| Message ID | 20221204150554.4165941-10-trini@konsulko.com |
|---|---|
| State | Changes Requested |
| Delegated to: | Tom Rini |
| Headers | show |
| Series | [001/149] exynos: Rework legacy PWM usage | expand |
Hi Tom, On Mon, 5 Dec 2022 at 04:07, Tom Rini <trini@konsulko.com> wrote: > > While we do not want to use CONFIG_RSA_VERIFY_WITH_PKEY on the host, we > cannot undef the symbol in this manner. As this ends up only being a > single location in a file that already has other checks for HOST_CC, add > one more HOST_CC check instead. > > Signed-off-by: Tom Rini <trini@konsulko.com> > --- > lib/rsa/rsa-verify.c | 7 ++----- > 1 file changed, 2 insertions(+), 5 deletions(-) > > diff --git a/lib/rsa/rsa-verify.c b/lib/rsa/rsa-verify.c > index 9605c376390a..0662235be6f1 100644 > --- a/lib/rsa/rsa-verify.c > +++ b/lib/rsa/rsa-verify.c > @@ -23,18 +23,13 @@ > #include <u-boot/rsa-mod-exp.h> > #include <u-boot/rsa.h> > > -#ifndef __UBOOT__ > /* > * NOTE: > * Since host tools, like mkimage, make use of openssl library for > * RSA encryption, rsa_verify_with_pkey()/rsa_gen_key_prop() are > * of no use and should not be compiled in. > - * So just turn off CONFIG_RSA_VERIFY_WITH_PKEY. > */ > > -#undef CONFIG_RSA_VERIFY_WITH_PKEY > -#endif > - > /* Default public exponent for backward compatibility */ > #define RSA_DEFAULT_PUBEXP 65537 > > @@ -506,6 +501,7 @@ int rsa_verify_hash(struct image_sign_info *info, > { > int ret = -EACCES; > > +#if !defined(USE_HOSTCC) you can use if tools_build() here, I believe. I've been trying to avoid #if USE_HOSTCC > if (CONFIG_IS_ENABLED(RSA_VERIFY_WITH_PKEY) && !info->fdt_blob) { > /* don't rely on fdt properties */ > ret = rsa_verify_with_pkey(info, hash, sig, sig_len); > @@ -513,6 +509,7 @@ int rsa_verify_hash(struct image_sign_info *info, > debug("%s: rsa_verify_with_pkey() failed\n", __func__); > return ret; > } > +#endif > > if (CONFIG_IS_ENABLED(FIT_SIGNATURE)) { > const void *blob = info->fdt_blob; > -- > 2.25.1 > Regards, Simon
diff --git a/lib/rsa/rsa-verify.c b/lib/rsa/rsa-verify.c index 9605c376390a..0662235be6f1 100644 --- a/lib/rsa/rsa-verify.c +++ b/lib/rsa/rsa-verify.c @@ -23,18 +23,13 @@ #include <u-boot/rsa-mod-exp.h> #include <u-boot/rsa.h> -#ifndef __UBOOT__ /* * NOTE: * Since host tools, like mkimage, make use of openssl library for * RSA encryption, rsa_verify_with_pkey()/rsa_gen_key_prop() are * of no use and should not be compiled in. - * So just turn off CONFIG_RSA_VERIFY_WITH_PKEY. */ -#undef CONFIG_RSA_VERIFY_WITH_PKEY -#endif - /* Default public exponent for backward compatibility */ #define RSA_DEFAULT_PUBEXP 65537 @@ -506,6 +501,7 @@ int rsa_verify_hash(struct image_sign_info *info, { int ret = -EACCES; +#if !defined(USE_HOSTCC) if (CONFIG_IS_ENABLED(RSA_VERIFY_WITH_PKEY) && !info->fdt_blob) { /* don't rely on fdt properties */ ret = rsa_verify_with_pkey(info, hash, sig, sig_len); @@ -513,6 +509,7 @@ int rsa_verify_hash(struct image_sign_info *info, debug("%s: rsa_verify_with_pkey() failed\n", __func__); return ret; } +#endif if (CONFIG_IS_ENABLED(FIT_SIGNATURE)) { const void *blob = info->fdt_blob;
While we do not want to use CONFIG_RSA_VERIFY_WITH_PKEY on the host, we cannot undef the symbol in this manner. As this ends up only being a single location in a file that already has other checks for HOST_CC, add one more HOST_CC check instead. Signed-off-by: Tom Rini <trini@konsulko.com> --- lib/rsa/rsa-verify.c | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-)