Refactor IMAGE_ENABLE_VERIFY to handle builds without SPL verification

If building with SPL_LOAD_FIT_FULL and FIT_SIGNATURE, but without SPL_FIT_SIGNATURE then the build fails with: common/built-in.o: In function `fit_image_verify_with_data': common/image-fit.c:1220: undefined reference to `fit_image_verify_required_sigs' common/image-fit.c:1244: undefined reference to `fit_image_check_sig' common/built-in.o: In function `fit_image_load': common/image-fit.c:1857: undefined reference to `fit_config_verify' Refactor so that host builds still depend on FIT_SIGNATURE, but target builds check FIT_SIGNATURE/SPL_FIT_SIGNATURE dependent on the build. Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com> Reviewed-by: Simon Glass <sjg@chromium.org>
2024-06-09 23:36:03 +09:00 · 2019-04-18 20:34:55 +00:00 · 2019-04-18 20:34:55 +00:00 · 89665f2eb1
commit 89665f2eb1
parent 86f578ee85
1 changed files with 6 additions and 6 deletions
--- a/include/image.h
+++ b/include/image.h
@ -1072,18 +1072,18 @@ int calculate_hash(const void *data, int data_len, const char *algo,
 * At present we only support signing on the host, and verification on the
 * device
 */
-#if defined(CONFIG_FIT_SIGNATURE)
-# ifdef USE_HOSTCC
+#if defined(USE_HOSTCC)
+# if defined(CONFIG_FIT_SIGNATURE)
 #  define IMAGE_ENABLE_SIGN	1
 #  define IMAGE_ENABLE_VERIFY	1
-# include  <openssl/evp.h>
-#else
+#  include <openssl/evp.h>
+# else
 #  define IMAGE_ENABLE_SIGN	0
-#  define IMAGE_ENABLE_VERIFY	1
+#  define IMAGE_ENABLE_VERIFY	0
 # endif
 #else
 # define IMAGE_ENABLE_SIGN	0
-# define IMAGE_ENABLE_VERIFY	0
+# define IMAGE_ENABLE_VERIFY	CONFIG_IS_ENABLED(FIT_SIGNATURE)
 #endif

 #ifdef USE_HOSTCC