From patchwork Tue Aug 24 00:53:16 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alexandru Gagniuc X-Patchwork-Id: 1520053 X-Patchwork-Delegate: trini@ti.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.denx.de (client-ip=85.214.62.61; helo=phobos.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20161025 header.b=H4di61dq; dkim-atps=neutral Received: from phobos.denx.de (phobos.denx.de [85.214.62.61]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4GtrGB6lq7z9sWl for ; Tue, 24 Aug 2021 10:53:54 +1000 (AEST) Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 9797982D9B; Tue, 24 Aug 2021 02:53:51 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="H4di61dq"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id D8FD682D95; Tue, 24 Aug 2021 02:53:30 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM,SPF_HELO_NONE, SPF_PASS autolearn=ham autolearn_force=no version=3.4.2 Received: from mail-ot1-x329.google.com (mail-ot1-x329.google.com [IPv6:2607:f8b0:4864:20::329]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 266A682D9B for ; Tue, 24 Aug 2021 02:53:26 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=mr.nuke.me@gmail.com Received: by mail-ot1-x329.google.com with SMTP id o16-20020a9d2210000000b0051b1e56c98fso26593427ota.8 for ; Mon, 23 Aug 2021 17:53:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=jR+ILsbkoR+Ji9lvxaqwKfkhcxJnbWlR1jJiidIgktQ=; b=H4di61dqebGyJlSFsLodEql2JR9uqB00lBobcdXucpYtQy5Knr6Q4fe1mQxxPYhqhP n82JcjnzeGMGZK2B3wDyb7Ltx3mi20dTylhpV2cLovhm3wZrDgjWkt3RoKjxgSVi0aC6 A96r/mRFkK8d0d3jORszUPtxs2nGmINmWancM6yEiIPowmTLA3GuIylGOyEwv4wwDgkO 2OXPhUtIZhT7pFpff56+EkXFVo438OM5ciYyzcaTcihnL1sMWWQDz7L8uB6sufoN2bIh rxb1WzamHtMOv7WOqfFWWqgHyB+VWdSbS8tyVBCBAo2EAZtgc4jDUj/KTtOEGzxYf6gw DHhw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=jR+ILsbkoR+Ji9lvxaqwKfkhcxJnbWlR1jJiidIgktQ=; b=ZPdgGgFCvfu6DoQ3trLnoijFUX3BuDhxnibrPbvX+5j40xYbcuKfPP1snhe9LLxd1f yYdjnqkbOBr0n0GZ0pTG3XesfVme5XZZtky9Ou+mz5b+TPvKWsflZV0z+YBIGtzlA6kn PcL7SVdyQ/v0yqjKaH4QPsU+QiieFDJv8YRXFJd18+dNn25MBHjB/huC/ZiK6Znpb3bw ww5n7JhPb3SPfFFq0kiNNbP2tQISuh0F1NuX0wAR06bR7m0NHW2wdE/IbLfdqwudDk4s fmCXVWMVKRQmEmBW89+cVMtgq9T/pqYxujm+5iJ2XYcBRW7QxXO+uwAkTXUk7qAbvV08 l05Q== X-Gm-Message-State: AOAM530HqAOPDN6aCUkLUz9GpHlNb1Sh1dpThXGszQ6qMUri9Mge0Kqm tFanWG3Y1PtRTTpzOeSFEdw= X-Google-Smtp-Source: ABdhPJzxNUKXxIFGo1mrLuovNgJGUqvSJVD3Y6xB5IMZe6jQgzcGUbORTpGiUUi+ZVdERYRby7Y3Nw== X-Received: by 2002:a9d:70cc:: with SMTP id w12mr26617409otj.306.1629766404789; Mon, 23 Aug 2021 17:53:24 -0700 (PDT) Received: from nuclearis3.lan (c-98-195-139-126.hsd1.tx.comcast.net. [98.195.139.126]) by smtp.gmail.com with ESMTPSA id h14sm4229142otm.5.2021.08.23.17.53.23 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 23 Aug 2021 17:53:24 -0700 (PDT) From: Alexandru Gagniuc To: trini@konsulko.com, u-boot@lists.denx.de Cc: sjg@chromium.org, Alexandru Gagniuc Subject: [PATCH 1/5] common: Remove unused CONFIG_FIT_SHAxxx selectors Date: Mon, 23 Aug 2021 19:53:16 -0500 Message-Id: <20210824005320.3647668-2-mr.nuke.me@gmail.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20210824005320.3647668-1-mr.nuke.me@gmail.com> References: <20210824005320.3647668-1-mr.nuke.me@gmail.com> MIME-Version: 1.0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.34 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.2 at phobos.denx.de X-Virus-Status: Clean Originally CONFIG_FIT_SHAxxx enabled specific SHA algos for and only for has_calculate() in common/image-fit.c. However, since commit 14f061dcb1 ("image: Drop IMAGE_ENABLE_SHAxxx"), the correct selector was changed to CONFIG_SHAxxx. The extra "_FIT_" variants are neither used, nor needed. Remove them. One defconfig disables FIT_SHA256, which is now changed to 'SHA256'. Note that SHA selection in SPL is broken for this exact reason. There is no corresponding SPL_SHAxxx. Fixing this is is beyond the scope of this change. Signed-off-by: Alexandru Gagniuc --- common/Kconfig.boot | 28 --------------------- common/spl/Kconfig | 42 -------------------------------- configs/mt8516_pumpkin_defconfig | 2 +- include/image.h | 3 --- 4 files changed, 1 insertion(+), 74 deletions(-) diff --git a/common/Kconfig.boot b/common/Kconfig.boot index 0d4c38402c..2399d5849e 100644 --- a/common/Kconfig.boot +++ b/common/Kconfig.boot @@ -35,34 +35,6 @@ config FIT_EXTERNAL_OFFSET could be put in the hole between data payload and fit image header, such as CSF data on i.MX platform. -config FIT_SHA256 - bool "Support SHA256 checksum of FIT image contents" - default y - select SHA256 - help - Enable this to support SHA256 checksum of FIT image contents. A - SHA256 checksum is a 256-bit (32-byte) hash value used to check that - the image contents have not been corrupted. - -config FIT_SHA384 - bool "Support SHA384 checksum of FIT image contents" - default n - select SHA384 - help - Enable this to support SHA384 checksum of FIT image contents. A - SHA384 checksum is a 384-bit (48-byte) hash value used to check that - the image contents have not been corrupted. Use this for the highest - security. - -config FIT_SHA512 - bool "Support SHA512 checksum of FIT image contents" - default n - select SHA512 - help - Enable this to support SHA512 checksum of FIT image contents. A - SHA512 checksum is a 512-bit (64-byte) hash value used to check that - the image contents have not been corrupted. - config FIT_FULL_CHECK bool "Do a full check of the FIT before using it" default y diff --git a/common/spl/Kconfig b/common/spl/Kconfig index c155a3b5fc..d69d1fa5f7 100644 --- a/common/spl/Kconfig +++ b/common/spl/Kconfig @@ -439,48 +439,6 @@ config SPL_MD5 applications where images may be changed maliciously, you should consider SHA256 or SHA384. -config SPL_FIT_SHA1 - bool "Support SHA1" - depends on SPL_FIT - select SHA1 - help - Enable this to support SHA1 in FIT images within SPL. A SHA1 - checksum is a 160-bit (20-byte) hash value used to check that the - image contents have not been corrupted or maliciously altered. - While SHA1 is fairly secure it is coming to the end of its life - due to the expanding computing power available to brute-force - attacks. For more security, consider SHA256 or SHA384. - -config SPL_FIT_SHA256 - bool "Support SHA256" - depends on SPL_FIT - select SHA256 - help - Enable this to support SHA256 in FIT images within SPL. A SHA256 - checksum is a 256-bit (32-byte) hash value used to check that the - image contents have not been corrupted. - -config SPL_FIT_SHA384 - bool "Support SHA384" - depends on SPL_FIT - select SHA384 - select SHA512_ALGO - help - Enable this to support SHA384 in FIT images within SPL. A SHA384 - checksum is a 384-bit (48-byte) hash value used to check that the - image contents have not been corrupted. Use this for the highest - security. - -config SPL_FIT_SHA512 - bool "Support SHA512" - depends on SPL_FIT - select SHA512 - select SHA512_ALGO - help - Enable this to support SHA512 in FIT images within SPL. A SHA512 - checksum is a 512-bit (64-byte) hash value used to check that the - image contents have not been corrupted. - config SPL_FIT_IMAGE_TINY bool "Remove functionality from SPL FIT loading to reduce size" depends on SPL_FIT diff --git a/configs/mt8516_pumpkin_defconfig b/configs/mt8516_pumpkin_defconfig index 0a6c1fccae..1478b01716 100644 --- a/configs/mt8516_pumpkin_defconfig +++ b/configs/mt8516_pumpkin_defconfig @@ -13,7 +13,7 @@ CONFIG_DEBUG_UART_CLOCK=26000000 # CONFIG_PSCI_RESET is not set CONFIG_DEBUG_UART=y CONFIG_FIT=y -# CONFIG_FIT_SHA256 is not set +# CONFIG_SHA256 is not set # CONFIG_ARCH_FIXUP_FDT_MEMORY is not set CONFIG_DEFAULT_FDT_FILE="mt8516-pumpkin" # CONFIG_DISPLAY_BOARDINFO is not set diff --git a/include/image.h b/include/image.h index e20f0b69d5..489b220eba 100644 --- a/include/image.h +++ b/include/image.h @@ -31,9 +31,6 @@ struct fdt_region; #define IMAGE_ENABLE_OF_LIBFDT 1 #define CONFIG_FIT_VERBOSE 1 /* enable fit_format_{error,warning}() */ #define CONFIG_FIT_RSASSA_PSS 1 -#define CONFIG_FIT_SHA256 -#define CONFIG_FIT_SHA384 -#define CONFIG_FIT_SHA512 #define CONFIG_SHA1 #define CONFIG_SHA256 #define CONFIG_SHA384 From patchwork Tue Aug 24 00:53:17 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alexandru Gagniuc X-Patchwork-Id: 1520054 X-Patchwork-Delegate: trini@ti.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.denx.de (client-ip=2a01:238:438b:c500:173d:9f52:ddab:ee01; helo=phobos.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20161025 header.b=r2ajqGnQ; dkim-atps=neutral Received: from phobos.denx.de (phobos.denx.de [IPv6:2a01:238:438b:c500:173d:9f52:ddab:ee01]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4GtrGQ4TCNz9sWl for ; Tue, 24 Aug 2021 10:54:06 +1000 (AEST) Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 1728E82DCE; Tue, 24 Aug 2021 02:53:58 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="r2ajqGnQ"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id D25B682DF0; Tue, 24 Aug 2021 02:53:35 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM,SPF_HELO_NONE, SPF_PASS autolearn=ham autolearn_force=no version=3.4.2 Received: from mail-ot1-x32b.google.com (mail-ot1-x32b.google.com [IPv6:2607:f8b0:4864:20::32b]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id A961D82DB0 for ; Tue, 24 Aug 2021 02:53:27 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=mr.nuke.me@gmail.com Received: by mail-ot1-x32b.google.com with SMTP id c19-20020a9d6153000000b0051829acbfc7so41387463otk.9 for ; Mon, 23 Aug 2021 17:53:27 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=hn34y2tyrCHUi2i3kvcC8kl0mQzEJgB/7vVFjhwgtoE=; b=r2ajqGnQuiuXNFHtikRzwLdOiDz3r30XOZbmiLtBfhqeaz7xKie15kLS17zjI5FyBw FSaX6t3E3EaEcnhQqER4zmYR3qotondfile2vTF5Zzz4KPeo5xjGJBoFP9d30r36l//n M46QSq/3NDXFgef0/QfR2NxtWWrfBhY4mgHJ6ab20u72rzRNT6RrPJ0CyOV7bbPOVxra T0/5dANgbTIdZLGlsCTClyORa/QhsvlWHnr2yzAgg1u9K83vdPKpz6DR1WmQ6UcIpPE8 4wafan1NVlebp602W8zQbI6PuGv/jjttT+JqGYlBdMHYPxfwTQzhp8gqVCVMByNhNijv Ho8w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=hn34y2tyrCHUi2i3kvcC8kl0mQzEJgB/7vVFjhwgtoE=; b=rTRDSXhzqsdXnWylxjCszkQGVYt53rlTIigJzYiAR45GYkIS2rtpaYmmkOyasSXcW2 L4eecu39DTknZgXZ80b+ZQiajVbnaVrm+O+NBNRR6bZ5Od8fk/GQb7Rl6vZNZ+P14bQC Eb7okZghDJfxSElVYp1UzvcwXp+xovcnNUcLA8W4NwDwnOvbQLXd52zPLEFH4vV9hLyN 13A3hYFKcmWHGDpcBbisas7ollbf/3mhwRhYeZCZzQBY0FtPF7+1ette68WgVydjpKzo 2gwX8ClFYUVoVdqIBrc7XkjXevb7O3wIRjZ6KngH9DQJOZE0J32CSS1PJjmqjGXSuLOJ dyqw== X-Gm-Message-State: AOAM5320FZoxXViadDvOzd989GSDCnIhkWZkXskPo+7J4EpLOPFaCp+0 llkfXAYgfTnJnuOlQ3j3jDg= X-Google-Smtp-Source: ABdhPJzj/iQOmQXVXUufP+jpO/X5bTmuxgaN22RDBJGaVpUtotdBKfdA78L4W0nKUc4+8oRZqnajNQ== X-Received: by 2002:a9d:491c:: with SMTP id e28mr29154486otf.342.1629766406124; Mon, 23 Aug 2021 17:53:26 -0700 (PDT) Received: from nuclearis3.lan (c-98-195-139-126.hsd1.tx.comcast.net. [98.195.139.126]) by smtp.gmail.com with ESMTPSA id h14sm4229142otm.5.2021.08.23.17.53.24 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 23 Aug 2021 17:53:25 -0700 (PDT) From: Alexandru Gagniuc To: trini@konsulko.com, u-boot@lists.denx.de Cc: sjg@chromium.org, Alexandru Gagniuc Subject: [PATCH 2/5] lib: Drop SHA512_ALGO in lieu of SHA512 Date: Mon, 23 Aug 2021 19:53:17 -0500 Message-Id: <20210824005320.3647668-3-mr.nuke.me@gmail.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20210824005320.3647668-1-mr.nuke.me@gmail.com> References: <20210824005320.3647668-1-mr.nuke.me@gmail.com> MIME-Version: 1.0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.34 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.2 at phobos.denx.de X-Virus-Status: Clean SHA512_ALGO was used as a "either SHA512 or SHA384", although the implementations of these two algorithms share a majority of code. From a Kconfig interface perspective, it makes sense to present two distinct options. This requires #ifdefing out the SHA512 implementation from sha512.c. The latter doesn't make any sense. It's reasonable to say in Kconfig that SHA384 depends on SHA512, and seems to be the more polite way to handle the selection. Thus, automatically select SHA512 when SHA384 is enabled. Signed-off-by: Alexandru Gagniuc --- arch/arm/mach-socfpga/Kconfig | 2 +- lib/Kconfig | 12 ++++-------- lib/Makefile | 2 +- lib/crypt/Kconfig | 2 +- lib/efi_loader/Kconfig | 2 +- lib/sha512.c | 2 -- 6 files changed, 8 insertions(+), 14 deletions(-) diff --git a/arch/arm/mach-socfpga/Kconfig b/arch/arm/mach-socfpga/Kconfig index 0c35406232..5d95530292 100644 --- a/arch/arm/mach-socfpga/Kconfig +++ b/arch/arm/mach-socfpga/Kconfig @@ -11,7 +11,7 @@ config SOCFPGA_SECURE_VAB_AUTH depends on TARGET_SOCFPGA_AGILEX select FIT_IMAGE_POST_PROCESS select SHA384 - select SHA512_ALGO + select SHA512 select SPL_FIT_IMAGE_POST_PROCESS help All images loaded from FIT will be authenticated by Secure Device diff --git a/lib/Kconfig b/lib/Kconfig index c535147aea..48565a4169 100644 --- a/lib/Kconfig +++ b/lib/Kconfig @@ -375,14 +375,9 @@ config SHA256 The SHA256 algorithm produces a 256-bit (32-byte) hash value (digest). -config SHA512_ALGO - bool "Enable SHA512 algorithm" - help - This option enables support of internal SHA512 algorithm. config SHA512 bool "Enable SHA512 support" - depends on SHA512_ALGO help This option enables support of hashing using SHA512 algorithm. The hash is calculated in software. @@ -391,10 +386,11 @@ config SHA512 config SHA384 bool "Enable SHA384 support" - depends on SHA512_ALGO + select SHA512 help This option enables support of hashing using SHA384 algorithm. - The hash is calculated in software. + The hash is calculated in software. This is also selects SHA512, + because these implementations share the bulk of the code.. The SHA384 algorithm produces a 384-bit (48-byte) hash value (digest). @@ -409,7 +405,7 @@ if SHA_HW_ACCEL config SHA512_HW_ACCEL bool "Enable hardware acceleration for SHA512" - depends on SHA512_ALGO + depends on SHA512 help This option enables hardware acceleration for the SHA384 and SHA512 hashing algorithms. This affects the 'hash' command and also the diff --git a/lib/Makefile b/lib/Makefile index 8ba745faa0..6aa48ca3d5 100644 --- a/lib/Makefile +++ b/lib/Makefile @@ -65,7 +65,7 @@ obj-$(CONFIG_$(SPL_)RSA) += rsa/ obj-$(CONFIG_HASH) += hash-checksum.o obj-$(CONFIG_SHA1) += sha1.o obj-$(CONFIG_SHA256) += sha256.o -obj-$(CONFIG_SHA512_ALGO) += sha512.o +obj-$(CONFIG_SHA512) += sha512.o obj-$(CONFIG_CRYPT_PW) += crypt/ obj-$(CONFIG_$(SPL_)ZLIB) += zlib/ diff --git a/lib/crypt/Kconfig b/lib/crypt/Kconfig index 5495ae8d4c..6a50029642 100644 --- a/lib/crypt/Kconfig +++ b/lib/crypt/Kconfig @@ -20,7 +20,7 @@ config CRYPT_PW_SHA256 config CRYPT_PW_SHA512 bool "Provide sha512crypt" select SHA512 - select SHA512_ALGO + select SHA512 help Enables support for the sha512crypt password-hashing algorithm. The prefix is "$6$". diff --git a/lib/efi_loader/Kconfig b/lib/efi_loader/Kconfig index dacc3b5881..08463251cd 100644 --- a/lib/efi_loader/Kconfig +++ b/lib/efi_loader/Kconfig @@ -323,7 +323,7 @@ config EFI_TCG2_PROTOCOL depends on TPM_V2 select SHA1 select SHA256 - select SHA512_ALGO + select SHA512 select SHA384 select SHA512 select HASH diff --git a/lib/sha512.c b/lib/sha512.c index 35f31e3dc5..a421f249ba 100644 --- a/lib/sha512.c +++ b/lib/sha512.c @@ -320,7 +320,6 @@ void sha384_csum_wd(const unsigned char *input, unsigned int ilen, #endif -#if defined(CONFIG_SHA512) void sha512_starts(sha512_context * ctx) { ctx->state[0] = SHA512_H0; @@ -381,4 +380,3 @@ void sha512_csum_wd(const unsigned char *input, unsigned int ilen, sha512_finish(&ctx, output); } -#endif From patchwork Tue Aug 24 00:53:18 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alexandru Gagniuc X-Patchwork-Id: 1520055 X-Patchwork-Delegate: trini@ti.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.denx.de (client-ip=2a01:238:438b:c500:173d:9f52:ddab:ee01; helo=phobos.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20161025 header.b=s3G+nz88; dkim-atps=neutral Received: from phobos.denx.de (phobos.denx.de [IPv6:2a01:238:438b:c500:173d:9f52:ddab:ee01]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4GtrGf47XXz9sXM for ; Tue, 24 Aug 2021 10:54:18 +1000 (AEST) Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 5721482E08; Tue, 24 Aug 2021 02:54:08 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="s3G+nz88"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 949E082D95; Tue, 24 Aug 2021 02:53:37 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM,SPF_HELO_NONE, SPF_PASS autolearn=ham autolearn_force=no version=3.4.2 Received: from mail-ot1-x333.google.com (mail-ot1-x333.google.com [IPv6:2607:f8b0:4864:20::333]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 8B79082DBA for ; Tue, 24 Aug 2021 02:53:28 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=mr.nuke.me@gmail.com Received: by mail-ot1-x333.google.com with SMTP id x9-20020a056830278900b0051b8be1192fso20735138otu.7 for ; Mon, 23 Aug 2021 17:53:28 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=s5wDXOJ6SrBwInWok+G3mTqfXwgpCKU4s/gILF0XoMI=; b=s3G+nz88hsuDYW/qj7igCvbYTtvGE+qmVv8wyDVbzs0L5p3WhIwtysHn3CxTFuElUu T2/IkhaEp8ixoRyvkjERNKpjgtzbgrESCEmlWm5hB13OuY0Bnc1fjxGjPtZCGizkNIqz eYyrQfQEDP93oEQNKP3IIJ3YcWTQof//CinTXVPCWyB61Pzlxfvt+5I8v6x7G5XKjEdy OoOlO8716NvG1K1zT8RaFdLDS1eG9oH6TwA5/ieMfcFeHsXYqHVdgvMvudOnCoryG0dT s18hulgpyC1ObdJC70OyL7oFcMR6P/mdxHLnMyftad/F6h4uLRc647eQi78HlOraFiZs SmFQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=s5wDXOJ6SrBwInWok+G3mTqfXwgpCKU4s/gILF0XoMI=; b=Oca2XtIFcO6Tshb/muX7ODdYZy+uD77d0Wf60+IobZyLUDHt16n9cWnxioOCuqz01Z KxNwMn0GyIujwlUUJ8teJifO9YSr+wseyCmOAcfjCMSQ+CtiHZcAsVBmujtsUypcW9GD hRPCev00MeE0ooIkWAZsN2RlcBe1RFQZDHB07HyGjW3aaYQKMwbnlAIRdU820M8/9FMr qypXzE0200+SaaSf8szXxlqVoC0HcnXsnrLl1Kb1z+UitbbSl0jmd2N6o371fQNThysL fbNvwQceHS94Ww6EZH2mz4sMvjKcFH2tFXN9msGzp7yPFcJGIatR7FM6+lmRdi4tMk0L r55w== X-Gm-Message-State: AOAM530fV0DfNuPJYOwR7rRxaiIe/LpqVNx+UeJqZ5m9RMj3OmW7kKW0 pVpT57OjgPXl4f18KnevXcU= X-Google-Smtp-Source: ABdhPJwiiDKx7Fb2AvE9qd9tt1mgAA+8WEqO+N9aLYaVuV5vR6iVYA0qpnPX1pXnyYZn+0CUPlFJYw== X-Received: by 2002:aca:f145:: with SMTP id p66mr972845oih.30.1629766407243; Mon, 23 Aug 2021 17:53:27 -0700 (PDT) Received: from nuclearis3.lan (c-98-195-139-126.hsd1.tx.comcast.net. [98.195.139.126]) by smtp.gmail.com with ESMTPSA id h14sm4229142otm.5.2021.08.23.17.53.26 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 23 Aug 2021 17:53:26 -0700 (PDT) From: Alexandru Gagniuc To: trini@konsulko.com, u-boot@lists.denx.de Cc: sjg@chromium.org, Alexandru Gagniuc Subject: [PATCH 3/5] common/spl: Drop SPL_HASH_SUPPORT in favor of SPL_HASH Date: Mon, 23 Aug 2021 19:53:18 -0500 Message-Id: <20210824005320.3647668-4-mr.nuke.me@gmail.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20210824005320.3647668-1-mr.nuke.me@gmail.com> References: <20210824005320.3647668-1-mr.nuke.me@gmail.com> MIME-Version: 1.0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.34 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.2 at phobos.denx.de X-Virus-Status: Clean Both these configs exist. Stick to using CONFIG_SPL_HASH, and drop all references to CONFIG_SPL_HASH_SUPPORT. Signed-off-by: Alexandru Gagniuc --- common/Kconfig.boot | 2 +- common/Makefile | 3 +-- common/spl/Kconfig | 12 +----------- configs/ls1021atwr_sdcard_ifc_SECURE_BOOT_defconfig | 2 +- configs/ls1043ardb_nand_SECURE_BOOT_defconfig | 2 +- configs/ls1043ardb_sdcard_SECURE_BOOT_defconfig | 2 +- configs/ls1046ardb_sdcard_SECURE_BOOT_defconfig | 2 +- configs/ls1088ardb_sdcard_qspi_SECURE_BOOT_defconfig | 2 +- include/configs/xilinx_zynqmp.h | 2 +- 9 files changed, 9 insertions(+), 20 deletions(-) diff --git a/common/Kconfig.boot b/common/Kconfig.boot index 2399d5849e..314f1e50a0 100644 --- a/common/Kconfig.boot +++ b/common/Kconfig.boot @@ -157,7 +157,7 @@ config SPL_FIT_SIGNATURE select FIT_SIGNATURE select SPL_FIT select SPL_CRYPTO - select SPL_HASH_SUPPORT + select SPL_HASH imply SPL_RSA imply SPL_RSA_VERIFY select SPL_IMAGE_SIGN_INFO diff --git a/common/Makefile b/common/Makefile index 9063ed9391..592f340f1b 100644 --- a/common/Makefile +++ b/common/Makefile @@ -8,7 +8,7 @@ ifndef CONFIG_SPL_BUILD obj-y += init/ obj-y += main.o obj-y += exports.o -obj-$(CONFIG_HASH) += hash.o +obj-$(CONFIG_$(SPL_)HASH) += hash.o obj-$(CONFIG_HUSH_PARSER) += cli_hush.o obj-$(CONFIG_AUTOBOOT) += autoboot.o @@ -66,7 +66,6 @@ ifdef CONFIG_SPL_BUILD ifdef CONFIG_SPL_DFU obj-$(CONFIG_DFU_OVER_USB) += dfu.o endif -obj-$(CONFIG_SPL_HASH_SUPPORT) += hash.o obj-$(CONFIG_TPL_HASH_SUPPORT) += hash.o obj-$(CONFIG_SPL_LOAD_FIT) += common_fit.o obj-$(CONFIG_SPL_NET_SUPPORT) += miiphyutil.o diff --git a/common/spl/Kconfig b/common/spl/Kconfig index d69d1fa5f7..c75c8aaf08 100644 --- a/common/spl/Kconfig +++ b/common/spl/Kconfig @@ -477,16 +477,6 @@ config SPL_CRYPTO this option to build the drivers in drivers/crypto as part of an SPL build. -config SPL_HASH_SUPPORT - bool "Support hashing drivers" - select SHA1 - select SHA256 - help - Enable hashing drivers in SPL. These drivers can be used to - accelerate secure boot processing in secure applications. Enable - this option to build system-specific drivers for hash acceleration - as part of an SPL build. - config TPL_HASH_SUPPORT bool "Support hashing drivers in TPL" depends on TPL @@ -1193,7 +1183,7 @@ config SPL_USB_ETHER config SPL_DFU bool "Support DFU (Device Firmware Upgrade)" - select SPL_HASH_SUPPORT + select SPL_HASH select SPL_DFU_NO_RESET depends on SPL_RAM_SUPPORT help diff --git a/configs/ls1021atwr_sdcard_ifc_SECURE_BOOT_defconfig b/configs/ls1021atwr_sdcard_ifc_SECURE_BOOT_defconfig index 78196e6485..c5a6819a38 100644 --- a/configs/ls1021atwr_sdcard_ifc_SECURE_BOOT_defconfig +++ b/configs/ls1021atwr_sdcard_ifc_SECURE_BOOT_defconfig @@ -31,7 +31,7 @@ CONFIG_SPL_FSL_PBL=y CONFIG_SYS_MMCSD_RAW_MODE_U_BOOT_USE_SECTOR=y CONFIG_SYS_MMCSD_RAW_MODE_U_BOOT_SECTOR=0xe8 CONFIG_SPL_CRYPTO=y -CONFIG_SPL_HASH_SUPPORT=y +CONFIG_SPL_HASH=y CONFIG_SPL_ENV_SUPPORT=y CONFIG_SPL_I2C=y CONFIG_SPL_MPC8XXX_INIT_DDR_SUPPORT=y diff --git a/configs/ls1043ardb_nand_SECURE_BOOT_defconfig b/configs/ls1043ardb_nand_SECURE_BOOT_defconfig index 3736445d47..93f6b2a668 100644 --- a/configs/ls1043ardb_nand_SECURE_BOOT_defconfig +++ b/configs/ls1043ardb_nand_SECURE_BOOT_defconfig @@ -27,7 +27,7 @@ CONFIG_SPL_FSL_PBL=y CONFIG_SYS_MMCSD_RAW_MODE_U_BOOT_USE_SECTOR=y CONFIG_SYS_MMCSD_RAW_MODE_U_BOOT_SECTOR=0xf0 CONFIG_SPL_CRYPTO=y -CONFIG_SPL_HASH_SUPPORT=y +CONFIG_SPL_HASH=y CONFIG_SPL_ENV_SUPPORT=y CONFIG_SPL_MPC8XXX_INIT_DDR_SUPPORT=y CONFIG_SPL_NAND_SUPPORT=y diff --git a/configs/ls1043ardb_sdcard_SECURE_BOOT_defconfig b/configs/ls1043ardb_sdcard_SECURE_BOOT_defconfig index b879a0c361..71c33ca463 100644 --- a/configs/ls1043ardb_sdcard_SECURE_BOOT_defconfig +++ b/configs/ls1043ardb_sdcard_SECURE_BOOT_defconfig @@ -27,7 +27,7 @@ CONFIG_SPL_FSL_PBL=y CONFIG_SYS_MMCSD_RAW_MODE_U_BOOT_USE_SECTOR=y CONFIG_SYS_MMCSD_RAW_MODE_U_BOOT_SECTOR=0x110 CONFIG_SPL_CRYPTO=y -CONFIG_SPL_HASH_SUPPORT=y +CONFIG_SPL_HASH=y CONFIG_SPL_ENV_SUPPORT=y CONFIG_SPL_MPC8XXX_INIT_DDR_SUPPORT=y CONFIG_SPL_WATCHDOG=y diff --git a/configs/ls1046ardb_sdcard_SECURE_BOOT_defconfig b/configs/ls1046ardb_sdcard_SECURE_BOOT_defconfig index c46d0dbedd..9d7ff790e0 100644 --- a/configs/ls1046ardb_sdcard_SECURE_BOOT_defconfig +++ b/configs/ls1046ardb_sdcard_SECURE_BOOT_defconfig @@ -27,7 +27,7 @@ CONFIG_SPL_FSL_PBL=y CONFIG_SYS_MMCSD_RAW_MODE_U_BOOT_USE_SECTOR=y CONFIG_SYS_MMCSD_RAW_MODE_U_BOOT_SECTOR=0x110 CONFIG_SPL_CRYPTO=y -CONFIG_SPL_HASH_SUPPORT=y +CONFIG_SPL_HASH=y CONFIG_SPL_ENV_SUPPORT=y CONFIG_SPL_I2C=y CONFIG_SPL_MPC8XXX_INIT_DDR_SUPPORT=y diff --git a/configs/ls1088ardb_sdcard_qspi_SECURE_BOOT_defconfig b/configs/ls1088ardb_sdcard_qspi_SECURE_BOOT_defconfig index 96d44799fa..62da4ecd71 100644 --- a/configs/ls1088ardb_sdcard_qspi_SECURE_BOOT_defconfig +++ b/configs/ls1088ardb_sdcard_qspi_SECURE_BOOT_defconfig @@ -33,7 +33,7 @@ CONFIG_MISC_INIT_R=y CONFIG_SYS_MMCSD_RAW_MODE_U_BOOT_USE_SECTOR=y CONFIG_SYS_MMCSD_RAW_MODE_U_BOOT_SECTOR=0x8b0 CONFIG_SPL_CRYPTO=y -CONFIG_SPL_HASH_SUPPORT=y +CONFIG_SPL_HASH=y CONFIG_SPL_ENV_SUPPORT=y CONFIG_SPL_I2C=y CONFIG_SPL_MPC8XXX_INIT_DDR_SUPPORT=y diff --git a/include/configs/xilinx_zynqmp.h b/include/configs/xilinx_zynqmp.h index 262154cdff..42758ba758 100644 --- a/include/configs/xilinx_zynqmp.h +++ b/include/configs/xilinx_zynqmp.h @@ -258,7 +258,7 @@ #if defined(CONFIG_SPL_BUILD) && defined(CONFIG_SPL_DFU) # define CONFIG_SPL_ENV_SUPPORT -# define CONFIG_SPL_HASH_SUPPORT +# define CONFIG_SPL_HASH # define CONFIG_ENV_MAX_ENTRIES 10 #endif From patchwork Tue Aug 24 00:53:19 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alexandru Gagniuc X-Patchwork-Id: 1520057 X-Patchwork-Delegate: trini@ti.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.denx.de (client-ip=2a01:238:438b:c500:173d:9f52:ddab:ee01; helo=phobos.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20161025 header.b=NtycZs5O; dkim-atps=neutral Received: from phobos.denx.de (phobos.denx.de [IPv6:2a01:238:438b:c500:173d:9f52:ddab:ee01]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4GtrH67157z9ssD for ; Tue, 24 Aug 2021 10:54:42 +1000 (AEST) Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 1885F82EDA; Tue, 24 Aug 2021 02:54:21 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="NtycZs5O"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 7511F82D95; Tue, 24 Aug 2021 02:53:45 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM,SPF_HELO_NONE, SPF_PASS autolearn=ham autolearn_force=no version=3.4.2 Received: from mail-ot1-x32a.google.com (mail-ot1-x32a.google.com [IPv6:2607:f8b0:4864:20::32a]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 90E7B82DB2 for ; Tue, 24 Aug 2021 02:53:29 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=mr.nuke.me@gmail.com Received: by mail-ot1-x32a.google.com with SMTP id i8-20020a056830402800b0051afc3e373aso30186836ots.5 for ; Mon, 23 Aug 2021 17:53:29 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=ZRvVTCFnJ/qqCMReYZtiuFNH5mi31MYXXN53T3WgOE4=; b=NtycZs5OgSV+ZWwNeaBd4w5EniW4RKXY11jnniXYKrAPvj3gHShyp/lAVcQ1y4POoG OhTtgvCEBqHK4ZUupHM9yoQ4DGS7dcPJDrjI8Vv1rYpj1EWB7ADyyDNqrge66HShL3sM m7ii5YyRndq4H72N8s4yvaJQWAC7gFF213eofuiZbiEVkdxx5orqKxHMIfXmqERmTUuR bZG6V4yF+WQkjrMcwupEOMolxF2Y7QNvtohXMonFKnIrfBKWaMYOGL8J8OKqEdFDz8+F 6WHJZQgbeIUiOzvEyJr1BMaQyN01rBQ++WvZRIX+Fpzhhp8+Gr8Aud+xUn5NNPcG4Nm7 726g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=ZRvVTCFnJ/qqCMReYZtiuFNH5mi31MYXXN53T3WgOE4=; b=TH8tBEgPh2UOGJ2QLLAOWJMWmku062f0VR9T6LKxEO4eHJfpWkFezlqu8NP6BOXqar 9Rn4STYzWJIcTyJb/wfbJfd6uO9R6UdfnH44BxCMiCwLxBEmuTpaStu+Aet41cS0fNfN M4ebCGCCYRViZi/fs3NEVRdb5IvzMqfon1jHLDI9JLS6qPp1k6lnyrPZBRAWa0RQPTXV DPy1fV1/C6a39DMqPLDguCh4KXhk/cebTBFcCcrzcVEN04AMpi9DlIib2oZtwFuDHkJQ zUXHGHfGV3CmL2TZH5KpRXnXWlfU23/rzM3Dfp4ah1z5gjc8H8J7YA8yoIuwpJGzFk5e uSTw== X-Gm-Message-State: AOAM533ku9NMhfF/8fZ9Jd/KkUE//7GPXlf1BX6QOlE6ZwTTxTXeMOka iwFajDNpIi83fJaQfpdai74= X-Google-Smtp-Source: ABdhPJwiNaFNQ0QaxEAAK0bcs62qnha7MAcc5cyZn0knvesLuA6PgspixlajpoIZcbjO9xBLTCD+pQ== X-Received: by 2002:a05:6830:b8e:: with SMTP id a14mr7005846otv.162.1629766408290; Mon, 23 Aug 2021 17:53:28 -0700 (PDT) Received: from nuclearis3.lan (c-98-195-139-126.hsd1.tx.comcast.net. [98.195.139.126]) by smtp.gmail.com with ESMTPSA id h14sm4229142otm.5.2021.08.23.17.53.27 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 23 Aug 2021 17:53:27 -0700 (PDT) From: Alexandru Gagniuc To: trini@konsulko.com, u-boot@lists.denx.de Cc: sjg@chromium.org, Alexandru Gagniuc Subject: [PATCH 4/5] image: Drop if/elseif hash selection in calculate_hash() Date: Mon, 23 Aug 2021 19:53:19 -0500 Message-Id: <20210824005320.3647668-5-mr.nuke.me@gmail.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20210824005320.3647668-1-mr.nuke.me@gmail.com> References: <20210824005320.3647668-1-mr.nuke.me@gmail.com> MIME-Version: 1.0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.34 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.2 at phobos.denx.de X-Virus-Status: Clean calculate_hash() would try to select the appropriate hashing function by a if/elseif contruct. But that is exactly why hash_lookup_algo() exists, so use it instead. This does mean that we now have to 'select HASH' to make sure we get the hash_lookup_algo() symbol. However, the change makes sense because even basic FITs will have to deal with "hash" nodes. My only concern is that the 'select SPL_HASH' might cause some platform to grow above its SPL size allowance Signed-off-by: Alexandru Gagniuc --- common/Kconfig.boot | 2 ++ common/image-fit.c | 45 +++++++++++++++++++-------------------------- 2 files changed, 21 insertions(+), 26 deletions(-) diff --git a/common/Kconfig.boot b/common/Kconfig.boot index 314f1e50a0..c2d6c89372 100644 --- a/common/Kconfig.boot +++ b/common/Kconfig.boot @@ -13,6 +13,7 @@ config FIT bool "Support Flattened Image Tree" select MD5 select SHA1 + select HASH help This option allows you to boot the new uImage structure, Flattened Image Tree. FIT is formally a FDT, which can include @@ -133,6 +134,7 @@ if SPL config SPL_FIT bool "Support Flattened Image Tree within SPL" depends on SPL + select SPL_HASH select SPL_OF_LIBFDT config SPL_FIT_PRINT diff --git a/common/image-fit.c b/common/image-fit.c index aff4670be3..92d9141bcd 100644 --- a/common/image-fit.c +++ b/common/image-fit.c @@ -1193,6 +1193,12 @@ int fit_set_timestamp(void *fit, int noffset, time_t timestamp) return 0; } +static void crc32_uimage_fixup(void *value) +{ + /* TODO: In C, this type punning is undefined behavior: */ + *((uint32_t *)value) = cpu_to_uimage(*((uint32_t *)value)); +} + /** * calculate_hash - calculate and return hash for provided input data * @data: pointer to the input data @@ -1211,37 +1217,24 @@ int fit_set_timestamp(void *fit, int noffset, time_t timestamp) * 0, on success * -1, when algo is unsupported */ -int calculate_hash(const void *data, int data_len, const char *algo, +int calculate_hash(const void *data, int data_len, const char *name, uint8_t *value, int *value_len) { - if (IMAGE_ENABLE_CRC32 && strcmp(algo, "crc32") == 0) { - *((uint32_t *)value) = crc32_wd(0, data, data_len, - CHUNKSZ_CRC32); - *((uint32_t *)value) = cpu_to_uimage(*((uint32_t *)value)); - *value_len = 4; - } else if (CONFIG_IS_ENABLED(SHA1) && strcmp(algo, "sha1") == 0) { - sha1_csum_wd((unsigned char *)data, data_len, - (unsigned char *)value, CHUNKSZ_SHA1); - *value_len = 20; - } else if (CONFIG_IS_ENABLED(SHA256) && strcmp(algo, "sha256") == 0) { - sha256_csum_wd((unsigned char *)data, data_len, - (unsigned char *)value, CHUNKSZ_SHA256); - *value_len = SHA256_SUM_LEN; - } else if (CONFIG_IS_ENABLED(SHA384) && strcmp(algo, "sha384") == 0) { - sha384_csum_wd((unsigned char *)data, data_len, - (unsigned char *)value, CHUNKSZ_SHA384); - *value_len = SHA384_SUM_LEN; - } else if (CONFIG_IS_ENABLED(SHA512) && strcmp(algo, "sha512") == 0) { - sha512_csum_wd((unsigned char *)data, data_len, - (unsigned char *)value, CHUNKSZ_SHA512); - *value_len = SHA512_SUM_LEN; - } else if (IMAGE_ENABLE_MD5 && strcmp(algo, "md5") == 0) { - md5_wd((unsigned char *)data, data_len, value, CHUNKSZ_MD5); - *value_len = 16; - } else { + struct hash_algo *algo; + int ret; + + ret = hash_lookup_algo(name, &algo); + if (ret < 0) { debug("Unsupported hash alogrithm\n"); return -1; } + + algo->hash_func_ws(data, data_len, value, algo->chunk_size); + *value_len = algo->digest_size; + + if (!strcmp(name, "crc32")) + crc32_uimage_fixup(value); + return 0; } From patchwork Tue Aug 24 00:53:20 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alexandru Gagniuc X-Patchwork-Id: 1520056 X-Patchwork-Delegate: trini@ti.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.denx.de (client-ip=85.214.62.61; helo=phobos.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20161025 header.b=UCRPG/D8; dkim-atps=neutral Received: from phobos.denx.de (phobos.denx.de [85.214.62.61]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4GtrGv2Qwbz9sxS for ; Tue, 24 Aug 2021 10:54:31 +1000 (AEST) Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 906B982E48; Tue, 24 Aug 2021 02:54:12 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="UCRPG/D8"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id B8CD882DB0; Tue, 24 Aug 2021 02:53:40 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM,SPF_HELO_NONE, SPF_PASS autolearn=ham autolearn_force=no version=3.4.2 Received: from mail-ot1-x32a.google.com (mail-ot1-x32a.google.com [IPv6:2607:f8b0:4864:20::32a]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id A6AEF82DCE for ; Tue, 24 Aug 2021 02:53:30 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=mr.nuke.me@gmail.com Received: by mail-ot1-x32a.google.com with SMTP id y14-20020a0568302a0e00b0051acbdb2869so34633300otu.2 for ; Mon, 23 Aug 2021 17:53:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=7vaGPHEMvEsCMvYloRScBTOhYnreOtDmLATIu6XDvhE=; b=UCRPG/D8TQzJeymYX5vXEaXlYVryOqUHKHeQ+ksbakpl1AzaYLMGMiTP8UOEELY7AW 78qfZwLjziEJQU+D32QReqSVSgkJ6NxZ5suLooAqC6TAxySyUHpa4E1CQ+Iq5Qbv/6KE AaaqCnHbsagRg/cl9RKFhsCoOcuZLZOJOrEYYtFBl+Cx5BKSl+Fc/ZvoLp5FY31pxrK3 fROQG0HMQRTNHX58Nq5HzZfeMwPG45giUB0iZ4Kc44QhF0+fmfetb5FYpIs+G1VJrZq4 6Smq1/VYSSBx6D/KT7s9g74JvOv36B5g2xgWVxUdHWPA7l+FMxaJxf20PBFV5wkADr3M lz7A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=7vaGPHEMvEsCMvYloRScBTOhYnreOtDmLATIu6XDvhE=; b=VOb6PH+kJN9cIyB9XpGod2bVNkmgwuE/+2WII1WzNCNNrlfJB8tfORe9lowZywKDIw o9gOKNApsJKotofa3IfqtM5PXQhMA2PH6Fu/QAOX1urZTV90ovAEQlSnxs50PZgeFXY2 r6S0isHhFTN+eOTH8auYQmclzakitwIJ4l77tPGeJy6pAGPzmCIrCUxNtdydhgNkUFHe FA8ROB10b3KhGvoAZPAcPlqN3D0peoPGCeaBR31Kts06mSDukwjT2Aw2qzs80tYr2t1F +5WmwF2jiFHg8n19Atn2NVA84f3HQtzqie0rz5kLRm8wnS1A6k/ouRKFWH7fGrDn/CMO Nbeg== X-Gm-Message-State: AOAM530Q1EtU7u7oHCNEzvrRRHrhv+w1cm766tu2hJ8nIu3SBleGYzlD etlTo6Z6Z/P9m3kYzn7inR8= X-Google-Smtp-Source: ABdhPJxGlt6DIFV3P70of+ABxbXHPQYwbzdOyVL288SpjzgUAWcwiFBCVTO3K+SRf3HzT85YLsHwSQ== X-Received: by 2002:a05:6830:187:: with SMTP id q7mr30349815ota.217.1629766409419; Mon, 23 Aug 2021 17:53:29 -0700 (PDT) Received: from nuclearis3.lan (c-98-195-139-126.hsd1.tx.comcast.net. [98.195.139.126]) by smtp.gmail.com with ESMTPSA id h14sm4229142otm.5.2021.08.23.17.53.28 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 23 Aug 2021 17:53:28 -0700 (PDT) From: Alexandru Gagniuc To: trini@konsulko.com, u-boot@lists.denx.de Cc: sjg@chromium.org, Alexandru Gagniuc Subject: [PATCH 5/5] image: Drop IMAGE_ENABLE_{MD5, CRC32} #defines Date: Mon, 23 Aug 2021 19:53:20 -0500 Message-Id: <20210824005320.3647668-6-mr.nuke.me@gmail.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20210824005320.3647668-1-mr.nuke.me@gmail.com> References: <20210824005320.3647668-1-mr.nuke.me@gmail.com> MIME-Version: 1.0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.34 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.2 at phobos.denx.de X-Virus-Status: Clean These are no longer used, so drop them. Signed-off-by: Alexandru Gagniuc --- include/image.h | 20 -------------------- 1 file changed, 20 deletions(-) diff --git a/include/image.h b/include/image.h index 489b220eba..2d057d445c 100644 --- a/include/image.h +++ b/include/image.h @@ -59,26 +59,6 @@ struct fdt_region; #include #include #include -# ifdef CONFIG_SPL_BUILD -# ifdef CONFIG_SPL_CRC32 -# define IMAGE_ENABLE_CRC32 1 -# endif -# ifdef CONFIG_SPL_MD5 -# define IMAGE_ENABLE_MD5 1 -# endif -# else -# define IMAGE_ENABLE_CRC32 1 -# define IMAGE_ENABLE_MD5 1 -# endif - -#ifndef IMAGE_ENABLE_CRC32 -#define IMAGE_ENABLE_CRC32 0 -#endif - -#ifndef IMAGE_ENABLE_MD5 -#define IMAGE_ENABLE_MD5 0 -#endif - #endif /* IMAGE_ENABLE_FIT */ #ifdef CONFIG_SYS_BOOT_GET_CMDLINE