Message ID | 20210925194327.v5.5.Idf4bfa823b4e1a5b357e141a8496acece5051102@changeid |
---|---|
State | Accepted |
Delegated to: | Tom Rini |
Headers | show |
Series | image: Reduce #ifdefs and ad-hoc defines in image code (Part B) | expand |
Hi Simon On 9/25/21 8:43 PM, Simon Glass wrote: > At present when building host tools, we force CONFIG_SHAxxx to be enabled > regardless of the board Kconfig setting. This is done in the image.h > header file. > > For SPL we currently just assume the algorithm is desired if U-Boot proper > enables it. > > Clean this up by adding new Kconfig options to enable hashing on the host, > relying on CONFIG_IS_ENABLED() to deal with the different builds. > > Add new SPL Kconfigs for hardware-accelerated hashing, to maintain the > current settings. > > This allows us to drop the image.h code and the I_WANT_MD5 hack. > > Signed-off-by: Simon Glass <sjg@chromium.org> > --- > > Changes in v5: > - Drop I_WANT_MD5 > - Use TOOLS_ instead of HOST_ > I was planning to move hash algos to a linker list for target code, and a simple, ifdef-free list for the host, like we've done for crypto algos, and I think padding algos. We'd be able to drop #define I_WANT_MD5 (which is temporary), and drop define CONFIG_SHA_*, and by extension, drop the need for CONFIG_TOOLS_SHA*. I think that's far more elegant. Alex > Changes in v2: > - Add SPL_ Kconfigs also, since otherwise hashing algorithms drop from SPL > > common/hash.c | 49 +++++++++++++++++++++++-------------------------- > include/image.h | 5 ----- > lib/Kconfig | 18 ++++++++++++++++++ > tools/Kconfig | 25 +++++++++++++++++++++++++ > 4 files changed, 66 insertions(+), 31 deletions(-) > > diff --git a/common/hash.c b/common/hash.c > index 6277fe65b3e..0fe65c959d0 100644 > --- a/common/hash.c > +++ b/common/hash.c > @@ -25,6 +25,7 @@ > #else > #include "mkimage.h" > #include <time.h> > +#include <linux/kconfig.h> > #endif /* !USE_HOSTCC*/ > > #include <hash.h> > @@ -41,7 +42,7 @@ DECLARE_GLOBAL_DATA_PTR; > > static void reloc_update(void); > > -#if defined(CONFIG_SHA1) && !defined(CONFIG_SHA_PROG_HW_ACCEL) > +#if CONFIG_IS_ENABLED(SHA1) && !CONFIG_IS_ENABLED(SHA_PROG_HW_ACCEL) > static int hash_init_sha1(struct hash_algo *algo, void **ctxp) > { > sha1_context *ctx = malloc(sizeof(sha1_context)); > @@ -69,7 +70,7 @@ static int hash_finish_sha1(struct hash_algo *algo, void *ctx, void *dest_buf, > } > #endif > > -#if defined(CONFIG_SHA256) && !defined(CONFIG_SHA_PROG_HW_ACCEL) > +#if CONFIG_IS_ENABLED(SHA256) && !CONFIG_IS_ENABLED(SHA_PROG_HW_ACCEL) > static int hash_init_sha256(struct hash_algo *algo, void **ctxp) > { > sha256_context *ctx = malloc(sizeof(sha256_context)); > @@ -97,7 +98,7 @@ static int hash_finish_sha256(struct hash_algo *algo, void *ctx, void > } > #endif > > -#if defined(CONFIG_SHA384) && !defined(CONFIG_SHA_PROG_HW_ACCEL) > +#if CONFIG_IS_ENABLED(SHA384) && !CONFIG_IS_ENABLED(SHA_PROG_HW_ACCEL) > static int hash_init_sha384(struct hash_algo *algo, void **ctxp) > { > sha512_context *ctx = malloc(sizeof(sha512_context)); > @@ -125,7 +126,7 @@ static int hash_finish_sha384(struct hash_algo *algo, void *ctx, void > } > #endif > > -#if defined(CONFIG_SHA512) && !defined(CONFIG_SHA_PROG_HW_ACCEL) > +#if CONFIG_IS_ENABLED(SHA512) && !CONFIG_IS_ENABLED(SHA_PROG_HW_ACCEL) > static int hash_init_sha512(struct hash_algo *algo, void **ctxp) > { > sha512_context *ctx = malloc(sizeof(sha512_context)); > @@ -207,18 +208,13 @@ static int hash_finish_crc32(struct hash_algo *algo, void *ctx, void *dest_buf, > return 0; > } > > -#ifdef USE_HOSTCC > -# define I_WANT_MD5 1 > -#else > -# define I_WANT_MD5 CONFIG_IS_ENABLED(MD5) > -#endif > /* > * These are the hash algorithms we support. If we have hardware acceleration > * is enable we will use that, otherwise a software version of the algorithm. > * Note that algorithm names must be in lower case. > */ > static struct hash_algo hash_algo[] = { > -#if I_WANT_MD5 > +#if CONFIG_IS_ENABLED(MD5) > { > .name = "md5", > .digest_size = MD5_SUM_LEN, > @@ -226,17 +222,17 @@ static struct hash_algo hash_algo[] = { > .hash_func_ws = md5_wd, > }, > #endif > -#ifdef CONFIG_SHA1 > +#if CONFIG_IS_ENABLED(SHA1) > { > .name = "sha1", > .digest_size = SHA1_SUM_LEN, > .chunk_size = CHUNKSZ_SHA1, > -#ifdef CONFIG_SHA_HW_ACCEL > +#if CONFIG_IS_ENABLED(SHA_HW_ACCEL) > .hash_func_ws = hw_sha1, > #else > .hash_func_ws = sha1_csum_wd, > #endif > -#ifdef CONFIG_SHA_PROG_HW_ACCEL > +#if CONFIG_IS_ENABLED(SHA_PROG_HW_ACCEL) > .hash_init = hw_sha_init, > .hash_update = hw_sha_update, > .hash_finish = hw_sha_finish, > @@ -247,17 +243,17 @@ static struct hash_algo hash_algo[] = { > #endif > }, > #endif > -#ifdef CONFIG_SHA256 > +#if CONFIG_IS_ENABLED(SHA256) > { > .name = "sha256", > .digest_size = SHA256_SUM_LEN, > .chunk_size = CHUNKSZ_SHA256, > -#ifdef CONFIG_SHA_HW_ACCEL > +#if CONFIG_IS_ENABLED(SHA_HW_ACCEL) > .hash_func_ws = hw_sha256, > #else > .hash_func_ws = sha256_csum_wd, > #endif > -#ifdef CONFIG_SHA_PROG_HW_ACCEL > +#if CONFIG_IS_ENABLED(SHA_PROG_HW_ACCEL) > .hash_init = hw_sha_init, > .hash_update = hw_sha_update, > .hash_finish = hw_sha_finish, > @@ -268,17 +264,17 @@ static struct hash_algo hash_algo[] = { > #endif > }, > #endif > -#ifdef CONFIG_SHA384 > +#if CONFIG_IS_ENABLED(SHA384) > { > .name = "sha384", > .digest_size = SHA384_SUM_LEN, > .chunk_size = CHUNKSZ_SHA384, > -#ifdef CONFIG_SHA512_HW_ACCEL > +#if CONFIG_IS_ENABLED(SHA512_HW_ACCEL) > .hash_func_ws = hw_sha384, > #else > .hash_func_ws = sha384_csum_wd, > #endif > -#if defined(CONFIG_SHA512_HW_ACCEL) && defined(CONFIG_SHA_PROG_HW_ACCEL) > +#if CONFIG_IS_ENABLED(SHA512_HW_ACCEL) && CONFIG_IS_ENABLED(SHA_PROG_HW_ACCEL) > .hash_init = hw_sha_init, > .hash_update = hw_sha_update, > .hash_finish = hw_sha_finish, > @@ -289,17 +285,17 @@ static struct hash_algo hash_algo[] = { > #endif > }, > #endif > -#ifdef CONFIG_SHA512 > +#if CONFIG_IS_ENABLED(SHA512) > { > .name = "sha512", > .digest_size = SHA512_SUM_LEN, > .chunk_size = CHUNKSZ_SHA512, > -#ifdef CONFIG_SHA512_HW_ACCEL > +#if CONFIG_IS_ENABLED(SHA512_HW_ACCEL) > .hash_func_ws = hw_sha512, > #else > .hash_func_ws = sha512_csum_wd, > #endif > -#if defined(CONFIG_SHA512_HW_ACCEL) && defined(CONFIG_SHA_PROG_HW_ACCEL) > +#if CONFIG_IS_ENABLED(SHA512_HW_ACCEL) && CONFIG_IS_ENABLED(SHA_PROG_HW_ACCEL) > .hash_init = hw_sha_init, > .hash_update = hw_sha_update, > .hash_finish = hw_sha_finish, > @@ -331,9 +327,9 @@ static struct hash_algo hash_algo[] = { > }; > > /* Try to minimize code size for boards that don't want much hashing */ > -#if defined(CONFIG_SHA256) || defined(CONFIG_CMD_SHA1SUM) || \ > - defined(CONFIG_CRC32_VERIFY) || defined(CONFIG_CMD_HASH) || \ > - defined(CONFIG_SHA384) || defined(CONFIG_SHA512) > +#if CONFIG_IS_ENABLED(SHA256) || CONFIG_IS_ENABLED(CMD_SHA1SUM) || \ > + CONFIG_IS_ENABLED(CRC32_VERIFY) || CONFIG_IS_ENABLED(CMD_HASH) || \ > + CONFIG_IS_ENABLED(SHA384) || CONFIG_IS_ENABLED(SHA512) > #define multi_hash() 1 > #else > #define multi_hash() 0 > @@ -438,7 +434,8 @@ int hash_block(const char *algo_name, const void *data, unsigned int len, > return 0; > } > > -#if defined(CONFIG_CMD_HASH) || defined(CONFIG_CMD_SHA1SUM) || defined(CONFIG_CMD_CRC32) > +#if !defined(CONFIG_SPL_BUILD) && (defined(CONFIG_CMD_HASH) || \ > + defined(CONFIG_CMD_SHA1SUM) || defined(CONFIG_CMD_CRC32)) > /** > * store_result: Store the resulting sum to an address or variable > * > diff --git a/include/image.h b/include/image.h > index 73a763a6936..03857f4b500 100644 > --- a/include/image.h > +++ b/include/image.h > @@ -31,11 +31,6 @@ struct fdt_region; > #define IMAGE_ENABLE_OF_LIBFDT 1 > #define CONFIG_FIT_VERBOSE 1 /* enable fit_format_{error,warning}() */ > #define CONFIG_FIT_RSASSA_PSS 1 > -#define CONFIG_MD5 > -#define CONFIG_SHA1 > -#define CONFIG_SHA256 > -#define CONFIG_SHA384 > -#define CONFIG_SHA512 > > #define IMAGE_ENABLE_IGNORE 0 > #define IMAGE_INDENT_STRING "" > diff --git a/lib/Kconfig b/lib/Kconfig > index 7899e756f99..64765acfa61 100644 > --- a/lib/Kconfig > +++ b/lib/Kconfig > @@ -438,6 +438,24 @@ config SPL_SHA384 > The SHA384 algorithm produces a 384-bit (48-byte) hash value > (digest). > > +config SPL_SHA_HW_ACCEL > + bool "Enable hardware acceleration for SHA hash functions" > + default y if SHA_HW_ACCEL > + help > + This option enables hardware acceleration for the SHA1 and SHA256 > + hashing algorithms. This affects the 'hash' command and also the > + hash_lookup_algo() function. > + > +config SPL_SHA_PROG_HW_ACCEL > + bool "Enable Progressive hashing support using hardware in SPL" > + depends on SHA_PROG_HW_ACCEL > + default y > + help > + This option enables hardware-acceleration for SHA progressive > + hashing. > + Data can be streamed in a block at a time and the hashing is > + performed in hardware. > + > endif > > if SHA_HW_ACCEL > diff --git a/tools/Kconfig b/tools/Kconfig > index ea986ab0479..6ffc2c0aa31 100644 > --- a/tools/Kconfig > +++ b/tools/Kconfig > @@ -45,4 +45,29 @@ config TOOLS_FIT_SIGNATURE_MAX_SIZE > depends on TOOLS_FIT_SIGNATURE > default 0x10000000 > > +config TOOLS_MD5 > + def_bool y > + help > + Enable MD5 support in the tools builds > + > +config TOOLS_SHA1 > + def_bool y > + help > + Enable SHA1 support in the tools builds > + > +config TOOLS_SHA256 > + def_bool y > + help > + Enable SHA256 support in the tools builds > + > +config TOOLS_SHA384 > + def_bool y > + help > + Enable SHA384 support in the tools builds > + > +config TOOLS_SHA512 > + def_bool y > + help > + Enable SHA512 support in the tools builds > + > endmenu >
Hi Alex, On Mon, 27 Sept 2021 at 09:53, Alex G. <mr.nuke.me@gmail.com> wrote: > > Hi Simon > > On 9/25/21 8:43 PM, Simon Glass wrote: > > At present when building host tools, we force CONFIG_SHAxxx to be enabled > > regardless of the board Kconfig setting. This is done in the image.h > > header file. > > > > For SPL we currently just assume the algorithm is desired if U-Boot proper > > enables it. > > > > Clean this up by adding new Kconfig options to enable hashing on the host, > > relying on CONFIG_IS_ENABLED() to deal with the different builds. > > > > Add new SPL Kconfigs for hardware-accelerated hashing, to maintain the > > current settings. > > > > This allows us to drop the image.h code and the I_WANT_MD5 hack. > > > > Signed-off-by: Simon Glass <sjg@chromium.org> > > --- > > > > Changes in v5: > > - Drop I_WANT_MD5 > > - Use TOOLS_ instead of HOST_ > > > I was planning to move hash algos to a linker list for target code, and > a simple, ifdef-free list for the host, like we've done for crypto > algos, and I think padding algos. > > We'd be able to drop #define I_WANT_MD5 (which is temporary), and drop > define CONFIG_SHA_*, and by extension, drop the need for > CONFIG_TOOLS_SHA*. I think that's far more elegant. OK but can we do that after my series goes in? The series is a significant #ifdef clean-up and I think you can easily do that on top of the series. Regards, Simon
On 9/27/21 11:06 AM, Simon Glass wrote: > Hi Alex, > > On Mon, 27 Sept 2021 at 09:53, Alex G. <mr.nuke.me@gmail.com> wrote: >> >> Hi Simon >> >> On 9/25/21 8:43 PM, Simon Glass wrote: >>> At present when building host tools, we force CONFIG_SHAxxx to be enabled >>> regardless of the board Kconfig setting. This is done in the image.h >>> header file. >>> >>> For SPL we currently just assume the algorithm is desired if U-Boot proper >>> enables it. >>> >>> Clean this up by adding new Kconfig options to enable hashing on the host, >>> relying on CONFIG_IS_ENABLED() to deal with the different builds. >>> >>> Add new SPL Kconfigs for hardware-accelerated hashing, to maintain the >>> current settings. >>> >>> This allows us to drop the image.h code and the I_WANT_MD5 hack. >>> >>> Signed-off-by: Simon Glass <sjg@chromium.org> >>> --- >>> >>> Changes in v5: >>> - Drop I_WANT_MD5 >>> - Use TOOLS_ instead of HOST_ >>> >> I was planning to move hash algos to a linker list for target code, and >> a simple, ifdef-free list for the host, like we've done for crypto >> algos, and I think padding algos. >> >> We'd be able to drop #define I_WANT_MD5 (which is temporary), and drop >> define CONFIG_SHA_*, and by extension, drop the need for >> CONFIG_TOOLS_SHA*. I think that's far more elegant. > > OK but can we do that after my series goes in? The series is a > significant #ifdef clean-up and I think you can easily do that on top > of the series. Of course! Alex
On 9/25/21 8:43 PM, Simon Glass wrote: > At present when building host tools, we force CONFIG_SHAxxx to be enabled > regardless of the board Kconfig setting. This is done in the image.h > header file. > > For SPL we currently just assume the algorithm is desired if U-Boot proper > enables it. > > Clean this up by adding new Kconfig options to enable hashing on the host, > relying on CONFIG_IS_ENABLED() to deal with the different builds. > > Add new SPL Kconfigs for hardware-accelerated hashing, to maintain the > current settings. > > This allows us to drop the image.h code and the I_WANT_MD5 hack. > > Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Alexandru Gagniuc <mr.nuke.me@gmail.com> > --- > > Changes in v5: > - Drop I_WANT_MD5 > - Use TOOLS_ instead of HOST_ > > Changes in v2: > - Add SPL_ Kconfigs also, since otherwise hashing algorithms drop from SPL > > common/hash.c | 49 +++++++++++++++++++++++-------------------------- > include/image.h | 5 ----- > lib/Kconfig | 18 ++++++++++++++++++ > tools/Kconfig | 25 +++++++++++++++++++++++++ > 4 files changed, 66 insertions(+), 31 deletions(-) > > diff --git a/common/hash.c b/common/hash.c > index 6277fe65b3e..0fe65c959d0 100644 > --- a/common/hash.c > +++ b/common/hash.c > @@ -25,6 +25,7 @@ > #else > #include "mkimage.h" > #include <time.h> > +#include <linux/kconfig.h> > #endif /* !USE_HOSTCC*/ > > #include <hash.h> > @@ -41,7 +42,7 @@ DECLARE_GLOBAL_DATA_PTR; > > static void reloc_update(void); > > -#if defined(CONFIG_SHA1) && !defined(CONFIG_SHA_PROG_HW_ACCEL) > +#if CONFIG_IS_ENABLED(SHA1) && !CONFIG_IS_ENABLED(SHA_PROG_HW_ACCEL) > static int hash_init_sha1(struct hash_algo *algo, void **ctxp) > { > sha1_context *ctx = malloc(sizeof(sha1_context)); > @@ -69,7 +70,7 @@ static int hash_finish_sha1(struct hash_algo *algo, void *ctx, void *dest_buf, > } > #endif One day, I'd like to make these init_<hasnmane>_ functions part of linker lists and move each to their respective <hashname>.c One day. > > -#if defined(CONFIG_SHA256) && !defined(CONFIG_SHA_PROG_HW_ACCEL) > +#if CONFIG_IS_ENABLED(SHA256) && !CONFIG_IS_ENABLED(SHA_PROG_HW_ACCEL) > static int hash_init_sha256(struct hash_algo *algo, void **ctxp) > { > sha256_context *ctx = malloc(sizeof(sha256_context)); > @@ -97,7 +98,7 @@ static int hash_finish_sha256(struct hash_algo *algo, void *ctx, void > } > #endif > > -#if defined(CONFIG_SHA384) && !defined(CONFIG_SHA_PROG_HW_ACCEL) > +#if CONFIG_IS_ENABLED(SHA384) && !CONFIG_IS_ENABLED(SHA_PROG_HW_ACCEL) > static int hash_init_sha384(struct hash_algo *algo, void **ctxp) > { > sha512_context *ctx = malloc(sizeof(sha512_context)); > @@ -125,7 +126,7 @@ static int hash_finish_sha384(struct hash_algo *algo, void *ctx, void > } > #endif > > -#if defined(CONFIG_SHA512) && !defined(CONFIG_SHA_PROG_HW_ACCEL) > +#if CONFIG_IS_ENABLED(SHA512) && !CONFIG_IS_ENABLED(SHA_PROG_HW_ACCEL) > static int hash_init_sha512(struct hash_algo *algo, void **ctxp) > { > sha512_context *ctx = malloc(sizeof(sha512_context)); > @@ -207,18 +208,13 @@ static int hash_finish_crc32(struct hash_algo *algo, void *ctx, void *dest_buf, > return 0; > } > > -#ifdef USE_HOSTCC > -# define I_WANT_MD5 1 > -#else > -# define I_WANT_MD5 CONFIG_IS_ENABLED(MD5) > -#endif > /* > * These are the hash algorithms we support. If we have hardware acceleration > * is enable we will use that, otherwise a software version of the algorithm. > * Note that algorithm names must be in lower case. > */ > static struct hash_algo hash_algo[] = { > -#if I_WANT_MD5 > +#if CONFIG_IS_ENABLED(MD5) > { > .name = "md5", > .digest_size = MD5_SUM_LEN, > @@ -226,17 +222,17 @@ static struct hash_algo hash_algo[] = { > .hash_func_ws = md5_wd, > }, > #endif > -#ifdef CONFIG_SHA1 > +#if CONFIG_IS_ENABLED(SHA1) > { > .name = "sha1", > .digest_size = SHA1_SUM_LEN, > .chunk_size = CHUNKSZ_SHA1, > -#ifdef CONFIG_SHA_HW_ACCEL > +#if CONFIG_IS_ENABLED(SHA_HW_ACCEL) > .hash_func_ws = hw_sha1, > #else > .hash_func_ws = sha1_csum_wd, > #endif > -#ifdef CONFIG_SHA_PROG_HW_ACCEL > +#if CONFIG_IS_ENABLED(SHA_PROG_HW_ACCEL) > .hash_init = hw_sha_init, > .hash_update = hw_sha_update, > .hash_finish = hw_sha_finish, > @@ -247,17 +243,17 @@ static struct hash_algo hash_algo[] = { > #endif > }, > #endif > -#ifdef CONFIG_SHA256 > +#if CONFIG_IS_ENABLED(SHA256) > { > .name = "sha256", > .digest_size = SHA256_SUM_LEN, > .chunk_size = CHUNKSZ_SHA256, > -#ifdef CONFIG_SHA_HW_ACCEL > +#if CONFIG_IS_ENABLED(SHA_HW_ACCEL) > .hash_func_ws = hw_sha256, > #else > .hash_func_ws = sha256_csum_wd, > #endif > -#ifdef CONFIG_SHA_PROG_HW_ACCEL > +#if CONFIG_IS_ENABLED(SHA_PROG_HW_ACCEL) > .hash_init = hw_sha_init, > .hash_update = hw_sha_update, > .hash_finish = hw_sha_finish, > @@ -268,17 +264,17 @@ static struct hash_algo hash_algo[] = { > #endif > }, > #endif > -#ifdef CONFIG_SHA384 > +#if CONFIG_IS_ENABLED(SHA384) > { > .name = "sha384", > .digest_size = SHA384_SUM_LEN, > .chunk_size = CHUNKSZ_SHA384, > -#ifdef CONFIG_SHA512_HW_ACCEL > +#if CONFIG_IS_ENABLED(SHA512_HW_ACCEL) > .hash_func_ws = hw_sha384, > #else > .hash_func_ws = sha384_csum_wd, > #endif > -#if defined(CONFIG_SHA512_HW_ACCEL) && defined(CONFIG_SHA_PROG_HW_ACCEL) > +#if CONFIG_IS_ENABLED(SHA512_HW_ACCEL) && CONFIG_IS_ENABLED(SHA_PROG_HW_ACCEL) > .hash_init = hw_sha_init, > .hash_update = hw_sha_update, > .hash_finish = hw_sha_finish, > @@ -289,17 +285,17 @@ static struct hash_algo hash_algo[] = { > #endif > }, > #endif > -#ifdef CONFIG_SHA512 > +#if CONFIG_IS_ENABLED(SHA512) > { > .name = "sha512", > .digest_size = SHA512_SUM_LEN, > .chunk_size = CHUNKSZ_SHA512, > -#ifdef CONFIG_SHA512_HW_ACCEL > +#if CONFIG_IS_ENABLED(SHA512_HW_ACCEL) > .hash_func_ws = hw_sha512, > #else > .hash_func_ws = sha512_csum_wd, > #endif > -#if defined(CONFIG_SHA512_HW_ACCEL) && defined(CONFIG_SHA_PROG_HW_ACCEL) > +#if CONFIG_IS_ENABLED(SHA512_HW_ACCEL) && CONFIG_IS_ENABLED(SHA_PROG_HW_ACCEL) > .hash_init = hw_sha_init, > .hash_update = hw_sha_update, > .hash_finish = hw_sha_finish, > @@ -331,9 +327,9 @@ static struct hash_algo hash_algo[] = { > }; > > /* Try to minimize code size for boards that don't want much hashing */ > -#if defined(CONFIG_SHA256) || defined(CONFIG_CMD_SHA1SUM) || \ > - defined(CONFIG_CRC32_VERIFY) || defined(CONFIG_CMD_HASH) || \ > - defined(CONFIG_SHA384) || defined(CONFIG_SHA512) > +#if CONFIG_IS_ENABLED(SHA256) || CONFIG_IS_ENABLED(CMD_SHA1SUM) || \ > + CONFIG_IS_ENABLED(CRC32_VERIFY) || CONFIG_IS_ENABLED(CMD_HASH) || \ > + CONFIG_IS_ENABLED(SHA384) || CONFIG_IS_ENABLED(SHA512) > #define multi_hash() 1 > #else > #define multi_hash() 0 > @@ -438,7 +434,8 @@ int hash_block(const char *algo_name, const void *data, unsigned int len, > return 0; > } > > -#if defined(CONFIG_CMD_HASH) || defined(CONFIG_CMD_SHA1SUM) || defined(CONFIG_CMD_CRC32) > +#if !defined(CONFIG_SPL_BUILD) && (defined(CONFIG_CMD_HASH) || \ > + defined(CONFIG_CMD_SHA1SUM) || defined(CONFIG_CMD_CRC32)) > /** > * store_result: Store the resulting sum to an address or variable > * > diff --git a/include/image.h b/include/image.h > index 73a763a6936..03857f4b500 100644 > --- a/include/image.h > +++ b/include/image.h > @@ -31,11 +31,6 @@ struct fdt_region; > #define IMAGE_ENABLE_OF_LIBFDT 1 > #define CONFIG_FIT_VERBOSE 1 /* enable fit_format_{error,warning}() */ > #define CONFIG_FIT_RSASSA_PSS 1 > -#define CONFIG_MD5 > -#define CONFIG_SHA1 > -#define CONFIG_SHA256 > -#define CONFIG_SHA384 > -#define CONFIG_SHA512 > > #define IMAGE_ENABLE_IGNORE 0 > #define IMAGE_INDENT_STRING "" > diff --git a/lib/Kconfig b/lib/Kconfig > index 7899e756f99..64765acfa61 100644 > --- a/lib/Kconfig > +++ b/lib/Kconfig > @@ -438,6 +438,24 @@ config SPL_SHA384 > The SHA384 algorithm produces a 384-bit (48-byte) hash value > (digest). > > +config SPL_SHA_HW_ACCEL > + bool "Enable hardware acceleration for SHA hash functions" > + default y if SHA_HW_ACCEL > + help > + This option enables hardware acceleration for the SHA1 and SHA256 > + hashing algorithms. This affects the 'hash' command and also the > + hash_lookup_algo() function. > + > +config SPL_SHA_PROG_HW_ACCEL > + bool "Enable Progressive hashing support using hardware in SPL" > + depends on SHA_PROG_HW_ACCEL > + default y > + help > + This option enables hardware-acceleration for SHA progressive > + hashing. > + Data can be streamed in a block at a time and the hashing is > + performed in hardware. > + > endif > > if SHA_HW_ACCEL > diff --git a/tools/Kconfig b/tools/Kconfig > index ea986ab0479..6ffc2c0aa31 100644 > --- a/tools/Kconfig > +++ b/tools/Kconfig > @@ -45,4 +45,29 @@ config TOOLS_FIT_SIGNATURE_MAX_SIZE > depends on TOOLS_FIT_SIGNATURE > default 0x10000000 > > +config TOOLS_MD5 > + def_bool y > + help > + Enable MD5 support in the tools builds > + > +config TOOLS_SHA1 > + def_bool y > + help > + Enable SHA1 support in the tools builds > + > +config TOOLS_SHA256 > + def_bool y > + help > + Enable SHA256 support in the tools builds > + > +config TOOLS_SHA384 > + def_bool y > + help > + Enable SHA384 support in the tools builds > + > +config TOOLS_SHA512 > + def_bool y > + help > + Enable SHA512 support in the tools builds > + > endmenu >
On Sat, Sep 25, 2021 at 07:43:18PM -0600, Simon Glass wrote: > At present when building host tools, we force CONFIG_SHAxxx to be enabled > regardless of the board Kconfig setting. This is done in the image.h > header file. > > For SPL we currently just assume the algorithm is desired if U-Boot proper > enables it. > > Clean this up by adding new Kconfig options to enable hashing on the host, > relying on CONFIG_IS_ENABLED() to deal with the different builds. > > Add new SPL Kconfigs for hardware-accelerated hashing, to maintain the > current settings. > > This allows us to drop the image.h code and the I_WANT_MD5 hack. > > Signed-off-by: Simon Glass <sjg@chromium.org> > Reviewed-by: Alexandru Gagniuc <mr.nuke.me@gmail.com> Applied to u-boot/master, thanks!
diff --git a/common/hash.c b/common/hash.c index 6277fe65b3e..0fe65c959d0 100644 --- a/common/hash.c +++ b/common/hash.c @@ -25,6 +25,7 @@ #else #include "mkimage.h" #include <time.h> +#include <linux/kconfig.h> #endif /* !USE_HOSTCC*/ #include <hash.h> @@ -41,7 +42,7 @@ DECLARE_GLOBAL_DATA_PTR; static void reloc_update(void); -#if defined(CONFIG_SHA1) && !defined(CONFIG_SHA_PROG_HW_ACCEL) +#if CONFIG_IS_ENABLED(SHA1) && !CONFIG_IS_ENABLED(SHA_PROG_HW_ACCEL) static int hash_init_sha1(struct hash_algo *algo, void **ctxp) { sha1_context *ctx = malloc(sizeof(sha1_context)); @@ -69,7 +70,7 @@ static int hash_finish_sha1(struct hash_algo *algo, void *ctx, void *dest_buf, } #endif -#if defined(CONFIG_SHA256) && !defined(CONFIG_SHA_PROG_HW_ACCEL) +#if CONFIG_IS_ENABLED(SHA256) && !CONFIG_IS_ENABLED(SHA_PROG_HW_ACCEL) static int hash_init_sha256(struct hash_algo *algo, void **ctxp) { sha256_context *ctx = malloc(sizeof(sha256_context)); @@ -97,7 +98,7 @@ static int hash_finish_sha256(struct hash_algo *algo, void *ctx, void } #endif -#if defined(CONFIG_SHA384) && !defined(CONFIG_SHA_PROG_HW_ACCEL) +#if CONFIG_IS_ENABLED(SHA384) && !CONFIG_IS_ENABLED(SHA_PROG_HW_ACCEL) static int hash_init_sha384(struct hash_algo *algo, void **ctxp) { sha512_context *ctx = malloc(sizeof(sha512_context)); @@ -125,7 +126,7 @@ static int hash_finish_sha384(struct hash_algo *algo, void *ctx, void } #endif -#if defined(CONFIG_SHA512) && !defined(CONFIG_SHA_PROG_HW_ACCEL) +#if CONFIG_IS_ENABLED(SHA512) && !CONFIG_IS_ENABLED(SHA_PROG_HW_ACCEL) static int hash_init_sha512(struct hash_algo *algo, void **ctxp) { sha512_context *ctx = malloc(sizeof(sha512_context)); @@ -207,18 +208,13 @@ static int hash_finish_crc32(struct hash_algo *algo, void *ctx, void *dest_buf, return 0; } -#ifdef USE_HOSTCC -# define I_WANT_MD5 1 -#else -# define I_WANT_MD5 CONFIG_IS_ENABLED(MD5) -#endif /* * These are the hash algorithms we support. If we have hardware acceleration * is enable we will use that, otherwise a software version of the algorithm. * Note that algorithm names must be in lower case. */ static struct hash_algo hash_algo[] = { -#if I_WANT_MD5 +#if CONFIG_IS_ENABLED(MD5) { .name = "md5", .digest_size = MD5_SUM_LEN, @@ -226,17 +222,17 @@ static struct hash_algo hash_algo[] = { .hash_func_ws = md5_wd, }, #endif -#ifdef CONFIG_SHA1 +#if CONFIG_IS_ENABLED(SHA1) { .name = "sha1", .digest_size = SHA1_SUM_LEN, .chunk_size = CHUNKSZ_SHA1, -#ifdef CONFIG_SHA_HW_ACCEL +#if CONFIG_IS_ENABLED(SHA_HW_ACCEL) .hash_func_ws = hw_sha1, #else .hash_func_ws = sha1_csum_wd, #endif -#ifdef CONFIG_SHA_PROG_HW_ACCEL +#if CONFIG_IS_ENABLED(SHA_PROG_HW_ACCEL) .hash_init = hw_sha_init, .hash_update = hw_sha_update, .hash_finish = hw_sha_finish, @@ -247,17 +243,17 @@ static struct hash_algo hash_algo[] = { #endif }, #endif -#ifdef CONFIG_SHA256 +#if CONFIG_IS_ENABLED(SHA256) { .name = "sha256", .digest_size = SHA256_SUM_LEN, .chunk_size = CHUNKSZ_SHA256, -#ifdef CONFIG_SHA_HW_ACCEL +#if CONFIG_IS_ENABLED(SHA_HW_ACCEL) .hash_func_ws = hw_sha256, #else .hash_func_ws = sha256_csum_wd, #endif -#ifdef CONFIG_SHA_PROG_HW_ACCEL +#if CONFIG_IS_ENABLED(SHA_PROG_HW_ACCEL) .hash_init = hw_sha_init, .hash_update = hw_sha_update, .hash_finish = hw_sha_finish, @@ -268,17 +264,17 @@ static struct hash_algo hash_algo[] = { #endif }, #endif -#ifdef CONFIG_SHA384 +#if CONFIG_IS_ENABLED(SHA384) { .name = "sha384", .digest_size = SHA384_SUM_LEN, .chunk_size = CHUNKSZ_SHA384, -#ifdef CONFIG_SHA512_HW_ACCEL +#if CONFIG_IS_ENABLED(SHA512_HW_ACCEL) .hash_func_ws = hw_sha384, #else .hash_func_ws = sha384_csum_wd, #endif -#if defined(CONFIG_SHA512_HW_ACCEL) && defined(CONFIG_SHA_PROG_HW_ACCEL) +#if CONFIG_IS_ENABLED(SHA512_HW_ACCEL) && CONFIG_IS_ENABLED(SHA_PROG_HW_ACCEL) .hash_init = hw_sha_init, .hash_update = hw_sha_update, .hash_finish = hw_sha_finish, @@ -289,17 +285,17 @@ static struct hash_algo hash_algo[] = { #endif }, #endif -#ifdef CONFIG_SHA512 +#if CONFIG_IS_ENABLED(SHA512) { .name = "sha512", .digest_size = SHA512_SUM_LEN, .chunk_size = CHUNKSZ_SHA512, -#ifdef CONFIG_SHA512_HW_ACCEL +#if CONFIG_IS_ENABLED(SHA512_HW_ACCEL) .hash_func_ws = hw_sha512, #else .hash_func_ws = sha512_csum_wd, #endif -#if defined(CONFIG_SHA512_HW_ACCEL) && defined(CONFIG_SHA_PROG_HW_ACCEL) +#if CONFIG_IS_ENABLED(SHA512_HW_ACCEL) && CONFIG_IS_ENABLED(SHA_PROG_HW_ACCEL) .hash_init = hw_sha_init, .hash_update = hw_sha_update, .hash_finish = hw_sha_finish, @@ -331,9 +327,9 @@ static struct hash_algo hash_algo[] = { }; /* Try to minimize code size for boards that don't want much hashing */ -#if defined(CONFIG_SHA256) || defined(CONFIG_CMD_SHA1SUM) || \ - defined(CONFIG_CRC32_VERIFY) || defined(CONFIG_CMD_HASH) || \ - defined(CONFIG_SHA384) || defined(CONFIG_SHA512) +#if CONFIG_IS_ENABLED(SHA256) || CONFIG_IS_ENABLED(CMD_SHA1SUM) || \ + CONFIG_IS_ENABLED(CRC32_VERIFY) || CONFIG_IS_ENABLED(CMD_HASH) || \ + CONFIG_IS_ENABLED(SHA384) || CONFIG_IS_ENABLED(SHA512) #define multi_hash() 1 #else #define multi_hash() 0 @@ -438,7 +434,8 @@ int hash_block(const char *algo_name, const void *data, unsigned int len, return 0; } -#if defined(CONFIG_CMD_HASH) || defined(CONFIG_CMD_SHA1SUM) || defined(CONFIG_CMD_CRC32) +#if !defined(CONFIG_SPL_BUILD) && (defined(CONFIG_CMD_HASH) || \ + defined(CONFIG_CMD_SHA1SUM) || defined(CONFIG_CMD_CRC32)) /** * store_result: Store the resulting sum to an address or variable * diff --git a/include/image.h b/include/image.h index 73a763a6936..03857f4b500 100644 --- a/include/image.h +++ b/include/image.h @@ -31,11 +31,6 @@ struct fdt_region; #define IMAGE_ENABLE_OF_LIBFDT 1 #define CONFIG_FIT_VERBOSE 1 /* enable fit_format_{error,warning}() */ #define CONFIG_FIT_RSASSA_PSS 1 -#define CONFIG_MD5 -#define CONFIG_SHA1 -#define CONFIG_SHA256 -#define CONFIG_SHA384 -#define CONFIG_SHA512 #define IMAGE_ENABLE_IGNORE 0 #define IMAGE_INDENT_STRING "" diff --git a/lib/Kconfig b/lib/Kconfig index 7899e756f99..64765acfa61 100644 --- a/lib/Kconfig +++ b/lib/Kconfig @@ -438,6 +438,24 @@ config SPL_SHA384 The SHA384 algorithm produces a 384-bit (48-byte) hash value (digest). +config SPL_SHA_HW_ACCEL + bool "Enable hardware acceleration for SHA hash functions" + default y if SHA_HW_ACCEL + help + This option enables hardware acceleration for the SHA1 and SHA256 + hashing algorithms. This affects the 'hash' command and also the + hash_lookup_algo() function. + +config SPL_SHA_PROG_HW_ACCEL + bool "Enable Progressive hashing support using hardware in SPL" + depends on SHA_PROG_HW_ACCEL + default y + help + This option enables hardware-acceleration for SHA progressive + hashing. + Data can be streamed in a block at a time and the hashing is + performed in hardware. + endif if SHA_HW_ACCEL diff --git a/tools/Kconfig b/tools/Kconfig index ea986ab0479..6ffc2c0aa31 100644 --- a/tools/Kconfig +++ b/tools/Kconfig @@ -45,4 +45,29 @@ config TOOLS_FIT_SIGNATURE_MAX_SIZE depends on TOOLS_FIT_SIGNATURE default 0x10000000 +config TOOLS_MD5 + def_bool y + help + Enable MD5 support in the tools builds + +config TOOLS_SHA1 + def_bool y + help + Enable SHA1 support in the tools builds + +config TOOLS_SHA256 + def_bool y + help + Enable SHA256 support in the tools builds + +config TOOLS_SHA384 + def_bool y + help + Enable SHA384 support in the tools builds + +config TOOLS_SHA512 + def_bool y + help + Enable SHA512 support in the tools builds + endmenu
At present when building host tools, we force CONFIG_SHAxxx to be enabled regardless of the board Kconfig setting. This is done in the image.h header file. For SPL we currently just assume the algorithm is desired if U-Boot proper enables it. Clean this up by adding new Kconfig options to enable hashing on the host, relying on CONFIG_IS_ENABLED() to deal with the different builds. Add new SPL Kconfigs for hardware-accelerated hashing, to maintain the current settings. This allows us to drop the image.h code and the I_WANT_MD5 hack. Signed-off-by: Simon Glass <sjg@chromium.org> --- Changes in v5: - Drop I_WANT_MD5 - Use TOOLS_ instead of HOST_ Changes in v2: - Add SPL_ Kconfigs also, since otherwise hashing algorithms drop from SPL common/hash.c | 49 +++++++++++++++++++++++-------------------------- include/image.h | 5 ----- lib/Kconfig | 18 ++++++++++++++++++ tools/Kconfig | 25 +++++++++++++++++++++++++ 4 files changed, 66 insertions(+), 31 deletions(-)