| Message ID | 20210513071831.9969-2-masahisa.kojima@linaro.org |
|---|---|
| State | Superseded |
| Delegated to: | Heinrich Schuchardt |
| Headers | show |
| Series | PE/COFF measurement support | expand |
On Thu, May 13, 2021 at 04:18:29PM +0900, Masahisa Kojima wrote: > Build error occurs when CONFIG_EFI_SECURE_BOOT or > CONFIG_EFI_CAPSULE_AUTHENTICATE is enabled, > because hash-checksum.c is not compiled. > > This commit adds hash-checksum.c as a compilation target > if CONFIG_EFI_SECURE_BOOT or CONFIG_EFI_CAPSULE_AUTHENTICATE > is enabled. > > Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> > --- > > Changes in v6: > - update lib/Makefile to compile hash-checksum.c, instead of > selecting FIT_SIGNATURE in secure boot and capsule authentication. > > Changes in v5: > - Missing option for EFI_TCG2_PROTOROL already added in different commit. > This commit adds FIT_SIGNATURE only. > > Changes in v4: > - newly added in this patch series, due to rebasing > the base code. > > lib/Makefile | 5 ++++- > 1 file changed, 4 insertions(+), 1 deletion(-) > > diff --git a/lib/Makefile b/lib/Makefile > index 6825671955..bd022dd5d3 100644 > --- a/lib/Makefile > +++ b/lib/Makefile > @@ -61,7 +61,10 @@ endif > obj-$(CONFIG_$(SPL_)ACPIGEN) += acpi/ > obj-$(CONFIG_$(SPL_)MD5) += md5.o > obj-$(CONFIG_$(SPL_)RSA) += rsa/ > -obj-$(CONFIG_FIT_SIGNATURE) += hash-checksum.o > +ifneq (,$(filter y,$(CONFIG_FIT_SIGNATURE)$(CONFIG_EFI_SECURE_BOOT)\ > +$(CONFIG_EFI_CAPSULE_AUTHENTICATE))) > +obj-y += hash-checksum.o > +endif Why not create a new kconfig option here? There is a good reason to do so if there are more than one users. Otherwise, every new user of hash_calculate() needs to modify generic Makefile. -Takahiro Akashi > obj-$(CONFIG_SHA1) += sha1.o > obj-$(CONFIG_SHA256) += sha256.o > obj-$(CONFIG_SHA512_ALGO) += sha512.o > -- > 2.17.1 >
On Thu, 13 May 2021 at 16:52, Takahiro Akashi <takahiro.akashi@linaro.org> wrote: > > On Thu, May 13, 2021 at 04:18:29PM +0900, Masahisa Kojima wrote: > > Build error occurs when CONFIG_EFI_SECURE_BOOT or > > CONFIG_EFI_CAPSULE_AUTHENTICATE is enabled, > > because hash-checksum.c is not compiled. > > > > This commit adds hash-checksum.c as a compilation target > > if CONFIG_EFI_SECURE_BOOT or CONFIG_EFI_CAPSULE_AUTHENTICATE > > is enabled. > > > > Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> > > --- > > > > Changes in v6: > > - update lib/Makefile to compile hash-checksum.c, instead of > > selecting FIT_SIGNATURE in secure boot and capsule authentication. > > > > Changes in v5: > > - Missing option for EFI_TCG2_PROTOROL already added in different commit. > > This commit adds FIT_SIGNATURE only. > > > > Changes in v4: > > - newly added in this patch series, due to rebasing > > the base code. > > > > lib/Makefile | 5 ++++- > > 1 file changed, 4 insertions(+), 1 deletion(-) > > > > diff --git a/lib/Makefile b/lib/Makefile > > index 6825671955..bd022dd5d3 100644 > > --- a/lib/Makefile > > +++ b/lib/Makefile > > @@ -61,7 +61,10 @@ endif > > obj-$(CONFIG_$(SPL_)ACPIGEN) += acpi/ > > obj-$(CONFIG_$(SPL_)MD5) += md5.o > > obj-$(CONFIG_$(SPL_)RSA) += rsa/ > > -obj-$(CONFIG_FIT_SIGNATURE) += hash-checksum.o > > +ifneq (,$(filter y,$(CONFIG_FIT_SIGNATURE)$(CONFIG_EFI_SECURE_BOOT)\ > > +$(CONFIG_EFI_CAPSULE_AUTHENTICATE))) > > +obj-y += hash-checksum.o > > +endif > > Why not create a new kconfig option here? > There is a good reason to do so if there are more than one users. > > Otherwise, every new user of hash_calculate() needs > to modify generic Makefile. I agree with this suggestion, I will send new patch. Thank you for your comment. Thanks, Masahisa Kojima > > -Takahiro Akashi > > > > obj-$(CONFIG_SHA1) += sha1.o > > obj-$(CONFIG_SHA256) += sha256.o > > obj-$(CONFIG_SHA512_ALGO) += sha512.o > > -- > > 2.17.1 > >
diff --git a/lib/Makefile b/lib/Makefile index 6825671955..bd022dd5d3 100644 --- a/lib/Makefile +++ b/lib/Makefile @@ -61,7 +61,10 @@ endif obj-$(CONFIG_$(SPL_)ACPIGEN) += acpi/ obj-$(CONFIG_$(SPL_)MD5) += md5.o obj-$(CONFIG_$(SPL_)RSA) += rsa/ -obj-$(CONFIG_FIT_SIGNATURE) += hash-checksum.o +ifneq (,$(filter y,$(CONFIG_FIT_SIGNATURE)$(CONFIG_EFI_SECURE_BOOT)\ +$(CONFIG_EFI_CAPSULE_AUTHENTICATE))) +obj-y += hash-checksum.o +endif obj-$(CONFIG_SHA1) += sha1.o obj-$(CONFIG_SHA256) += sha256.o obj-$(CONFIG_SHA512_ALGO) += sha512.o
Build error occurs when CONFIG_EFI_SECURE_BOOT or CONFIG_EFI_CAPSULE_AUTHENTICATE is enabled, because hash-checksum.c is not compiled. This commit adds hash-checksum.c as a compilation target if CONFIG_EFI_SECURE_BOOT or CONFIG_EFI_CAPSULE_AUTHENTICATE is enabled. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> --- Changes in v6: - update lib/Makefile to compile hash-checksum.c, instead of selecting FIT_SIGNATURE in secure boot and capsule authentication. Changes in v5: - Missing option for EFI_TCG2_PROTOROL already added in different commit. This commit adds FIT_SIGNATURE only. Changes in v4: - newly added in this patch series, due to rebasing the base code. lib/Makefile | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-)