Message ID | 20170427042811.14228-7-sjg@chromium.org |
---|---|
State | Accepted |
Delegated to: | Tom Rini |
Headers | show |
Hi Simon, On Thu, Apr 27, 2017 at 4:27 PM, Simon Glass <sjg@chromium.org> wrote: > This converts the following to Kconfig: > CONFIG_CMD_AES > CONFIG_AES > > Signed-off-by: Simon Glass <sjg@chromium.org> > --- > > cmd/Kconfig | 9 +++++++++ > configs/seaboard_defconfig | 1 + > include/configs/amcore.h | 1 - > include/configs/seaboard.h | 1 - > include/configs/topic_miami.h | 1 - > lib/Kconfig | 13 +++++++++++++ > scripts/config_whitelist.txt | 2 -- > 7 files changed, 23 insertions(+), 5 deletions(-) > > diff --git a/cmd/Kconfig b/cmd/Kconfig > index 13dc46a174..a78519297c 100644 > --- a/cmd/Kconfig > +++ b/cmd/Kconfig > @@ -769,6 +769,15 @@ config CMD_REGULATOR > endmenu > > menu "Security commands" > +config CMD_AES > + bool "Enable the 'aes' command" Should this select AES or depend on it? I wondered the same thing about my CMD_DATE and RTC? > + help > + This provides a means to encrypt and decrypt data using the AES > + (Advanced Encryption Standard). This algorithm uses a symetric key > + and is widely used as a streaming cipher. Different key lengths are > + supported by the algorithm but this command only supports 128 bits > + at present. > + > config CMD_TPM > bool "Enable the 'tpm' command" > depends on TPM > diff --git a/configs/seaboard_defconfig b/configs/seaboard_defconfig > index 3e5549c073..9e50f702bf 100644 > --- a/configs/seaboard_defconfig > +++ b/configs/seaboard_defconfig > @@ -38,3 +38,4 @@ CONFIG_USB_KEYBOARD=y > CONFIG_DM_VIDEO=y > CONFIG_VIDEO_TEGRA20=y > CONFIG_CONSOLE_SCROLL_LINES=10 > +CONFIG_AES=y > diff --git a/include/configs/amcore.h b/include/configs/amcore.h > index 4f462d61e0..06d08d4483 100644 > --- a/include/configs/amcore.h > +++ b/include/configs/amcore.h > @@ -30,7 +30,6 @@ > "erase 0xfff00000 0xffffffff; " \ > "cp.b 0x20000 0xfff00000 ${filesize}\0" > > -#undef CONFIG_CMD_AES > #define CONFIG_CMD_DIAG > > /* undef to save memory */ > diff --git a/include/configs/seaboard.h b/include/configs/seaboard.h > index 671afa71ec..661d1fee6f 100644 > --- a/include/configs/seaboard.h > +++ b/include/configs/seaboard.h > @@ -12,7 +12,6 @@ > > /* LP0 suspend / resume */ > #define CONFIG_TEGRA_LP0 > -#define CONFIG_AES > #define CONFIG_TEGRA_PMU > #define CONFIG_TPS6586X_POWER > #define CONFIG_TEGRA_CLOCK_SCALING > diff --git a/include/configs/topic_miami.h b/include/configs/topic_miami.h > index a56ceef85a..23160bd88d 100644 > --- a/include/configs/topic_miami.h > +++ b/include/configs/topic_miami.h > @@ -142,6 +142,5 @@ > /* Further tweaks to reduce image size */ > #undef CONFIG_CMD_BOOTZ > #undef CONFIG_CMD_NET > -#undef CONFIG_CMD_AES > > #endif /* __CONFIG_TOPIC_MIAMI_H */ > diff --git a/lib/Kconfig b/lib/Kconfig > index a0d5d926eb..db0915153c 100644 > --- a/lib/Kconfig > +++ b/lib/Kconfig > @@ -66,6 +66,17 @@ config RBTREE > > source lib/dhry/Kconfig > > +menu "Security support" > + > +config AES > + bool "Support the AES algorithm" > + help > + This provides a means to encrypt and decrypt data using the AES > + (Advanced Encryption Standard). This algorithm uses a symetric key > + and is widely used as a streaming cipher. Different key lengths are > + supported by the algorithm but only a 128-bit key is supported at > + present. > + > source lib/rsa/Kconfig > > config TPM > @@ -79,6 +90,8 @@ config TPM > for the low-level TPM interface, but only one TPM is supported at > a time by the TPM library. > > +endmenu > + > menu "Hashing Support" > > config SHA1 > diff --git a/scripts/config_whitelist.txt b/scripts/config_whitelist.txt > index 39228ec1c5..139c77b9bd 100644 > --- a/scripts/config_whitelist.txt > +++ b/scripts/config_whitelist.txt > @@ -70,7 +70,6 @@ CONFIG_ADNPESC1 > CONFIG_ADP_AG101P > CONFIG_AEABI > CONFIG_AEMIF_CNTRL_BASE > -CONFIG_AES > CONFIG_ALTERA_SDRAM > CONFIG_ALTERA_SPI_IDLE_VAL > CONFIG_ALTIVEC > @@ -394,7 +393,6 @@ CONFIG_CM922T_XA10 > CONFIG_CMDLINE_EDITING > CONFIG_CMDLINE_PS_SUPPORT > CONFIG_CMDLINE_TAG > -CONFIG_CMD_AES > CONFIG_CMD_ASKEN > CONFIG_CMD_BAT > CONFIG_CMD_BEDBUG > -- > 2.13.0.rc0.306.g87b477812d-goog > > _______________________________________________ > U-Boot mailing list > U-Boot@lists.denx.de > https://lists.denx.de/listinfo/u-boot
On Fri, Apr 28, 2017 at 05:10:33AM +1200, Chris Packham wrote: > Hi Simon, > > On Thu, Apr 27, 2017 at 4:27 PM, Simon Glass <sjg@chromium.org> wrote: > > This converts the following to Kconfig: > > CONFIG_CMD_AES > > CONFIG_AES > > > > Signed-off-by: Simon Glass <sjg@chromium.org> > > --- > > > > cmd/Kconfig | 9 +++++++++ > > configs/seaboard_defconfig | 1 + > > include/configs/amcore.h | 1 - > > include/configs/seaboard.h | 1 - > > include/configs/topic_miami.h | 1 - > > lib/Kconfig | 13 +++++++++++++ > > scripts/config_whitelist.txt | 2 -- > > 7 files changed, 23 insertions(+), 5 deletions(-) > > > > diff --git a/cmd/Kconfig b/cmd/Kconfig > > index 13dc46a174..a78519297c 100644 > > --- a/cmd/Kconfig > > +++ b/cmd/Kconfig > > @@ -769,6 +769,15 @@ config CMD_REGULATOR > > endmenu > > > > menu "Security commands" > > +config CMD_AES > > + bool "Enable the 'aes' command" > > Should this select AES or depend on it? I wondered the same thing > about my CMD_DATE and RTC? In this case, likely yes. In the case of date, I think we need a little more Kconfig symbols to be able to do that, so for now, it's probably not worth it. Once everything is in DM however, then, yes.
On Wed, Apr 26, 2017 at 10:27:49PM -0600, Simon Glass wrote: > This converts the following to Kconfig: > CONFIG_CMD_AES > CONFIG_AES > > Signed-off-by: Simon Glass <sjg@chromium.org> Add select AES to CMD_AES and applied to u-boot/master, thanks!
diff --git a/cmd/Kconfig b/cmd/Kconfig index 13dc46a174..a78519297c 100644 --- a/cmd/Kconfig +++ b/cmd/Kconfig @@ -769,6 +769,15 @@ config CMD_REGULATOR endmenu menu "Security commands" +config CMD_AES + bool "Enable the 'aes' command" + help + This provides a means to encrypt and decrypt data using the AES + (Advanced Encryption Standard). This algorithm uses a symetric key + and is widely used as a streaming cipher. Different key lengths are + supported by the algorithm but this command only supports 128 bits + at present. + config CMD_TPM bool "Enable the 'tpm' command" depends on TPM diff --git a/configs/seaboard_defconfig b/configs/seaboard_defconfig index 3e5549c073..9e50f702bf 100644 --- a/configs/seaboard_defconfig +++ b/configs/seaboard_defconfig @@ -38,3 +38,4 @@ CONFIG_USB_KEYBOARD=y CONFIG_DM_VIDEO=y CONFIG_VIDEO_TEGRA20=y CONFIG_CONSOLE_SCROLL_LINES=10 +CONFIG_AES=y diff --git a/include/configs/amcore.h b/include/configs/amcore.h index 4f462d61e0..06d08d4483 100644 --- a/include/configs/amcore.h +++ b/include/configs/amcore.h @@ -30,7 +30,6 @@ "erase 0xfff00000 0xffffffff; " \ "cp.b 0x20000 0xfff00000 ${filesize}\0" -#undef CONFIG_CMD_AES #define CONFIG_CMD_DIAG /* undef to save memory */ diff --git a/include/configs/seaboard.h b/include/configs/seaboard.h index 671afa71ec..661d1fee6f 100644 --- a/include/configs/seaboard.h +++ b/include/configs/seaboard.h @@ -12,7 +12,6 @@ /* LP0 suspend / resume */ #define CONFIG_TEGRA_LP0 -#define CONFIG_AES #define CONFIG_TEGRA_PMU #define CONFIG_TPS6586X_POWER #define CONFIG_TEGRA_CLOCK_SCALING diff --git a/include/configs/topic_miami.h b/include/configs/topic_miami.h index a56ceef85a..23160bd88d 100644 --- a/include/configs/topic_miami.h +++ b/include/configs/topic_miami.h @@ -142,6 +142,5 @@ /* Further tweaks to reduce image size */ #undef CONFIG_CMD_BOOTZ #undef CONFIG_CMD_NET -#undef CONFIG_CMD_AES #endif /* __CONFIG_TOPIC_MIAMI_H */ diff --git a/lib/Kconfig b/lib/Kconfig index a0d5d926eb..db0915153c 100644 --- a/lib/Kconfig +++ b/lib/Kconfig @@ -66,6 +66,17 @@ config RBTREE source lib/dhry/Kconfig +menu "Security support" + +config AES + bool "Support the AES algorithm" + help + This provides a means to encrypt and decrypt data using the AES + (Advanced Encryption Standard). This algorithm uses a symetric key + and is widely used as a streaming cipher. Different key lengths are + supported by the algorithm but only a 128-bit key is supported at + present. + source lib/rsa/Kconfig config TPM @@ -79,6 +90,8 @@ config TPM for the low-level TPM interface, but only one TPM is supported at a time by the TPM library. +endmenu + menu "Hashing Support" config SHA1 diff --git a/scripts/config_whitelist.txt b/scripts/config_whitelist.txt index 39228ec1c5..139c77b9bd 100644 --- a/scripts/config_whitelist.txt +++ b/scripts/config_whitelist.txt @@ -70,7 +70,6 @@ CONFIG_ADNPESC1 CONFIG_ADP_AG101P CONFIG_AEABI CONFIG_AEMIF_CNTRL_BASE -CONFIG_AES CONFIG_ALTERA_SDRAM CONFIG_ALTERA_SPI_IDLE_VAL CONFIG_ALTIVEC @@ -394,7 +393,6 @@ CONFIG_CM922T_XA10 CONFIG_CMDLINE_EDITING CONFIG_CMDLINE_PS_SUPPORT CONFIG_CMDLINE_TAG -CONFIG_CMD_AES CONFIG_CMD_ASKEN CONFIG_CMD_BAT CONFIG_CMD_BEDBUG
This converts the following to Kconfig: CONFIG_CMD_AES CONFIG_AES Signed-off-by: Simon Glass <sjg@chromium.org> --- cmd/Kconfig | 9 +++++++++ configs/seaboard_defconfig | 1 + include/configs/amcore.h | 1 - include/configs/seaboard.h | 1 - include/configs/topic_miami.h | 1 - lib/Kconfig | 13 +++++++++++++ scripts/config_whitelist.txt | 2 -- 7 files changed, 23 insertions(+), 5 deletions(-)