hash: Use Kconfig to enable hashing in host tools and SPL

At present when building host tools, we force CONFIG_SHAxxx to be enabled
regardless of the board Kconfig setting. This is done in the image.h
header file.

For SPL we currently just assume the algorithm is desired if U-Boot proper
enables it.

Clean this up by adding new Kconfig options to enable hashing on the host,
relying on CONFIG_IS_ENABLED() to deal with the different builds.

Add new SPL Kconfigs for hardware-accelerated hashing, to maintain the
current settings.

This allows us to drop the image.h code and the I_WANT_MD5 hack.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>

diff --git a/common/hash.c b/common/hash.c
index 3884298..2b8e7a4 100644 (file)
--- a/common/hash.c
+++ b/common/hash.c
@@ -25,6 +25,7 @@
 #else
 #include "mkimage.h"
 #include <time.h>
+#include <linux/kconfig.h>
 #endif /* !USE_HOSTCC*/
 
 #include <hash.h>
@@ -41,7 +42,7 @@ DECLARE_GLOBAL_DATA_PTR;
 
 static void reloc_update(void);
 
-#if defined(CONFIG_SHA1) && !defined(CONFIG_SHA_PROG_HW_ACCEL)
+#if CONFIG_IS_ENABLED(SHA1) && !CONFIG_IS_ENABLED(SHA_PROG_HW_ACCEL)
 static int hash_init_sha1(struct hash_algo *algo, void **ctxp)
 {
        sha1_context *ctx = malloc(sizeof(sha1_context));
@@ -69,7 +70,7 @@ static int hash_finish_sha1(struct hash_algo *algo, void *ctx, void *dest_buf,
 }
 #endif
 
-#if defined(CONFIG_SHA256) && !defined(CONFIG_SHA_PROG_HW_ACCEL)
+#if CONFIG_IS_ENABLED(SHA256) && !CONFIG_IS_ENABLED(SHA_PROG_HW_ACCEL)
 static int hash_init_sha256(struct hash_algo *algo, void **ctxp)
 {
        sha256_context *ctx = malloc(sizeof(sha256_context));
@@ -97,7 +98,7 @@ static int hash_finish_sha256(struct hash_algo *algo, void *ctx, void
 }
 #endif
 
-#if defined(CONFIG_SHA384) && !defined(CONFIG_SHA_PROG_HW_ACCEL)
+#if CONFIG_IS_ENABLED(SHA384) && !CONFIG_IS_ENABLED(SHA_PROG_HW_ACCEL)
 static int hash_init_sha384(struct hash_algo *algo, void **ctxp)
 {
        sha512_context *ctx = malloc(sizeof(sha512_context));
@@ -125,7 +126,7 @@ static int hash_finish_sha384(struct hash_algo *algo, void *ctx, void
 }
 #endif
 
-#if defined(CONFIG_SHA512) && !defined(CONFIG_SHA_PROG_HW_ACCEL)
+#if CONFIG_IS_ENABLED(SHA512) && !CONFIG_IS_ENABLED(SHA_PROG_HW_ACCEL)
 static int hash_init_sha512(struct hash_algo *algo, void **ctxp)
 {
        sha512_context *ctx = malloc(sizeof(sha512_context));
@@ -207,18 +208,13 @@ static int hash_finish_crc32(struct hash_algo *algo, void *ctx, void *dest_buf,
        return 0;
 }
 
-#ifdef USE_HOSTCC
-# define I_WANT_MD5    1
-#else
-# define I_WANT_MD5    CONFIG_IS_ENABLED(MD5)
-#endif
 /*
  * These are the hash algorithms we support.  If we have hardware acceleration
  * is enable we will use that, otherwise a software version of the algorithm.
  * Note that algorithm names must be in lower case.
  */
 static struct hash_algo hash_algo[] = {
-#if I_WANT_MD5
+#if CONFIG_IS_ENABLED(MD5)
        {
                .name           = "md5",
                .digest_size    = MD5_SUM_LEN,
@@ -226,17 +222,17 @@ static struct hash_algo hash_algo[] = {
                .hash_func_ws   = md5_wd,
        },
 #endif
-#ifdef CONFIG_SHA1
+#if CONFIG_IS_ENABLED(SHA1)
        {
                .name           = "sha1",
                .digest_size    = SHA1_SUM_LEN,
                .chunk_size     = CHUNKSZ_SHA1,
-#ifdef CONFIG_SHA_HW_ACCEL
+#if CONFIG_IS_ENABLED(SHA_HW_ACCEL)
                .hash_func_ws   = hw_sha1,
 #else
                .hash_func_ws   = sha1_csum_wd,
 #endif
-#ifdef CONFIG_SHA_PROG_HW_ACCEL
+#if CONFIG_IS_ENABLED(SHA_PROG_HW_ACCEL)
                .hash_init      = hw_sha_init,
                .hash_update    = hw_sha_update,
                .hash_finish    = hw_sha_finish,
@@ -247,17 +243,17 @@ static struct hash_algo hash_algo[] = {
 #endif
        },
 #endif
-#ifdef CONFIG_SHA256
+#if CONFIG_IS_ENABLED(SHA256)
        {
                .name           = "sha256",
                .digest_size    = SHA256_SUM_LEN,
                .chunk_size     = CHUNKSZ_SHA256,
-#ifdef CONFIG_SHA_HW_ACCEL
+#if CONFIG_IS_ENABLED(SHA_HW_ACCEL)
                .hash_func_ws   = hw_sha256,
 #else
                .hash_func_ws   = sha256_csum_wd,
 #endif
-#ifdef CONFIG_SHA_PROG_HW_ACCEL
+#if CONFIG_IS_ENABLED(SHA_PROG_HW_ACCEL)
                .hash_init      = hw_sha_init,
                .hash_update    = hw_sha_update,
                .hash_finish    = hw_sha_finish,
@@ -268,17 +264,17 @@ static struct hash_algo hash_algo[] = {
 #endif
        },
 #endif
-#ifdef CONFIG_SHA384
+#if CONFIG_IS_ENABLED(SHA384)
        {
                .name           = "sha384",
                .digest_size    = SHA384_SUM_LEN,
                .chunk_size     = CHUNKSZ_SHA384,
-#ifdef CONFIG_SHA512_HW_ACCEL
+#if CONFIG_IS_ENABLED(SHA512_HW_ACCEL)
                .hash_func_ws   = hw_sha384,
 #else
                .hash_func_ws   = sha384_csum_wd,
 #endif
-#if defined(CONFIG_SHA512_HW_ACCEL) && defined(CONFIG_SHA_PROG_HW_ACCEL)
+#if CONFIG_IS_ENABLED(SHA512_HW_ACCEL) && CONFIG_IS_ENABLED(SHA_PROG_HW_ACCEL)
                .hash_init      = hw_sha_init,
                .hash_update    = hw_sha_update,
                .hash_finish    = hw_sha_finish,
@@ -289,17 +285,17 @@ static struct hash_algo hash_algo[] = {
 #endif
        },
 #endif
-#ifdef CONFIG_SHA512
+#if CONFIG_IS_ENABLED(SHA512)
        {
                .name           = "sha512",
                .digest_size    = SHA512_SUM_LEN,
                .chunk_size     = CHUNKSZ_SHA512,
-#ifdef CONFIG_SHA512_HW_ACCEL
+#if CONFIG_IS_ENABLED(SHA512_HW_ACCEL)
                .hash_func_ws   = hw_sha512,
 #else
                .hash_func_ws   = sha512_csum_wd,
 #endif
-#if defined(CONFIG_SHA512_HW_ACCEL) && defined(CONFIG_SHA_PROG_HW_ACCEL)
+#if CONFIG_IS_ENABLED(SHA512_HW_ACCEL) && CONFIG_IS_ENABLED(SHA_PROG_HW_ACCEL)
                .hash_init      = hw_sha_init,
                .hash_update    = hw_sha_update,
                .hash_finish    = hw_sha_finish,
@@ -331,9 +327,9 @@ static struct hash_algo hash_algo[] = {
 };
 
 /* Try to minimize code size for boards that don't want much hashing */
-#if defined(CONFIG_SHA256) || defined(CONFIG_CMD_SHA1SUM) || \
-       defined(CONFIG_CRC32_VERIFY) || defined(CONFIG_CMD_HASH) || \
-       defined(CONFIG_SHA384) || defined(CONFIG_SHA512)
+#if CONFIG_IS_ENABLED(SHA256) || CONFIG_IS_ENABLED(CMD_SHA1SUM) || \
+       CONFIG_IS_ENABLED(CRC32_VERIFY) || CONFIG_IS_ENABLED(CMD_HASH) || \
+       CONFIG_IS_ENABLED(SHA384) || CONFIG_IS_ENABLED(SHA512)
 #define multi_hash()   1
 #else
 #define multi_hash()   0
@@ -438,7 +434,8 @@ int hash_block(const char *algo_name, const void *data, unsigned int len,
        return 0;
 }
 
-#if defined(CONFIG_CMD_HASH) || defined(CONFIG_CMD_SHA1SUM) || defined(CONFIG_CMD_CRC32)
+#if !defined(CONFIG_SPL_BUILD) && (defined(CONFIG_CMD_HASH) || \
+       defined(CONFIG_CMD_SHA1SUM) || defined(CONFIG_CMD_CRC32))
 /**
  * store_result: Store the resulting sum to an address or variable
  *

diff --git a/include/fdt_support.h b/include/fdt_support.h
index 72a5b90..88d129c 100644 (file)
--- a/include/fdt_support.h
+++ b/include/fdt_support.h
@@ -7,7 +7,7 @@
 #ifndef __FDT_SUPPORT_H
 #define __FDT_SUPPORT_H
 
-#ifdef CONFIG_OF_LIBFDT
+#if defined(CONFIG_OF_LIBFDT) && !defined(USE_HOSTCC)
 
 #include <asm/u-boot.h>
 #include <linux/libfdt.h>

diff --git a/include/hash.h b/include/hash.h
index 97bb3ed..cfafbe7 100644 (file)
--- a/include/hash.h
+++ b/include/hash.h
@@ -6,13 +6,17 @@
 #ifndef _HASH_H
 #define _HASH_H
 
+#ifdef USE_HOSTCC
+#include <linux/kconfig.h>
+#endif
+
 struct cmd_tbl;
 
 /*
  * Maximum digest size for all algorithms we support. Having this value
  * avoids a malloc() or C99 local declaration in common/cmd_hash.c.
  */
-#if defined(CONFIG_SHA384) || defined(CONFIG_SHA512)
+#if CONFIG_IS_ENABLED(SHA384) || CONFIG_IS_ENABLED(SHA512)
 #define HASH_MAX_DIGEST_SIZE   64
 #else
 #define HASH_MAX_DIGEST_SIZE   32

diff --git a/include/image.h b/include/image.h
index 73a763a..03857f4 100644 (file)
--- a/include/image.h
+++ b/include/image.h
@@ -31,11 +31,6 @@ struct fdt_region;
 #define IMAGE_ENABLE_OF_LIBFDT 1
 #define CONFIG_FIT_VERBOSE     1 /* enable fit_format_{error,warning}() */
 #define CONFIG_FIT_RSASSA_PSS 1
-#define CONFIG_MD5
-#define CONFIG_SHA1
-#define CONFIG_SHA256
-#define CONFIG_SHA384
-#define CONFIG_SHA512
 
 #define IMAGE_ENABLE_IGNORE    0
 #define IMAGE_INDENT_STRING    ""

diff --git a/lib/Kconfig b/lib/Kconfig
index 7899e75..64765ac 100644 (file)
--- a/lib/Kconfig
+++ b/lib/Kconfig
@@ -438,6 +438,24 @@ config SPL_SHA384
          The SHA384 algorithm produces a 384-bit (48-byte) hash value
          (digest).
 
+config SPL_SHA_HW_ACCEL
+       bool "Enable hardware acceleration for SHA hash functions"
+       default y if SHA_HW_ACCEL
+       help
+         This option enables hardware acceleration for the SHA1 and SHA256
+         hashing algorithms. This affects the 'hash' command and also the
+         hash_lookup_algo() function.
+
+config SPL_SHA_PROG_HW_ACCEL
+       bool "Enable Progressive hashing support using hardware in SPL"
+       depends on SHA_PROG_HW_ACCEL
+       default y
+       help
+         This option enables hardware-acceleration for SHA progressive
+         hashing.
+         Data can be streamed in a block at a time and the hashing is
+         performed in hardware.
+
 endif
 
 if SHA_HW_ACCEL

diff --git a/tools/Kconfig b/tools/Kconfig
index ea986ab..6ffc2c0 100644 (file)
--- a/tools/Kconfig
+++ b/tools/Kconfig
@@ -45,4 +45,29 @@ config TOOLS_FIT_SIGNATURE_MAX_SIZE
        depends on TOOLS_FIT_SIGNATURE
        default 0x10000000
 
+config TOOLS_MD5
+       def_bool y
+       help
+         Enable MD5 support in the tools builds
+
+config TOOLS_SHA1
+       def_bool y
+       help
+         Enable SHA1 support in the tools builds
+
+config TOOLS_SHA256
+       def_bool y
+       help
+         Enable SHA256 support in the tools builds
+
+config TOOLS_SHA384
+       def_bool y
+       help
+         Enable SHA384 support in the tools builds
+
+config TOOLS_SHA512
+       def_bool y
+       help
+         Enable SHA512 support in the tools builds
+
 endmenu