boot: Show an indication for encrypted bootflows

We don't support storing the OS on an encrypted partition, but in some
cases the root partition may be encrypted. Add an indication of this
when listing the bootflows.

Signed-off-by: Simon Glass <simon.glass@canonical.com>

boot/bootflow.c

@@ -108,11 +108,12 @@ static void report_bootflow_err(struct bootflow *bflow, int err)
 void bootflow_show(int index, struct bootflow *bflow, bool errors)
 {
 	const char *name = bootflow_guess_label(bflow);
+	char enc_mark = (bflow->flags & BOOTFLOWF_ENCRYPTED) ? 'E' : ' ';
 
-	printf("%3x  %-11s  %-6s  %-9.9s %4x  %-25.25s %s\n", index,
+	printf("%3x  %-11s  %-6s  %-9.9s %4x  %c  %-25.25s %s\n", index,
 	       bflow->method ? bflow->method->name : "(none)",
 	       bootflow_state_get_name(bflow->state), name, bflow->part,
-	       bflow->name, bflow->fname ?: "");
+	       enc_mark, bflow->name, bflow->fname ?: "");
 	if (errors)
 		report_bootflow_err(bflow, bflow->err);
 }

cmd/bootflow.c

@@ -20,13 +20,13 @@
 
 static void show_header(void)
 {
-	printf("Seq  Method       State   Uclass    Part  Name                      Filename\n");
-	printf("---  -----------  ------  --------  ----  ------------------------  ----------------\n");
+	printf("Seq  Method       State   Uclass    Part  E  Name                      Filename\n");
+	printf("---  -----------  ------  --------  ----  -  ------------------------  ----------------\n");
 }
 
 static void show_footer(int count, int num_valid)
 {
-	printf("---  -----------  ------  --------  ----  ------------------------  ----------------\n");
+	printf("---  -----------  ------  --------  ----  -  ------------------------  ----------------\n");
 	printf("(%d bootflow%s, %d valid)\n", count, count != 1 ? "s" : "",
 	       num_valid);
 }
@@ -370,6 +370,15 @@ static int do_bootflow_info(struct cmd_tbl *cmdtp, int flag, int argc,
 	printf("Method:    %s\n", bflow->method ? bflow->method->name : "(none)");
 	printf("State:     %s\n", bootflow_state_get_name(bflow->state));
 	printf("Partition: %d\n", bflow->part);
+
+	/* Show encryption status with LUKS version if applicable */
+	if (IS_ENABLED(CONFIG_BLK_LUKS)) {
+		if (bflow->flags & BOOTFLOWF_ENCRYPTED)
+			printf("Encrypted: LUKSv%d\n", bflow->luks_version);
+		else
+			printf("Encrypted: no\n");
+	}
+
 	printf("Subdir:    %s\n", bflow->subdir ? bflow->subdir : "(none)");
 	printf("Filename:  %s\n", bflow->fname);
 	printf("Buffer:    ");

include/bootflow.h

@@ -55,12 +55,14 @@ enum bootflow_state_t {
  * @BOOTFLOWF_USE_BUILTIN_FDT: Indicates that current bootflow uses built-in FDT
  * @BOOTFLOWF_FAKE_GO: Do a 'fake' boot, up to the last possible point, then
  * return
+ * @BOOTFLOWF_ENCRYPTED: Indicates that the partition is encrypted (e.g., LUKS)
  */
 enum bootflow_flags_t {
 	BOOTFLOWF_USE_PRIOR_FDT		= BIT(0),
 	BOOTFLOWF_STATIC_BUF		= BIT(1),
 	BOOTFLOWF_USE_BUILTIN_FDT	= BIT(2),
 	BOOTFLOWF_FAKE_GO		= BIT(3),
+	BOOTFLOWF_ENCRYPTED		= BIT(4),
 };
 
 /**
@@ -93,6 +95,7 @@ enum bootflow_flags_t {
  * @fdt_size: Size of FDT file
  * @fdt_addr: Address of loaded fdt
  * @flags: Flags for the bootflow (see enum bootflow_flags_t)
+ * @luks_version: LUKS version (1 or 2) if BOOTFLOWF_ENCRYPTED is set, else 0
  * @cmdline: OS command line, or NULL if not known (allocated)
  * @x86_setup: Pointer to x86 setup block inside @buf, NULL if not present
  * @bootmeth_priv: Private data for the bootmeth
@@ -118,6 +121,7 @@ struct bootflow {
 	int fdt_size;
 	ulong fdt_addr;
 	int flags;
+	int luks_version;
 	char *cmdline;
 	void *x86_setup;
 	void *bootmeth_priv;

test/boot/bootflow.c

@@ -40,8 +40,8 @@ extern U_BOOT_DRIVER(bootmeth_2script);
 static u16 __efi_runtime_data test_vendor[] = u"U-Boot testing";
 
 /* comment test strings */
-#define HEADER	"Seq  Method       State   Uclass    Part  Name                      Filename"
-#define EXT0	"  0  extlinux     ready   mmc          1  mmc1.bootdev.part_1       /extlinux/extlinux.conf"
+#define HEADER	"Seq  Method       State   Uclass    Part  E  Name                      Filename"
+#define EXT0	"  0  extlinux     ready   mmc          1     mmc1.bootdev.part_1       /extlinux/extlinux.conf"
 
 static int inject_response(struct unit_test_state *uts)
 {
@@ -194,28 +194,28 @@ static int bootflow_cmd_scan_e(struct unit_test_state *uts)
 	ut_assert_nextline(HEADER);
 	ut_assert_nextlinen("---");
 	ut_assert_nextline("Scanning bootdev 'mmc2.bootdev':");
-	ut_assert_nextline("  0  extlinux     media   mmc          0  mmc2.bootdev.whole        ");
+	ut_assert_nextline("  0  extlinux     media   mmc          0     mmc2.bootdev.whole        ");
 	ut_assert_nextline("     ** No partition found, err=-93: Protocol not supported");
-	ut_assert_nextline("  1  efi          media   mmc          0  mmc2.bootdev.whole        ");
+	ut_assert_nextline("  1  efi          media   mmc          0     mmc2.bootdev.whole        ");
 	ut_assert_nextline("     ** No partition found, err=-93: Protocol not supported");
-	ut_assert_nextline("  2  vbe          media   mmc          0  mmc2.bootdev.whole        ");
+	ut_assert_nextline("  2  vbe          media   mmc          0     mmc2.bootdev.whole        ");
 	ut_assert_nextline("     ** No partition found, err=-93: Protocol not supported");
 
 	ut_assert_nextline("Scanning bootdev 'mmc1.bootdev':");
-	ut_assert_nextline("  3  extlinux     media   mmc          0  mmc1.bootdev.whole        ");
+	ut_assert_nextline("  3  extlinux     media   mmc          0     mmc1.bootdev.whole        ");
 	ut_assert_nextline("     ** No partition found, err=-2: No such file or directory");
-	ut_assert_nextline("  4  efi          media   mmc          0  mmc1.bootdev.whole        ");
+	ut_assert_nextline("  4  efi          media   mmc          0     mmc1.bootdev.whole        ");
 	ut_assert_nextline("     ** No partition found, err=-2: No such file or directory");
-	ut_assert_nextline("  5  vbe          media   mmc          0  mmc1.bootdev.whole        ");
+	ut_assert_nextline("  5  vbe          media   mmc          0     mmc1.bootdev.whole        ");
 	ut_assert_nextline("     ** No partition found, err=-2: No such file or directory");
-	ut_assert_nextline("  6  extlinux     ready   mmc          1  mmc1.bootdev.part_1       /extlinux/extlinux.conf");
+	ut_assert_nextline("  6  extlinux     ready   mmc          1     mmc1.bootdev.part_1       /extlinux/extlinux.conf");
 	ut_assert_nextline(
-		"  7  efi          fs      mmc          1  mmc1.bootdev.part_1       /EFI/BOOT/%s",
+		"  7  efi          fs      mmc          1     mmc1.bootdev.part_1       /EFI/BOOT/%s",
 		efi_get_basename());
 
 	ut_assert_skip_to_line("Scanning bootdev 'mmc0.bootdev':");
 	ut_assert_skip_to_line(
-		" 5f  vbe          media   mmc          0  mmc0.bootdev.whole        ");
+		" 5f  vbe          media   mmc          0     mmc0.bootdev.whole        ");
 	ut_assert_nextline("     ** No partition found, err=-93: Protocol not supported");
 	ut_assert_nextline("No more bootdevs");
 	ut_assert_nextlinen("---");
@@ -226,9 +226,9 @@ static int bootflow_cmd_scan_e(struct unit_test_state *uts)
 	ut_assert_nextline("Showing all bootflows");
 	ut_assert_nextline(HEADER);
 	ut_assert_nextlinen("---");
-	ut_assert_nextline("  0  extlinux     media   mmc          0  mmc2.bootdev.whole        ");
-	ut_assert_nextline("  1  efi          media   mmc          0  mmc2.bootdev.whole        ");
-	ut_assert_skip_to_line(" 5f  vbe          media   mmc          0  mmc0.bootdev.whole        ");
+	ut_assert_nextline("  0  extlinux     media   mmc          0     mmc2.bootdev.whole        ");
+	ut_assert_nextline("  1  efi          media   mmc          0     mmc2.bootdev.whole        ");
+	ut_assert_skip_to_line(" 5f  vbe          media   mmc          0     mmc0.bootdev.whole        ");
 	ut_assert_nextlinen("---");
 	ut_assert_nextline("(96 bootflows, 1 valid)");
 	ut_assert_console_end();
@@ -253,6 +253,8 @@ static int bootflow_cmd_info(struct unit_test_state *uts)
 	ut_assert_nextline("Method:    extlinux");
 	ut_assert_nextline("State:     ready");
 	ut_assert_nextline("Partition: 1");
+	if (IS_ENABLED(CONFIG_BLK_LUKS))
+		ut_assert_nextline("Encrypted: no");
 	ut_assert_nextline("Subdir:    (none)");
 	ut_assert_nextline("Filename:  /extlinux/extlinux.conf");
 	ut_assert_nextlinen("Buffer:    ");
@@ -503,7 +505,7 @@ static int bootflow_system(struct unit_test_state *uts)
 	bootstd_clear_glob();
 	ut_assertok(run_command("bootflow scan -lH", 0));
 	ut_assert_skip_to_line(
-		"  1  efi_mgr      ready   (none)       0  <NULL>                    ");
+		"  1  efi_mgr      ready   (none)       0     <NULL>                    ");
 	ut_assert_skip_to_line("No more bootdevs");
 	ut_assert_skip_to_line("(2 bootflows, 2 valid)");
 	ut_assert_console_end();
@@ -1309,8 +1311,8 @@ static int bootflow_cros(struct unit_test_state *uts)
 	ut_assert_nextlinen("Seq");
 	ut_assert_nextlinen("---");
 	ut_assert_nextlinen("  0  extlinux");
-	ut_assert_nextlinen("  1  cros         ready   mmc          2  mmc5.bootdev.part_2       ");
-	ut_assert_nextlinen("  2  cros         ready   mmc          4  mmc5.bootdev.part_4       ");
+	ut_assert_nextlinen("  1  cros         ready   mmc          2     mmc5.bootdev.part_2       ");
+	ut_assert_nextlinen("  2  cros         ready   mmc          4     mmc5.bootdev.part_4       ");
 	ut_assert_nextlinen("---");
 	ut_assert_skip_to_line("(3 bootflows, 3 valid)");
 
@@ -1346,7 +1348,7 @@ static int bootflow_android_image_v4(struct unit_test_state *uts)
 	ut_assert_nextlinen("Seq");
 	ut_assert_nextlinen("---");
 	ut_assert_nextlinen("  0  extlinux");
-	ut_assert_nextlinen("  1  android      ready   mmc          0  mmc7.bootdev.whole        ");
+	ut_assert_nextlinen("  1  android      ready   mmc          0     mmc7.bootdev.whole        ");
 	ut_assert_nextlinen("---");
 	ut_assert_skip_to_line("(2 bootflows, 2 valid)");
 
@@ -1369,7 +1371,7 @@ static int bootflow_android_image_v2(struct unit_test_state *uts)
 	ut_assert_nextlinen("Seq");
 	ut_assert_nextlinen("---");
 	ut_assert_nextlinen("  0  extlinux");
-	ut_assert_nextlinen("  1  android      ready   mmc          0  mmc8.bootdev.whole        ");
+	ut_assert_nextlinen("  1  android      ready   mmc          0     mmc8.bootdev.whole        ");
 	ut_assert_nextlinen("---");
 	ut_assert_skip_to_line("(2 bootflows, 2 valid)");
 
@@ -1415,9 +1417,9 @@ static int bootflow_efi(struct unit_test_state *uts)
 	ut_assert_nextlinen("---");
 	ut_assert_nextlinen("  0  extlinux");
 	ut_assert_nextlinen(
-		"  1  efi          ready   usb          1  hub1.p2.usb_mass_storage. /EFI/BOOT/BOOTSBOX.EFI");
+		"  1  efi          ready   usb          1     hub1.p2.usb_mass_storage. /EFI/BOOT/BOOTSBOX.EFI");
 	ut_assert_nextlinen(
-		"  2  extlinux     ready   usb          1  hub1.p4.usb_mass_storage. /extlinux/extlinux.conf");
+		"  2  extlinux     ready   usb          1     hub1.p4.usb_mass_storage. /extlinux/extlinux.conf");
 	ut_assert_nextlinen("---");
 	ut_assert_skip_to_line("(3 bootflows, 3 valid)");
 	ut_assert_console_end();