From mboxrd@z Thu Jan 1 00:00:00 1970 From: Steffen Jaeckel Date: Tue, 11 May 2021 17:02:36 +0200 Subject: [PATCH v2 3/7] common: integrate crypt-based passwords In-Reply-To: References: <20210510061916.3388626-1-jaeckel-floss@eyet-services.de> <20210510061916.3388626-4-jaeckel-floss@eyet-services.de> <665efe80-e61d-6750-ac0f-6801439c65df@eyet-services.de> <460701e4-3684-9de8-73fa-4229db6a089a@eyet-services.de> Message-ID: <39dc05ec-6d9b-359c-a983-4fd5a3ed6f32@eyet-services.de> List-Id: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: u-boot@lists.denx.de Hi Simon, On 5/10/21 10:45 PM, Simon Glass wrote: > On Mon, 10 May 2021 at 13:37, Steffen Jaeckel > wrote: [snip] >> diff --git a/common/autoboot.c b/common/autoboot.c >> index 50ab9281e7..6f55abe388 100644 >> --- a/common/autoboot.c >> +++ b/common/autoboot.c >> @@ -316,3 +316,4 @@ static int abortboot_key_sequence(int bootdelay) >> if (IS_ENABLED(CONFIG_AUTOBOOT_ENCRYPTION)) { >> - if (IS_ENABLED(CONFIG_CRYPT_PW)) >> + if (IS_ENABLED(CONFIG_CRYPT_PW) && >> + env_get_yesno("bootstopusesha256") != 1) >> abort = passwd_abort_crypt(etime); > > Yes, and then you can enable both in sandbox and potentially have a > test for your code within the standard sandbox build. What kind of tests do you want to have added? Python based or C based ones? TBH I don't see an easy way (yet) to add more tests than the ones I already added, as enabling AUTOBOOT_KEYED (which is required for both, crypt and sha256) would change the startup behavior of the sandbox... Cheers Steffen