u-boot.git/include/image.h, branch v2021.10 Unnamed repository; edit this file 'description' to name the repository. image: rsa: Move padding_algos to linker lists 2021-09-14T15:46:48+00:00 Alexandru Gagniuc mr.nuke.me@gmail.com 2021-08-18T22:49:02+00:00 de41f0ee0d68bcdf7d97018fdfe4bfe9fe3e53a2 We are not guaranteed to have the padding_pkcs_15_verify symbol since commit 92c960bc1d ("lib: rsa: Remove #ifdefs from rsa.h"), and commit 61416fe9df ("Kconfig: FIT_SIGNATURE should not select RSA_VERIFY") The padding_algos only make sense with RSA verification, which can now be disabled in lieu of ECDSA. In fact this will lead to build failures because of the missing symbol mentioned earlier. To resolve this, move the padding_algos to a linker list, with declarations moved to rsa_verify.c. This is consistent with commit 6909edb4ce ("image: rsa: Move verification algorithm to a linker list") One could argue that the added #ifdef USE_HOSTCC is ugly, and should be hidden within the U_BOOT_PADDING_ALGO() macro. However, this would be inconsistent with the "cryptos" list. This logic for was not previously explored: Without knowledge of the U_BOOT_PADDING_ALGO() macro, its use is similar to something being declared. However, should #ifndef USE_HOSTCC be part of the macro, it would not be obvious that it behaves differently on host code and target code. Having the #ifndef outside the macro makes this obvious. Also, the #ifdef is not always necessary. For example ecda-verify makes use of U_BOOT_CRYPTO_ALGO() without any accompanying #ifdefs. The fundamental issue is a lack of separation of host and target code in rsa_verify. Therefore, the declaration of a padding algo with the external #ifdef is more readable and consistent. Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com> 
We are not guaranteed to have the padding_pkcs_15_verify symbol since
commit 92c960bc1d ("lib: rsa: Remove #ifdefs from rsa.h"), and
commit 61416fe9df ("Kconfig: FIT_SIGNATURE should not select RSA_VERIFY")

The padding_algos only make sense with RSA verification, which can now
be disabled in lieu of ECDSA. In fact this will lead to build failures
because of the missing symbol mentioned earlier.

To resolve this, move the padding_algos to a linker list, with
declarations moved to rsa_verify.c. This is consistent with commit
6909edb4ce ("image: rsa: Move verification algorithm to a linker list")

One could argue that the added #ifdef USE_HOSTCC is ugly, and should
be hidden within the U_BOOT_PADDING_ALGO() macro. However, this would
be inconsistent with the "cryptos" list. This logic for was not
previously explored:

Without knowledge of the U_BOOT_PADDING_ALGO() macro, its use is
similar to something being declared. However, should #ifndef
USE_HOSTCC be part of the macro, it would not be obvious that it
behaves differently on host code and target code. Having the #ifndef
outside the macro makes this obvious.

Also, the #ifdef is not always necessary. For example ecda-verify
makes use of U_BOOT_CRYPTO_ALGO() without any accompanying #ifdefs.
The fundamental issue is a lack of separation of host and target code
in rsa_verify. Therefore, the declaration of a padding algo with the
external #ifdef is more readable and consistent.

Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
image: Drop IMAGE_ENABLE_{MD5, CRC32} #defines 2021-09-08T20:12:10+00:00 Alexandru Gagniuc mr.nuke.me@gmail.com 2021-09-03T00:54:22+00:00 0b905e25813a0b4e368730a147dadc7f55150edc These are no longer used, so drop them. Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com> 
These are no longer used, so drop them.

Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
common: Move MD5 hash to hash_algo[] array. 2021-09-08T20:11:46+00:00 Alexandru Gagniuc mr.nuke.me@gmail.com 2021-09-03T00:54:20+00:00 fe54aeaa4acbb41880b05acef9ef949e62d299dd MD5 is being called directly in some places, but it is not available via hash_lookup_algo("md5"). This is inconsistent with other hasing routines. To resolve this, add an "md5" entry to hash_algos[]. The #ifdef clause looks funnier than those for other entries. This is because both MD5 and SPL_MD5 configs exist, whereas the other hashes do not have "SPL_" entries. The long term plan is to get rid of the ifdefs, so those should not be expected to survive much longer. The md5 entry does not have .hash_init/update/finish members. That's okay because hash_progressive_lookup_algo() will catch that, and return -EPROTONOSUPPORT, while hash_lookup_algo() will return the correct pointer. Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com> [trini: Use CONFIG_IS_ENABLED not IS_ENABLED for MD5 check] Signed-off-by: Tom Rini <trini@konsulko.com> 
MD5 is being called directly in some places, but it is not available
via hash_lookup_algo("md5"). This is inconsistent with other hasing
routines. To resolve this, add an "md5" entry to hash_algos[].

The #ifdef clause looks funnier than those for other entries. This is
because both MD5 and SPL_MD5 configs exist, whereas the other hashes
do not have "SPL_" entries. The long term plan is to get rid of the
ifdefs, so those should not be expected to survive much longer.

The md5 entry does not have .hash_init/update/finish members. That's
okay because hash_progressive_lookup_algo() will catch that, and
return -EPROTONOSUPPORT, while hash_lookup_algo() will return the
correct pointer.

Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
[trini: Use CONFIG_IS_ENABLED not IS_ENABLED for MD5 check]
Signed-off-by: Tom Rini <trini@konsulko.com>
common: Remove unused CONFIG_FIT_SHAxxx selectors 2021-09-08T20:10:34+00:00 Alexandru Gagniuc mr.nuke.me@gmail.com 2021-09-03T00:54:17+00:00 eb5171ddec9d3b04c2517b60e69dc707e92cf716 Originally CONFIG_FIT_SHAxxx enabled specific SHA algos for and only for hash_calculate() in common/image-fit.c. However, since commit 14f061dcb1 ("image: Drop IMAGE_ENABLE_SHAxxx"), the correct selector was changed to CONFIG_SHAxxx. The extra "_FIT_" variants are neither used, nor needed. Remove them. One defconfig disables FIT_SHA256, which is now changed to 'SHA256'. CMD_MVEBU_BUBT needs to select select SHA256 to avoid undefined references to "sha256_*()". bubt.c needs sha256, so this selection is correct. It is not clear why this problem did not manifest before. Note that SHA selection in SPL is broken for this exact reason. There is no corresponding SPL_SHAxxx. Fixing this is is beyond the scope of this change. Also note that we make CONFIG_FIT now imply SHA256, to make up for FIT_SHA256 previously being a default y option. Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com> [trini: Add imply SHA256 to FIT] Signed-off-by: Tom Rini <trini@konsulko.com> 
Originally CONFIG_FIT_SHAxxx enabled specific SHA algos for and only
for hash_calculate() in common/image-fit.c. However, since commit
14f061dcb1 ("image: Drop IMAGE_ENABLE_SHAxxx"),
the correct selector was changed to CONFIG_SHAxxx.

The extra "_FIT_" variants are neither used, nor needed. Remove them.
One defconfig disables FIT_SHA256, which is now changed to 'SHA256'.

CMD_MVEBU_BUBT needs to select select SHA256 to avoid undefined
references to "sha256_*()". bubt.c needs sha256, so this selection is
correct. It is not clear why this problem did not manifest before.

Note that SHA selection in SPL is broken for this exact reason. There
is no corresponding SPL_SHAxxx. Fixing this is is beyond the scope of
this change.

Also note that we make CONFIG_FIT now imply SHA256, to make up for
FIT_SHA256 previously being a default y option.

Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
[trini: Add imply SHA256 to FIT]
Signed-off-by: Tom Rini <trini@konsulko.com>
image: Eliminate IMAGE_ENABLE_VERIFY_ECDSA macro 2021-07-16T19:39:29+00:00 Alexandru Gagniuc mr.nuke.me@gmail.com 2021-07-14T22:05:45+00:00 8387dba471de8d8668123ca0e158ab3f4f4bf81e This macro is no longer needed for code flow or #ifdefs. Remove it. Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com> Reviewed-by: Simon Glass <sjg@chromium.org> 
This macro is no longer needed for code flow or #ifdefs. Remove it.

Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
image: Eliminate IMAGE_ENABLE_VERIFY macro 2021-07-16T19:39:29+00:00 Alexandru Gagniuc mr.nuke.me@gmail.com 2021-07-14T22:05:44+00:00 8be1818a4f0c9ec14d04a244196c6e265fd973b7 This macro is no longer needed for code flow or #ifdefs. Remove it. Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com> Reviewed-by: Simon Glass <sjg@chromium.org> 
This macro is no longer needed for code flow or #ifdefs. Remove it.

Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
image: Add support for placing crypto_algo in linker lists 2021-07-16T16:58:56+00:00 Alexandru Gagniuc mr.nuke.me@gmail.com 2021-07-14T22:05:39+00:00 0980164b1306400e91e5ac389a514111ff74fc01 The purpose of this change is to enable crypto algorithms to be placed in linker lists, rather than be declared as a static array. The goal is to remove the crypto_algos array in a subsequent patch. Create a new linker list named "cryptos", and search it when image_get_crypto_algo() is invoked. NOTE that adding support for manual relocation of crypto_algos within linker lists is beyond the scope of this patch. Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com> Reviewed-by: Simon Glass <sjg@chromium.org> 
The purpose of this change is to enable crypto algorithms to be placed
in linker lists, rather than be declared as a static array. The goal
is to remove the crypto_algos array in a subsequent patch.

Create a new linker list named "cryptos", and search it when
image_get_crypto_algo() is invoked.

NOTE that adding support for manual relocation of crypto_algos within
linker lists is beyond the scope of this patch.

Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
image: Drop IMAGE_ENABLE_BEST_MATCH 2021-07-16T16:58:55+00:00 Simon Glass sjg@chromium.org 2021-07-14T22:05:36+00:00 70c1c8927e2c1fd97cd174d7924300d672e8313b This is not needed with Kconfig, since we can use IS_ENABLED() easily enough. Drop it. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Alexandru Gagniuc <mr.nuke.me@gmail.com> Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com> 
This is not needed with Kconfig, since we can use IS_ENABLED() easily
enough. Drop it.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
image: Drop IMAGE_ENABLE_SHAxxx 2021-07-16T16:58:55+00:00 Simon Glass sjg@chromium.org 2021-07-14T22:05:35+00:00 14f061dcb158a4ffbf09df10f2ac2d37c157437c We already have a host Kconfig for these SHA options. Use CONFIG_IS_ENABLED(SHAxxx) directly in the code shared with the host build, so we can drop the unnecessary indirections. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Alexandru Gagniuc <mr.nuke.me@gmail.com> Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com> 
We already have a host Kconfig for these SHA options. Use
CONFIG_IS_ENABLED(SHAxxx) directly in the code shared with the host build,
so we can drop the unnecessary indirections.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
image: Drop IMAGE_ENABLE_SHA1 2021-07-16T16:58:55+00:00 Simon Glass sjg@chromium.org 2021-07-14T22:05:34+00:00 0ad75696d078e56ca8e4d09a875de8107590ab8a We already have a host Kconfig for SHA1. Use CONFIG_IS_ENABLED(SHA1) directly in the code shared with the host build, so we can drop the unnecessary indirection. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Alexandru Gagniuc <mr.nuke.me@gmail.com> Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com> 
We already have a host Kconfig for SHA1. Use CONFIG_IS_ENABLED(SHA1)
directly in the code shared with the host build, so we can drop the
unnecessary indirection.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>