[PATCH u-boot-mvebu v2 19/41] tools: kwbimage: Do not hide usage of secure header under CONFIG_ARMADA_38X

Marek Behún marek.behun at nic.cz
Mon Jul 19 14:20:42 CEST 2021


From: Pali Rohár <pali at kernel.org>

The mkimage host tool can be used to generate kwbimage v1 image with
secure header on host system for A38x plaform also when U-Boot is being
compiled for different platform. So there is no reason to not allow
compiling of mkimage/kwbimage with secure header support for e.g. x86-64
host.

Signed-off-by: Pali Rohár <pali at kernel.org>
Reviewed-by: Marek Behún <marek.behun at nic.cz>
Reviewed-by: Chris Packham <judge.packham at gmail.com>
Tested-by: Chris Packham <judge.packham at gmail.com>
---
 tools/Makefile   |  4 ----
 tools/kwbimage.c | 22 ----------------------
 2 files changed, 26 deletions(-)

diff --git a/tools/Makefile b/tools/Makefile
index fadf3135d6..7c27069c86 100644
--- a/tools/Makefile
+++ b/tools/Makefile
@@ -159,10 +159,6 @@ ifneq ($(CONFIG_SYS_U_BOOT_OFFS),)
 HOSTCFLAGS_kwbimage.o += -DCONFIG_SYS_U_BOOT_OFFS=$(CONFIG_SYS_U_BOOT_OFFS)
 endif
 
-ifneq ($(CONFIG_ARMADA_38X),)
-HOSTCFLAGS_kwbimage.o += -DCONFIG_KWB_SECURE
-endif
-
 # MXSImage needs LibSSL
 ifneq ($(CONFIG_MX23)$(CONFIG_MX28)$(CONFIG_ARMADA_38X)$(CONFIG_FIT_SIGNATURE)$(CONFIG_FIT_CIPHER),)
 HOSTCFLAGS_kwbimage.o += \
diff --git a/tools/kwbimage.c b/tools/kwbimage.c
index 469e5b55f2..f3b16d94ad 100644
--- a/tools/kwbimage.c
+++ b/tools/kwbimage.c
@@ -16,7 +16,6 @@
 #include <stdint.h>
 #include "kwbimage.h"
 
-#ifdef CONFIG_KWB_SECURE
 #include <openssl/bn.h>
 #include <openssl/rsa.h>
 #include <openssl/pem.h>
@@ -42,13 +41,10 @@ void EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx)
 	EVP_MD_CTX_reset(ctx);
 }
 #endif
-#endif
 
 static struct image_cfg_element *image_cfg;
 static int cfgn;
-#ifdef CONFIG_KWB_SECURE
 static int verbose_mode;
-#endif
 
 struct boot_mode {
 	unsigned int id;
@@ -243,8 +239,6 @@ image_count_options(unsigned int optiontype)
 	return count;
 }
 
-#if defined(CONFIG_KWB_SECURE)
-
 static int image_get_csk_index(void)
 {
 	struct image_cfg_element *e;
@@ -267,8 +261,6 @@ static bool image_get_spezialized_img(void)
 	return e->sec_specialized_img;
 }
 
-#endif
-
 /*
  * Compute a 8-bit checksum of a memory area. This algorithm follows
  * the requirements of the Marvell SoC BootROM specifications.
@@ -363,7 +355,6 @@ static uint8_t baudrate_to_option(unsigned int baudrate)
 	}
 }
 
-#if defined(CONFIG_KWB_SECURE)
 static void kwb_msg(const char *fmt, ...)
 {
 	if (verbose_mode) {
@@ -852,8 +843,6 @@ done:
 	return ret;
 }
 
-#endif
-
 static void *image_create_v0(size_t *imagesz, struct image_tool_params *params,
 			     int payloadsz)
 {
@@ -984,13 +973,11 @@ static size_t image_headersz_v1(int *hasext)
 			*hasext = 1;
 	}
 
-#if defined(CONFIG_KWB_SECURE)
 	if (image_get_csk_index() >= 0) {
 		headersz += sizeof(struct secure_hdr_v1);
 		if (hasext)
 			*hasext = 1;
 	}
-#endif
 
 #if defined(CONFIG_SYS_U_BOOT_OFFS)
 	if (headersz > CONFIG_SYS_U_BOOT_OFFS) {
@@ -1080,8 +1067,6 @@ err_close:
 	return -1;
 }
 
-#if defined(CONFIG_KWB_SECURE)
-
 int export_pub_kak_hash(RSA *kak, struct secure_hdr_v1 *secure_hdr)
 {
 	FILE *hashf;
@@ -1189,7 +1174,6 @@ int add_secure_header_v1(struct image_tool_params *params, uint8_t *ptr,
 
 	return 0;
 }
-#endif
 
 static void *image_create_v1(size_t *imagesz, struct image_tool_params *params,
 			     uint8_t *ptr, int payloadsz)
@@ -1197,9 +1181,7 @@ static void *image_create_v1(size_t *imagesz, struct image_tool_params *params,
 	struct image_cfg_element *e;
 	struct main_hdr_v1 *main_hdr;
 	struct register_set_hdr_v1 *register_set_hdr;
-#if defined(CONFIG_KWB_SECURE)
 	struct secure_hdr_v1 *secure_hdr = NULL;
-#endif
 	size_t headersz;
 	uint8_t *image, *cur;
 	int hasext = 0;
@@ -1275,7 +1257,6 @@ static void *image_create_v1(size_t *imagesz, struct image_tool_params *params,
 	if (main_hdr->blockid == IBR_HDR_PEX_ID)
 		main_hdr->srcaddr = cpu_to_le32(0xFFFFFFFF);
 
-#if defined(CONFIG_KWB_SECURE)
 	if (image_get_csk_index() >= 0) {
 		/*
 		 * only reserve the space here; we fill the header later since
@@ -1286,7 +1267,6 @@ static void *image_create_v1(size_t *imagesz, struct image_tool_params *params,
 		*next_ext = 1;
 		next_ext = &secure_hdr->next;
 	}
-#endif
 
 	datai = 0;
 	register_set_hdr = (struct register_set_hdr_v1 *)cur;
@@ -1334,11 +1314,9 @@ static void *image_create_v1(size_t *imagesz, struct image_tool_params *params,
 			return NULL;
 	}
 
-#if defined(CONFIG_KWB_SECURE)
 	if (secure_hdr && add_secure_header_v1(params, ptr, payloadsz,
 					       headersz, image, secure_hdr))
 		return NULL;
-#endif
 
 	/* Calculate and set the header checksum */
 	main_hdr->checksum = image_checksum8(main_hdr, headersz);
-- 
2.31.1



More information about the U-Boot mailing list