From 0003b8ada95068bef3522582fd7c211fb8b58e3c Mon Sep 17 00:00:00 2001 From: Simon Glass Date: Wed, 14 Jul 2021 17:05:29 -0500 Subject: image: Shorten FIT_ENABLE_SHAxxx_SUPPORT The ENABLE part of this name is redundant, since all boolean Kconfig options serve to enable something. The SUPPORT part is also redundant since Kconfigs can be assumed to enable support for something. Together they just serve to make these options overly long and inconsistent with other options. Rename FIT_ENABLE_SHAxxx_SUPPORT to FIT_SHAxxx Signed-off-by: Simon Glass Reviewed-by: Alexandru Gagniuc Signed-off-by: Alexandru Gagniuc --- include/image.h | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) (limited to 'include') diff --git a/include/image.h b/include/image.h index 0c24bf6f35f..e54f12f4729 100644 --- a/include/image.h +++ b/include/image.h @@ -31,9 +31,9 @@ struct fdt_region; #define IMAGE_ENABLE_OF_LIBFDT 1 #define CONFIG_FIT_VERBOSE 1 /* enable fit_format_{error,warning}() */ #define CONFIG_FIT_ENABLE_RSASSA_PSS_SUPPORT 1 -#define CONFIG_FIT_ENABLE_SHA256_SUPPORT -#define CONFIG_FIT_ENABLE_SHA384_SUPPORT -#define CONFIG_FIT_ENABLE_SHA512_SUPPORT +#define CONFIG_FIT_SHA256 +#define CONFIG_FIT_SHA384 +#define CONFIG_FIT_SHA512 #define CONFIG_SHA1 #define CONFIG_SHA256 #define CONFIG_SHA384 @@ -89,21 +89,21 @@ struct fdt_region; #define IMAGE_ENABLE_SHA1 0 #endif -#if defined(CONFIG_FIT_ENABLE_SHA256_SUPPORT) || \ +#if defined(CONFIG_FIT_SHA256) || \ defined(CONFIG_SPL_SHA256_SUPPORT) #define IMAGE_ENABLE_SHA256 1 #else #define IMAGE_ENABLE_SHA256 0 #endif -#if defined(CONFIG_FIT_ENABLE_SHA384_SUPPORT) || \ +#if defined(CONFIG_FIT_SHA384) || \ defined(CONFIG_SPL_SHA384_SUPPORT) #define IMAGE_ENABLE_SHA384 1 #else #define IMAGE_ENABLE_SHA384 0 #endif -#if defined(CONFIG_FIT_ENABLE_SHA512_SUPPORT) || \ +#if defined(CONFIG_FIT_SHA512) || \ defined(CONFIG_SPL_SHA512_SUPPORT) #define IMAGE_ENABLE_SHA512 1 #else -- cgit v1.3.1 From f5bc9c25f3159db2e420cdcff974980a5258a44f Mon Sep 17 00:00:00 2001 From: Simon Glass Date: Wed, 14 Jul 2021 17:05:30 -0500 Subject: image: Rename SPL_SHAxxx_SUPPORT to SPL_FIT_SHAxxx These option are named inconsistently with other SPL options, thus making them incompatible with the CONFIG_IS_ENABLED() macro. Rename them. Signed-off-by: Simon Glass Reviewed-by: Alexandru Gagniuc Signed-off-by: Alexandru Gagniuc --- common/spl/Kconfig | 8 ++++---- include/image.h | 8 ++++---- 2 files changed, 8 insertions(+), 8 deletions(-) (limited to 'include') diff --git a/common/spl/Kconfig b/common/spl/Kconfig index fa80524cfb2..2b89ce71c14 100644 --- a/common/spl/Kconfig +++ b/common/spl/Kconfig @@ -429,7 +429,7 @@ config SPL_MD5_SUPPORT applications where images may be changed maliciously, you should consider SHA256 or SHA384. -config SPL_SHA1_SUPPORT +config SPL_FIT_SHA1 bool "Support SHA1" depends on SPL_FIT select SHA1 @@ -441,7 +441,7 @@ config SPL_SHA1_SUPPORT due to the expanding computing power available to brute-force attacks. For more security, consider SHA256 or SHA384. -config SPL_SHA256_SUPPORT +config SPL_FIT_SHA256 bool "Support SHA256" depends on SPL_FIT select SHA256 @@ -450,7 +450,7 @@ config SPL_SHA256_SUPPORT checksum is a 256-bit (32-byte) hash value used to check that the image contents have not been corrupted. -config SPL_SHA384_SUPPORT +config SPL_FIT_SHA384 bool "Support SHA384" depends on SPL_FIT select SHA384 @@ -461,7 +461,7 @@ config SPL_SHA384_SUPPORT image contents have not been corrupted. Use this for the highest security. -config SPL_SHA512_SUPPORT +config SPL_FIT_SHA512 bool "Support SHA512" depends on SPL_FIT select SHA512 diff --git a/include/image.h b/include/image.h index e54f12f4729..bf92f6235de 100644 --- a/include/image.h +++ b/include/image.h @@ -68,7 +68,7 @@ struct fdt_region; # ifdef CONFIG_SPL_MD5_SUPPORT # define IMAGE_ENABLE_MD5 1 # endif -# ifdef CONFIG_SPL_SHA1_SUPPORT +# ifdef CONFIG_SPL_FIT_SHA1 # define IMAGE_ENABLE_SHA1 1 # endif # else @@ -90,21 +90,21 @@ struct fdt_region; #endif #if defined(CONFIG_FIT_SHA256) || \ - defined(CONFIG_SPL_SHA256_SUPPORT) + defined(CONFIG_SPL_FIT_SHA256) #define IMAGE_ENABLE_SHA256 1 #else #define IMAGE_ENABLE_SHA256 0 #endif #if defined(CONFIG_FIT_SHA384) || \ - defined(CONFIG_SPL_SHA384_SUPPORT) + defined(CONFIG_SPL_FIT_SHA384) #define IMAGE_ENABLE_SHA384 1 #else #define IMAGE_ENABLE_SHA384 0 #endif #if defined(CONFIG_FIT_SHA512) || \ - defined(CONFIG_SPL_SHA512_SUPPORT) + defined(CONFIG_SPL_FIT_SHA512) #define IMAGE_ENABLE_SHA512 1 #else #define IMAGE_ENABLE_SHA512 0 -- cgit v1.3.1 From ad74aed11e1dfe39b7f32dd855859abaf51d33f0 Mon Sep 17 00:00:00 2001 From: Simon Glass Date: Wed, 14 Jul 2021 17:05:31 -0500 Subject: image: Rename CONFIG_FIT_ENABLE_RSASSA_PSS_SUPPORT Drop the ENABLE and SUPPORT parts of this, which are redundant. Signed-off-by: Simon Glass Reviewed-by: Alexandru Gagniuc Signed-off-by: Alexandru Gagniuc --- common/Kconfig.boot | 2 +- common/image-sig.c | 4 ++-- configs/bcm963158_ram_defconfig | 2 +- configs/sandbox_defconfig | 2 +- include/image.h | 2 +- include/u-boot/rsa.h | 8 ++++---- lib/rsa/rsa-sign.c | 4 ++-- lib/rsa/rsa-verify.c | 2 +- 8 files changed, 13 insertions(+), 13 deletions(-) (limited to 'include') diff --git a/common/Kconfig.boot b/common/Kconfig.boot index d28ce96a28e..ae3f2b6f62b 100644 --- a/common/Kconfig.boot +++ b/common/Kconfig.boot @@ -103,7 +103,7 @@ config FIT_SIGNATURE_MAX_SIZE device memory. Assure this size does not extend past expected storage space. -config FIT_ENABLE_RSASSA_PSS_SUPPORT +config FIT_RSASSA_PSS bool "Support rsassa-pss signature scheme of FIT image contents" depends on FIT_SIGNATURE default n diff --git a/common/image-sig.c b/common/image-sig.c index 0f8e592aba7..8b5cecbfa43 100644 --- a/common/image-sig.c +++ b/common/image-sig.c @@ -99,12 +99,12 @@ struct padding_algo padding_algos[] = { .name = "pkcs-1.5", .verify = padding_pkcs_15_verify, }, -#ifdef CONFIG_FIT_ENABLE_RSASSA_PSS_SUPPORT +#ifdef CONFIG_FIT_RSASSA_PSS { .name = "pss", .verify = padding_pss_verify, } -#endif /* CONFIG_FIT_ENABLE_RSASSA_PSS_SUPPORT */ +#endif /* CONFIG_FIT_RSASSA_PSS */ }; struct checksum_algo *image_get_checksum_algo(const char *full_name) diff --git a/configs/bcm963158_ram_defconfig b/configs/bcm963158_ram_defconfig index 4eb3986c618..f7f1b353892 100644 --- a/configs/bcm963158_ram_defconfig +++ b/configs/bcm963158_ram_defconfig @@ -11,7 +11,7 @@ CONFIG_TARGET_BCM963158=y CONFIG_ENV_VARS_UBOOT_CONFIG=y CONFIG_FIT=y CONFIG_FIT_SIGNATURE=y -CONFIG_FIT_ENABLE_RSASSA_PSS_SUPPORT=y +CONFIG_FIT_RSASSA_PSS=y CONFIG_FIT_VERBOSE=y CONFIG_LEGACY_IMAGE_FORMAT=y CONFIG_SUPPORT_RAW_INITRD=y diff --git a/configs/sandbox_defconfig b/configs/sandbox_defconfig index fc687e3c52e..1655bb1e8a2 100644 --- a/configs/sandbox_defconfig +++ b/configs/sandbox_defconfig @@ -10,7 +10,7 @@ CONFIG_DEBUG_UART=y CONFIG_DISTRO_DEFAULTS=y CONFIG_FIT=y CONFIG_FIT_SIGNATURE=y -CONFIG_FIT_ENABLE_RSASSA_PSS_SUPPORT=y +CONFIG_FIT_RSASSA_PSS=y CONFIG_FIT_CIPHER=y CONFIG_FIT_VERBOSE=y CONFIG_BOOTSTAGE=y diff --git a/include/image.h b/include/image.h index bf92f6235de..b242007b9c1 100644 --- a/include/image.h +++ b/include/image.h @@ -30,7 +30,7 @@ struct fdt_region; #define IMAGE_ENABLE_FIT 1 #define IMAGE_ENABLE_OF_LIBFDT 1 #define CONFIG_FIT_VERBOSE 1 /* enable fit_format_{error,warning}() */ -#define CONFIG_FIT_ENABLE_RSASSA_PSS_SUPPORT 1 +#define CONFIG_FIT_RSASSA_PSS 1 #define CONFIG_FIT_SHA256 #define CONFIG_FIT_SHA384 #define CONFIG_FIT_SHA512 diff --git a/include/u-boot/rsa.h b/include/u-boot/rsa.h index bed1c097c2c..bc564d56fa3 100644 --- a/include/u-boot/rsa.h +++ b/include/u-boot/rsa.h @@ -119,11 +119,11 @@ int padding_pkcs_15_verify(struct image_sign_info *info, uint8_t *msg, int msg_len, const uint8_t *hash, int hash_len); -#ifdef CONFIG_FIT_ENABLE_RSASSA_PSS_SUPPORT +#ifdef CONFIG_FIT_RSASSA_PSS int padding_pss_verify(struct image_sign_info *info, uint8_t *msg, int msg_len, const uint8_t *hash, int hash_len); -#endif /* CONFIG_FIT_ENABLE_RSASSA_PSS_SUPPORT */ +#endif /* CONFIG_FIT_RSASSA_PSS */ #else static inline int rsa_verify_hash(struct image_sign_info *info, const uint8_t *hash, @@ -146,14 +146,14 @@ static inline int padding_pkcs_15_verify(struct image_sign_info *info, return -ENXIO; } -#ifdef CONFIG_FIT_ENABLE_RSASSA_PSS_SUPPORT +#ifdef CONFIG_FIT_RSASSA_PSS static inline int padding_pss_verify(struct image_sign_info *info, uint8_t *msg, int msg_len, const uint8_t *hash, int hash_len) { return -ENXIO; } -#endif /* CONFIG_FIT_ENABLE_RSASSA_PSS_SUPPORT */ +#endif /* CONFIG_FIT_RSASSA_PSS */ #endif #define RSA_DEFAULT_PADDING_NAME "pkcs-1.5" diff --git a/lib/rsa/rsa-sign.c b/lib/rsa/rsa-sign.c index 5a1583b8f75..f4ed11e74a4 100644 --- a/lib/rsa/rsa-sign.c +++ b/lib/rsa/rsa-sign.c @@ -442,7 +442,7 @@ static int rsa_sign_with_key(EVP_PKEY *pkey, struct padding_algo *padding_algo, goto err_sign; } -#ifdef CONFIG_FIT_ENABLE_RSASSA_PSS_SUPPORT +#ifdef CONFIG_FIT_RSASSA_PSS if (padding_algo && !strcmp(padding_algo->name, "pss")) { if (EVP_PKEY_CTX_set_rsa_padding(ckey, RSA_PKCS1_PSS_PADDING) <= 0) { @@ -450,7 +450,7 @@ static int rsa_sign_with_key(EVP_PKEY *pkey, struct padding_algo *padding_algo, goto err_sign; } } -#endif /* CONFIG_FIT_ENABLE_RSASSA_PSS_SUPPORT */ +#endif /* CONFIG_FIT_RSASSA_PSS */ for (i = 0; i < region_count; i++) { if (!EVP_DigestSignUpdate(context, region[i].data, diff --git a/lib/rsa/rsa-verify.c b/lib/rsa/rsa-verify.c index aee76f42d57..1998c773fc7 100644 --- a/lib/rsa/rsa-verify.c +++ b/lib/rsa/rsa-verify.c @@ -95,7 +95,7 @@ int padding_pkcs_15_verify(struct image_sign_info *info, return 0; } -#ifdef CONFIG_FIT_ENABLE_RSASSA_PSS_SUPPORT +#ifdef CONFIG_FIT_RSASSA_PSS static void u32_i2osp(uint32_t val, uint8_t *buf) { buf[0] = (uint8_t)((val >> 24) & 0xff); -- cgit v1.3.1 From 1e52db6799172cdd1612e0394da050d29164a13f Mon Sep 17 00:00:00 2001 From: Simon Glass Date: Wed, 14 Jul 2021 17:05:32 -0500 Subject: Kconfig: Rename SPL_CRC32_SUPPORT to SPL_CRC32 Drop the _SUPPORT suffix so we can use CONFIG_IS_ENABLED() with this option. Signed-off-by: Simon Glass Reviewed-by: Alexandru Gagniuc Signed-off-by: Alexandru Gagniuc --- common/spl/Kconfig | 4 ++-- configs/axm_defconfig | 2 +- configs/chromebit_mickey_defconfig | 2 +- configs/chromebook_jerry_defconfig | 2 +- configs/chromebook_minnie_defconfig | 2 +- configs/chromebook_speedy_defconfig | 2 +- configs/evb-px30_defconfig | 2 +- configs/firefly-px30_defconfig | 2 +- configs/imxrt1020-evk_defconfig | 2 +- configs/imxrt1050-evk_defconfig | 2 +- configs/odroid-go2_defconfig | 2 +- configs/px30-core-ctouch2-px30_defconfig | 2 +- configs/px30-core-edimm2.2-px30_defconfig | 2 +- configs/socfpga_agilex_atf_defconfig | 2 +- configs/socfpga_agilex_vab_defconfig | 2 +- configs/socfpga_stratix10_atf_defconfig | 2 +- configs/taurus_defconfig | 2 +- include/image.h | 2 +- 18 files changed, 19 insertions(+), 19 deletions(-) (limited to 'include') diff --git a/common/spl/Kconfig b/common/spl/Kconfig index 2b89ce71c14..896526aec6c 100644 --- a/common/spl/Kconfig +++ b/common/spl/Kconfig @@ -204,7 +204,7 @@ config SPL_LEGACY_IMAGE_SUPPORT config SPL_LEGACY_IMAGE_CRC_CHECK bool "Check CRC of Legacy images" depends on SPL_LEGACY_IMAGE_SUPPORT - select SPL_CRC32_SUPPORT + select SPL_CRC32 help Enable this to check the CRC of Legacy images. While this increases reliability, it affects both code size and boot duration. @@ -407,7 +407,7 @@ config SYS_MMCSD_RAW_MODE_EMMC_BOOT_PARTITION the eMMC EXT_CSC_PART_CONFIG selection should be overridden in SPL by user defined partition number. -config SPL_CRC32_SUPPORT +config SPL_CRC32 bool "Support CRC32" default y if SPL_LEGACY_IMAGE_SUPPORT help diff --git a/configs/axm_defconfig b/configs/axm_defconfig index b613c5f8cd2..cb642969939 100644 --- a/configs/axm_defconfig +++ b/configs/axm_defconfig @@ -32,7 +32,7 @@ CONFIG_BOOTCOMMAND="run flash_self" CONFIG_BOARD_EARLY_INIT_F=y # CONFIG_SPL_LEGACY_IMAGE_SUPPORT is not set CONFIG_SPL_SYS_MALLOC_SIMPLE=y -CONFIG_SPL_CRC32_SUPPORT=y +CONFIG_SPL_CRC32=y CONFIG_SPL_NAND_SUPPORT=y CONFIG_SPL_NAND_DRIVERS=y CONFIG_SPL_NAND_ECC=y diff --git a/configs/chromebit_mickey_defconfig b/configs/chromebit_mickey_defconfig index d652ab807dc..0e634246052 100644 --- a/configs/chromebit_mickey_defconfig +++ b/configs/chromebit_mickey_defconfig @@ -25,7 +25,7 @@ CONFIG_BOARD_EARLY_INIT_R=y CONFIG_SPL_STACK_R=y CONFIG_SPL_STACK_R_MALLOC_SIMPLE_LEN=0x2000 # CONFIG_SYS_MMCSD_RAW_MODE_U_BOOT_USE_SECTOR is not set -# CONFIG_SPL_CRC32_SUPPORT is not set +# CONFIG_SPL_CRC32 is not set CONFIG_SPL_SPI_LOAD=y CONFIG_CMD_GPIO=y CONFIG_CMD_GPT=y diff --git a/configs/chromebook_jerry_defconfig b/configs/chromebook_jerry_defconfig index 5bb2735c419..dc5d06d65f5 100644 --- a/configs/chromebook_jerry_defconfig +++ b/configs/chromebook_jerry_defconfig @@ -26,7 +26,7 @@ CONFIG_BOARD_EARLY_INIT_R=y CONFIG_SPL_STACK_R=y CONFIG_SPL_STACK_R_MALLOC_SIMPLE_LEN=0x2000 # CONFIG_SYS_MMCSD_RAW_MODE_U_BOOT_USE_SECTOR is not set -# CONFIG_SPL_CRC32_SUPPORT is not set +# CONFIG_SPL_CRC32 is not set CONFIG_SPL_SPI_LOAD=y CONFIG_CMD_GPIO=y CONFIG_CMD_GPT=y diff --git a/configs/chromebook_minnie_defconfig b/configs/chromebook_minnie_defconfig index 2549c49e8b8..0a1d5930f60 100644 --- a/configs/chromebook_minnie_defconfig +++ b/configs/chromebook_minnie_defconfig @@ -26,7 +26,7 @@ CONFIG_BOARD_EARLY_INIT_R=y CONFIG_SPL_STACK_R=y CONFIG_SPL_STACK_R_MALLOC_SIMPLE_LEN=0x2000 # CONFIG_SYS_MMCSD_RAW_MODE_U_BOOT_USE_SECTOR is not set -# CONFIG_SPL_CRC32_SUPPORT is not set +# CONFIG_SPL_CRC32 is not set CONFIG_SPL_SPI_LOAD=y CONFIG_CMD_GPIO=y CONFIG_CMD_GPT=y diff --git a/configs/chromebook_speedy_defconfig b/configs/chromebook_speedy_defconfig index 8f7c70a8dfd..709af4cad56 100644 --- a/configs/chromebook_speedy_defconfig +++ b/configs/chromebook_speedy_defconfig @@ -26,7 +26,7 @@ CONFIG_BOARD_EARLY_INIT_R=y CONFIG_SPL_STACK_R=y CONFIG_SPL_STACK_R_MALLOC_SIMPLE_LEN=0x2000 # CONFIG_SYS_MMCSD_RAW_MODE_U_BOOT_USE_SECTOR is not set -# CONFIG_SPL_CRC32_SUPPORT is not set +# CONFIG_SPL_CRC32 is not set CONFIG_SPL_SPI_LOAD=y CONFIG_CMD_GPIO=y CONFIG_CMD_GPT=y diff --git a/configs/evb-px30_defconfig b/configs/evb-px30_defconfig index 8bcf8edec5b..d3b52c127a9 100644 --- a/configs/evb-px30_defconfig +++ b/configs/evb-px30_defconfig @@ -29,7 +29,7 @@ CONFIG_SPL_BOOTROM_SUPPORT=y # CONFIG_SPL_RAW_IMAGE_SUPPORT is not set CONFIG_SPL_STACK_R=y # CONFIG_TPL_BANNER_PRINT is not set -CONFIG_SPL_CRC32_SUPPORT=y +CONFIG_SPL_CRC32=y CONFIG_SPL_ATF=y # CONFIG_TPL_FRAMEWORK is not set # CONFIG_CMD_BOOTD is not set diff --git a/configs/firefly-px30_defconfig b/configs/firefly-px30_defconfig index d902ab7a9b3..1f24f927da9 100644 --- a/configs/firefly-px30_defconfig +++ b/configs/firefly-px30_defconfig @@ -30,7 +30,7 @@ CONFIG_SPL_BOOTROM_SUPPORT=y # CONFIG_SPL_RAW_IMAGE_SUPPORT is not set CONFIG_SPL_STACK_R=y # CONFIG_TPL_BANNER_PRINT is not set -CONFIG_SPL_CRC32_SUPPORT=y +CONFIG_SPL_CRC32=y CONFIG_SPL_ATF=y # CONFIG_TPL_FRAMEWORK is not set # CONFIG_CMD_BOOTD is not set diff --git a/configs/imxrt1020-evk_defconfig b/configs/imxrt1020-evk_defconfig index 0dc3743f887..79b25be6784 100644 --- a/configs/imxrt1020-evk_defconfig +++ b/configs/imxrt1020-evk_defconfig @@ -24,7 +24,7 @@ CONFIG_SPL_BOARD_INIT=y CONFIG_SPL_SYS_MALLOC_SIMPLE=y CONFIG_SYS_MMCSD_RAW_MODE_U_BOOT_USE_SECTOR=y CONFIG_SYS_MMCSD_RAW_MODE_U_BOOT_SECTOR=0x100 -# CONFIG_SPL_CRC32_SUPPORT is not set +# CONFIG_SPL_CRC32 is not set # CONFIG_BOOTM_NETBSD is not set # CONFIG_BOOTM_PLAN9 is not set # CONFIG_BOOTM_RTEMS is not set diff --git a/configs/imxrt1050-evk_defconfig b/configs/imxrt1050-evk_defconfig index 0e426ce1fff..ca72f8c1697 100644 --- a/configs/imxrt1050-evk_defconfig +++ b/configs/imxrt1050-evk_defconfig @@ -27,7 +27,7 @@ CONFIG_SPL_BOARD_INIT=y CONFIG_SPL_SYS_MALLOC_SIMPLE=y CONFIG_SYS_MMCSD_RAW_MODE_U_BOOT_USE_SECTOR=y CONFIG_SYS_MMCSD_RAW_MODE_U_BOOT_SECTOR=0x100 -# CONFIG_SPL_CRC32_SUPPORT is not set +# CONFIG_SPL_CRC32 is not set # CONFIG_BOOTM_NETBSD is not set # CONFIG_BOOTM_PLAN9 is not set # CONFIG_BOOTM_RTEMS is not set diff --git a/configs/odroid-go2_defconfig b/configs/odroid-go2_defconfig index f5b03a30ab8..7cb32f1f719 100644 --- a/configs/odroid-go2_defconfig +++ b/configs/odroid-go2_defconfig @@ -33,7 +33,7 @@ CONFIG_SPL_BOOTROM_SUPPORT=y # CONFIG_SPL_RAW_IMAGE_SUPPORT is not set CONFIG_SPL_STACK_R=y # CONFIG_TPL_BANNER_PRINT is not set -CONFIG_SPL_CRC32_SUPPORT=y +CONFIG_SPL_CRC32=y CONFIG_SPL_I2C_SUPPORT=y CONFIG_SPL_POWER_SUPPORT=y CONFIG_SPL_ATF=y diff --git a/configs/px30-core-ctouch2-px30_defconfig b/configs/px30-core-ctouch2-px30_defconfig index 3e50d871bf3..0b30ef6a0e0 100644 --- a/configs/px30-core-ctouch2-px30_defconfig +++ b/configs/px30-core-ctouch2-px30_defconfig @@ -30,7 +30,7 @@ CONFIG_SPL_BOOTROM_SUPPORT=y # CONFIG_SPL_RAW_IMAGE_SUPPORT is not set CONFIG_SPL_STACK_R=y # CONFIG_TPL_BANNER_PRINT is not set -CONFIG_SPL_CRC32_SUPPORT=y +CONFIG_SPL_CRC32=y CONFIG_SPL_ATF=y # CONFIG_TPL_FRAMEWORK is not set # CONFIG_CMD_BOOTD is not set diff --git a/configs/px30-core-edimm2.2-px30_defconfig b/configs/px30-core-edimm2.2-px30_defconfig index 01e0b5a80ab..46a4fb97e3c 100644 --- a/configs/px30-core-edimm2.2-px30_defconfig +++ b/configs/px30-core-edimm2.2-px30_defconfig @@ -30,7 +30,7 @@ CONFIG_SPL_BOOTROM_SUPPORT=y # CONFIG_SPL_RAW_IMAGE_SUPPORT is not set CONFIG_SPL_STACK_R=y # CONFIG_TPL_BANNER_PRINT is not set -CONFIG_SPL_CRC32_SUPPORT=y +CONFIG_SPL_CRC32=y CONFIG_SPL_ATF=y # CONFIG_TPL_FRAMEWORK is not set # CONFIG_CMD_BOOTD is not set diff --git a/configs/socfpga_agilex_atf_defconfig b/configs/socfpga_agilex_atf_defconfig index 69215756356..1a57a6e5d9d 100644 --- a/configs/socfpga_agilex_atf_defconfig +++ b/configs/socfpga_agilex_atf_defconfig @@ -23,7 +23,7 @@ CONFIG_USE_BOOTARGS=y CONFIG_BOOTARGS="earlycon" CONFIG_USE_BOOTCOMMAND=y CONFIG_BOOTCOMMAND="run fatscript; run mmcfitload; run linux_qspi_enable; run mmcfitboot" -CONFIG_SPL_CRC32_SUPPORT=y +CONFIG_SPL_CRC32=y CONFIG_SPL_CACHE=y CONFIG_SPL_SPI_LOAD=y CONFIG_SPL_ATF=y diff --git a/configs/socfpga_agilex_vab_defconfig b/configs/socfpga_agilex_vab_defconfig index 97eb7b4630e..3135b61d6bf 100644 --- a/configs/socfpga_agilex_vab_defconfig +++ b/configs/socfpga_agilex_vab_defconfig @@ -24,7 +24,7 @@ CONFIG_USE_BOOTARGS=y CONFIG_BOOTARGS="earlycon" CONFIG_USE_BOOTCOMMAND=y CONFIG_BOOTCOMMAND="run fatscript; run mmcfitload; run mmcfitboot" -CONFIG_SPL_CRC32_SUPPORT=y +CONFIG_SPL_CRC32=y CONFIG_SPL_CACHE=y CONFIG_SPL_SPI_LOAD=y CONFIG_SPL_ATF=y diff --git a/configs/socfpga_stratix10_atf_defconfig b/configs/socfpga_stratix10_atf_defconfig index cd1b6f9bba7..4eed5476a98 100644 --- a/configs/socfpga_stratix10_atf_defconfig +++ b/configs/socfpga_stratix10_atf_defconfig @@ -23,7 +23,7 @@ CONFIG_USE_BOOTARGS=y CONFIG_BOOTARGS="earlycon" CONFIG_USE_BOOTCOMMAND=y CONFIG_BOOTCOMMAND="run fatscript; run mmcfitload; run linux_qspi_enable; run mmcfitboot" -CONFIG_SPL_CRC32_SUPPORT=y +CONFIG_SPL_CRC32=y CONFIG_SPL_SPI_LOAD=y CONFIG_SPL_ATF=y CONFIG_SPL_ATF_NO_PLATFORM_PARAM=y diff --git a/configs/taurus_defconfig b/configs/taurus_defconfig index ce09450c9ef..4c47d7b5eab 100644 --- a/configs/taurus_defconfig +++ b/configs/taurus_defconfig @@ -36,7 +36,7 @@ CONFIG_BOOTCOMMAND="nand read 0x22000000 0x200000 0x300000; bootm" CONFIG_BOARD_EARLY_INIT_F=y # CONFIG_SPL_LEGACY_IMAGE_SUPPORT is not set CONFIG_SPL_SYS_MALLOC_SIMPLE=y -CONFIG_SPL_CRC32_SUPPORT=y +CONFIG_SPL_CRC32=y CONFIG_SPL_NAND_SUPPORT=y CONFIG_SPL_NAND_DRIVERS=y CONFIG_SPL_NAND_ECC=y diff --git a/include/image.h b/include/image.h index b242007b9c1..e2037d31597 100644 --- a/include/image.h +++ b/include/image.h @@ -62,7 +62,7 @@ struct fdt_region; #include #include # ifdef CONFIG_SPL_BUILD -# ifdef CONFIG_SPL_CRC32_SUPPORT +# ifdef CONFIG_SPL_CRC32 # define IMAGE_ENABLE_CRC32 1 # endif # ifdef CONFIG_SPL_MD5_SUPPORT -- cgit v1.3.1 From 4b00fd1a84c1ef15f640da1d7a1081d0dbfbfbfe Mon Sep 17 00:00:00 2001 From: Simon Glass Date: Wed, 14 Jul 2021 17:05:33 -0500 Subject: Kconfig: Rename SPL_MD5_SUPPORT to SPL_MD5 Drop the _SUPPORT suffix so we can use CONFIG_IS_ENABLED() with this option. Signed-off-by: Simon Glass Reviewed-by: Alexandru Gagniuc Signed-off-by: Alexandru Gagniuc --- common/spl/Kconfig | 2 +- include/image.h | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'include') diff --git a/common/spl/Kconfig b/common/spl/Kconfig index 896526aec6c..2df3e5d8690 100644 --- a/common/spl/Kconfig +++ b/common/spl/Kconfig @@ -417,7 +417,7 @@ config SPL_CRC32 for detected accidental image corruption. For secure applications you should consider SHA1 or SHA256. -config SPL_MD5_SUPPORT +config SPL_MD5 bool "Support MD5" depends on SPL_FIT help diff --git a/include/image.h b/include/image.h index e2037d31597..124448f9e4f 100644 --- a/include/image.h +++ b/include/image.h @@ -65,7 +65,7 @@ struct fdt_region; # ifdef CONFIG_SPL_CRC32 # define IMAGE_ENABLE_CRC32 1 # endif -# ifdef CONFIG_SPL_MD5_SUPPORT +# ifdef CONFIG_SPL_MD5 # define IMAGE_ENABLE_MD5 1 # endif # ifdef CONFIG_SPL_FIT_SHA1 -- cgit v1.3.1 From 0ad75696d078e56ca8e4d09a875de8107590ab8a Mon Sep 17 00:00:00 2001 From: Simon Glass Date: Wed, 14 Jul 2021 17:05:34 -0500 Subject: image: Drop IMAGE_ENABLE_SHA1 We already have a host Kconfig for SHA1. Use CONFIG_IS_ENABLED(SHA1) directly in the code shared with the host build, so we can drop the unnecessary indirection. Signed-off-by: Simon Glass Reviewed-by: Alexandru Gagniuc Signed-off-by: Alexandru Gagniuc --- common/image-fit.c | 2 +- include/image.h | 8 -------- 2 files changed, 1 insertion(+), 9 deletions(-) (limited to 'include') diff --git a/common/image-fit.c b/common/image-fit.c index e9b455deadb..9a47d1becfd 100644 --- a/common/image-fit.c +++ b/common/image-fit.c @@ -1219,7 +1219,7 @@ int calculate_hash(const void *data, int data_len, const char *algo, CHUNKSZ_CRC32); *((uint32_t *)value) = cpu_to_uimage(*((uint32_t *)value)); *value_len = 4; - } else if (IMAGE_ENABLE_SHA1 && strcmp(algo, "sha1") == 0) { + } else if (CONFIG_IS_ENABLED(SHA1) && strcmp(algo, "sha1") == 0) { sha1_csum_wd((unsigned char *)data, data_len, (unsigned char *)value, CHUNKSZ_SHA1); *value_len = 20; diff --git a/include/image.h b/include/image.h index 124448f9e4f..bca9033e7f0 100644 --- a/include/image.h +++ b/include/image.h @@ -68,13 +68,9 @@ struct fdt_region; # ifdef CONFIG_SPL_MD5 # define IMAGE_ENABLE_MD5 1 # endif -# ifdef CONFIG_SPL_FIT_SHA1 -# define IMAGE_ENABLE_SHA1 1 -# endif # else # define IMAGE_ENABLE_CRC32 1 # define IMAGE_ENABLE_MD5 1 -# define IMAGE_ENABLE_SHA1 1 # endif #ifndef IMAGE_ENABLE_CRC32 @@ -85,10 +81,6 @@ struct fdt_region; #define IMAGE_ENABLE_MD5 0 #endif -#ifndef IMAGE_ENABLE_SHA1 -#define IMAGE_ENABLE_SHA1 0 -#endif - #if defined(CONFIG_FIT_SHA256) || \ defined(CONFIG_SPL_FIT_SHA256) #define IMAGE_ENABLE_SHA256 1 -- cgit v1.3.1 From 14f061dcb158a4ffbf09df10f2ac2d37c157437c Mon Sep 17 00:00:00 2001 From: Simon Glass Date: Wed, 14 Jul 2021 17:05:35 -0500 Subject: image: Drop IMAGE_ENABLE_SHAxxx We already have a host Kconfig for these SHA options. Use CONFIG_IS_ENABLED(SHAxxx) directly in the code shared with the host build, so we can drop the unnecessary indirections. Signed-off-by: Simon Glass Reviewed-by: Alexandru Gagniuc Signed-off-by: Alexandru Gagniuc --- common/image-fit.c | 6 +++--- include/image.h | 21 --------------------- 2 files changed, 3 insertions(+), 24 deletions(-) (limited to 'include') diff --git a/common/image-fit.c b/common/image-fit.c index 9a47d1becfd..031d9d34c31 100644 --- a/common/image-fit.c +++ b/common/image-fit.c @@ -1223,15 +1223,15 @@ int calculate_hash(const void *data, int data_len, const char *algo, sha1_csum_wd((unsigned char *)data, data_len, (unsigned char *)value, CHUNKSZ_SHA1); *value_len = 20; - } else if (IMAGE_ENABLE_SHA256 && strcmp(algo, "sha256") == 0) { + } else if (CONFIG_IS_ENABLED(SHA256) && strcmp(algo, "sha256") == 0) { sha256_csum_wd((unsigned char *)data, data_len, (unsigned char *)value, CHUNKSZ_SHA256); *value_len = SHA256_SUM_LEN; - } else if (IMAGE_ENABLE_SHA384 && strcmp(algo, "sha384") == 0) { + } else if (CONFIG_IS_ENABLED(SHA384) && strcmp(algo, "sha384") == 0) { sha384_csum_wd((unsigned char *)data, data_len, (unsigned char *)value, CHUNKSZ_SHA384); *value_len = SHA384_SUM_LEN; - } else if (IMAGE_ENABLE_SHA512 && strcmp(algo, "sha512") == 0) { + } else if (CONFIG_IS_ENABLED(SHA512) && strcmp(algo, "sha512") == 0) { sha512_csum_wd((unsigned char *)data, data_len, (unsigned char *)value, CHUNKSZ_SHA512); *value_len = SHA512_SUM_LEN; diff --git a/include/image.h b/include/image.h index bca9033e7f0..dbb9bd0174a 100644 --- a/include/image.h +++ b/include/image.h @@ -81,27 +81,6 @@ struct fdt_region; #define IMAGE_ENABLE_MD5 0 #endif -#if defined(CONFIG_FIT_SHA256) || \ - defined(CONFIG_SPL_FIT_SHA256) -#define IMAGE_ENABLE_SHA256 1 -#else -#define IMAGE_ENABLE_SHA256 0 -#endif - -#if defined(CONFIG_FIT_SHA384) || \ - defined(CONFIG_SPL_FIT_SHA384) -#define IMAGE_ENABLE_SHA384 1 -#else -#define IMAGE_ENABLE_SHA384 0 -#endif - -#if defined(CONFIG_FIT_SHA512) || \ - defined(CONFIG_SPL_FIT_SHA512) -#define IMAGE_ENABLE_SHA512 1 -#else -#define IMAGE_ENABLE_SHA512 0 -#endif - #endif /* IMAGE_ENABLE_FIT */ #ifdef CONFIG_SYS_BOOT_GET_CMDLINE -- cgit v1.3.1 From 70c1c8927e2c1fd97cd174d7924300d672e8313b Mon Sep 17 00:00:00 2001 From: Simon Glass Date: Wed, 14 Jul 2021 17:05:36 -0500 Subject: image: Drop IMAGE_ENABLE_BEST_MATCH This is not needed with Kconfig, since we can use IS_ENABLED() easily enough. Drop it. Signed-off-by: Simon Glass Reviewed-by: Alexandru Gagniuc Signed-off-by: Alexandru Gagniuc --- common/image-fit.c | 2 +- include/image.h | 5 ----- 2 files changed, 1 insertion(+), 6 deletions(-) (limited to 'include') diff --git a/common/image-fit.c b/common/image-fit.c index 031d9d34c31..8e23d51cf25 100644 --- a/common/image-fit.c +++ b/common/image-fit.c @@ -2027,7 +2027,7 @@ int fit_image_load(bootm_headers_t *images, ulong addr, * fit_conf_get_node() will try to find default config node */ bootstage_mark(bootstage_id + BOOTSTAGE_SUB_NO_UNIT_NAME); - if (IMAGE_ENABLE_BEST_MATCH && !fit_uname_config) { + if (IS_ENABLED(CONFIG_FIT_BEST_MATCH) && !fit_uname_config) { cfg_noffset = fit_conf_find_compat(fit, gd_fdt_blob()); } else { cfg_noffset = fit_conf_get_node(fit, diff --git a/include/image.h b/include/image.h index dbb9bd0174a..8b420f2c02c 100644 --- a/include/image.h +++ b/include/image.h @@ -1221,11 +1221,6 @@ void image_set_host_blob(void *host_blob); # define gd_fdt_blob() (gd->fdt_blob) #endif -#ifdef CONFIG_FIT_BEST_MATCH -#define IMAGE_ENABLE_BEST_MATCH 1 -#else -#define IMAGE_ENABLE_BEST_MATCH 0 -#endif #endif /* IMAGE_ENABLE_FIT */ /* -- cgit v1.3.1 From 0980164b1306400e91e5ac389a514111ff74fc01 Mon Sep 17 00:00:00 2001 From: Alexandru Gagniuc Date: Wed, 14 Jul 2021 17:05:39 -0500 Subject: image: Add support for placing crypto_algo in linker lists The purpose of this change is to enable crypto algorithms to be placed in linker lists, rather than be declared as a static array. The goal is to remove the crypto_algos array in a subsequent patch. Create a new linker list named "cryptos", and search it when image_get_crypto_algo() is invoked. NOTE that adding support for manual relocation of crypto_algos within linker lists is beyond the scope of this patch. Signed-off-by: Alexandru Gagniuc Reviewed-by: Simon Glass --- common/image-sig.c | 9 +++++++++ include/image.h | 5 +++++ 2 files changed, 14 insertions(+) (limited to 'include') diff --git a/common/image-sig.c b/common/image-sig.c index 5e2d1719754..81a3b739feb 100644 --- a/common/image-sig.c +++ b/common/image-sig.c @@ -107,6 +107,7 @@ struct checksum_algo *image_get_checksum_algo(const char *full_name) struct crypto_algo *image_get_crypto_algo(const char *full_name) { + struct crypto_algo *crypto, *end; int i; const char *name; @@ -133,6 +134,14 @@ struct crypto_algo *image_get_crypto_algo(const char *full_name) return &crypto_algos[i]; } + crypto = ll_entry_start(struct crypto_algo, cryptos); + end = ll_entry_end(struct crypto_algo, cryptos); + for (; crypto < end; crypto++) { + if (!strcmp(crypto->name, name)) + return crypto; + } + + /* Not found */ return NULL; } diff --git a/include/image.h b/include/image.h index 8b420f2c02c..d4c453428c4 100644 --- a/include/image.h +++ b/include/image.h @@ -47,6 +47,7 @@ struct fdt_region; #include #include #include +#include /* Take notice of the 'ignore' property for hashes */ #define IMAGE_ENABLE_IGNORE 1 @@ -1328,6 +1329,10 @@ struct crypto_algo { uint8_t *sig, uint sig_len); }; +/* Declare a new U-Boot crypto algorithm handler */ +#define U_BOOT_CRYPTO_ALGO(__name) \ +ll_entry_declare(struct crypto_algo, __name, cryptos) + struct padding_algo { const char *name; int (*verify)(struct image_sign_info *info, -- cgit v1.3.1 From 820c4968c3f5a3440344ca5ec51ccfb9271d05ac Mon Sep 17 00:00:00 2001 From: Alexandru Gagniuc Date: Wed, 14 Jul 2021 17:05:42 -0500 Subject: lib: ecdsa: Remove #ifdefs from ecdsa.h It is no longer necessary to implement ecdsa_() functions as no-ops depending on config options. It is merely sufficient to provide the prototypes, as the ecdsa code is no longer linked when unused. Signed-off-by: Alexandru Gagniuc Reviewed-by: Simon Glass --- include/u-boot/ecdsa.h | 25 ------------------------- 1 file changed, 25 deletions(-) (limited to 'include') diff --git a/include/u-boot/ecdsa.h b/include/u-boot/ecdsa.h index 979690d9660..f6951c7346d 100644 --- a/include/u-boot/ecdsa.h +++ b/include/u-boot/ecdsa.h @@ -15,7 +15,6 @@ * @see "struct crypto_algo" * @{ */ -#if IMAGE_ENABLE_SIGN /** * sign() - calculate and return signature for given input data * @@ -49,22 +48,7 @@ int ecdsa_sign(struct image_sign_info *info, const struct image_region region[], * other -ve value on error */ int ecdsa_add_verify_data(struct image_sign_info *info, void *keydest); -#else -static inline -int ecdsa_sign(struct image_sign_info *info, const struct image_region region[], - int region_count, uint8_t **sigp, uint *sig_len) -{ - return -ENXIO; -} - -static inline -int ecdsa_add_verify_data(struct image_sign_info *info, void *keydest) -{ - return -ENXIO; -} -#endif -#if IMAGE_ENABLE_VERIFY_ECDSA /** * verify() - Verify a signature against some data * @@ -78,15 +62,6 @@ int ecdsa_add_verify_data(struct image_sign_info *info, void *keydest) int ecdsa_verify(struct image_sign_info *info, const struct image_region region[], int region_count, uint8_t *sig, uint sig_len); -#else -static inline -int ecdsa_verify(struct image_sign_info *info, - const struct image_region region[], int region_count, - uint8_t *sig, uint sig_len) -{ - return -ENXIO; -} -#endif /** @} */ #define ECDSA256_BYTES (256 / 8) -- cgit v1.3.1 From 92c960bc1d4c8f702171fea0d87e86f317d4b597 Mon Sep 17 00:00:00 2001 From: Alexandru Gagniuc Date: Wed, 14 Jul 2021 17:05:43 -0500 Subject: lib: rsa: Remove #ifdefs from rsa.h It is no longer necessary to implement rsa_() functions as no-ops depending on config options. It is merely sufficient to provide the prototypes, as the rsa code is no longer linked when unused. Signed-off-by: Alexandru Gagniuc Reviewed-by: Simon Glass --- include/u-boot/rsa.h | 47 ----------------------------------------------- 1 file changed, 47 deletions(-) (limited to 'include') diff --git a/include/u-boot/rsa.h b/include/u-boot/rsa.h index bc564d56fa3..89a9c4caa0a 100644 --- a/include/u-boot/rsa.h +++ b/include/u-boot/rsa.h @@ -31,7 +31,6 @@ struct rsa_public_key { struct image_sign_info; -#if IMAGE_ENABLE_SIGN /** * sign() - calculate and return signature for given input data * @@ -66,22 +65,7 @@ int rsa_sign(struct image_sign_info *info, other -ve value on error */ int rsa_add_verify_data(struct image_sign_info *info, void *keydest); -#else -static inline int rsa_sign(struct image_sign_info *info, - const struct image_region region[], int region_count, - uint8_t **sigp, uint *sig_len) -{ - return -ENXIO; -} - -static inline int rsa_add_verify_data(struct image_sign_info *info, - void *keydest) -{ - return -ENXIO; -} -#endif -#if IMAGE_ENABLE_VERIFY /** * rsa_verify_hash() - Verify a signature against a hash * @@ -124,37 +108,6 @@ int padding_pss_verify(struct image_sign_info *info, uint8_t *msg, int msg_len, const uint8_t *hash, int hash_len); #endif /* CONFIG_FIT_RSASSA_PSS */ -#else -static inline int rsa_verify_hash(struct image_sign_info *info, - const uint8_t *hash, - uint8_t *sig, uint sig_len) -{ - return -ENXIO; -} - -static inline int rsa_verify(struct image_sign_info *info, - const struct image_region region[], int region_count, - uint8_t *sig, uint sig_len) -{ - return -ENXIO; -} - -static inline int padding_pkcs_15_verify(struct image_sign_info *info, - uint8_t *msg, int msg_len, - const uint8_t *hash, int hash_len) -{ - return -ENXIO; -} - -#ifdef CONFIG_FIT_RSASSA_PSS -static inline int padding_pss_verify(struct image_sign_info *info, - uint8_t *msg, int msg_len, - const uint8_t *hash, int hash_len) -{ - return -ENXIO; -} -#endif /* CONFIG_FIT_RSASSA_PSS */ -#endif #define RSA_DEFAULT_PADDING_NAME "pkcs-1.5" -- cgit v1.3.1 From 8be1818a4f0c9ec14d04a244196c6e265fd973b7 Mon Sep 17 00:00:00 2001 From: Alexandru Gagniuc Date: Wed, 14 Jul 2021 17:05:44 -0500 Subject: image: Eliminate IMAGE_ENABLE_VERIFY macro This macro is no longer needed for code flow or #ifdefs. Remove it. Signed-off-by: Alexandru Gagniuc Reviewed-by: Simon Glass --- include/image.h | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) (limited to 'include') diff --git a/include/image.h b/include/image.h index d4c453428c4..64663c591b5 100644 --- a/include/image.h +++ b/include/image.h @@ -1196,19 +1196,16 @@ int calculate_hash(const void *data, int data_len, const char *algo, #if defined(USE_HOSTCC) # if defined(CONFIG_FIT_SIGNATURE) # define IMAGE_ENABLE_SIGN 1 -# define IMAGE_ENABLE_VERIFY 1 # define IMAGE_ENABLE_VERIFY_ECDSA 1 # define FIT_IMAGE_ENABLE_VERIFY 1 # include # else # define IMAGE_ENABLE_SIGN 0 -# define IMAGE_ENABLE_VERIFY 0 # define IMAGE_ENABLE_VERIFY_ECDSA 0 # define FIT_IMAGE_ENABLE_VERIFY 0 # endif #else # define IMAGE_ENABLE_SIGN 0 -# define IMAGE_ENABLE_VERIFY CONFIG_IS_ENABLED(RSA_VERIFY) # define IMAGE_ENABLE_VERIFY_ECDSA 0 # define FIT_IMAGE_ENABLE_VERIFY CONFIG_IS_ENABLED(FIT_SIGNATURE) #endif @@ -1260,7 +1257,7 @@ struct image_region { int size; }; -#if IMAGE_ENABLE_VERIFY +#if FIT_IMAGE_ENABLE_VERIFY # include #endif struct checksum_algo { -- cgit v1.3.1 From 8387dba471de8d8668123ca0e158ab3f4f4bf81e Mon Sep 17 00:00:00 2001 From: Alexandru Gagniuc Date: Wed, 14 Jul 2021 17:05:45 -0500 Subject: image: Eliminate IMAGE_ENABLE_VERIFY_ECDSA macro This macro is no longer needed for code flow or #ifdefs. Remove it. Signed-off-by: Alexandru Gagniuc Reviewed-by: Simon Glass --- include/image.h | 3 --- 1 file changed, 3 deletions(-) (limited to 'include') diff --git a/include/image.h b/include/image.h index 64663c591b5..e20f0b69d58 100644 --- a/include/image.h +++ b/include/image.h @@ -1196,17 +1196,14 @@ int calculate_hash(const void *data, int data_len, const char *algo, #if defined(USE_HOSTCC) # if defined(CONFIG_FIT_SIGNATURE) # define IMAGE_ENABLE_SIGN 1 -# define IMAGE_ENABLE_VERIFY_ECDSA 1 # define FIT_IMAGE_ENABLE_VERIFY 1 # include # else # define IMAGE_ENABLE_SIGN 0 -# define IMAGE_ENABLE_VERIFY_ECDSA 0 # define FIT_IMAGE_ENABLE_VERIFY 0 # endif #else # define IMAGE_ENABLE_SIGN 0 -# define IMAGE_ENABLE_VERIFY_ECDSA 0 # define FIT_IMAGE_ENABLE_VERIFY CONFIG_IS_ENABLED(FIT_SIGNATURE) #endif -- cgit v1.3.1