me
/
guix
Archived
1
0
Fork 0
Code

gnu: u-boot: Update to 2021.10. 

* gnu/packages/bootloaders.scm (%u-boot-allow-disabling-openssl-patch): New variable.
  (u-boot): Update to 2021.10.
  Add patch fixing build without openssl.
  (u-boot-qemu-riscv64-smode):
  Add patch fixing build without openssl.
  (u-boot-tools): Adjust phases to disable CONFIG_TOOLS_LIBCRYPTO.
  (make-u-boot-package): Add phase disabling CONFIG_TOOLS_LIBCRYPTO.
* gnu/packages/patches/u-boot-allow-disabling-openssl.patch: New patch.
* gnu/local.mk (dist_patch_DATA): Add patch.
master
Vagrant Cascadian 2021-10-22 18:03:59 -07:00
parent efe0c3d759
commit 65be27dcfd
No known key found for this signature in database
GPG Key ID: DC518FC87F9716AA
3 changed files with 182 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
gnu/local.mk
View File

@ -1837,6 +1837,7 @@ dist_patch_DATA = \
%D%/packages/patches/tup-unbundle-dependencies.patch \
%D%/packages/patches/tuxpaint-stamps-path.patch \
%D%/packages/patches/twinkle-bcg729.patch \
%D%/packages/patches/u-boot-allow-disabling-openssl.patch \
%D%/packages/patches/u-boot-nintendo-nes-serial.patch \
%D%/packages/patches/u-boot-rockchip-inno-usb.patch \
%D%/packages/patches/u-boot-sifive-prevent-reloc-initrd-fdt.patch \

21
gnu/packages/bootloaders.scm
View File

@ -499,13 +499,19 @@ tree binary files. These are board description files used by Linux and BSD.")
;; https://bugs.launchpad.net/ubuntu/+source/u-boot/+bug/1937246
(search-patch "u-boot-sifive-prevent-reloc-initrd-fdt.patch"))
(define %u-boot-allow-disabling-openssl-patch
;; Fixes build of u-boot 2021.10 without openssl
;; https://lists.denx.de/pipermail/u-boot/2021-October/462728.html
(search-patch "u-boot-allow-disabling-openssl.patch"))
(define u-boot
(package
(name "u-boot")
(version "2021.07")
(version "2021.10")
(source (origin
(patches
(list %u-boot-rockchip-inno-usb-patch
%u-boot-allow-disabling-openssl-patch
%u-boot-sifive-prevent-relocating-initrd-fdt))
(method url-fetch)
(uri (string-append
@ -513,7 +519,7 @@ tree binary files. These are board description files used by Linux and BSD.")
"u-boot-" version ".tar.bz2"))
(sha256
(base32
"0zm7igkdnz0w4ir8rfl2dislfrl0ip104grs5hvd30a5wkm7wari"))))
"1m0bvwv8r62s4wk4w3cmvs888dhv9gnfa98dczr4drk2jbhj7ryd"))))
(native-inputs
`(("bc" ,bc)
("bison" ,bison)
@ -585,7 +591,7 @@ def test_ctrl_c"))
;; See https://bugs.gnu.org/34717 for
;; details.
(("CONFIG_FIT_SIGNATURE=y")
"CONFIG_FIT_SIGNATURE=n\nCONFIG_UT_LIB_ASN1=n")
"CONFIG_FIT_SIGNATURE=n\nCONFIG_UT_LIB_ASN1=n\nCONFIG_TOOLS_LIBCRYPTO=n")
;; This test requires a sound system, which is un-used
;; in u-boot-tools.
(("CONFIG_SOUND=y") "CONFIG_SOUND=n")))
@ -684,6 +690,12 @@ board-independent tools.")))
suffix-len))))
(sort entries string-ci<)))
(error "Invalid boardname ~s." ,board))))))
(add-after 'configure 'disable-tools-libcrypto
;; Disable libcrypto due to GPL and OpenSSL license
;; incompatibilities
(lambda _
(substitute* ".config"
(("CONFIG_TOOLS_LIBCRYPTO=.*$") "CONFIG_TOOLS_LIBCRYPTO=n"))))
(replace 'install
(lambda* (#:key outputs #:allow-other-keys)
(let* ((out (assoc-ref outputs "out"))
@ -895,7 +907,8 @@ to Novena upstream, does not load u-boot.img from the first partition.")
(source (origin
(inherit (package-source u-boot))
(patches
(search-patches "u-boot-riscv64-fix-extlinux.patch")))))))
(search-patches "u-boot-riscv64-fix-extlinux.patch"
%u-boot-allow-disabling-openssl-patch)))))))
(define-public u-boot-sifive-unleashed
(make-u-boot-package "sifive_unleashed" "riscv64-linux-gnu"))

164
gnu/packages/patches/u-boot-allow-disabling-openssl.patch 100644
View File

@ -0,0 +1,164 @@
From f060e90d148270307228315e2759a0065ec1d796 Mon Sep 17 00:00:00 2001
From: Vagrant Cascadian <vagrant@debian.org>
Date: Fri, 22 Oct 2021 17:34:53 -0700
Subject: [PATCH] Revert "tools: kwbimage: Do not hide usage of secure header
under CONFIG_ARMADA_38X"
This reverts commit b4f3cc2c42d97967a3a3c8796c340f6b07ecccac.
---
tools/Makefile | 8 ++++++++
tools/kwbimage.c | 22 ++++++++++++++++++++++
2 files changed, 30 insertions(+)
diff --git a/tools/Makefile b/tools/Makefile
index 4a86321f64..9517f203fd 100644
--- a/tools/Makefile
+++ b/tools/Makefile
@@ -169,6 +169,14 @@ HOST_EXTRACFLAGS += -DCONFIG_FIT_SIGNATURE_MAX_SIZE=0xffffffff
HOST_EXTRACFLAGS += -DCONFIG_FIT_CIPHER
endif
+ifneq ($(CONFIG_SYS_U_BOOT_OFFS),)
+HOSTCFLAGS_kwbimage.o += -DCONFIG_SYS_U_BOOT_OFFS=$(CONFIG_SYS_U_BOOT_OFFS)
+endif
+
+ifneq ($(CONFIG_ARMADA_38X),)
+HOSTCFLAGS_kwbimage.o += -DCONFIG_KWB_SECURE
+endif
+
# MXSImage needs LibSSL
ifneq ($(CONFIG_MX23)$(CONFIG_MX28)$(CONFIG_ARMADA_38X)$(CONFIG_TOOLS_LIBCRYPTO),)
HOSTCFLAGS_kwbimage.o += \
diff --git a/tools/kwbimage.c b/tools/kwbimage.c
index d200ff2425..23d6be3c9a 100644
--- a/tools/kwbimage.c
+++ b/tools/kwbimage.c
@@ -14,6 +14,7 @@
#include <stdint.h>
#include "kwbimage.h"
+#ifdef CONFIG_KWB_SECURE
#include <openssl/bn.h>
#include <openssl/rsa.h>
#include <openssl/pem.h>
@@ -39,10 +40,13 @@ void EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx)
EVP_MD_CTX_reset(ctx);
}
#endif
+#endif
static struct image_cfg_element *image_cfg;
static int cfgn;
+#ifdef CONFIG_KWB_SECURE
static int verbose_mode;
+#endif
struct boot_mode {
unsigned int id;
@@ -237,6 +241,8 @@ image_count_options(unsigned int optiontype)
return count;
}
+#if defined(CONFIG_KWB_SECURE)
+
static int image_get_csk_index(void)
{
struct image_cfg_element *e;
@@ -259,6 +265,8 @@ static bool image_get_spezialized_img(void)
return e->sec_specialized_img;
}
+#endif
+
/*
* Compute a 8-bit checksum of a memory area. This algorithm follows
* the requirements of the Marvell SoC BootROM specifications.
@@ -353,6 +361,7 @@ static uint8_t baudrate_to_option(unsigned int baudrate)
}
}
+#if defined(CONFIG_KWB_SECURE)
static void kwb_msg(const char *fmt, ...)
{
if (verbose_mode) {
@@ -847,6 +856,8 @@ done:
return ret;
}
+#endif
+
static void *image_create_v0(size_t *imagesz, struct image_tool_params *params,
int payloadsz)
{
@@ -977,11 +988,13 @@ static size_t image_headersz_v1(int *hasext)
*hasext = 1;
}
+#if defined(CONFIG_KWB_SECURE)
if (image_get_csk_index() >= 0) {
headersz += sizeof(struct secure_hdr_v1);
if (hasext)
*hasext = 1;
}
+#endif
/*
* The payload should be aligned on some reasonable
@@ -1058,6 +1071,8 @@ err_close:
return -1;
}
+#if defined(CONFIG_KWB_SECURE)
+
int export_pub_kak_hash(RSA *kak, struct secure_hdr_v1 *secure_hdr)
{
FILE *hashf;
@@ -1170,6 +1185,7 @@ int add_secure_header_v1(struct image_tool_params *params, uint8_t *ptr,
return 0;
}
+#endif
static void *image_create_v1(size_t *imagesz, struct image_tool_params *params,
uint8_t *ptr, int payloadsz)
@@ -1177,7 +1193,9 @@ static void *image_create_v1(size_t *imagesz, struct image_tool_params *params,
struct image_cfg_element *e;
struct main_hdr_v1 *main_hdr;
struct register_set_hdr_v1 *register_set_hdr;
+#if defined(CONFIG_KWB_SECURE)
struct secure_hdr_v1 *secure_hdr = NULL;
+#endif
size_t headersz;
uint8_t *image, *cur;
int hasext = 0;
@@ -1253,6 +1271,7 @@ static void *image_create_v1(size_t *imagesz, struct image_tool_params *params,
if (main_hdr->blockid == IBR_HDR_PEX_ID)
main_hdr->srcaddr = cpu_to_le32(0xFFFFFFFF);
+#if defined(CONFIG_KWB_SECURE)
if (image_get_csk_index() >= 0) {
/*
* only reserve the space here; we fill the header later since
@@ -1263,6 +1282,7 @@ static void *image_create_v1(size_t *imagesz, struct image_tool_params *params,
*next_ext = 1;
next_ext = &secure_hdr->next;
}
+#endif
datai = 0;
register_set_hdr = (struct register_set_hdr_v1 *)cur;
@@ -1310,9 +1330,11 @@ static void *image_create_v1(size_t *imagesz, struct image_tool_params *params,
return NULL;
}
+#if defined(CONFIG_KWB_SECURE)
if (secure_hdr && add_secure_header_v1(params, ptr, payloadsz,
headersz, image, secure_hdr))
return NULL;
+#endif
/* Calculate and set the header checksum */
main_hdr->checksum = image_checksum8(main_hdr, headersz);
--
2.30.2