[PATCH 0/1] ubifs: support authentication without hmac

[Richard Weinberger]

Torben,

----- Ursprüngliche Mail -----
> Von: "Torben Hohn" <torben.hohn at linutronix.de>
> An: "richard" <richard at nod.at>
> CC: "bigeasy" <bigeasy at linutronix.de>, "tglx" <tglx at linutronix.de>, "linux-mtd" <linux-mtd at lists.infradead.org>, "Sascha
> Hauer" <s.hauer at pengutronix.de>
> Gesendet: Donnerstag, 25. Juni 2020 17:59:26
> Betreff: [PATCH 0/1] ubifs: support authentication without hmac

> This patch adds support for ubifs authentication without HMAC,
> which obviously only works for a read-only mount.
> 
> ubiblock and dm-verity are not supported by u-boot, and
> the kernel on the target is loaded by u-boot out of the RFS.

As I said on IRC yesterday. There is a bug with UBIFS versioning.
u-boot is not supposed to read from authenticated UBIFS since it has
no authentication support at all an might trip over changed data structures.

We forgot to raise the UBIFS version to w5r1 for authenticated images
and only introduced a new feature flag.
This causes old UBIFS implementations like u-boot's to not enforce the
super block feature flag field. 
Before w4 feature flags didn't get enfocred. :-(

Patches for mkfs.ubifs and kernel are on their way, I just need to carefully
test them with many different old images, u-boot and kernel combinations.

I think it is high noon that u-boot updates their UBIFS, then a
non-authenticated should be trivial.
Of course you need to verify all files you read from it manually then.

> This is a first try to implement this.
> It boots fine, and the WARN_ON is not triggered.
> 
> I plan to update the docs also, but i would like to have
> some positive comments on this before.

I think this is a useful feature, please give me a few day to think about
all implications.

That said, I'm not really a fan of reading files from UBIFS in u-boot.
We have UBI static volumes for that...
Maybe you can give this a try and void some complexity in the bootloader.

Thanks,
//richard