[PATCH 01/19] mbedtls: Add SHA symbols for VPL

Raymond Mao raymond.mao at linaro.org
Thu Jan 30 22:49:36 CET 2025 

Hi Tom,

On Thu, 30 Jan 2025 at 14:55, Tom Rini <trini at konsulko.com> wrote:
>
> On Mon, Jan 27, 2025 at 10:23:12AM -0500, Raymond Mao wrote:
> > Hi Simon,
> >
> >
> > On Sun, 26 Jan 2025 at 13:43, Simon Glass <sjg at chromium.org> wrote:
> > >
> > > Add some symbols for supporting SHA1 etc. for VPL.
> > >
> > > Signed-off-by: Simon Glass <sjg at chromium.org>
> > > ---
> > >
> > >  lib/mbedtls/Kconfig | 40 ++++++++++++++++++++++++++++++++++++++++
> > >  1 file changed, 40 insertions(+)
> > >
> > > diff --git a/lib/mbedtls/Kconfig b/lib/mbedtls/Kconfig
> > > index 78167ffa252..81274786106 100644
> > > --- a/lib/mbedtls/Kconfig
> > > +++ b/lib/mbedtls/Kconfig
> > > @@ -112,6 +112,46 @@ config SPL_MD5_LEGACY
> > >
> > >  endif # SPL
> > >
> > > +if VPL
> > > +
> > > +config VPL_SHA1_LEGACY
> > > +       bool "Enable SHA1 support in VPL with legacy crypto library"
> > > +       depends on LEGACY_CRYPTO_BASIC && VPL_SHA1
> > > +       help
> > > +         This option enables support of hashing using SHA1 algorithm
> > > +         with legacy crypto library.
> > > +
> > > +config VPL_SHA256_LEGACY
> > > +       bool "Enable SHA256 support in VPL with legacy crypto library"
> > > +       depends on LEGACY_CRYPTO_BASIC && VPL_SHA256
> > > +       help
> > > +         This option enables support of hashing using SHA256 algorithm
> > > +         with legacy crypto library.
> > > +
> > > +config VPL_SHA512_LEGACY
> > > +       bool "Enable SHA512 support in VPL with legacy crypto library"
> > > +       depends on LEGACY_CRYPTO_BASIC && VPL_SHA512
> > > +       help
> > > +         This option enables support of hashing using SHA512 algorithm
> > > +         with legacy crypto library.
> > > +
> > > +config VPL_SHA384_LEGACY
> > > +       bool "Enable SHA384 support in VPL with legacy crypto library"
> > > +       depends on LEGACY_CRYPTO_BASIC && VPL_SHA384
> > > +       select VPL_SHA512_LEGACY
> > > +       help
> > > +         This option enables support of hashing using SHA384 algorithm
> > > +         with legacy crypto library.
> > > +
> > > +config VPL_MD5_LEGACY
> > > +       bool "Enable MD5 support in VPL with legacy crypto library"
> > > +       depends on LEGACY_CRYPTO_BASIC && VPL_MD5
> > > +       help
> > > +         This option enables support of hashing using MD5 algorithm
> > > +         with legacy crypto library.
> > > +
> > > +endif # VPL
> > > +
> >
> > Do you mind rebasing this patch on top of my series below?
> > https://lore.kernel.org/u-boot/20250127151657.648255-1-raymond.mao@linaro.org/
> >
> > My one has refactored the entire mbedtls kconfig submenu, makefile and
> > default config file to adapt with XPL, so that users can have
> > independent config options in both U-Boot proper and XPLs.
>
> Actually, can you work on top of this one please Raymond? I tried yours
> out now and it results in ~4KiB growth so something isn't right there,
> but Simon's is fine atm. Thanks!
>
The reason is that I set MbedTLS crypto as default when MBEDTLS_LIB is
selected, which sounds more logically reasonable.
If users enable MBEDTLS_LIB_CRYPTO_ALT at the same time with
MBEDTLS_LIB, which means using U-Boot legacy crypto as MbedTLS
alternatives, the growth should be gone.

Do you want me to select MBEDTLS_LIB_CRYPTO_ALT for qemu or should we
leave this for the user to determine?

Regards,
Raymond



> --
> Tom

More information about the U-Boot mailing list