From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=PMSY=OQ=lists.denx.de=u-boot-bounces@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id D0C62C433EF
	for <u-boot@archiver.kernel.org>; Sun, 26 Sep 2021 01:45:45 +0000 (UTC)
Received: from phobos.denx.de (phobos.denx.de [85.214.62.61])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by mail.kernel.org (Postfix) with ESMTPS id 4F064610C9
	for <u-boot@archiver.kernel.org>; Sun, 26 Sep 2021 01:45:45 +0000 (UTC)
DMARC-Filter: OpenDMARC Filter v1.4.1 mail.kernel.org 4F064610C9
Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=chromium.org
Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=lists.denx.de
Received: from h2850616.stratoserver.net (localhost [IPv6:::1])
	by phobos.denx.de (Postfix) with ESMTP id BE983835C6;
	Sun, 26 Sep 2021 03:45:09 +0200 (CEST)
Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=chromium.org
Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de
Authentication-Results: phobos.denx.de;
	dkim=pass (1024-bit key; unprotected) header.d=chromium.org header.i=@chromium.org header.b="Sa+aK7Mj";
	dkim-atps=neutral
Received: by phobos.denx.de (Postfix, from userid 109)
 id 42B4B83276; Sun, 26 Sep 2021 03:44:15 +0200 (CEST)
Received: from mail-oo1-xc35.google.com (mail-oo1-xc35.google.com
 [IPv6:2607:f8b0:4864:20::c35])
 (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits))
 (No client certificate requested)
 by phobos.denx.de (Postfix) with ESMTPS id 2A63683276
 for <u-boot@lists.denx.de>; Sun, 26 Sep 2021 03:43:56 +0200 (CEST)
Authentication-Results: phobos.denx.de;
 dmarc=pass (p=none dis=none) header.from=chromium.org
Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=sjg@chromium.org
Received: by mail-oo1-xc35.google.com with SMTP id
 q26-20020a4adc5a000000b002918a69c8eeso4669186oov.13
 for <u-boot@lists.denx.de>; Sat, 25 Sep 2021 18:43:56 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google;
 h=from:to:cc:subject:date:message-id:in-reply-to:references
 :mime-version:content-transfer-encoding;
 bh=HQ5Tum4aLzzjRdDZ9FVnULiuf6d+SvqXBrC2bp13sWQ=;
 b=Sa+aK7Mjzi6S4MTYsr8outCJcT0z2GiCCOy8vChsPVzo1jfbEJUWE7kB7mcs28Dg67
 Kpt0eZLSiIo19BF6HRJXBey1HLPzdGNyn3ZEAHw/sB+eJfeRbz3z9J7b8mlCR72O+dnz
 9suQGVqnQPe4soTjk3qPo82+NEXkI/AQZYhxU=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20210112;
 h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
 :references:mime-version:content-transfer-encoding;
 bh=HQ5Tum4aLzzjRdDZ9FVnULiuf6d+SvqXBrC2bp13sWQ=;
 b=gV2kJZw9bOSHWOE1EZyaM5H+f6C4kNHLx9mldUq5uQQUoOB7ERJvWVQtLsGuvHbHhm
 HPhs1swsZtn4z94CtIN3xLfvZBf0+Opmws995F52SCPropzgWhA7d98Q1tUvsymBChD7
 GNGH2Qi2Eo7nre1QF1sLmvEMCIU2QxQxizFCIzm7ZuoXTiPjmwtivwm4Dp3MnqEzVj5T
 qNUBirSTLnYiYwWW9S0VN07hjKhIcwO+J5KPw45lUDswuGXjX04SEVLGUrMEzfCwdU9o
 HDYJ/bRgP5c2KATFnxcd5EwivcF4Qm5jo3s5SqSPaeoYq/K1RpufoYMTliv3JxYW8Y/B
 dc9g==
X-Gm-Message-State: AOAM533VIx83zHCfvGVYG0FJcwefUDsv1H2AatIKoH6IQ5Wk9XseFwBz
 aEPcQBugOomZBdOQenNj1ze+7E2ODs9tAA==
X-Google-Smtp-Source: ABdhPJzJU5FXWX0e2t8/WjS/FT2YTV1vzQRHTPmPKhuh4IN/5IMNFMIlSE8mV10DQ6rCWYyVHPdKkQ==
X-Received: by 2002:a4a:b814:: with SMTP id g20mr15141720oop.67.1632620634509; 
 Sat, 25 Sep 2021 18:43:54 -0700 (PDT)
Received: from kiwi.bld.corp.google.com (c-67-190-101-114.hsd1.co.comcast.net.
 [67.190.101.114])
 by smtp.gmail.com with ESMTPSA id c18sm330378otr.72.2021.09.25.18.43.53
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Sat, 25 Sep 2021 18:43:54 -0700 (PDT)
From: Simon Glass <sjg@chromium.org>
To: U-Boot Mailing List <u-boot@lists.denx.de>
Cc: Alexandru Gagniuc <mr.nuke.me@gmail.com>,
 Andre Przywara <andre.przywara@arm.com>,
 Rasmus Villemoes <rasmus.villemoes@prevas.dk>,
 Robert Marko <robert.marko@sartura.hr>,
 Masahiro Yamada <masahiroy@kernel.org>, Tom Rini <trini@konsulko.com>,
 Simon Glass <sjg@chromium.org>, Joe Hershberger <joe.hershberger@ni.com>
Subject: [PATCH v5 05/29] hash: Use Kconfig to enable hashing in host tools
 and SPL
Date: Sat, 25 Sep 2021 19:43:18 -0600
Message-Id: <20210925194327.v5.5.Idf4bfa823b4e1a5b357e141a8496acece5051102@changeid>
X-Mailer: git-send-email 2.33.0.685.g46640cef36-goog
In-Reply-To: <20210926014342.127913-1-sjg@chromium.org>
References: <20210926014342.127913-1-sjg@chromium.org>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-BeenThere: u-boot@lists.denx.de
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: U-Boot discussion <u-boot.lists.denx.de>
List-Unsubscribe: <https://lists.denx.de/options/u-boot>,
 <mailto:u-boot-request@lists.denx.de?subject=unsubscribe>
List-Archive: <https://lists.denx.de/pipermail/u-boot/>
List-Post: <mailto:u-boot@lists.denx.de>
List-Help: <mailto:u-boot-request@lists.denx.de?subject=help>
List-Subscribe: <https://lists.denx.de/listinfo/u-boot>,
 <mailto:u-boot-request@lists.denx.de?subject=subscribe>
Errors-To: u-boot-bounces@lists.denx.de
Sender: "U-Boot" <u-boot-bounces@lists.denx.de>
X-Virus-Scanned: clamav-milter 0.103.2 at phobos.denx.de
X-Virus-Status: Clean

At present when building host tools, we force CONFIG_SHAxxx to be enabled
regardless of the board Kconfig setting. This is done in the image.h
header file.

For SPL we currently just assume the algorithm is desired if U-Boot proper
enables it.

Clean this up by adding new Kconfig options to enable hashing on the host,
relying on CONFIG_IS_ENABLED() to deal with the different builds.

Add new SPL Kconfigs for hardware-accelerated hashing, to maintain the
current settings.

This allows us to drop the image.h code and the I_WANT_MD5 hack.

Signed-off-by: Simon Glass <sjg@chromium.org>
---

Changes in v5:
- Drop I_WANT_MD5
- Use TOOLS_ instead of HOST_

Changes in v2:
- Add SPL_ Kconfigs also, since otherwise hashing algorithms drop from SPL

 common/hash.c   | 49 +++++++++++++++++++++++--------------------------
 include/image.h |  5 -----
 lib/Kconfig     | 18 ++++++++++++++++++
 tools/Kconfig   | 25 +++++++++++++++++++++++++
 4 files changed, 66 insertions(+), 31 deletions(-)

diff --git a/common/hash.c b/common/hash.c
index 6277fe65b3e..0fe65c959d0 100644
--- a/common/hash.c
+++ b/common/hash.c
@@ -25,6 +25,7 @@
 #else
 #include "mkimage.h"
 #include <time.h>
+#include <linux/kconfig.h>
 #endif /* !USE_HOSTCC*/
 
 #include <hash.h>
@@ -41,7 +42,7 @@ DECLARE_GLOBAL_DATA_PTR;
 
 static void reloc_update(void);
 
-#if defined(CONFIG_SHA1) && !defined(CONFIG_SHA_PROG_HW_ACCEL)
+#if CONFIG_IS_ENABLED(SHA1) && !CONFIG_IS_ENABLED(SHA_PROG_HW_ACCEL)
 static int hash_init_sha1(struct hash_algo *algo, void **ctxp)
 {
 	sha1_context *ctx = malloc(sizeof(sha1_context));
@@ -69,7 +70,7 @@ static int hash_finish_sha1(struct hash_algo *algo, void *ctx, void *dest_buf,
 }
 #endif
 
-#if defined(CONFIG_SHA256) && !defined(CONFIG_SHA_PROG_HW_ACCEL)
+#if CONFIG_IS_ENABLED(SHA256) && !CONFIG_IS_ENABLED(SHA_PROG_HW_ACCEL)
 static int hash_init_sha256(struct hash_algo *algo, void **ctxp)
 {
 	sha256_context *ctx = malloc(sizeof(sha256_context));
@@ -97,7 +98,7 @@ static int hash_finish_sha256(struct hash_algo *algo, void *ctx, void
 }
 #endif
 
-#if defined(CONFIG_SHA384) && !defined(CONFIG_SHA_PROG_HW_ACCEL)
+#if CONFIG_IS_ENABLED(SHA384) && !CONFIG_IS_ENABLED(SHA_PROG_HW_ACCEL)
 static int hash_init_sha384(struct hash_algo *algo, void **ctxp)
 {
 	sha512_context *ctx = malloc(sizeof(sha512_context));
@@ -125,7 +126,7 @@ static int hash_finish_sha384(struct hash_algo *algo, void *ctx, void
 }
 #endif
 
-#if defined(CONFIG_SHA512) && !defined(CONFIG_SHA_PROG_HW_ACCEL)
+#if CONFIG_IS_ENABLED(SHA512) && !CONFIG_IS_ENABLED(SHA_PROG_HW_ACCEL)
 static int hash_init_sha512(struct hash_algo *algo, void **ctxp)
 {
 	sha512_context *ctx = malloc(sizeof(sha512_context));
@@ -207,18 +208,13 @@ static int hash_finish_crc32(struct hash_algo *algo, void *ctx, void *dest_buf,
 	return 0;
 }
 
-#ifdef USE_HOSTCC
-# define I_WANT_MD5	1
-#else
-# define I_WANT_MD5	CONFIG_IS_ENABLED(MD5)
-#endif
 /*
  * These are the hash algorithms we support.  If we have hardware acceleration
  * is enable we will use that, otherwise a software version of the algorithm.
  * Note that algorithm names must be in lower case.
  */
 static struct hash_algo hash_algo[] = {
-#if I_WANT_MD5
+#if CONFIG_IS_ENABLED(MD5)
 	{
 		.name		= "md5",
 		.digest_size	= MD5_SUM_LEN,
@@ -226,17 +222,17 @@ static struct hash_algo hash_algo[] = {
 		.hash_func_ws	= md5_wd,
 	},
 #endif
-#ifdef CONFIG_SHA1
+#if CONFIG_IS_ENABLED(SHA1)
 	{
 		.name 		= "sha1",
 		.digest_size	= SHA1_SUM_LEN,
 		.chunk_size	= CHUNKSZ_SHA1,
-#ifdef CONFIG_SHA_HW_ACCEL
+#if CONFIG_IS_ENABLED(SHA_HW_ACCEL)
 		.hash_func_ws	= hw_sha1,
 #else
 		.hash_func_ws	= sha1_csum_wd,
 #endif
-#ifdef CONFIG_SHA_PROG_HW_ACCEL
+#if CONFIG_IS_ENABLED(SHA_PROG_HW_ACCEL)
 		.hash_init	= hw_sha_init,
 		.hash_update	= hw_sha_update,
 		.hash_finish	= hw_sha_finish,
@@ -247,17 +243,17 @@ static struct hash_algo hash_algo[] = {
 #endif
 	},
 #endif
-#ifdef CONFIG_SHA256
+#if CONFIG_IS_ENABLED(SHA256)
 	{
 		.name		= "sha256",
 		.digest_size	= SHA256_SUM_LEN,
 		.chunk_size	= CHUNKSZ_SHA256,
-#ifdef CONFIG_SHA_HW_ACCEL
+#if CONFIG_IS_ENABLED(SHA_HW_ACCEL)
 		.hash_func_ws	= hw_sha256,
 #else
 		.hash_func_ws	= sha256_csum_wd,
 #endif
-#ifdef CONFIG_SHA_PROG_HW_ACCEL
+#if CONFIG_IS_ENABLED(SHA_PROG_HW_ACCEL)
 		.hash_init	= hw_sha_init,
 		.hash_update	= hw_sha_update,
 		.hash_finish	= hw_sha_finish,
@@ -268,17 +264,17 @@ static struct hash_algo hash_algo[] = {
 #endif
 	},
 #endif
-#ifdef CONFIG_SHA384
+#if CONFIG_IS_ENABLED(SHA384)
 	{
 		.name		= "sha384",
 		.digest_size	= SHA384_SUM_LEN,
 		.chunk_size	= CHUNKSZ_SHA384,
-#ifdef CONFIG_SHA512_HW_ACCEL
+#if CONFIG_IS_ENABLED(SHA512_HW_ACCEL)
 		.hash_func_ws	= hw_sha384,
 #else
 		.hash_func_ws	= sha384_csum_wd,
 #endif
-#if defined(CONFIG_SHA512_HW_ACCEL) && defined(CONFIG_SHA_PROG_HW_ACCEL)
+#if CONFIG_IS_ENABLED(SHA512_HW_ACCEL) && CONFIG_IS_ENABLED(SHA_PROG_HW_ACCEL)
 		.hash_init	= hw_sha_init,
 		.hash_update	= hw_sha_update,
 		.hash_finish	= hw_sha_finish,
@@ -289,17 +285,17 @@ static struct hash_algo hash_algo[] = {
 #endif
 	},
 #endif
-#ifdef CONFIG_SHA512
+#if CONFIG_IS_ENABLED(SHA512)
 	{
 		.name		= "sha512",
 		.digest_size	= SHA512_SUM_LEN,
 		.chunk_size	= CHUNKSZ_SHA512,
-#ifdef CONFIG_SHA512_HW_ACCEL
+#if CONFIG_IS_ENABLED(SHA512_HW_ACCEL)
 		.hash_func_ws	= hw_sha512,
 #else
 		.hash_func_ws	= sha512_csum_wd,
 #endif
-#if defined(CONFIG_SHA512_HW_ACCEL) && defined(CONFIG_SHA_PROG_HW_ACCEL)
+#if CONFIG_IS_ENABLED(SHA512_HW_ACCEL) && CONFIG_IS_ENABLED(SHA_PROG_HW_ACCEL)
 		.hash_init	= hw_sha_init,
 		.hash_update	= hw_sha_update,
 		.hash_finish	= hw_sha_finish,
@@ -331,9 +327,9 @@ static struct hash_algo hash_algo[] = {
 };
 
 /* Try to minimize code size for boards that don't want much hashing */
-#if defined(CONFIG_SHA256) || defined(CONFIG_CMD_SHA1SUM) || \
-	defined(CONFIG_CRC32_VERIFY) || defined(CONFIG_CMD_HASH) || \
-	defined(CONFIG_SHA384) || defined(CONFIG_SHA512)
+#if CONFIG_IS_ENABLED(SHA256) || CONFIG_IS_ENABLED(CMD_SHA1SUM) || \
+	CONFIG_IS_ENABLED(CRC32_VERIFY) || CONFIG_IS_ENABLED(CMD_HASH) || \
+	CONFIG_IS_ENABLED(SHA384) || CONFIG_IS_ENABLED(SHA512)
 #define multi_hash()	1
 #else
 #define multi_hash()	0
@@ -438,7 +434,8 @@ int hash_block(const char *algo_name, const void *data, unsigned int len,
 	return 0;
 }
 
-#if defined(CONFIG_CMD_HASH) || defined(CONFIG_CMD_SHA1SUM) || defined(CONFIG_CMD_CRC32)
+#if !defined(CONFIG_SPL_BUILD) && (defined(CONFIG_CMD_HASH) || \
+	defined(CONFIG_CMD_SHA1SUM) || defined(CONFIG_CMD_CRC32))
 /**
  * store_result: Store the resulting sum to an address or variable
  *
diff --git a/include/image.h b/include/image.h
index 73a763a6936..03857f4b500 100644
--- a/include/image.h
+++ b/include/image.h
@@ -31,11 +31,6 @@ struct fdt_region;
 #define IMAGE_ENABLE_OF_LIBFDT	1
 #define CONFIG_FIT_VERBOSE	1 /* enable fit_format_{error,warning}() */
 #define CONFIG_FIT_RSASSA_PSS 1
-#define CONFIG_MD5
-#define CONFIG_SHA1
-#define CONFIG_SHA256
-#define CONFIG_SHA384
-#define CONFIG_SHA512
 
 #define IMAGE_ENABLE_IGNORE	0
 #define IMAGE_INDENT_STRING	""
diff --git a/lib/Kconfig b/lib/Kconfig
index 7899e756f99..64765acfa61 100644
--- a/lib/Kconfig
+++ b/lib/Kconfig
@@ -438,6 +438,24 @@ config SPL_SHA384
 	  The SHA384 algorithm produces a 384-bit (48-byte) hash value
 	  (digest).
 
+config SPL_SHA_HW_ACCEL
+	bool "Enable hardware acceleration for SHA hash functions"
+	default y if SHA_HW_ACCEL
+	help
+	  This option enables hardware acceleration for the SHA1 and SHA256
+	  hashing algorithms. This affects the 'hash' command and also the
+	  hash_lookup_algo() function.
+
+config SPL_SHA_PROG_HW_ACCEL
+	bool "Enable Progressive hashing support using hardware in SPL"
+	depends on SHA_PROG_HW_ACCEL
+	default y
+	help
+	  This option enables hardware-acceleration for SHA progressive
+	  hashing.
+	  Data can be streamed in a block at a time and the hashing is
+	  performed in hardware.
+
 endif
 
 if SHA_HW_ACCEL
diff --git a/tools/Kconfig b/tools/Kconfig
index ea986ab0479..6ffc2c0aa31 100644
--- a/tools/Kconfig
+++ b/tools/Kconfig
@@ -45,4 +45,29 @@ config TOOLS_FIT_SIGNATURE_MAX_SIZE
 	depends on TOOLS_FIT_SIGNATURE
 	default 0x10000000
 
+config TOOLS_MD5
+	def_bool y
+	help
+	  Enable MD5 support in the tools builds
+
+config TOOLS_SHA1
+	def_bool y
+	help
+	  Enable SHA1 support in the tools builds
+
+config TOOLS_SHA256
+	def_bool y
+	help
+	  Enable SHA256 support in the tools builds
+
+config TOOLS_SHA384
+	def_bool y
+	help
+	  Enable SHA384 support in the tools builds
+
+config TOOLS_SHA512
+	def_bool y
+	help
+	  Enable SHA512 support in the tools builds
+
 endmenu
-- 
2.33.0.685.g46640cef36-goog