[EXT] [REGRESSION]: v2022.07: SHA256 hash is broken on imx8m series with CAAM enabled
Gaurav Jain
gaurav.jain at nxp.com
Fri Jul 15 17:23:04 CEST 2022
Hello Andrey
> -----Original Message-----
> From: ZHIZHIKIN Andrey <andrey.zhizhikin at leica-geosystems.com>
> Sent: Friday, July 15, 2022 8:36 PM
> To: Gaurav Jain <gaurav.jain at nxp.com>
> Cc: u-boot at lists.denx.de; festevam at denx.de; sbabic at denx.de; Michael
> Walle <michael at walle.cc>; Tommaso Merciai
> <tommaso.merciai at amarulasolutions.com>; Michael Trimarchi
> <michael at amarulasolutions.com>; Marek Vasut <marex at denx.de>; Simon
> Glass <sjg at chromium.org>; Patrick Delaunay
> <patrick.delaunay at foss.st.com>; Stefan Roese <sr at denx.de>; Horia Geanta
> <horia.geanta at nxp.com>; Pankaj Gupta <pankaj.gupta at nxp.com>; Varun
> Sethi <V.Sethi at nxp.com>; Ye Li <ye.li at nxp.com>; dl-uboot-imx <uboot-
> imx at nxp.com>; trini <trini at konsulko.com>
> Subject: RE: [EXT] [REGRESSION]: v2022.07: SHA256 hash is broken on imx8m
> series with CAAM enabled
>
> Caution: EXT Email
>
> Hello Gaurav,
>
> Cc: Tom here for integration points.
>
> > -----Original Message-----
> > From: U-Boot <u-boot-bounces at lists.denx.de> On Behalf Of Gaurav Jain
> > Sent: Friday, July 15, 2022 4:01 PM
> > To: ZHIZHIKIN Andrey <andrey.zhizhikin at leica-geosystems.com>
> > Cc: u-boot at lists.denx.de; festevam at denx.de; sbabic at denx.de; Michael
> > Walle <michael at walle.cc>; Tommaso Merciai
> > <tommaso.merciai at amarulasolutions.com>;
> > Michael Trimarchi <michael at amarulasolutions.com>; Marek Vasut
> > <marex at denx.de>; Simon Glass <sjg at chromium.org>; Patrick Delaunay
> > <patrick.delaunay at foss.st.com>; Stefan Roese <sr at denx.de>; Horia
> > Geanta <horia.geanta at nxp.com>; Pankaj Gupta <pankaj.gupta at nxp.com>;
> > Varun Sethi <V.Sethi at nxp.com>; Ye Li <ye.li at nxp.com>; dl- uboot-imx
> > <uboot-imx at nxp.com>
> > Subject: RE: [EXT] [REGRESSION]: v2022.07: SHA256 hash is broken on
> > imx8m series with CAAM enabled
> >
> > Hello Andrey
> >
> > Right now I am not sure what could cause the issue.
> > As per our previous discussions, JR0 can not be used in uboot, so you
> > need to mark it as disabled until kernel device tree is not sync.
>
> Actually, I've given this a try by setting `status = "disabled"` in sec_jr0 node,
> and then the hash calculation was working again!
This is expected as caam driver will pick up the first jobring enabled in device tree.
>
> This has puzzled me a lot, since JR ID used to enqueue the SHA hashing
> descriptor is hard-coded to `0`, see the [1] for code reference. I was
> expecting that the call would fail but it somehow worked, perhaps by picking
> up the JR which is not disabled (JR1?)...
Caam driver model approach was developed to initialize the caam based on jobring enabled in device tree.
If driver model is not enabled then hardcoded JR0 will be used.
>
> This is a bit that needs more explanation, perhaps you can shed some light
> here on how this JR assignments are working in case when nodes are
> enabled/disabled?
See the code drivers/crypto/fsl/jr.c , function caam_jr_probe().
This function checks for enabled job ring and initialize caam.
Regards
Gaurav
>
>
> Stefano/Tom,
>
> From what I can see, since patch from Fabio [2] is planned for inclusion to
> linux-5.20.y (see [3] for PR) - it might be that the SHA computation will stay
> broken on i.MX8M derivatives until v2022.10 at least, or the HW hash
> computations are replaced with SW alternative until the JR configuration is
> not synced into U-Boot.
>
> Any advice on how to proceed here? I guess this would affect some people
> who are relying on FIT boot via `bootm`...
>
> > To debug more, can you run hash command with HASH_VERIFY.
>
> This did not solve the problem when JR0 node was still enabled, and had no
> effect when I disabled the node.
>
> >
> > Regards
> > Gaurav Jain
> >
> > > -----Original Message-----
> > > From: ZHIZHIKIN Andrey <andrey.zhizhikin at leica-geosystems.com>
> > > Sent: Friday, July 15, 2022 7:04 PM
> > > To: Gaurav Jain <gaurav.jain at nxp.com>
> > > Cc: u-boot at lists.denx.de; festevam at denx.de; sbabic at denx.de; Michael
> > > Walle <michael at walle.cc>; Tommaso Merciai
> > > <tommaso.merciai at amarulasolutions.com>; Michael Trimarchi
> > > <michael at amarulasolutions.com>; Marek Vasut <marex at denx.de>;
> Simon
> > > Glass <sjg at chromium.org>; Patrick Delaunay
> > > <patrick.delaunay at foss.st.com>; Stefan Roese <sr at denx.de>; Horia
> > > Geanta <horia.geanta at nxp.com>; Pankaj Gupta
> <pankaj.gupta at nxp.com>;
> > > Varun Sethi <V.Sethi at nxp.com>; Ye Li <ye.li at nxp.com>; dl-uboot-imx
> > > <uboot- imx at nxp.com>
> > > Subject: RE: [EXT] [REGRESSION]: v2022.07: SHA256 hash is broken on
> > > imx8m series with CAAM enabled
> > >
> > > Caution: EXT Email
> > >
> > > Hello Gaurav,
> > >
> > > > -----Original Message-----
> > > > From: U-Boot <u-boot-bounces at lists.denx.de> On Behalf Of Gaurav
> > > > Jain
> > > > Sent: Friday, July 15, 2022 2:56 PM
> > > > To: ZHIZHIKIN Andrey <andrey.zhizhikin at leica-geosystems.com>
> > > > Cc: u-boot at lists.denx.de; festevam at denx.de; sbabic at denx.de;
> > > > Michael Walle <michael at walle.cc>; Tommaso Merciai
> > > > <tommaso.merciai at amarulasolutions.com>;
> > > > Michael Trimarchi <michael at amarulasolutions.com>; Marek Vasut
> > > > <marex at denx.de>; Simon Glass <sjg at chromium.org>; Patrick
> Delaunay
> > > > <patrick.delaunay at foss.st.com>; Stefan Roese <sr at denx.de>; Horia
> > > > Geanta <horia.geanta at nxp.com>; Pankaj Gupta
> > > > <pankaj.gupta at nxp.com>; Varun Sethi <V.Sethi at nxp.com>; Ye Li
> > > > <ye.li at nxp.com>; dl- uboot-imx <uboot-imx at nxp.com>
> > > > Subject: RE: [EXT] [REGRESSION]: v2022.07: SHA256 hash is broken
> > > > on imx8m series with CAAM enabled
> > > >
> > > > Hello Andrey
> > > >
> > > > There is a patch in review related caam hash.
> > > > Please check if it fixes your problem.
> > > > https://eur01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fp
> > > > atch
> > > >
> > >
> work.ozlabs.org%2Fproject%2Fuboot%2Fpatch%2F20220616101009.809953-
> > > 1-&a
> > > >
> > >
> mp;data=05%7C01%7Cgaurav.jain%40nxp.com%7C4e78116cfe2b4487fdc208
> > > da6666
> > > >
> > >
> aa79%7C686ea1d3bc2b4c6fa92cd99c5c301635%7C0%7C0%7C637934888408
> > > 633266%7
> > > >
> > >
> CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJB
> > > TiI6Ik1
> > > >
> > >
> haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=Dwe%2FOgeLeH
> > > mWD7tKcmmJbV
> > > > %2F0D5cOZvH3kpCx%2FO%2FvMRg%3D&reserved=0
> > > > gaurav.jain at nxp.com/
> > >
> > > No, unfortunately this patch did not solve the issue, behavior is
> > > still the
> > same.
> > >
> > > >
> > > > Regards
> > > > Gaurav Jain
> > > >
> > > > > -----Original Message-----
> > > > > From: ZHIZHIKIN Andrey <andrey.zhizhikin at leica-geosystems.com>
> > > > > Sent: Friday, July 15, 2022 6:11 PM
> > > > > To: Gaurav Jain <gaurav.jain at nxp.com>
> > > > > Cc: u-boot at lists.denx.de; festevam at denx.de; sbabic at denx.de;
> > > > > Michael Walle <michael at walle.cc>; Tommaso Merciai
> > > > > <tommaso.merciai at amarulasolutions.com>; Michael Trimarchi
> > > > > <michael at amarulasolutions.com>; Marek Vasut <marex at denx.de>;
> > > Simon
> > > > > Glass <sjg at chromium.org>; Patrick Delaunay
> > > > > <patrick.delaunay at foss.st.com>; Stefan Roese <sr at denx.de>; Horia
> > > > > Geanta <horia.geanta at nxp.com>; Pankaj Gupta
> > > <pankaj.gupta at nxp.com>;
> > > > > Varun Sethi <V.Sethi at nxp.com>; Ye Li <ye.li at nxp.com>;
> > > > > dl-uboot-imx
> > > > > <uboot- imx at nxp.com>
> > > > > Subject: [EXT] [REGRESSION]: v2022.07: SHA256 hash is broken on
> > > > > imx8m series with CAAM enabled
> > > > >
> > > > > Caution: EXT Email
> > > > >
> > > > > Hello Gaurav,
> > > > >
> > > > > In the new v2022.07, I've stumbled upon the issue with
> > > > > calculating the
> > > > > SHA256 of memory blocks with CAAM hashing. This causes the FIT
> > > > > image not to pass the hash validation, and also `sha256` command
> not operable.
> > > > >
> > > > > I'm also wondering if any i.MX8M-based board maintainers have
> > > > > seen the same issues at their end?
> > > > >
> > > > > I've made a small test executing the following command sequence
> > > > > (with corresponding serial output):
> > > > >
> > > > > U-Boot 2022.07 (Jul 15 2022 - 14:36:00 +0200)
> > > > >
> > > > > CPU: Freescale i.MX8MMQ rev1.0 at 1200 MHz
> > > > > Reset cause: POR
> > > > > Model: FSL i.MX8MM EVK board
> > > > > DRAM: 2 GiB
> > > > > Core: 153 devices, 19 uclasses, devicetree: separate
> > > > > WDT: Started watchdog at 30280000 with servicing (60s timeout)
> > > > > MMC: FSL_SDHC: 1, FSL_SDHC: 2
> > > > > Loading Environment from MMC... *** Warning - bad CRC, using
> > > > > default environment
> > > > >
> > > > > In: serial at 30890000
> > > > > Out: serial at 30890000
> > > > > Err: serial at 30890000
> > > > > SEC0: RNG instantiated
> > > > > Net: eth0: ethernet at 30be0000
> > > > > Hit any key to stop autoboot: 0 u-boot=> mw.b ${kernel_addr_r}
> > > > > DE 100 u-boot=> md.b ${kernel_addr_r}
> > > > > 100
> > > > > 40480000: dededede dededede dededede dededede ................
> > > > > 40480010: dededede dededede dededede dededede ................
> > > > > 40480020: dededede dededede dededede dededede ................
> > > > > 40480030: dededede dededede dededede dededede ................
> > > > > 40480040: dededede dededede dededede dededede ................
> > > > > 40480050: dededede dededede dededede dededede ................
> > > > > 40480060: dededede dededede dededede dededede ................
> > > > > 40480070: dededede dededede dededede dededede ................
> > > > > 40480080: dededede dededede dededede dededede ................
> > > > > 40480090: dededede dededede dededede dededede ................
> > > > > 404800a0: dededede dededede dededede dededede ................
> > > > > 404800b0: dededede dededede dededede dededede ................
> > > > > 404800c0: dededede dededede dededede dededede ................
> > > > > 404800d0: dededede dededede dededede dededede ................
> > > > > 404800e0: dededede dededede dededede dededede ................
> > > > > 404800f0: dededede dededede dededede dededede ................
> > > > >
> > > > > u-boot=> hash sha256 ${kernel_addr_r} 100 CAAM was not setup
> > > > > properly or it is faulty
> > > > > sha256 for 40480000 ... 404800ff ==>
> > > > >
> > >
> 736372697074616464727d0a626f6f745f6566695f62696e6172793d6c6f6164
> > > > >
> > > > > Running `sha256` commands several times in a row also produces
> > > > > different Results, sometimes it comes out as all 0's.
> > > > >
> > > > > For comparison purposes, I've did similar on the desktop:
> > > > > $ while true ; do printf "\xDE"; done | dd of=./test_data bs=1
> > > > > count=256
> > > > > 256+0 records in
> > > > > 256+0 records out
> > > > > 256 bytes copied, 0.000484 s, 529 kB/s
> > > > >
> > > > > $ hexdump -C -v ./test_data
> > > > > 00000000 de de de de de de de de de de de de de de de de
> > > > > |................|
> > > > > 00000010 de de de de de de de de de de de de de de de de
> > > > > |................|
> > > > > 00000020 de de de de de de de de de de de de de de de de
> > > > > |................|
> > > > > 00000030 de de de de de de de de de de de de de de de de
> > > > > |................|
> > > > > 00000040 de de de de de de de de de de de de de de de de
> > > > > |................|
> > > > > 00000050 de de de de de de de de de de de de de de de de
> > > > > |................|
> > > > > 00000060 de de de de de de de de de de de de de de de de
> > > > > |................|
> > > > > 00000070 de de de de de de de de de de de de de de de de
> > > > > |................|
> > > > > 00000080 de de de de de de de de de de de de de de de de
> > > > > |................|
> > > > > 00000090 de de de de de de de de de de de de de de de de
> > > > > |................|
> > > > > 000000a0 de de de de de de de de de de de de de de de de
> > > > > |................|
> > > > > 000000b0 de de de de de de de de de de de de de de de de
> > > > > |................|
> > > > > 000000c0 de de de de de de de de de de de de de de de de
> > > > > |................|
> > > > > 000000d0 de de de de de de de de de de de de de de de de
> > > > > |................|
> > > > > 000000e0 de de de de de de de de de de de de de de de de
> > > > > |................|
> > > > > 000000f0 de de de de de de de de de de de de de de de de
> > > > > |................|
> > > > > 00000100
> > > > >
> > > > > $ sha256sum ./test_data
> > > > >
> > >
> 8b11bcdc65d5f1af0fa1edfa7b5db089dba40d4e8d29b455295d58ab2b314e76
> > > > > ./test_data
> > > > >
> > > > > As one can see, the SHA256 has a totally different value, with
> > > > > desktop produces a rather correct one.
> > > > >
> > > > > Since the CAAM is enabled per default for all i.MX8M
> > > > > derivatives, there is no way to target SHA hash calculations
> > > > > back to SW implementation, therefore it blocks a lot of people
> > > > > to boot FIT images
> > > that has `hash` nodes in them.
> > > > >
> > > > > Looking a bit deeper into why it fails, I saw that the JR used
> > > > > for hash calculations is hard-coded to `0` in
> > > > > run_descriptor_jr() call, which is now reserved in S-World for
> > > > > HAB operations. But changing it to `1` did not change the
> > > > > behavior, the SHA256 is still not calculated
> > > proper.
> > > > >
> > > > > Can you please advise how this can be solved?
> > > > >
> > > > > And more conceptually: why is SHA hashing now hardwired to HW
> > > > > CAAM module, while it was perfectly executed in SW via `lib/sha.c`?
> > > > >
> > > > > Thanks a lot!
> > > > >
> > > > > Regards,
> > > > > Andrey
> > >
> > > -- andrey
>
> Thanks a lot!
>
> -- andrey
>
> Link: [1]:
> https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fsourc
> e.denx.de%2Fu-boot%2Fu-boot%2F-
> %2Fblob%2Fmaster%2Fdrivers%2Fcrypto%2Ffsl%2Fjr.c%23L372&data=0
> 5%7C01%7Cgaurav.jain%40nxp.com%7C351b3fc4ae864c5e579a08da6673901
> 2%7C686ea1d3bc2b4c6fa92cd99c5c301635%7C0%7C0%7C637934943776754
> 909%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luM
> zIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=G%
> 2FBsNqPCACQ5F8DoYgy7IOwgu1QZeUVei85gwKzhpaw%3D&reserved=0
> Link: [2]:
> https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Flore.k
> ernel.org%2Fall%2F20220608170223.1536594-1-
> festevam%40denx.de%2F&data=05%7C01%7Cgaurav.jain%40nxp.com%
> 7C351b3fc4ae864c5e579a08da66739012%7C686ea1d3bc2b4c6fa92cd99c5c3
> 01635%7C0%7C0%7C637934943776754909%7CUnknown%7CTWFpbGZsb3d8
> eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3
> D%7C3000%7C%7C%7C&sdata=zQm7kQHuOyLfkfI2WFPJtl0YKtPhVFtUM
> s7BoCedGsY%3D&reserved=0
> Link: [3]:
> https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Flore.k
> ernel.org%2Fall%2F20220709082951.15123-5-
> shawnguo%40kernel.org%2F&data=05%7C01%7Cgaurav.jain%40nxp.co
> m%7C351b3fc4ae864c5e579a08da66739012%7C686ea1d3bc2b4c6fa92cd99c
> 5c301635%7C0%7C0%7C637934943776754909%7CUnknown%7CTWFpbGZsb
> 3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0
> %3D%7C3000%7C%7C%7C&sdata=geHpB6tnctt4dG5N8lhzlUJM31rj3T5b
> 9J8hkDgKVcc%3D&reserved=0
More information about the U-Boot
mailing list