From 0003b8ada95068bef3522582fd7c211fb8b58e3c Mon Sep 17 00:00:00 2001 From: Simon Glass Date: Wed, 14 Jul 2021 17:05:29 -0500 Subject: image: Shorten FIT_ENABLE_SHAxxx_SUPPORT The ENABLE part of this name is redundant, since all boolean Kconfig options serve to enable something. The SUPPORT part is also redundant since Kconfigs can be assumed to enable support for something. Together they just serve to make these options overly long and inconsistent with other options. Rename FIT_ENABLE_SHAxxx_SUPPORT to FIT_SHAxxx Signed-off-by: Simon Glass Reviewed-by: Alexandru Gagniuc Signed-off-by: Alexandru Gagniuc --- common/Kconfig.boot | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'common') diff --git a/common/Kconfig.boot b/common/Kconfig.boot index 89a3161..d28ce96 100644 --- a/common/Kconfig.boot +++ b/common/Kconfig.boot @@ -35,7 +35,7 @@ config FIT_EXTERNAL_OFFSET could be put in the hole between data payload and fit image header, such as CSF data on i.MX platform. -config FIT_ENABLE_SHA256_SUPPORT +config FIT_SHA256 bool "Support SHA256 checksum of FIT image contents" default y select SHA256 @@ -44,7 +44,7 @@ config FIT_ENABLE_SHA256_SUPPORT SHA256 checksum is a 256-bit (32-byte) hash value used to check that the image contents have not been corrupted. -config FIT_ENABLE_SHA384_SUPPORT +config FIT_SHA384 bool "Support SHA384 checksum of FIT image contents" default n select SHA384 @@ -54,7 +54,7 @@ config FIT_ENABLE_SHA384_SUPPORT the image contents have not been corrupted. Use this for the highest security. -config FIT_ENABLE_SHA512_SUPPORT +config FIT_SHA512 bool "Support SHA512 checksum of FIT image contents" default n select SHA512 -- cgit v1.1 From f5bc9c25f3159db2e420cdcff974980a5258a44f Mon Sep 17 00:00:00 2001 From: Simon Glass Date: Wed, 14 Jul 2021 17:05:30 -0500 Subject: image: Rename SPL_SHAxxx_SUPPORT to SPL_FIT_SHAxxx These option are named inconsistently with other SPL options, thus making them incompatible with the CONFIG_IS_ENABLED() macro. Rename them. Signed-off-by: Simon Glass Reviewed-by: Alexandru Gagniuc Signed-off-by: Alexandru Gagniuc --- common/spl/Kconfig | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'common') diff --git a/common/spl/Kconfig b/common/spl/Kconfig index fa80524..2b89ce7 100644 --- a/common/spl/Kconfig +++ b/common/spl/Kconfig @@ -429,7 +429,7 @@ config SPL_MD5_SUPPORT applications where images may be changed maliciously, you should consider SHA256 or SHA384. -config SPL_SHA1_SUPPORT +config SPL_FIT_SHA1 bool "Support SHA1" depends on SPL_FIT select SHA1 @@ -441,7 +441,7 @@ config SPL_SHA1_SUPPORT due to the expanding computing power available to brute-force attacks. For more security, consider SHA256 or SHA384. -config SPL_SHA256_SUPPORT +config SPL_FIT_SHA256 bool "Support SHA256" depends on SPL_FIT select SHA256 @@ -450,7 +450,7 @@ config SPL_SHA256_SUPPORT checksum is a 256-bit (32-byte) hash value used to check that the image contents have not been corrupted. -config SPL_SHA384_SUPPORT +config SPL_FIT_SHA384 bool "Support SHA384" depends on SPL_FIT select SHA384 @@ -461,7 +461,7 @@ config SPL_SHA384_SUPPORT image contents have not been corrupted. Use this for the highest security. -config SPL_SHA512_SUPPORT +config SPL_FIT_SHA512 bool "Support SHA512" depends on SPL_FIT select SHA512 -- cgit v1.1 From ad74aed11e1dfe39b7f32dd855859abaf51d33f0 Mon Sep 17 00:00:00 2001 From: Simon Glass Date: Wed, 14 Jul 2021 17:05:31 -0500 Subject: image: Rename CONFIG_FIT_ENABLE_RSASSA_PSS_SUPPORT Drop the ENABLE and SUPPORT parts of this, which are redundant. Signed-off-by: Simon Glass Reviewed-by: Alexandru Gagniuc Signed-off-by: Alexandru Gagniuc --- common/Kconfig.boot | 2 +- common/image-sig.c | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) (limited to 'common') diff --git a/common/Kconfig.boot b/common/Kconfig.boot index d28ce96..ae3f2b6 100644 --- a/common/Kconfig.boot +++ b/common/Kconfig.boot @@ -103,7 +103,7 @@ config FIT_SIGNATURE_MAX_SIZE device memory. Assure this size does not extend past expected storage space. -config FIT_ENABLE_RSASSA_PSS_SUPPORT +config FIT_RSASSA_PSS bool "Support rsassa-pss signature scheme of FIT image contents" depends on FIT_SIGNATURE default n diff --git a/common/image-sig.c b/common/image-sig.c index 0f8e592..8b5cecb 100644 --- a/common/image-sig.c +++ b/common/image-sig.c @@ -99,12 +99,12 @@ struct padding_algo padding_algos[] = { .name = "pkcs-1.5", .verify = padding_pkcs_15_verify, }, -#ifdef CONFIG_FIT_ENABLE_RSASSA_PSS_SUPPORT +#ifdef CONFIG_FIT_RSASSA_PSS { .name = "pss", .verify = padding_pss_verify, } -#endif /* CONFIG_FIT_ENABLE_RSASSA_PSS_SUPPORT */ +#endif /* CONFIG_FIT_RSASSA_PSS */ }; struct checksum_algo *image_get_checksum_algo(const char *full_name) -- cgit v1.1 From 1e52db6799172cdd1612e0394da050d29164a13f Mon Sep 17 00:00:00 2001 From: Simon Glass Date: Wed, 14 Jul 2021 17:05:32 -0500 Subject: Kconfig: Rename SPL_CRC32_SUPPORT to SPL_CRC32 Drop the _SUPPORT suffix so we can use CONFIG_IS_ENABLED() with this option. Signed-off-by: Simon Glass Reviewed-by: Alexandru Gagniuc Signed-off-by: Alexandru Gagniuc --- common/spl/Kconfig | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'common') diff --git a/common/spl/Kconfig b/common/spl/Kconfig index 2b89ce7..896526a 100644 --- a/common/spl/Kconfig +++ b/common/spl/Kconfig @@ -204,7 +204,7 @@ config SPL_LEGACY_IMAGE_SUPPORT config SPL_LEGACY_IMAGE_CRC_CHECK bool "Check CRC of Legacy images" depends on SPL_LEGACY_IMAGE_SUPPORT - select SPL_CRC32_SUPPORT + select SPL_CRC32 help Enable this to check the CRC of Legacy images. While this increases reliability, it affects both code size and boot duration. @@ -407,7 +407,7 @@ config SYS_MMCSD_RAW_MODE_EMMC_BOOT_PARTITION the eMMC EXT_CSC_PART_CONFIG selection should be overridden in SPL by user defined partition number. -config SPL_CRC32_SUPPORT +config SPL_CRC32 bool "Support CRC32" default y if SPL_LEGACY_IMAGE_SUPPORT help -- cgit v1.1 From 4b00fd1a84c1ef15f640da1d7a1081d0dbfbfbfe Mon Sep 17 00:00:00 2001 From: Simon Glass Date: Wed, 14 Jul 2021 17:05:33 -0500 Subject: Kconfig: Rename SPL_MD5_SUPPORT to SPL_MD5 Drop the _SUPPORT suffix so we can use CONFIG_IS_ENABLED() with this option. Signed-off-by: Simon Glass Reviewed-by: Alexandru Gagniuc Signed-off-by: Alexandru Gagniuc --- common/spl/Kconfig | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'common') diff --git a/common/spl/Kconfig b/common/spl/Kconfig index 896526a..2df3e5d 100644 --- a/common/spl/Kconfig +++ b/common/spl/Kconfig @@ -417,7 +417,7 @@ config SPL_CRC32 for detected accidental image corruption. For secure applications you should consider SHA1 or SHA256. -config SPL_MD5_SUPPORT +config SPL_MD5 bool "Support MD5" depends on SPL_FIT help -- cgit v1.1 From 0ad75696d078e56ca8e4d09a875de8107590ab8a Mon Sep 17 00:00:00 2001 From: Simon Glass Date: Wed, 14 Jul 2021 17:05:34 -0500 Subject: image: Drop IMAGE_ENABLE_SHA1 We already have a host Kconfig for SHA1. Use CONFIG_IS_ENABLED(SHA1) directly in the code shared with the host build, so we can drop the unnecessary indirection. Signed-off-by: Simon Glass Reviewed-by: Alexandru Gagniuc Signed-off-by: Alexandru Gagniuc --- common/image-fit.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'common') diff --git a/common/image-fit.c b/common/image-fit.c index e9b455d..9a47d1b 100644 --- a/common/image-fit.c +++ b/common/image-fit.c @@ -1219,7 +1219,7 @@ int calculate_hash(const void *data, int data_len, const char *algo, CHUNKSZ_CRC32); *((uint32_t *)value) = cpu_to_uimage(*((uint32_t *)value)); *value_len = 4; - } else if (IMAGE_ENABLE_SHA1 && strcmp(algo, "sha1") == 0) { + } else if (CONFIG_IS_ENABLED(SHA1) && strcmp(algo, "sha1") == 0) { sha1_csum_wd((unsigned char *)data, data_len, (unsigned char *)value, CHUNKSZ_SHA1); *value_len = 20; -- cgit v1.1 From 14f061dcb158a4ffbf09df10f2ac2d37c157437c Mon Sep 17 00:00:00 2001 From: Simon Glass Date: Wed, 14 Jul 2021 17:05:35 -0500 Subject: image: Drop IMAGE_ENABLE_SHAxxx We already have a host Kconfig for these SHA options. Use CONFIG_IS_ENABLED(SHAxxx) directly in the code shared with the host build, so we can drop the unnecessary indirections. Signed-off-by: Simon Glass Reviewed-by: Alexandru Gagniuc Signed-off-by: Alexandru Gagniuc --- common/image-fit.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'common') diff --git a/common/image-fit.c b/common/image-fit.c index 9a47d1b..031d9d3 100644 --- a/common/image-fit.c +++ b/common/image-fit.c @@ -1223,15 +1223,15 @@ int calculate_hash(const void *data, int data_len, const char *algo, sha1_csum_wd((unsigned char *)data, data_len, (unsigned char *)value, CHUNKSZ_SHA1); *value_len = 20; - } else if (IMAGE_ENABLE_SHA256 && strcmp(algo, "sha256") == 0) { + } else if (CONFIG_IS_ENABLED(SHA256) && strcmp(algo, "sha256") == 0) { sha256_csum_wd((unsigned char *)data, data_len, (unsigned char *)value, CHUNKSZ_SHA256); *value_len = SHA256_SUM_LEN; - } else if (IMAGE_ENABLE_SHA384 && strcmp(algo, "sha384") == 0) { + } else if (CONFIG_IS_ENABLED(SHA384) && strcmp(algo, "sha384") == 0) { sha384_csum_wd((unsigned char *)data, data_len, (unsigned char *)value, CHUNKSZ_SHA384); *value_len = SHA384_SUM_LEN; - } else if (IMAGE_ENABLE_SHA512 && strcmp(algo, "sha512") == 0) { + } else if (CONFIG_IS_ENABLED(SHA512) && strcmp(algo, "sha512") == 0) { sha512_csum_wd((unsigned char *)data, data_len, (unsigned char *)value, CHUNKSZ_SHA512); *value_len = SHA512_SUM_LEN; -- cgit v1.1 From 70c1c8927e2c1fd97cd174d7924300d672e8313b Mon Sep 17 00:00:00 2001 From: Simon Glass Date: Wed, 14 Jul 2021 17:05:36 -0500 Subject: image: Drop IMAGE_ENABLE_BEST_MATCH This is not needed with Kconfig, since we can use IS_ENABLED() easily enough. Drop it. Signed-off-by: Simon Glass Reviewed-by: Alexandru Gagniuc Signed-off-by: Alexandru Gagniuc --- common/image-fit.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'common') diff --git a/common/image-fit.c b/common/image-fit.c index 031d9d3..8e23d51 100644 --- a/common/image-fit.c +++ b/common/image-fit.c @@ -2027,7 +2027,7 @@ int fit_image_load(bootm_headers_t *images, ulong addr, * fit_conf_get_node() will try to find default config node */ bootstage_mark(bootstage_id + BOOTSTAGE_SUB_NO_UNIT_NAME); - if (IMAGE_ENABLE_BEST_MATCH && !fit_uname_config) { + if (IS_ENABLED(CONFIG_FIT_BEST_MATCH) && !fit_uname_config) { cfg_noffset = fit_conf_find_compat(fit, gd_fdt_blob()); } else { cfg_noffset = fit_conf_get_node(fit, -- cgit v1.1 From cab22c8890e97e8b557295ba2177e26392720765 Mon Sep 17 00:00:00 2001 From: Alexandru Gagniuc Date: Wed, 14 Jul 2021 17:05:38 -0500 Subject: common: image-sig.c: Remove host-specific logic and #ifdefs Remove any ifdefs in image-sig.c that were previously used to differentiate from the host code. Note that all code dedicated to relocating ->sign() and ->add_verify_data)_ can be safely removed, as signing is not supported target-side. NOTE that although it appears we are removing ecdsa256 support, this is intentional. ecdsa_verify() is a no-op on the target, and is currently only used by host code. Signed-off-by: Alexandru Gagniuc Reviewed-by: Simon Glass --- common/image-sig.c | 39 ++------------------------------------- 1 file changed, 2 insertions(+), 37 deletions(-) (limited to 'common') diff --git a/common/image-sig.c b/common/image-sig.c index 8b5cecb..5e2d171 100644 --- a/common/image-sig.c +++ b/common/image-sig.c @@ -3,18 +3,11 @@ * Copyright (c) 2013, Google Inc. */ -#ifdef USE_HOSTCC -#include "mkimage.h" -#include -#include -#include -#else #include #include #include #include DECLARE_GLOBAL_DATA_PTR; -#endif /* !USE_HOSTCC*/ #include #include #include @@ -28,9 +21,6 @@ struct checksum_algo checksum_algos[] = { .checksum_len = SHA1_SUM_LEN, .der_len = SHA1_DER_LEN, .der_prefix = sha1_der_prefix, -#if IMAGE_ENABLE_SIGN - .calculate_sign = EVP_sha1, -#endif .calculate = hash_calculate, }, { @@ -38,9 +28,6 @@ struct checksum_algo checksum_algos[] = { .checksum_len = SHA256_SUM_LEN, .der_len = SHA256_DER_LEN, .der_prefix = sha256_der_prefix, -#if IMAGE_ENABLE_SIGN - .calculate_sign = EVP_sha256, -#endif .calculate = hash_calculate, }, #ifdef CONFIG_SHA384 @@ -49,9 +36,6 @@ struct checksum_algo checksum_algos[] = { .checksum_len = SHA384_SUM_LEN, .der_len = SHA384_DER_LEN, .der_prefix = sha384_der_prefix, -#if IMAGE_ENABLE_SIGN - .calculate_sign = EVP_sha384, -#endif .calculate = hash_calculate, }, #endif @@ -61,9 +45,6 @@ struct checksum_algo checksum_algos[] = { .checksum_len = SHA512_SUM_LEN, .der_len = SHA512_DER_LEN, .der_prefix = sha512_der_prefix, -#if IMAGE_ENABLE_SIGN - .calculate_sign = EVP_sha512, -#endif .calculate = hash_calculate, }, #endif @@ -74,24 +55,13 @@ struct crypto_algo crypto_algos[] = { { .name = "rsa2048", .key_len = RSA2048_BYTES, - .sign = rsa_sign, - .add_verify_data = rsa_add_verify_data, .verify = rsa_verify, }, { .name = "rsa4096", .key_len = RSA4096_BYTES, - .sign = rsa_sign, - .add_verify_data = rsa_add_verify_data, .verify = rsa_verify, }, - { - .name = "ecdsa256", - .key_len = ECDSA256_BYTES, - .sign = ecdsa_sign, - .add_verify_data = ecdsa_add_verify_data, - .verify = ecdsa_verify, - }, }; struct padding_algo padding_algos[] = { @@ -112,16 +82,13 @@ struct checksum_algo *image_get_checksum_algo(const char *full_name) int i; const char *name; -#if !defined(USE_HOSTCC) && defined(CONFIG_NEEDS_MANUAL_RELOC) +#if defined(CONFIG_NEEDS_MANUAL_RELOC) static bool done; if (!done) { done = true; for (i = 0; i < ARRAY_SIZE(checksum_algos); i++) { checksum_algos[i].name += gd->reloc_off; -#if IMAGE_ENABLE_SIGN - checksum_algos[i].calculate_sign += gd->reloc_off; -#endif checksum_algos[i].calculate += gd->reloc_off; } } @@ -143,15 +110,13 @@ struct crypto_algo *image_get_crypto_algo(const char *full_name) int i; const char *name; -#if !defined(USE_HOSTCC) && defined(CONFIG_NEEDS_MANUAL_RELOC) +#if defined(CONFIG_NEEDS_MANUAL_RELOC) static bool done; if (!done) { done = true; for (i = 0; i < ARRAY_SIZE(crypto_algos); i++) { crypto_algos[i].name += gd->reloc_off; - crypto_algos[i].sign += gd->reloc_off; - crypto_algos[i].add_verify_data += gd->reloc_off; crypto_algos[i].verify += gd->reloc_off; } } -- cgit v1.1 From 0980164b1306400e91e5ac389a514111ff74fc01 Mon Sep 17 00:00:00 2001 From: Alexandru Gagniuc Date: Wed, 14 Jul 2021 17:05:39 -0500 Subject: image: Add support for placing crypto_algo in linker lists The purpose of this change is to enable crypto algorithms to be placed in linker lists, rather than be declared as a static array. The goal is to remove the crypto_algos array in a subsequent patch. Create a new linker list named "cryptos", and search it when image_get_crypto_algo() is invoked. NOTE that adding support for manual relocation of crypto_algos within linker lists is beyond the scope of this patch. Signed-off-by: Alexandru Gagniuc Reviewed-by: Simon Glass --- common/image-sig.c | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'common') diff --git a/common/image-sig.c b/common/image-sig.c index 5e2d171..81a3b73 100644 --- a/common/image-sig.c +++ b/common/image-sig.c @@ -107,6 +107,7 @@ struct checksum_algo *image_get_checksum_algo(const char *full_name) struct crypto_algo *image_get_crypto_algo(const char *full_name) { + struct crypto_algo *crypto, *end; int i; const char *name; @@ -133,6 +134,14 @@ struct crypto_algo *image_get_crypto_algo(const char *full_name) return &crypto_algos[i]; } + crypto = ll_entry_start(struct crypto_algo, cryptos); + end = ll_entry_end(struct crypto_algo, cryptos); + for (; crypto < end; crypto++) { + if (!strcmp(crypto->name, name)) + return crypto; + } + + /* Not found */ return NULL; } -- cgit v1.1 From 6909edb4cedf90c7a1fb68302dc2cec6291a0fcd Mon Sep 17 00:00:00 2001 From: Alexandru Gagniuc Date: Wed, 14 Jul 2021 17:05:40 -0500 Subject: image: rsa: Move verification algorithm to a linker list Move the RSA verification crytpo_algo structure out of the crypto_algos array, and into a linker list. Although it appears we are adding an #ifdef to rsa-verify.c, the gains outweigh this small inconvenience. This is because rsa_verify() is defined differently based on #ifdefs. This change allows us to have a single definition of rsa_verify(). Signed-off-by: Alexandru Gagniuc Reviewed-by: Simon Glass --- common/image-sig.c | 10 ---------- 1 file changed, 10 deletions(-) (limited to 'common') diff --git a/common/image-sig.c b/common/image-sig.c index 81a3b73..83f3e9f 100644 --- a/common/image-sig.c +++ b/common/image-sig.c @@ -52,16 +52,6 @@ struct checksum_algo checksum_algos[] = { }; struct crypto_algo crypto_algos[] = { - { - .name = "rsa2048", - .key_len = RSA2048_BYTES, - .verify = rsa_verify, - }, - { - .name = "rsa4096", - .key_len = RSA4096_BYTES, - .verify = rsa_verify, - }, }; struct padding_algo padding_algos[] = { -- cgit v1.1 From 24cee49fccf0ea699f044518f2672eeb7b9b7475 Mon Sep 17 00:00:00 2001 From: Alexandru Gagniuc Date: Wed, 14 Jul 2021 17:05:41 -0500 Subject: image: image-sig.c: Remove crypto_algos array Crytographic algorithms (currently RSA), are stored in linker lists. The crypto_algos array is unused, so remove it, and any logic associated with it. Signed-off-by: Alexandru Gagniuc Reviewed-by: Simon Glass --- common/image-sig.c | 21 --------------------- 1 file changed, 21 deletions(-) (limited to 'common') diff --git a/common/image-sig.c b/common/image-sig.c index 83f3e9f..d680bf7d 100644 --- a/common/image-sig.c +++ b/common/image-sig.c @@ -51,9 +51,6 @@ struct checksum_algo checksum_algos[] = { }; -struct crypto_algo crypto_algos[] = { -}; - struct padding_algo padding_algos[] = { { .name = "pkcs-1.5", @@ -98,32 +95,14 @@ struct checksum_algo *image_get_checksum_algo(const char *full_name) struct crypto_algo *image_get_crypto_algo(const char *full_name) { struct crypto_algo *crypto, *end; - int i; const char *name; -#if defined(CONFIG_NEEDS_MANUAL_RELOC) - static bool done; - - if (!done) { - done = true; - for (i = 0; i < ARRAY_SIZE(crypto_algos); i++) { - crypto_algos[i].name += gd->reloc_off; - crypto_algos[i].verify += gd->reloc_off; - } - } -#endif - /* Move name to after the comma */ name = strchr(full_name, ','); if (!name) return NULL; name += 1; - for (i = 0; i < ARRAY_SIZE(crypto_algos); i++) { - if (!strcmp(crypto_algos[i].name, name)) - return &crypto_algos[i]; - } - crypto = ll_entry_start(struct crypto_algo, cryptos); end = ll_entry_end(struct crypto_algo, cryptos); for (; crypto < end; crypto++) { -- cgit v1.1 From b9826bf0c16ec225042c3fa760f8e22e6d9bc329 Mon Sep 17 00:00:00 2001 From: Alexandru Gagniuc Date: Wed, 14 Jul 2021 17:05:46 -0500 Subject: image: Add support for relocating crypto_algos in linker lists Function pointers from crypto_algos array are relocated, when NEEDS_MANUAL_RELOC is set. This relocation doesn't happen if the algo is placed in a linker list. Implement this relocation. Signed-off-by: Alexandru Gagniuc Reviewed-by: Simon Glass Acked-by: Michal Simek --- common/image-sig.c | 13 +++++++++++++ 1 file changed, 13 insertions(+) (limited to 'common') diff --git a/common/image-sig.c b/common/image-sig.c index d680bf7d..fb00355 100644 --- a/common/image-sig.c +++ b/common/image-sig.c @@ -97,6 +97,19 @@ struct crypto_algo *image_get_crypto_algo(const char *full_name) struct crypto_algo *crypto, *end; const char *name; +#if defined(CONFIG_NEEDS_MANUAL_RELOC) + static bool done; + + if (!done) { + crypto = ll_entry_start(struct crypto_algo, cryptos); + end = ll_entry_end(struct crypto_algo, cryptos); + for (; crypto < end; crypto++) { + crypto->name += gd->reloc_off; + crypto->verify += gd->reloc_off; + } + } +#endif + /* Move name to after the comma */ name = strchr(full_name, ','); if (!name) -- cgit v1.1