From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-15.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER, INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 4D80EC48BDF for ; Tue, 15 Jun 2021 23:34:25 +0000 (UTC) Received: from phobos.denx.de (phobos.denx.de [85.214.62.61]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 0E39261245 for ; Tue, 15 Jun 2021 23:34:23 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 0E39261245 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=linaro.org Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 3F06682928; Wed, 16 Jun 2021 01:34:21 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.b="gvNguZC2"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 33C228291A; Wed, 16 Jun 2021 01:34:19 +0200 (CEST) Received: from mail-pf1-x42e.google.com (mail-pf1-x42e.google.com [IPv6:2607:f8b0:4864:20::42e]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 5D57A81671 for ; Wed, 16 Jun 2021 01:34:15 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=takahiro.akashi@linaro.org Received: by mail-pf1-x42e.google.com with SMTP id x16so653105pfa.13 for ; Tue, 15 Jun 2021 16:34:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=date:from:to:cc:subject:message-id:mail-followup-to:references :mime-version:content-disposition:in-reply-to; bh=hB2htU+FOpT05SqKLDGgadmYVIcVCc25J6MGJnsgiEg=; b=gvNguZC2OjzRQcFj8YaMa7b6M7Z34bKRPLC+4x/qb9PWwZTUisNMdFZQlUTOMJxYZ4 zFFh0RMOCeE+xWWV6N1LNvwRQ1WomO+0BlHS9nMz9X1OEGb9SkW6WFKthl3x7WHXcQzv HIRrmu5JgmokmXaIaa9Bb5V0oOYSDMJ/xPoHVMIq7NqBnnNhQV2c6WO1sHg/34QPiPKi JYHiHzF8gWIKSPhDcBBfJQ0+ENYK1Xr9Y9MSZm17511lN/VHcMUy/HNhJhRuwpX7DGeU iNMyD6aIMhIYIXhZFj+FDop5up88Kcv5mvFBttpYaQoT6ppZ2NY37IUvTcYyXhlOY+MQ ksKQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id :mail-followup-to:references:mime-version:content-disposition :in-reply-to; bh=hB2htU+FOpT05SqKLDGgadmYVIcVCc25J6MGJnsgiEg=; b=rB9Z4OSvlo4aMuEfN34UuSm+FRKQBT+ydIhS9gm1208a7dkfJQqAEwDyBF2ciQIp1s 1DWTw7WbmRj0FsJDrcMBY/PeYbwjGPIzJ+28gFm4T8p77kwX7i95rCf3ybLaqUx89Aqa Tx1nv64QrI2PpHodPqvYp4XVKRUmyeEbWXDDZJaqqoLmMg1SgHXn/0sPiZ7JG09r9vPQ FIgIlhb3WZ10dbPLSDQhobi58AlDumGvI7SuauKpxmlJ3ZD5Q64XuYlq6MoA0sIItsMC NNILCl7M/QHfJwYFk44HX+YeYgyZTeigsOcgIMrRZEtFtEGrj8b8jxEPjcJ4HTl1k/HI OaHg== X-Gm-Message-State: AOAM5323FHccvpvnzhxEfw7+dbHHP5h7WuS9Bjr3FtYkH9DDy5PY4yKc enCwWd1izNuakb446YNz5YE/3Q== X-Google-Smtp-Source: ABdhPJzLRnicwXhliYCgJnLqrqDzhI1B8PZU84l5J5LOZeu1BPUfNJKoQXwD/SAHE0JoWkv9mVEqtA== X-Received: by 2002:a63:d053:: with SMTP id s19mr1991014pgi.326.1623800053322; Tue, 15 Jun 2021 16:34:13 -0700 (PDT) Received: from laputa (p3dd30534.tkyea130.ap.so-net.ne.jp. [61.211.5.52]) by smtp.gmail.com with ESMTPSA id r9sm201194pfq.158.2021.06.15.16.34.11 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 15 Jun 2021 16:34:12 -0700 (PDT) Date: Wed, 16 Jun 2021 08:34:09 +0900 From: AKASHI Takahiro To: Alexandru Gagniuc Cc: u-boot@lists.denx.de, sjg@chromium.org, trini@konsulko.com Subject: Re: [PATCH] tools: Use a single target-independent config to enable OpenSSL Message-ID: <20210615233409.GA39672@laputa> Mail-Followup-To: AKASHI Takahiro , Alexandru Gagniuc , u-boot@lists.denx.de, sjg@chromium.org, trini@konsulko.com References: <20210524202317.1492578-1-mr.nuke.me@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20210524202317.1492578-1-mr.nuke.me@gmail.com> X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.34 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.2 at phobos.denx.de X-Virus-Status: Clean A gentle ping. What is the current review status? Who will take care of this patch? -Takahiro Akashi On Mon, May 24, 2021 at 03:23:17PM -0500, Alexandru Gagniuc wrote: > Host tool features, such as mkimage's ability to sign FIT images were > enabled or disabled based on the target configuration. However, this > misses the point of a target-agnostic host tool. > > A target's ability to verify FIT signatures is independent of > mkimage's ability to create those signatures. In fact, u-boot's build > system doesn't sign images. The target code can be successfully built > without relying on any ability to sign such code. > > Conversely, mkimage's ability to sign images does not require that > those images will only work on targets which support FIT verification. > Linking mkimage cryptographic features to target support for FIT > verification is misguided. > > Without loss of generality, we can say that host features are and > should be independent of target features. > > While we prefer that a host tool always supports the same feature set, > we recognize the following > - some users prefer to build u-boot without a dependency on OpenSSL. > - some distros prefer to ship mkimage without linking to OpenSSL > > To allow these use cases, introduce a host-only Kconfig which is used > to select or deselect libcrypto support. Some mkimage features or some > host tools might not be available, but this shouldn't affect the > u-boot build. > > I also considered setting the default of this config based on > FIT_SIGNATURE. While it would preserve the old behaviour it's also > contrary to the goals of this change. I decided to enable it by > default, so that the default build yields the most feature-complete > mkimage. > > Signed-off-by: Alexandru Gagniuc > --- > > This patch is designed to apply on top of > [PATCH v2 00/18] image: Reduce #ifdef abuse in image code > > > > tools/Kconfig | 11 +++++++++++ > tools/Makefile | 46 ++++++++++++++++++++++++++++++---------------- > 2 files changed, 41 insertions(+), 16 deletions(-) > > diff --git a/tools/Kconfig b/tools/Kconfig > index b2f5012240..214932ae30 100644 > --- a/tools/Kconfig > +++ b/tools/Kconfig > @@ -9,4 +9,15 @@ config MKIMAGE_DTC_PATH > some cases the system dtc may not support all required features > and the path to a different version should be given here. > > +config TOOLS_USE_LIBCRYPTO > + bool "Use OpenSSL's libcrypto library for host tools" > + default y > + help > + Cryptographic signature, verification, and encryption of images is > + provided by host tools using OpenSSL's libcrypto. Select 'n' here if > + you wish to build host tools without OpenSSL. mkimage will not have > + the ability to sign images. > + This selection does not affect target features, such as runtime FIT > + signature verification. > + > endmenu > diff --git a/tools/Makefile b/tools/Makefile > index 722355e984..1f30a06cce 100644 > --- a/tools/Makefile > +++ b/tools/Makefile > @@ -3,6 +3,25 @@ > # (C) Copyright 2000-2006 > # Wolfgang Denk, DENX Software Engineering, wd@denx.de. > > +# A note on target vs host configuration: > +# > +# Host tools can be used across multiple targets, or different configurations > +# of the same target. Thus, host tools must be able to handle any combination > +# of target configurations. To prevent having different variations of the same > +# tool, the tool build options may not depend on target configuration. > +# > +# Some linux distributions package these utilities as u-boot-tools, and it > +# would be unmaintainable to have a different tool variation for each > +# arch or configuration. > +# > +# A couple of simple rules: > +# > +# 1) Do not use target CONFIG_* options to enable or disable features in host > +# tools. Only use the configs from tools/Kconfig > +# 2) It's okay to use target configs to disable building specific tools. > +# That's as long as the features of those tools aren't modified. > +# > + > # Enable all the config-independent tools > ifneq ($(HOST_TOOLS_ALL),) > CONFIG_ARCH_KIRKWOOD = y > @@ -53,30 +72,30 @@ hostprogs-y += mkenvimage > mkenvimage-objs := mkenvimage.o os_support.o lib/crc32.o > > hostprogs-y += dumpimage mkimage > -hostprogs-$(CONFIG_FIT_SIGNATURE) += fit_info fit_check_sign > +hostprogs-$(CONFIG_TOOLS_USE_LIBCRYPTO) += fit_info fit_check_sign > > hostprogs-$(CONFIG_CMD_BOOTEFI_SELFTEST) += file2include > > FIT_OBJS-$(CONFIG_FIT) := fit_common.o fit_image.o image-host.o common/image-fit.o > -FIT_SIG_OBJS-$(CONFIG_FIT_SIGNATURE) := image-sig-host.o common/image-fit-sig.o > -FIT_CIPHER_OBJS-$(CONFIG_FIT_CIPHER) := common/image-cipher.o > +FIT_SIG_OBJS-$(CONFIG_TOOLS_USE_LIBCRYPTO) := image-sig-host.o common/image-fit-sig.o > +FIT_CIPHER_OBJS-$(CONFIG_TOOLS_USE_LIBCRYPTO) := common/image-cipher.o > > # The following files are synced with upstream DTC. > # Use synced versions from scripts/dtc/libfdt/. > LIBFDT_OBJS := $(addprefix libfdt/, fdt.o fdt_ro.o fdt_wip.o fdt_sw.o fdt_rw.o \ > fdt_strerror.o fdt_empty_tree.o fdt_addresses.o fdt_overlay.o) > > -RSA_OBJS-$(CONFIG_FIT_SIGNATURE) := $(addprefix lib/rsa/, \ > +RSA_OBJS-$(CONFIG_TOOLS_USE_LIBCRYPTO) := $(addprefix lib/rsa/, \ > rsa-sign.o rsa-verify.o \ > rsa-mod-exp.o) > > -ECDSA_OBJS-$(CONFIG_FIT_SIGNATURE) := $(addprefix lib/ecdsa/, ecdsa-libcrypto.o) > +ECDSA_OBJS-$(CONFIG_TOOLS_USE_LIBCRYPTO) := $(addprefix lib/ecdsa/, ecdsa-libcrypto.o) > > -AES_OBJS-$(CONFIG_FIT_CIPHER) := $(addprefix lib/aes/, \ > +AES_OBJS-$(CONFIG_TOOLS_USE_LIBCRYPTO) := $(addprefix lib/aes/, \ > aes-encrypt.o aes-decrypt.o) > > # Cryptographic helpers that depend on openssl/libcrypto > -LIBCRYPTO_OBJS-$(CONFIG_FIT_SIGNATURE) := $(addprefix lib/, \ > +LIBCRYPTO_OBJS-$(CONFIG_TOOLS_USE_LIBCRYPTO) := $(addprefix lib/, \ > fdt-libcrypto.o) > > ROCKCHIP_OBS = lib/rc4.o rkcommon.o rkimage.o rksd.o rkspi.o > @@ -136,22 +155,17 @@ fit_info-objs := $(dumpimage-mkimage-objs) fit_info.o > fit_check_sign-objs := $(dumpimage-mkimage-objs) fit_check_sign.o > file2include-objs := file2include.o > > -ifneq ($(CONFIG_MX23)$(CONFIG_MX28)$(CONFIG_FIT_SIGNATURE),) > +ifneq ($(CONFIG_MX23)$(CONFIG_MX28)$(CONFIG_TOOLS_USE_LIBCRYPTO),) > # Add CONFIG_MXS into host CFLAGS, so we can check whether or not register > # the mxsimage support within tools/mxsimage.c . > HOSTCFLAGS_mxsimage.o += -DCONFIG_MXS > endif > > -ifdef CONFIG_FIT_SIGNATURE > +ifdef CONFIG_TOOLS_USE_LIBCRYPTO > # This affects include/image.h, but including the board config file > # is tricky, so manually define this options here. > HOST_EXTRACFLAGS += -DCONFIG_FIT_SIGNATURE > -HOST_EXTRACFLAGS += -DCONFIG_FIT_SIGNATURE_MAX_SIZE=$(CONFIG_FIT_SIGNATURE_MAX_SIZE) > -endif > - > -ifdef CONFIG_FIT_CIPHER > -# This affects include/image.h, but including the board config file > -# is tricky, so manually define this options here. > +HOST_EXTRACFLAGS += -DCONFIG_FIT_SIGNATURE_MAX_SIZE=0xffffffff > HOST_EXTRACFLAGS += -DCONFIG_FIT_CIPHER > endif > > @@ -164,7 +178,7 @@ HOSTCFLAGS_kwbimage.o += -DCONFIG_KWB_SECURE > endif > > # MXSImage needs LibSSL > -ifneq ($(CONFIG_MX23)$(CONFIG_MX28)$(CONFIG_ARMADA_38X)$(CONFIG_FIT_SIGNATURE)$(CONFIG_FIT_CIPHER),) > +ifneq ($(CONFIG_MX23)$(CONFIG_MX28)$(CONFIG_ARMADA_38X)$(CONFIG_TOOLS_USE_LIBCRYPTO),) > HOSTCFLAGS_kwbimage.o += \ > $(shell pkg-config --cflags libssl libcrypto 2> /dev/null || echo "") > HOSTLDLIBS_mkimage += \ > -- > 2.31.1 >