diff mbox series

[v5,2/8] lib: rsa: take spl/non-spl into account when building rsa_verify_with_pkey()

Message ID 20200522141937.3523692-2-heiko@sntech.de
State New
Headers show
Series [v5,1/8] lib: rsa: distinguish between tpl and spl for CONFIG_RSA_VERIFY | expand

Commit Message

Heiko Stübner May 22, 2020, 2:19 p.m. UTC
From: Heiko Stuebner <heiko.stuebner at theobroma-systems.com>

Right now in multiple places there are only checks for the full
CONFIG_RSA_VERIFY_WITH_PKEY option, not split into main,spl,tpl variants.

This breaks when the rsa functions get enabled for SPL, for example to
verify u-boot proper from spl.

So fix this by using the existing helpers to distinguis between
build-steps.

Signed-off-by: Heiko Stuebner <heiko.stuebner at theobroma-systems.com>
---
changes in v5:
- include the additional config-check that landed in patch 1/8
  in v4
changes in v3.1:
- drop changeid
changes in v3:
- new patch with another build issue

 lib/rsa/Makefile     | 2 +-
 lib/rsa/rsa-verify.c | 6 +++---
 2 files changed, 3 insertions(+), 3 deletions(-)

Comments

Heiko Stübner May 25, 2020, 5:18 p.m. UTC | #1
Am Freitag, 22. Mai 2020, 16:19:31 CEST schrieb Heiko Stuebner:
> From: Heiko Stuebner <heiko.stuebner at theobroma-systems.com>
> 
> Right now in multiple places there are only checks for the full
> CONFIG_RSA_VERIFY_WITH_PKEY option, not split into main,spl,tpl variants.
> 
> This breaks when the rsa functions get enabled for SPL, for example to
> verify u-boot proper from spl.
> 
> So fix this by using the existing helpers to distinguis between
> build-steps.
> 
> Signed-off-by: Heiko Stuebner <heiko.stuebner at theobroma-systems.com>

transplanting a tag from v4:
Reviewed-by: Philipp Tomsich <philipp.tomsich at theobroma-systems.com>
diff mbox series

Patch

diff --git a/lib/rsa/Makefile b/lib/rsa/Makefile
index c61ebfd79e..8b75d41f04 100644
--- a/lib/rsa/Makefile
+++ b/lib/rsa/Makefile
@@ -6,5 +6,5 @@ 
 # Wolfgang Denk, DENX Software Engineering, wd at denx.de.
 
 obj-$(CONFIG_$(SPL_TPL_)RSA_VERIFY) += rsa-verify.o rsa-checksum.o
-obj-$(CONFIG_RSA_VERIFY_WITH_PKEY) += rsa-keyprop.o
+obj-$(CONFIG_$(SPL_TPL_)RSA_VERIFY_WITH_PKEY) += rsa-keyprop.o
 obj-$(CONFIG_RSA_SOFTWARE_EXP) += rsa-mod-exp.o
diff --git a/lib/rsa/rsa-verify.c b/lib/rsa/rsa-verify.c
index a19867742f..048f1ab789 100644
--- a/lib/rsa/rsa-verify.c
+++ b/lib/rsa/rsa-verify.c
@@ -285,7 +285,7 @@  out:
 }
 #endif
 
-#if CONFIG_IS_ENABLED(FIT_SIGNATURE) || IS_ENABLED(CONFIG_RSA_VERIFY_WITH_PKEY)
+#if CONFIG_IS_ENABLED(FIT_SIGNATURE) || CONFIG_IS_ENABLED(RSA_VERIFY_WITH_PKEY)
 /**
  * rsa_verify_key() - Verify a signature against some data using RSA Key
  *
@@ -359,7 +359,7 @@  static int rsa_verify_key(struct image_sign_info *info,
 }
 #endif
 
-#ifdef CONFIG_RSA_VERIFY_WITH_PKEY
+#if CONFIG_IS_ENABLED(RSA_VERIFY_WITH_PKEY)
 /**
  * rsa_verify_with_pkey() - Verify a signature against some data using
  * only modulus and exponent as RSA key properties.
@@ -492,7 +492,7 @@  int rsa_verify(struct image_sign_info *info,
 		return -EINVAL;
 	}
 
-	if (IS_ENABLED(CONFIG_RSA_VERIFY_WITH_PKEY) && !info->fdt_blob) {
+	if (CONFIG_IS_ENABLED(RSA_VERIFY_WITH_PKEY) && !info->fdt_blob) {
 		/* don't rely on fdt properties */
 		ret = rsa_verify_with_pkey(info, hash, sig, sig_len);