Skip to content
Snippets Groups Projects
Verified Commit ac3c4ae8 authored by Josef Schlehofer's avatar Josef Schlehofer
Browse files

Add support for (mox_)do_sign in debugfs

Since kernel 5.9, there was added support for ECDSA signature in turris-mox-rwtm, which can be found in kernel repository [1]. Previously, all these files before it was upstreamed were stored in
/sys/firmware/turris-mox-rwtm, but right now, do_sign or if you prefer
mox_do_sign can be enabled only by kernel option debugfs [2].

By looking at the source code of turris-mox-rwtm [3], we can see that
there is folder turris-mox-rwtm in /sys/kernel/debug, where we can find
the missing file.

Fixes:
sysfs API error: Could not find MOX sign file

[1] https://github.com/torvalds/linux/commit/50524d787de34300ca9189e63afe13e26d782bea
[2] https://cateee.net/lkddb/web-lkddb/DEBUG_FS.html
[3] https://elixir.bootlin.com/linux/latest/source/drivers/firmware/turris-mox-rwtm.c#L438
parent ebc522ae
1 merge request!6Release new kernel support, where do_sign is stored in debugfs
......@@ -4,7 +4,7 @@ MOX OTP python package
import os
__version__ = '0.3'
__version__ = '0.3.1'
# hash algorithm used for message signature
......@@ -14,22 +14,29 @@ HASH_TYPE = "sha512"
# In upstream kernel the path changed to /sys/firmware/turris-mox-rwtm
# and files lost the "mox_" prefix
SYSFS_ROOT_NEW = "/sys/firmware/turris-mox-rwtm"
DEBUGFS_ROOT_NEW = "/sys/kernel/debug/turris-mox-rwtm"
SYSFS_ROOT_OLD = "/sys/devices/platform/soc/soc:internal-regs@d0000000/soc:internal-regs@d0000000:crypto@0"
if os.path.isdir(SYSFS_ROOT_NEW):
SYSFS_ROOT = SYSFS_ROOT_NEW
PUBKEY_FILENAME = "pubkey"
SIGN_FILENAME = "do_sign"
SERIAL_FILENAME = "serial_number"
MAC_FILENAME = "mac_address1"
else:
SYSFS_ROOT = SYSFS_ROOT_OLD
PUBKEY_FILENAME = "mox_pubkey"
SIGN_FILENAME = "mox_do_sign"
SERIAL_FILENAME = "mox_serial_number"
MAC_FILENAME = "mox_mac_address1"
if os.path.isdir(DEBUGFS_ROOT_NEW):
DEBUGFS_ROOT = DEBUGFS_ROOT_NEW
SIGN_FILENAME = "do_sign"
else:
DEBUGFS_ROOT = SYSFS_ROOT_OLD
SIGN_FILENAME = "mox_do_sign"
PUBKEY_PATH = os.path.join(SYSFS_ROOT, PUBKEY_FILENAME)
SIGN_PATH = os.path.join(SYSFS_ROOT, SIGN_FILENAME)
SIGN_PATH = os.path.join(DEBUGFS_ROOT, SIGN_FILENAME)
SERIAL_PATH = os.path.join(SYSFS_ROOT, SERIAL_FILENAME)
MAC_PATH = os.path.join(SYSFS_ROOT, MAC_FILENAME)
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment