Re: [PATCH 2/3] common: machine_id: introduce machine id generation and pass id on

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




On 17/7/19 12:02, Roland Hieber wrote:
> On Tue, Jul 16, 2019 at 12:58:36PM +0200, Bastian Krause wrote:
>> By default systemd generates a machine id on first boot and tries to
>> persist it (see `man machine-id`). When the root file system is read-only
>> systemd cannot persist the machine id. In case multiple redundant slots
>> are used the machine id will vary. When not handled explicitly the
>> machine id will also change during updates.
>>
>> It is possible to pass a machine id to the kernel which will be used by
>> systemd (systemd.machine_id=).
>>
>> This adds functionality to pass device-specific information that will be
>> hashed to generate a persistent unique machine id. The machine id will
>> be finally added to the kernel parameters via the
>> linux.bootargs.machine_id global variable.
>>
>> Note: if multiple sources provide hashable device-specific information
>> (via machine_id_set_hashable()) the information provided by the last call
>> prior to the late initcall set_machine_id() is used to generate the
>> machine id from. Thus when updating barebox the machine id might change.
> 
> I would also add this paragraph to the kconfig help text, so it is more
> visible for users.

Maybe add a priority parameter like we do with e.g. reset reason?
That way we can have a base machine-id in the OTP, but board code can
override it with e.g. an EEPROM value which is given higher priority.

> 
>  - Roland
> 
>>
>> Signed-off-by: Bastian Krause <bst@xxxxxxxxxxxxxx>
>> ---
>>  common/Kconfig       | 11 ++++++++
>>  common/Makefile      |  1 +
>>  common/machine_id.c  | 65 ++++++++++++++++++++++++++++++++++++++++++++
>>  include/machine_id.h |  6 ++++
>>  4 files changed, 83 insertions(+)
>>  create mode 100644 common/machine_id.c
>>  create mode 100644 include/machine_id.h
>>
>> diff --git a/common/Kconfig b/common/Kconfig
>> index 8aad5baecd..4b2d79350d 100644
>> --- a/common/Kconfig
>> +++ b/common/Kconfig
>> @@ -982,6 +982,17 @@ config RESET_SOURCE
>>  	  of the reset and why the bootloader is currently running. It can be
>>  	  useful for any kind of system recovery or repair.
>>  
>> +config MACHINE_ID
>> +	bool "pass machine-id to kernel"
>> +	depends on FLEXIBLE_BOOTARGS
>> +	select DIGEST
>> +	select DIGEST_SHA1_GENERIC
>> +	help
>> +	  Sets the linux.bootargs.machine_id global variable with a value of
>> +	  systemd.machine_id=UID. The UID is a persistent device-specific
>> +	  id. It is a hash over device-specific information provided by various
>> +	  sources.
>> +
>>  endmenu
>>  
>>  menu "Debugging"
>> diff --git a/common/Makefile b/common/Makefile
>> index a284655fc1..10960169f9 100644
>> --- a/common/Makefile
>> +++ b/common/Makefile
>> @@ -11,6 +11,7 @@ obj-y				+= bootsource.o
>>  obj-$(CONFIG_ELF)		+= elf.o
>>  obj-y				+= restart.o
>>  obj-y				+= poweroff.o
>> +obj-$(CONFIG_MACHINE_ID)	+= machine_id.o
>>  obj-$(CONFIG_AUTO_COMPLETE)	+= complete.o
>>  obj-y				+= version.o
>>  obj-$(CONFIG_BAREBOX_UPDATE)	+= bbu.o
>> diff --git a/common/machine_id.c b/common/machine_id.c
>> new file mode 100644
>> index 0000000000..54c1820086
>> --- /dev/null
>> +++ b/common/machine_id.c
>> @@ -0,0 +1,65 @@
>> +/* SPDX-License-Identifier: GPL-2.0 */
>> +/*
>> + * Copyright (C) 2019 Pengutronix, Bastian Krause <kernel@xxxxxxxxxxxxxx>
>> + */
>> +
>> +#define pr_fmt(fmt) "machine-id: " fmt
>> +
>> +#include <common.h>
>> +#include <init.h>
>> +#include <digest.h>
>> +#include <globalvar.h>
>> +#include <crypto/sha.h>
>> +#include <machine_id.h>
>> +
>> +#define MACHINE_ID_LENGTH 32
>> +
>> +static void *__machine_id_hashable;
>> +static size_t __machine_id_hashable_length;
>> +
>> +
>> +void machine_id_set_hashable(void *hashable, size_t len)
>> +{
>> +	__machine_id_hashable = hashable;
>> +	__machine_id_hashable_length = len;
>> +}
>> +
>> +static int machine_id_set_bootarg(void)
>> +{
>> +	struct digest *digest = NULL;
>> +	unsigned char machine_id[SHA1_DIGEST_SIZE];
>> +	char *hex_id;
>> +	int ret = 0;
>> +
>> +	if (!__machine_id_hashable) {
>> +		pr_warn("No hashable set, will not pass id to kernel\n");
>> +		goto out;
>> +	}
>> +
>> +	hex_id = "systemd.machine_id=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
>> +
>> +	digest = digest_alloc_by_algo(HASH_ALGO_SHA1);
>> +	ret = digest_init(digest);
>> +	if (ret)
>> +		goto out;
>> +
>> +	ret = digest_update(digest, &__machine_id_hashable,
>> +			    __machine_id_hashable_length);
>> +	if (ret)
>> +		goto out;
>> +
>> +	ret = digest_final(digest, machine_id);
>> +	if (ret)
>> +		goto out;
>> +
>> +	/* use the first 16 bytes of the sha1 hash as the machine-id */
>> +	bin2hex(&hex_id[19], &machine_id[0], MACHINE_ID_LENGTH/2);
>> +
>> +	globalvar_add_simple("linux.bootargs.machine_id", &hex_id[0]);
>> +
>> +out:
>> +	digest_free(digest);
>> +	return ret;
>> +
>> +}
>> +late_initcall(machine_id_set_bootarg);
>> diff --git a/include/machine_id.h b/include/machine_id.h
>> new file mode 100644
>> index 0000000000..e4a9dacd4d
>> --- /dev/null
>> +++ b/include/machine_id.h
>> @@ -0,0 +1,6 @@
>> +#ifndef __MACHINE_ID_H__
>> +#define __MACHINE_ID_H__
>> +
>> +void machine_id_set_hashable(void *hashable, size_t len);
>> +
>> +#endif  /* __MACHINE_ID_H__ */
>> -- 
>> 2.20.1
>>
>>
>> _______________________________________________
>> barebox mailing list
>> barebox@xxxxxxxxxxxxxxxxxxx
>> http://lists.infradead.org/mailman/listinfo/barebox
>>
> 

-- 
Pengutronix e.K.                           |                             |
Industrial Linux Solutions                 | http://www.pengutronix.de/  |
Peiner Str. 6-8, 31137 Hildesheim, Germany | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |

_______________________________________________
barebox mailing list
barebox@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/barebox



[Index of Archives]     [Linux Embedded]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]     [XFree86]

  Powered by Linux