From patchwork Wed Sep 18 22:01:52 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Rasmus Villemoes X-Patchwork-Id: 1164422 X-Patchwork-Delegate: trini@ti.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.denx.de (client-ip=81.169.180.215; helo=lists.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=prevas.dk Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=prevas.se header.i=@prevas.se header.b="VloIgzXT"; dkim-atps=neutral Received: from lists.denx.de (dione.denx.de [81.169.180.215]) by ozlabs.org (Postfix) with ESMTP id 46Yr784K5Cz9sPD for ; Thu, 19 Sep 2019 18:46:44 +1000 (AEST) Received: by lists.denx.de (Postfix, from userid 105) id 6007AC22171; Thu, 19 Sep 2019 07:27:52 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=SPF_HELO_PASS, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 09275C22175; Thu, 19 Sep 2019 07:27:29 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 65F1CC22165; Thu, 19 Sep 2019 07:27:26 +0000 (UTC) Received: from EUR01-VE1-obe.outbound.protection.outlook.com (mail-eopbgr140105.outbound.protection.outlook.com [40.107.14.105]) by lists.denx.de (Postfix) with ESMTPS id 4589EC22161 for ; Thu, 19 Sep 2019 07:27:24 +0000 (UTC) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=MzPrIZwkCO/QSMVCB1cmqh2IZ7mwtoJcrDwPm5WM3NemxdEHmkFv0+oDqNzf40WOEx02+hJKnW+i5+zQGAZX400VkPt7KFi5F0AzPt4jnAxNKU9P6FcxP9MamxNbleSUl8r+l8js3U7UIV3XuGbZca+azEcrVXN3P74yVfqY7bURu/JiIZFU/ip/BRVo4T0NRhBY738ItQUT49gZ5FQs5rchmlHPGmnjFKe4iFgJZoqfsBazPXwq1R498T8vXikNNrMpjnFZG9uVra653Rb2+UJCPTbbnhYQbsXRSE3qtf0HSzmjNYu9s5mulrDWvEp/BruGIUVBiueHatB0d7Y+6A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=qnJkPofISt7y+7AKWqy8KLNprmAhn4WUBelGhWIdT1k=; b=IVb+wWGXsOx7XUf/uBBAfyne/JCCqtCIQHNP7vm/t0vs/XkrJA7KpkHi+5ZVdTs8RlXsluPIkT0sWWvASjiaGuT7rf4Jswy3rh0jzaRKRFtoEff0on7Mz6OgpqVg7djrMdyI4nUqpPBfYPgjpHuug53ub/6gJdwQ4qlE9GPY4xHH+R0p38rv3mBw6J+tYfhBb5W6Oxdiv+2iMEJ5kI283ZpRc8vk6jWtUAMFjjFsC0qNasQZCnx2L13A7RrkwBFarMYH3FwntKCiA4C1Fn7NkfD4LIrgD8GRwDetPSUo3g/oje8UH9loAL4jpjH8j2v6dEDSGlWR7OkPtfHSWIx23A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=prevas.se; dmarc=pass action=none header.from=prevas.dk; dkim=pass header.d=prevas.dk; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=prevas.se; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=qnJkPofISt7y+7AKWqy8KLNprmAhn4WUBelGhWIdT1k=; b=VloIgzXTrqhn6u2/Nb55FHdHnRKX/sY/17dKZypkYTH4Fdd6VLNL5kpISTZp4suNblaetr5+/+XkhyN/exraVrrz7xWg85O9ZMdx5Cxr8nh21Gtb0CxXeIZfgiDgb8vrLTUo/p3jEZd3oCzG2tv5E5lIwmohS1Ow4F2+oyVRyvw= Received: from DB8PR10MB3483.EURPRD10.PROD.OUTLOOK.COM (10.186.164.147) by DB8PR10MB3083.EURPRD10.PROD.OUTLOOK.COM (10.255.17.10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2263.26; Wed, 18 Sep 2019 22:01:52 +0000 Received: from DB8PR10MB3483.EURPRD10.PROD.OUTLOOK.COM ([fe80::95cb:8839:7c7c:efb8]) by DB8PR10MB3483.EURPRD10.PROD.OUTLOOK.COM ([fe80::95cb:8839:7c7c:efb8%2]) with mapi id 15.20.2263.023; Wed, 18 Sep 2019 22:01:52 +0000 From: Rasmus Villemoes To: "u-boot@lists.denx.de" Thread-Topic: [RFC PATCH 1/3] u-boot/sha256.h: add SHA256_INIT macro Thread-Index: AQHVbmytajbhUl2cIkin2kYuhhMGPg== Date: Wed, 18 Sep 2019 22:01:52 +0000 Message-ID: <20190918220140.838-2-rasmus.villemoes@prevas.dk> References: <20190918220140.838-1-rasmus.villemoes@prevas.dk> In-Reply-To: <20190918220140.838-1-rasmus.villemoes@prevas.dk> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-clientproxiedby: HE1PR0102CA0063.eurprd01.prod.exchangelabs.com (2603:10a6:7:7d::40) To DB8PR10MB3483.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:133::19) x-mailer: git-send-email 2.20.1 authentication-results: spf=none (sender IP is ) smtp.mailfrom=Rasmus.Villemoes@prevas.se; x-ms-exchange-messagesentrepresentingtype: 1 x-originating-ip: [5.186.115.35] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: b84f4d8c-1696-477e-9342-08d73c83cfd6 x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(5600167)(711020)(4605104)(1401327)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(2017052603328)(7193020); SRVR:DB8PR10MB3083; x-ms-traffictypediagnostic: DB8PR10MB3083: x-ms-exchange-transport-forked: True x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:238; x-forefront-prvs: 01644DCF4A x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(346002)(376002)(366004)(136003)(396003)(39850400004)(199004)(189003)(6916009)(5660300002)(11346002)(476003)(478600001)(66066001)(4744005)(26005)(386003)(52116002)(76176011)(446003)(4326008)(2501003)(71200400001)(1076003)(305945005)(71190400001)(6486002)(2616005)(99286004)(186003)(6436002)(44832011)(486006)(81156014)(14454004)(5640700003)(8976002)(25786009)(42882007)(316002)(3846002)(6116002)(6506007)(102836004)(8676002)(66556008)(66446008)(66476007)(6512007)(64756008)(50226002)(256004)(2906002)(2351001)(7736002)(81166006)(8936002)(54906003)(36756003)(66946007)(107886003); DIR:OUT; SFP:1102; SCL:1; SRVR:DB8PR10MB3083; H:DB8PR10MB3483.EURPRD10.PROD.OUTLOOK.COM; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1; received-spf: None (protection.outlook.com: prevas.se does not designate permitted sender hosts) x-ms-exchange-senderadcheck: 1 x-microsoft-antispam-message-info: Uqw7XP9vO3mP4sFX/UBll9W3tUjkxfqnFH61usfLoi/ElC0LxdO51N6jYEzoNpipwmO6yZLrypGzgo4jti+h5sZBRUfoXyLR2BAXazrOxySUvzvOW/Jij91+tDXkPmU8E/P3sSNAmE3jH43KnPG+NlImfH4C6FFbISAwXM7K1SAq3t9rZJXXkTIiIHC4VjnEVlAaoS5nKHKrmPUG21QobyGNZJnBulTeVz1GZDfYhxheTs5NWjApzu0CRHIXzIsJYic6v+euoPt1WJOCAUnC3egAviF7roP9lwZc32GzWI4pzoPOsUgk1o9lYziqPNePiZ5PtkAJXa63uka10u8tCFINXhLXHtv4JXhH84IbBh3BQj1RmNueRWU8cvuPlddDtOXLmULMKwehHjjLhuSsTcIvmkTTWAUbg3uY21TLTUw= MIME-Version: 1.0 X-OriginatorOrg: prevas.dk X-MS-Exchange-CrossTenant-Network-Message-Id: b84f4d8c-1696-477e-9342-08d73c83cfd6 X-MS-Exchange-CrossTenant-originalarrivaltime: 18 Sep 2019 22:01:52.4245 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: d350cf71-778d-4780-88f5-071a4cb1ed61 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: yXnZiD9kji/Zsx7CGQjY7RNSBYOdVTAR6sT4Ozw1O8mFxZ4A9q2L8N9nl7wedK0z5muCbi5geRh8lMhO4HuGqaUuMmJQYqspIvB7bYdnzm8= X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB8PR10MB3083 Cc: Rasmus Villemoes , Tom Rini Subject: [U-Boot] [RFC PATCH 1/3] u-boot/sha256.h: add SHA256_INIT macro X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" To be used for statically initializing a sha256 context. Signed-off-by: Rasmus Villemoes --- include/u-boot/sha256.h | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/include/u-boot/sha256.h b/include/u-boot/sha256.h index 9aa1251789..10f42091ee 100644 --- a/include/u-boot/sha256.h +++ b/include/u-boot/sha256.h @@ -22,4 +22,15 @@ void sha256_finish(sha256_context * ctx, uint8_t digest[SHA256_SUM_LEN]); void sha256_csum_wd(const unsigned char *input, unsigned int ilen, unsigned char *output, unsigned int chunk_sz); +#define SHA256_INIT { \ + .state[0] = 0x6A09E667, \ + .state[1] = 0xBB67AE85, \ + .state[2] = 0x3C6EF372, \ + .state[3] = 0xA54FF53A, \ + .state[4] = 0x510E527F, \ + .state[5] = 0x9B05688C, \ + .state[6] = 0x1F83D9AB, \ + .state[7] = 0x5BE0CD19, \ + } + #endif /* _SHA256_H */ From patchwork Wed Sep 18 22:01:53 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Rasmus Villemoes X-Patchwork-Id: 1164416 X-Patchwork-Delegate: trini@ti.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.denx.de (client-ip=81.169.180.215; helo=lists.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=prevas.dk Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=prevas.se header.i=@prevas.se header.b="bgkq9l6p"; dkim-atps=neutral Received: from lists.denx.de (dione.denx.de [81.169.180.215]) by ozlabs.org (Postfix) with ESMTP id 46Yr756y0lz9s7T for ; Thu, 19 Sep 2019 18:46:41 +1000 (AEST) Received: by lists.denx.de (Postfix, from userid 105) id E8F45C22185; Thu, 19 Sep 2019 07:27:29 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=SPF_HELO_PASS, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 09745C22164; Thu, 19 Sep 2019 07:27:28 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 49036C22161; Thu, 19 Sep 2019 07:27:26 +0000 (UTC) Received: from EUR01-VE1-obe.outbound.protection.outlook.com (mail-eopbgr140105.outbound.protection.outlook.com [40.107.14.105]) by lists.denx.de (Postfix) with ESMTPS id 915CBC22164 for ; Thu, 19 Sep 2019 07:27:24 +0000 (UTC) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=JvtnPXlNrU779XbylO9heHcLxmKVLblfhZFgRvzqKFEdU9JDuy4UJ2xX3opFWwX13PpHbsIap/+jcezJ0nHnjfbBJfdzDnIs59N2tNXUl2sCJSj1IMHQdh9IWzlAauv/bRsRBz3ChhuVNneR2j/36LT/7DNxfygUSRAZO61z1c9z7cpsNvd3ZdHltsuJURh7QIUITmlulACuu/F0WXrn/ol3DrT7sy7xBP5dq7brqMuRqCXBPaxw1G1Bl6tJdK9RBOEYRv2zWZho5yUrULpEkzEH/d2LqmCbVEiwEMYNxpwv6XtFQ7sEaeqXmzPqL5PGK01IqcIu5XOVEtSSfFJzEQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=1D7t9URMsc9/Y0WmKRie3ZTeczXaWxTGcGF8IsyFWb4=; b=lnePuMJR2yeweL483GQ/1bvyXrFVKxNMml6t40qoZls9IRCGjCrQrVotrPmsnN04fcuah43tLOyIqoZXANNzB2D2sFYGKnPhcMjA4D6MHi0fPavnaLymsXLWF+i3DxEKcXdkj0jcoIMy7GzcAI8ec59AS70qzwv/+Qpu4wK8LtBIBboslZ1S1jgo6NTX7/e1EyORXbMaKZBUAkW5kNcPlx90vcnSGwinC2HbsXQy7axrlzAInBvszU8fIgSfVtOOxt5eYv3/kUb8GDHN/e3mf6YiQq2S5PL00B0AZz+tmLjYUxSjJrwoy5OusdU6EJXuiTWwso/I0L1x2PQsJAxJ3w== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=prevas.se; dmarc=pass action=none header.from=prevas.dk; dkim=pass header.d=prevas.dk; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=prevas.se; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=1D7t9URMsc9/Y0WmKRie3ZTeczXaWxTGcGF8IsyFWb4=; b=bgkq9l6p8HGpsqmrBnVbgLDhTd+lB9z8cS0npxVQC1NIBJ0uymiWVyUdcrYbrwYDBoR+5vo+UQHw18CXLEfGpBkK8VDrCn544gJxquaIMBdncoQ4qMvo5NmTUBUF5HumooZJhN7De8IjVnj8w4GiFSndDGJflylo6Icb68r5kAs= Received: from DB8PR10MB3483.EURPRD10.PROD.OUTLOOK.COM (10.186.164.147) by DB8PR10MB3083.EURPRD10.PROD.OUTLOOK.COM (10.255.17.10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2263.26; Wed, 18 Sep 2019 22:01:53 +0000 Received: from DB8PR10MB3483.EURPRD10.PROD.OUTLOOK.COM ([fe80::95cb:8839:7c7c:efb8]) by DB8PR10MB3483.EURPRD10.PROD.OUTLOOK.COM ([fe80::95cb:8839:7c7c:efb8%2]) with mapi id 15.20.2263.023; Wed, 18 Sep 2019 22:01:53 +0000 From: Rasmus Villemoes To: "u-boot@lists.denx.de" Thread-Topic: [RFC PATCH 2/3] u-boot/sha256.h: include linux/types.h Thread-Index: AQHVbmyuaUnIxBWHO0+Iure8ZEoNuw== Date: Wed, 18 Sep 2019 22:01:53 +0000 Message-ID: <20190918220140.838-3-rasmus.villemoes@prevas.dk> References: <20190918220140.838-1-rasmus.villemoes@prevas.dk> In-Reply-To: <20190918220140.838-1-rasmus.villemoes@prevas.dk> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-clientproxiedby: HE1PR0102CA0063.eurprd01.prod.exchangelabs.com (2603:10a6:7:7d::40) To DB8PR10MB3483.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:133::19) x-mailer: git-send-email 2.20.1 authentication-results: spf=none (sender IP is ) smtp.mailfrom=Rasmus.Villemoes@prevas.se; x-ms-exchange-messagesentrepresentingtype: 1 x-originating-ip: [5.186.115.35] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: e96ef54c-9a04-43ac-d5a3-08d73c83d06c x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(5600167)(711020)(4605104)(1401327)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(2017052603328)(7193020); SRVR:DB8PR10MB3083; x-ms-traffictypediagnostic: DB8PR10MB3083: x-ms-exchange-transport-forked: True x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:160; x-forefront-prvs: 01644DCF4A x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(346002)(376002)(366004)(136003)(396003)(39850400004)(199004)(189003)(6916009)(5660300002)(11346002)(476003)(478600001)(66066001)(4744005)(26005)(386003)(52116002)(76176011)(446003)(4326008)(2501003)(71200400001)(1076003)(305945005)(71190400001)(6486002)(2616005)(99286004)(186003)(6436002)(44832011)(486006)(81156014)(14454004)(5640700003)(8976002)(25786009)(42882007)(316002)(3846002)(6116002)(6506007)(102836004)(8676002)(66556008)(66446008)(66476007)(6512007)(64756008)(50226002)(256004)(2906002)(2351001)(7736002)(81166006)(8936002)(54906003)(36756003)(66946007)(107886003); DIR:OUT; SFP:1102; SCL:1; SRVR:DB8PR10MB3083; H:DB8PR10MB3483.EURPRD10.PROD.OUTLOOK.COM; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1; received-spf: None (protection.outlook.com: prevas.se does not designate permitted sender hosts) x-ms-exchange-senderadcheck: 1 x-microsoft-antispam-message-info: WiPgA0Qsh3hrkA/2ypoyHq1wD6MbczEi/nGihoET4AcCIj/5fV0rCm7f83UybOdPwZnSI34l6Jjx9PqbgYtAzO+GaD7+FCsvSb02p0XMPeyfV0XJNMcHjheHMrdxXQLCTrxzbMy2J+bvvxd7BuDm7zHS1vuEaXK0r9kZJiRexN3JwI1wCJSbWmdy1L2DwaZqNiY50Nh0aI3pz+lPmboFpAHc8KEHcXjeuqOPgHci6AFKhg5RB9RI2h0laRTi/FI0+ckgj1J9qDbsotorpuiHRpmlqB2OK3KfTa1vGJxznN8G/f++PqvqAjhha3QA8Y+VJfZUxrxf3vvA/h0XuIV5NfnQpVgrtHmOv/cOhbNp4bL5i7BxFMN+BuQ08LHeZhVbo1hjiizMZGrhRwj+TtrE8FZLrdCn7yHXiRZOZj19Ouk= MIME-Version: 1.0 X-OriginatorOrg: prevas.dk X-MS-Exchange-CrossTenant-Network-Message-Id: e96ef54c-9a04-43ac-d5a3-08d73c83d06c X-MS-Exchange-CrossTenant-originalarrivaltime: 18 Sep 2019 22:01:53.4202 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: d350cf71-778d-4780-88f5-071a4cb1ed61 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: 48n2L/CJu+BBYtBSft5k2UgpSofJ9Q1owpQ6NKKxJm439M/u64K36s6HbOdHpW2/OvCeFlmv9DkO2RmJkBgPHKEcqNNI7FV7nMMmDoxe27Q= X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB8PR10MB3083 Cc: Rasmus Villemoes , Tom Rini Subject: [U-Boot] [RFC PATCH 2/3] u-boot/sha256.h: include linux/types.h X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" One cannot use sha256.h by itself - the includer must already have made sure that uint32_t and friends are defined; i.e., having included linux/types.h either directly or indirectly. That's a little annoying, so just make the header self-contained. Signed-off-by: Rasmus Villemoes --- include/u-boot/sha256.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/include/u-boot/sha256.h b/include/u-boot/sha256.h index 10f42091ee..9e16b9715e 100644 --- a/include/u-boot/sha256.h +++ b/include/u-boot/sha256.h @@ -1,6 +1,8 @@ #ifndef _SHA256_H #define _SHA256_H +#include + #define SHA256_SUM_LEN 32 #define SHA256_DER_LEN 19 From patchwork Wed Sep 18 22:01:54 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Rasmus Villemoes X-Patchwork-Id: 1164425 X-Patchwork-Delegate: trini@ti.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.denx.de (client-ip=81.169.180.215; helo=lists.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=prevas.dk Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=prevas.se header.i=@prevas.se header.b="pe+GsV7C"; dkim-atps=neutral Received: from lists.denx.de (dione.denx.de [81.169.180.215]) by ozlabs.org (Postfix) with ESMTP id 46Yr7B0CbMz9sPR for ; Thu, 19 Sep 2019 18:46:45 +1000 (AEST) Received: by lists.denx.de (Postfix, from userid 105) id 2AF8CC2216F; Thu, 19 Sep 2019 07:28:03 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=SPF_HELO_PASS, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id AD54BC2217D; Thu, 19 Sep 2019 07:27:29 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 74E8FC22167; Thu, 19 Sep 2019 07:27:26 +0000 (UTC) Received: from EUR01-VE1-obe.outbound.protection.outlook.com (mail-eopbgr140105.outbound.protection.outlook.com [40.107.14.105]) by lists.denx.de (Postfix) with ESMTPS id CD432C22165 for ; Thu, 19 Sep 2019 07:27:24 +0000 (UTC) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=f+McySprbw0Dsa5T/doeWbdUg+u1GGgzKE2gFp3dYv4kQVOmoq5tMxPeDqn0uilYy4sJMMYgfPT+EnFSW5ZcQx9cPmAIrNpv5f+p8HNLnYUKkXGh0g9wXgOdIoz7UdyBJEXJ3Y7/hFqtgjnFLFqCXlKkcLHWTBW5iYChvN2G7747VfOIvcYoJwdPkCHOGYp3Zm93ZyP3lsXs7qVgY60dJ+Ay09SIzZY+umnFLGorVphgoZxYnXEJEkPDX/deNkEnaIidRnjbLGnEQB5JteK4Dve7bLevU8HA4Frv+QhkofP9UAO+/SGY/E6yM4wU3IommwY/VV4Qkc0g9GKhhOKzIg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=jOUClROfJfG6HGhfBix54VuI3mpAkzEYk/bQR77WxR4=; b=Vlo/orBUXzrBeCzMJ6+cDPPDr2t54DzIptEE55bNVDm66zpr1V6IwnGv8WqarcpbjdS90YiIyQpYabZe4E/3ebqM4CqDyHabW8OJiDEBoC1Wqsu2vktp0IBVHaeMKnDZIIx+RZPc9T2EC9ff7hntIejslYQKwrcjG1DNmOOADa68g1xTtJPiF3OBx6wEehjj7RmG7Vnl2xXu5UIjYwWGllHn/kuXVJExNM/a+gqESa6x+VdB5P1JSkY2m79NRg/kVQNIYv7LsRgofDhgEilDDfqqwYQhh0Hc0rKO+kaPNZ6X7V/e1fDl5ir/6OX+khKUjJtgLFsdv/JWI164PW9RwQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=prevas.se; dmarc=pass action=none header.from=prevas.dk; dkim=pass header.d=prevas.dk; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=prevas.se; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=jOUClROfJfG6HGhfBix54VuI3mpAkzEYk/bQR77WxR4=; b=pe+GsV7C7bN/AcM9iG+eRXMfaIevT9CjbGKE3XSLpMFxufyHODFRkzoFpkjxSZk1aeSBVqjvXrv/64vLU9/F4b2xpaKG3iw8MUu4yIpx8EeUb4mIP+qT2g6I8rTTbOwHKdoKtPLy29dXhFSZ26+fqa4QacZycrY9+8USvo38Oeg= Received: from DB8PR10MB3483.EURPRD10.PROD.OUTLOOK.COM (10.186.164.147) by DB8PR10MB3083.EURPRD10.PROD.OUTLOOK.COM (10.255.17.10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2263.26; Wed, 18 Sep 2019 22:01:54 +0000 Received: from DB8PR10MB3483.EURPRD10.PROD.OUTLOOK.COM ([fe80::95cb:8839:7c7c:efb8]) by DB8PR10MB3483.EURPRD10.PROD.OUTLOOK.COM ([fe80::95cb:8839:7c7c:efb8%2]) with mapi id 15.20.2263.023; Wed, 18 Sep 2019 22:01:54 +0000 From: Rasmus Villemoes To: "u-boot@lists.denx.de" Thread-Topic: [RFC PATCH 3/3] add infrastructure for collecting entropy Thread-Index: AQHVbmyuXT/FpA7Y9Ue6rYkWWsdUxw== Date: Wed, 18 Sep 2019 22:01:54 +0000 Message-ID: <20190918220140.838-4-rasmus.villemoes@prevas.dk> References: <20190918220140.838-1-rasmus.villemoes@prevas.dk> In-Reply-To: <20190918220140.838-1-rasmus.villemoes@prevas.dk> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-clientproxiedby: HE1PR0102CA0063.eurprd01.prod.exchangelabs.com (2603:10a6:7:7d::40) To DB8PR10MB3483.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:133::19) x-mailer: git-send-email 2.20.1 authentication-results: spf=none (sender IP is ) smtp.mailfrom=Rasmus.Villemoes@prevas.se; x-ms-exchange-messagesentrepresentingtype: 1 x-originating-ip: [5.186.115.35] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 1f09c12a-74a0-430e-481e-08d73c83d0f4 x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(5600167)(711020)(4605104)(1401327)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(2017052603328)(7193020); SRVR:DB8PR10MB3083; x-ms-traffictypediagnostic: DB8PR10MB3083: x-ms-exchange-transport-forked: True x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:10000; x-forefront-prvs: 01644DCF4A x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(346002)(376002)(366004)(136003)(396003)(39850400004)(199004)(189003)(6916009)(14444005)(5660300002)(11346002)(476003)(478600001)(66066001)(26005)(386003)(52116002)(76176011)(446003)(4326008)(2501003)(71200400001)(1076003)(305945005)(71190400001)(6486002)(2616005)(99286004)(186003)(6436002)(44832011)(486006)(81156014)(14454004)(5640700003)(8976002)(25786009)(42882007)(316002)(3846002)(6116002)(6506007)(102836004)(8676002)(66556008)(66446008)(66476007)(6512007)(64756008)(50226002)(256004)(2906002)(2351001)(7736002)(81166006)(8936002)(54906003)(36756003)(66946007)(107886003); DIR:OUT; SFP:1102; SCL:1; SRVR:DB8PR10MB3083; H:DB8PR10MB3483.EURPRD10.PROD.OUTLOOK.COM; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1; received-spf: None (protection.outlook.com: prevas.se does not designate permitted sender hosts) x-ms-exchange-senderadcheck: 1 x-microsoft-antispam-message-info: nC7TYkyGlK3zwGYYVYtKdUdhJmdx2Y/AF6Z/vsoLFBc84vi37uohAlVnvFJFsYoOankCCF5kxf6+Txg3rdWKY+Yk9TUEcqQLPR8qcn0PH3W4Lz+xAGu4Xbllp09VtzbO5PTll7rEbtFMk7gAkIa6cVPaP9wGpdgKsdeB3FtSFgmcMkxfB47CimzfrMqnlv2sn/lBSK/R7zTO2BYjUFoTLusiGZFGY21e+6qAC/0udd4lOxKKvLMN6YH+uuuAVCfL0sBIPfCZR6pPJu/0nJbxN1xQzhLW/auCT3hQtJyDavzoRut36uT7LvNjj4d++uCLVsBeYhXVXE2lWYqb0j1D2+d4bS0m1by/4iG4yEPtJ9T+U1joXnc5uzIfsPLVQ/BuJsFkAKvJZQcQ49Oqtepr6NvBWl9ko40shzWzTH6rNyI= MIME-Version: 1.0 X-OriginatorOrg: prevas.dk X-MS-Exchange-CrossTenant-Network-Message-Id: 1f09c12a-74a0-430e-481e-08d73c83d0f4 X-MS-Exchange-CrossTenant-originalarrivaltime: 18 Sep 2019 22:01:54.2518 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: d350cf71-778d-4780-88f5-071a4cb1ed61 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: rO6561bmn6r8dUF7Gf49xFIGm6rxXM6PFS/5fv5R7qZaohhKWmRa66i8vEWI2cOnU2haBXOMl0x+dwUyL4Zscd0VmRpmZ17+7Mxshr0L4bw= X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB8PR10MB3083 Cc: Rasmus Villemoes , Tom Rini Subject: [U-Boot] [RFC PATCH 3/3] add infrastructure for collecting entropy X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" A recurring theme on LKML is the boot process deadlocking due to some process blocking waiting for random numbers, while the kernel's Cryptographic Random Number Generator (crng) is not initalized yet, but that very blocking means no activity happens that would generate the entropy necessary to finalize seeding the crng. This is not a problem on boards that have a good hwrng (when the kernel is configured to trust it), whether in the CPU or in a TPM or elsewhere. However, that's far from all boards out there. Moreover, when booting with an initrd, all the "disk activity" that would otherwise generate some timing variances has already been done by U-boot. Hence it makes sense to try to collect that entropy in U-boot and pass it on to the kernel. On the kernel side, support for that has just landed in master (commit 428826f5358c "fdt: add support for rng-seed"). By itself, this does not help with the initialization of the crng, since the kernel only considers the rng-seed "trustworthy" if CONFIG_RANDOM_TRUST_BOOTLOADER is set (it is always fed into the crng, but entropy is only accounted when that config option is set). This adds some basic infrastructure for collecting entropy in U-boot, and then it's up to the BSP developer to decide if CONFIG_RANDOM_TRUST_BOOTLOADER should be enabled in the kernel. If this is accepted, I think we should add entropy() calls before and after most disk and network activities. Moreover, at least some boards seem to have a rather reliable source of randomness in the contents of RAM after a cold boot [*], so I imagine exposing the entropy_mix() either via a command "entropy " that can be run during a boot script, or perhaps to be done automatically (and as early as possible to reduce risk of "tainting") via some CONFIG_ENTROPY_RAM_{ADDR,LEN}. There's probably good sources of entropy to be had from the SPL phase, but I couldn't find a good way of passing that on other than by putting the sha256_context inside global_data, which would bloat that by over 100 bytes. [*] Looking at a slightly arbitrary place in the middle of physical memory I got these 40d07670: 34081000 400a8020 00002040 20024400 ...4 ..@@ ...D. 40d07670: 343c1000 640a9120 00036040 6006e400 ..<4 ..d@`.....` 40d07670: 353c1040 600a9120 00026041 6246e400 @.<5 ..`A`....Fb 40d07670: 34281000 600a9100 00026040 2046e400 ..(4...`@`....F So some bits are always the same, but there's quite a few that flip randomly between boots - so mixing in a MB or two seems that it should provide plenty of real entropy. Signed-off-by: Rasmus Villemoes --- common/fdt_support.c | 12 +++++++++ include/common.h | 3 +++ include/entropy.h | 42 +++++++++++++++++++++++++++++ lib/Kconfig | 10 +++++++ lib/Makefile | 1 + lib/entropy.c | 63 ++++++++++++++++++++++++++++++++++++++++++++ 6 files changed, 131 insertions(+) create mode 100644 include/entropy.h create mode 100644 lib/entropy.c diff --git a/common/fdt_support.c b/common/fdt_support.c index baf7924ff6..e071abaabb 100644 --- a/common/fdt_support.c +++ b/common/fdt_support.c @@ -274,6 +274,7 @@ int fdt_initrd(void *fdt, ulong initrd_start, ulong initrd_end) int fdt_chosen(void *fdt) { + uint8_t digest[SHA256_SUM_LEN]; int nodeoffset; int err; char *str; /* used to set string properties */ @@ -299,6 +300,17 @@ int fdt_chosen(void *fdt) return err; } } + if (IS_ENABLED(CONFIG_ENTROPY)) { + entropy_digest(digest); + + err = fdt_setprop(fdt, nodeoffset, "rng-seed", digest, + sizeof(digest)); + if (err < 0) { + printf("WARNING: could not set rng-seed %s.\n", + fdt_strerror(err)); + return err; + } + } return fdt_fixup_stdout(fdt, nodeoffset); } diff --git a/include/common.h b/include/common.h index d8f302ea92..55df86b6e7 100644 --- a/include/common.h +++ b/include/common.h @@ -331,6 +331,9 @@ void srand(unsigned int seed); unsigned int rand(void); unsigned int rand_r(unsigned int *seedp); +/* lib/entropy.c */ +#include + /* * STDIO based functions (can always be used) */ diff --git a/include/entropy.h b/include/entropy.h new file mode 100644 index 0000000000..47fa73a3a3 --- /dev/null +++ b/include/entropy.h @@ -0,0 +1,42 @@ +#ifndef __ENTROPY_H +#define __ENTROPY_H + +#include + +#if defined(CONFIG_ENTROPY) && !defined(CONFIG_SPL_BUILD) + +/* Overridable, should preferably include some timer with microsecond-or-better resolution. */ +uint64_t entropy_token(void); + +/* + * Call entropy_token() and mix in the return value - this is the main + * function for adding entropy from timing variances. Call it before + * and after any operation that may have some variation in its + * execution time. + */ +void entropy(void); + +/* + * Mix in some buffer which one has some reason to believe contains at + * least some randomness. On some boards, that might be the contents + * of some never-touched part of RAM. + */ +void entropy_mix(const void *input, unsigned int len); + +void entropy_digest(uint8_t digest[SHA256_SUM_LEN]); + +#else + +static inline void entropy(void) +{ +} +static inline void entropy_mix(const void *input, unsigned int len) +{ +} +static inline void entropy_digest(uint8_t *digest) +{ +} + +#endif + +#endif /* __ENTROPY_H */ diff --git a/lib/Kconfig b/lib/Kconfig index 3da45a5ec3..f0db0589d3 100644 --- a/lib/Kconfig +++ b/lib/Kconfig @@ -287,6 +287,16 @@ config TPL_TPM for the low-level TPM interface, but only one TPM is supported at a time by the TPM library. +config ENTROPY + bool "Enable collecting entropy" + select SHA256 + help + This enables collection of entropy (randomness) from + variations in execution time of various functions, as well + as other sources. A digest of this is then passed on to the + kernel in the "rng-seed" property of the "chosen" node, + which in turn is then used to seed the kernel's crng. + endmenu menu "Android Verified Boot" diff --git a/lib/Makefile b/lib/Makefile index 2fffd68f94..e8edb74c8a 100644 --- a/lib/Makefile +++ b/lib/Makefile @@ -19,6 +19,7 @@ obj-$(CONFIG_ARCH_AT91) += at91/ obj-$(CONFIG_OPTEE) += optee/ obj-$(CONFIG_AES) += aes.o +obj-$(CONFIG_ENTROPY) += entropy.o ifndef API_BUILD ifneq ($(CONFIG_UT_UNICODE)$(CONFIG_EFI_LOADER),) diff --git a/lib/entropy.c b/lib/entropy.c new file mode 100644 index 0000000000..5379c54da1 --- /dev/null +++ b/lib/entropy.c @@ -0,0 +1,63 @@ +#include +#include +#include + +static sha256_context entropy_ctx = SHA256_INIT; + +__weak uint64_t entropy_token(void) +{ + return timer_get_us(); +} + +static void __entropy(sha256_context *ctx) +{ + uint64_t x = entropy_token(); + + sha256_update(ctx, (void*)&x, sizeof(x)); +} + +void entropy(void) +{ + sha256_context *ctx = &entropy_ctx; + + __entropy(ctx); +} + +/* + * This mixes in the @len bytes starting at @input, taking care to + * reset the watchdog every once in a while. Whether or not there is a + * watchdog to handle, we also use the opportunity to periodically mix + * in a timestamp or whatever other small ever-changing token + * get_entropy() provides. + */ +void entropy_mix(const void *input, unsigned int len) +{ + sha256_context *ctx = &entropy_ctx; + unsigned int chunk; + + while (len) { + chunk = min_t(unsigned, len, CHUNKSZ_SHA256); + sha256_update(ctx, input, chunk); + input += chunk; + len -= chunk; + + __entropy(ctx); + WATCHDOG_RESET(); + } +} + +void entropy_digest(uint8_t digest[32]) +{ + sha256_context ctx; + + /* + * Allow this to be called more than once by calling + * sha256_finish() on a copy of the context (this is for + * example necessary to allow the command "fdt chosen" to be + * run more than once). And make sure each call provides a + * different answer by updating the global context first. + */ + entropy(); + memcpy(&ctx, &entropy_ctx, sizeof(ctx)); + sha256_finish(&ctx, digest); +}