greybus-dev September 2020

greybus-dev@lists.linaro.org

8 participants
6 discussions

by Christopher Friedt

Hi everyone, I thought it might be a good time to start / re-start / join the conversation about authentication and encryption in Greybus, and in particular, for using a transport (and lower layers) other than UniPro. This is the logical next step after getting the TCP/IP transport working with gbridge over BLE, 802.15.4, WiFi, ethernet, UART, etc. There is the Component Authentication Protocol that exists already, but I'm not terribly familiar with it. Is anyone able to clarify if there is some overlap between CAP and some of the work that follows? If it's possible to re-use some of the CAP, that would be nice. Just over a year ago I set up authentication and encryption over Greybus for BeagleBoard.org. I was able to demonstrate it working over a TCP/IP transport. Here is some code that is on the back-burner for now. https://github.com/friedtco/gbridge/blob/feature/tcpip-ble-ipsp/pkauth.h https://github.com/friedtco/gbridge/blob/feature/tcpip-ble-ipsp/pkauth.c I have a PR open to anobli/gbridge on GitHub that pulls in the non-authentication / encryption changes. So the change that deals with auth and encryption is fairly small. On the Host side, it uses OpenSSL. We are using regular SSH keys for asymmetric authentication and the initial secure channel, then generating and sharing an AES-128 session key for symmetric encryption of the subsequent communications. The wireless SoC we're using for testing is the CC1352R from TI, and it has both AES and PK hardware accelerators. Most SoC's these days have an AES accelerator, at least. The handshake is described here, but I'll copy it into the email as well. https://github.com/friedtco/gbridge/blob/feature/tcpip-ble-ipsp/pkauth.c#L1… 1. Device sends its public key 2. Host compares device public key with those in a collection of trusted public keys. if not found connection closed. 3. Host sends its public key 4. Device compares host public key with those in a collection of trusted public keys. if not found connection closed. 5. Device creates a randomly generated message, "PlainText A". 6. Device encrypts "PlainText A" using Host public key, creating "CipherText A". 7. Device transmits "CipherText A" to Host. 8. Host decrypts "CipherText A" with Host private key, resulting in "PlainText B". 9. Host encrypts "PlainText B" using Device public key, creating "CipherText B". 10. Host transmits "CipherText B" to Device. 11. Device decrypts "CipherText B" with Device private key, resulting in "PlainText C". 12. Device compares "PlainText A" and "PlainText C", and responds with success or noauth. 13. Host creates a randomly generated message, "PlainText D". 14. Host encrypts "PlainText D" using Device public key, creating "CipherText D". 15. Host transmits "CipherText D" to Device. 16. Device decrypts "CipherText D" with Device private key, resulting in "PlainText E". 17. Device encrypts "PlainText E" using Host public key, creating "CipherText E". 18. Device transmits "CipherText E" to Host. 19. Host decrypts "CipherText E" with Host private key, resulting in "PlainText F". 20. Host compares "PlainText D" and "PlainText F", and responds with success or noauth. 21. Host generates symmetric session key as "PlainText G", pairs session key with socket. 22. Host encrypts "PlainText G" with Device public key, resulting in "CipherText G". 23. Host transmits "CipherText G" to device. 24. Device decrypts "CipherText G" using Device private key, resulting in "PlainText H". 25. Device pairs the session key ("PlainText H") with socket. Currently, this handshake happens when a new connection is created on any port / CPort (be it Control, GPIO, I2C, SPI, etc). While I understand that this security mechanism is not nearly as sophisticated as that of Thread, for example, it's fairly easy to implement locally for developers. However, we would ultimately like to support more than one method of authentication and encryption in Greybus. For the very basic method we implemented above, 5 additional message primitives were required: https://github.com/friedtco/gbridge/blob/feature/tcpip-ble-ipsp/pkauth.h#L32 #define GB_PKAUTH_TYPE_VERSION 0x7a #define GB_PKAUTH_TYPE_PUBKEY 0x7b #define GB_PKAUTH_TYPE_CHALLENGE 0x7c #define GB_PKAUTH_TYPE_CHALLENGE_RESP 0x7d #define GB_PKAUTH_TYPE_SESSION_KEY 0x7e For full negotiation of the auth mechanism and encryption algorithm (e.g. OAuth2 authentication + 3DES encryption) we'll probably need a few more message primitives, and likely a new minor version (at least) for each CPort protocol. It should be possible (although discouraged) to opt for everything in plaintext, but that would also be the default case for the CPort protocols as they exist today. I would love to hear some ideas about this from whoever is interested. Cheers, C

3 years, 3 months

[PATCH 1/3] [PATCH] staging: greybus: fix warnings about endianness detected by sparse

by Coiby Xu

This patch fix the following warnings from sparse, $ make C=2 drivers/staging/greybus/ drivers/staging/greybus/audio_module.c:222:25: warning: incorrect type in assignment (different base types) drivers/staging/greybus/audio_module.c:222:25: expected restricted __le16 [usertype] data_cport drivers/staging/greybus/audio_module.c:222:25: got unsigned short [usertype] intf_cport_id drivers/staging/greybus/audio_topology.c:460:40: warning: restricted __le32 degrades to integer drivers/staging/greybus/audio_topology.c:691:41: warning: incorrect type in assignment (different base types) drivers/staging/greybus/audio_topology.c:691:41: expected unsigned int access drivers/staging/greybus/audio_topology.c:691:41: got restricted __le32 [usertype] access drivers/staging/greybus/audio_topology.c:746:44: warning: incorrect type in assignment (different base types) drivers/staging/greybus/audio_topology.c:746:44: expected unsigned int drivers/staging/greybus/audio_topology.c:746:44: got restricted __le32 drivers/staging/greybus/audio_topology.c:748:52: warning: incorrect type in assignment (different base types) drivers/staging/greybus/audio_topology.c:748:52: expected unsigned int drivers/staging/greybus/audio_topology.c:748:52: got restricted __le32 drivers/staging/greybus/audio_topology.c:802:42: warning: restricted __le32 degrades to integer drivers/staging/greybus/audio_topology.c:805:50: warning: incorrect type in assignment (different base types) drivers/staging/greybus/audio_topology.c:805:50: expected restricted __le32 drivers/staging/greybus/audio_topology.c:805:50: got unsigned int drivers/staging/greybus/audio_topology.c:814:50: warning: restricted __le32 degrades to integer drivers/staging/greybus/audio_topology.c:817:58: warning: incorrect type in assignment (different base types) drivers/staging/greybus/audio_topology.c:817:58: expected restricted __le32 drivers/staging/greybus/audio_topology.c:817:58: got unsigned int drivers/staging/greybus/audio_topology.c:889:25: warning: incorrect type in assignment (different base types) drivers/staging/greybus/audio_topology.c:889:25: expected unsigned int access drivers/staging/greybus/audio_topology.c:889:25: got restricted __le32 [usertype] access Suggested-by: Dan Carpenter <dan.carpenter(a)oracle.com> Reviewed-by: Dan Carpenter <dan.carpenter(a)oracle.com> Signed-off-by: Coiby Xu <coiby.xu(a)gmail.com> --- drivers/staging/greybus/audio_module.c | 6 +++--- drivers/staging/greybus/audio_topology.c | 18 +++++++++--------- 2 files changed, 12 insertions(+), 12 deletions(-) diff --git a/drivers/staging/greybus/audio_module.c b/drivers/staging/greybus/audio_module.c index 16f60256adb2..c52c4f361b90 100644 --- a/drivers/staging/greybus/audio_module.c +++ b/drivers/staging/greybus/audio_module.c @@ -219,7 +219,7 @@ static int gb_audio_add_data_connection(struct gbaudio_module_info *gbmodule, greybus_set_drvdata(bundle, gbmodule); dai->id = 0; - dai->data_cport = connection->intf_cport_id; + dai->data_cport = cpu_to_le16(connection->intf_cport_id); dai->connection = connection; list_add(&dai->list, &gbmodule->data_list); @@ -329,7 +329,7 @@ static int gb_audio_probe(struct gb_bundle *bundle, if (ret) { dev_err(dev, "%d:Error while enabling %d:data connection\n", - ret, dai->data_cport); + ret, le16_to_cpu(dai->data_cport)); goto disable_data_connection; } } @@ -451,7 +451,7 @@ static int gb_audio_resume(struct device *dev) if (ret) { dev_err(dev, "%d:Error while enabling %d:data connection\n", - ret, dai->data_cport); + ret, le16_to_cpu(dai->data_cport)); return ret; } } diff --git a/drivers/staging/greybus/audio_topology.c b/drivers/staging/greybus/audio_topology.c index 83b38ae8908c..56bf1a4f95ad 100644 --- a/drivers/staging/greybus/audio_topology.c +++ b/drivers/staging/greybus/audio_topology.c @@ -466,7 +466,7 @@ static int gbcodec_mixer_dapm_ctl_put(struct snd_kcontrol *kcontrol, goto exit; /* update ucontrol */ - if (gbvalue.value.integer_value[0] != val) { + if (gbvalue.value.integer_value[0] != cpu_to_le32(val)) { for (wi = 0; wi < wlist->num_widgets; wi++) { widget = wlist->widgets[wi]; snd_soc_dapm_mixer_update_power(widget->dapm, kcontrol, @@ -689,7 +689,7 @@ static int gbaudio_tplg_create_kcontrol(struct gbaudio_module_info *gb, return -ENOMEM; ctldata->ctl_id = ctl->id; ctldata->data_cport = le16_to_cpu(ctl->data_cport); - ctldata->access = ctl->access; + ctldata->access = le32_to_cpu(ctl->access); ctldata->vcount = ctl->count_values; ctldata->info = &ctl->info; *kctl = (struct snd_kcontrol_new) @@ -744,10 +744,10 @@ static int gbcodec_enum_dapm_ctl_get(struct snd_kcontrol *kcontrol, return ret; } - ucontrol->value.enumerated.item[0] = gbvalue.value.enumerated_item[0]; + ucontrol->value.enumerated.item[0] = le32_to_cpu(gbvalue.value.enumerated_item[0]); if (e->shift_l != e->shift_r) ucontrol->value.enumerated.item[1] = - gbvalue.value.enumerated_item[1]; + le32_to_cpu(gbvalue.value.enumerated_item[1]); return 0; } @@ -801,10 +801,10 @@ static int gbcodec_enum_dapm_ctl_put(struct snd_kcontrol *kcontrol, mask = e->mask << e->shift_l; if (gbvalue.value.enumerated_item[0] != - ucontrol->value.enumerated.item[0]) { + cpu_to_le32(ucontrol->value.enumerated.item[0])) { change = 1; gbvalue.value.enumerated_item[0] = - ucontrol->value.enumerated.item[0]; + cpu_to_le32(ucontrol->value.enumerated.item[0]); } if (e->shift_l != e->shift_r) { @@ -813,10 +813,10 @@ static int gbcodec_enum_dapm_ctl_put(struct snd_kcontrol *kcontrol, val |= ucontrol->value.enumerated.item[1] << e->shift_r; mask |= e->mask << e->shift_r; if (gbvalue.value.enumerated_item[1] != - ucontrol->value.enumerated.item[1]) { + cpu_to_le32(ucontrol->value.enumerated.item[1])) { change = 1; gbvalue.value.enumerated_item[1] = - ucontrol->value.enumerated.item[1]; + cpu_to_le32(ucontrol->value.enumerated.item[1]); } } @@ -887,7 +887,7 @@ static int gbaudio_tplg_create_mixer_ctl(struct gbaudio_module_info *gb, return -ENOMEM; ctldata->ctl_id = ctl->id; ctldata->data_cport = le16_to_cpu(ctl->data_cport); - ctldata->access = ctl->access; + ctldata->access = le32_to_cpu(ctl->access); ctldata->vcount = ctl->count_values; ctldata->info = &ctl->info; *kctl = (struct snd_kcontrol_new) -- 2.28.0

3 years, 7 months

[PATCH] staging: greybus: fix warnings detected by sparse

by Coiby Xu

This patch fix the following warnings from sparse, $ make C=2 drivers/staging/greybus/ drivers/staging/greybus/audio_codec.c:691:36: warning: incorrect type in initializer (different base types) drivers/staging/greybus/audio_codec.c:691:36: expected unsigned long long [usertype] formats drivers/staging/greybus/audio_codec.c:691:36: got restricted snd_pcm_format_t [usertype] drivers/staging/greybus/audio_codec.c:701:36: warning: incorrect type in initializer (different base types) drivers/staging/greybus/audio_codec.c:701:36: expected unsigned long long [usertype] formats drivers/staging/greybus/audio_codec.c:701:36: got restricted snd_pcm_format_t [usertype] drivers/staging/greybus/audio_module.c:222:25: warning: incorrect type in assignment (different base types) drivers/staging/greybus/audio_module.c:222:25: expected restricted __le16 [usertype] data_cport drivers/staging/greybus/audio_module.c:222:25: got unsigned short [usertype] intf_cport_id drivers/staging/greybus/audio_topology.c:460:40: warning: restricted __le32 degrades to integer drivers/staging/greybus/audio_topology.c:691:41: warning: incorrect type in assignment (different base types) drivers/staging/greybus/audio_topology.c:691:41: expected unsigned int access drivers/staging/greybus/audio_topology.c:691:41: got restricted __le32 [usertype] access drivers/staging/greybus/audio_topology.c:746:44: warning: incorrect type in assignment (different base types) drivers/staging/greybus/audio_topology.c:746:44: expected unsigned int drivers/staging/greybus/audio_topology.c:746:44: got restricted __le32 drivers/staging/greybus/audio_topology.c:748:52: warning: incorrect type in assignment (different base types) drivers/staging/greybus/audio_topology.c:748:52: expected unsigned int drivers/staging/greybus/audio_topology.c:748:52: got restricted __le32 drivers/staging/greybus/audio_topology.c:802:42: warning: restricted __le32 degrades to integer drivers/staging/greybus/audio_topology.c:805:50: warning: incorrect type in assignment (different base types) drivers/staging/greybus/audio_topology.c:805:50: expected restricted __le32 drivers/staging/greybus/audio_topology.c:805:50: got unsigned int drivers/staging/greybus/audio_topology.c:814:50: warning: restricted __le32 degrades to integer drivers/staging/greybus/audio_topology.c:817:58: warning: incorrect type in assignment (different base types) drivers/staging/greybus/audio_topology.c:817:58: expected restricted __le32 drivers/staging/greybus/audio_topology.c:817:58: got unsigned int drivers/staging/greybus/audio_topology.c:889:25: warning: incorrect type in assignment (different base types) drivers/staging/greybus/audio_topology.c:889:25: expected unsigned int access drivers/staging/greybus/audio_topology.c:889:25: got restricted __le32 [usertype] access Signed-off-by: Coiby Xu <coiby.xu(a)gmail.com> --- drivers/staging/greybus/audio_codec.c | 4 ++-- drivers/staging/greybus/audio_module.c | 2 +- drivers/staging/greybus/audio_topology.c | 18 +++++++++--------- 3 files changed, 12 insertions(+), 12 deletions(-) diff --git a/drivers/staging/greybus/audio_codec.c b/drivers/staging/greybus/audio_codec.c index 74538f8c5fa4..494aa823e998 100644 --- a/drivers/staging/greybus/audio_codec.c +++ b/drivers/staging/greybus/audio_codec.c @@ -688,7 +688,7 @@ static struct snd_soc_dai_driver gbaudio_dai[] = { .playback = { .stream_name = "I2S 0 Playback", .rates = SNDRV_PCM_RATE_48000, - .formats = SNDRV_PCM_FORMAT_S16_LE, + .formats = SNDRV_PCM_FMTBIT_S16_LE, .rate_max = 48000, .rate_min = 48000, .channels_min = 1, @@ -698,7 +698,7 @@ static struct snd_soc_dai_driver gbaudio_dai[] = { .capture = { .stream_name = "I2S 0 Capture", .rates = SNDRV_PCM_RATE_48000, - .formats = SNDRV_PCM_FORMAT_S16_LE, + .formats = SNDRV_PCM_FMTBIT_S16_LE, .rate_max = 48000, .rate_min = 48000, .channels_min = 1, diff --git a/drivers/staging/greybus/audio_module.c b/drivers/staging/greybus/audio_module.c index 16f60256adb2..00848b84b022 100644 --- a/drivers/staging/greybus/audio_module.c +++ b/drivers/staging/greybus/audio_module.c @@ -219,7 +219,7 @@ static int gb_audio_add_data_connection(struct gbaudio_module_info *gbmodule, greybus_set_drvdata(bundle, gbmodule); dai->id = 0; - dai->data_cport = connection->intf_cport_id; + dai->data_cport = cpu_to_le16(connection->intf_cport_id); dai->connection = connection; list_add(&dai->list, &gbmodule->data_list); diff --git a/drivers/staging/greybus/audio_topology.c b/drivers/staging/greybus/audio_topology.c index 83b38ae8908c..56bf1a4f95ad 100644 --- a/drivers/staging/greybus/audio_topology.c +++ b/drivers/staging/greybus/audio_topology.c @@ -466,7 +466,7 @@ static int gbcodec_mixer_dapm_ctl_put(struct snd_kcontrol *kcontrol, goto exit; /* update ucontrol */ - if (gbvalue.value.integer_value[0] != val) { + if (gbvalue.value.integer_value[0] != cpu_to_le32(val)) { for (wi = 0; wi < wlist->num_widgets; wi++) { widget = wlist->widgets[wi]; snd_soc_dapm_mixer_update_power(widget->dapm, kcontrol, @@ -689,7 +689,7 @@ static int gbaudio_tplg_create_kcontrol(struct gbaudio_module_info *gb, return -ENOMEM; ctldata->ctl_id = ctl->id; ctldata->data_cport = le16_to_cpu(ctl->data_cport); - ctldata->access = ctl->access; + ctldata->access = le32_to_cpu(ctl->access); ctldata->vcount = ctl->count_values; ctldata->info = &ctl->info; *kctl = (struct snd_kcontrol_new) @@ -744,10 +744,10 @@ static int gbcodec_enum_dapm_ctl_get(struct snd_kcontrol *kcontrol, return ret; } - ucontrol->value.enumerated.item[0] = gbvalue.value.enumerated_item[0]; + ucontrol->value.enumerated.item[0] = le32_to_cpu(gbvalue.value.enumerated_item[0]); if (e->shift_l != e->shift_r) ucontrol->value.enumerated.item[1] = - gbvalue.value.enumerated_item[1]; + le32_to_cpu(gbvalue.value.enumerated_item[1]); return 0; } @@ -801,10 +801,10 @@ static int gbcodec_enum_dapm_ctl_put(struct snd_kcontrol *kcontrol, mask = e->mask << e->shift_l; if (gbvalue.value.enumerated_item[0] != - ucontrol->value.enumerated.item[0]) { + cpu_to_le32(ucontrol->value.enumerated.item[0])) { change = 1; gbvalue.value.enumerated_item[0] = - ucontrol->value.enumerated.item[0]; + cpu_to_le32(ucontrol->value.enumerated.item[0]); } if (e->shift_l != e->shift_r) { @@ -813,10 +813,10 @@ static int gbcodec_enum_dapm_ctl_put(struct snd_kcontrol *kcontrol, val |= ucontrol->value.enumerated.item[1] << e->shift_r; mask |= e->mask << e->shift_r; if (gbvalue.value.enumerated_item[1] != - ucontrol->value.enumerated.item[1]) { + cpu_to_le32(ucontrol->value.enumerated.item[1])) { change = 1; gbvalue.value.enumerated_item[1] = - ucontrol->value.enumerated.item[1]; + cpu_to_le32(ucontrol->value.enumerated.item[1]); } } @@ -887,7 +887,7 @@ static int gbaudio_tplg_create_mixer_ctl(struct gbaudio_module_info *gb, return -ENOMEM; ctldata->ctl_id = ctl->id; ctldata->data_cport = le16_to_cpu(ctl->data_cport); - ctldata->access = ctl->access; + ctldata->access = le32_to_cpu(ctl->access); ctldata->vcount = ctl->count_values; ctldata->info = &ctl->info; *kctl = (struct snd_kcontrol_new) -- 2.28.0

3 years, 7 months

[PATCH -next] staging: greybus: simplify the return expression of gb_svc_add()

by Liu Shixin

Simplify the return expression. Signed-off-by: Liu Shixin <liushixin2(a)huawei.com> --- drivers/greybus/svc.c | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/drivers/greybus/svc.c b/drivers/greybus/svc.c index ce7740ef449b..dca251172cd2 100644 --- a/drivers/greybus/svc.c +++ b/drivers/greybus/svc.c @@ -1345,18 +1345,12 @@ struct gb_svc *gb_svc_create(struct gb_host_device *hd) int gb_svc_add(struct gb_svc *svc) { - int ret; - /* * The SVC protocol is currently driven by the SVC, so the SVC device * is added from the connection request handler when enough * information has been received. */ - ret = gb_connection_enable(svc->connection); - if (ret) - return ret; - - return 0; + return gb_connection_enable(svc->connection); } static void gb_svc_remove_modules(struct gb_svc *svc) -- 2.25.1

3 years, 7 months

Re: [greybus-dev] [PATCH] staging: greybus: Fix NULL ptr reference in gb_bootrom_get_firmware

by Johan Hovold

On Thu, Sep 03, 2020 at 09:57:42AM +0800, Ye Bin wrote: > In gb_bootrom_get_firmware funtion fw maybe null, we must test it before > use it. No, fw will never be NULL when ret is zero so the current code is correct. Greg, please drop this one from your testing branch. > Signed-off-by: Ye Bin <yebin10(a)huawei.com> > --- > drivers/staging/greybus/bootrom.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/drivers/staging/greybus/bootrom.c b/drivers/staging/greybus/bootrom.c > index a8efb86de140..e1573a5febf0 100644 > --- a/drivers/staging/greybus/bootrom.c > +++ b/drivers/staging/greybus/bootrom.c > @@ -298,7 +298,7 @@ static int gb_bootrom_get_firmware(struct gb_operation *op) > > queue_work: > /* Refresh timeout */ > - if (!ret && (offset + size == fw->size)) > + if (!ret && fw && (offset + size == fw->size)) > next_request = NEXT_REQ_READY_TO_BOOT; > else > next_request = NEXT_REQ_GET_FIRMWARE; Johan

3 years, 7 months

[RFC PATCH v2 0/3] mikroBUS driver for add-on boards

by Vaishnav M A

Hi, This Patch series is an update to the mikroBUS driver RFC v1 Patch : https://lkml.org/lkml/2020/7/24/518 . The mikrobus driver is updated to add mikrobus ports from device-tree overlays, the debug interfaces for adding mikrobus ports through sysFS is removed, and the driver considers the extended usage of mikrobus port pins from their standard purposes. change log: v2: support for adding mikroBUS ports from DT overlays, remove debug sysFS interface for adding mikrobus ports, consider extended pin usage/deviations from mikrobus standard specifications, use greybus CPort protocol enum instead of new protcol enums Fix cases of wrong indendation, ignoring return values, freeing allocated resources in case of errors and other style suggestions in v1 review. Vaishnav M A (3): add mikrobus descriptors to greybus_manifest mikroBUS driver for add-on boards on mikrobus ports Add Device Tree Bindings for mikroBUS port .../bindings/misc/linux,mikrobus.txt | 81 ++ MAINTAINERS | 6 + drivers/misc/Kconfig | 1 + drivers/misc/Makefile | 1 + drivers/misc/mikrobus/Kconfig | 16 + drivers/misc/mikrobus/Makefile | 7 + drivers/misc/mikrobus/mikrobus_core.c | 692 ++++++++++++++++++ drivers/misc/mikrobus/mikrobus_core.h | 191 +++++ drivers/misc/mikrobus/mikrobus_manifest.c | 444 +++++++++++ drivers/misc/mikrobus/mikrobus_manifest.h | 21 + drivers/misc/mikrobus/mikrobus_port.c | 171 +++++ include/linux/greybus/greybus_manifest.h | 47 ++ 12 files changed, 1678 insertions(+) create mode 100644 Documentation/devicetree/bindings/misc/linux,mikrobus.txt create mode 100644 drivers/misc/mikrobus/Kconfig create mode 100644 drivers/misc/mikrobus/Makefile create mode 100644 drivers/misc/mikrobus/mikrobus_core.c create mode 100644 drivers/misc/mikrobus/mikrobus_core.h create mode 100644 drivers/misc/mikrobus/mikrobus_manifest.c create mode 100644 drivers/misc/mikrobus/mikrobus_manifest.h create mode 100644 drivers/misc/mikrobus/mikrobus_port.c -- 2.25.1

3 years, 7 months

2024

2023

2022

2021

2020

2019

2018

2017

2016

greybus-dev September 2020