common: add support to fallback to plain SHA256

In case crypt-based hashing is enabled this will be the default mechanism that is used. If a user wants to have support for both, the environment variable `bootstopusesha256` can be set to `true` to allow plain SHA256 based hashing of the password. Signed-off-by: N Steffen Jaeckel <jaeckel-floss@eyet-services.de> Reviewed-by: N Simon Glass <sjg@chromium.org>

common: add support to fallback to plain SHA256
In case crypt-based hashing is enabled this will be the default mechanism that is used. If a user wants to have support for both, the environment variable `bootstopusesha256` can be set to `true` to allow plain SHA256 based hashing of the password. Signed-off-by: N Steffen Jaeckel <jaeckel-floss@eyet-services.de> Reviewed-by: N Simon Glass <sjg@chromium.org>
33198740 · Steffen Jaeckel · Tom Rini · d199c3ab · 33198740 · 33198740
隐藏空白更改
内联并排

Showing with 29 addition and 1 deletion

common/Kconfig.boot common/Kconfig.boot +8 -0

common/autoboot.c common/autoboot.c +21 -1

未找到文件。
--- a/common/Kconfig.boot
+++ b/common/Kconfig.boot
@@ -835,6 +835,14 @@ config AUTOBOOT_ENCRYPTION
 	  This provides a way to ship a secure production device which can also
 	  be accessed at the U-Boot command line.
+config AUTOBOOT_SHA256_FALLBACK
+	bool "Allow fallback from crypt-hashed password to sha256"
+	depends on AUTOBOOT_ENCRYPTION && CRYPT_PW
+	help
+	  This option adds support to fall back from crypt-hashed
+	  passwords to checking a SHA256 hashed password in case the
+	  'bootstopusesha256' environment variable is set to 'true'.
 config AUTOBOOT_DELAY_STR
 	string "Delay autobooting via specific input key / string"
 	depends on AUTOBOOT_KEYED && !AUTOBOOT_ENCRYPTION

--- a/common/autoboot.c
+++ b/common/autoboot.c
@@ -306,6 +306,26 @@ static void flush_stdin(void)
 		(void)getchar();
 }
+/**
+ * fallback_to_sha256() - check whether we should fall back to sha256
+ *                        password checking
+ *
+ * This checks for the environment variable `bootstopusesha256` in case
+ * sha256-fallback has been enabled via the config setting
+ * `AUTOBOOT_SHA256_FALLBACK`.
+ *
+ * @return `false` if we must not fall-back, `true` if plain sha256 should be tried
+ */
+static bool fallback_to_sha256(void)
+{
+	if (IS_ENABLED(CONFIG_AUTOBOOT_SHA256_FALLBACK))
+		return env_get_yesno("bootstopusesha256") == 1;
+	else if (IS_ENABLED(CONFIG_CRYPT_PW))
+		return false;
+	else
+		return true;
+}
 /***************************************************************************
 * Watch for 'delay' seconds for autoboot stop or autoboot delay string.
 * returns: 0 -  no key string, allow autoboot 1 - got key string, abort
@@ -326,7 +346,7 @@ static int abortboot_key_sequence(int bootdelay)
 #  endif
 	if (IS_ENABLED(CONFIG_AUTOBOOT_ENCRYPTION)) {
-		if (IS_ENABLED(CONFIG_CRYPT_PW))
+		if (IS_ENABLED(CONFIG_CRYPT_PW) && !fallback_to_sha256())
 			abort = passwd_abort_crypt(etime);
 		else
 			abort = passwd_abort_sha256(etime);