mbox series

[v3,00/12] hw/misc/aspeed_hace: Fix SG Accumulative Hash Calculations

Message ID 20240805155047.3151540-1-alejandro.zeise@seagate.com
Headers show
Series hw/misc/aspeed_hace: Fix SG Accumulative Hash Calculations | expand

Message

Alejandro Zeise Aug. 5, 2024, 3:50 p.m. UTC 
The goal of this patch series is to fix accumulative hashing support in the 
Aspeed HACE module. The issue that stemmed this patch was a failure to boot an
OpenBMC image using the "ast2600-evb" machine. The U-boot
2019.04 loader failed to verify image hashes.

These incorrect image hashes given by the HACE to the U-boot guest are due to 
an oversight in the HACE module. Previously when operating in 
scatter-gather accumulative mode, the HACE would cache the address provided by 
the guest which contained the source data. However, there was no deep copy, 
so when HACE generated the digest upon the reception of the final accumulative chunk 
the digest was incorrect, as the addresses provided had their regions overwritten
by that time.

This fix consists of two main steps:
* Add an accumulative hashing function to the qcrypto library
* Modify the HACE module to use the accumulative hashing functions

All the crypto library backends (nettle, gnutls, etc.) support accumulative hashing,
so it was trivial to create wrappers for those functions.

Changes in V3:
* Reworked crypto hash API with comments from Daniel
  * Creation/Deletion of contexts, updating, and finalizing
  * Modified existing API functions to use the new 4 main core functions
  * Added test for accumulative hashing
  * Added afalg driver implementation
* Fixed bug in HACE module where hash context fails to allocate,
  causing the HACE internal state to be incorrect and segfault.

Changes in V2:
* Fixed error checking bug in libgcrypt crypto backend of
  accumulate_bytesv

Alejandro Zeise (12):
  crypto: accumulative hashing API
  crypto/hash-glib: Remove old hash API implementation
  crypto/hash-glib: Implement new hash API
  crypto/hash-gcrypt: Remove old hash API implementation
  crypto/hash-gcrypt: Implement new hash API
  crypto/hash-gnutls: Remove old hash API
  crypto/hash-gnutls: Implement new hash API
  crypto/hash-nettle: Remove old hash API
  crypto/hash-nettle: Implement new hash API
  crypto/hash-afalg: Update to new API
  tests/unit/test-crypto-hash: accumulative hashing
  hw/misc/aspeed_hace: Fix SG Accumulative hashing

 crypto/hash-afalg.c           | 154 +++++++++++++++++++++++-----------
 crypto/hash-gcrypt.c          | 112 ++++++++++++++-----------
 crypto/hash-glib.c            |  96 +++++++++++++--------
 crypto/hash-gnutls.c          |  94 ++++++++++++++-------
 crypto/hash-nettle.c          |  79 +++++++++++------
 crypto/hash.c                 | 136 ++++++++++++++++++++++--------
 crypto/hashpriv.h             |  19 +++--
 hw/misc/aspeed_hace.c         |  92 ++++++++++----------
 include/crypto/hash.h         | 106 +++++++++++++++++++++++
 include/hw/misc/aspeed_hace.h |   4 +
 tests/unit/test-crypto-hash.c |  50 +++++++++++
 11 files changed, 667 insertions(+), 275 deletions(-)

Comments

Daniel P. Berrangé Aug. 6, 2024, 3:52 p.m. UTC | #1 
On Mon, Aug 05, 2024 at 03:50:35PM +0000, Alejandro Zeise wrote:
> The goal of this patch series is to fix accumulative hashing support in the 
> Aspeed HACE module. The issue that stemmed this patch was a failure to boot an
> OpenBMC image using the "ast2600-evb" machine. The U-boot
> 2019.04 loader failed to verify image hashes.
> 
> These incorrect image hashes given by the HACE to the U-boot guest are due to 
> an oversight in the HACE module. Previously when operating in 
> scatter-gather accumulative mode, the HACE would cache the address provided by 
> the guest which contained the source data. However, there was no deep copy, 
> so when HACE generated the digest upon the reception of the final accumulative chunk 
> the digest was incorrect, as the addresses provided had their regions overwritten
> by that time.
> 
> This fix consists of two main steps:
> * Add an accumulative hashing function to the qcrypto library
> * Modify the HACE module to use the accumulative hashing functions
> 
> All the crypto library backends (nettle, gnutls, etc.) support accumulative hashing,
> so it was trivial to create wrappers for those functions.
> 
> Changes in V3:
> * Reworked crypto hash API with comments from Daniel
>   * Creation/Deletion of contexts, updating, and finalizing
>   * Modified existing API functions to use the new 4 main core functions
>   * Added test for accumulative hashing
>   * Added afalg driver implementation
> * Fixed bug in HACE module where hash context fails to allocate,
>   causing the HACE internal state to be incorrect and segfault.
> 
> Changes in V2:
> * Fixed error checking bug in libgcrypt crypto backend of
>   accumulate_bytesv
> 
> Alejandro Zeise (12):
>   crypto: accumulative hashing API
>   crypto/hash-glib: Remove old hash API implementation
>   crypto/hash-glib: Implement new hash API
>   crypto/hash-gcrypt: Remove old hash API implementation
>   crypto/hash-gcrypt: Implement new hash API
>   crypto/hash-gnutls: Remove old hash API
>   crypto/hash-gnutls: Implement new hash API
>   crypto/hash-nettle: Remove old hash API
>   crypto/hash-nettle: Implement new hash API
>   crypto/hash-afalg: Update to new API
>   tests/unit/test-crypto-hash: accumulative hashing
>   hw/misc/aspeed_hace: Fix SG Accumulative hashing

To allow 'make check' to succeed at every individual patch, you'll need to
re-order these, and split a couple of patches, to be more or less like this:

   crypto: accumulative hashing API   (only define new driver APIs & new public APIs here)
   crypto/hash-glib: Implement new hash API
   crypto/hash-gcrypt: Implement new hash API
   crypto/hash-gnutls: Implement new hash API
   crypto/hash-nettle: Implement new hash API
   crypto/hash-afalg: Update to new API  (only add new APIs here )
   < convert old public APIs to call the new driver APIs here>
   tests/unit/test-crypto-hash: accumulative hashing
   crypto/hash-glib: Remove old hash API implementation
   crypto/hash-gcrypt: Remove old hash API implementation
   crypto/hash-gnutls: Remove old hash API
   crypto/hash-nettle: Remove old hash API
   < remove old afalg support here >
   < remove old driver APIs here >
   hw/misc/aspeed_hace: Fix SG Accumulative hashing


With regards,
Daniel
Alejandro Zeise Aug. 6, 2024, 6:51 p.m. UTC | #2 
> To allow 'make check' to succeed at every individual patch, you'll need to re-order these, and split a couple of patches, to be more or less like this:
>
>  crypto: accumulative hashing API   (only define new driver APIs & new public APIs here)
>  crypto/hash-glib: Implement new hash API
>   crypto/hash-gcrypt: Implement new hash API
>  crypto/hash-gnutls: Implement new hash API
>   crypto/hash-nettle: Implement new hash API
>   crypto/hash-afalg: Update to new API  (only add new APIs here )
>   < convert old public APIs to call the new driver APIs here>
>   tests/unit/test-crypto-hash: accumulative hashing
>   crypto/hash-glib: Remove old hash API implementation
>   crypto/hash-gcrypt: Remove old hash API implementation
>   crypto/hash-gnutls: Remove old hash API
>   crypto/hash-nettle: Remove old hash API
>   < remove old afalg support here >
>   < remove old driver APIs here >
>   hw/misc/aspeed_hace: Fix SG Accumulative hashing

Apologies, I will reorder the patches so that 'make check' works independently and take your other comments into account.

Thank you for the feedback,
Alejandro

Seagate Internal