mirror of
https://github.com/AsahiLinux/u-boot
synced 2024-11-24 21:54:01 +00:00
hash: Use Kconfig to enable hashing in host tools and SPL
At present when building host tools, we force CONFIG_SHAxxx to be enabled regardless of the board Kconfig setting. This is done in the image.h header file. For SPL we currently just assume the algorithm is desired if U-Boot proper enables it. Clean this up by adding new Kconfig options to enable hashing on the host, relying on CONFIG_IS_ENABLED() to deal with the different builds. Add new SPL Kconfigs for hardware-accelerated hashing, to maintain the current settings. This allows us to drop the image.h code and the I_WANT_MD5 hack. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
This commit is contained in:
Simon Glass
Tom Rini
parent
603d15a572
commit
2c21256b27
6 changed files with 72 additions and 33 deletions
|
|
@ -25,6 +25,7 @@
|
||||||
#else
|
#else
|
||||||
#include "mkimage.h"
|
#include "mkimage.h"
|
||||||
#include <time.h>
|
#include <time.h>
|
||||||
|
#include <linux/kconfig.h>
|
||||||
#endif /* !USE_HOSTCC*/
|
#endif /* !USE_HOSTCC*/
|
||||||
|
|
||||||
#include <hash.h>
|
#include <hash.h>
|
||||||
|
|
@ -41,7 +42,7 @@ DECLARE_GLOBAL_DATA_PTR;
|
||||||
|
|
||||||
static void reloc_update(void);
|
static void reloc_update(void);
|
||||||
|
|
||||||
#if defined(CONFIG_SHA1) && !defined(CONFIG_SHA_PROG_HW_ACCEL)
|
#if CONFIG_IS_ENABLED(SHA1) && !CONFIG_IS_ENABLED(SHA_PROG_HW_ACCEL)
|
||||||
static int hash_init_sha1(struct hash_algo *algo, void **ctxp)
|
static int hash_init_sha1(struct hash_algo *algo, void **ctxp)
|
||||||
{
|
{
|
||||||
sha1_context *ctx = malloc(sizeof(sha1_context));
|
sha1_context *ctx = malloc(sizeof(sha1_context));
|
||||||
|
|
@ -69,7 +70,7 @@ static int hash_finish_sha1(struct hash_algo *algo, void *ctx, void *dest_buf,
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#if defined(CONFIG_SHA256) && !defined(CONFIG_SHA_PROG_HW_ACCEL)
|
#if CONFIG_IS_ENABLED(SHA256) && !CONFIG_IS_ENABLED(SHA_PROG_HW_ACCEL)
|
||||||
static int hash_init_sha256(struct hash_algo *algo, void **ctxp)
|
static int hash_init_sha256(struct hash_algo *algo, void **ctxp)
|
||||||
{
|
{
|
||||||
sha256_context *ctx = malloc(sizeof(sha256_context));
|
sha256_context *ctx = malloc(sizeof(sha256_context));
|
||||||
|
|
@ -97,7 +98,7 @@ static int hash_finish_sha256(struct hash_algo *algo, void *ctx, void
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#if defined(CONFIG_SHA384) && !defined(CONFIG_SHA_PROG_HW_ACCEL)
|
#if CONFIG_IS_ENABLED(SHA384) && !CONFIG_IS_ENABLED(SHA_PROG_HW_ACCEL)
|
||||||
static int hash_init_sha384(struct hash_algo *algo, void **ctxp)
|
static int hash_init_sha384(struct hash_algo *algo, void **ctxp)
|
||||||
{
|
{
|
||||||
sha512_context *ctx = malloc(sizeof(sha512_context));
|
sha512_context *ctx = malloc(sizeof(sha512_context));
|
||||||
|
|
@ -125,7 +126,7 @@ static int hash_finish_sha384(struct hash_algo *algo, void *ctx, void
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#if defined(CONFIG_SHA512) && !defined(CONFIG_SHA_PROG_HW_ACCEL)
|
#if CONFIG_IS_ENABLED(SHA512) && !CONFIG_IS_ENABLED(SHA_PROG_HW_ACCEL)
|
||||||
static int hash_init_sha512(struct hash_algo *algo, void **ctxp)
|
static int hash_init_sha512(struct hash_algo *algo, void **ctxp)
|
||||||
{
|
{
|
||||||
sha512_context *ctx = malloc(sizeof(sha512_context));
|
sha512_context *ctx = malloc(sizeof(sha512_context));
|
||||||
|
|
@ -207,18 +208,13 @@ static int hash_finish_crc32(struct hash_algo *algo, void *ctx, void *dest_buf,
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
#ifdef USE_HOSTCC
|
|
||||||
# define I_WANT_MD5 1
|
|
||||||
#else
|
|
||||||
# define I_WANT_MD5 CONFIG_IS_ENABLED(MD5)
|
|
||||||
#endif
|
|
||||||
/*
|
/*
|
||||||
* These are the hash algorithms we support. If we have hardware acceleration
|
* These are the hash algorithms we support. If we have hardware acceleration
|
||||||
* is enable we will use that, otherwise a software version of the algorithm.
|
* is enable we will use that, otherwise a software version of the algorithm.
|
||||||
* Note that algorithm names must be in lower case.
|
* Note that algorithm names must be in lower case.
|
||||||
*/
|
*/
|
||||||
static struct hash_algo hash_algo[] = {
|
static struct hash_algo hash_algo[] = {
|
||||||
#if I_WANT_MD5
|
#if CONFIG_IS_ENABLED(MD5)
|
||||||
{
|
{
|
||||||
.name = "md5",
|
.name = "md5",
|
||||||
.digest_size = MD5_SUM_LEN,
|
.digest_size = MD5_SUM_LEN,
|
||||||
|
|
@ -226,17 +222,17 @@ static struct hash_algo hash_algo[] = {
|
||||||
.hash_func_ws = md5_wd,
|
.hash_func_ws = md5_wd,
|
||||||
},
|
},
|
||||||
#endif
|
#endif
|
||||||
#ifdef CONFIG_SHA1
|
#if CONFIG_IS_ENABLED(SHA1)
|
||||||
{
|
{
|
||||||
.name = "sha1",
|
.name = "sha1",
|
||||||
.digest_size = SHA1_SUM_LEN,
|
.digest_size = SHA1_SUM_LEN,
|
||||||
.chunk_size = CHUNKSZ_SHA1,
|
.chunk_size = CHUNKSZ_SHA1,
|
||||||
#ifdef CONFIG_SHA_HW_ACCEL
|
#if CONFIG_IS_ENABLED(SHA_HW_ACCEL)
|
||||||
.hash_func_ws = hw_sha1,
|
.hash_func_ws = hw_sha1,
|
||||||
#else
|
#else
|
||||||
.hash_func_ws = sha1_csum_wd,
|
.hash_func_ws = sha1_csum_wd,
|
||||||
#endif
|
#endif
|
||||||
#ifdef CONFIG_SHA_PROG_HW_ACCEL
|
#if CONFIG_IS_ENABLED(SHA_PROG_HW_ACCEL)
|
||||||
.hash_init = hw_sha_init,
|
.hash_init = hw_sha_init,
|
||||||
.hash_update = hw_sha_update,
|
.hash_update = hw_sha_update,
|
||||||
.hash_finish = hw_sha_finish,
|
.hash_finish = hw_sha_finish,
|
||||||
|
|
@ -247,17 +243,17 @@ static struct hash_algo hash_algo[] = {
|
||||||
#endif
|
#endif
|
||||||
},
|
},
|
||||||
#endif
|
#endif
|
||||||
#ifdef CONFIG_SHA256
|
#if CONFIG_IS_ENABLED(SHA256)
|
||||||
{
|
{
|
||||||
.name = "sha256",
|
.name = "sha256",
|
||||||
.digest_size = SHA256_SUM_LEN,
|
.digest_size = SHA256_SUM_LEN,
|
||||||
.chunk_size = CHUNKSZ_SHA256,
|
.chunk_size = CHUNKSZ_SHA256,
|
||||||
#ifdef CONFIG_SHA_HW_ACCEL
|
#if CONFIG_IS_ENABLED(SHA_HW_ACCEL)
|
||||||
.hash_func_ws = hw_sha256,
|
.hash_func_ws = hw_sha256,
|
||||||
#else
|
#else
|
||||||
.hash_func_ws = sha256_csum_wd,
|
.hash_func_ws = sha256_csum_wd,
|
||||||
#endif
|
#endif
|
||||||
#ifdef CONFIG_SHA_PROG_HW_ACCEL
|
#if CONFIG_IS_ENABLED(SHA_PROG_HW_ACCEL)
|
||||||
.hash_init = hw_sha_init,
|
.hash_init = hw_sha_init,
|
||||||
.hash_update = hw_sha_update,
|
.hash_update = hw_sha_update,
|
||||||
.hash_finish = hw_sha_finish,
|
.hash_finish = hw_sha_finish,
|
||||||
|
|
@ -268,17 +264,17 @@ static struct hash_algo hash_algo[] = {
|
||||||
#endif
|
#endif
|
||||||
},
|
},
|
||||||
#endif
|
#endif
|
||||||
#ifdef CONFIG_SHA384
|
#if CONFIG_IS_ENABLED(SHA384)
|
||||||
{
|
{
|
||||||
.name = "sha384",
|
.name = "sha384",
|
||||||
.digest_size = SHA384_SUM_LEN,
|
.digest_size = SHA384_SUM_LEN,
|
||||||
.chunk_size = CHUNKSZ_SHA384,
|
.chunk_size = CHUNKSZ_SHA384,
|
||||||
#ifdef CONFIG_SHA512_HW_ACCEL
|
#if CONFIG_IS_ENABLED(SHA512_HW_ACCEL)
|
||||||
.hash_func_ws = hw_sha384,
|
.hash_func_ws = hw_sha384,
|
||||||
#else
|
#else
|
||||||
.hash_func_ws = sha384_csum_wd,
|
.hash_func_ws = sha384_csum_wd,
|
||||||
#endif
|
#endif
|
||||||
#if defined(CONFIG_SHA512_HW_ACCEL) && defined(CONFIG_SHA_PROG_HW_ACCEL)
|
#if CONFIG_IS_ENABLED(SHA512_HW_ACCEL) && CONFIG_IS_ENABLED(SHA_PROG_HW_ACCEL)
|
||||||
.hash_init = hw_sha_init,
|
.hash_init = hw_sha_init,
|
||||||
.hash_update = hw_sha_update,
|
.hash_update = hw_sha_update,
|
||||||
.hash_finish = hw_sha_finish,
|
.hash_finish = hw_sha_finish,
|
||||||
|
|
@ -289,17 +285,17 @@ static struct hash_algo hash_algo[] = {
|
||||||
#endif
|
#endif
|
||||||
},
|
},
|
||||||
#endif
|
#endif
|
||||||
#ifdef CONFIG_SHA512
|
#if CONFIG_IS_ENABLED(SHA512)
|
||||||
{
|
{
|
||||||
.name = "sha512",
|
.name = "sha512",
|
||||||
.digest_size = SHA512_SUM_LEN,
|
.digest_size = SHA512_SUM_LEN,
|
||||||
.chunk_size = CHUNKSZ_SHA512,
|
.chunk_size = CHUNKSZ_SHA512,
|
||||||
#ifdef CONFIG_SHA512_HW_ACCEL
|
#if CONFIG_IS_ENABLED(SHA512_HW_ACCEL)
|
||||||
.hash_func_ws = hw_sha512,
|
.hash_func_ws = hw_sha512,
|
||||||
#else
|
#else
|
||||||
.hash_func_ws = sha512_csum_wd,
|
.hash_func_ws = sha512_csum_wd,
|
||||||
#endif
|
#endif
|
||||||
#if defined(CONFIG_SHA512_HW_ACCEL) && defined(CONFIG_SHA_PROG_HW_ACCEL)
|
#if CONFIG_IS_ENABLED(SHA512_HW_ACCEL) && CONFIG_IS_ENABLED(SHA_PROG_HW_ACCEL)
|
||||||
.hash_init = hw_sha_init,
|
.hash_init = hw_sha_init,
|
||||||
.hash_update = hw_sha_update,
|
.hash_update = hw_sha_update,
|
||||||
.hash_finish = hw_sha_finish,
|
.hash_finish = hw_sha_finish,
|
||||||
|
|
@ -331,9 +327,9 @@ static struct hash_algo hash_algo[] = {
|
||||||
};
|
};
|
||||||
|
|
||||||
/* Try to minimize code size for boards that don't want much hashing */
|
/* Try to minimize code size for boards that don't want much hashing */
|
||||||
#if defined(CONFIG_SHA256) || defined(CONFIG_CMD_SHA1SUM) || \
|
#if CONFIG_IS_ENABLED(SHA256) || CONFIG_IS_ENABLED(CMD_SHA1SUM) || \
|
||||||
defined(CONFIG_CRC32_VERIFY) || defined(CONFIG_CMD_HASH) || \
|
CONFIG_IS_ENABLED(CRC32_VERIFY) || CONFIG_IS_ENABLED(CMD_HASH) || \
|
||||||
defined(CONFIG_SHA384) || defined(CONFIG_SHA512)
|
CONFIG_IS_ENABLED(SHA384) || CONFIG_IS_ENABLED(SHA512)
|
||||||
#define multi_hash() 1
|
#define multi_hash() 1
|
||||||
#else
|
#else
|
||||||
#define multi_hash() 0
|
#define multi_hash() 0
|
||||||
|
|
@ -438,7 +434,8 @@ int hash_block(const char *algo_name, const void *data, unsigned int len,
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
#if defined(CONFIG_CMD_HASH) || defined(CONFIG_CMD_SHA1SUM) || defined(CONFIG_CMD_CRC32)
|
#if !defined(CONFIG_SPL_BUILD) && (defined(CONFIG_CMD_HASH) || \
|
||||||
|
defined(CONFIG_CMD_SHA1SUM) || defined(CONFIG_CMD_CRC32))
|
||||||
/**
|
/**
|
||||||
* store_result: Store the resulting sum to an address or variable
|
* store_result: Store the resulting sum to an address or variable
|
||||||
*
|
*
|
||||||
|
|
|
||||||
|
|
@ -7,7 +7,7 @@
|
||||||
#ifndef __FDT_SUPPORT_H
|
#ifndef __FDT_SUPPORT_H
|
||||||
#define __FDT_SUPPORT_H
|
#define __FDT_SUPPORT_H
|
||||||
|
|
||||||
#ifdef CONFIG_OF_LIBFDT
|
#if defined(CONFIG_OF_LIBFDT) && !defined(USE_HOSTCC)
|
||||||
|
|
||||||
#include <asm/u-boot.h>
|
#include <asm/u-boot.h>
|
||||||
#include <linux/libfdt.h>
|
#include <linux/libfdt.h>
|
||||||
|
|
|
||||||
|
|
@ -6,13 +6,17 @@
|
||||||
#ifndef _HASH_H
|
#ifndef _HASH_H
|
||||||
#define _HASH_H
|
#define _HASH_H
|
||||||
|
|
||||||
|
#ifdef USE_HOSTCC
|
||||||
|
#include <linux/kconfig.h>
|
||||||
|
#endif
|
||||||
|
|
||||||
struct cmd_tbl;
|
struct cmd_tbl;
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Maximum digest size for all algorithms we support. Having this value
|
* Maximum digest size for all algorithms we support. Having this value
|
||||||
* avoids a malloc() or C99 local declaration in common/cmd_hash.c.
|
* avoids a malloc() or C99 local declaration in common/cmd_hash.c.
|
||||||
*/
|
*/
|
||||||
#if defined(CONFIG_SHA384) || defined(CONFIG_SHA512)
|
#if CONFIG_IS_ENABLED(SHA384) || CONFIG_IS_ENABLED(SHA512)
|
||||||
#define HASH_MAX_DIGEST_SIZE 64
|
#define HASH_MAX_DIGEST_SIZE 64
|
||||||
#else
|
#else
|
||||||
#define HASH_MAX_DIGEST_SIZE 32
|
#define HASH_MAX_DIGEST_SIZE 32
|
||||||
|
|
|
||||||
|
|
@ -31,11 +31,6 @@ struct fdt_region;
|
||||||
#define IMAGE_ENABLE_OF_LIBFDT 1
|
#define IMAGE_ENABLE_OF_LIBFDT 1
|
||||||
#define CONFIG_FIT_VERBOSE 1 /* enable fit_format_{error,warning}() */
|
#define CONFIG_FIT_VERBOSE 1 /* enable fit_format_{error,warning}() */
|
||||||
#define CONFIG_FIT_RSASSA_PSS 1
|
#define CONFIG_FIT_RSASSA_PSS 1
|
||||||
#define CONFIG_MD5
|
|
||||||
#define CONFIG_SHA1
|
|
||||||
#define CONFIG_SHA256
|
|
||||||
#define CONFIG_SHA384
|
|
||||||
#define CONFIG_SHA512
|
|
||||||
|
|
||||||
#define IMAGE_ENABLE_IGNORE 0
|
#define IMAGE_ENABLE_IGNORE 0
|
||||||
#define IMAGE_INDENT_STRING ""
|
#define IMAGE_INDENT_STRING ""
|
||||||
|
|
|
||||||
18
lib/Kconfig
18
lib/Kconfig
|
|
@ -438,6 +438,24 @@ config SPL_SHA384
|
||||||
The SHA384 algorithm produces a 384-bit (48-byte) hash value
|
The SHA384 algorithm produces a 384-bit (48-byte) hash value
|
||||||
(digest).
|
(digest).
|
||||||
|
|
||||||
|
config SPL_SHA_HW_ACCEL
|
||||||
|
bool "Enable hardware acceleration for SHA hash functions"
|
||||||
|
default y if SHA_HW_ACCEL
|
||||||
|
help
|
||||||
|
This option enables hardware acceleration for the SHA1 and SHA256
|
||||||
|
hashing algorithms. This affects the 'hash' command and also the
|
||||||
|
hash_lookup_algo() function.
|
||||||
|
|
||||||
|
config SPL_SHA_PROG_HW_ACCEL
|
||||||
|
bool "Enable Progressive hashing support using hardware in SPL"
|
||||||
|
depends on SHA_PROG_HW_ACCEL
|
||||||
|
default y
|
||||||
|
help
|
||||||
|
This option enables hardware-acceleration for SHA progressive
|
||||||
|
hashing.
|
||||||
|
Data can be streamed in a block at a time and the hashing is
|
||||||
|
performed in hardware.
|
||||||
|
|
||||||
endif
|
endif
|
||||||
|
|
||||||
if SHA_HW_ACCEL
|
if SHA_HW_ACCEL
|
||||||
|
|
|
||||||
|
|
@ -45,4 +45,29 @@ config TOOLS_FIT_SIGNATURE_MAX_SIZE
|
||||||
depends on TOOLS_FIT_SIGNATURE
|
depends on TOOLS_FIT_SIGNATURE
|
||||||
default 0x10000000
|
default 0x10000000
|
||||||
|
|
||||||
|
config TOOLS_MD5
|
||||||
|
def_bool y
|
||||||
|
help
|
||||||
|
Enable MD5 support in the tools builds
|
||||||
|
|
||||||
|
config TOOLS_SHA1
|
||||||
|
def_bool y
|
||||||
|
help
|
||||||
|
Enable SHA1 support in the tools builds
|
||||||
|
|
||||||
|
config TOOLS_SHA256
|
||||||
|
def_bool y
|
||||||
|
help
|
||||||
|
Enable SHA256 support in the tools builds
|
||||||
|
|
||||||
|
config TOOLS_SHA384
|
||||||
|
def_bool y
|
||||||
|
help
|
||||||
|
Enable SHA384 support in the tools builds
|
||||||
|
|
||||||
|
config TOOLS_SHA512
|
||||||
|
def_bool y
|
||||||
|
help
|
||||||
|
Enable SHA512 support in the tools builds
|
||||||
|
|
||||||
endmenu
|
endmenu
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue