > >> > v3 - v5: 4.55% > >> > v6: 2.90% > >> > > >> > Please see the latest output from buildman for size-growth on QEMU > arm64, > >> > Sandbox and Nanopi A64. [1] > >> > > >> > Tests done: > >> > ----------- > >> > > >> > EFI Secure Boot test (EFI variables loading and verifying, EFI signed > image > >> > verifying and booting) via U-Boot console. > >> > EFI Secure Boot and Capsule sandbox test passed. > >> > > >> > Known issues: > >> > ------------- > >> > > >> > None. > >> > >> I wonder if we could leave out the SHA stuff? The algorithms are > >> stable and this would seem to avoid much of the size growth, and all > >> the pain of trying to integrate another yet another hashing layer (we > >> already have normal, progressive and h/w acceleration, plus > >> UCLASS_HASH which h/w acceleration should use but that migration never > >> happened). I struggle to see any benefit in replacing U-Boot's very > >> solid hashing infra with something else, particularly as this series > >> adds yet another. Better to invest the time to refactor it. I asked > >> about this before and was told that it would happen 'later'. Let's > >> just not change it at all, then it is more likely someone will sort it > >> out. > >> > > Unfortunately, MbedTLS depends on its own digest layer. Unless we patch > MbedTLS > > to allow an external digest library from U-Boot ... > > Yes that sounds best. It looks like only a few call sites, so it > should be a matter of leaving out the MbedTLS code and adding some > static inlines. > > Inspired by Ilias's reply to patch #7, though we can use the MbedTLS hash alternative options, we still need to convert all U-Boot hash APIs to adapt to the MbedTLS style. This will impact all callers in U-Boot and I don't think it worth to do, at least now. As the first patch set to introduce MbedTLS to U-Boot with turning on all necessary features, I think this patch set is in the best way with an overall consideration. [snip] Raymond
On Fri, Sep 06, 2024 at 10:50:15AM -0400, Raymond Mao wrote: > Hi Simon, > > On Thu, 5 Sept 2024 at 20:43, Simon Glass <sjg@chromium.org> wrote: > > > Hi Raymond, > > > > On Tue, 3 Sept 2024 at 08:59, Raymond Mao <raymond.mao@linaro.org> wrote: > > > > > > Hi Simon, > > > > > > On Sat, 17 Aug 2024 at 11:58, Simon Glass <sjg@chromium.org> wrote: > > >> > > >> Hi Raymond, > > >> > > >> On Fri, 16 Aug 2024 at 15:44, Raymond Mao <raymond.mao@linaro.org> > > wrote: > > >> > > > >> > Integrate MbedTLS v3.6 LTS (currently v3.6.0) with U-Boot. > > >> > > > >> > Motivations: > > >> > ------------ > > >> > > > >> > 1. MbedTLS is well maintained with LTS versions. > > >> > 2. LWIP is integrated with MbedTLS and easily to enable HTTPS. > > >> > 3. MbedTLS recently switched license back to GPLv2. > > >> > > > >> > Prerequisite: > > >> > ------------- > > >> > > > >> > This patch series requires mbedtls git repo to be added as a > > >> > subtree to the main U-Boot repo via: > > >> > $ git subtree add --prefix lib/mbedtls/external/mbedtls \ > > >> > https://github.com/Mbed-TLS/mbedtls.git \ > > >> > v3.6.0 --squash > > >> > Moreover, due to the Windows-style files from mbedtls git repo, > > >> > we need to convert the CRLF endings to LF and do a commit manually: > > >> > $ git add --renormalize . > > >> > $ git commit > > >> > > > >> > New Kconfig options: > > >> > -------------------- > > >> > > > >> > `MBEDTLS_LIB` is for MbedTLS general switch. > > >> > `MBEDTLS_LIB_CRYPTO` is for replacing original digest and crypto libs > > with > > >> > MbedTLS. > > >> > `MBEDTLS_LIB_X509` is for replacing original X509, PKCS7, MSCode, > > ASN1, > > >> > and Pubkey parser with MbedTLS. > > >> > `LEGACY_CRYPTO` is introduced as a main switch for legacy crypto > > library. > > >> > `LEGACY_CRYPTO_BASIC` is for the basic crypto functionalities and > > >> > `LEGACY_CRYPTO_CERT` is for the certificate related functionalities. > > >> > For each of the algorithm, a pair of `<alg>_LEGACY` and > > `<alg>_MBEDTLS` > > >> > Kconfig options are introduced. Meanwhile, `SPL_` Kconfig options are > > >> > introduced. > > >> > > > >> > In this patch set, MBEDTLS_LIB, MBEDTLS_LIB_CRYPTO and > > MBEDTLS_LIB_X509 > > >> > are by default enabled in qemu_arm64_defconfig and sandbox_defconfig > > >> > for testing purpose. > > >> > > > >> > Patches for external MbedTLS project: > > >> > ------------------------------------- > > >> > > > >> > Since U-Boot uses Microsoft Authentication Code to verify PE/COFFs > > >> > executables which is not supported by MbedTLS at the moment, > > >> > addtional patches for MbedTLS are created to adapt with the EFI > > loader: > > >> > 1. Decoding of Microsoft Authentication Code. > > >> > 2. Decoding of PKCS#9 Authenticate Attributes. > > >> > 3. Extending MbedTLS PKCS#7 lib to support multiple signer's > > certificates. > > >> > 4. MbedTLS native test suites for PKCS#7 signer's info. > > >> > > > >> > All above 4 patches (tagged with `mbedtls/external`) are submitted to > > >> > MbedTLS project and being reviewed, eventually they should be part of > > >> > MbedTLS LTS release. > > >> > But before that, please merge them into U-Boot, otherwise the building > > >> > will be broken when MBEDTLS_LIB_X509 is enabled. > > >> > > > >> > See below PR link for the reference: > > >> > https://github.com/Mbed-TLS/mbedtls/pull/9001 > > >> > > > >> > Miscellaneous: > > >> > -------------- > > >> > > > >> > Optimized MbedTLS library size by tailoring the config file > > >> > and disabling all unnecessary features for EFI loader. > > >> > From v2, original libs (rsa, asn1_decoder, rsa_helper, md5, sha1, > > sha256, > > >> > sha512) are completely replaced when MbedTLS is enabled. > > >> > From v3, the size-growth is slightly reduced by refactoring Hash > > functions. > > >> > From v6, smaller implementations for SHA256 and SHA512 are enabled and > > >> > target size reduce significantly. > > >> > Target(QEMU arm64) size-growth when enabling MbedTLS: > > >> > v1: 6.03% > > >> > v2: 4.66% > > >> > v3 - v5: 4.55% > > >> > v6: 2.90% > > >> > > > >> > Please see the latest output from buildman for size-growth on QEMU > > arm64, > > >> > Sandbox and Nanopi A64. [1] > > >> > > > >> > Tests done: > > >> > ----------- > > >> > > > >> > EFI Secure Boot test (EFI variables loading and verifying, EFI signed > > image > > >> > verifying and booting) via U-Boot console. > > >> > EFI Secure Boot and Capsule sandbox test passed. > > >> > > > >> > Known issues: > > >> > ------------- > > >> > > > >> > None. > > >> > > >> I wonder if we could leave out the SHA stuff? The algorithms are > > >> stable and this would seem to avoid much of the size growth, and all > > >> the pain of trying to integrate another yet another hashing layer (we > > >> already have normal, progressive and h/w acceleration, plus > > >> UCLASS_HASH which h/w acceleration should use but that migration never > > >> happened). I struggle to see any benefit in replacing U-Boot's very > > >> solid hashing infra with something else, particularly as this series > > >> adds yet another. Better to invest the time to refactor it. I asked > > >> about this before and was told that it would happen 'later'. Let's > > >> just not change it at all, then it is more likely someone will sort it > > >> out. > > >> > > > Unfortunately, MbedTLS depends on its own digest layer. Unless we patch > > MbedTLS > > > to allow an external digest library from U-Boot ... > > > > Yes that sounds best. It looks like only a few call sites, so it > > should be a matter of leaving out the MbedTLS code and adding some > > static inlines. > > > Inspired by Ilias's reply to patch #7, though we can use the MbedTLS hash > alternative options, > we still need to convert all U-Boot hash APIs to adapt to the MbedTLS style. > This will impact all callers in U-Boot and I don't think it worth to do, at > least now. > As the first patch set to introduce MbedTLS to U-Boot with turning on all > necessary features, > I think this patch set is in the best way with an overall consideration. To this point, you could just create wrappers? And perhaps mark those as inline, if they're small enough?
Hi Tom, On Fri, 6 Sept 2024 at 11:27, Tom Rini <trini@konsulko.com> wrote: > On Fri, Sep 06, 2024 at 10:50:15AM -0400, Raymond Mao wrote: > > Hi Simon, > > > > On Thu, 5 Sept 2024 at 20:43, Simon Glass <sjg@chromium.org> wrote: > > > > > Hi Raymond, > > > > > > On Tue, 3 Sept 2024 at 08:59, Raymond Mao <raymond.mao@linaro.org> > wrote: > > > > > > > > Hi Simon, > > > > > > > > On Sat, 17 Aug 2024 at 11:58, Simon Glass <sjg@chromium.org> wrote: > > > >> > > > >> Hi Raymond, > > > >> > > > >> On Fri, 16 Aug 2024 at 15:44, Raymond Mao <raymond.mao@linaro.org> > > > wrote: > > > >> > > > > >> > Integrate MbedTLS v3.6 LTS (currently v3.6.0) with U-Boot. > > > >> > > > > >> > Motivations: > > > >> > ------------ > > > >> > > > > >> > 1. MbedTLS is well maintained with LTS versions. > > > >> > 2. LWIP is integrated with MbedTLS and easily to enable HTTPS. > > > >> > 3. MbedTLS recently switched license back to GPLv2. > > > >> > > > > >> > Prerequisite: > > > >> > ------------- > > > >> > > > > >> > This patch series requires mbedtls git repo to be added as a > > > >> > subtree to the main U-Boot repo via: > > > >> > $ git subtree add --prefix lib/mbedtls/external/mbedtls \ > > > >> > https://github.com/Mbed-TLS/mbedtls.git \ > > > >> > v3.6.0 --squash > > > >> > Moreover, due to the Windows-style files from mbedtls git repo, > > > >> > we need to convert the CRLF endings to LF and do a commit > manually: > > > >> > $ git add --renormalize . > > > >> > $ git commit > > > >> > > > > >> > New Kconfig options: > > > >> > -------------------- > > > >> > > > > >> > `MBEDTLS_LIB` is for MbedTLS general switch. > > > >> > `MBEDTLS_LIB_CRYPTO` is for replacing original digest and crypto > libs > > > with > > > >> > MbedTLS. > > > >> > `MBEDTLS_LIB_X509` is for replacing original X509, PKCS7, MSCode, > > > ASN1, > > > >> > and Pubkey parser with MbedTLS. > > > >> > `LEGACY_CRYPTO` is introduced as a main switch for legacy crypto > > > library. > > > >> > `LEGACY_CRYPTO_BASIC` is for the basic crypto functionalities and > > > >> > `LEGACY_CRYPTO_CERT` is for the certificate related > functionalities. > > > >> > For each of the algorithm, a pair of `<alg>_LEGACY` and > > > `<alg>_MBEDTLS` > > > >> > Kconfig options are introduced. Meanwhile, `SPL_` Kconfig options > are > > > >> > introduced. > > > >> > > > > >> > In this patch set, MBEDTLS_LIB, MBEDTLS_LIB_CRYPTO and > > > MBEDTLS_LIB_X509 > > > >> > are by default enabled in qemu_arm64_defconfig and > sandbox_defconfig > > > >> > for testing purpose. > > > >> > > > > >> > Patches for external MbedTLS project: > > > >> > ------------------------------------- > > > >> > > > > >> > Since U-Boot uses Microsoft Authentication Code to verify PE/COFFs > > > >> > executables which is not supported by MbedTLS at the moment, > > > >> > addtional patches for MbedTLS are created to adapt with the EFI > > > loader: > > > >> > 1. Decoding of Microsoft Authentication Code. > > > >> > 2. Decoding of PKCS#9 Authenticate Attributes. > > > >> > 3. Extending MbedTLS PKCS#7 lib to support multiple signer's > > > certificates. > > > >> > 4. MbedTLS native test suites for PKCS#7 signer's info. > > > >> > > > > >> > All above 4 patches (tagged with `mbedtls/external`) are > submitted to > > > >> > MbedTLS project and being reviewed, eventually they should be > part of > > > >> > MbedTLS LTS release. > > > >> > But before that, please merge them into U-Boot, otherwise the > building > > > >> > will be broken when MBEDTLS_LIB_X509 is enabled. > > > >> > > > > >> > See below PR link for the reference: > > > >> > https://github.com/Mbed-TLS/mbedtls/pull/9001 > > > >> > > > > >> > Miscellaneous: > > > >> > -------------- > > > >> > > > > >> > Optimized MbedTLS library size by tailoring the config file > > > >> > and disabling all unnecessary features for EFI loader. > > > >> > From v2, original libs (rsa, asn1_decoder, rsa_helper, md5, sha1, > > > sha256, > > > >> > sha512) are completely replaced when MbedTLS is enabled. > > > >> > From v3, the size-growth is slightly reduced by refactoring Hash > > > functions. > > > >> > From v6, smaller implementations for SHA256 and SHA512 are > enabled and > > > >> > target size reduce significantly. > > > >> > Target(QEMU arm64) size-growth when enabling MbedTLS: > > > >> > v1: 6.03% > > > >> > v2: 4.66% > > > >> > v3 - v5: 4.55% > > > >> > v6: 2.90% > > > >> > > > > >> > Please see the latest output from buildman for size-growth on QEMU > > > arm64, > > > >> > Sandbox and Nanopi A64. [1] > > > >> > > > > >> > Tests done: > > > >> > ----------- > > > >> > > > > >> > EFI Secure Boot test (EFI variables loading and verifying, EFI > signed > > > image > > > >> > verifying and booting) via U-Boot console. > > > >> > EFI Secure Boot and Capsule sandbox test passed. > > > >> > > > > >> > Known issues: > > > >> > ------------- > > > >> > > > > >> > None. > > > >> > > > >> I wonder if we could leave out the SHA stuff? The algorithms are > > > >> stable and this would seem to avoid much of the size growth, and all > > > >> the pain of trying to integrate another yet another hashing layer > (we > > > >> already have normal, progressive and h/w acceleration, plus > > > >> UCLASS_HASH which h/w acceleration should use but that migration > never > > > >> happened). I struggle to see any benefit in replacing U-Boot's very > > > >> solid hashing infra with something else, particularly as this series > > > >> adds yet another. Better to invest the time to refactor it. I asked > > > >> about this before and was told that it would happen 'later'. Let's > > > >> just not change it at all, then it is more likely someone will sort > it > > > >> out. > > > >> > > > > Unfortunately, MbedTLS depends on its own digest layer. Unless we > patch > > > MbedTLS > > > > to allow an external digest library from U-Boot ... > > > > > > Yes that sounds best. It looks like only a few call sites, so it > > > should be a matter of leaving out the MbedTLS code and adding some > > > static inlines. > > > > > Inspired by Ilias's reply to patch #7, though we can use the MbedTLS hash > > alternative options, > > we still need to convert all U-Boot hash APIs to adapt to the MbedTLS > style. > > This will impact all callers in U-Boot and I don't think it worth to do, > at > > least now. > > As the first patch set to introduce MbedTLS to U-Boot with turning on all > > necessary features, > > I think this patch set is in the best way with an overall consideration. > > To this point, you could just create wrappers? And perhaps mark those as > inline, if they're small enough? > > The original hash_xxx functions are relatively small and I can move them to the header file as inline. And the MbedTLS wrappers will be kept in common/hash.c. Regards, Raymond
Hi Raymond, On Fri, 6 Sept 2024 at 08:50, Raymond Mao <raymond.mao@linaro.org> wrote: > > Hi Simon, > > On Thu, 5 Sept 2024 at 20:43, Simon Glass <sjg@chromium.org> wrote: >> >> Hi Raymond, >> >> On Tue, 3 Sept 2024 at 08:59, Raymond Mao <raymond.mao@linaro.org> wrote: >> > >> > Hi Simon, >> > >> > On Sat, 17 Aug 2024 at 11:58, Simon Glass <sjg@chromium.org> wrote: >> >> >> >> Hi Raymond, >> >> >> >> On Fri, 16 Aug 2024 at 15:44, Raymond Mao <raymond.mao@linaro.org> wrote: >> >> > >> >> > Integrate MbedTLS v3.6 LTS (currently v3.6.0) with U-Boot. >> >> > >> >> > Motivations: >> >> > ------------ >> >> > >> >> > 1. MbedTLS is well maintained with LTS versions. >> >> > 2. LWIP is integrated with MbedTLS and easily to enable HTTPS. >> >> > 3. MbedTLS recently switched license back to GPLv2. >> >> > >> >> > Prerequisite: >> >> > ------------- >> >> > >> >> > This patch series requires mbedtls git repo to be added as a >> >> > subtree to the main U-Boot repo via: >> >> > $ git subtree add --prefix lib/mbedtls/external/mbedtls \ >> >> > https://github.com/Mbed-TLS/mbedtls.git \ >> >> > v3.6.0 --squash >> >> > Moreover, due to the Windows-style files from mbedtls git repo, >> >> > we need to convert the CRLF endings to LF and do a commit manually: >> >> > $ git add --renormalize . >> >> > $ git commit >> >> > >> >> > New Kconfig options: >> >> > -------------------- >> >> > >> >> > `MBEDTLS_LIB` is for MbedTLS general switch. >> >> > `MBEDTLS_LIB_CRYPTO` is for replacing original digest and crypto libs with >> >> > MbedTLS. >> >> > `MBEDTLS_LIB_X509` is for replacing original X509, PKCS7, MSCode, ASN1, >> >> > and Pubkey parser with MbedTLS. >> >> > `LEGACY_CRYPTO` is introduced as a main switch for legacy crypto library. >> >> > `LEGACY_CRYPTO_BASIC` is for the basic crypto functionalities and >> >> > `LEGACY_CRYPTO_CERT` is for the certificate related functionalities. >> >> > For each of the algorithm, a pair of `<alg>_LEGACY` and `<alg>_MBEDTLS` >> >> > Kconfig options are introduced. Meanwhile, `SPL_` Kconfig options are >> >> > introduced. >> >> > >> >> > In this patch set, MBEDTLS_LIB, MBEDTLS_LIB_CRYPTO and MBEDTLS_LIB_X509 >> >> > are by default enabled in qemu_arm64_defconfig and sandbox_defconfig >> >> > for testing purpose. >> >> > >> >> > Patches for external MbedTLS project: >> >> > ------------------------------------- >> >> > >> >> > Since U-Boot uses Microsoft Authentication Code to verify PE/COFFs >> >> > executables which is not supported by MbedTLS at the moment, >> >> > addtional patches for MbedTLS are created to adapt with the EFI loader: >> >> > 1. Decoding of Microsoft Authentication Code. >> >> > 2. Decoding of PKCS#9 Authenticate Attributes. >> >> > 3. Extending MbedTLS PKCS#7 lib to support multiple signer's certificates. >> >> > 4. MbedTLS native test suites for PKCS#7 signer's info. >> >> > >> >> > All above 4 patches (tagged with `mbedtls/external`) are submitted to >> >> > MbedTLS project and being reviewed, eventually they should be part of >> >> > MbedTLS LTS release. >> >> > But before that, please merge them into U-Boot, otherwise the building >> >> > will be broken when MBEDTLS_LIB_X509 is enabled. >> >> > >> >> > See below PR link for the reference: >> >> > https://github.com/Mbed-TLS/mbedtls/pull/9001 >> >> > >> >> > Miscellaneous: >> >> > -------------- >> >> > >> >> > Optimized MbedTLS library size by tailoring the config file >> >> > and disabling all unnecessary features for EFI loader. >> >> > From v2, original libs (rsa, asn1_decoder, rsa_helper, md5, sha1, sha256, >> >> > sha512) are completely replaced when MbedTLS is enabled. >> >> > From v3, the size-growth is slightly reduced by refactoring Hash functions. >> >> > From v6, smaller implementations for SHA256 and SHA512 are enabled and >> >> > target size reduce significantly. >> >> > Target(QEMU arm64) size-growth when enabling MbedTLS: >> >> > v1: 6.03% >> >> > v2: 4.66% >> >> > v3 - v5: 4.55% >> >> > v6: 2.90% >> >> > >> >> > Please see the latest output from buildman for size-growth on QEMU arm64, >> >> > Sandbox and Nanopi A64. [1] >> >> > >> >> > Tests done: >> >> > ----------- >> >> > >> >> > EFI Secure Boot test (EFI variables loading and verifying, EFI signed image >> >> > verifying and booting) via U-Boot console. >> >> > EFI Secure Boot and Capsule sandbox test passed. >> >> > >> >> > Known issues: >> >> > ------------- >> >> > >> >> > None. >> >> >> >> I wonder if we could leave out the SHA stuff? The algorithms are >> >> stable and this would seem to avoid much of the size growth, and all >> >> the pain of trying to integrate another yet another hashing layer (we >> >> already have normal, progressive and h/w acceleration, plus >> >> UCLASS_HASH which h/w acceleration should use but that migration never >> >> happened). I struggle to see any benefit in replacing U-Boot's very >> >> solid hashing infra with something else, particularly as this series >> >> adds yet another. Better to invest the time to refactor it. I asked >> >> about this before and was told that it would happen 'later'. Let's >> >> just not change it at all, then it is more likely someone will sort it >> >> out. >> >> >> > Unfortunately, MbedTLS depends on its own digest layer. Unless we patch MbedTLS >> > to allow an external digest library from U-Boot ... >> >> Yes that sounds best. It looks like only a few call sites, so it >> should be a matter of leaving out the MbedTLS code and adding some >> static inlines. >> > Inspired by Ilias's reply to patch #7, though we can use the MbedTLS hash alternative options, > we still need to convert all U-Boot hash APIs to adapt to the MbedTLS style. > This will impact all callers in U-Boot and I don't think it worth to do, at least now. Agreed. > As the first patch set to introduce MbedTLS to U-Boot with turning on all necessary features, > I think this patch set is in the best way with an overall consideration. I am not convinced, sorry. Can you update MbedTLS so that its hash algo can be changed to call the U-Boot one? Then we can deal with hardware acceleration, driver model and avoid yet another layer of cruft in common/hash.c I see only a few calls...and the hash algos are so simple and stable that there really is no value to U-Boot of all of this pain. Alternatively, if for some reason you really want this series in as is, if you have a plan and scheduling to tidy this up immediately after this series, I could be convinced to look the other way. Regards, Simon
Hi Simon, On Tue, 10 Sept 2024 at 14:44, Simon Glass <sjg@chromium.org> wrote: > Hi Raymond, > > On Fri, 6 Sept 2024 at 08:50, Raymond Mao <raymond.mao@linaro.org> wrote: > > > > Hi Simon, > > > > On Thu, 5 Sept 2024 at 20:43, Simon Glass <sjg@chromium.org> wrote: > >> > >> Hi Raymond, > >> > >> On Tue, 3 Sept 2024 at 08:59, Raymond Mao <raymond.mao@linaro.org> > wrote: > >> > > >> > Hi Simon, > >> > > >> > On Sat, 17 Aug 2024 at 11:58, Simon Glass <sjg@chromium.org> wrote: > >> >> > >> >> Hi Raymond, > >> >> > >> >> On Fri, 16 Aug 2024 at 15:44, Raymond Mao <raymond.mao@linaro.org> > wrote: > >> >> > > >> >> > Integrate MbedTLS v3.6 LTS (currently v3.6.0) with U-Boot. > >> >> > > >> >> > Motivations: > >> >> > ------------ > >> >> > > >> >> > 1. MbedTLS is well maintained with LTS versions. > >> >> > 2. LWIP is integrated with MbedTLS and easily to enable HTTPS. > >> >> > 3. MbedTLS recently switched license back to GPLv2. > >> >> > > >> >> > Prerequisite: > >> >> > ------------- > >> >> > > >> >> > This patch series requires mbedtls git repo to be added as a > >> >> > subtree to the main U-Boot repo via: > >> >> > $ git subtree add --prefix lib/mbedtls/external/mbedtls \ > >> >> > https://github.com/Mbed-TLS/mbedtls.git \ > >> >> > v3.6.0 --squash > >> >> > Moreover, due to the Windows-style files from mbedtls git repo, > >> >> > we need to convert the CRLF endings to LF and do a commit manually: > >> >> > $ git add --renormalize . > >> >> > $ git commit > >> >> > > >> >> > New Kconfig options: > >> >> > -------------------- > >> >> > > >> >> > `MBEDTLS_LIB` is for MbedTLS general switch. > >> >> > `MBEDTLS_LIB_CRYPTO` is for replacing original digest and crypto > libs with > >> >> > MbedTLS. > >> >> > `MBEDTLS_LIB_X509` is for replacing original X509, PKCS7, MSCode, > ASN1, > >> >> > and Pubkey parser with MbedTLS. > >> >> > `LEGACY_CRYPTO` is introduced as a main switch for legacy crypto > library. > >> >> > `LEGACY_CRYPTO_BASIC` is for the basic crypto functionalities and > >> >> > `LEGACY_CRYPTO_CERT` is for the certificate related > functionalities. > >> >> > For each of the algorithm, a pair of `<alg>_LEGACY` and > `<alg>_MBEDTLS` > >> >> > Kconfig options are introduced. Meanwhile, `SPL_` Kconfig options > are > >> >> > introduced. > >> >> > > >> >> > In this patch set, MBEDTLS_LIB, MBEDTLS_LIB_CRYPTO and > MBEDTLS_LIB_X509 > >> >> > are by default enabled in qemu_arm64_defconfig and > sandbox_defconfig > >> >> > for testing purpose. > >> >> > > >> >> > Patches for external MbedTLS project: > >> >> > ------------------------------------- > >> >> > > >> >> > Since U-Boot uses Microsoft Authentication Code to verify PE/COFFs > >> >> > executables which is not supported by MbedTLS at the moment, > >> >> > addtional patches for MbedTLS are created to adapt with the EFI > loader: > >> >> > 1. Decoding of Microsoft Authentication Code. > >> >> > 2. Decoding of PKCS#9 Authenticate Attributes. > >> >> > 3. Extending MbedTLS PKCS#7 lib to support multiple signer's > certificates. > >> >> > 4. MbedTLS native test suites for PKCS#7 signer's info. > >> >> > > >> >> > All above 4 patches (tagged with `mbedtls/external`) are submitted > to > >> >> > MbedTLS project and being reviewed, eventually they should be part > of > >> >> > MbedTLS LTS release. > >> >> > But before that, please merge them into U-Boot, otherwise the > building > >> >> > will be broken when MBEDTLS_LIB_X509 is enabled. > >> >> > > >> >> > See below PR link for the reference: > >> >> > https://github.com/Mbed-TLS/mbedtls/pull/9001 > >> >> > > >> >> > Miscellaneous: > >> >> > -------------- > >> >> > > >> >> > Optimized MbedTLS library size by tailoring the config file > >> >> > and disabling all unnecessary features for EFI loader. > >> >> > From v2, original libs (rsa, asn1_decoder, rsa_helper, md5, sha1, > sha256, > >> >> > sha512) are completely replaced when MbedTLS is enabled. > >> >> > From v3, the size-growth is slightly reduced by refactoring Hash > functions. > >> >> > From v6, smaller implementations for SHA256 and SHA512 are enabled > and > >> >> > target size reduce significantly. > >> >> > Target(QEMU arm64) size-growth when enabling MbedTLS: > >> >> > v1: 6.03% > >> >> > v2: 4.66% > >> >> > v3 - v5: 4.55% > >> >> > v6: 2.90% > >> >> > > >> >> > Please see the latest output from buildman for size-growth on QEMU > arm64, > >> >> > Sandbox and Nanopi A64. [1] > >> >> > > >> >> > Tests done: > >> >> > ----------- > >> >> > > >> >> > EFI Secure Boot test (EFI variables loading and verifying, EFI > signed image > >> >> > verifying and booting) via U-Boot console. > >> >> > EFI Secure Boot and Capsule sandbox test passed. > >> >> > > >> >> > Known issues: > >> >> > ------------- > >> >> > > >> >> > None. > >> >> > >> >> I wonder if we could leave out the SHA stuff? The algorithms are > >> >> stable and this would seem to avoid much of the size growth, and all > >> >> the pain of trying to integrate another yet another hashing layer (we > >> >> already have normal, progressive and h/w acceleration, plus > >> >> UCLASS_HASH which h/w acceleration should use but that migration > never > >> >> happened). I struggle to see any benefit in replacing U-Boot's very > >> >> solid hashing infra with something else, particularly as this series > >> >> adds yet another. Better to invest the time to refactor it. I asked > >> >> about this before and was told that it would happen 'later'. Let's > >> >> just not change it at all, then it is more likely someone will sort > it > >> >> out. > >> >> > >> > Unfortunately, MbedTLS depends on its own digest layer. Unless we > patch MbedTLS > >> > to allow an external digest library from U-Boot ... > >> > >> Yes that sounds best. It looks like only a few call sites, so it > >> should be a matter of leaving out the MbedTLS code and adding some > >> static inlines. > >> > > Inspired by Ilias's reply to patch #7, though we can use the MbedTLS > hash alternative options, > > we still need to convert all U-Boot hash APIs to adapt to the MbedTLS > style. > > This will impact all callers in U-Boot and I don't think it worth to do, > at least now. > > Agreed. > > > As the first patch set to introduce MbedTLS to U-Boot with turning on > all necessary features, > > I think this patch set is in the best way with an overall consideration. > > I am not convinced, sorry. Can you update MbedTLS so that its hash > algo can be changed to call the U-Boot one? Then we can deal with > hardware acceleration, driver model and avoid yet another layer of > cruft in common/hash.c > > MbedTLS reserves an alternative interface for external algorithms but it requires to adapt all args to the ones of MbedTLS which means we have to modify all hash APIs we have in U-boot and doesn't make too much sense. But I decided to drop patch #7, and then we won't have any changes in common/hash.c from v7. [snip] Regards, Raymond
Hi Tom, On Tue, 3 Sept 2024 at 11:03, Raymond Mao <raymond.mao@linaro.org> wrote: > Hi Tom, > > On Mon, 19 Aug 2024 at 17:04, Tom Rini <trini@konsulko.com> wrote: > >> On Fri, Aug 16, 2024 at 02:43:49PM -0700, Raymond Mao wrote: >> >> > Integrate MbedTLS v3.6 LTS (currently v3.6.0) with U-Boot. >> > >> > Motivations: >> > ------------ >> > >> > 1. MbedTLS is well maintained with LTS versions. >> > 2. LWIP is integrated with MbedTLS and easily to enable HTTPS. >> > 3. MbedTLS recently switched license back to GPLv2. >> >> Whereas I think v5 did well with global build with mbedTLS being the >> default option, v6 blows up so many places. >> > > I didn't enable it except qemu_arm64, sandbox and nanopi_a64, I will run > it on more platforms via CI. > > Just a follow-up: I made a few changes to fix the kconfig dependency issues which only can be reproduced by a few of the world build platforms. My latest PR passed all CI world builds with MbedTLS enabled at: https://github.com/u-boot/u-boot/pull/642 I will include all the fixes in v7. Regards, Raymond >
Integrate MbedTLS v3.6 LTS (currently v3.6.0) with U-Boot. Motivations: ------------ 1. MbedTLS is well maintained with LTS versions. 2. LWIP is integrated with MbedTLS and easily to enable HTTPS. 3. MbedTLS recently switched license back to GPLv2. Prerequisite: ------------- This patch series requires mbedtls git repo to be added as a subtree to the main U-Boot repo via: $ git subtree add --prefix lib/mbedtls/external/mbedtls \ https://github.com/Mbed-TLS/mbedtls.git \ v3.6.0 --squash Moreover, due to the Windows-style files from mbedtls git repo, we need to convert the CRLF endings to LF and do a commit manually: $ git add --renormalize . $ git commit New Kconfig options: -------------------- `MBEDTLS_LIB` is for MbedTLS general switch. `MBEDTLS_LIB_CRYPTO` is for replacing original digest and crypto libs with MbedTLS. `MBEDTLS_LIB_X509` is for replacing original X509, PKCS7, MSCode, ASN1, and Pubkey parser with MbedTLS. `LEGACY_CRYPTO` is introduced as a main switch for legacy crypto library. `LEGACY_CRYPTO_BASIC` is for the basic crypto functionalities and `LEGACY_CRYPTO_CERT` is for the certificate related functionalities. For each of the algorithm, a pair of `<alg>_LEGACY` and `<alg>_MBEDTLS` Kconfig options are introduced. Meanwhile, `SPL_` Kconfig options are introduced. In this patch set, MBEDTLS_LIB, MBEDTLS_LIB_CRYPTO and MBEDTLS_LIB_X509 are by default enabled in qemu_arm64_defconfig and sandbox_defconfig for testing purpose. Patches for external MbedTLS project: ------------------------------------- Since U-Boot uses Microsoft Authentication Code to verify PE/COFFs executables which is not supported by MbedTLS at the moment, addtional patches for MbedTLS are created to adapt with the EFI loader: 1. Decoding of Microsoft Authentication Code. 2. Decoding of PKCS#9 Authenticate Attributes. 3. Extending MbedTLS PKCS#7 lib to support multiple signer's certificates. 4. MbedTLS native test suites for PKCS#7 signer's info. All above 4 patches (tagged with `mbedtls/external`) are submitted to MbedTLS project and being reviewed, eventually they should be part of MbedTLS LTS release. But before that, please merge them into U-Boot, otherwise the building will be broken when MBEDTLS_LIB_X509 is enabled. See below PR link for the reference: https://github.com/Mbed-TLS/mbedtls/pull/9001 Miscellaneous: -------------- Optimized MbedTLS library size by tailoring the config file and disabling all unnecessary features for EFI loader. From v2, original libs (rsa, asn1_decoder, rsa_helper, md5, sha1, sha256, sha512) are completely replaced when MbedTLS is enabled. From v3, the size-growth is slightly reduced by refactoring Hash functions. From v6, smaller implementations for SHA256 and SHA512 are enabled and target size reduce significantly. Target(QEMU arm64) size-growth when enabling MbedTLS: v1: 6.03% v2: 4.66% v3 - v5: 4.55% v6: 2.90% Please see the latest output from buildman for size-growth on QEMU arm64, Sandbox and Nanopi A64. [1] Tests done: ----------- EFI Secure Boot test (EFI variables loading and verifying, EFI signed image verifying and booting) via U-Boot console. EFI Secure Boot and Capsule sandbox test passed. Known issues: ------------- None. [1]: buildman output for size comparison (qemu_arm64, sandbox and nanopi_a64) ``` aarch64: (for 2/2 boards) all -1468.0 bss +16.0 data -64.0 rodata +200.0 text -1620.0 qemu_arm64 : all +4608 bss +80 data -64 rodata +200 text +4392 u-boot: add: 29/-17, grow: 12/-16 bytes: 13072/-8304 (4768) function old new delta mbedtls_internal_sha1_process - 4540 +4540 mbedtls_internal_md5_process - 2928 +2928 K - 896 +896 mbedtls_sha256_finish - 484 +484 mbedtls_internal_sha256_process - 432 +432 mbedtls_sha1_finish - 420 +420 mbedtls_internal_sha512_process - 412 +412 mbedtls_sha512_finish - 360 +360 mbedtls_sha512_starts - 340 +340 mbedtls_md5_finish - 336 +336 mbedtls_sha512_update - 264 +264 mbedtls_sha256_update - 252 +252 mbedtls_sha1_update - 236 +236 mbedtls_md5_update - 236 +236 mbedtls_sha512 - 148 +148 mbedtls_sha256_starts - 124 +124 hash_init_sha512 52 128 +76 hash_init_sha256 52 128 +76 mbedtls_sha1_starts - 72 +72 mbedtls_md5_starts - 60 +60 hash_init_sha1 52 112 +60 mbedtls_platform_zeroize - 56 +56 sha512_put_uint64_be - 40 +40 mbedtls_sha512_free - 16 +16 mbedtls_sha256_free - 16 +16 mbedtls_sha1_free - 16 +16 mbedtls_md5_free - 16 +16 hash_finish_sha512 72 88 +16 hash_finish_sha256 72 88 +16 hash_finish_sha1 72 88 +16 sha512_csum_wd 68 80 +12 sha256_csum_wd 68 80 +12 sha1_csum_wd 68 80 +12 md5_wd 68 80 +12 mbedtls_sha512_init - 12 +12 mbedtls_sha256_init - 12 +12 mbedtls_sha1_init - 12 +12 mbedtls_md5_init - 12 +12 memset_func - 8 +8 sha512_update 4 8 +4 sha384_update 4 8 +4 sha256_update 12 8 -4 sha1_update 12 8 -4 sha256_process 16 - -16 sha1_process 16 - -16 hash_update_sha512 36 16 -20 hash_update_sha256 36 16 -20 hash_update_sha1 36 16 -20 MD5Init 56 36 -20 sha1_starts 60 36 -24 hash_update_sha384 36 - -36 hash_init_sha384 52 - -52 sha384_csum_wd 68 12 -56 sha256_starts 104 40 -64 sha256_padding 64 - -64 sha1_padding 64 - -64 hash_finish_sha384 72 - -72 sha512_finish 152 36 -116 sha512_starts 168 40 -128 sha384_starts 168 40 -128 sha384_finish 152 4 -148 MD5Final 196 44 -152 sha512_base_do_finalize 160 - -160 static.sha256_update 228 - -228 static.sha1_update 240 - -240 sha512_base_do_update 244 - -244 MD5Update 260 - -260 sha1_finish 300 36 -264 sha256_finish 404 36 -368 sha256_armv8_ce_process 428 - -428 sha1_armv8_ce_process 484 - -484 sha512_K 640 - -640 sha512_block_fn 1212 - -1212 MD5Transform 2552 - -2552 nanopi_a64 : all -7544 bss -48 data -64 rodata +200 text -7632 u-boot: add: 21/-8, grow: 4/-8 bytes: 10692/-4364 (6328) function old new delta mbedtls_internal_sha1_process - 4540 +4540 mbedtls_internal_md5_process - 2928 +2928 mbedtls_sha256_finish - 484 +484 mbedtls_internal_sha256_process - 432 +432 mbedtls_sha1_finish - 420 +420 mbedtls_md5_finish - 336 +336 K - 256 +256 mbedtls_sha256_update - 252 +252 mbedtls_sha1_update - 236 +236 mbedtls_md5_update - 236 +236 mbedtls_sha256_starts - 124 +124 hash_init_sha256 52 128 +76 mbedtls_sha1_starts - 72 +72 mbedtls_md5_starts - 60 +60 hash_init_sha1 52 112 +60 mbedtls_platform_zeroize - 56 +56 mbedtls_sha256_free - 16 +16 mbedtls_sha1_free - 16 +16 mbedtls_md5_free - 16 +16 hash_finish_sha256 72 88 +16 hash_finish_sha1 72 88 +16 mbedtls_sha256_init - 12 +12 mbedtls_sha1_init - 12 +12 mbedtls_md5_init - 12 +12 memset_func - 8 +8 sha256_update 12 - -12 sha1_update 12 - -12 hash_update_sha256 36 16 -20 hash_update_sha1 36 16 -20 MD5Init 56 36 -20 sha1_starts 60 36 -24 sha256_starts 104 40 -64 sha256_padding 64 - -64 sha1_padding 64 - -64 MD5Final 196 44 -152 static.sha256_update 228 - -228 static.sha1_update 240 - -240 MD5Update 260 - -260 sha1_finish 300 36 -264 sha256_finish 404 36 -368 MD5Transform 2552 - -2552 sandbox: (for 1/1 boards) all +19312.0 data +1440.0 rodata -4128.0 text +22000.0 sandbox : all +19312 data +1440 rodata -4128 text +22000 u-boot: add: 258/-206, grow: 122/-59 bytes: 90286/-76286 (14000) function old new delta mbedtls_internal_sha1_process - 4982 +4982 static.mbedtls_x509_crt_parse_der_internal - 4184 +4184 static.pci_uclass_post_probe - 3570 +3570 pkcs7_parse_message 361 3638 +3277 static.sandbox_tpm2_xfer - 2605 +2605 rsa_verify 541 2794 +2253 mbedtls_internal_md5_process - 2189 +2189 mbedtls_rsa_parse_pubkey - 2053 +2053 mbedtls_rsa_private - 1813 +1813 run_test 2220 3932 +1712 mbedtls_mpi_exp_mod - 1649 +1649 read_one_chunk - 1606 +1606 x509_populate_cert - 1462 +1462 mbedtls_mpi_div_mpi - 1459 +1459 static.simple_panel_get_edid_timing - 1385 +1385 static.sqfs_search_dir - 1336 +1336 static.mbedtls_x509_dn_gets - 1305 +1305 mbedtls_mpi_inv_mod - 1214 +1214 mbedtls_rsa_rsaes_pkcs1_v15_decrypt - 1156 +1156 mbedtls_x509_get_subject_alt_name_ext - 1155 +1155 rsa_check_pair_wrap - 1018 +1018 static.K - 896 +896 oid_x520_attr_type - 840 +840 static.pci_uclass_pre_probe - 832 +832 read_persistent_digest - 825 +825 ta_rpc_test_invoke_func - 812 +812 ta_avb_invoke_func - 783 +783 static.dm_pciauto_setup_device - 747 +747 efi_load_image 4418 5157 +739 static.pkcs7_get_signer_info - 671 +671 static.dfu_bind - 637 +637 efi_tcg2_hash_log_extend_event - 622 +622 static.sqfs_frag_lookup - 605 +605 mbedtls_mpi_core_montmul - 537 +537 mbedtls_internal_sha512_process - 536 +536 mbedtls_mpi_core_mla - 520 +520 mbedtls_sha256_finish - 519 +519 static.sqfs_resolve_symlink - 509 +509 mbedtls_internal_sha256_process - 487 +487 static.overlay_update_local_node_references - 483 +483 mbedtls_x509_get_time - 483 +483 mbedtls_mpi_mul_mpi - 479 +479 mbedtls_x509_get_name - 470 +470 mbedtls_pk_parse_subpubkey - 463 +463 efi_tcg2_get_capability - 462 +462 find_and_setup_root - 456 +456 static.new_string - 450 +450 static.set_string - 448 +448 mbedtls_sha1_finish - 445 +445 longest_match - 424 +424 rsa_rsassa_pkcs1_v15_encode - 414 +414 mbedtls_mpi_gcd - 413 +413 load_full_partition - 413 +413 static.get_languages - 402 +402 static.efi_uninstall_protocol - 400 +400 static.list_package_lists - 398 +398 static.update_package_list - 374 +374 static.efi_disconnect_all_drivers - 363 +363 efi_tcg2_get_eventlog - 361 +361 static.get_string - 360 +360 oid_x509_ext - 360 +360 static.new_package_list - 359 +359 static.efi_convert_device_path_to_text - 359 +359 static.get_keyboard_layout - 355 +355 rsa_sign_wrap - 355 +355 add_sub_mpi - 355 +355 mbedtls_sha512_finish - 352 +352 efi_tcg2_submit_command - 351 +351 static.find_keyboard_layouts - 339 +339 rsa_verify_wrap - 324 +324 oid_sig_alg - 320 +320 efi_tcg2_notify_exit_boot_services - 316 +316 mbedtls_mpi_sub_abs - 315 +315 static.append_device_path_instance - 311 +311 static.get_secondary_languages - 301 +301 rsa_encrypt_wrap - 294 +294 static.hash_init_sha512 41 334 +293 static.efi_convert_device_node_to_text - 293 +293 static.get_next_device_path_instance - 290 +290 spi_set_speed_mode - 287 +287 static.buck_get_suspend_enable - 276 +276 mbedtls_mpi_core_get_mont_r2_unsafe - 276 +276 efi_tcg2_get_active_pcr_banks - 273 +273 public_key - 270 +270 static.buck_set_suspend_enable - 264 +264 static.rsa_check_context - 260 +260 public_key_verify_signature 419 678 +259 __udivti3 - 248 +248 mbedtls_rsa_public - 242 +242 static.oid_md_alg - 240 +240 mbedtls_asn1_get_alg - 238 +238 static.get_package_list_handle - 231 +231 static.dm_pciauto_exp_link_stable - 231 +231 static.overlay_get_target - 224 +224 mbedtls_mpi_shift_l - 224 +224 mbedtls_pkcs7_free - 223 +223 static.register_package_notify - 222 +222 static.create_device_node - 222 +222 mbedtls_mpi_fill_random - 221 +221 static.dfu_handle - 213 +213 static.usb_emul_find_devnum - 210 +210 mbedtls_sha512_update - 209 +209 static.remove_package_list - 208 +208 static.export_package_lists - 206 +206 static.montMul - 202 +202 static.sqfs_tokenize - 201 +201 static.is_device_path_multi_instance - 201 +201 mbedtls_mpi_copy - 200 +200 mbedtls_sha256_update - 197 +197 static.set_keyboard_layout - 196 +196 static.ldo_set_suspend_enable - 195 +195 static.asn1_get_tagged_int - 194 +194 static.get_device_path_size - 191 +191 static.efi_open_volume - 191 +191 static.append_device_path - 190 +190 static.append_device_node - 188 +188 static.ldo_get_suspend_enable - 182 +182 mbedtls_pk_parse_public_key - 182 +182 static.duplicate_device_path - 180 +180 mbedtls_x509_crt_free - 177 +177 static.mbedtls_sha1_update - 176 +176 mbedtls_mpi_shift_r - 174 +174 static.unregister_package_notify - 169 +169 rsa_free_wrap - 161 +161 mbedtls_mpi_cmp_mpi - 161 +161 static.pkcs7_get_one_cert - 160 +160 oid_pk_alg - 160 +160 mbedtls_mpi_read_binary - 159 +159 md5_wd 571 729 +158 mbedtls_mpi_core_write_be - 154 +154 static.switch_set_enable - 150 +150 mbedtls_mpi_mod_mpi - 146 +146 mbedtls_asn1_get_alg_null - 142 +142 __alloc_extent_buffer - 142 +142 static.pldo_set_enable - 141 +141 mbedtls_mpi_cmp_abs - 141 +141 mbedtls_mpi_mul_int - 138 +138 mbedtls_asn1_get_len - 133 +133 static.switch_get_enable - 130 +130 static.nldo_set_enable - 130 +130 static.overlay_adjust_node_phandles - 121 +121 static.hash_init_sha256 41 161 +120 mbedtls_mpi_grow - 120 +120 reg_set_enable - 118 +118 static.load_and_verify_vbmeta 10699 10814 +115 mbedtls_rsa_check_pubkey - 109 +109 static.pldo_get_enable - 108 +108 static.mbedtls_asn1_get_bitstring - 108 +108 x509_get_timestamp - 106 +106 static.buck_get_suspend_value - 101 +101 mbedtls_asn1_get_bool - 99 +99 static.asn1_get_sequence_of_cb - 98 +98 efi_reserve_memory - 97 +97 mbedtls_rsa_info - 96 +96 static.buck_set_suspend_value - 93 +93 ldo_get_enable - 92 +92 buck_get_enable - 92 +92 data_gz 21219 21309 +90 mbedtls_x509_get_serial - 88 +88 mbedtls_mpi_resize_clear - 87 +87 static.sqfs_read_entry - 86 +86 static.nldo_get_enable - 83 +83 mbedtls_mpi_bitlen - 82 +82 static.x509_get_uid - 81 +81 static.mbedtls_mpi_sub_int - 81 +81 static.pldo_set_suspend_enable - 78 +78 mbedtls_oid_get_md_alg - 78 +78 ldo_set_enable - 77 +77 buck_set_enable - 77 +77 static.sqfs_count_tokens - 76 +76 static.pldo_set_value - 75 +75 static.pldo_set_suspend_value - 75 +75 static.pldo_get_suspend_enable - 75 +75 static.nldo_set_value - 75 +75 static.nldo_set_suspend_value - 75 +75 mbedtls_mpi_cmp_int - 75 +75 find_device - 75 +75 rsa_decrypt_wrap - 73 +73 pta_scp03_invoke_func - 73 +73 mbedtls_mpi_lset - 73 +73 sha512_put_uint64_be - 72 +72 mbedtls_md_info_from_type - 72 +72 static.sqfs_disk_read - 69 +69 static.sqfs_calc_n_blks - 69 +69 static.simple_panel_set_backlight - 68 +68 ldo_get_value - 67 +67 buck_get_value - 67 +67 static.nldo_set_suspend_enable - 65 +65 free_extent_state_func - 65 +65 static.nldo_get_suspend_enable - 64 +64 sha1_starts - 64 +64 mbedtls_mpi_lsb - 64 +64 rsa_alloc_wrap - 62 +62 mbedtls_pk_setup - 62 +62 pkcs7_free_message 115 176 +61 static.unicode_test_u16_strcmp - 60 +60 rsa_debug - 60 +60 lib_test_strlcat 1195 1255 +60 public_key_signature_free - 58 +58 static.x509_free_mbedtls_ctx - 57 +57 static.nldo_get_value - 57 +57 static.nldo_get_suspend_value - 57 +57 x509_populate_dn_name_string - 56 +56 efi_tcg2_protocol - 56 +56 mbedtls_mpi_core_montmul_init - 55 +55 static.pldo_get_value - 54 +54 static.pldo_get_suspend_value - 54 +54 mbedtls_asn1_get_bitstring_null - 53 +53 efi_launch_capsules 3090 3142 +52 static.pkcs7_free_signer_info - 51 +51 static.ldo_set_suspend_value - 51 +51 mbedtls_mpi_free - 51 +51 static.mbedtls_mpi_core_bigendian_to_host - 50 +50 mbedtls_asn1_get_tag - 50 +50 event_log - 48 +48 static.subM - 47 +47 mbedtls_pk_free - 45 +45 mbedtls_zeroize_and_free - 42 +42 static.ldo_get_suspend_value - 38 +38 static.sandbox_tpm2_get_desc - 35 +35 efi_capsule_update_firmware 1354 1389 +35 static.simple_panel_enable_backlight - 34 +34 static.efi_firmware_get_image_info 696 730 +34 x509_parse2_int - 33 +33 ldo_set_value - 32 +32 buck_set_value - 32 +32 static.hash_init_sha1 75 105 +30 mbedtls_asn1_sequence_free - 30 +30 mbedtls_asn1_free_named_data_list_shallow - 30 +30 efi_start_image 2492 2522 +30 static.hash_finish_sha512 40 66 +26 static.hash_finish_sha256 40 66 +26 static.hash_finish_sha1 40 66 +26 generic_phy_get_bulk 366 392 +26 static.set_descriptors - 25 +25 reboot_mode_probe 139 164 +25 static.efi_open_protocol 495 519 +24 static.mbedtls_mpi_get_bit - 23 +23 sqfs_opendir 1655 1677 +22 rsa_can_do - 22 +22 efi_install_fdt 572 594 +22 sha512_starts 132 152 +20 mbedtls_sha512_free - 20 +20 mbedtls_sha256_free - 20 +20 mbedtls_sha1_free - 20 +20 efi_query_capsule_caps 210 229 +19 static.mbedtls_platform_zeroize - 18 +18 sha256_starts 68 86 +18 pta_scp03_open_session - 18 +18 mbedtls_mpi_size - 18 +18 c2 - 18 +18 static.efi_cout_set_cursor_position 257 274 +17 rsa_get_bitlen - 17 +17 static.efi_register_notify_events - 16 +16 static.efi_cout_query_mode 241 257 +16 static.dfu_runtime_descs - 16 +16 static.__reset_get_bulk 166 182 +16 mbedtls_sha512_init - 16 +16 efi_guid_tcg2_protocol - 16 +16 efi_guid_final_events - 16 +16 efi_file_info_guid - 16 +16 clk_get_bulk 157 173 +16 efi_tcg2_set_active_pcr_banks - 15 +15 efi_tcg2_get_result_of_set_active_pcr_banks - 15 +15 efi_pxe_base_code_arp - 15 +15 unicode_test_utf8_utf16_strcpy 946 960 +14 mbedtls_mpi_add_mpi - 14 +14 c4 - 14 +14 c1 - 14 +14 efi_locate_device_path 541 554 +13 efi_file_read_int 610 623 +13 d4 - 13 +13 rtc_days_in_month - 12 +12 mbedtls_mpi_sub_mpi - 12 +12 i2 - 12 +12 static.efi_cin_unregister_key_notify 257 268 +11 efi_auth_var_get_type 102 113 +11 static.count_descriptors - 10 +10 i1 - 10 +10 fdt_overlay_apply 1887 1897 +10 x509_free_certificate 115 124 +9 static.efi_cout_output_string 534 543 +9 static.efi_cin_reset_ex 185 194 +9 static.efi_cin_reset 185 194 +9 static.dfu_intf_runtime - 9 +9 free_map_lookup - 9 +9 static.memset_func - 8 +8 static.efi_connect_controller 685 693 +8 mbedtls_sha512_info - 8 +8 mbedtls_sha384_info - 8 +8 mbedtls_sha256_info - 8 +8 mbedtls_sha1_info - 8 +8 mbedtls_md5_info - 8 +8 mbedtls_ct_zero - 8 +8 i3 - 8 +8 c3 - 8 +8 unicode_test_utf8_utf16_strlen 443 450 +7 unicode_test_utf16_utf8_strlen 443 450 +7 unicode_test_utf16_utf8_strcpy 1021 1028 +7 static.efi_firmware_raw_set_image 2312 2319 +7 static.efi_cin_register_key_notify 296 303 +7 static.efi_cin_read_key_stroke_ex 386 393 +7 static.efi_cin_read_key_stroke 247 254 +7 pci_bus_read_config 83 90 +7 mpi_bigendian_to_host - 7 +7 check_node_type 171 178 +7 ta_rpc_test_open_session - 6 +6 ta_avb_open_session - 6 +6 j3 - 6 +6 efi_signature_verify 1640 1646 +6 j1 - 5 +5 eficonfig_process_select_file 2179 2184 +5 efi_protocol_open 408 413 +5 efi_dp_from_file 274 279 +5 crypt_sha512crypt_rn_wrapped 2408 2413 +5 crypt_sha256crypt_rn_wrapped 1669 1674 +5 unicode_test_u16_strlen 269 273 +4 static.eficonfig_edit_boot_option 1567 1571 +4 static.efi_purge_handle 150 154 +4 static.avb_safe_memcmp 36 40 +4 sqfs_find_inode 347 351 +4 sqfs_dir_offset 101 105 +4 pci_conv_32_to_size 46 50 +4 pci_bus_find_devfn 121 125 +4 fdt_subnode_offset_namelen 240 244 +4 efi_unload_image 403 407 +4 efi_search_obj 43 47 +4 efi_delete_image 150 154 +4 efi_close_protocol 229 233 +4 efi_add_memory_map 34 38 +4 do_bootefi_exec 444 448 +4 dm_spi_release_bus 23 27 +4 dm_spi_claim_bus 153 157 +4 dm_pci_write_config8 10 14 +4 dm_pci_write_config16 13 17 +4 avb_validate_utf8 95 99 +4 avb_descriptor_validate_and_byteswap 96 100 +4 avb_descriptor_foreach 715 719 +4 avb_be64toh 7 11 +4 avb_be32toh 5 9 +4 asymmetric_key_generate_id 109 113 +4 unicode_test_u16_strncmp 377 380 +3 unicode_test_u16_strlcat 840 843 +3 unflatten_device_tree 274 277 +3 str_upper 648 651 +3 static.efi_reinstall_protocol_interface 277 280 +3 static.efi_exit 668 671 +3 sandbox_hub_bind 20 23 +3 find_handle 314 317 +3 eficonfig_file_selected 484 487 +3 efi_firmware_get_lsv_from_dtb 369 372 +3 efi_create_indexed_name 174 177 +3 efi_auth_var_get_guid 85 88 +3 SHA256_Update_recycled 76 79 +3 unicode_test_utf8_utf16_strncpy 929 931 +2 unicode_test_utf16_utf8_strncpy 921 923 +2 static.tcg2_measure_variable 236 238 +2 static.efi_cout_set_mode 222 224 +2 static.do_env_print 1278 1280 +2 prepare_file_selection_entry 400 402 +2 eficonfig_boot_edit_save 96 98 +2 eficonfig_add_change_boot_order_entry 346 348 +2 eficonfig_add_boot_selection_entry 461 463 +2 efi_str_to_u16 103 105 +2 efi_serialize_load_option 260 262 +2 efi_get_variable_mem 492 494 +2 efi_file_setinfo 523 525 +2 efi_file_getinfo 783 785 +2 efi_convert_string 109 111 +2 efi_binary_run 790 792 +2 do_bootmenu 2154 2156 +2 create_boot_option_entry 206 208 +2 bootdev_hunt 366 368 +2 add_packages 890 892 +2 unicode_test_efi_create_indexed_name 481 482 +1 u16_strsize 20 21 +1 u16_strlcat 106 107 +1 file_open 738 739 +1 efi_var_mem_ins 257 258 +1 cros_ec_spi_command 420 421 +1 efi_update_capsule 427 426 -1 byteReverse 1 - -1 static.efi_cout_set_attribute 249 247 -2 sha256_csum_wd 155 153 -2 vidconsole_sync_copy 13 9 -4 vidconsole_memmove 51 47 -4 tcg2_uninit 212 208 -4 static.hash_update_sha1 29 25 -4 spi_find_chip_select 440 436 -4 sha512_csum_wd 169 165 -4 read_tree_block 1566 1562 -4 read_allocated_block 2304 2300 -4 put_ext4 383 379 -4 free_extent_buffer 321 317 -4 ext4fs_update_journal 893 889 -4 ext4fs_read_inode 392 388 -4 ext4fs_devread 34 30 -4 efi_init_early 1055 1051 -4 cros_ec_register 291 287 -4 cros_ec_calc_checksum 27 23 -4 cache_tree_free_extents 57 53 -4 btrfs_setup_root 101 97 -4 btrfs_scan_one_device 675 671 -4 btrfs_release_all_roots 62 58 -4 btrfs_read_dev_super 1228 1224 -4 btrfs_free_path 38 34 -4 btrfs_free_fs_info 53 49 -4 btrfs_close_devices 136 132 -4 static.hash_update_sha512 22 17 -5 static.hash_update_sha256 22 17 -5 lib_test_efi_dp_check_length 593 588 -5 efi_stri_coll 252 247 -5 cros_ec_i2c_command 409 404 -5 static.ta_rpc_test_open_session 6 - -6 static.ta_avb_open_session 6 - -6 efi_str_to_fat 369 362 -7 static.free_map_lookup 9 - -9 efi_init_obj_list 5665 5656 -9 dfu_intf_runtime 9 - -9 count_descriptors 10 - -10 rsa_verify_key 383 372 -11 install_smbios_table 583 571 -12 d5 12 - -12 sha256_update 14 - -14 efi_runtime_relocate 240 226 -14 x509_akid_note_name 15 - -15 static.efi_tcg2_set_active_pcr_banks 15 - -15 static.efi_tcg2_get_result_of_set_active_pcr_banks 15 - -15 static.efi_pxe_base_code_arp 15 - -15 pkcs7_sig_note_skid 15 - -15 pkcs7_sig_note_serial 15 - -15 pkcs7_sig_note_issuer 15 - -15 static.rsapubkey_action_table 16 - -16 efi_register_notify_events 16 - -16 efi_guid_event_group_return_to_efibootmgr 16 - -16 efi_disk_probe 571 555 -16 dfu_runtime_descs 16 - -16 static.pta_scp03_open_session 18 - -18 sha384_csum_wd 296 276 -20 x509_note_serial 21 - -21 tcg2_create_digest 718 697 -21 static.hash_update_sha384 22 - -22 pkcs7_check_content_type 22 - -22 do_net_stats 371 349 -22 x509_decoder 24 - -24 x509_akid_decoder 24 - -24 rsapubkey_decoder 24 - -24 pkcs7_decoder 24 - -24 mscode_machine 24 - -24 mscode_decoder 24 - -24 mscode_action_table 24 - -24 set_descriptors 25 - -25 efi_set_variable_int 2130 2105 -25 x509_note_tbs_certificate 26 - -26 x509_note_not_before 28 - -28 x509_note_not_after 28 - -28 pkcs7_note_data 28 - -28 x509_note_issuer 30 - -30 rsa_get_n 30 - -30 static.ldo_set_value 113 81 -32 static.buck_set_value 203 171 -32 _u_boot_list_2_ut_lib_test_2_lib_asn1_x509 32 - -32 _u_boot_list_2_ut_lib_test_2_lib_asn1_pkey 32 - -32 _u_boot_list_2_ut_lib_test_2_lib_asn1_pkcs7 32 - -32 sandbox_tpm2_get_desc 35 - -35 x509_note_subject 36 - -36 pkcs7_note_content 36 - -36 simple_panel_enable_backlight 37 - -37 sha1_csum_wd 209 171 -38 ldo_get_suspend_value 38 - -38 x509_akid_action_table 40 - -40 static.hash_finish_sha384 40 - -40 x509_note_params 41 - -41 pkcs7_note_signeddata_version 41 - -41 asn1_op_lengths 41 - -41 subM 43 - -43 efi_esrt_populate 1209 1165 -44 ZSTD_decompressDCtx 7789 7745 -44 pkcs7_note_certificate_list 46 - -46 static.public_key_signature_free 48 - -48 static.event_log 48 - -48 mscode_note_digest 51 - -51 ldo_set_suspend_value 51 - -51 pldo_get_value 54 - -54 pldo_get_suspend_value 54 - -54 unicode_test_u16_strcmp 56 - -56 static.efi_tcg2_protocol 56 - -56 rsa_get_e 56 - -56 nldo_get_value 57 - -57 nldo_get_suspend_value 57 - -57 x509_extract_name_segment 62 - -62 sha256_padding 64 - -64 sha1_padding 64 - -64 nldo_get_suspend_enable 64 - -64 static.free_extent_state_func 65 - -65 sqfs_disk_read 65 - -65 sqfs_calc_n_blks 65 - -65 nldo_set_suspend_enable 65 - -65 static.ldo_get_value 133 66 -67 static.buck_get_value 196 129 -67 simple_panel_set_backlight 68 - -68 pkcs7_sig_note_signature 68 - -68 static.__func__ 32530 32459 -71 sqfs_count_tokens 72 - -72 pkcs7_sig_note_set_of_authattrs 72 - -72 static.pta_scp03_invoke_func 73 - -73 pldo_set_value 75 - -75 pldo_set_suspend_value 75 - -75 pldo_get_suspend_enable 75 - -75 pkcs7_sig_note_pkey_algo 75 - -75 nldo_set_value 75 - -75 nldo_set_suspend_value 75 - -75 static.ldo_set_enable 370 293 -77 static.buck_set_enable 482 405 -77 pldo_set_suspend_enable 78 - -78 static.find_device 79 - -79 pkcs7_note_signerinfo_version 79 - -79 x509_akid_note_kid 80 - -80 x509_akid_note_serial 81 - -81 pkcs7_extract_cert 81 - -81 sqfs_read_entry 82 - -82 nldo_get_enable 83 - -83 sha512_finish 123 32 -91 sha384_finish 123 32 -91 static.ldo_get_enable 386 294 -92 static.buck_get_enable 443 351 -92 x509_akid_machine 93 - -93 buck_set_suspend_value 93 - -93 x509_extract_key_data 98 - -98 static.efi_reserve_memory 101 - -101 buck_get_suspend_value 101 - -101 x509_action_table 104 - -104 x509_note_OID 105 - -105 pldo_get_enable 108 - -108 x509_machine 113 - -113 overlay_adjust_node_phandles 117 - -117 static.reg_set_enable 118 - -118 x509_process_extension 125 - -125 x509_note_signature 129 - -129 switch_get_enable 130 - -130 nldo_set_enable 130 - -130 pkcs7_note_OID 136 - -136 pkcs7_action_table 136 - -136 pldo_set_enable 141 - -141 static.__alloc_extent_buffer 146 - -146 switch_set_enable 150 - -150 oid_index 150 - -150 static.hash_init_sha384 152 - -152 sha512_base_do_finalize 154 - -154 unregister_package_notify 169 - -169 duplicate_device_path 180 - -180 ldo_get_suspend_enable 182 - -182 pkcs7_note_signed_info 187 - -187 append_device_node 188 - -188 mscode_note_content_type 189 - -189 pkcs7_sig_note_digest_algo 190 - -190 append_device_path 190 - -190 get_device_path_size 191 - -191 efi_open_volume 191 - -191 static.sha256_update 194 - -194 static.sha512_base_do_update 195 - -195 ldo_set_suspend_enable 195 - -195 set_keyboard_layout 196 - -196 sqfs_tokenize 197 - -197 montMul 198 - -198 is_device_path_multi_instance 201 - -201 usb_emul_find_devnum 206 - -206 export_package_lists 206 - -206 look_up_OID 207 - -207 remove_package_list 208 - -208 dfu_handle 213 - -213 static.sha1_update 216 - -216 overlay_get_target 220 - -220 register_package_notify 222 - -222 create_device_node 222 - -222 dm_pciauto_exp_link_stable 227 - -227 get_package_list_handle 231 - -231 pkcs7_machine 239 - -239 static.sprint_oid 241 - -241 lib_asn1_pkcs7 244 - -244 sha256_k 256 - -256 buck_set_suspend_enable 264 - -264 pkcs7_sig_note_authenticated_attr 268 - -268 static.efi_tcg2_get_active_pcr_banks 273 - -273 buck_get_suspend_enable 276 - -276 sha1_finish 288 - -288 lib_asn1_pkey 290 - -290 get_next_device_path_instance 290 - -290 x509_note_pkey_algo 291 - -291 static.spi_set_speed_mode 291 - -291 efi_convert_device_node_to_text 293 - -293 oid_search_table 296 - -296 get_secondary_languages 301 - -301 append_device_path_instance 311 - -311 static.efi_tcg2_notify_exit_boot_services 316 - -316 sha256_finish 357 32 -325 mscode_note_digest_algo 327 - -327 find_keyboard_layouts 339 - -339 static.efi_tcg2_submit_command 351 - -351 get_keyboard_layout 355 - -355 new_package_list 359 - -359 efi_disconnect_all_drivers 359 - -359 efi_convert_device_path_to_text 359 - -359 get_string 526 166 -360 static.efi_tcg2_get_eventlog 361 - -361 update_package_list 374 - -374 efi_uninstall_protocol 396 - -396 list_package_lists 398 - -398 get_languages 402 - -402 static.load_full_partition 417 - -417 lib_asn1_x509 423 - -423 static.x509_fabricate_name 428 - -428 static.longest_match 428 - -428 set_string 448 - -448 new_string 450 - -450 static.find_and_setup_root 460 - -460 static.efi_tcg2_get_capability 462 - -462 overlay_update_local_node_references 479 - -479 sqfs_resolve_symlink 505 - -505 oid_data 513 - -513 static.public_key 540 - -540 sqfs_frag_lookup 601 - -601 static.efi_tcg2_hash_log_extend_event 622 - -622 dfu_bind 637 - -637 dm_pciauto_setup_device 743 - -743 static.x509_decode_time 779 - -779 static.ta_avb_invoke_func 783 - -783 x509_cert_parse 973 179 -794 static.ta_rpc_test_invoke_func 812 - -812 static.read_persistent_digest 829 - -829 pci_uclass_pre_probe 832 - -832 cert_data 971 - -971 sqfs_search_dir 1332 - -1332 simple_panel_get_edid_timing 1381 - -1381 asn1_ber_decoder 1511 - -1511 static.read_one_chunk 1610 - -1610 rsa_verify_with_pkey 1680 - -1680 static.run_test 1710 - -1710 sha512_block_fn 1714 - -1714 image_pk7 1811 - -1811 MD5Transform 1812 - -1812 sandbox_tpm2_xfer 2605 - -2605 pci_uclass_post_probe 3570 - -3570 sha1_process_one 8090 - -8090 sha256_process_one 9972 - -9972 ``` Raymond Mao (28): CI: Exclude MbedTLS subtree for CONFIG checks mbedtls: add mbedtls into the build system lib: Adapt digest header files to MbedTLS md5: Remove md5 non-watchdog API sha1: Remove sha1 non-watchdog API mbedtls: add digest shim layer for MbedTLS hash: integrate hash on mbedtls mbedtls: Enable smaller implementation for SHA256/512 mbedtls/external: support Microsoft Authentication Code mbedtls/external: support PKCS9 Authenticate Attributes mbedtls/external: support decoding multiple signer's cert mbedtls/external: update MbedTLS PKCS7 test suites public_key: move common functions to public key helper x509: move common functions to x509 helper pkcs7: move common functions to PKCS7 helper mbedtls: add public key porting layer lib/crypto: Adapt public_key header with MbedTLS mbedtls: add X509 cert parser porting layer lib/crypto: Adapt x509_cert_parser to MbedTLS mbedtls: add PKCS7 parser porting layer lib/crypto: Adapt PKCS7 parser to MbedTLS mbedtls: add MSCode parser porting layer lib/crypto: Adapt mscode_parser to MbedTLS mbedtls: add RSA helper layer on MbedTLS lib/rypto: Adapt rsa_helper to MbedTLS asn1_decoder: add build options for ASN1 decoder test: Remove ASN1 library test configs: enable MbedTLS as default setting .azure-pipelines.yml | 3 +- .gitlab-ci.yml | 3 +- Makefile | 6 + board/friendlyarm/nanopi2/board.c | 3 +- board/gdsys/a38x/hre.c | 2 +- board/intel/edison/edison.c | 3 +- board/xilinx/zynq/bootimg.c | 2 +- common/hash.c | 146 +++++ configs/qemu_arm64_defconfig | 1 + configs/sandbox_defconfig | 1 + include/crypto/mscode.h | 4 + include/crypto/pkcs7_parser.h | 56 ++ include/crypto/public_key.h | 6 + include/crypto/x509_parser.h | 55 ++ include/limits.h | 25 + include/linux/kernel.h | 13 +- include/stdlib.h | 1 + include/u-boot/md5.h | 14 +- include/u-boot/sha1.h | 37 +- include/u-boot/sha256.h | 20 + include/u-boot/sha512.h | 9 + lib/Kconfig | 4 + lib/Makefile | 14 +- lib/crypto/Kconfig | 2 +- lib/crypto/Makefile | 16 +- lib/crypto/asymmetric_type.c | 2 +- lib/crypto/pkcs7_helper.c | 37 ++ lib/crypto/pkcs7_parser.c | 28 - lib/crypto/public_key.c | 31 -- lib/crypto/public_key_helper.c | 39 ++ lib/crypto/x509_helper.c | 64 +++ lib/crypto/x509_public_key.c | 58 +- lib/mbedtls/Kconfig | 424 +++++++++++++++ lib/mbedtls/Makefile | 56 ++ .../external/mbedtls/include/mbedtls/oid.h | 35 ++ .../external/mbedtls/include/mbedtls/pkcs7.h | 21 + lib/mbedtls/external/mbedtls/library/pkcs7.c | 154 ++++-- .../tests/suites/test_suite_pkcs7.data | 4 +- lib/mbedtls/mbedtls_def_config.h | 75 +++ lib/mbedtls/md5.c | 57 ++ lib/mbedtls/mscode_parser.c | 123 +++++ lib/mbedtls/pkcs7_parser.c | 506 ++++++++++++++++++ lib/mbedtls/port/assert.h | 12 + lib/mbedtls/public_key.c | 82 +++ lib/mbedtls/rsa_helper.c | 95 ++++ lib/mbedtls/sha1.c | 99 ++++ lib/mbedtls/sha256.c | 62 +++ lib/mbedtls/sha512.c | 93 ++++ lib/mbedtls/x509_cert_parser.c | 447 ++++++++++++++++ lib/md5.c | 14 - lib/sha1.c | 13 - lib/tpm-v1.c | 2 +- test/Kconfig | 2 +- 53 files changed, 2849 insertions(+), 232 deletions(-) create mode 100644 include/limits.h create mode 100644 lib/crypto/pkcs7_helper.c create mode 100644 lib/crypto/public_key_helper.c create mode 100644 lib/crypto/x509_helper.c create mode 100644 lib/mbedtls/Kconfig create mode 100644 lib/mbedtls/Makefile create mode 100644 lib/mbedtls/mbedtls_def_config.h create mode 100644 lib/mbedtls/md5.c create mode 100644 lib/mbedtls/mscode_parser.c create mode 100644 lib/mbedtls/pkcs7_parser.c create mode 100644 lib/mbedtls/port/assert.h create mode 100644 lib/mbedtls/public_key.c create mode 100644 lib/mbedtls/rsa_helper.c create mode 100644 lib/mbedtls/sha1.c create mode 100644 lib/mbedtls/sha256.c create mode 100644 lib/mbedtls/sha512.c create mode 100644 lib/mbedtls/x509_cert_parser.c