hash: Use Kconfig to enable hashing in host tools and SPL
At present when building host tools, we force CONFIG_SHAxxx to be enabled regardless of the board Kconfig setting. This is done in the image.h header file. For SPL we currently just assume the algorithm is desired if U-Boot proper enables it. Clean this up by adding new Kconfig options to enable hashing on the host, relying on CONFIG_IS_ENABLED() to deal with the different builds. Add new SPL Kconfigs for hardware-accelerated hashing, to maintain the current settings. This allows us to drop the image.h code and the I_WANT_MD5 hack. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
This commit is contained in:
Simon Glass
Tom Rini
parent
603d15a572
commit
2c21256b27
|
|
@ -25,6 +25,7 @@
|
|||
#else
|
||||
#include "mkimage.h"
|
||||
#include <time.h>
|
||||
#include <linux/kconfig.h>
|
||||
#endif /* !USE_HOSTCC*/
|
||||
|
||||
#include <hash.h>
|
||||
|
|
@ -41,7 +42,7 @@ DECLARE_GLOBAL_DATA_PTR;
|
|||
|
||||
static void reloc_update(void);
|
||||
|
||||
#if defined(CONFIG_SHA1) && !defined(CONFIG_SHA_PROG_HW_ACCEL)
|
||||
#if CONFIG_IS_ENABLED(SHA1) && !CONFIG_IS_ENABLED(SHA_PROG_HW_ACCEL)
|
||||
static int hash_init_sha1(struct hash_algo *algo, void **ctxp)
|
||||
{
|
||||
sha1_context *ctx = malloc(sizeof(sha1_context));
|
||||
|
|
@ -69,7 +70,7 @@ static int hash_finish_sha1(struct hash_algo *algo, void *ctx, void *dest_buf,
|
|||
}
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_SHA256) && !defined(CONFIG_SHA_PROG_HW_ACCEL)
|
||||
#if CONFIG_IS_ENABLED(SHA256) && !CONFIG_IS_ENABLED(SHA_PROG_HW_ACCEL)
|
||||
static int hash_init_sha256(struct hash_algo *algo, void **ctxp)
|
||||
{
|
||||
sha256_context *ctx = malloc(sizeof(sha256_context));
|
||||
|
|
@ -97,7 +98,7 @@ static int hash_finish_sha256(struct hash_algo *algo, void *ctx, void
|
|||
}
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_SHA384) && !defined(CONFIG_SHA_PROG_HW_ACCEL)
|
||||
#if CONFIG_IS_ENABLED(SHA384) && !CONFIG_IS_ENABLED(SHA_PROG_HW_ACCEL)
|
||||
static int hash_init_sha384(struct hash_algo *algo, void **ctxp)
|
||||
{
|
||||
sha512_context *ctx = malloc(sizeof(sha512_context));
|
||||
|
|
@ -125,7 +126,7 @@ static int hash_finish_sha384(struct hash_algo *algo, void *ctx, void
|
|||
}
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_SHA512) && !defined(CONFIG_SHA_PROG_HW_ACCEL)
|
||||
#if CONFIG_IS_ENABLED(SHA512) && !CONFIG_IS_ENABLED(SHA_PROG_HW_ACCEL)
|
||||
static int hash_init_sha512(struct hash_algo *algo, void **ctxp)
|
||||
{
|
||||
sha512_context *ctx = malloc(sizeof(sha512_context));
|
||||
|
|
@ -207,18 +208,13 @@ static int hash_finish_crc32(struct hash_algo *algo, void *ctx, void *dest_buf,
|
|||
return 0;
|
||||
}
|
||||
|
||||
#ifdef USE_HOSTCC
|
||||
# define I_WANT_MD5 1
|
||||
#else
|
||||
# define I_WANT_MD5 CONFIG_IS_ENABLED(MD5)
|
||||
#endif
|
||||
/*
|
||||
* These are the hash algorithms we support. If we have hardware acceleration
|
||||
* is enable we will use that, otherwise a software version of the algorithm.
|
||||
* Note that algorithm names must be in lower case.
|
||||
*/
|
||||
static struct hash_algo hash_algo[] = {
|
||||
#if I_WANT_MD5
|
||||
#if CONFIG_IS_ENABLED(MD5)
|
||||
{
|
||||
.name = "md5",
|
||||
.digest_size = MD5_SUM_LEN,
|
||||
|
|
@ -226,17 +222,17 @@ static struct hash_algo hash_algo[] = {
|
|||
.hash_func_ws = md5_wd,
|
||||
},
|
||||
#endif
|
||||
#ifdef CONFIG_SHA1
|
||||
#if CONFIG_IS_ENABLED(SHA1)
|
||||
{
|
||||
.name = "sha1",
|
||||
.digest_size = SHA1_SUM_LEN,
|
||||
.chunk_size = CHUNKSZ_SHA1,
|
||||
#ifdef CONFIG_SHA_HW_ACCEL
|
||||
#if CONFIG_IS_ENABLED(SHA_HW_ACCEL)
|
||||
.hash_func_ws = hw_sha1,
|
||||
#else
|
||||
.hash_func_ws = sha1_csum_wd,
|
||||
#endif
|
||||
#ifdef CONFIG_SHA_PROG_HW_ACCEL
|
||||
#if CONFIG_IS_ENABLED(SHA_PROG_HW_ACCEL)
|
||||
.hash_init = hw_sha_init,
|
||||
.hash_update = hw_sha_update,
|
||||
.hash_finish = hw_sha_finish,
|
||||
|
|
@ -247,17 +243,17 @@ static struct hash_algo hash_algo[] = {
|
|||
#endif
|
||||
},
|
||||
#endif
|
||||
#ifdef CONFIG_SHA256
|
||||
#if CONFIG_IS_ENABLED(SHA256)
|
||||
{
|
||||
.name = "sha256",
|
||||
.digest_size = SHA256_SUM_LEN,
|
||||
.chunk_size = CHUNKSZ_SHA256,
|
||||
#ifdef CONFIG_SHA_HW_ACCEL
|
||||
#if CONFIG_IS_ENABLED(SHA_HW_ACCEL)
|
||||
.hash_func_ws = hw_sha256,
|
||||
#else
|
||||
.hash_func_ws = sha256_csum_wd,
|
||||
#endif
|
||||
#ifdef CONFIG_SHA_PROG_HW_ACCEL
|
||||
#if CONFIG_IS_ENABLED(SHA_PROG_HW_ACCEL)
|
||||
.hash_init = hw_sha_init,
|
||||
.hash_update = hw_sha_update,
|
||||
.hash_finish = hw_sha_finish,
|
||||
|
|
@ -268,17 +264,17 @@ static struct hash_algo hash_algo[] = {
|
|||
#endif
|
||||
},
|
||||
#endif
|
||||
#ifdef CONFIG_SHA384
|
||||
#if CONFIG_IS_ENABLED(SHA384)
|
||||
{
|
||||
.name = "sha384",
|
||||
.digest_size = SHA384_SUM_LEN,
|
||||
.chunk_size = CHUNKSZ_SHA384,
|
||||
#ifdef CONFIG_SHA512_HW_ACCEL
|
||||
#if CONFIG_IS_ENABLED(SHA512_HW_ACCEL)
|
||||
.hash_func_ws = hw_sha384,
|
||||
#else
|
||||
.hash_func_ws = sha384_csum_wd,
|
||||
#endif
|
||||
#if defined(CONFIG_SHA512_HW_ACCEL) && defined(CONFIG_SHA_PROG_HW_ACCEL)
|
||||
#if CONFIG_IS_ENABLED(SHA512_HW_ACCEL) && CONFIG_IS_ENABLED(SHA_PROG_HW_ACCEL)
|
||||
.hash_init = hw_sha_init,
|
||||
.hash_update = hw_sha_update,
|
||||
.hash_finish = hw_sha_finish,
|
||||
|
|
@ -289,17 +285,17 @@ static struct hash_algo hash_algo[] = {
|
|||
#endif
|
||||
},
|
||||
#endif
|
||||
#ifdef CONFIG_SHA512
|
||||
#if CONFIG_IS_ENABLED(SHA512)
|
||||
{
|
||||
.name = "sha512",
|
||||
.digest_size = SHA512_SUM_LEN,
|
||||
.chunk_size = CHUNKSZ_SHA512,
|
||||
#ifdef CONFIG_SHA512_HW_ACCEL
|
||||
#if CONFIG_IS_ENABLED(SHA512_HW_ACCEL)
|
||||
.hash_func_ws = hw_sha512,
|
||||
#else
|
||||
.hash_func_ws = sha512_csum_wd,
|
||||
#endif
|
||||
#if defined(CONFIG_SHA512_HW_ACCEL) && defined(CONFIG_SHA_PROG_HW_ACCEL)
|
||||
#if CONFIG_IS_ENABLED(SHA512_HW_ACCEL) && CONFIG_IS_ENABLED(SHA_PROG_HW_ACCEL)
|
||||
.hash_init = hw_sha_init,
|
||||
.hash_update = hw_sha_update,
|
||||
.hash_finish = hw_sha_finish,
|
||||
|
|
@ -331,9 +327,9 @@ static struct hash_algo hash_algo[] = {
|
|||
};
|
||||
|
||||
/* Try to minimize code size for boards that don't want much hashing */
|
||||
#if defined(CONFIG_SHA256) || defined(CONFIG_CMD_SHA1SUM) || \
|
||||
defined(CONFIG_CRC32_VERIFY) || defined(CONFIG_CMD_HASH) || \
|
||||
defined(CONFIG_SHA384) || defined(CONFIG_SHA512)
|
||||
#if CONFIG_IS_ENABLED(SHA256) || CONFIG_IS_ENABLED(CMD_SHA1SUM) || \
|
||||
CONFIG_IS_ENABLED(CRC32_VERIFY) || CONFIG_IS_ENABLED(CMD_HASH) || \
|
||||
CONFIG_IS_ENABLED(SHA384) || CONFIG_IS_ENABLED(SHA512)
|
||||
#define multi_hash() 1
|
||||
#else
|
||||
#define multi_hash() 0
|
||||
|
|
@ -438,7 +434,8 @@ int hash_block(const char *algo_name, const void *data, unsigned int len,
|
|||
return 0;
|
||||
}
|
||||
|
||||
#if defined(CONFIG_CMD_HASH) || defined(CONFIG_CMD_SHA1SUM) || defined(CONFIG_CMD_CRC32)
|
||||
#if !defined(CONFIG_SPL_BUILD) && (defined(CONFIG_CMD_HASH) || \
|
||||
defined(CONFIG_CMD_SHA1SUM) || defined(CONFIG_CMD_CRC32))
|
||||
/**
|
||||
* store_result: Store the resulting sum to an address or variable
|
||||
*
|
||||
|
|
|
|||
|
|
@ -7,7 +7,7 @@
|
|||
#ifndef __FDT_SUPPORT_H
|
||||
#define __FDT_SUPPORT_H
|
||||
|
||||
#ifdef CONFIG_OF_LIBFDT
|
||||
#if defined(CONFIG_OF_LIBFDT) && !defined(USE_HOSTCC)
|
||||
|
||||
#include <asm/u-boot.h>
|
||||
#include <linux/libfdt.h>
|
||||
|
|
|
|||
|
|
@ -6,13 +6,17 @@
|
|||
#ifndef _HASH_H
|
||||
#define _HASH_H
|
||||
|
||||
#ifdef USE_HOSTCC
|
||||
#include <linux/kconfig.h>
|
||||
#endif
|
||||
|
||||
struct cmd_tbl;
|
||||
|
||||
/*
|
||||
* Maximum digest size for all algorithms we support. Having this value
|
||||
* avoids a malloc() or C99 local declaration in common/cmd_hash.c.
|
||||
*/
|
||||
#if defined(CONFIG_SHA384) || defined(CONFIG_SHA512)
|
||||
#if CONFIG_IS_ENABLED(SHA384) || CONFIG_IS_ENABLED(SHA512)
|
||||
#define HASH_MAX_DIGEST_SIZE 64
|
||||
#else
|
||||
#define HASH_MAX_DIGEST_SIZE 32
|
||||
|
|
|
|||
|
|
@ -31,11 +31,6 @@ struct fdt_region;
|
|||
#define IMAGE_ENABLE_OF_LIBFDT 1
|
||||
#define CONFIG_FIT_VERBOSE 1 /* enable fit_format_{error,warning}() */
|
||||
#define CONFIG_FIT_RSASSA_PSS 1
|
||||
#define CONFIG_MD5
|
||||
#define CONFIG_SHA1
|
||||
#define CONFIG_SHA256
|
||||
#define CONFIG_SHA384
|
||||
#define CONFIG_SHA512
|
||||
|
||||
#define IMAGE_ENABLE_IGNORE 0
|
||||
#define IMAGE_INDENT_STRING ""
|
||||
|
|
|
|||
18
lib/Kconfig
18
lib/Kconfig
|
|
@ -438,6 +438,24 @@ config SPL_SHA384
|
|||
The SHA384 algorithm produces a 384-bit (48-byte) hash value
|
||||
(digest).
|
||||
|
||||
config SPL_SHA_HW_ACCEL
|
||||
bool "Enable hardware acceleration for SHA hash functions"
|
||||
default y if SHA_HW_ACCEL
|
||||
help
|
||||
This option enables hardware acceleration for the SHA1 and SHA256
|
||||
hashing algorithms. This affects the 'hash' command and also the
|
||||
hash_lookup_algo() function.
|
||||
|
||||
config SPL_SHA_PROG_HW_ACCEL
|
||||
bool "Enable Progressive hashing support using hardware in SPL"
|
||||
depends on SHA_PROG_HW_ACCEL
|
||||
default y
|
||||
help
|
||||
This option enables hardware-acceleration for SHA progressive
|
||||
hashing.
|
||||
Data can be streamed in a block at a time and the hashing is
|
||||
performed in hardware.
|
||||
|
||||
endif
|
||||
|
||||
if SHA_HW_ACCEL
|
||||
|
|
|
|||
|
|
@ -45,4 +45,29 @@ config TOOLS_FIT_SIGNATURE_MAX_SIZE
|
|||
depends on TOOLS_FIT_SIGNATURE
|
||||
default 0x10000000
|
||||
|
||||
config TOOLS_MD5
|
||||
def_bool y
|
||||
help
|
||||
Enable MD5 support in the tools builds
|
||||
|
||||
config TOOLS_SHA1
|
||||
def_bool y
|
||||
help
|
||||
Enable SHA1 support in the tools builds
|
||||
|
||||
config TOOLS_SHA256
|
||||
def_bool y
|
||||
help
|
||||
Enable SHA256 support in the tools builds
|
||||
|
||||
config TOOLS_SHA384
|
||||
def_bool y
|
||||
help
|
||||
Enable SHA384 support in the tools builds
|
||||
|
||||
config TOOLS_SHA512
|
||||
def_bool y
|
||||
help
|
||||
Enable SHA512 support in the tools builds
|
||||
|
||||
endmenu
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user