From patchwork Mon Dec  8 02:32:20 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Simon Glass <sjg@u-boot.org>
X-Patchwork-Id: 850
Return-Path: <concept-bounces+u-boot-concept=u-boot.org@u-boot.org>
X-Original-To: u-boot-concept@u-boot.org
Delivered-To: u-boot-concept@u-boot.org
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=u-boot.org;
	s=default; t=1765161249;
	bh=gJn2HtMCl1sWeTHdqMCKp0p1hodFYWZs7t7V4BS+meQ=;
	h=From:To:Date:In-Reply-To:References:CC:Subject:List-Id:
	 List-Archive:List-Help:List-Owner:List-Post:List-Subscribe:
	 List-Unsubscribe:From;
	b=JdR8kNGDVgLv4mPDyQGa2uyuPpTaxZXvjhQXP/GC2vIYA33ygZeXr+xZkOPoTDnij
	 skrn8ICdzZ60KJ1kx5jORW0KeEk9B98gUBvdCiWK3DuTVb4OqPSSzxuoBCsTkVwWs0
	 JNqLZsZDpVa/sloinZT6Zyj8cCCQLLVh6b+wqnG1Q8SvMe84d7einbq4l8lNfQkHp7
	 9pgGHShSupjco6XEBiPoaCCC+xZhul4b8TC+LvnpHTeZnTJ92aCA29uaWcSwuJO70g
	 RDi85ZNXagmrEteisYxBTe6Oy90H1dOdB/wwSJ3kjlzhaEsSWguu2EBtoFOFBTMNL0
	 8ATOdqITnrdgg==
Received: from localhost (localhost [127.0.0.1])
	by mail.u-boot.org (Postfix) with ESMTP id 2C27A689CB
	for <u-boot-concept@u-boot.org>; Sun,  7 Dec 2025 19:34:09 -0700 (MST)
X-Virus-Scanned: Debian amavis at 
Received: from mail.u-boot.org ([127.0.0.1])
 by localhost (mail.u-boot.org [127.0.0.1]) (amavis, port 10024) with ESMTP
 id xUIBTgXDANHZ for <u-boot-concept@u-boot.org>;
 Sun,  7 Dec 2025 19:34:09 -0700 (MST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=u-boot.org;
	s=default; t=1765161249;
	bh=gJn2HtMCl1sWeTHdqMCKp0p1hodFYWZs7t7V4BS+meQ=;
	h=From:To:Date:In-Reply-To:References:CC:Subject:List-Id:
	 List-Archive:List-Help:List-Owner:List-Post:List-Subscribe:
	 List-Unsubscribe:From;
	b=JdR8kNGDVgLv4mPDyQGa2uyuPpTaxZXvjhQXP/GC2vIYA33ygZeXr+xZkOPoTDnij
	 skrn8ICdzZ60KJ1kx5jORW0KeEk9B98gUBvdCiWK3DuTVb4OqPSSzxuoBCsTkVwWs0
	 JNqLZsZDpVa/sloinZT6Zyj8cCCQLLVh6b+wqnG1Q8SvMe84d7einbq4l8lNfQkHp7
	 9pgGHShSupjco6XEBiPoaCCC+xZhul4b8TC+LvnpHTeZnTJ92aCA29uaWcSwuJO70g
	 RDi85ZNXagmrEteisYxBTe6Oy90H1dOdB/wwSJ3kjlzhaEsSWguu2EBtoFOFBTMNL0
	 8ATOdqITnrdgg==
Received: from mail.u-boot.org (localhost [127.0.0.1])
	by mail.u-boot.org (Postfix) with ESMTP id 18C03689BD
	for <u-boot-concept@u-boot.org>; Sun,  7 Dec 2025 19:34:09 -0700 (MST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=u-boot.org;
	s=default; t=1765161247;
	bh=Daf1vv6/Jf+ZpFbkuXp/VHxuzsaJCmx6sbR9Yb2yy2k=;
	h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
	b=Xloxc0i4f2JhJvqGbJjSI3YidWeNBGkjls1Ye+F3iD1DljSmIsED0OQIl8xS7ffPt
	 T1KyEkS/k9VRPMC63pVDIpkAKuSuD26C3ewWVppVuiO1jRL4lX0VmaovilWE5OT6qs
	 6ZNGI04qrlqYDAjpOmIMAgRQbZIZwNMrCedF7t1t6R8st8Ao4COsTFBornkfw0KYeV
	 vnRRwZyT0P3fWu56W4LLo0HpFrun49ORyfPavMlJiLkvIOMn7TNE+qXxO/SkXk1aK8
	 vTZokjmJWPj1C9AvZgpmb8FZbUgd2HORHRbk7U2F8UbxpVMnlxJXmbdbGDX4n1HrWi
	 18DRKiR11mn7Q==
Received: from localhost (localhost [127.0.0.1])
	by mail.u-boot.org (Postfix) with ESMTP id 3B03B6883E;
	Sun,  7 Dec 2025 19:34:07 -0700 (MST)
X-Virus-Scanned: Debian amavis at 
Received: from mail.u-boot.org ([127.0.0.1])
 by localhost (mail.u-boot.org [127.0.0.1]) (amavis, port 10026) with ESMTP
 id 5A6iF6LfAoPB; Sun,  7 Dec 2025 19:34:07 -0700 (MST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=u-boot.org;
	s=default; t=1765161243;
	bh=78WkXsif2Sos6vQZ7B61LztFOJspAN4EHOVKRZrTlQ4=;
	h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
	b=CZx61fgrSlfrip25dElLRl3VQhIfHBMZzP35qo7lOu9+cPAVvgv+VTgdQ1ej+hCkN
	 KkEDRQEPJt0rf0KDXC7RNM8M83dR4uCLS7bKi28rpEcnBCsyGIONjP+1+zarunJNEA
	 6mVIl1Gx63RN/iMQqNy8xRc/5yk4VK7O3deN+I8ltdFDIvB9iJLuayLRtP26J/vs25
	 8NJZQ08jfW4UyEfj1WkPOtTZRT+dXZYMf58mh/xYf4dORmT7y0yOlcgXLNT/OpxqEz
	 wV2W+r42LNoZDfyX0orONsaRJkp+WT7MAExcSAacRRBylhtKPTShEpUKOT5onRaGd3
	 ouvv8sepSQpLA==
Received: from u-boot.org (unknown [73.34.74.121])
	by mail.u-boot.org (Postfix) with ESMTPSA id 02524688F0;
	Sun,  7 Dec 2025 19:34:02 -0700 (MST)
From: Simon Glass <sjg@u-boot.org>
To: U-Boot Concept <concept@u-boot.org>
Date: Sun,  7 Dec 2025 19:32:20 -0700
Message-ID: <20251208023229.3929910-18-sjg@u-boot.org>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <20251208023229.3929910-1-sjg@u-boot.org>
References: <20251208023229.3929910-1-sjg@u-boot.org>
MIME-Version: 1.0
Message-ID-Hash: 6N2ZL6PMUHKJIGTHBB43MMPOVRTBSRDG
X-Message-ID-Hash: 6N2ZL6PMUHKJIGTHBB43MMPOVRTBSRDG
X-MailFrom: sjg@u-boot.org
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop;
 banned-address; emergency; member-moderation; nonmember-moderation;
 administrivia; implicit-dest; max-recipients; max-size; news-moderation;
 no-subject; digests; suspicious-header
CC: Simon Glass <simon.glass@canonical.com>
X-Mailman-Version: 3.3.10
Precedence: list
Subject: [Concept] [PATCH 17/19] bootctl: Allow unlocking LUKS2 partitions
List-Id: Discussion and patches related to U-Boot Concept <concept.u-boot.org>
Archived-At: 
 <https://lists.u-boot.org/archives/list/concept@u-boot.org/message/6N2ZL6PMUHKJIGTHBB43MMPOVRTBSRDG/>
List-Archive: <https://lists.u-boot.org/archives/list/concept@u-boot.org/>
List-Help: <mailto:concept-request@u-boot.org?subject=help>
List-Owner: <mailto:concept-owner@u-boot.org>
List-Post: <mailto:concept@u-boot.org>
List-Subscribe: <mailto:concept-join@u-boot.org>
List-Unsubscribe: <mailto:concept-leave@u-boot.org>

From: Simon Glass <simon.glass@canonical.com>

Switch away from a pre-derived key so that LUKS2 partitions can be
unlocked. Update the ulock message to be more generic.

Signed-off-by: Simon Glass <simon.glass@canonical.com>
---

 boot/bootctl/logic.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/boot/bootctl/logic.c b/boot/bootctl/logic.c
index 96cc270ae2c..2ed106628e7 100644
--- a/boot/bootctl/logic.c
+++ b/boot/bootctl/logic.c
@@ -334,9 +334,9 @@ static int perform_tkey_unlock(struct udevice *dev, struct osinfo *os, int seq,
 	 * processed by PBKDF2/Argon2 just like a text passphrase would be.
 	 * This matches how cryptsetup --key-file works.
 	 */
-	log_info("Using LUKS1 unlock with binary passphrase\n");
+	log_info("Using LUKS unlock with binary passphrase\n");
 	ret = luks_unlock(os->bflow.blk, &pinfo, priv->tkey_disk_key,
-			  TKEY_DISK_KEY_SIZE, true, master_key, key_sizep);
+			  TKEY_DISK_KEY_SIZE, false, master_key, key_sizep);
 	if (ret)
 		return log_msg_ret("htu", ret);