[PATCH v2 3/7] common: integrate crypt-based passwords

Steffen Jaeckel jaeckel-floss at eyet-services.de
Tue May 11 17:02:36 CEST 2021


Hi Simon,

On 5/10/21 10:45 PM, Simon Glass wrote:
> On Mon, 10 May 2021 at 13:37, Steffen Jaeckel
> <jaeckel-floss at eyet-services.de> wrote:

[snip]

>> diff --git a/common/autoboot.c b/common/autoboot.c
>> index 50ab9281e7..6f55abe388 100644
>> --- a/common/autoboot.c
>> +++ b/common/autoboot.c
>> @@ -316,3 +316,4 @@ static int abortboot_key_sequence(int bootdelay)
>>         if (IS_ENABLED(CONFIG_AUTOBOOT_ENCRYPTION)) {
>> -               if (IS_ENABLED(CONFIG_CRYPT_PW))
>> +               if (IS_ENABLED(CONFIG_CRYPT_PW) &&
>> +                   env_get_yesno("bootstopusesha256") != 1)
>>                         abort = passwd_abort_crypt(etime);
> 
> Yes, and then you can enable both in sandbox and potentially have a
> test for your code within the standard sandbox build.

What kind of tests do you want to have added? Python based or C based ones?

TBH I don't see an easy way (yet) to add more tests than the ones I
already added, as enabling AUTOBOOT_KEYED (which is required for both,
crypt and sha256) would change the startup behavior of the sandbox...


Cheers
Steffen


More information about the U-Boot mailing list