| Message ID | 20251115185212.539268-1-sjg@u-boot.org |
|---|---|
| Headers |
Return-Path: <concept-bounces+u-boot-concept=u-boot.org@u-boot.org> X-Original-To: u-boot-concept@u-boot.org Delivered-To: u-boot-concept@u-boot.org DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=u-boot.org; s=default; t=1763232781; bh=dwLycs1keIgiXtr3WN8+opjCay72NabiTn51C6Oj3ck=; h=From:To:Date:CC:Subject:List-Id:List-Archive:List-Help:List-Owner: List-Post:List-Subscribe:List-Unsubscribe:From; b=QxRzB3du+95feC4L4pkleDP3SNyl7LHumRxWSZenBITFAELUk+cer7jaUvjKd7pT8 JJVpxMs0T1KcCoH7UfYDtpZbiEi5R4o80qWD19ySj1ZXAdLh99mDYRAhh+ocSoPcTq pz1z/gkFGvHZt4B/6LM+FUgIw4HJ/E2A4RN2zpcFbyUiAVGNRRr1X4M+NDqQ2Vejsh Lin7vczmhPE6rnHJLLY4WG2mvMOab4WDoiZpGuitxfSmDlcHUXOnDSwiIbCe0uVNSi drHNMbMlQozQJn9AVwo4NEXOA3busj8jbBhGI62+F7g9p+2xJV00VNw5kuw34VmsgZ hP5AjWP8DITdQ== Received: from localhost (localhost [127.0.0.1]) by mail.u-boot.org (Postfix) with ESMTP id 2D9E16861A for <u-boot-concept@u-boot.org>; Sat, 15 Nov 2025 11:53:01 -0700 (MST) X-Virus-Scanned: Debian amavis at Received: from mail.u-boot.org ([127.0.0.1]) by localhost (mail.u-boot.org [127.0.0.1]) (amavis, port 10024) with ESMTP id Bh_FV6a6-DH5 for <u-boot-concept@u-boot.org>; Sat, 15 Nov 2025 11:53:01 -0700 (MST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=u-boot.org; s=default; t=1763232781; bh=dwLycs1keIgiXtr3WN8+opjCay72NabiTn51C6Oj3ck=; h=From:To:Date:CC:Subject:List-Id:List-Archive:List-Help:List-Owner: List-Post:List-Subscribe:List-Unsubscribe:From; b=QxRzB3du+95feC4L4pkleDP3SNyl7LHumRxWSZenBITFAELUk+cer7jaUvjKd7pT8 JJVpxMs0T1KcCoH7UfYDtpZbiEi5R4o80qWD19ySj1ZXAdLh99mDYRAhh+ocSoPcTq pz1z/gkFGvHZt4B/6LM+FUgIw4HJ/E2A4RN2zpcFbyUiAVGNRRr1X4M+NDqQ2Vejsh Lin7vczmhPE6rnHJLLY4WG2mvMOab4WDoiZpGuitxfSmDlcHUXOnDSwiIbCe0uVNSi drHNMbMlQozQJn9AVwo4NEXOA3busj8jbBhGI62+F7g9p+2xJV00VNw5kuw34VmsgZ hP5AjWP8DITdQ== Received: from mail.u-boot.org (localhost [127.0.0.1]) by mail.u-boot.org (Postfix) with ESMTP id 1BE77685E8 for <u-boot-concept@u-boot.org>; Sat, 15 Nov 2025 11:53:01 -0700 (MST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=u-boot.org; s=default; t=1763232776; bh=eou2bVpH/db2OWKkbnQPf+ZR5n1Fbjua2KHMbzQE0Ok=; h=From:To:Cc:Subject:Date:From; b=vQFSL5pgHoJFx7ato8w4Gl0YzlV0NF7DVqHvciGpURgc0zb+MQmwU8payW6qXEoJA CA/lSAlUTfgTwX5MVOFKCNl7+1CGkj3mRZTKnGYrkdTczOR5eWVxRJqlhD1g8yoFMj i78K5sg+kjSeLUdJ3BtH9fLQiFJ5NtfeQBoTRqfGV4478tizt0yn93+3habZqRUAq+ LcPeyeSYoy7IhpszfeAdb0kTAd352nOy7ZsbVfLTselD26mgjbcd56MLbqHl/AZaLL EXnVvr+tf97sLUWx11IJr3j0CmhSNMMw3hD3ZBrYhKpEkJ1gxGYHZ/sYHZ4XLbGkzb LnNs7zeTI0QbA== Received: from localhost (localhost [127.0.0.1]) by mail.u-boot.org (Postfix) with ESMTP id 0CE77685E5; Sat, 15 Nov 2025 11:52:56 -0700 (MST) X-Virus-Scanned: Debian amavis at Received: from mail.u-boot.org ([127.0.0.1]) by localhost (mail.u-boot.org [127.0.0.1]) (amavis, port 10026) with ESMTP id xqsU57Rn330F; Sat, 15 Nov 2025 11:52:55 -0700 (MST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=u-boot.org; s=default; t=1763232775; bh=SWd5JypvAqnmCbesC2vpvqd6tFSaY+lMtFWvk6elUMs=; h=From:To:Cc:Subject:Date:From; b=n/xXQhs0XxsWHWXfXXjczF3MXKqH2b0yVER5XhC8b0RczxWfvJ6oN7IEq09msI2fJ xS7Z5NTHgQOD2AceNZU8Juc2okVUATnKJq+nOIg/cuP/kzomFIPBo8Swoflx5kWuV/ /SosDQq2x95xliKSGpf+ADNwdHtt7UvBuGJpP/Eoi3xZUVIUPj64L8NYpGdHUcgjIk 4ERzSsAJvi1/Ah5DOinfx7Zs2zzO0/TFbxdwXvO6u3A8PMoaNiJOQNIp/UJX9nt/jV IoCW1vetYgZx7w2+FmCni0QEIL0aZZhGM8Vycp9lw69LcbCDcAY6VMWQhBCfCfN/HG VGSOSAAfSnfrQ== Received: from u-boot.org (unknown [73.34.74.121]) by mail.u-boot.org (Postfix) with ESMTPSA id 51B6D68521; Sat, 15 Nov 2025 11:52:55 -0700 (MST) From: Simon Glass <sjg@u-boot.org> To: U-Boot Concept <concept@u-boot.org> Date: Sat, 15 Nov 2025 11:51:49 -0700 Message-ID: <20251115185212.539268-1-sjg@u-boot.org> X-Mailer: git-send-email 2.43.0 MIME-Version: 1.0 Message-ID-Hash: AIZ44IPC36X3HPADTGJMUQ4S33JHWYRH X-Message-ID-Hash: AIZ44IPC36X3HPADTGJMUQ4S33JHWYRH X-MailFrom: sjg@u-boot.org X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: Simon Glass <simon.glass@canonical.com> X-Mailman-Version: 3.3.10 Precedence: list Subject: [Concept] [PATCH 00/16] Continue TKey development List-Id: Discussion and patches related to U-Boot Concept <concept.u-boot.org> Archived-At: <https://lists.u-boot.org/archives/list/concept@u-boot.org/message/AIZ44IPC36X3HPADTGJMUQ4S33JHWYRH/> List-Archive: <https://lists.u-boot.org/archives/list/concept@u-boot.org/> List-Help: <mailto:concept-request@u-boot.org?subject=help> List-Owner: <mailto:concept-owner@u-boot.org> List-Post: <mailto:concept@u-boot.org> List-Subscribe: <mailto:concept-join@u-boot.org> List-Unsubscribe: <mailto:concept-leave@u-boot.org> Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit |
| Series |
Continue TKey development
|
|
Message
Simon Glass
Nov. 15, 2025, 6:51 p.m. UTC
From: Simon Glass <simon.glass@canonical.com>
This series adds the ability to provide a user-supplied secret to the
TKey and use that to obtain a disk-encryption key.
Expo is enhanced to support password entry and bootflows can now record
whether the root disk is encrypted or not.
Further work will enable the TKey in the UI and actually unlock an
encrypted disk.
Simon Glass (16):
aes: Use const pointers for read-only parameters
emulation: Support the bootcmd more generally
input: Provide a way for tests to register a mouse click
expo: Support hiding password entry
expo: Support disk-passphrase entry in the menu
expo: Allow entering text into textline in non-popup expos
tkey: Allow modelling the tkey being disconnected
tkey: Support loading an app with a user-supplied secret
tkey: Provide some back-door functions for TKey tests
tkey: Use SHA256 to obtain the disk-encryption key
tkey: sandbox: Avoid returning -ENODEV from the driver
tkey: Allow selecting the TKey device by name
tkey: Provide a real tkey device with test.dts
boot: Use constants for a few common strings
boot: Show an indication for encrypted bootflows
boot: Detect encrypted partitions with extlinux
arch/sandbox/dts/test.dts | 5 +
arch/x86/cpu/qemu/qemu.c | 28 -----
board/emulation/common/Makefile | 3 +
board/emulation/common/bootcmd.c | 37 +++++++
boot/bootflow.c | 5 +-
boot/bootflow_internal.h | 11 ++
boot/bootflow_menu.c | 31 ++++++
boot/bootmeth_extlinux.c | 54 ++++++++++
boot/scene.c | 28 ++++-
cmd/bootflow.c | 15 ++-
cmd/tkey.c | 36 ++++++-
doc/board/emulation/common.rst | 28 +++++
doc/board/emulation/index.rst | 1 +
doc/board/emulation/qemu-x86.rst | 18 +---
doc/usage/cmd/tkey.rst | 24 ++++-
drivers/crypto/nuvoton/npcm_aes.c | 22 ++--
drivers/input/mouse-uclass.c | 13 +++
drivers/misc/tkey-uclass.c | 174 +++++++++++++++++-------------
drivers/misc/tkey_emul.c | 82 +++++++++++++-
drivers/misc/tkey_sandbox.c | 12 +--
include/bootflow.h | 4 +
include/expo.h | 2 +
include/mouse.h | 14 +++
include/tkey.h | 98 +++++++++++++++++
include/uboot_aes.h | 42 ++++----
lib/aes.c | 22 ++--
test/boot/bootflow.c | 111 +++++++++++++------
test/boot/cedit.c | 11 ++
test/cmd/tkey.c | 11 +-
test/dm/tkey.c | 41 +++----
30 files changed, 739 insertions(+), 244 deletions(-)
create mode 100644 board/emulation/common/bootcmd.c
create mode 100644 doc/board/emulation/common.rst