From 930c887e0fb88dcf1907f268960330c17999b5a3 Mon Sep 17 00:00:00 2001 From: Simon Glass Date: Sat, 25 Sep 2021 07:03:06 -0600 Subject: lib: Add memdup() Add a function to duplicate a memory region, a little like strdup(). Signed-off-by: Simon Glass --- lib/string.c | 13 +++++++++++++ 1 file changed, 13 insertions(+) (limited to 'lib') diff --git a/lib/string.c b/lib/string.c index ba176fb08f..78bd65c413 100644 --- a/lib/string.c +++ b/lib/string.c @@ -659,6 +659,19 @@ void * memscan(void * addr, int c, size_t size) } #endif +char *memdup(const void *src, size_t len) +{ + char *p; + + p = malloc(len); + if (!p) + return NULL; + + memcpy(p, src, len); + + return p; +} + #ifndef __HAVE_ARCH_STRSTR /** * strstr - Find the first substring in a %NUL terminated string -- cgit v1.2.3 From 67bc59df05331eaac56cd0a00219d1386130aee2 Mon Sep 17 00:00:00 2001 From: Simon Glass Date: Sat, 25 Sep 2021 07:03:07 -0600 Subject: Add support for an owned buffer When passing a data buffer back from a function, it is not always clear who owns the buffer, i.e. who is responsible for freeing the memory used. An example of this is where multiple files are decompressed from the firmware image, using a temporary buffer for reading (since the compressed data has to live somewhere) and producing a temporary or permanent buffer with the resuilts. Where the firmware image can be memory-mapped, as on x86, the compressed data does not need to be buffered, but the complexity of having a buffer which is either allocated or not, makes the code hard to understand. Introduce a new 'abuf' which supports simple buffer operations: - encapsulating a buffer and its size - either allocated with malloc() or not - able to be reliably freed if necessary - able to be converted to an allocated buffer if needed This simple API makes it easier to deal with allocated and memory-mapped buffers. Signed-off-by: Simon Glass --- include/abuf.h | 159 +++++++++++++++++++++++++ lib/Makefile | 1 + lib/abuf.c | 109 +++++++++++++++++ test/lib/Makefile | 1 + test/lib/abuf.c | 344 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 5 files changed, 614 insertions(+) create mode 100644 include/abuf.h create mode 100644 lib/abuf.c create mode 100644 test/lib/abuf.c (limited to 'lib') diff --git a/include/abuf.h b/include/abuf.h new file mode 100644 index 0000000000..d230f72806 --- /dev/null +++ b/include/abuf.h @@ -0,0 +1,159 @@ +/* SPDX-License-Identifier: GPL-2.0+ */ +/* + * Handles a buffer that can be allocated and freed + * + * Copyright 2021 Google LLC + * Written by Simon Glass + */ + +#ifndef __ABUF_H +#define __ABUF_H + +#include + +/** + * struct abuf - buffer that can be allocated and freed + * + * This is useful for a block of data which may be allocated with malloc(), or + * not, so that it needs to be freed correctly when finished with. + * + * For now it has a very simple purpose. + * + * Using memset() to zero all fields is guaranteed to be equivalent to + * abuf_init(). + * + * @data: Pointer to data + * @size: Size of data in bytes + * @alloced: true if allocated with malloc(), so must be freed after use + */ +struct abuf { + void *data; + size_t size; + bool alloced; +}; + +static inline void *abuf_data(const struct abuf *abuf) +{ + return abuf->data; +} + +static inline size_t abuf_size(const struct abuf *abuf) +{ + return abuf->size; +} + +/** + * abuf_set() - set the (unallocated) data in a buffer + * + * This simply makes the abuf point to the supplied data, which must be live + * for the lifetime of the abuf. It is not alloced. + * + * Any existing data in the abuf is freed and the alloced member is set to + * false. + * + * @abuf: abuf to adjust + * @data: New contents of abuf + * @size: New size of abuf + */ +void abuf_set(struct abuf *abuf, void *data, size_t size); + +/** + * abuf_map_sysmem() - calls map_sysmem() to set up an abuf + * + * This is equivalent to abuf_set(abuf, map_sysmem(addr, size), size) + * + * Any existing data in the abuf is freed and the alloced member is set to + * false. + * + * @abuf: abuf to adjust + * @addr: Address to set the abuf to + * @size: New size of abuf + */ +void abuf_map_sysmem(struct abuf *abuf, ulong addr, size_t size); + +/** + * abuf_realloc() - Change the size of a buffer + * + * This uses realloc() to change the size of the buffer, with the same semantics + * as that function. If the abuf is not currently alloced, then it will alloc + * it if the size needs to increase (i.e. set the alloced member to true) + * + * @abuf: abuf to adjust + * @new_size: new size in bytes. + * if 0, the abuf is freed + * if greater than the current size, the abuf is extended and the new + * space is not inited. The alloced member is set to true + * if less than the current size, the abuf is contracted and the data at + * the end is lost. If @new_size is 0, this sets the alloced member to + * false + * @return true if OK, false if out of memory + */ +bool abuf_realloc(struct abuf *abuf, size_t new_size); + +/** + * abuf_uninit_move() - Return the allocated contents and uninit the abuf + * + * This returns the abuf data to the caller, allocating it if necessary, so that + * the caller receives data that it can be sure will hang around. The caller is + * responsible for freeing the data. + * + * If the abuf has allocated data, it is returned. If the abuf has data but it + * is not allocated, then it is first allocated, then returned. + * + * If the abuf size is 0, this returns NULL + * + * The abuf is uninited as part of this, except if the allocation fails, in + * which NULL is returned and the abuf remains untouched. + * + * The abuf must be inited before this can be called. + * + * @abuf: abuf to uninit + * @sizep: if non-NULL, returns the size of the returned data + * @return data contents, allocated with malloc(), or NULL if the data could not + * be allocated, or the data size is 0 + */ +void *abuf_uninit_move(struct abuf *abuf, size_t *sizep); + +/** + * abuf_init_move() - Make abuf take over the management of an allocated region + * + * After this, @data must not be used. All access must be via the abuf. + * + * @abuf: abuf to init + * @data: Existing allocated buffer to place in the abuf + * @size: Size of allocated buffer + */ +void abuf_init_move(struct abuf *abuf, void *data, size_t size); + +/** + * abuf_init_set() - Set up a new abuf + * + * Inits a new abuf and sets up its (unallocated) data + * + * @abuf: abuf to set up + * @data: New contents of abuf + * @size: New size of abuf + */ +void abuf_init_set(struct abuf *abuf, void *data, size_t size); + +/** + * abuf_uninit() - Free any memory used by an abuf + * + * The buffer must be inited before this can be called. + * + * @abuf: abuf to uninit + */ +void abuf_uninit(struct abuf *abuf); + +/** + * abuf_init() - Set up a new abuf + * + * This initially has no data and alloced is set to false. This is equivalent to + * setting all fields to 0, e.g. with memset(), so callers can do that instead + * if desired. + * + * @abuf: abuf to set up + */ +void abuf_init(struct abuf *abuf); + +#endif diff --git a/lib/Makefile b/lib/Makefile index 962470f496..454396f101 100644 --- a/lib/Makefile +++ b/lib/Makefile @@ -134,6 +134,7 @@ obj-$(CONFIG_OID_REGISTRY) += oid_registry.o obj-$(CONFIG_SSCANF) += sscanf.o endif +obj-y += abuf.o obj-y += date.o obj-y += rtc-lib.o obj-$(CONFIG_LIB_ELF) += elf.o diff --git a/lib/abuf.c b/lib/abuf.c new file mode 100644 index 0000000000..4b17e0b8c0 --- /dev/null +++ b/lib/abuf.c @@ -0,0 +1,109 @@ +// SPDX-License-Identifier: GPL-2.0+ +/* + * Handles a buffer that can be allocated and freed + * + * Copyright 2021 Google LLC + * Written by Simon Glass + */ + +#include +#include +#include +#include +#include + +void abuf_set(struct abuf *abuf, void *data, size_t size) +{ + abuf_uninit(abuf); + abuf->data = data; + abuf->size = size; +} + +void abuf_map_sysmem(struct abuf *abuf, ulong addr, size_t size) +{ + abuf_set(abuf, map_sysmem(addr, size), size); +} + +bool abuf_realloc(struct abuf *abuf, size_t new_size) +{ + void *ptr; + + if (!new_size) { + /* easy case, just need to uninit, freeing any allocation */ + abuf_uninit(abuf); + return true; + } else if (abuf->alloced) { + /* currently allocated, so need to reallocate */ + ptr = realloc(abuf->data, new_size); + if (!ptr) + return false; + abuf->data = ptr; + abuf->size = new_size; + return true; + } else if (new_size <= abuf->size) { + /* + * not currently alloced and new size is no larger. Just update + * it. Data is lost off the end if new_size < abuf->size + */ + abuf->size = new_size; + return true; + } else { + /* not currently allocated and new size is larger. Alloc and + * copy in data. The new space is not inited. + */ + ptr = memdup(abuf->data, new_size); + if (!ptr) + return false; + abuf->data = ptr; + abuf->size = new_size; + abuf->alloced = true; + return true; + } +} + +void *abuf_uninit_move(struct abuf *abuf, size_t *sizep) +{ + void *ptr; + + if (sizep) + *sizep = abuf->size; + if (!abuf->size) + return NULL; + if (abuf->alloced) { + ptr = abuf->data; + } else { + ptr = memdup(abuf->data, abuf->size); + if (!ptr) + return NULL; + } + /* Clear everything out so there is no record of the data */ + abuf_init(abuf); + + return ptr; +} + +void abuf_init_set(struct abuf *abuf, void *data, size_t size) +{ + abuf_init(abuf); + abuf_set(abuf, data, size); +} + +void abuf_init_move(struct abuf *abuf, void *data, size_t size) +{ + abuf_init_set(abuf, data, size); + abuf->alloced = true; +} + +void abuf_uninit(struct abuf *abuf) +{ + if (abuf->alloced) + free(abuf->data); + abuf_init(abuf); +} + +void abuf_init(struct abuf *abuf) +{ + abuf->data = NULL; + abuf->size = 0; + abuf->alloced = false; +} diff --git a/test/lib/Makefile b/test/lib/Makefile index 6fd0514251..d244bb431d 100644 --- a/test/lib/Makefile +++ b/test/lib/Makefile @@ -3,6 +3,7 @@ # (C) Copyright 2018 # Mario Six, Guntermann & Drunck GmbH, mario.six@gdsys.cc obj-y += cmd_ut_lib.o +obj-y += abuf.o obj-$(CONFIG_EFI_LOADER) += efi_device_path.o obj-$(CONFIG_EFI_SECURE_BOOT) += efi_image_region.o obj-y += hexdump.o diff --git a/test/lib/abuf.c b/test/lib/abuf.c new file mode 100644 index 0000000000..086c9b2282 --- /dev/null +++ b/test/lib/abuf.c @@ -0,0 +1,344 @@ +// SPDX-License-Identifier: GPL-2.0+ +/* + * Copyright 2021 Google LLC + * Written by Simon Glass + */ + +#include +#include +#include +#include +#include +#include + +static char test_data[] = "1234"; +#define TEST_DATA_LEN sizeof(test_data) + +/* Test abuf_set() */ +static int lib_test_abuf_set(struct unit_test_state *uts) +{ + struct abuf buf; + ulong start; + + start = ut_check_free(); + + abuf_init(&buf); + abuf_set(&buf, test_data, TEST_DATA_LEN); + ut_asserteq_ptr(test_data, buf.data); + ut_asserteq(TEST_DATA_LEN, buf.size); + ut_asserteq(false, buf.alloced); + + /* Force it to allocate */ + ut_asserteq(true, abuf_realloc(&buf, TEST_DATA_LEN + 1)); + ut_assertnonnull(buf.data); + ut_asserteq(TEST_DATA_LEN + 1, buf.size); + ut_asserteq(true, buf.alloced); + + /* Now set it again, to force it to free */ + abuf_set(&buf, test_data, TEST_DATA_LEN); + ut_asserteq_ptr(test_data, buf.data); + ut_asserteq(TEST_DATA_LEN, buf.size); + ut_asserteq(false, buf.alloced); + + /* Check for memory leaks */ + ut_assertok(ut_check_delta(start)); + + return 0; +} +LIB_TEST(lib_test_abuf_set, 0); + +/* Test abuf_map_sysmem() */ +static int lib_test_abuf_map_sysmem(struct unit_test_state *uts) +{ + struct abuf buf; + ulong addr; + + abuf_init(&buf); + addr = 0x100; + abuf_map_sysmem(&buf, addr, TEST_DATA_LEN); + + ut_asserteq_ptr(map_sysmem(0x100, 0), buf.data); + ut_asserteq(TEST_DATA_LEN, buf.size); + ut_asserteq(false, buf.alloced); + + return 0; +} +LIB_TEST(lib_test_abuf_map_sysmem, 0); + +/* Test abuf_realloc() */ +static int lib_test_abuf_realloc(struct unit_test_state *uts) +{ + struct abuf buf; + ulong start; + void *ptr; + + /* + * TODO: crashes on sandbox sometimes due to an apparent bug in + * realloc(). + */ + return 0; + + start = ut_check_free(); + + abuf_init(&buf); + + /* Allocate an empty buffer */ + ut_asserteq(true, abuf_realloc(&buf, 0)); + ut_assertnull(buf.data); + ut_asserteq(0, buf.size); + ut_asserteq(false, buf.alloced); + + /* Allocate a non-empty abuf */ + ut_asserteq(true, abuf_realloc(&buf, TEST_DATA_LEN)); + ut_assertnonnull(buf.data); + ut_asserteq(TEST_DATA_LEN, buf.size); + ut_asserteq(true, buf.alloced); + ptr = buf.data; + + /* + * Make it smaller; the pointer should remain the same. Note this relies + * on knowledge of how U-Boot's realloc() works + */ + ut_asserteq(true, abuf_realloc(&buf, TEST_DATA_LEN - 1)); + ut_asserteq(TEST_DATA_LEN - 1, buf.size); + ut_asserteq(true, buf.alloced); + ut_asserteq_ptr(ptr, buf.data); + + /* + * Make it larger, forcing reallocation. Note this relies on knowledge + * of how U-Boot's realloc() works + */ + ut_asserteq(true, abuf_realloc(&buf, 0x1000)); + ut_assert(buf.data != ptr); + ut_asserteq(0x1000, buf.size); + ut_asserteq(true, buf.alloced); + + /* Free it */ + ut_asserteq(true, abuf_realloc(&buf, 0)); + ut_assertnull(buf.data); + ut_asserteq(0, buf.size); + ut_asserteq(false, buf.alloced); + + /* Check for memory leaks */ + ut_assertok(ut_check_delta(start)); + + return 0; +} +LIB_TEST(lib_test_abuf_realloc, 0); + +/* Test handling of buffers that are too large */ +static int lib_test_abuf_large(struct unit_test_state *uts) +{ + struct abuf buf; + ulong start; + size_t size; + int delta; + void *ptr; + + /* + * This crashes at present due to trying to allocate more memory than + * available, which breaks something on sandbox. + */ + return 0; + + start = ut_check_free(); + + /* Try an impossible size */ + abuf_init(&buf); + ut_asserteq(false, abuf_realloc(&buf, CONFIG_SYS_MALLOC_LEN)); + ut_assertnull(buf.data); + ut_asserteq(0, buf.size); + ut_asserteq(false, buf.alloced); + + abuf_uninit(&buf); + ut_assertnull(buf.data); + ut_asserteq(0, buf.size); + ut_asserteq(false, buf.alloced); + + /* Start with a normal size then try to increase it, to check realloc */ + ut_asserteq(true, abuf_realloc(&buf, TEST_DATA_LEN)); + ut_assertnonnull(buf.data); + ut_asserteq(TEST_DATA_LEN, buf.size); + ut_asserteq(true, buf.alloced); + ptr = buf.data; + delta = ut_check_delta(start); + ut_assert(delta > 0); + + /* try to increase it */ + ut_asserteq(false, abuf_realloc(&buf, CONFIG_SYS_MALLOC_LEN)); + ut_asserteq_ptr(ptr, buf.data); + ut_asserteq(TEST_DATA_LEN, buf.size); + ut_asserteq(true, buf.alloced); + ut_asserteq(delta, ut_check_delta(start)); + + /* Check for memory leaks */ + abuf_uninit(&buf); + ut_assertok(ut_check_delta(start)); + + /* Start with a huge unallocated buf and try to move it */ + abuf_init(&buf); + abuf_map_sysmem(&buf, 0, CONFIG_SYS_MALLOC_LEN); + ut_asserteq(CONFIG_SYS_MALLOC_LEN, buf.size); + ut_asserteq(false, buf.alloced); + ut_assertnull(abuf_uninit_move(&buf, &size)); + + /* Check for memory leaks */ + abuf_uninit(&buf); + ut_assertok(ut_check_delta(start)); + + return 0; +} +LIB_TEST(lib_test_abuf_large, 0); + +/* Test abuf_uninit_move() */ +static int lib_test_abuf_uninit_move(struct unit_test_state *uts) +{ + void *ptr, *orig_ptr; + struct abuf buf; + size_t size; + ulong start; + int delta; + + start = ut_check_free(); + + /* + * TODO: crashes on sandbox sometimes due to an apparent bug in + * realloc(). + */ + return 0; + + /* Move an empty buffer */ + abuf_init(&buf); + ut_assertnull(abuf_uninit_move(&buf, &size)); + ut_asserteq(0, size); + ut_assertnull(abuf_uninit_move(&buf, NULL)); + + /* Move an unallocated buffer */ + abuf_set(&buf, test_data, TEST_DATA_LEN); + ut_assertok(ut_check_delta(start)); + ptr = abuf_uninit_move(&buf, &size); + ut_asserteq(TEST_DATA_LEN, size); + ut_asserteq_str(ptr, test_data); + ut_assertnonnull(ptr); + ut_assertnull(buf.data); + ut_asserteq(0, buf.size); + ut_asserteq(false, buf.alloced); + + /* Check that freeing it frees the only allocation */ + delta = ut_check_delta(start); + ut_assert(delta > 0); + free(ptr); + ut_assertok(ut_check_delta(start)); + + /* Move an allocated buffer */ + ut_asserteq(true, abuf_realloc(&buf, TEST_DATA_LEN)); + orig_ptr = buf.data; + strcpy(orig_ptr, test_data); + + delta = ut_check_delta(start); + ut_assert(delta > 0); + ptr = abuf_uninit_move(&buf, &size); + ut_asserteq(TEST_DATA_LEN, size); + ut_assertnonnull(ptr); + ut_asserteq_ptr(ptr, orig_ptr); + ut_asserteq_str(ptr, test_data); + ut_assertnull(buf.data); + ut_asserteq(0, buf.size); + ut_asserteq(false, buf.alloced); + + /* Check there was no new allocation */ + ut_asserteq(delta, ut_check_delta(start)); + + /* Check that freeing it frees the only allocation */ + free(ptr); + ut_assertok(ut_check_delta(start)); + + /* Move an unallocated buffer, without the size */ + abuf_set(&buf, test_data, TEST_DATA_LEN); + ut_assertok(ut_check_delta(start)); + ptr = abuf_uninit_move(&buf, NULL); + ut_asserteq_str(ptr, test_data); + + return 0; +} +LIB_TEST(lib_test_abuf_uninit_move, 0); + +/* Test abuf_uninit() */ +static int lib_test_abuf_uninit(struct unit_test_state *uts) +{ + struct abuf buf; + + /* Nothing in the buffer */ + abuf_init(&buf); + abuf_uninit(&buf); + ut_assertnull(buf.data); + ut_asserteq(0, buf.size); + ut_asserteq(false, buf.alloced); + + /* Not allocated */ + abuf_set(&buf, test_data, TEST_DATA_LEN); + abuf_uninit(&buf); + ut_assertnull(buf.data); + ut_asserteq(0, buf.size); + ut_asserteq(false, buf.alloced); + + return 0; +} +LIB_TEST(lib_test_abuf_uninit, 0); + +/* Test abuf_init_set() */ +static int lib_test_abuf_init_set(struct unit_test_state *uts) +{ + struct abuf buf; + + abuf_init_set(&buf, test_data, TEST_DATA_LEN); + ut_asserteq_ptr(test_data, buf.data); + ut_asserteq(TEST_DATA_LEN, buf.size); + ut_asserteq(false, buf.alloced); + + return 0; +} +LIB_TEST(lib_test_abuf_init_set, 0); + +/* Test abuf_init_move() */ +static int lib_test_abuf_init_move(struct unit_test_state *uts) +{ + struct abuf buf; + void *ptr; + + /* + * TODO: crashes on sandbox sometimes due to an apparent bug in + * realloc(). + */ + return 0; + + ptr = strdup(test_data); + ut_assertnonnull(ptr); + + free(ptr); + + abuf_init_move(&buf, ptr, TEST_DATA_LEN); + ut_asserteq_ptr(ptr, abuf_data(&buf)); + ut_asserteq(TEST_DATA_LEN, abuf_size(&buf)); + ut_asserteq(true, buf.alloced); + + return 0; +} +LIB_TEST(lib_test_abuf_init_move, 0); + +/* Test abuf_init() */ +static int lib_test_abuf_init(struct unit_test_state *uts) +{ + struct abuf buf; + + buf.data = &buf; + buf.size = 123; + buf.alloced = true; + abuf_init(&buf); + ut_assertnull(buf.data); + ut_asserteq(0, buf.size); + ut_asserteq(false, buf.alloced); + + return 0; +} +LIB_TEST(lib_test_abuf_init, 0); -- cgit v1.2.3 From 94d0a2efc0315e2c5e3b62a7420292f0ce058079 Mon Sep 17 00:00:00 2001 From: Simon Glass Date: Sat, 25 Sep 2021 07:03:09 -0600 Subject: zstd: Create a function for use from U-Boot The existing zstd API requires the same sequence of calls to perform its task. Create a helper for U-Boot, to avoid code duplication, as is done with other compression algorithms. Make use of of this from the image code. Note that the zstd code lacks a test in test/compression.c and this should be added by the maintainer. Signed-off-by: Simon Glass --- common/image.c | 50 ++++++++-------------------------------- include/linux/zstd.h | 11 +++++++++ lib/zstd/Makefile | 2 +- lib/zstd/zstd.c | 64 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 85 insertions(+), 42 deletions(-) create mode 100644 lib/zstd/zstd.c (limited to 'lib') diff --git a/common/image.c b/common/image.c index 8ac57081fd..2437223018 100644 --- a/common/image.c +++ b/common/image.c @@ -22,6 +22,7 @@ #include #endif +#include #include #include @@ -527,50 +528,17 @@ int image_decomp(int comp, ulong load, ulong image_start, int type, #ifndef USE_HOSTCC #if CONFIG_IS_ENABLED(ZSTD) case IH_COMP_ZSTD: { - size_t size = unc_len; - ZSTD_DStream *dstream; - ZSTD_inBuffer in_buf; - ZSTD_outBuffer out_buf; - void *workspace; - size_t wsize; - - wsize = ZSTD_DStreamWorkspaceBound(image_len); - workspace = malloc(wsize); - if (!workspace) { - debug("%s: cannot allocate workspace of size %zu\n", __func__, - wsize); - return -1; - } - - dstream = ZSTD_initDStream(image_len, workspace, wsize); - if (!dstream) { - printf("%s: ZSTD_initDStream failed\n", __func__); - return ZSTD_getErrorCode(ret); - } - - in_buf.src = image_buf; - in_buf.pos = 0; - in_buf.size = image_len; + struct abuf in, out; - out_buf.dst = load_buf; - out_buf.pos = 0; - out_buf.size = size; - - while (1) { - size_t ret; - - ret = ZSTD_decompressStream(dstream, &out_buf, &in_buf); - if (ZSTD_isError(ret)) { - printf("%s: ZSTD_decompressStream error %d\n", __func__, - ZSTD_getErrorCode(ret)); - return ZSTD_getErrorCode(ret); - } - - if (in_buf.pos >= image_len || !ret) - break; + abuf_init_set(&in, image_buf, image_len); + abuf_init_set(&in, load_buf, unc_len); + ret = zstd_decompress(&in, &out); + if (ret < 0) { + printf("ZSTD decompression failed\n"); + return ret; } - image_len = out_buf.pos; + image_len = ret; break; } diff --git a/include/linux/zstd.h b/include/linux/zstd.h index 724f69350e..35ba4c90aa 100644 --- a/include/linux/zstd.h +++ b/include/linux/zstd.h @@ -1144,4 +1144,15 @@ size_t ZSTD_decompressBlock(ZSTD_DCtx *dctx, void *dst, size_t dstCapacity, size_t ZSTD_insertBlock(ZSTD_DCtx *dctx, const void *blockStart, size_t blockSize); +struct abuf; + +/** + * zstd_decompress() - Decompress Zstandard data + * + * @in: Input buffer to decompress + * @out: Output buffer to hold the results (must be large enough) + * @return size of the decompressed data, or -ve on error + */ +int zstd_decompress(struct abuf *in, struct abuf *out); + #endif /* ZSTD_H */ diff --git a/lib/zstd/Makefile b/lib/zstd/Makefile index 33c1df48ec..1217089292 100644 --- a/lib/zstd/Makefile +++ b/lib/zstd/Makefile @@ -1,4 +1,4 @@ obj-y += zstd_decompress.o zstd_decompress-y := huf_decompress.o decompress.o \ - entropy_common.o fse_decompress.o zstd_common.o + entropy_common.o fse_decompress.o zstd_common.o zstd.o diff --git a/lib/zstd/zstd.c b/lib/zstd/zstd.c new file mode 100644 index 0000000000..bf9cd19cfa --- /dev/null +++ b/lib/zstd/zstd.c @@ -0,0 +1,64 @@ +// SPDX-License-Identifier: GPL-2.0+ +/* + * Copyright 2021 Google LLC + */ + +#define LOG_CATEGORY LOGC_BOOT + +#include +#include +#include +#include +#include + +int zstd_decompress(struct abuf *in, struct abuf *out) +{ + ZSTD_DStream *dstream; + ZSTD_inBuffer in_buf; + ZSTD_outBuffer out_buf; + void *workspace; + size_t wsize; + int ret; + + wsize = ZSTD_DStreamWorkspaceBound(abuf_size(in)); + workspace = malloc(wsize); + if (!workspace) { + debug("%s: cannot allocate workspace of size %zu\n", __func__, + wsize); + return -ENOMEM; + } + + dstream = ZSTD_initDStream(abuf_size(in), workspace, wsize); + if (!dstream) { + log_err("%s: ZSTD_initDStream failed\n", __func__); + ret = -EPERM; + goto do_free; + } + + in_buf.src = abuf_data(in); + in_buf.pos = 0; + in_buf.size = abuf_size(in); + + out_buf.dst = abuf_data(out); + out_buf.pos = 0; + out_buf.size = abuf_size(out); + + while (1) { + size_t res; + + res = ZSTD_decompressStream(dstream, &out_buf, &in_buf); + if (ZSTD_isError(res)) { + ret = ZSTD_getErrorCode(res); + log_err("ZSTD_decompressStream error %d\n", ret); + goto do_free; + } + + if (in_buf.pos >= abuf_size(in) || !res) + break; + } + + ret = out_buf.pos; +do_free: + free(workspace); + return ret; +} -- cgit v1.2.3 From 5a4f10d71bfe2b7a5646cf1f96b298805b36df7a Mon Sep 17 00:00:00 2001 From: Simon Glass Date: Sat, 25 Sep 2021 07:03:13 -0600 Subject: gzip: Avoid use of u64 The gzip API uses the u64 type in it, which is not available in the host build. This makes it impossible to include the header file. We could make this type available, but it seems unnecessary. Limiting the compression size to that of the 'unsigned long' type seems good enough. On 32-bit machines the limit then becomes 4GB, which likely exceeds available RAM anyway, therefore it should be sufficient. On 64-bit machines this is effectively u64 anyway. Update the header file and implementation to use 'ulong' instead of 'u64'. Add a definition of u32 for the cases that seem to need exactly that length. This should be safe enough. Signed-off-by: Simon Glass --- include/compiler.h | 3 +++ include/gzip.h | 8 ++++---- lib/gunzip.c | 28 ++++++++++++++-------------- 3 files changed, 21 insertions(+), 18 deletions(-) (limited to 'lib') diff --git a/include/compiler.h b/include/compiler.h index 67e52050b1..6b0d3bf537 100644 --- a/include/compiler.h +++ b/include/compiler.h @@ -68,6 +68,9 @@ typedef uint32_t __u32; typedef unsigned int uint; typedef unsigned long ulong; +/* Define these on the host so we can build some target code */ +typedef __u32 u32; + #define uswap_16(x) \ ((((x) & 0xff00) >> 8) | \ (((x) & 0x00ff) << 8)) diff --git a/include/gzip.h b/include/gzip.h index 783acbb60d..cb4db3d70f 100644 --- a/include/gzip.h +++ b/include/gzip.h @@ -54,11 +54,11 @@ int zunzip(void *dst, int dstlen, unsigned char *src, unsigned long *lenp, * gzwrite_progress_finish called at end of loop to * indicate success (retcode=0) or failure */ -void gzwrite_progress_init(u64 expected_size); +void gzwrite_progress_init(ulong expected_size); -void gzwrite_progress(int iteration, u64 bytes_written, u64 total_bytes); +void gzwrite_progress(int iteration, ulong bytes_written, ulong total_bytes); -void gzwrite_progress_finish(int retcode, u64 totalwritten, u64 totalsize, +void gzwrite_progress_finish(int retcode, ulong totalwritten, ulong totalsize, u32 expected_crc, u32 calculated_crc); /** @@ -74,7 +74,7 @@ void gzwrite_progress_finish(int retcode, u64 totalwritten, u64 totalsize, * @return 0 if OK, -1 on error */ int gzwrite(unsigned char *src, int len, struct blk_desc *dev, ulong szwritebuf, - u64 startoffs, u64 szexpected); + ulong startoffs, ulong szexpected); /** * gzip()- Compress data into a buffer using the gzip algorithm diff --git a/lib/gunzip.c b/lib/gunzip.c index bee3b9261f..a8e498d98d 100644 --- a/lib/gunzip.c +++ b/lib/gunzip.c @@ -84,32 +84,32 @@ int gunzip(void *dst, int dstlen, unsigned char *src, unsigned long *lenp) #ifdef CONFIG_CMD_UNZIP __weak -void gzwrite_progress_init(u64 expectedsize) +void gzwrite_progress_init(ulong expectedsize) { putc('\n'); } __weak void gzwrite_progress(int iteration, - u64 bytes_written, - u64 total_bytes) + ulong bytes_written, + ulong total_bytes) { if (0 == (iteration & 3)) - printf("%llu/%llu\r", bytes_written, total_bytes); + printf("%lu/%lu\r", bytes_written, total_bytes); } __weak void gzwrite_progress_finish(int returnval, - u64 bytes_written, - u64 total_bytes, + ulong bytes_written, + ulong total_bytes, u32 expected_crc, u32 calculated_crc) { if (0 == returnval) { - printf("\n\t%llu bytes, crc 0x%08x\n", + printf("\n\t%lu bytes, crc 0x%08x\n", total_bytes, calculated_crc); } else { - printf("\n\tuncompressed %llu of %llu\n" + printf("\n\tuncompressed %lu of %lu\n" "\tcrcs == 0x%08x/0x%08x\n", bytes_written, total_bytes, expected_crc, calculated_crc); @@ -119,15 +119,15 @@ void gzwrite_progress_finish(int returnval, int gzwrite(unsigned char *src, int len, struct blk_desc *dev, unsigned long szwritebuf, - u64 startoffs, - u64 szexpected) + ulong startoffs, + ulong szexpected) { int i, flags; z_stream s; int r = 0; unsigned char *writebuf; unsigned crc = 0; - u64 totalfilled = 0; + ulong totalfilled = 0; lbaint_t blksperbuf, outblock; u32 expected_crc; u32 payload_size; @@ -142,7 +142,7 @@ int gzwrite(unsigned char *src, int len, } if (startoffs & (dev->blksz-1)) { - printf("%s: start offset %llu not a multiple of %lu\n", + printf("%s: start offset %lu not a multiple of %lu\n", __func__, startoffs, dev->blksz); return -1; } @@ -182,12 +182,12 @@ int gzwrite(unsigned char *src, int len, if (szexpected == 0) { szexpected = le32_to_cpu(szuncompressed); } else if (szuncompressed != (u32)szexpected) { - printf("size of %llx doesn't match trailer low bits %x\n", + printf("size of %lx doesn't match trailer low bits %x\n", szexpected, szuncompressed); return -1; } if (lldiv(szexpected, dev->blksz) > (dev->lba - outblock)) { - printf("%s: uncompressed size %llu exceeds device size\n", + printf("%s: uncompressed size %lu exceeds device size\n", __func__, szexpected); return -1; } -- cgit v1.2.3 From 603d15a572d5b1e2894db87b86d85a092dacdfd1 Mon Sep 17 00:00:00 2001 From: Simon Glass Date: Sat, 25 Sep 2021 19:43:17 -0600 Subject: spl: cypto: Bring back SPL_ versions of SHA Unfortunately these were removed by mistake. This means that adding hash support to SPL brings in all software algorithms, with a substantial increase in code size. The origin of the problem was renaming them to SPL_FIT_xxx and then these were removed altogether in a later commit. Add them back. This aligns with CONFIG_MD5, for example, which has an SPL variant. Signed-off-by: Simon Glass Fixes: f5bc9c25f31 ("image: Rename SPL_SHAxxx_SUPPORT to SPL_FIT_SHAxxx") Fixes: eb5171ddec9 ("common: Remove unused CONFIG_FIT_SHAxxx selectors") Reviewed-by: Alexandru Gagniuc --- lib/Kconfig | 43 ++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 42 insertions(+), 1 deletion(-) (limited to 'lib') diff --git a/lib/Kconfig b/lib/Kconfig index 034af724b5..7899e756f9 100644 --- a/lib/Kconfig +++ b/lib/Kconfig @@ -373,7 +373,6 @@ config SHA256 The SHA256 algorithm produces a 256-bit (32-byte) hash value (digest). - config SHA512 bool "Enable SHA512 support" help @@ -399,6 +398,48 @@ config SHA_HW_ACCEL hashing algorithms. This affects the 'hash' command and also the hash_lookup_algo() function. +if SPL + +config SPL_SHA1 + bool "Enable SHA1 support in SPL" + default y if SHA1 + help + This option enables support of hashing using SHA1 algorithm. + The hash is calculated in software. + The SHA1 algorithm produces a 160-bit (20-byte) hash value + (digest). + +config SPL_SHA256 + bool "Enable SHA256 support in SPL" + default y if SHA256 + help + This option enables support of hashing using SHA256 algorithm. + The hash is calculated in software. + The SHA256 algorithm produces a 256-bit (32-byte) hash value + (digest). + +config SPL_SHA512 + bool "Enable SHA512 support in SPL" + default y if SHA512 + help + This option enables support of hashing using SHA512 algorithm. + The hash is calculated in software. + The SHA512 algorithm produces a 512-bit (64-byte) hash value + (digest). + +config SPL_SHA384 + bool "Enable SHA384 support in SPL" + default y if SHA384 + select SPL_SHA512 + help + This option enables support of hashing using SHA384 algorithm. + The hash is calculated in software. This is also selects SHA512, + because these implementations share the bulk of the code.. + The SHA384 algorithm produces a 384-bit (48-byte) hash value + (digest). + +endif + if SHA_HW_ACCEL config SHA512_HW_ACCEL -- cgit v1.2.3 From 2c21256b27d70b5950bd059330cdab027fb6ab7e Mon Sep 17 00:00:00 2001 From: Simon Glass Date: Sat, 25 Sep 2021 19:43:18 -0600 Subject: hash: Use Kconfig to enable hashing in host tools and SPL At present when building host tools, we force CONFIG_SHAxxx to be enabled regardless of the board Kconfig setting. This is done in the image.h header file. For SPL we currently just assume the algorithm is desired if U-Boot proper enables it. Clean this up by adding new Kconfig options to enable hashing on the host, relying on CONFIG_IS_ENABLED() to deal with the different builds. Add new SPL Kconfigs for hardware-accelerated hashing, to maintain the current settings. This allows us to drop the image.h code and the I_WANT_MD5 hack. Signed-off-by: Simon Glass Reviewed-by: Alexandru Gagniuc --- common/hash.c | 49 +++++++++++++++++++++++-------------------------- include/fdt_support.h | 2 +- include/hash.h | 6 +++++- include/image.h | 5 ----- lib/Kconfig | 18 ++++++++++++++++++ tools/Kconfig | 25 +++++++++++++++++++++++++ 6 files changed, 72 insertions(+), 33 deletions(-) (limited to 'lib') diff --git a/common/hash.c b/common/hash.c index 3884298edf..2b8e7a4d5c 100644 --- a/common/hash.c +++ b/common/hash.c @@ -25,6 +25,7 @@ #else #include "mkimage.h" #include +#include #endif /* !USE_HOSTCC*/ #include @@ -41,7 +42,7 @@ DECLARE_GLOBAL_DATA_PTR; static void reloc_update(void); -#if defined(CONFIG_SHA1) && !defined(CONFIG_SHA_PROG_HW_ACCEL) +#if CONFIG_IS_ENABLED(SHA1) && !CONFIG_IS_ENABLED(SHA_PROG_HW_ACCEL) static int hash_init_sha1(struct hash_algo *algo, void **ctxp) { sha1_context *ctx = malloc(sizeof(sha1_context)); @@ -69,7 +70,7 @@ static int hash_finish_sha1(struct hash_algo *algo, void *ctx, void *dest_buf, } #endif -#if defined(CONFIG_SHA256) && !defined(CONFIG_SHA_PROG_HW_ACCEL) +#if CONFIG_IS_ENABLED(SHA256) && !CONFIG_IS_ENABLED(SHA_PROG_HW_ACCEL) static int hash_init_sha256(struct hash_algo *algo, void **ctxp) { sha256_context *ctx = malloc(sizeof(sha256_context)); @@ -97,7 +98,7 @@ static int hash_finish_sha256(struct hash_algo *algo, void *ctx, void } #endif -#if defined(CONFIG_SHA384) && !defined(CONFIG_SHA_PROG_HW_ACCEL) +#if CONFIG_IS_ENABLED(SHA384) && !CONFIG_IS_ENABLED(SHA_PROG_HW_ACCEL) static int hash_init_sha384(struct hash_algo *algo, void **ctxp) { sha512_context *ctx = malloc(sizeof(sha512_context)); @@ -125,7 +126,7 @@ static int hash_finish_sha384(struct hash_algo *algo, void *ctx, void } #endif -#if defined(CONFIG_SHA512) && !defined(CONFIG_SHA_PROG_HW_ACCEL) +#if CONFIG_IS_ENABLED(SHA512) && !CONFIG_IS_ENABLED(SHA_PROG_HW_ACCEL) static int hash_init_sha512(struct hash_algo *algo, void **ctxp) { sha512_context *ctx = malloc(sizeof(sha512_context)); @@ -207,18 +208,13 @@ static int hash_finish_crc32(struct hash_algo *algo, void *ctx, void *dest_buf, return 0; } -#ifdef USE_HOSTCC -# define I_WANT_MD5 1 -#else -# define I_WANT_MD5 CONFIG_IS_ENABLED(MD5) -#endif /* * These are the hash algorithms we support. If we have hardware acceleration * is enable we will use that, otherwise a software version of the algorithm. * Note that algorithm names must be in lower case. */ static struct hash_algo hash_algo[] = { -#if I_WANT_MD5 +#if CONFIG_IS_ENABLED(MD5) { .name = "md5", .digest_size = MD5_SUM_LEN, @@ -226,17 +222,17 @@ static struct hash_algo hash_algo[] = { .hash_func_ws = md5_wd, }, #endif -#ifdef CONFIG_SHA1 +#if CONFIG_IS_ENABLED(SHA1) { .name = "sha1", .digest_size = SHA1_SUM_LEN, .chunk_size = CHUNKSZ_SHA1, -#ifdef CONFIG_SHA_HW_ACCEL +#if CONFIG_IS_ENABLED(SHA_HW_ACCEL) .hash_func_ws = hw_sha1, #else .hash_func_ws = sha1_csum_wd, #endif -#ifdef CONFIG_SHA_PROG_HW_ACCEL +#if CONFIG_IS_ENABLED(SHA_PROG_HW_ACCEL) .hash_init = hw_sha_init, .hash_update = hw_sha_update, .hash_finish = hw_sha_finish, @@ -247,17 +243,17 @@ static struct hash_algo hash_algo[] = { #endif }, #endif -#ifdef CONFIG_SHA256 +#if CONFIG_IS_ENABLED(SHA256) { .name = "sha256", .digest_size = SHA256_SUM_LEN, .chunk_size = CHUNKSZ_SHA256, -#ifdef CONFIG_SHA_HW_ACCEL +#if CONFIG_IS_ENABLED(SHA_HW_ACCEL) .hash_func_ws = hw_sha256, #else .hash_func_ws = sha256_csum_wd, #endif -#ifdef CONFIG_SHA_PROG_HW_ACCEL +#if CONFIG_IS_ENABLED(SHA_PROG_HW_ACCEL) .hash_init = hw_sha_init, .hash_update = hw_sha_update, .hash_finish = hw_sha_finish, @@ -268,17 +264,17 @@ static struct hash_algo hash_algo[] = { #endif }, #endif -#ifdef CONFIG_SHA384 +#if CONFIG_IS_ENABLED(SHA384) { .name = "sha384", .digest_size = SHA384_SUM_LEN, .chunk_size = CHUNKSZ_SHA384, -#ifdef CONFIG_SHA512_HW_ACCEL +#if CONFIG_IS_ENABLED(SHA512_HW_ACCEL) .hash_func_ws = hw_sha384, #else .hash_func_ws = sha384_csum_wd, #endif -#if defined(CONFIG_SHA512_HW_ACCEL) && defined(CONFIG_SHA_PROG_HW_ACCEL) +#if CONFIG_IS_ENABLED(SHA512_HW_ACCEL) && CONFIG_IS_ENABLED(SHA_PROG_HW_ACCEL) .hash_init = hw_sha_init, .hash_update = hw_sha_update, .hash_finish = hw_sha_finish, @@ -289,17 +285,17 @@ static struct hash_algo hash_algo[] = { #endif }, #endif -#ifdef CONFIG_SHA512 +#if CONFIG_IS_ENABLED(SHA512) { .name = "sha512", .digest_size = SHA512_SUM_LEN, .chunk_size = CHUNKSZ_SHA512, -#ifdef CONFIG_SHA512_HW_ACCEL +#if CONFIG_IS_ENABLED(SHA512_HW_ACCEL) .hash_func_ws = hw_sha512, #else .hash_func_ws = sha512_csum_wd, #endif -#if defined(CONFIG_SHA512_HW_ACCEL) && defined(CONFIG_SHA_PROG_HW_ACCEL) +#if CONFIG_IS_ENABLED(SHA512_HW_ACCEL) && CONFIG_IS_ENABLED(SHA_PROG_HW_ACCEL) .hash_init = hw_sha_init, .hash_update = hw_sha_update, .hash_finish = hw_sha_finish, @@ -331,9 +327,9 @@ static struct hash_algo hash_algo[] = { }; /* Try to minimize code size for boards that don't want much hashing */ -#if defined(CONFIG_SHA256) || defined(CONFIG_CMD_SHA1SUM) || \ - defined(CONFIG_CRC32_VERIFY) || defined(CONFIG_CMD_HASH) || \ - defined(CONFIG_SHA384) || defined(CONFIG_SHA512) +#if CONFIG_IS_ENABLED(SHA256) || CONFIG_IS_ENABLED(CMD_SHA1SUM) || \ + CONFIG_IS_ENABLED(CRC32_VERIFY) || CONFIG_IS_ENABLED(CMD_HASH) || \ + CONFIG_IS_ENABLED(SHA384) || CONFIG_IS_ENABLED(SHA512) #define multi_hash() 1 #else #define multi_hash() 0 @@ -438,7 +434,8 @@ int hash_block(const char *algo_name, const void *data, unsigned int len, return 0; } -#if defined(CONFIG_CMD_HASH) || defined(CONFIG_CMD_SHA1SUM) || defined(CONFIG_CMD_CRC32) +#if !defined(CONFIG_SPL_BUILD) && (defined(CONFIG_CMD_HASH) || \ + defined(CONFIG_CMD_SHA1SUM) || defined(CONFIG_CMD_CRC32)) /** * store_result: Store the resulting sum to an address or variable * diff --git a/include/fdt_support.h b/include/fdt_support.h index 72a5b90c97..88d129c803 100644 --- a/include/fdt_support.h +++ b/include/fdt_support.h @@ -7,7 +7,7 @@ #ifndef __FDT_SUPPORT_H #define __FDT_SUPPORT_H -#ifdef CONFIG_OF_LIBFDT +#if defined(CONFIG_OF_LIBFDT) && !defined(USE_HOSTCC) #include #include diff --git a/include/hash.h b/include/hash.h index 97bb3ed5d9..cfafbe7006 100644 --- a/include/hash.h +++ b/include/hash.h @@ -6,13 +6,17 @@ #ifndef _HASH_H #define _HASH_H +#ifdef USE_HOSTCC +#include +#endif + struct cmd_tbl; /* * Maximum digest size for all algorithms we support. Having this value * avoids a malloc() or C99 local declaration in common/cmd_hash.c. */ -#if defined(CONFIG_SHA384) || defined(CONFIG_SHA512) +#if CONFIG_IS_ENABLED(SHA384) || CONFIG_IS_ENABLED(SHA512) #define HASH_MAX_DIGEST_SIZE 64 #else #define HASH_MAX_DIGEST_SIZE 32 diff --git a/include/image.h b/include/image.h index 73a763a693..03857f4b50 100644 --- a/include/image.h +++ b/include/image.h @@ -31,11 +31,6 @@ struct fdt_region; #define IMAGE_ENABLE_OF_LIBFDT 1 #define CONFIG_FIT_VERBOSE 1 /* enable fit_format_{error,warning}() */ #define CONFIG_FIT_RSASSA_PSS 1 -#define CONFIG_MD5 -#define CONFIG_SHA1 -#define CONFIG_SHA256 -#define CONFIG_SHA384 -#define CONFIG_SHA512 #define IMAGE_ENABLE_IGNORE 0 #define IMAGE_INDENT_STRING "" diff --git a/lib/Kconfig b/lib/Kconfig index 7899e756f9..64765acfa6 100644 --- a/lib/Kconfig +++ b/lib/Kconfig @@ -438,6 +438,24 @@ config SPL_SHA384 The SHA384 algorithm produces a 384-bit (48-byte) hash value (digest). +config SPL_SHA_HW_ACCEL + bool "Enable hardware acceleration for SHA hash functions" + default y if SHA_HW_ACCEL + help + This option enables hardware acceleration for the SHA1 and SHA256 + hashing algorithms. This affects the 'hash' command and also the + hash_lookup_algo() function. + +config SPL_SHA_PROG_HW_ACCEL + bool "Enable Progressive hashing support using hardware in SPL" + depends on SHA_PROG_HW_ACCEL + default y + help + This option enables hardware-acceleration for SHA progressive + hashing. + Data can be streamed in a block at a time and the hashing is + performed in hardware. + endif if SHA_HW_ACCEL diff --git a/tools/Kconfig b/tools/Kconfig index ea986ab047..6ffc2c0aa3 100644 --- a/tools/Kconfig +++ b/tools/Kconfig @@ -45,4 +45,29 @@ config TOOLS_FIT_SIGNATURE_MAX_SIZE depends on TOOLS_FIT_SIGNATURE default 0x10000000 +config TOOLS_MD5 + def_bool y + help + Enable MD5 support in the tools builds + +config TOOLS_SHA1 + def_bool y + help + Enable SHA1 support in the tools builds + +config TOOLS_SHA256 + def_bool y + help + Enable SHA256 support in the tools builds + +config TOOLS_SHA384 + def_bool y + help + Enable SHA384 support in the tools builds + +config TOOLS_SHA512 + def_bool y + help + Enable SHA512 support in the tools builds + endmenu -- cgit v1.2.3 From 0c303f9a6628de9664b4f9140464a6f9d8224c36 Mon Sep 17 00:00:00 2001 From: Simon Glass Date: Sat, 25 Sep 2021 19:43:21 -0600 Subject: image: Drop IMAGE_ENABLE_OF_LIBFDT Add a host Kconfig for OF_LIBFDT. With this we can use CONFIG_IS_ENABLED(OF_LIBFDT) directly in the tools build, so drop the unnecessary indirection. Signed-off-by: Simon Glass Reviewed-by: Alexandru Gagniuc --- arch/arc/lib/bootm.c | 2 +- arch/arm/lib/bootm.c | 4 ++-- arch/microblaze/lib/bootm.c | 2 +- arch/nds32/lib/bootm.c | 4 ++-- arch/riscv/lib/bootm.c | 4 ++-- board/synopsys/hsdk/hsdk.c | 2 +- common/bootm.c | 4 ++-- common/image-board.c | 8 ++++---- common/image.c | 2 +- include/image.h | 3 --- lib/lmb.c | 2 +- tools/Kconfig | 5 +++++ 12 files changed, 22 insertions(+), 20 deletions(-) (limited to 'lib') diff --git a/arch/arc/lib/bootm.c b/arch/arc/lib/bootm.c index 41408c2b46..ed6c5dfa58 100644 --- a/arch/arc/lib/bootm.c +++ b/arch/arc/lib/bootm.c @@ -63,7 +63,7 @@ static void boot_jump_linux(bootm_headers_t *images, int flag) "(fake run for tracing)" : ""); bootstage_mark_name(BOOTSTAGE_ID_BOOTM_HANDOFF, "start_kernel"); - if (IMAGE_ENABLE_OF_LIBFDT && images->ft_len) { + if (CONFIG_IS_ENABLED(OF_LIBFDT) && images->ft_len) { r0 = 2; r2 = (unsigned int)images->ft_addr; } else { diff --git a/arch/arm/lib/bootm.c b/arch/arm/lib/bootm.c index dd6a69315a..a59a5e6c0e 100644 --- a/arch/arm/lib/bootm.c +++ b/arch/arm/lib/bootm.c @@ -199,7 +199,7 @@ static void boot_prep_linux(bootm_headers_t *images) { char *commandline = env_get("bootargs"); - if (IMAGE_ENABLE_OF_LIBFDT && images->ft_len) { + if (CONFIG_IS_ENABLED(OF_LIBFDT) && images->ft_len) { #ifdef CONFIG_OF_LIBFDT debug("using: FDT\n"); if (image_setup_linux(images)) { @@ -356,7 +356,7 @@ static void boot_jump_linux(bootm_headers_t *images, int flag) bootstage_mark(BOOTSTAGE_ID_RUN_OS); announce_and_cleanup(fake); - if (IMAGE_ENABLE_OF_LIBFDT && images->ft_len) + if (CONFIG_IS_ENABLED(OF_LIBFDT) && images->ft_len) r2 = (unsigned long)images->ft_addr; else r2 = gd->bd->bi_boot_params; diff --git a/arch/microblaze/lib/bootm.c b/arch/microblaze/lib/bootm.c index 3a6da6e29f..12ea32488e 100644 --- a/arch/microblaze/lib/bootm.c +++ b/arch/microblaze/lib/bootm.c @@ -75,7 +75,7 @@ static void boot_jump_linux(bootm_headers_t *images, int flag) static void boot_prep_linux(bootm_headers_t *images) { - if (IMAGE_ENABLE_OF_LIBFDT && images->ft_len) { + if (CONFIG_IS_ENABLED(OF_LIBFDT) && images->ft_len) { debug("using: FDT\n"); if (image_setup_linux(images)) { printf("FDT creation failed! hanging..."); diff --git a/arch/nds32/lib/bootm.c b/arch/nds32/lib/bootm.c index 1c7f785699..71ebfb4225 100644 --- a/arch/nds32/lib/bootm.c +++ b/arch/nds32/lib/bootm.c @@ -69,7 +69,7 @@ int do_bootm_linux(int flag, int argc, char *argv[], bootm_headers_t *images) debug("## Transferring control to Linux (at address %08lx) ...\n", (ulong)theKernel); - if (IMAGE_ENABLE_OF_LIBFDT && images->ft_len) { + if (CONFIG_IS_ENABLED(OF_LIBFDT) && images->ft_len) { #ifdef CONFIG_OF_LIBFDT debug("using: FDT\n"); if (image_setup_linux(images)) { @@ -110,7 +110,7 @@ int do_bootm_linux(int flag, int argc, char *argv[], bootm_headers_t *images) #endif } cleanup_before_linux(); - if (IMAGE_ENABLE_OF_LIBFDT && images->ft_len) + if (CONFIG_IS_ENABLED(OF_LIBFDT) && images->ft_len) theKernel(0, machid, (unsigned long)images->ft_addr); else theKernel(0, machid, bd->bi_boot_params); diff --git a/arch/riscv/lib/bootm.c b/arch/riscv/lib/bootm.c index ff1bdf7131..2e1e286c8e 100644 --- a/arch/riscv/lib/bootm.c +++ b/arch/riscv/lib/bootm.c @@ -64,7 +64,7 @@ static void announce_and_cleanup(int fake) static void boot_prep_linux(bootm_headers_t *images) { - if (IMAGE_ENABLE_OF_LIBFDT && images->ft_len) { + if (CONFIG_IS_ENABLED(OF_LIBFDT) && images->ft_len) { #ifdef CONFIG_OF_LIBFDT debug("using: FDT\n"); if (image_setup_linux(images)) { @@ -96,7 +96,7 @@ static void boot_jump_linux(bootm_headers_t *images, int flag) announce_and_cleanup(fake); if (!fake) { - if (IMAGE_ENABLE_OF_LIBFDT && images->ft_len) { + if (CONFIG_IS_ENABLED(OF_LIBFDT) && images->ft_len) { #ifdef CONFIG_SMP ret = smp_call_function(images->ep, (ulong)images->ft_addr, 0, 0); diff --git a/board/synopsys/hsdk/hsdk.c b/board/synopsys/hsdk/hsdk.c index 892b94bb08..226fbba629 100644 --- a/board/synopsys/hsdk/hsdk.c +++ b/board/synopsys/hsdk/hsdk.c @@ -871,7 +871,7 @@ int board_prep_linux(bootm_headers_t *images) if (env_common.core_mask.val == ALL_CPU_MASK) return 0; - if (!IMAGE_ENABLE_OF_LIBFDT || !images->ft_len) { + if (!CONFIG_IS_ENABLED(OF_LIBFDT) || !images->ft_len) { pr_err("WARN: core_mask setup will work properly only with external DTB!\n"); return 0; } diff --git a/common/bootm.c b/common/bootm.c index 8d614fe140..4482f84b40 100644 --- a/common/bootm.c +++ b/common/bootm.c @@ -271,7 +271,7 @@ int bootm_find_images(int flag, int argc, char *const argv[], ulong start, return 1; } -#if IMAGE_ENABLE_OF_LIBFDT +#if CONFIG_IS_ENABLED(OF_LIBFDT) /* find flattened device tree */ ret = boot_get_fdt(flag, argc, argv, IH_ARCH_DEFAULT, &images, &images.ft_addr, &images.ft_len); @@ -706,7 +706,7 @@ int do_bootm_states(struct cmd_tbl *cmdtp, int flag, int argc, } } #endif -#if IMAGE_ENABLE_OF_LIBFDT && defined(CONFIG_LMB) +#if CONFIG_IS_ENABLED(OF_LIBFDT) && defined(CONFIG_LMB) if (!ret && (states & BOOTM_STATE_FDT)) { boot_fdt_add_mem_rsv_regions(&images->lmb, images->ft_addr); ret = boot_relocate_fdt(&images->lmb, &images->ft_addr, diff --git a/common/image-board.c b/common/image-board.c index 0ad75fdc75..cb2479f2f3 100644 --- a/common/image-board.c +++ b/common/image-board.c @@ -282,7 +282,7 @@ int genimg_get_format(const void *img_addr) if (image_check_magic(hdr)) return IMAGE_FORMAT_LEGACY; #endif -#if CONFIG_IS_ENABLED(FIT) || IMAGE_ENABLE_OF_LIBFDT +#if CONFIG_IS_ENABLED(FIT) || CONFIG_IS_ENABLED(OF_LIBFDT) if (fdt_check_header(img_addr) == 0) return IMAGE_FORMAT_FIT; #endif @@ -895,7 +895,7 @@ int image_setup_linux(bootm_headers_t *images) struct lmb *lmb = &images->lmb; int ret; - if (IMAGE_ENABLE_OF_LIBFDT) + if (CONFIG_IS_ENABLED(OF_LIBFDT)) boot_fdt_add_mem_rsv_regions(lmb, *of_flat_tree); if (IMAGE_BOOT_GET_CMDLINE) { @@ -907,13 +907,13 @@ int image_setup_linux(bootm_headers_t *images) } } - if (IMAGE_ENABLE_OF_LIBFDT) { + if (CONFIG_IS_ENABLED(OF_LIBFDT)) { ret = boot_relocate_fdt(lmb, of_flat_tree, &of_size); if (ret) return ret; } - if (IMAGE_ENABLE_OF_LIBFDT && of_size) { + if (CONFIG_IS_ENABLED(OF_LIBFDT) && of_size) { ret = image_setup_libfdt(images, *of_flat_tree, of_size, lmb); if (ret) return ret; diff --git a/common/image.c b/common/image.c index 59b5e70cca..5b77113bea 100644 --- a/common/image.c +++ b/common/image.c @@ -18,7 +18,7 @@ #include #endif -#if CONFIG_IS_ENABLED(FIT) || IMAGE_ENABLE_OF_LIBFDT +#if CONFIG_IS_ENABLED(FIT) || CONFIG_IS_ENABLED(OF_LIBFDT) #include #include #endif diff --git a/include/image.h b/include/image.h index 6c229212cb..f09eb9de51 100644 --- a/include/image.h +++ b/include/image.h @@ -28,7 +28,6 @@ struct fdt_region; #include /* new uImage format support enabled on host */ -#define IMAGE_ENABLE_OF_LIBFDT 1 #define CONFIG_FIT_VERBOSE 1 /* enable fit_format_{error,warning}() */ #define CONFIG_FIT_RSASSA_PSS 1 @@ -46,8 +45,6 @@ struct fdt_region; #define IMAGE_ENABLE_IGNORE 1 #define IMAGE_INDENT_STRING " " -#define IMAGE_ENABLE_OF_LIBFDT CONFIG_IS_ENABLED(OF_LIBFDT) - #endif /* USE_HOSTCC */ #if CONFIG_IS_ENABLED(FIT) diff --git a/lib/lmb.c b/lib/lmb.c index 793647724c..676b3a0bda 100644 --- a/lib/lmb.c +++ b/lib/lmb.c @@ -153,7 +153,7 @@ static void lmb_reserve_common(struct lmb *lmb, void *fdt_blob) arch_lmb_reserve(lmb); board_lmb_reserve(lmb); - if (IMAGE_ENABLE_OF_LIBFDT && fdt_blob) + if (CONFIG_IS_ENABLED(OF_LIBFDT) && fdt_blob) boot_fdt_add_mem_rsv_regions(lmb, fdt_blob); } diff --git a/tools/Kconfig b/tools/Kconfig index 6ffc2c0aa3..747d221803 100644 --- a/tools/Kconfig +++ b/tools/Kconfig @@ -50,6 +50,11 @@ config TOOLS_MD5 help Enable MD5 support in the tools builds +config TOOLS_OF_LIBFDT + def_bool y + help + Enable libfdt support in the tools builds + config TOOLS_SHA1 def_bool y help -- cgit v1.2.3 From 2bbed3ff8c7fa0c0fa3fd28a9497bf7a99e3388b Mon Sep 17 00:00:00 2001 From: Simon Glass Date: Sat, 25 Sep 2021 19:43:23 -0600 Subject: image: Use Kconfig to enable FIT_RSASSA_PSS on host Add a host Kconfig for FIT_RSASSA_PSS. With this we can use CONFIG_IS_ENABLED(FIT_RSASSA_PSS) directly in the host build, so drop the forcing of this in the image.h header. Drop the #ifdef around padding_pss_verify() too since it is not needed. Use the compiler to check the config where possible, instead of the preprocessor. Signed-off-by: Simon Glass Reviewed-by: Alexandru Gagniuc --- include/image.h | 3 --- include/u-boot/rsa.h | 2 -- lib/rsa/rsa-sign.c | 5 ++--- lib/rsa/rsa-verify.c | 15 ++++----------- tools/Kconfig | 5 +++++ 5 files changed, 11 insertions(+), 19 deletions(-) (limited to 'lib') diff --git a/include/image.h b/include/image.h index 6efbef06e6..dc872ef5b2 100644 --- a/include/image.h +++ b/include/image.h @@ -27,9 +27,6 @@ struct fdt_region; #include #include -/* new uImage format support enabled on host */ -#define CONFIG_FIT_RSASSA_PSS 1 - #define IMAGE_ENABLE_IGNORE 0 #define IMAGE_INDENT_STRING "" diff --git a/include/u-boot/rsa.h b/include/u-boot/rsa.h index 89a9c4caa0..7556aa5b4b 100644 --- a/include/u-boot/rsa.h +++ b/include/u-boot/rsa.h @@ -103,11 +103,9 @@ int padding_pkcs_15_verify(struct image_sign_info *info, uint8_t *msg, int msg_len, const uint8_t *hash, int hash_len); -#ifdef CONFIG_FIT_RSASSA_PSS int padding_pss_verify(struct image_sign_info *info, uint8_t *msg, int msg_len, const uint8_t *hash, int hash_len); -#endif /* CONFIG_FIT_RSASSA_PSS */ #define RSA_DEFAULT_PADDING_NAME "pkcs-1.5" diff --git a/lib/rsa/rsa-sign.c b/lib/rsa/rsa-sign.c index c27a784c42..0579e5294e 100644 --- a/lib/rsa/rsa-sign.c +++ b/lib/rsa/rsa-sign.c @@ -401,15 +401,14 @@ static int rsa_sign_with_key(EVP_PKEY *pkey, struct padding_algo *padding_algo, goto err_sign; } -#ifdef CONFIG_FIT_RSASSA_PSS - if (padding_algo && !strcmp(padding_algo->name, "pss")) { + if (CONFIG_IS_ENABLED(FIT_RSASSA_PSS) && padding_algo && + !strcmp(padding_algo->name, "pss")) { if (EVP_PKEY_CTX_set_rsa_padding(ckey, RSA_PKCS1_PSS_PADDING) <= 0) { ret = rsa_err("Signer padding setup failed"); goto err_sign; } } -#endif /* CONFIG_FIT_RSASSA_PSS */ for (i = 0; i < region_count; i++) { if (!EVP_DigestSignUpdate(context, region[i].data, diff --git a/lib/rsa/rsa-verify.c b/lib/rsa/rsa-verify.c index ad6d33d043..600c93ab81 100644 --- a/lib/rsa/rsa-verify.c +++ b/lib/rsa/rsa-verify.c @@ -102,7 +102,7 @@ U_BOOT_PADDING_ALGO(pkcs_15) = { }; #endif -#ifdef CONFIG_FIT_RSASSA_PSS +#if CONFIG_IS_ENABLED(FIT_RSASSA_PSS) static void u32_i2osp(uint32_t val, uint8_t *buf) { buf[0] = (uint8_t)((val >> 24) & 0xff); @@ -313,7 +313,6 @@ U_BOOT_PADDING_ALGO(pss) = { #endif -#if CONFIG_IS_ENABLED(FIT_SIGNATURE) || CONFIG_IS_ENABLED(RSA_VERIFY_WITH_PKEY) /** * rsa_verify_key() - Verify a signature against some data using RSA Key * @@ -385,9 +384,7 @@ static int rsa_verify_key(struct image_sign_info *info, return 0; } -#endif -#if CONFIG_IS_ENABLED(RSA_VERIFY_WITH_PKEY) /** * rsa_verify_with_pkey() - Verify a signature against some data using * only modulus and exponent as RSA key properties. @@ -408,6 +405,9 @@ int rsa_verify_with_pkey(struct image_sign_info *info, struct key_prop *prop; int ret; + if (!CONFIG_IS_ENABLED(RSA_VERIFY_WITH_PKEY)) + return -EACCES; + /* Public key is self-described to fill key_prop */ ret = rsa_gen_key_prop(info->key, info->keylen, &prop); if (ret) { @@ -422,13 +422,6 @@ int rsa_verify_with_pkey(struct image_sign_info *info, return ret; } -#else -int rsa_verify_with_pkey(struct image_sign_info *info, - const void *hash, uint8_t *sig, uint sig_len) -{ - return -EACCES; -} -#endif #if CONFIG_IS_ENABLED(FIT_SIGNATURE) /** diff --git a/tools/Kconfig b/tools/Kconfig index 9d1c0efd40..8685c800f9 100644 --- a/tools/Kconfig +++ b/tools/Kconfig @@ -35,6 +35,11 @@ config TOOLS_FIT_PRINT help Print the content of the FIT verbosely in the tools builds +config TOOLS_FIT_RSASSA_PSS + def_bool y + help + Support the rsassa-pss signature scheme in the tools builds + config TOOLS_FIT_SIGNATURE def_bool y help -- cgit v1.2.3 From e7d285b2f38202f9d7ffbdcae59283f08bafd8b9 Mon Sep 17 00:00:00 2001 From: Simon Glass Date: Sat, 25 Sep 2021 19:43:24 -0600 Subject: image: Use the correct checks for CRC32 Add a host Kconfig for CRC32. With this we can use CONFIG_IS_ENABLED(CRC32) directly in the host build, so drop the unnecessary indirection. Add a few more conditions to SPL_CRC32 to avoid build failures as well as TPL_CRC32. Also update hash.c to make crc32 optional and to actually take notice of SPL_CRC32. Signed-off-by: Simon Glass Reviewed-by: Alexandru Gagniuc --- common/hash.c | 13 ++++++++----- common/spl/Kconfig | 13 ++++++++++++- lib/Kconfig | 5 +++++ lib/Makefile | 4 +--- tools/Kconfig | 5 +++++ 5 files changed, 31 insertions(+), 9 deletions(-) (limited to 'lib') diff --git a/common/hash.c b/common/hash.c index 3b591ba09e..79202e18a2 100644 --- a/common/hash.c +++ b/common/hash.c @@ -178,7 +178,7 @@ static int hash_finish_crc16_ccitt(struct hash_algo *algo, void *ctx, return 0; } -static int hash_init_crc32(struct hash_algo *algo, void **ctxp) +static int __maybe_unused hash_init_crc32(struct hash_algo *algo, void **ctxp) { uint32_t *ctx = malloc(sizeof(uint32_t)); *ctx = 0; @@ -186,15 +186,16 @@ static int hash_init_crc32(struct hash_algo *algo, void **ctxp) return 0; } -static int hash_update_crc32(struct hash_algo *algo, void *ctx, - const void *buf, unsigned int size, int is_last) +static int __maybe_unused hash_update_crc32(struct hash_algo *algo, void *ctx, + const void *buf, unsigned int size, + int is_last) { *((uint32_t *)ctx) = crc32(*((uint32_t *)ctx), buf, size); return 0; } -static int hash_finish_crc32(struct hash_algo *algo, void *ctx, void *dest_buf, - int size) +static int __maybe_unused hash_finish_crc32(struct hash_algo *algo, void *ctx, + void *dest_buf, int size) { if (size < algo->digest_size) return -1; @@ -311,6 +312,7 @@ static struct hash_algo hash_algo[] = { .hash_update = hash_update_crc16_ccitt, .hash_finish = hash_finish_crc16_ccitt, }, +#if CONFIG_IS_ENABLED(CRC32) { .name = "crc32", .digest_size = 4, @@ -320,6 +322,7 @@ static struct hash_algo hash_algo[] = { .hash_update = hash_update_crc32, .hash_finish = hash_finish_crc32, }, +#endif }; /* Try to minimize code size for boards that don't want much hashing */ diff --git a/common/spl/Kconfig b/common/spl/Kconfig index 8a8a971a91..17ce2f6b61 100644 --- a/common/spl/Kconfig +++ b/common/spl/Kconfig @@ -419,7 +419,8 @@ config SYS_MMCSD_RAW_MODE_EMMC_BOOT_PARTITION config SPL_CRC32 bool "Support CRC32" - default y if SPL_LEGACY_IMAGE_SUPPORT + default y if SPL_LEGACY_IMAGE_SUPPORT || SPL_EFI_PARTITION + default y if SPL_ENV_SUPPORT || TPL_BLOBLIST help Enable this to support CRC32 in uImages or FIT images within SPL. This is a 32-bit checksum value that can be used to verify images. @@ -1419,6 +1420,16 @@ config TPL_BOOTROM_SUPPORT BOOT_DEVICE_BOOTROM (or fall-through to the next boot device in the boot device list, if not implemented for a given board) +config TPL_CRC32 + bool "Support CRC32 in TPL" + default y if TPL_ENV_SUPPORT || TPL_BLOBLIST + help + Enable this to support CRC32 in uImages or FIT images within SPL. + This is a 32-bit checksum value that can be used to verify images. + For FIT images, this is the least secure type of checksum, suitable + for detected accidental image corruption. For secure applications you + should consider SHA1 or SHA256. + config TPL_DRIVERS_MISC bool "Support misc drivers in TPL" help diff --git a/lib/Kconfig b/lib/Kconfig index 64765acfa6..70bf8e7a46 100644 --- a/lib/Kconfig +++ b/lib/Kconfig @@ -496,6 +496,11 @@ config SPL_MD5 security applications, but it can be useful for providing a quick checksum of a block of data. +config CRC32 + def_bool y + help + Enables CRC32 support in U-Boot. This is normally required. + config CRC32C bool diff --git a/lib/Makefile b/lib/Makefile index 454396f101..5ddbc77ed6 100644 --- a/lib/Makefile +++ b/lib/Makefile @@ -96,9 +96,7 @@ obj-y += display_options.o CFLAGS_display_options.o := $(if $(BUILD_TAG),-DBUILD_TAG='"$(BUILD_TAG)"') obj-$(CONFIG_BCH) += bch.o obj-$(CONFIG_MMC_SPI) += crc7.o -#ifndef CONFIG_TPL_BUILD -obj-y += crc32.o -#endif +obj-$(CONFIG_$(SPL_TPL_)CRC32) += crc32.o obj-$(CONFIG_CRC32C) += crc32c.o obj-y += ctype.o obj-y += div64.o diff --git a/tools/Kconfig b/tools/Kconfig index 8685c800f9..91ce8ae3e5 100644 --- a/tools/Kconfig +++ b/tools/Kconfig @@ -9,6 +9,11 @@ config MKIMAGE_DTC_PATH some cases the system dtc may not support all required features and the path to a different version should be given here. +config TOOLS_CRC32 + def_bool y + help + Enable CRC32 support in the tools builds + config TOOLS_LIBCRYPTO bool "Use OpenSSL's libcrypto library for host tools" default y -- cgit v1.2.3 From 1eccbb16a2c0427488d91e169572c3c397c4c1d5 Mon Sep 17 00:00:00 2001 From: Simon Glass Date: Sat, 25 Sep 2021 19:43:29 -0600 Subject: efi: Correct dependency on FIT_SIGNATURE At present EFI_SECURE BOOT selects RSA but does not necessarily enable FIT_SIGNATURE. Mostly this is fine, but a few boards do not enable it, so U-Boot tries to do RSA verification when loading FIT images, but it is not enabled. This worked because the condition for checking the RSA signature is wrong in the fit_image_verify_with_data() function. In order to fix it we need to fix this dependency. Make sure that FIT_SIGNATURE is enabled so that RSA can be used. It might be better to avoid using 'select' in this situation. Signed-off-by: Simon Glass --- lib/efi_loader/Kconfig | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib') diff --git a/lib/efi_loader/Kconfig b/lib/efi_loader/Kconfig index 3d5a5cd189..83d584a60e 100644 --- a/lib/efi_loader/Kconfig +++ b/lib/efi_loader/Kconfig @@ -336,7 +336,7 @@ config EFI_LOAD_FILE2_INITRD config EFI_SECURE_BOOT bool "Enable EFI secure boot support" - depends on EFI_LOADER + depends on EFI_LOADER && FIT_SIGNATURE select HASH select SHA256 select RSA -- cgit v1.2.3 From 13c133b995decefdc64160f1df2c58e5bf342e28 Mon Sep 17 00:00:00 2001 From: Simon Glass Date: Sat, 25 Sep 2021 19:43:33 -0600 Subject: image: Drop unnecessary #ifdefs from image.h This file has a lot of conditional code and much of it is unnecessary. Clean this up to reduce the number of build combinations. Signed-off-by: Simon Glass --- include/image.h | 39 ++++----------------------------------- include/u-boot/hash-checksum.h | 5 +++-- lib/hash-checksum.c | 2 +- 3 files changed, 8 insertions(+), 38 deletions(-) (limited to 'lib') diff --git a/include/image.h b/include/image.h index e397da80a5..04eccb12a9 100644 --- a/include/image.h +++ b/include/image.h @@ -40,11 +40,10 @@ struct fdt_region; #endif /* USE_HOSTCC */ -#if CONFIG_IS_ENABLED(FIT) #include #include #include -#endif /* FIT */ +#include extern ulong image_load_addr; /* Default Load Address */ extern ulong image_save_addr; /* Default Save Address */ @@ -504,8 +503,7 @@ int genimg_get_type_id(const char *name); int genimg_get_comp_id(const char *name); void genimg_print_size(uint32_t size); -#if defined(CONFIG_TIMESTAMP) || defined(CONFIG_CMD_DATE) || \ - defined(USE_HOSTCC) +#if defined(CONFIG_TIMESTAMP) || defined(CONFIG_CMD_DATE) || defined(USE_HOSTCC) #define IMAGE_ENABLE_TIMESTAMP 1 #else #define IMAGE_ENABLE_TIMESTAMP 0 @@ -523,12 +521,9 @@ enum fit_load_op { int boot_get_setup(bootm_headers_t *images, uint8_t arch, ulong *setup_start, ulong *setup_len); -#ifndef USE_HOSTCC /* Image format types, returned by _get_format() routine */ #define IMAGE_FORMAT_INVALID 0x00 -#if defined(CONFIG_LEGACY_IMAGE_FORMAT) #define IMAGE_FORMAT_LEGACY 0x01 /* legacy image_header based format */ -#endif #define IMAGE_FORMAT_FIT 0x02 /* new, libfdt based format */ #define IMAGE_FORMAT_ANDROID 0x03 /* Android boot image */ @@ -567,7 +562,6 @@ int boot_get_ramdisk(int argc, char *const argv[], bootm_headers_t *images, */ int boot_get_loadable(int argc, char *const argv[], bootm_headers_t *images, uint8_t arch, const ulong *ld_start, ulong *const ld_len); -#endif /* !USE_HOSTCC */ int boot_get_setup_fit(bootm_headers_t *images, uint8_t arch, ulong *setup_start, ulong *setup_len); @@ -644,7 +638,6 @@ int fit_image_load(bootm_headers_t *images, ulong addr, */ int image_source_script(ulong addr, const char *fit_uname); -#ifndef USE_HOSTCC /** * fit_get_node_from_config() - Look up an image a FIT by type * @@ -684,10 +677,7 @@ int boot_relocate_fdt(struct lmb *lmb, char **of_flat_tree, ulong *of_size); int boot_ramdisk_high(struct lmb *lmb, ulong rd_data, ulong rd_len, ulong *initrd_start, ulong *initrd_end); int boot_get_cmdline(struct lmb *lmb, ulong *cmd_start, ulong *cmd_end); -#ifdef CONFIG_SYS_BOOT_GET_KBD int boot_get_kbd(struct lmb *lmb, struct bd_info **kbd); -#endif /* CONFIG_SYS_BOOT_GET_KBD */ -#endif /* !USE_HOSTCC */ /*******************************************************************/ /* Legacy format specific code (prefixed with image_) */ @@ -802,11 +792,9 @@ static inline int image_check_type(const image_header_t *hdr, uint8_t type) } static inline int image_check_arch(const image_header_t *hdr, uint8_t arch) { -#ifndef USE_HOSTCC /* Let's assume that sandbox can load any architecture */ - if (IS_ENABLED(CONFIG_SANDBOX)) + if (!tools_build() && IS_ENABLED(CONFIG_SANDBOX)) return true; -#endif return (image_get_arch(hdr) == arch) || (image_get_arch(hdr) == IH_ARCH_ARM && arch == IH_ARCH_ARM64); } @@ -954,7 +942,6 @@ int booti_setup(ulong image, ulong *relocated_addr, ulong *size, #define FIT_MAX_HASH_LEN HASH_MAX_DIGEST_SIZE -#if CONFIG_IS_ENABLED(FIT) /* cmdline argument format parsing */ int fit_parse_conf(const char *spec, ulong addr_curr, ulong *addr, const char **conf_name); @@ -1128,7 +1115,6 @@ int fit_conf_get_prop_node(const void *fit, int noffset, int fit_check_ramdisk(const void *fit, int os_noffset, uint8_t arch, int verify); -#endif /* FIT */ int calculate_hash(const void *data, int data_len, const char *algo, uint8_t *value, int *value_len); @@ -1151,7 +1137,6 @@ int calculate_hash(const void *data, int data_len, const char *algo, # define FIT_IMAGE_ENABLE_VERIFY CONFIG_IS_ENABLED(FIT_SIGNATURE) #endif -#if CONFIG_IS_ENABLED(FIT) #ifdef USE_HOSTCC void *image_get_host_blob(void); void image_set_host_blob(void *host_blob); @@ -1160,8 +1145,6 @@ void image_set_host_blob(void *host_blob); # define gd_fdt_blob() (gd->fdt_blob) #endif -#endif /* IMAGE_ENABLE_FIT */ - /* * Information passed to the signing routines * @@ -1198,9 +1181,6 @@ struct image_region { int size; }; -#if FIT_IMAGE_ENABLE_VERIFY -# include -#endif struct checksum_algo { const char *name; const int checksum_len; @@ -1210,7 +1190,7 @@ struct checksum_algo { const EVP_MD *(*calculate_sign)(void); #endif int (*calculate)(const char *name, - const struct image_region region[], + const struct image_region *region, int region_count, uint8_t *checksum); }; @@ -1306,8 +1286,6 @@ struct crypto_algo *image_get_crypto_algo(const char *full_name); */ struct padding_algo *image_get_padding_algo(const char *name); -#if CONFIG_IS_ENABLED(FIT) - /** * fit_image_verify_required_sigs() - Verify signatures marked as 'required' * @@ -1433,10 +1411,6 @@ int fit_image_cipher_get_algo(const void *fit, int noffset, char **algo); struct cipher_algo *image_get_cipher_algo(const char *full_name); -#endif /* CONFIG_FIT */ - -#if !defined(USE_HOSTCC) -#if defined(CONFIG_ANDROID_BOOT_IMAGE) struct andr_img_hdr; int android_image_check_header(const struct andr_img_hdr *hdr); int android_image_get_kernel(const struct andr_img_hdr *hdr, int verify, @@ -1452,12 +1426,7 @@ ulong android_image_get_end(const struct andr_img_hdr *hdr); ulong android_image_get_kload(const struct andr_img_hdr *hdr); ulong android_image_get_kcomp(const struct andr_img_hdr *hdr); void android_print_contents(const struct andr_img_hdr *hdr); -#if !defined(CONFIG_SPL_BUILD) bool android_image_print_dtb_contents(ulong hdr_addr); -#endif - -#endif /* CONFIG_ANDROID_BOOT_IMAGE */ -#endif /* !USE_HOSTCC */ /** * board_fit_config_name_match() - Check for a matching board name diff --git a/include/u-boot/hash-checksum.h b/include/u-boot/hash-checksum.h index 54e6a73744..7f16b37a9a 100644 --- a/include/u-boot/hash-checksum.h +++ b/include/u-boot/hash-checksum.h @@ -7,11 +7,12 @@ #define _RSA_CHECKSUM_H #include -#include #include #include #include +struct image_region; + /** * hash_calculate() - Calculate hash over the data * @@ -23,7 +24,7 @@ * @return 0 if OK, < 0 if error */ int hash_calculate(const char *name, - const struct image_region region[], int region_count, + const struct image_region *region, int region_count, uint8_t *checksum); #endif diff --git a/lib/hash-checksum.c b/lib/hash-checksum.c index d732ecc38f..8f2a42f9a0 100644 --- a/lib/hash-checksum.c +++ b/lib/hash-checksum.c @@ -17,7 +17,7 @@ #include int hash_calculate(const char *name, - const struct image_region region[], + const struct image_region *region, int region_count, uint8_t *checksum) { struct hash_algo *algo; -- cgit v1.2.3