lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <20200517021225.22890-1-digetx@gmail.com>
Date:   Sun, 17 May 2020 05:12:18 +0300
From:   Dmitry Osipenko <digetx@...il.com>
To:     Jens Axboe <axboe@...nel.dk>,
        Thierry Reding <thierry.reding@...il.com>,
        Jonathan Hunter <jonathanh@...dia.com>,
        Michał Mirosław <mirq-linux@...e.qmqm.pl>,
        David Heidelberg <david@...t.cz>,
        Peter Geis <pgwipeout@...il.com>,
        Stephen Warren <swarren@...dotorg.org>,
        Nicolas Chauvet <kwizart@...il.com>,
        Ulf Hansson <ulf.hansson@...aro.org>,
        Adrian Hunter <adrian.hunter@...el.com>,
        Billy Laws <blaws05@...il.com>,
        Nils Östlund <nils@...tan.com>,
        Christoph Hellwig <hch@...radead.org>,
        Ard Biesheuvel <ard.biesheuvel@...aro.org>,
        Davidlohr Bueso <dave@...olabs.net>,
        Randy Dunlap <rdunlap@...radead.org>
Cc:     linux-tegra@...r.kernel.org, linux-block@...r.kernel.org,
        Andrey Danin <danindrey@...l.ru>,
        Gilles Grandou <gilles@...ndou.net>,
        Ryan Grachek <ryan@...ted.us>, linux-mmc@...r.kernel.org,
        linux-kernel@...r.kernel.org, Steve McIntyre <steve@...val.com>,
        linux-efi <linux-efi@...r.kernel.org>
Subject: [PATCH v6 0/7] Introduce NVIDIA Tegra Partition Table

Hello,

This series adds support for the NVIDIA Tegra Partition Table format,
which is needed in order to support consumer-grade Tegra-based devices
by the upstream kernel.  These devices have Secure Boot enabled and it
can't be disabled, and thus, it's not possible to easily modify bootloader
and eMMC storage partitioning.

Big thanks to everyone who helped with figuring out the TegraPT format
and with testing!

Changelog:

v6: - Now using a proper multi-line comments style in efi.c, thanks to
      Randy Dunlap for the suggestion.

    - Added new patch that improves coding style of partitions/efi.c

    - Now both "gpt gpt_sector=<sector>" and "gpt_sector=<sector> gpt"
      cmdline variants are parsed properly. I found that the second variant
      wasn't working in v5.

    - Fixed accidentally swapped GFP_KERNEL flag and allocation size passed
      to kmalloc() in the patch "Expose Boot Configuration Table via sysfs".
      Thanks to KASAN for reporting the problem.

v5: - Corrected Kconfig dependency, like it was suggested by Randy Dunlap
      in the review comment to v4.

    - Corrected a typo in the commit message, which was spotted by
      Steve McIntyre in v4.

    - The new force_gpt_sector variable has been moved out to the common
      parser state because I realized that multiple drives could be scanned
      simultaneously, and thus, a global shared variable isn't a suitable
      variant.

    - The Tegra's enforced GPT-scan now supports older bootloader versions,
      which do not provide the gpt_sector= command line option.  The gpt_sector
      should be calculated using NVIDIA's algorithm in this case.

v4: - Scanning of the eMMC boot partitions has been dropped because it
      requires a bit too messy hacks in the kernel.  We can live without
      this feature, at least for now it's not really needed.

    - Instead of the dropped boot partitions scanning, the "gpt_sector="
      command line option has been brought back [1].  But now it's done
      in a different way, not bothering platforms other than Tegra and
      not touching block devices other than eMMC, which was requested during
      of the [1] review.  The "gpt_sector=" usage is needed when partition
      table is inaccessible by kernel, which is the case for the Ouya game
      console device for example.  Please note that "gpt_sector=" is not
      available on all devices, such devices will fall back to the TegraPT,
      Samsung Galaxy Tab 10.1 is an example of a such device.

      [1] https://patchwork.ozlabs.org/project/linux-tegra/patch/20200219162339.16192-1-digetx@gmail.com/

    - We got a bit more broad testing and discovered that Samsung Galaxy
      Tab 10.1 uses 2K logical sectors instead of 4K.  So the 2K sectors
      are supported now by the TegraPT parser.  Thanks to Nils Östlund for
      the testing!

    - TegraPT parser now utilizes "tegraboot=" cmdline option which is
      passed to kernel by the NVIDIA's bootloader.  It's used for verifying
      that SDMMC device is *the* boot source.

    - Added patch that exposes Boot Configuration Table to userspace via
      sysfs.  Thanks to Michał Mirosław for the suggestion!

    - Misc changes:
        - The EB2 (second bootloader) partition is added to the list of
          known partitions.  Used by the Galaxy Tab 10.

        - The blkdev logical sector size is checked now, for consistency.
          It always should be 512 bytes on the supported/tested devices.

        - Verbose error messages are replaced with pr_debug().

v3: - Fixed "BUG: KASAN: slab-out-of-bounds in tegra_partition".  Thanks to
      Peter Geis for noticing the problem.

    - The MMC boot partitions scanning is now opt-in. See this patch:

        mmc: block: Support partition-table scanning on boot partitions

    - The found MMC boot partitions won't be assigned to the MMC boot
      block device ever due to the new GENHD_FL_PART_SCAN_ONCE flag.

      This makes us to ensure that the old behavior of the MMC core is
      preserved for a non-Tegra MMC-block users.

    New patches in v3:

        block: Introduce GENHD_FL_PART_SCAN_ONCE
        mmc: sdhci-tegra: Enable boot partitions scanning on Tegra20 and Tegra30

v2: - Addressed v1 review comments from Stephen Warren by using BIT for
      locating BCT position in IRAM.

    - Added more validations to the TegraPT parser: partition type is
      verified, eMMC instance ID is verified.

    - TegraPT parser now doesn't touch any devices other than eMMC.

    - EKS (encrypted keys) partition is blacklisted now.

    - Implemented eMMC boot partitions scanning.  These new patches are
      added in a result:

        mmc: block: Add mmc_bdev_to_part_type() helper
        mmc: block: Add mmc_bdev_to_area_type() helper
        mmc: block: Add MMC_QUIRK_RESCAN_MAIN_BLKDEV
        mmc: block: Enable partition-table scanning for boot partitions
        partitions/tegra: Implement eMMC boot partitions scanning

Dmitry Osipenko (7):
  mmc: core: Add raw_boot_mult field to mmc_ext_csd
  mmc: block: Add mmc_bdev_to_card() helper
  partitions: Introduce NVIDIA Tegra Partition Table
  partitions/efi: Support GPT entry lookup at a non-standard location
  partitions/efi: Improve coding style
  partitions/tegra: Support enforced GPT scanning
  soc/tegra: Expose Boot Configuration Table via sysfs

 arch/arm/mach-tegra/tegra.c   |  58 ++++
 block/partitions/Kconfig      |   8 +
 block/partitions/Makefile     |   1 +
 block/partitions/check.h      |   3 +
 block/partitions/core.c       |   4 +
 block/partitions/efi.c        | 372 ++++++++++----------
 block/partitions/tegra.c      | 624 ++++++++++++++++++++++++++++++++++
 drivers/mmc/core/block.c      |  15 +
 drivers/mmc/core/mmc.c        |   2 +
 drivers/soc/tegra/Makefile    |   1 +
 drivers/soc/tegra/bootdata.c  |  51 +++
 drivers/soc/tegra/common.c    |  17 +
 include/linux/mmc/blkdev.h    |  13 +
 include/linux/mmc/card.h      |   1 +
 include/soc/tegra/bootdata.h  |  48 +++
 include/soc/tegra/common.h    |  12 +
 include/soc/tegra/partition.h |  84 +++++
 17 files changed, 1135 insertions(+), 179 deletions(-)
 create mode 100644 block/partitions/tegra.c
 create mode 100644 drivers/soc/tegra/bootdata.c
 create mode 100644 include/linux/mmc/blkdev.h
 create mode 100644 include/soc/tegra/bootdata.h
 create mode 100644 include/soc/tegra/partition.h

-- 
2.26.0

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ