[PATCH 11/23] efi_loader: switch sha256 to mbedtls

Tom Rini trini at konsulko.com
Wed Apr 17 02:25:24 CEST 2024


On Tue, Apr 16, 2024 at 08:22:23PM -0400, Raymond Mao wrote:
> Hi Tom,
> 
> On Tue, 16 Apr 2024 at 15:22, Tom Rini <trini at konsulko.com> wrote:
> 
> > On Tue, Apr 16, 2024 at 12:00:07PM -0700, Raymond Mao wrote:
> >
> > > When MBEDTLS_LIB_CRYPTO is enabled, use the APIs of sha256 from
> > > hash shim layer instead.
> > >
> > > Signed-off-by: Raymond Mao <raymond.mao at linaro.org>
> > > ---
> > >  lib/efi_loader/efi_tcg2.c | 9 +++++++++
> > >  1 file changed, 9 insertions(+)
> >
> > Why can't we have the abstraction be at the level where we include one
> > library or the other so that the calling code doesn't change?
> >
> > Yes, we can do this - The only reason I added new hash APIs with "_mb" is
> just to
> avoid vendor drivers that are using hash functions switch to MbedTLS with
> this
> patch set (As a [RFC], I was going to control all effects within the EFI
> loader).
> But if you think a complete switching has more benefits for estimation, I
> can unify
> all APIs between on/off MbedTLS.

Yes, please, a complete switch.

-- 
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 659 bytes
Desc: not available
URL: <https://lists.denx.de/pipermail/u-boot/attachments/20240416/3b7f54e6/attachment.sig>


More information about the U-Boot mailing list