Merge branch '2021-09-08-fix-FIT-hash-algos-in-SPL'

- Merge some fixes to how we enable hash algorithms for FIT images in
  SPL.  This fixes a few cases where we should have had some options
  enabled, but did not.  This also removes otherwise unused options in a
  few other cases.
This commit is contained in:
Tom Rini 2021-09-08 21:23:55 -04:00
commit 4412fd8ba2
24 changed files with 60 additions and 171 deletions

View file

@ -11,7 +11,7 @@ config SOCFPGA_SECURE_VAB_AUTH
depends on TARGET_SOCFPGA_AGILEX || TARGET_SOCFPGA_N5X
select FIT_IMAGE_POST_PROCESS
select SHA384
select SHA512_ALGO
select SHA512
select SPL_FIT_IMAGE_POST_PROCESS
help
All images loaded from FIT will be authenticated by Secure Device

View file

@ -4,6 +4,7 @@ config CHAIN_OF_TRUST
imply CMD_HASH if ARM
select FSL_CAAM
select SPL_BOARD_INIT if (ARM && SPL)
select SPL_HASH if (ARM && SPL)
select SHA_HW_ACCEL
select SHA_PROG_HW_ACCEL
select ENV_IS_NOWHERE

View file

@ -4,6 +4,7 @@ depends on ARCH_MVEBU
config CMD_MVEBU_BUBT
bool "bubt"
default n
select SHA256 if ARMADA_3700
help
bubt - Burn a u-boot image to flash
For details about bubt command please see the documentation

View file

@ -11,8 +11,10 @@ config ANDROID_BOOT_IMAGE
config FIT
bool "Support Flattened Image Tree"
select HASH
select MD5
select SHA1
imply SHA256
help
This option allows you to boot the new uImage structure,
Flattened Image Tree. FIT is formally a FDT, which can include
@ -35,34 +37,6 @@ config FIT_EXTERNAL_OFFSET
could be put in the hole between data payload and fit image
header, such as CSF data on i.MX platform.
config FIT_SHA256
bool "Support SHA256 checksum of FIT image contents"
default y
select SHA256
help
Enable this to support SHA256 checksum of FIT image contents. A
SHA256 checksum is a 256-bit (32-byte) hash value used to check that
the image contents have not been corrupted.
config FIT_SHA384
bool "Support SHA384 checksum of FIT image contents"
default n
select SHA384
help
Enable this to support SHA384 checksum of FIT image contents. A
SHA384 checksum is a 384-bit (48-byte) hash value used to check that
the image contents have not been corrupted. Use this for the highest
security.
config FIT_SHA512
bool "Support SHA512 checksum of FIT image contents"
default n
select SHA512
help
Enable this to support SHA512 checksum of FIT image contents. A
SHA512 checksum is a 512-bit (64-byte) hash value used to check that
the image contents have not been corrupted.
config FIT_FULL_CHECK
bool "Do a full check of the FIT before using it"
default y
@ -161,6 +135,7 @@ if SPL
config SPL_FIT
bool "Support Flattened Image Tree within SPL"
depends on SPL
select SPL_HASH
select SPL_OF_LIBFDT
config SPL_FIT_PRINT
@ -185,7 +160,7 @@ config SPL_FIT_SIGNATURE
select FIT_SIGNATURE
select SPL_FIT
select SPL_CRYPTO
select SPL_HASH_SUPPORT
select SPL_HASH
imply SPL_RSA
imply SPL_RSA_VERIFY
select SPL_IMAGE_SIGN_INFO

View file

@ -8,7 +8,6 @@ ifndef CONFIG_SPL_BUILD
obj-y += init/
obj-y += main.o
obj-y += exports.o
obj-$(CONFIG_HASH) += hash.o
obj-$(CONFIG_HUSH_PARSER) += cli_hush.o
obj-$(CONFIG_AUTOBOOT) += autoboot.o
@ -66,8 +65,6 @@ ifdef CONFIG_SPL_BUILD
ifdef CONFIG_SPL_DFU
obj-$(CONFIG_DFU_OVER_USB) += dfu.o
endif
obj-$(CONFIG_SPL_HASH_SUPPORT) += hash.o
obj-$(CONFIG_TPL_HASH_SUPPORT) += hash.o
obj-$(CONFIG_SPL_LOAD_FIT) += common_fit.o
obj-$(CONFIG_SPL_NET_SUPPORT) += miiphyutil.o
obj-$(CONFIG_$(SPL_TPL_)OF_LIBFDT) += fdt_support.o
@ -105,6 +102,7 @@ endif
endif
obj-y += image.o
obj-$(CONFIG_$(SPL_TPL_)HASH) += hash.o
obj-$(CONFIG_ANDROID_AB) += android_ab.o
obj-$(CONFIG_ANDROID_BOOT_IMAGE) += image-android.o image-android-dt.o
obj-$(CONFIG_$(SPL_TPL_)OF_LIBFDT) += image-fdt.o

View file

@ -207,12 +207,25 @@ static int hash_finish_crc32(struct hash_algo *algo, void *ctx, void *dest_buf,
return 0;
}
#ifdef USE_HOSTCC
# define I_WANT_MD5 1
#else
# define I_WANT_MD5 CONFIG_IS_ENABLED(MD5)
#endif
/*
* These are the hash algorithms we support. If we have hardware acceleration
* is enable we will use that, otherwise a software version of the algorithm.
* Note that algorithm names must be in lower case.
*/
static struct hash_algo hash_algo[] = {
#if I_WANT_MD5
{
.name = "md5",
.digest_size = MD5_SUM_LEN,
.chunk_size = CHUNKSZ_MD5,
.hash_func_ws = md5_wd,
},
#endif
#ifdef CONFIG_SHA1
{
.name = "sha1",

View file

@ -1193,6 +1193,12 @@ int fit_set_timestamp(void *fit, int noffset, time_t timestamp)
return 0;
}
static void crc32_uimage_fixup(void *value)
{
/* TODO: In C, this type punning is undefined behavior: */
*((uint32_t *)value) = cpu_to_uimage(*((uint32_t *)value));
}
/**
* calculate_hash - calculate and return hash for provided input data
* @data: pointer to the input data
@ -1211,37 +1217,24 @@ int fit_set_timestamp(void *fit, int noffset, time_t timestamp)
* 0, on success
* -1, when algo is unsupported
*/
int calculate_hash(const void *data, int data_len, const char *algo,
int calculate_hash(const void *data, int data_len, const char *name,
uint8_t *value, int *value_len)
{
if (IMAGE_ENABLE_CRC32 && strcmp(algo, "crc32") == 0) {
*((uint32_t *)value) = crc32_wd(0, data, data_len,
CHUNKSZ_CRC32);
*((uint32_t *)value) = cpu_to_uimage(*((uint32_t *)value));
*value_len = 4;
} else if (CONFIG_IS_ENABLED(SHA1) && strcmp(algo, "sha1") == 0) {
sha1_csum_wd((unsigned char *)data, data_len,
(unsigned char *)value, CHUNKSZ_SHA1);
*value_len = 20;
} else if (CONFIG_IS_ENABLED(SHA256) && strcmp(algo, "sha256") == 0) {
sha256_csum_wd((unsigned char *)data, data_len,
(unsigned char *)value, CHUNKSZ_SHA256);
*value_len = SHA256_SUM_LEN;
} else if (CONFIG_IS_ENABLED(SHA384) && strcmp(algo, "sha384") == 0) {
sha384_csum_wd((unsigned char *)data, data_len,
(unsigned char *)value, CHUNKSZ_SHA384);
*value_len = SHA384_SUM_LEN;
} else if (CONFIG_IS_ENABLED(SHA512) && strcmp(algo, "sha512") == 0) {
sha512_csum_wd((unsigned char *)data, data_len,
(unsigned char *)value, CHUNKSZ_SHA512);
*value_len = SHA512_SUM_LEN;
} else if (IMAGE_ENABLE_MD5 && strcmp(algo, "md5") == 0) {
md5_wd((unsigned char *)data, data_len, value, CHUNKSZ_MD5);
*value_len = 16;
} else {
struct hash_algo *algo;
int ret;
ret = hash_lookup_algo(name, &algo);
if (ret < 0) {
debug("Unsupported hash alogrithm\n");
return -1;
}
algo->hash_func_ws(data, data_len, value, algo->chunk_size);
*value_len = algo->digest_size;
if (!strcmp(name, "crc32"))
crc32_uimage_fixup(value);
return 0;
}

View file

@ -439,48 +439,6 @@ config SPL_MD5
applications where images may be changed maliciously, you should
consider SHA256 or SHA384.
config SPL_FIT_SHA1
bool "Support SHA1"
depends on SPL_FIT
select SHA1
help
Enable this to support SHA1 in FIT images within SPL. A SHA1
checksum is a 160-bit (20-byte) hash value used to check that the
image contents have not been corrupted or maliciously altered.
While SHA1 is fairly secure it is coming to the end of its life
due to the expanding computing power available to brute-force
attacks. For more security, consider SHA256 or SHA384.
config SPL_FIT_SHA256
bool "Support SHA256"
depends on SPL_FIT
select SHA256
help
Enable this to support SHA256 in FIT images within SPL. A SHA256
checksum is a 256-bit (32-byte) hash value used to check that the
image contents have not been corrupted.
config SPL_FIT_SHA384
bool "Support SHA384"
depends on SPL_FIT
select SHA384
select SHA512_ALGO
help
Enable this to support SHA384 in FIT images within SPL. A SHA384
checksum is a 384-bit (48-byte) hash value used to check that the
image contents have not been corrupted. Use this for the highest
security.
config SPL_FIT_SHA512
bool "Support SHA512"
depends on SPL_FIT
select SHA512
select SHA512_ALGO
help
Enable this to support SHA512 in FIT images within SPL. A SHA512
checksum is a 512-bit (64-byte) hash value used to check that the
image contents have not been corrupted.
config SPL_FIT_IMAGE_TINY
bool "Remove functionality from SPL FIT loading to reduce size"
depends on SPL_FIT
@ -519,27 +477,6 @@ config SPL_CRYPTO
this option to build the drivers in drivers/crypto as part of an
SPL build.
config SPL_HASH_SUPPORT
bool "Support hashing drivers"
select SHA1
select SHA256
help
Enable hashing drivers in SPL. These drivers can be used to
accelerate secure boot processing in secure applications. Enable
this option to build system-specific drivers for hash acceleration
as part of an SPL build.
config TPL_HASH_SUPPORT
bool "Support hashing drivers in TPL"
depends on TPL
select SHA1
select SHA256
help
Enable hashing drivers in SPL. These drivers can be used to
accelerate secure boot processing in secure applications. Enable
this option to build system-specific drivers for hash acceleration
as part of an SPL build.
config SPL_DMA
bool "Support DMA drivers"
help
@ -1235,7 +1172,7 @@ config SPL_USB_ETHER
config SPL_DFU
bool "Support DFU (Device Firmware Upgrade)"
select SPL_HASH_SUPPORT
select SPL_HASH
select SPL_DFU_NO_RESET
depends on SPL_RAM_SUPPORT
help

View file

@ -31,7 +31,6 @@ CONFIG_SPL_FSL_PBL=y
CONFIG_SYS_MMCSD_RAW_MODE_U_BOOT_USE_SECTOR=y
CONFIG_SYS_MMCSD_RAW_MODE_U_BOOT_SECTOR=0xe8
CONFIG_SPL_CRYPTO=y
CONFIG_SPL_HASH_SUPPORT=y
CONFIG_SPL_ENV_SUPPORT=y
CONFIG_SPL_I2C=y
CONFIG_SPL_MPC8XXX_INIT_DDR_SUPPORT=y

View file

@ -27,7 +27,6 @@ CONFIG_SPL_FSL_PBL=y
CONFIG_SYS_MMCSD_RAW_MODE_U_BOOT_USE_SECTOR=y
CONFIG_SYS_MMCSD_RAW_MODE_U_BOOT_SECTOR=0xf0
CONFIG_SPL_CRYPTO=y
CONFIG_SPL_HASH_SUPPORT=y
CONFIG_SPL_ENV_SUPPORT=y
CONFIG_SPL_MPC8XXX_INIT_DDR_SUPPORT=y
CONFIG_SPL_NAND_SUPPORT=y

View file

@ -27,7 +27,6 @@ CONFIG_SPL_FSL_PBL=y
CONFIG_SYS_MMCSD_RAW_MODE_U_BOOT_USE_SECTOR=y
CONFIG_SYS_MMCSD_RAW_MODE_U_BOOT_SECTOR=0x110
CONFIG_SPL_CRYPTO=y
CONFIG_SPL_HASH_SUPPORT=y
CONFIG_SPL_ENV_SUPPORT=y
CONFIG_SPL_MPC8XXX_INIT_DDR_SUPPORT=y
CONFIG_SPL_WATCHDOG=y

View file

@ -27,7 +27,6 @@ CONFIG_SPL_FSL_PBL=y
CONFIG_SYS_MMCSD_RAW_MODE_U_BOOT_USE_SECTOR=y
CONFIG_SYS_MMCSD_RAW_MODE_U_BOOT_SECTOR=0x110
CONFIG_SPL_CRYPTO=y
CONFIG_SPL_HASH_SUPPORT=y
CONFIG_SPL_ENV_SUPPORT=y
CONFIG_SPL_I2C=y
CONFIG_SPL_MPC8XXX_INIT_DDR_SUPPORT=y

View file

@ -33,7 +33,6 @@ CONFIG_MISC_INIT_R=y
CONFIG_SYS_MMCSD_RAW_MODE_U_BOOT_USE_SECTOR=y
CONFIG_SYS_MMCSD_RAW_MODE_U_BOOT_SECTOR=0x8b0
CONFIG_SPL_CRYPTO=y
CONFIG_SPL_HASH_SUPPORT=y
CONFIG_SPL_ENV_SUPPORT=y
CONFIG_SPL_I2C=y
CONFIG_SPL_MPC8XXX_INIT_DDR_SUPPORT=y

View file

@ -13,7 +13,7 @@ CONFIG_DEBUG_UART_CLOCK=26000000
# CONFIG_PSCI_RESET is not set
CONFIG_DEBUG_UART=y
CONFIG_FIT=y
# CONFIG_FIT_SHA256 is not set
# CONFIG_SHA256 is not set
# CONFIG_ARCH_FIXUP_FDT_MEMORY is not set
CONFIG_DEFAULT_FDT_FILE="mt8516-pumpkin"
# CONFIG_DISPLAY_BOARDINFO is not set

View file

@ -1,6 +1,8 @@
config FSL_CAAM
bool "Freescale Crypto Driver Support"
select SHA_HW_ACCEL
# hw_sha1() under drivers/crypto, and needed with SHA_HW_ACCEL
imply SPL_CRYPTO if (ARM && SPL)
imply CMD_HASH
help
Enables the Freescale's Cryptographic Accelerator and Assurance

View file

@ -258,7 +258,7 @@
#if defined(CONFIG_SPL_BUILD) && defined(CONFIG_SPL_DFU)
# define CONFIG_SPL_ENV_SUPPORT
# define CONFIG_SPL_HASH_SUPPORT
# define CONFIG_SPL_HASH
# define CONFIG_ENV_MAX_ENTRIES 10
#endif

View file

@ -31,9 +31,7 @@ struct fdt_region;
#define IMAGE_ENABLE_OF_LIBFDT 1
#define CONFIG_FIT_VERBOSE 1 /* enable fit_format_{error,warning}() */
#define CONFIG_FIT_RSASSA_PSS 1
#define CONFIG_FIT_SHA256
#define CONFIG_FIT_SHA384
#define CONFIG_FIT_SHA512
#define CONFIG_MD5
#define CONFIG_SHA1
#define CONFIG_SHA256
#define CONFIG_SHA384
@ -62,26 +60,6 @@ struct fdt_region;
#include <hash.h>
#include <linux/libfdt.h>
#include <fdt_support.h>
# ifdef CONFIG_SPL_BUILD
# ifdef CONFIG_SPL_CRC32
# define IMAGE_ENABLE_CRC32 1
# endif
# ifdef CONFIG_SPL_MD5
# define IMAGE_ENABLE_MD5 1
# endif
# else
# define IMAGE_ENABLE_CRC32 1
# define IMAGE_ENABLE_MD5 1
# endif
#ifndef IMAGE_ENABLE_CRC32
#define IMAGE_ENABLE_CRC32 0
#endif
#ifndef IMAGE_ENABLE_MD5
#define IMAGE_ENABLE_MD5 0
#endif
#endif /* IMAGE_ENABLE_FIT */
#ifdef CONFIG_SYS_BOOT_GET_CMDLINE

View file

@ -8,6 +8,8 @@
#include "compiler.h"
#define MD5_SUM_LEN 16
struct MD5Context {
__u32 buf[4];
__u32 bits[2];
@ -28,7 +30,7 @@ void md5 (unsigned char *input, int len, unsigned char output[16]);
* 'output' must have enough space to hold 16 bytes. If 'chunk' Trigger the
* watchdog every 'chunk_sz' bytes of input processed.
*/
void md5_wd (unsigned char *input, int len, unsigned char output[16],
unsigned int chunk_sz);
void md5_wd(const unsigned char *input, unsigned int len,
unsigned char output[16], unsigned int chunk_sz);
#endif /* _MD5_H */

View file

@ -375,14 +375,9 @@ config SHA256
The SHA256 algorithm produces a 256-bit (32-byte) hash value
(digest).
config SHA512_ALGO
bool "Enable SHA512 algorithm"
help
This option enables support of internal SHA512 algorithm.
config SHA512
bool "Enable SHA512 support"
depends on SHA512_ALGO
help
This option enables support of hashing using SHA512 algorithm.
The hash is calculated in software.
@ -391,10 +386,11 @@ config SHA512
config SHA384
bool "Enable SHA384 support"
depends on SHA512_ALGO
select SHA512
help
This option enables support of hashing using SHA384 algorithm.
The hash is calculated in software.
The hash is calculated in software. This is also selects SHA512,
because these implementations share the bulk of the code..
The SHA384 algorithm produces a 384-bit (48-byte) hash value
(digest).
@ -409,7 +405,7 @@ if SHA_HW_ACCEL
config SHA512_HW_ACCEL
bool "Enable hardware acceleration for SHA512"
depends on SHA512_ALGO
depends on SHA512
help
This option enables hardware acceleration for the SHA384 and SHA512
hashing algorithms. This affects the 'hash' command and also the

View file

@ -65,7 +65,7 @@ obj-$(CONFIG_$(SPL_)RSA) += rsa/
obj-$(CONFIG_HASH) += hash-checksum.o
obj-$(CONFIG_SHA1) += sha1.o
obj-$(CONFIG_SHA256) += sha256.o
obj-$(CONFIG_SHA512_ALGO) += sha512.o
obj-$(CONFIG_SHA512) += sha512.o
obj-$(CONFIG_CRYPT_PW) += crypt/
obj-$(CONFIG_$(SPL_)ZLIB) += zlib/
@ -87,7 +87,7 @@ endif
ifdef CONFIG_SPL_BUILD
obj-$(CONFIG_SPL_YMODEM_SUPPORT) += crc16.o
obj-$(CONFIG_$(SPL_TPL_)HASH_SUPPORT) += crc16.o
obj-$(CONFIG_$(SPL_TPL_)HASH) += crc16.o
obj-y += net_utils.o
endif
obj-$(CONFIG_ADDR_MAP) += addr_map.o

View file

@ -20,7 +20,7 @@ config CRYPT_PW_SHA256
config CRYPT_PW_SHA512
bool "Provide sha512crypt"
select SHA512
select SHA512_ALGO
select SHA512
help
Enables support for the sha512crypt password-hashing algorithm.
The prefix is "$6$".

View file

@ -323,7 +323,7 @@ config EFI_TCG2_PROTOCOL
depends on TPM_V2
select SHA1
select SHA256
select SHA512_ALGO
select SHA512
select SHA384
select SHA512
select HASH

View file

@ -284,12 +284,12 @@ md5 (unsigned char *input, int len, unsigned char output[16])
* watchdog every 'chunk_sz' bytes of input processed.
*/
void
md5_wd (unsigned char *input, int len, unsigned char output[16],
md5_wd(const unsigned char *input, unsigned int len, unsigned char output[16],
unsigned int chunk_sz)
{
struct MD5Context context;
#if defined(CONFIG_HW_WATCHDOG) || defined(CONFIG_WATCHDOG)
unsigned char *end, *curr;
const unsigned char *end, *curr;
int chunk;
#endif

View file

@ -320,7 +320,6 @@ void sha384_csum_wd(const unsigned char *input, unsigned int ilen,
#endif
#if defined(CONFIG_SHA512)
void sha512_starts(sha512_context * ctx)
{
ctx->state[0] = SHA512_H0;
@ -381,4 +380,3 @@ void sha512_csum_wd(const unsigned char *input, unsigned int ilen,
sha512_finish(&ctx, output);
}
#endif