From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 08225C433EF for ; Mon, 15 Nov 2021 07:50:30 +0000 (UTC) Received: from phobos.denx.de (phobos.denx.de [85.214.62.61]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 39AA26120F for ; Mon, 15 Nov 2021 07:50:29 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.4.1 mail.kernel.org 39AA26120F Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=linaro.org Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=lists.denx.de Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id BB7B78347A; Mon, 15 Nov 2021 08:50:26 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.b="UnesLf3a"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 279B78356F; Mon, 15 Nov 2021 08:50:25 +0100 (CET) Received: from mail-pj1-x102d.google.com (mail-pj1-x102d.google.com [IPv6:2607:f8b0:4864:20::102d]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 3C9A782F4C for ; Mon, 15 Nov 2021 08:50:21 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=takahiro.akashi@linaro.org Received: by mail-pj1-x102d.google.com with SMTP id y14-20020a17090a2b4e00b001a5824f4918so12514610pjc.4 for ; Sun, 14 Nov 2021 23:50:21 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=date:from:to:subject:message-id:mail-followup-to:references :mime-version:content-disposition:in-reply-to; bh=28OO2nDycO5nAoPtVeIf6intxx5ZmyTMwS4mlIgquas=; b=UnesLf3aNVY5eqnVRCCyFD1kvEGlTM39uGJYP3/Dym4KNIoIrfJj3l+YQopxu4gJzf BBtdZLqhDcHotq450NQGR3pUqxXDbfHnTcRDO0GNfhTR85RgPpdXw+ixcCRpsUtIBNVS ZayUIjIcFtK8toeb7kVATsowkcTmmbaqJgKJrX1qI9XSylusNeoiYGQwQBjqwe0jaod5 FbjDMXvPfjz2T8hWbcWt1kzX+z9I0Jhfgyj6g153+UH5OBODUdn82h5CQiriExritZVm D4s91F59IujvFKethQPMQtagmTu+YOX7T9Kl2C2k5XK8mVpihs+t3RLP0MWXHsv/TmC7 7nUw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:date:from:to:subject:message-id:mail-followup-to :references:mime-version:content-disposition:in-reply-to; bh=28OO2nDycO5nAoPtVeIf6intxx5ZmyTMwS4mlIgquas=; b=ZayBmHKm2YyWZaaQqVXogJ7vydEigLsMHKwGq9h08zgrMv8wGb0YzWpnVKU7D1t8ek LMm7oUukZInP4dRmv+CbQ7cXkjlHUhNDF+GhvWjYEwSjCwCR2EPCtIvUjvyxnfQLd5el 5USp3Za1G1UD4KkY8ehu+Gy60JaWc9+wfZfZJAn2QjndTTu9RTbIfR2sbuFUaITjW6/o Z0bIZRrt+C4k4qYnw/CXSKRaZAT21MB+ux48BWYiGwIptPDl0okGNG5PnbDidoVIo3hX rGpvidPc12gofqur6P86O3CqliC/yaGPXfk6eM4s9fUA4Uh//vfrhbnCo9P1PM6AO+eQ tRyw== X-Gm-Message-State: AOAM533hyhbsjETl8vyQmP4AeLxItHUaZgQo51OyGRGOuwRIhMq/yC2J 23eF5omtvg3WGy/CJGP49oJT9Q== X-Google-Smtp-Source: ABdhPJyzHnhIBrdhBMwYl+M83J1dilARvyOqipHdqLlZ3niI2m9Bfi+0aap+a7/8zNtAP2Z4kkpqvw== X-Received: by 2002:a17:90a:3009:: with SMTP id g9mr44425796pjb.205.1636962614443; Sun, 14 Nov 2021 23:50:14 -0800 (PST) Received: from laputa ([2400:4050:c3e1:100:8d83:95fa:d979:b9e4]) by smtp.gmail.com with ESMTPSA id h125sm10785234pfe.164.2021.11.14.23.50.11 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 14 Nov 2021 23:50:13 -0800 (PST) Date: Mon, 15 Nov 2021 16:50:09 +0900 From: AKASHI Takahiro To: Simon Glass , Mark Kettenis , xypron.glpk@gmx.de, agraf@csgraf.de, ilias.apalodimas@linaro.org, sughosh.ganu@linaro.org, masami.hiramatsu@linaro.org, u-boot@lists.denx.de Subject: Re: [PATCH v5 02/11] tools: mkeficapsule: add firmwware image signing Message-ID: <20211115075009.GB46792@laputa> Mail-Followup-To: AKASHI Takahiro , Simon Glass , Mark Kettenis , xypron.glpk@gmx.de, agraf@csgraf.de, ilias.apalodimas@linaro.org, sughosh.ganu@linaro.org, masami.hiramatsu@linaro.org, u-boot@lists.denx.de References: <20211105010433.GA27316@laputa> <20211105023500.GC27316@laputa> <20211105093508.GH27316@laputa> <20211108045524.GE16401@laputa> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20211108045524.GE16401@laputa> X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.35 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.2 at phobos.denx.de X-Virus-Status: Clean Heinrich, On Mon, Nov 08, 2021 at 01:55:24PM +0900, AKASHI Takahiro wrote: > Heinrich, > > On Fri, Nov 05, 2021 at 06:35:08PM +0900, AKASHI Takahiro wrote: > > On Fri, Nov 05, 2021 at 11:35:00AM +0900, AKASHI Takahiro wrote: > > > On Thu, Nov 04, 2021 at 08:02:40PM -0600, Simon Glass wrote: > > > > Hi Takahiro, > > > > > > > > On Thu, 4 Nov 2021 at 19:04, AKASHI Takahiro wrote: > > > > > > > > > > Hi, Simon, > > > > > > > > > > On Thu, Nov 04, 2021 at 09:11:59AM -0600, Simon Glass wrote: > > > > > > Hi Mark, > > > > > > > > > > > > On Thu, 4 Nov 2021 at 08:31, Mark Kettenis wrote: > > > > > > > > > > > > > > > From: Simon Glass > > > > > > > > Date: Wed, 3 Nov 2021 20:51:25 -0600 > > > > > > > > > > > > > > > > Hi Mark, > > > > > > > > > > > > > > > > On Tue, 2 Nov 2021 at 09:13, Mark Kettenis wrote: > > > > > > > > > > > > > > > > > > > From: Simon Glass > > > > > > > > > > Date: Tue, 2 Nov 2021 08:56:50 -0600 > > > > > > > > > > > > > > > > > > > > Hi Takahiro, > > > > > > > > > > > > > > > > > > > > > > - can we just build the tool always? > > > > > > > > > > > > > > > > > > > > > > This is one of my questions. > > > > > > > > > > > Why do you want to do so while there are bunch of tools that are > > > > > > > > > > > not always built. > > > > > > > > > > > > > > > > > > > > Because I think all tools should be built always. It is fine if that > > > > > > > > > > happens due to CONFIG options but we should try to avoid making it > > > > > > > > > > complicated. > > > > > > > > > > > > > > > > > > Well, unless this patchset fixes things, we can't, because > > > > > > > > > mkeficapsule doesn't build on OpenBSD. I tried looking into it, but I > > > > > > > > > can't figure out how this is even supposed to compile as a host tool: > > > > > > > > > > > > > > > > > > > > > > > > > > > In file included from tools/mkeficapsule.c:8: > > > > > > > > > In file included from include/malloc.h:369: > > > > > > > > > include/linux/string.h:15:24: error: conflicting types for 'strspn' > > > > > > > > > extern __kernel_size_t strspn(const char *,const char *); > > > > > > > > > ^ > > > > > > > > > /usr/include/string.h:88:9: note: previous declaration is here > > > > > > > > > size_t strspn(const char *, const char *); > > > > > > > > > > > > > > > > My guess is that linux/string.h should not be included, or perhaps > > > > > > > > __kernel_size_t should be defined to size_t. > > > > > > > > > > > > > > > > I doubt it would take an age to figure out, with a bit of fiddling. > > > > > > > > > > > > > > Well, I think the problem is quite fundamental. Indeed I agree that > > > > > > > linux/string.h shouldn't be included. It gets pulled in because the > > > > > > > tools include . Modern software really shouldn't include > > > > > > > that header anymore, and we removed it in OpenBSD some time ago. But > > > > > > > even with that fixed, things break since the same header gets pulled > > > > > > > in from . > > > > > > > > > > > > > > Redefining __kernel_size_t doesn't provide a way out: > > > > > > > > > > > > > > tools/mkeficapsule.c:23:16: error: typedef redefinition with different types ('size_t' (aka 'unsigned long') vs 'unsigned int') > > > > > > > typedef size_t __kernel_size_t; > > > > > > > ^ > > > > > > > ./arch/arm/include/asm/posix_types.h:37:23: note: previous definition is here > > > > > > > typedef unsigned int __kernel_size_t; > > > > > > > ^ > > > > > > > > > > > > > > This is on an amd64 host, so "unsigned int" clearly is the wrong type > > > > > > > for size_t. > > > > > > > > > > > > > > The fundamental problem seems to be that isn't safe to include > > > > > > > in a "host" tool because it includes "target" headers that > > > > > > > accidentally resolve to "system" headers on Linux systems. > > > > > > > > > > > > > > Maybe Takahiro or Heinrich have an idea how to fix that? But in the > > > > > > > meantime it would be good if building this tool would remain optional. > > > > > > > > > > > > Yes let's ask them to fix that as I agree this sounds wrong. We have > > > > > > several efi headers so perhaps just need to have the right stuff in > > > > > > each. > > > > > > > > > > As far as I know, you initially introduced efi.h and efi_api.h. > > > > > What is your intent to have the two? > > > > > > > > > > I think that efi_api.h contains definitions and interfaces defined > > > > > in UEFI specification for building EFI application/modules, hence > > > > > I believe that it should be target-independent. Right? > > > > > > > > > > But it *includes* efi.h which also contains some definitions > > > > > defined in UEFI specification, while efi.h is only for U-Boot as > > > > > UEFI application. > > > > > > > > > > I suspect that is the root cause. > > > > > > > > Yes I think you are right. > > > > > > > > > Or should we thoroughly use linux headers like "efi/efi.h" > > > > > in this tool? > > > > > > > > Well either way, we need host builds to not include U-Boot headers. > > > > > > Yeah, but there are still lots of host tools which include U-Boot headers. > > > In addition, I'm not quite sure whether *generic* efi headers, like > > > efi/efi.h, are available across different host OSs. > > > > I looked through linux's efi headers under /usr/include/efi, > > but they don't provide enough set of definitions to make mkeficapsule > > buildable. Particularly, capsule-related structure definitions are missing. > > > > So modifying U-Boot headers and removing target-dependent coding > > would be more practical. > > (I don't know yet whether it is feasible or not.) > > What's your thought here? > > > Or even adding host-tools-local headers would be more optimal. > > I prefer this approach, though. I need your feedback on fixing this issue. -Takahiro Akashi > -Takahiro Akashi > > > > -Takahiro Akashi > > > > > -Takahiro Akashi > > > > > > > > > > > - Simon > > > > > > > > > > > > > > -Takahiro Akashi > > > > > > > > > > > > > > > > It is OK to have it optional with a CONFIG, but it should be enabled > > > > > > by default, otherwise no one will know it is there. > > > > > > > > > > > > Can we get the OpenBSD environment into CI or is that just too hard? > > > > > > > > > > > > Regards, > > > > > > Simon