| Message ID | 20251208023229.3929910-1-sjg@u-boot.org |
|---|---|
| Headers |
Return-Path: <concept-bounces+u-boot-concept=u-boot.org@u-boot.org> X-Original-To: u-boot-concept@u-boot.org Delivered-To: u-boot-concept@u-boot.org DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=u-boot.org; s=default; t=1765161165; bh=1W+vOEa+H6moOcwtfHaGrQ9RqRlqLhztNQej5QGKaNg=; h=From:To:Date:CC:Subject:List-Id:List-Archive:List-Help:List-Owner: List-Post:List-Subscribe:List-Unsubscribe:From; b=mSGl784kNlVGnhW0R1+2wM/Ih8kL3iRcsoIdzhLhHTSaWnEK+JR4nDweSxDY3I1bT z2KvtpeO5wc4gdKJoDeFYx9zPA7l+eUL9J5GbYrUp5RWU9d0QJQFoItubC2D4l6JU9 yIhT9Xv1urSZS9SqtRA3/mf0lJUS5lbrpn/lsg5XXKyJ7UMxmi8shNebZQZRaMr5r6 iucQY0T0npTDVfVak52QeRUsa6vVVglxKVdDy4WEHVaOVPAzxyk2yiY17tY7jMBWf2 XfDHnfVBisbhq0aIuj8E1Fz+vEYMbuhb3uz8IJUWgc8Ln3qf0N4sLAGzQzwZ1wXg5k eYtNspm87jpyQ== Received: from localhost (localhost [127.0.0.1]) by mail.u-boot.org (Postfix) with ESMTP id 8B2AE689C1 for <u-boot-concept@u-boot.org>; Sun, 7 Dec 2025 19:32:45 -0700 (MST) X-Virus-Scanned: Debian amavis at Received: from mail.u-boot.org ([127.0.0.1]) by localhost (mail.u-boot.org [127.0.0.1]) (amavis, port 10024) with ESMTP id lO8pr75Bj5nB for <u-boot-concept@u-boot.org>; Sun, 7 Dec 2025 19:32:45 -0700 (MST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=u-boot.org; s=default; t=1765161165; bh=1W+vOEa+H6moOcwtfHaGrQ9RqRlqLhztNQej5QGKaNg=; h=From:To:Date:CC:Subject:List-Id:List-Archive:List-Help:List-Owner: List-Post:List-Subscribe:List-Unsubscribe:From; b=mSGl784kNlVGnhW0R1+2wM/Ih8kL3iRcsoIdzhLhHTSaWnEK+JR4nDweSxDY3I1bT z2KvtpeO5wc4gdKJoDeFYx9zPA7l+eUL9J5GbYrUp5RWU9d0QJQFoItubC2D4l6JU9 yIhT9Xv1urSZS9SqtRA3/mf0lJUS5lbrpn/lsg5XXKyJ7UMxmi8shNebZQZRaMr5r6 iucQY0T0npTDVfVak52QeRUsa6vVVglxKVdDy4WEHVaOVPAzxyk2yiY17tY7jMBWf2 XfDHnfVBisbhq0aIuj8E1Fz+vEYMbuhb3uz8IJUWgc8Ln3qf0N4sLAGzQzwZ1wXg5k eYtNspm87jpyQ== Received: from mail.u-boot.org (localhost [127.0.0.1]) by mail.u-boot.org (Postfix) with ESMTP id 51B0B68930 for <u-boot-concept@u-boot.org>; Sun, 7 Dec 2025 19:32:45 -0700 (MST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=u-boot.org; s=default; t=1765161162; bh=sPAE+PSM/vH9RKl+KnsPxNZd/zGs678qNEO/uitzcfc=; h=From:To:Cc:Subject:Date:From; b=YteNZOs7hzYf+vfg1YfcMsUw3hvi/QUczIOTIzghwf6UeAJC35/HAW5dd9pf6FJnZ /EWudwRMwNnEy8njVrzAoR7h7WpilxnxeYE6vx+abxJpy4VzryrApysb2NVEyI4ak6 uOruxjrqD9hJaRasdTDYf76NatwHLYzA5o8sO1SmMhwO1rr4cYoAebJP6JtQ4CmbW3 hj7neuagMsNZypTVifHjyaGB5BDLBfHyPlU7FIXznfh6eygFAyu+u47OTl3BaLalEM YV+vV+vrOw2LPPpZALQeDoJSZol+QQupftoeHtt9HjcouiDj5rE7ZLpPwCs1NAP0SO +vggZBBOZCt5w== Received: from localhost (localhost [127.0.0.1]) by mail.u-boot.org (Postfix) with ESMTP id 3CA2768862; Sun, 7 Dec 2025 19:32:42 -0700 (MST) X-Virus-Scanned: Debian amavis at Received: from mail.u-boot.org ([127.0.0.1]) by localhost (mail.u-boot.org [127.0.0.1]) (amavis, port 10026) with ESMTP id eqKWMMrakBgG; Sun, 7 Dec 2025 19:32:42 -0700 (MST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=u-boot.org; s=default; t=1765161158; bh=XQlLQzJ3ZHnyIodyvIrtzWpmcmu4cXYCErxQ2HojV2s=; h=From:To:Cc:Subject:Date:From; b=B99HF8TAwcJd97aYmN9Bv/o8b3jz9vyUF0qspvttzodCsyBfvetaFR4A7f6tVGhwB L2UUXLqRhMK5haCXGxb2ssRizmPS4QMAzhHnqstvI/Qk50CITT9VO/z68W+wc6ujC1 P6GgRX30bj/n6fpUTmoli9VWhkHosMJysomCrCWPUCm5FIr8dLguM2o29454Fi0fIi lsO1P5ailyMXVO4F8ijxrvD2dNDiWuMP7qNdeJpcwNaUFxkOGskjhhVai4DkHnR+yK 8VLYMz6PkdEgSdBCBHYAssNiLDcaNzuvODsGXZDtcPvZ83RmSgS7m2+XOPnWTHLE1s fTN4vX3XSs5FQ== Received: from u-boot.org (unknown [73.34.74.121]) by mail.u-boot.org (Postfix) with ESMTPSA id EE2B56883E; Sun, 7 Dec 2025 19:32:37 -0700 (MST) From: Simon Glass <sjg@u-boot.org> To: U-Boot Concept <concept@u-boot.org> Date: Sun, 7 Dec 2025 19:32:03 -0700 Message-ID: <20251208023229.3929910-1-sjg@u-boot.org> X-Mailer: git-send-email 2.43.0 MIME-Version: 1.0 Message-ID-Hash: EELG66XR7OZP3I2BJQKUUNBFOVVMFNIX X-Message-ID-Hash: EELG66XR7OZP3I2BJQKUUNBFOVVMFNIX X-MailFrom: sjg@u-boot.org X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: Simon Glass <simon.glass@canonical.com> X-Mailman-Version: 3.3.10 Precedence: list Subject: [Concept] [PATCH 00/19] bootctl: Continue development with TKey functionality List-Id: Discussion and patches related to U-Boot Concept <concept.u-boot.org> Archived-At: <https://lists.u-boot.org/archives/list/concept@u-boot.org/message/EELG66XR7OZP3I2BJQKUUNBFOVVMFNIX/> List-Archive: <https://lists.u-boot.org/archives/list/concept@u-boot.org/> List-Help: <mailto:concept-request@u-boot.org?subject=help> List-Owner: <mailto:concept-owner@u-boot.org> List-Post: <mailto:concept@u-boot.org> List-Subscribe: <mailto:concept-join@u-boot.org> List-Unsubscribe: <mailto:concept-leave@u-boot.org> Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit |
| Series |
bootctl: Continue development with TKey functionality
|
|
Message
Simon Glass
Dec. 8, 2025, 2:32 a.m. UTC
From: Simon Glass <simon.glass@canonical.com>
This series integrates the TKey disk-unlock features into the bootctl
UI, as a demonstration of how this might work. The user is prompted for
a passphrase, which is then used as a user-supplied secret (USS) for the
TKey.
This series includes support for using a pre-derived master key, so that
the TKey emulator can be used in tests.
Future work will continue this effort.
Simon Glass (19):
tpm: Fix missing log size when using bloblist
bootctl: Drop unnecessary calls to calculate dimensions
bootctl: Set the password flag on the passphrase edit text
video: Add a lock image
bootctl: Bring in another image
bootctl: Allow switching between logos
bootctl: Show a lock symbol for locked disks
bootctl: Provide passphrase and message objects in the expo
bootctl: Enhance the UI to support a TKey
bootctl: Provide an extra poll between select and booting
bootctl: Clean up some unwanted debugging in the logic
bootctl: Add the logic for disk unlock using a TKey
bootctl: Fix up the header-inclusion order in the test
tkey: Correct handling of the USS
tkey: Allow using the selected TKey from luks
luks: Add -p flag for pre-derived master key
bootctl: Allow unlocking LUKS2 partitions
bootctl: Add a TKey for testing
bootctl: Enable the tests
boot/bootctl/canonical.bmp | Bin 0 -> 41634 bytes
boot/bootctl/logic.c | 695 +++++++++++++++++++++++++++++++++-
boot/bootctl/multi_ui.c | 118 +++++-
boot/bootctl/simple_ui.c | 11 +-
boot/bootctl/util.c | 60 +++
boot/bootflow_menu.c | 16 +-
cmd/luks.c | 42 +-
cmd/tkey.c | 2 +-
configs/sandbox_defconfig | 1 +
doc/usage/cmd/luks.rst | 18 +-
drivers/misc/tkey-uclass.c | 16 +-
drivers/misc/tkey_emul.c | 9 +-
drivers/video/images/Makefile | 1 +
drivers/video/images/lock.bmp | Bin 0 -> 2454 bytes
include/bootctl.dtsi | 8 +
include/bootctl/logic.h | 58 ++-
include/bootctl/ui.h | 80 ++++
include/tkey.h | 7 +
lib/tpm_tcg2.c | 1 +
test/Kconfig | 1 -
test/boot/Makefile | 1 +
test/boot/bootctl/bootctl.c | 8 +-
test/dm/video.c | 3 +-
23 files changed, 1097 insertions(+), 59 deletions(-)
create mode 100644 boot/bootctl/canonical.bmp
create mode 100644 drivers/video/images/lock.bmp