From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER, INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED, USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 33732C4338F for ; Fri, 23 Jul 2021 09:26:16 +0000 (UTC) Received: from phobos.denx.de (phobos.denx.de [85.214.62.61]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id A7FB860E52 for ; Fri, 23 Jul 2021 09:26:15 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.4.1 mail.kernel.org A7FB860E52 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=nic.cz Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=lists.denx.de Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id CBC1182DA5; Fri, 23 Jul 2021 11:25:31 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=nic.cz Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (1024-bit key; secure) header.d=nic.cz header.i=@nic.cz header.b="UYG+mL7G"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id F3C9E82DBF; Fri, 23 Jul 2021 11:24:58 +0200 (CEST) Received: from mail.nic.cz (mail.nic.cz [IPv6:2001:1488:800:400::400]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 5295C82D9C for ; Fri, 23 Jul 2021 11:15:00 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=nic.cz Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=marek.behun@nic.cz Received: from dellmb.labs.office.nic.cz (unknown [IPv6:2001:1488:fffe:6:8747:7254:5571:3010]) by mail.nic.cz (Postfix) with ESMTPSA id DB950140952; Fri, 23 Jul 2021 11:14:59 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=nic.cz; s=default; t=1627031700; bh=qA2YOdWRGX+DyxjPLO/ZpufAUkZUTD5mrxgHtbl7bVM=; h=From:To:Date; b=UYG+mL7GhWigO0EG1BVf82AUUXSnjt5kqID4YY5AkvIpiWgdUaV4o/SSyHb5sxXQu wliPmkI+AHModS2HuVUK10Vumqmhd9yR6/5kuTuZyOXvhdAUsjwG7BnfOHoz/TZFyl SxilGwi/rZfIz7cUiHpyqHaodU3Hpo0fZFKKQJ7U= From: =?UTF-8?q?Marek=20Beh=C3=BAn?= To: u-boot@lists.denx.de, Chris Packham , Stefan Roese , Baruch Siach , Chris Packham Cc: Dennis Gilmore , Mario Six , Jon Nettleton , =?UTF-8?q?Pali=20Roh=C3=A1r?= , =?UTF-8?q?Marek=20Beh=C3=BAn?= Subject: [PATCH u-boot-mvebu v3 19/41] tools: kwbimage: Do not hide usage of secure header under CONFIG_ARMADA_38X Date: Fri, 23 Jul 2021 11:14:13 +0200 Message-Id: <20210723091435.20388-20-marek.behun@nic.cz> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20210723091435.20388-1-marek.behun@nic.cz> References: <20210723091435.20388-1-marek.behun@nic.cz> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.34 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.2 at phobos.denx.de X-Virus-Status: Clean From: Pali Rohár The mkimage host tool can be used to generate kwbimage v1 image with secure header on host system for A38x plaform also when U-Boot is being compiled for different platform. So there is no reason to not allow compiling of mkimage/kwbimage with secure header support for e.g. x86-64 host. Signed-off-by: Pali Rohár Reviewed-by: Marek Behún Reviewed-by: Chris Packham Reviewed-by: Stefan Roese Tested-by: Chris Packham --- tools/Makefile | 4 ---- tools/kwbimage.c | 22 ---------------------- 2 files changed, 26 deletions(-) diff --git a/tools/Makefile b/tools/Makefile index 9517f203fd..35aefc207c 100644 --- a/tools/Makefile +++ b/tools/Makefile @@ -173,10 +173,6 @@ ifneq ($(CONFIG_SYS_U_BOOT_OFFS),) HOSTCFLAGS_kwbimage.o += -DCONFIG_SYS_U_BOOT_OFFS=$(CONFIG_SYS_U_BOOT_OFFS) endif -ifneq ($(CONFIG_ARMADA_38X),) -HOSTCFLAGS_kwbimage.o += -DCONFIG_KWB_SECURE -endif - # MXSImage needs LibSSL ifneq ($(CONFIG_MX23)$(CONFIG_MX28)$(CONFIG_ARMADA_38X)$(CONFIG_TOOLS_LIBCRYPTO),) HOSTCFLAGS_kwbimage.o += \ diff --git a/tools/kwbimage.c b/tools/kwbimage.c index 469e5b55f2..f3b16d94ad 100644 --- a/tools/kwbimage.c +++ b/tools/kwbimage.c @@ -16,7 +16,6 @@ #include #include "kwbimage.h" -#ifdef CONFIG_KWB_SECURE #include #include #include @@ -42,13 +41,10 @@ void EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx) EVP_MD_CTX_reset(ctx); } #endif -#endif static struct image_cfg_element *image_cfg; static int cfgn; -#ifdef CONFIG_KWB_SECURE static int verbose_mode; -#endif struct boot_mode { unsigned int id; @@ -243,8 +239,6 @@ image_count_options(unsigned int optiontype) return count; } -#if defined(CONFIG_KWB_SECURE) - static int image_get_csk_index(void) { struct image_cfg_element *e; @@ -267,8 +261,6 @@ static bool image_get_spezialized_img(void) return e->sec_specialized_img; } -#endif - /* * Compute a 8-bit checksum of a memory area. This algorithm follows * the requirements of the Marvell SoC BootROM specifications. @@ -363,7 +355,6 @@ static uint8_t baudrate_to_option(unsigned int baudrate) } } -#if defined(CONFIG_KWB_SECURE) static void kwb_msg(const char *fmt, ...) { if (verbose_mode) { @@ -852,8 +843,6 @@ done: return ret; } -#endif - static void *image_create_v0(size_t *imagesz, struct image_tool_params *params, int payloadsz) { @@ -984,13 +973,11 @@ static size_t image_headersz_v1(int *hasext) *hasext = 1; } -#if defined(CONFIG_KWB_SECURE) if (image_get_csk_index() >= 0) { headersz += sizeof(struct secure_hdr_v1); if (hasext) *hasext = 1; } -#endif #if defined(CONFIG_SYS_U_BOOT_OFFS) if (headersz > CONFIG_SYS_U_BOOT_OFFS) { @@ -1080,8 +1067,6 @@ err_close: return -1; } -#if defined(CONFIG_KWB_SECURE) - int export_pub_kak_hash(RSA *kak, struct secure_hdr_v1 *secure_hdr) { FILE *hashf; @@ -1189,7 +1174,6 @@ int add_secure_header_v1(struct image_tool_params *params, uint8_t *ptr, return 0; } -#endif static void *image_create_v1(size_t *imagesz, struct image_tool_params *params, uint8_t *ptr, int payloadsz) @@ -1197,9 +1181,7 @@ static void *image_create_v1(size_t *imagesz, struct image_tool_params *params, struct image_cfg_element *e; struct main_hdr_v1 *main_hdr; struct register_set_hdr_v1 *register_set_hdr; -#if defined(CONFIG_KWB_SECURE) struct secure_hdr_v1 *secure_hdr = NULL; -#endif size_t headersz; uint8_t *image, *cur; int hasext = 0; @@ -1275,7 +1257,6 @@ static void *image_create_v1(size_t *imagesz, struct image_tool_params *params, if (main_hdr->blockid == IBR_HDR_PEX_ID) main_hdr->srcaddr = cpu_to_le32(0xFFFFFFFF); -#if defined(CONFIG_KWB_SECURE) if (image_get_csk_index() >= 0) { /* * only reserve the space here; we fill the header later since @@ -1286,7 +1267,6 @@ static void *image_create_v1(size_t *imagesz, struct image_tool_params *params, *next_ext = 1; next_ext = &secure_hdr->next; } -#endif datai = 0; register_set_hdr = (struct register_set_hdr_v1 *)cur; @@ -1334,11 +1314,9 @@ static void *image_create_v1(size_t *imagesz, struct image_tool_params *params, return NULL; } -#if defined(CONFIG_KWB_SECURE) if (secure_hdr && add_secure_header_v1(params, ptr, payloadsz, headersz, image, secure_hdr)) return NULL; -#endif /* Calculate and set the header checksum */ main_hdr->checksum = image_checksum8(main_hdr, headersz); -- 2.31.1