[PATCH v2 07/28] lib: Adapt digest header files to MbedTLS

Raymond Mao raymond.mao at linaro.org
Thu May 9 17:15:48 CEST 2024


Hi Ilias,

On Wed, 8 May 2024 at 06:30, Ilias Apalodimas <ilias.apalodimas at linaro.org>
wrote:

> On Tue, 7 May 2024 at 20:54, Raymond Mao <raymond.mao at linaro.org> wrote:
> >
> > Adapt digest header files to support both original libs and MbedTLS
> > by switching on/off MBEDTLS_LIB_CRYPTO
> >
> > FIXME:
> > `IS_ENABLED` or `CONFIG_IS_ENABLED` is not applicable here, since
> > including <linux/kconfig.h> causes undefined reference on schedule()
> > with sandbox build.
> > As <linux/kconfig.h> includes <generated/autoconf.h> which enables
> > `CONFIG_HW_WATCHDOG` and `CONFIG_WATCHDOG` but no schedule() are
> > defined in sandbox build.
> > `#if defined(CONFIG_MBEDTLS_LIB_CRYPTO)` is a workaround.
> >
> > Signed-off-by: Raymond Mao <raymond.mao at linaro.org>
> > ---
> > Changes in v2
> > - Initial patch.
> >
> >  include/u-boot/md5.h    | 17 ++++++++++++-----
> >  include/u-boot/sha1.h   | 21 ++++++++++++++++++++-
> >  include/u-boot/sha256.h | 20 ++++++++++++++++++++
> >  include/u-boot/sha512.h | 22 +++++++++++++++++++---
> >  lib/Makefile            |  6 +++++-
> >  5 files changed, 76 insertions(+), 10 deletions(-)
> >
> [snip]
> > diff --git a/include/u-boot/sha256.h b/include/u-boot/sha256.h
> > index 9aa1251789a..e2b7fdd41c8 100644
> > --- a/include/u-boot/sha256.h
> > +++ b/include/u-boot/sha256.h
> > @@ -1,6 +1,22 @@
> >  #ifndef _SHA256_H
> >  #define _SHA256_H
> >
> > +#if defined(CONFIG_MBEDTLS_LIB_CRYPTO)
> > +/*
> > + * FIXME:
> > + * MbedTLS define the members of "mbedtls_sha256_context" as private,
> > + * but "state" needs to be access by arch/arm/cpu/armv8/sha256_ce_glue.
>
> 'be able to access.'
>
> Isn't the MBEDTLS_ALLOW_PRIVATE_ACCESS considered deprecated?
> I'd prefer if we fix this properly.
>
> If  MBEDTLS_ALLOW_PRIVATE_ACCESS is deprecated, that is another issue
other than the one I marked FIXME here.
Once MBEDTLS_ALLOW_PRIVATE_ACCESS is deprecated, all callers are not
able to access the private members (e.g. 'hash->state').
Currently only arm drivers are using 'hash->state', but I don't have the
background
context about this - why we cannot use the normal hash functions without
knowing
the 'state' like other arches.

Regards,
Raymond


More information about the U-Boot mailing list