Re: [PATCH v2 16/50] image: Add Kconfig options for FIT in the host build

[Alex G]

On 5/17/21 8:23 PM, AKASHI Takahiro wrote:

On Mon, May 17, 2021 at 05:29:44PM -0500, Alex G. wrote:

On 5/12/21 12:14 PM, Tom Rini wrote:

On Wed, May 12, 2021 at 11:19:52AM -0500, Alex G. wrote:



On 5/12/21 10:52 AM, Simon Glass wrote:


[snip]


We have a NO_SDL build-time control. Perhaps have a NO_SSL one as well?


It could be a config option instead of an environment variable. I think it
can be independent of target options, since we don't sign images in the
buildsystem anyway -- we can enable FIT verification, but mkimage without
openssl.


As people point out from time to time, "NO_SDL" is very non-obvious and
doesn't fit with how the rest of U-Boot is configured.  So I would
rather not see NO_SSL added.


FYI, I have a proof-of-concept for the NO_SSL idea using Kconfig [1] instead
of environment variahles. It's not yet ready for publication.

[1] 
https://github.com/mrnuke/u-boot/commit/c054c546a8de54e41d3802fe60ad9389095e673b



FYI,
I have posted a patch[1] for a similar *signing* tool using OpenSSL.
Basically, I'd like to follow the way agreed here about how OpenSSL
be handled in host tools.
So please keep in mind that there can be another use case of this kind
of host Kconfig option.

[1] https://lists.denx.de/pipermail/u-boot/2021-May/449572.html


I can't ask you to change your patch based on my ideas, as I my changes 
have not yet been submitted for review. However, should you want to 
anticipate, make sure that there's one and only one variable that 
determines if OpenSSL is linked.


I also suspect Tom would be quite thrilled if your patch started using 
gnutls instead of openssl. I'm not sure how sane things would look 
having both gnutls and openssl dependencies; however, I suspect it might 
be acceptable as long as it's temporary.


These decisions haven't been made yet. I don't want to send you on a 
wild goose refactoring chase, only to have the rug pulled from under you 
later. I think it's okay to continue with your patch as submitted. I'll 
update my patch accordingly when yours gets merged first -- looks easy 
enough.


Alex

Re: [PATCH v2 16/50] image: Add Kconfig options for FIT in the host build

[AKASHI Takahiro]

On Mon, May 17, 2021 at 05:29:44PM -0500, Alex G. wrote:
> On 5/12/21 12:14 PM, Tom Rini wrote:
> > On Wed, May 12, 2021 at 11:19:52AM -0500, Alex G. wrote:
> > > 
> > > 
> > > On 5/12/21 10:52 AM, Simon Glass wrote:
> 
> [snip]
> 
> > > > We have a NO_SDL build-time control. Perhaps have a NO_SSL one as well?
> > > 
> > > It could be a config option instead of an environment variable. I think it
> > > can be independent of target options, since we don't sign images in the
> > > buildsystem anyway -- we can enable FIT verification, but mkimage without
> > > openssl.
> > 
> > As people point out from time to time, "NO_SDL" is very non-obvious and
> > doesn't fit with how the rest of U-Boot is configured.  So I would
> > rather not see NO_SSL added.
> 
> FYI, I have a proof-of-concept for the NO_SSL idea using Kconfig [1] instead
> of environment variahles. It's not yet ready for publication.
> 
> [1] 
> https://github.com/mrnuke/u-boot/commit/c054c546a8de54e41d3802fe60ad9389095e673b


FYI,
I have posted a patch[1] for a similar *signing* tool using OpenSSL.
Basically, I'd like to follow the way agreed here about how OpenSSL
be handled in host tools.
So please keep in mind that there can be another use case of this kind
of host Kconfig option.

[1] https://lists.denx.de/pipermail/u-boot/2021-May/449572.html

-Takahiro Akashi

> 
> > Frankly, given everything else that's
> > needed to build today, I don't think just enabling the support for
> > verified boot in mkimage by default and making it a bit odd to turn off
> > is a problem.  But given:
> > https://lists.denx.de/pipermail/u-boot/2017-December/313742.html
> > I would really like to see the switch to gnutls or some other clearly
> > compatibly licensed library first.
> 
> Might be interesting to switch to gnutls, even if only because it doesn't
> burn your eyes looking at function names and variable types. I wouldn't mind
> looking into this, but I just don't have the bandwidth nowadays.
> 
> Alex

Re: [PATCH v2 16/50] image: Add Kconfig options for FIT in the host build

[Alex G.]

On 5/12/21 12:14 PM, Tom Rini wrote:

On Wed, May 12, 2021 at 11:19:52AM -0500, Alex G. wrote:



On 5/12/21 10:52 AM, Simon Glass wrote:


[snip]


We have a NO_SDL build-time control. Perhaps have a NO_SSL one as well?


It could be a config option instead of an environment variable. I think it
can be independent of target options, since we don't sign images in the
buildsystem anyway -- we can enable FIT verification, but mkimage without
openssl.


As people point out from time to time, "NO_SDL" is very non-obvious and
doesn't fit with how the rest of U-Boot is configured.  So I would
rather not see NO_SSL added. 


FYI, I have a proof-of-concept for the NO_SSL idea using Kconfig [1] 
instead of environment variahles. It's not yet ready for publication.


[1] 
https://github.com/mrnuke/u-boot/commit/c054c546a8de54e41d3802fe60ad9389095e673b




Frankly, given everything else that's
needed to build today, I don't think just enabling the support for
verified boot in mkimage by default and making it a bit odd to turn off
is a problem.  But given:
https://lists.denx.de/pipermail/u-boot/2017-December/313742.html
I would really like to see the switch to gnutls or some other clearly
compatibly licensed library first.


Might be interesting to switch to gnutls, even if only because it 
doesn't burn your eyes looking at function names and variable types. I 
wouldn't mind looking into this, but I just don't have the bandwidth 
nowadays.


Alex

Re: [PATCH v2 16/50] image: Add Kconfig options for FIT in the host build

[Simon Glass]

Hi Alex,

On Fri, 14 May 2021 at 09:12, Alex G.  wrote:
>
>
>
> On 5/13/21 6:56 PM, Simon Glass wrote:
> > Hi Alex,
> >
> > On Thu, 13 May 2021 at 10:21, Alex G.  wrote:
> >>
> >>
> >>
> >> On 5/12/21 12:30 PM, Simon Glass wrote:
> >>> Hi Alex,
> >>>
> >>> On Wed, 12 May 2021 at 10:18, Alex G.  wrote:
> 
> 
> 
>  On 5/12/21 10:54 AM, Simon Glass wrote:
> > Hi Alex,
> >
> > On Wed, 12 May 2021 at 09:48, Alex G.  wrote:
> >>
> >>
> >>
> >> On 5/12/21 9:51 AM, Simon Glass wrote:
> >>> Hi Alex,
> >>>
> >>> On Tue, 11 May 2021 at 13:57, Alex G.  wrote:
> 
>  On 5/6/21 9:24 AM, Simon Glass wrote:
> >>
> >> [snip]
> >>
> 
> > +
> > +config HOST_FIT_PRINT
> > + def_bool y
> > + help
> > +   Print the content of the FIT verbosely in the host build
> 
>  This option also doesn't make sense.This seems to do what 'mkimage 
>  -l'
>  already supports.
> >>>
> >>> Are you sure you have looked at the goal of the CONFIG_IS_ENABLED()
> >>> changes? This is here purely to avoid #ifdefs in the share code.
> >>
> >> On the one hand, we have the cosmetic inconvenience caused by #ifdefs.
> >> On the other hand we have the config system. To most users, the config
> >> system is likely more visible, while it's mostly developers who will
> >> ever see the ifdefs.
> >>
> >> Therefore, in order to get the developer convenience of less ifdefs, we
> >> have to sacrifice user convenience by cloberring the Kconfig options. I
> >> think this is back-to-front.
> >
> > These Kconfig options are not visible to users. They cannot be updated
> > in defconfig, nor in 'make menuconfig', etc. They are purely there for
> > the build system.
> >
> >>
> >> Can we reduce the host config count to just SLL/NOSSL?
> >
> > The point here is that the code has a special case for host builds,
> > and this is a means to remove that special case and make the code
> > easier to maintain and follow.
> 
>  I understand where you're coming from. Without these changes, the code
>  knows what it should and should not do, correct? My argument is that if
>  the code has the logic to do the correct thing, that logic should not be
>  split with the config system.
> 
>  I agree with the goal of reducing clutter in the source code. I disagree
>  with this specific course of fixing it. Instead, I propose a single
>  kconfig for host tools for SSL on/off.
> 
>  The disadvantage of my proposal is that we have to refactor the common
>  code in a way consistent with the goals, instead of just changing some
>  #ifdefs to if(CONFIG_IS_ENABLED()). I admit that, off the top of my
>  head, I don't have a detailed plan on how to achieve this.
> >>>
> >>> You are mostly describing the status quo, so far as I understand it.
> >>> The problem is with the code that is built for both boards and tools.
> >>> For boards, we want this code to be compiled conditionally, depending
> >>> on what options are enabled. For tools, we want the code to be
> >>> compiled unconditionally.
> >>>
> >>> I can think of only three ways to do this:
> >>>
> >>> - status quo (add #ifdefs USE_HOSTCC wherever we need to)
> >>> - my series (make use of hidden Kconfig options to avoid that)
> >>> - put every single feature and associated lines of code in separate
> >>> files and compile them conditionally for boards, but always for tools
> >>>
> >>> I believe the last option is actually impossible, or at least
> >>> impractical. It would cause an explosion of source files to deal with
> >>> all the various combinations, and would be quite painful to maintain
> >>> also.
> >>
> >> I don't think the status quo is such a terrible solution, so I am
> >> looking at the aspects that can benefit from improvement. Hence why it
> >> may appear I am talking about the status quo.
> >>
> >> Let's assume CONFIG_IS_ENABLED() returns true on host builds, and for
> >> those cases where you need to know if IS_HOST_BUILD(), there's a macro
> >> for that. You have the oddball case that uses a CONFIG_ value that's
> >> only defined on the target, and those you would have to split according
> >> to your option #3.
> >>
> >> I don't think the above is as dire an explosion in source files as it 
> >> seems.
> >>
> >> Another point of contention is checksum_algos and crypto_algos arrays
> >> image-sig.c. On the target side, these should be in .u-boot-list. Status
> >> quo is the definition of rsa_verify is hidden behind #if macros, which
> >> just pushes the complexity out into the rsa.h headers.
> >>
> >> The two ideas here are CONFIG_IS_ENABLED() returns true for host code,
> >> and image-sig.c is split bwtween host and target versions, the target
> >> version making use of .uboot-list. Using these as the starting 

Re: [PATCH v2 16/50] image: Add Kconfig options for FIT in the host build

[Alex G.]

On 5/13/21 6:56 PM, Simon Glass wrote:

Hi Alex,

On Thu, 13 May 2021 at 10:21, Alex G.  wrote:




On 5/12/21 12:30 PM, Simon Glass wrote:

Hi Alex,

On Wed, 12 May 2021 at 10:18, Alex G.  wrote:




On 5/12/21 10:54 AM, Simon Glass wrote:

Hi Alex,

On Wed, 12 May 2021 at 09:48, Alex G.  wrote:




On 5/12/21 9:51 AM, Simon Glass wrote:

Hi Alex,

On Tue, 11 May 2021 at 13:57, Alex G.  wrote:


On 5/6/21 9:24 AM, Simon Glass wrote:


[snip]




+
+config HOST_FIT_PRINT
+ def_bool y
+ help
+   Print the content of the FIT verbosely in the host build


This option also doesn't make sense.This seems to do what 'mkimage -l'
already supports.


Are you sure you have looked at the goal of the CONFIG_IS_ENABLED()
changes? This is here purely to avoid #ifdefs in the share code.


On the one hand, we have the cosmetic inconvenience caused by #ifdefs.
On the other hand we have the config system. To most users, the config
system is likely more visible, while it's mostly developers who will
ever see the ifdefs.

Therefore, in order to get the developer convenience of less ifdefs, we
have to sacrifice user convenience by cloberring the Kconfig options. I
think this is back-to-front.


These Kconfig options are not visible to users. They cannot be updated
in defconfig, nor in 'make menuconfig', etc. They are purely there for
the build system.



Can we reduce the host config count to just SLL/NOSSL?


The point here is that the code has a special case for host builds,
and this is a means to remove that special case and make the code
easier to maintain and follow.


I understand where you're coming from. Without these changes, the code
knows what it should and should not do, correct? My argument is that if
the code has the logic to do the correct thing, that logic should not be
split with the config system.

I agree with the goal of reducing clutter in the source code. I disagree
with this specific course of fixing it. Instead, I propose a single
kconfig for host tools for SSL on/off.

The disadvantage of my proposal is that we have to refactor the common
code in a way consistent with the goals, instead of just changing some
#ifdefs to if(CONFIG_IS_ENABLED()). I admit that, off the top of my
head, I don't have a detailed plan on how to achieve this.


You are mostly describing the status quo, so far as I understand it.
The problem is with the code that is built for both boards and tools.
For boards, we want this code to be compiled conditionally, depending
on what options are enabled. For tools, we want the code to be
compiled unconditionally.

I can think of only three ways to do this:

- status quo (add #ifdefs USE_HOSTCC wherever we need to)
- my series (make use of hidden Kconfig options to avoid that)
- put every single feature and associated lines of code in separate
files and compile them conditionally for boards, but always for tools

I believe the last option is actually impossible, or at least
impractical. It would cause an explosion of source files to deal with
all the various combinations, and would be quite painful to maintain
also.


I don't think the status quo is such a terrible solution, so I am
looking at the aspects that can benefit from improvement. Hence why it
may appear I am talking about the status quo.

Let's assume CONFIG_IS_ENABLED() returns true on host builds, and for
those cases where you need to know if IS_HOST_BUILD(), there's a macro
for that. You have the oddball case that uses a CONFIG_ value that's
only defined on the target, and those you would have to split according
to your option #3.

I don't think the above is as dire an explosion in source files as it seems.

Another point of contention is checksum_algos and crypto_algos arrays
image-sig.c. On the target side, these should be in .u-boot-list. Status
quo is the definition of rsa_verify is hidden behind #if macros, which
just pushes the complexity out into the rsa.h headers.

The two ideas here are CONFIG_IS_ENABLED() returns true for host code,
and image-sig.c is split bwtween host and target versions, the target
version making use of .uboot-list. Using these as the starting points, I
think we can get to a much better solution


I did consider simply defining CONFIG_IS_ENABLED() to true for the
host, but rejected that because I worried it would break down at some
point. Examples I can think of at the moment:

- conflicting or alternative options (OF_LIVE, OF_HOST_FILE, OF_SEPARATE)
- code that is not actually wanted on the host (WATCHDOG,
NEEDS_MANUAL_RELOC, FPGA)
- code that we want on the host but not the board (so we end up with a
dummy CONFIG for the boards?)
- all the SPL / TPL / VPL options which would always end up being
true, when in fact we probably want none of them

I think you should more clearly explain your objection to the hidden
Kconfig options, since your original reason ("clobbering the Kconfig
space") doesn't seem to have survived further analysis.


I thought it to have been already explained 

Re: [PATCH v2 16/50] image: Add Kconfig options for FIT in the host build

[Simon Glass]

Hi Alex,

On Thu, 13 May 2021 at 10:21, Alex G.  wrote:
>
>
>
> On 5/12/21 12:30 PM, Simon Glass wrote:
> > Hi Alex,
> >
> > On Wed, 12 May 2021 at 10:18, Alex G.  wrote:
> >>
> >>
> >>
> >> On 5/12/21 10:54 AM, Simon Glass wrote:
> >>> Hi Alex,
> >>>
> >>> On Wed, 12 May 2021 at 09:48, Alex G.  wrote:
> 
> 
> 
>  On 5/12/21 9:51 AM, Simon Glass wrote:
> > Hi Alex,
> >
> > On Tue, 11 May 2021 at 13:57, Alex G.  wrote:
> >>
> >> On 5/6/21 9:24 AM, Simon Glass wrote:
> 
>  [snip]
> 
> >>
> >>> +
> >>> +config HOST_FIT_PRINT
> >>> + def_bool y
> >>> + help
> >>> +   Print the content of the FIT verbosely in the host build
> >>
> >> This option also doesn't make sense.This seems to do what 'mkimage -l'
> >> already supports.
> >
> > Are you sure you have looked at the goal of the CONFIG_IS_ENABLED()
> > changes? This is here purely to avoid #ifdefs in the share code.
> 
>  On the one hand, we have the cosmetic inconvenience caused by #ifdefs.
>  On the other hand we have the config system. To most users, the config
>  system is likely more visible, while it's mostly developers who will
>  ever see the ifdefs.
> 
>  Therefore, in order to get the developer convenience of less ifdefs, we
>  have to sacrifice user convenience by cloberring the Kconfig options. I
>  think this is back-to-front.
> >>>
> >>> These Kconfig options are not visible to users. They cannot be updated
> >>> in defconfig, nor in 'make menuconfig', etc. They are purely there for
> >>> the build system.
> >>>
> 
>  Can we reduce the host config count to just SLL/NOSSL?
> >>>
> >>> The point here is that the code has a special case for host builds,
> >>> and this is a means to remove that special case and make the code
> >>> easier to maintain and follow.
> >>
> >> I understand where you're coming from. Without these changes, the code
> >> knows what it should and should not do, correct? My argument is that if
> >> the code has the logic to do the correct thing, that logic should not be
> >> split with the config system.
> >>
> >> I agree with the goal of reducing clutter in the source code. I disagree
> >> with this specific course of fixing it. Instead, I propose a single
> >> kconfig for host tools for SSL on/off.
> >>
> >> The disadvantage of my proposal is that we have to refactor the common
> >> code in a way consistent with the goals, instead of just changing some
> >> #ifdefs to if(CONFIG_IS_ENABLED()). I admit that, off the top of my
> >> head, I don't have a detailed plan on how to achieve this.
> >
> > You are mostly describing the status quo, so far as I understand it.
> > The problem is with the code that is built for both boards and tools.
> > For boards, we want this code to be compiled conditionally, depending
> > on what options are enabled. For tools, we want the code to be
> > compiled unconditionally.
> >
> > I can think of only three ways to do this:
> >
> > - status quo (add #ifdefs USE_HOSTCC wherever we need to)
> > - my series (make use of hidden Kconfig options to avoid that)
> > - put every single feature and associated lines of code in separate
> > files and compile them conditionally for boards, but always for tools
> >
> > I believe the last option is actually impossible, or at least
> > impractical. It would cause an explosion of source files to deal with
> > all the various combinations, and would be quite painful to maintain
> > also.
>
> I don't think the status quo is such a terrible solution, so I am
> looking at the aspects that can benefit from improvement. Hence why it
> may appear I am talking about the status quo.
>
> Let's assume CONFIG_IS_ENABLED() returns true on host builds, and for
> those cases where you need to know if IS_HOST_BUILD(), there's a macro
> for that. You have the oddball case that uses a CONFIG_ value that's
> only defined on the target, and those you would have to split according
> to your option #3.
>
> I don't think the above is as dire an explosion in source files as it seems.
>
> Another point of contention is checksum_algos and crypto_algos arrays
> image-sig.c. On the target side, these should be in .u-boot-list. Status
> quo is the definition of rsa_verify is hidden behind #if macros, which
> just pushes the complexity out into the rsa.h headers.
>
> The two ideas here are CONFIG_IS_ENABLED() returns true for host code,
> and image-sig.c is split bwtween host and target versions, the target
> version making use of .uboot-list. Using these as the starting points, I
> think we can get to a much better solution

I did consider simply defining CONFIG_IS_ENABLED() to true for the
host, but rejected that because I worried it would break down at some
point. Examples I can think of at the moment:

- conflicting or alternative options (OF_LIVE, OF_HOST_FILE, OF_SEPARATE)
- code that is not actually wanted on the host (WATCHDOG,

Re: [PATCH v2 16/50] image: Add Kconfig options for FIT in the host build

[Alex G.]

On 5/12/21 12:30 PM, Simon Glass wrote:

Hi Alex,

On Wed, 12 May 2021 at 10:18, Alex G.  wrote:




On 5/12/21 10:54 AM, Simon Glass wrote:

Hi Alex,

On Wed, 12 May 2021 at 09:48, Alex G.  wrote:




On 5/12/21 9:51 AM, Simon Glass wrote:

Hi Alex,

On Tue, 11 May 2021 at 13:57, Alex G.  wrote:


On 5/6/21 9:24 AM, Simon Glass wrote:


[snip]




+
+config HOST_FIT_PRINT
+ def_bool y
+ help
+   Print the content of the FIT verbosely in the host build


This option also doesn't make sense.This seems to do what 'mkimage -l'
already supports.


Are you sure you have looked at the goal of the CONFIG_IS_ENABLED()
changes? This is here purely to avoid #ifdefs in the share code.


On the one hand, we have the cosmetic inconvenience caused by #ifdefs.
On the other hand we have the config system. To most users, the config
system is likely more visible, while it's mostly developers who will
ever see the ifdefs.

Therefore, in order to get the developer convenience of less ifdefs, we
have to sacrifice user convenience by cloberring the Kconfig options. I
think this is back-to-front.


These Kconfig options are not visible to users. They cannot be updated
in defconfig, nor in 'make menuconfig', etc. They are purely there for
the build system.



Can we reduce the host config count to just SLL/NOSSL?


The point here is that the code has a special case for host builds,
and this is a means to remove that special case and make the code
easier to maintain and follow.


I understand where you're coming from. Without these changes, the code
knows what it should and should not do, correct? My argument is that if
the code has the logic to do the correct thing, that logic should not be
split with the config system.

I agree with the goal of reducing clutter in the source code. I disagree
with this specific course of fixing it. Instead, I propose a single
kconfig for host tools for SSL on/off.

The disadvantage of my proposal is that we have to refactor the common
code in a way consistent with the goals, instead of just changing some
#ifdefs to if(CONFIG_IS_ENABLED()). I admit that, off the top of my
head, I don't have a detailed plan on how to achieve this.


You are mostly describing the status quo, so far as I understand it.
The problem is with the code that is built for both boards and tools.
For boards, we want this code to be compiled conditionally, depending
on what options are enabled. For tools, we want the code to be
compiled unconditionally.

I can think of only three ways to do this:

- status quo (add #ifdefs USE_HOSTCC wherever we need to)
- my series (make use of hidden Kconfig options to avoid that)
- put every single feature and associated lines of code in separate
files and compile them conditionally for boards, but always for tools

I believe the last option is actually impossible, or at least
impractical. It would cause an explosion of source files to deal with
all the various combinations, and would be quite painful to maintain
also.


I don't think the status quo is such a terrible solution, so I am 
looking at the aspects that can benefit from improvement. Hence why it 
may appear I am talking about the status quo.


Let's assume CONFIG_IS_ENABLED() returns true on host builds, and for 
those cases where you need to know if IS_HOST_BUILD(), there's a macro 
for that. You have the oddball case that uses a CONFIG_ value that's 
only defined on the target, and those you would have to split according 
to your option #3.


I don't think the above is as dire an explosion in source files as it seems.

Another point of contention is checksum_algos and crypto_algos arrays 
image-sig.c. On the target side, these should be in .u-boot-list. Status 
quo is the definition of rsa_verify is hidden behind #if macros, which 
just pushes the complexity out into the rsa.h headers.


The two ideas here are CONFIG_IS_ENABLED() returns true for host code, 
and image-sig.c is split bwtween host and target versions, the target 
version making use of .uboot-list. Using these as the starting points, I 
think we can get to a much better solution


Alex

Re: [PATCH v2 16/50] image: Add Kconfig options for FIT in the host build

[Simon Glass]

Hi Alex,

On Wed, 12 May 2021 at 10:18, Alex G.  wrote:
>
>
>
> On 5/12/21 10:54 AM, Simon Glass wrote:
> > Hi Alex,
> >
> > On Wed, 12 May 2021 at 09:48, Alex G.  wrote:
> >>
> >>
> >>
> >> On 5/12/21 9:51 AM, Simon Glass wrote:
> >>> Hi Alex,
> >>>
> >>> On Tue, 11 May 2021 at 13:57, Alex G.  wrote:
> 
>  On 5/6/21 9:24 AM, Simon Glass wrote:
> >>
> >> [snip]
> >>
> 
> > +
> > +config HOST_FIT_PRINT
> > + def_bool y
> > + help
> > +   Print the content of the FIT verbosely in the host build
> 
>  This option also doesn't make sense.This seems to do what 'mkimage -l'
>  already supports.
> >>>
> >>> Are you sure you have looked at the goal of the CONFIG_IS_ENABLED()
> >>> changes? This is here purely to avoid #ifdefs in the share code.
> >>
> >> On the one hand, we have the cosmetic inconvenience caused by #ifdefs.
> >> On the other hand we have the config system. To most users, the config
> >> system is likely more visible, while it's mostly developers who will
> >> ever see the ifdefs.
> >>
> >> Therefore, in order to get the developer convenience of less ifdefs, we
> >> have to sacrifice user convenience by cloberring the Kconfig options. I
> >> think this is back-to-front.
> >
> > These Kconfig options are not visible to users. They cannot be updated
> > in defconfig, nor in 'make menuconfig', etc. They are purely there for
> > the build system.
> >
> >>
> >> Can we reduce the host config count to just SLL/NOSSL?
> >
> > The point here is that the code has a special case for host builds,
> > and this is a means to remove that special case and make the code
> > easier to maintain and follow.
>
> I understand where you're coming from. Without these changes, the code
> knows what it should and should not do, correct? My argument is that if
> the code has the logic to do the correct thing, that logic should not be
> split with the config system.
>
> I agree with the goal of reducing clutter in the source code. I disagree
> with this specific course of fixing it. Instead, I propose a single
> kconfig for host tools for SSL on/off.
>
> The disadvantage of my proposal is that we have to refactor the common
> code in a way consistent with the goals, instead of just changing some
> #ifdefs to if(CONFIG_IS_ENABLED()). I admit that, off the top of my
> head, I don't have a detailed plan on how to achieve this.

You are mostly describing the status quo, so far as I understand it.
The problem is with the code that is built for both boards and tools.
For boards, we want this code to be compiled conditionally, depending
on what options are enabled. For tools, we want the code to be
compiled unconditionally.

I can think of only three ways to do this:

- status quo (add #ifdefs USE_HOSTCC wherever we need to)
- my series (make use of hidden Kconfig options to avoid that)
- put every single feature and associated lines of code in separate
files and compile them conditionally for boards, but always for tools

I believe the last option is actually impossible, or at least
impractical. It would cause an explosion of source files to deal with
all the various combinations, and would be quite painful to maintain
also.

Regards,
SImon

Re: [PATCH v2 16/50] image: Add Kconfig options for FIT in the host build

[Tom Rini]

On Wed, May 12, 2021 at 11:19:52AM -0500, Alex G. wrote:
> 
> 
> On 5/12/21 10:52 AM, Simon Glass wrote:
> > Hi,
> > 
> > On Tue, 11 May 2021 at 19:10, Tom Rini  wrote:
> > > 
> > > On Tue, May 11, 2021 at 07:50:38PM -0500, Alex G. wrote:
> > > > On 5/11/21 5:34 PM, Tom Rini wrote:
> > > > > On Tue, May 11, 2021 at 02:57:03PM -0500, Alex G. wrote:
> > > > > > On 5/6/21 9:24 AM, Simon Glass wrote:
> > > > > > > In preparation for enabling CONFIG_IS_ENABLED() on the host 
> > > > > > > build, add
> > > > > > > some options to enable the various FIT options expected in these 
> > > > > > > tools.
> > > > > > > This will ensure that the code builds correctly when 
> > > > > > > CONFIG_HOST_xxx
> > > > > > > is distinct from CONFIG_xxx.
> > > > > > > 
> > > > > > > Signed-off-by: Simon Glass 
> > > > > > 
> > > > > > Reviewed-by: Alexandru Gagniuc 
> > > > > > 
> > > > > > This makes me wonder whether we should just always enable host 
> > > > > > features.
> > > > > > Right now, each defconfig can have a different mkimage config. So 
> > > > > > we should
> > > > > > really have mkimage-imx8, mkimage-stm32mp, etc, which support 
> > > > > > different
> > > > > > feature sets. This doesn't make much sense.
> > > > > > 
> > > > > > The alternative is to get rid of all these configs and always 
> > > > > > enable mkimage
> > > > > > features. The disadvantage is that we'd require openssl for 
> > > > > > building target
> > > > > > code.
> > > > > > 
> > > > > > A second alternative is to have a mkimage-nossl that gets built and 
> > > > > > used
> > > > > > when openssl isn't available. It's really just openssl that causes 
> > > > > > such a
> > > > > > schism.
> > > > > 
> > > > > It would probably be best to have a single mkimage for everyone, with
> > > > > everything on.  But before then we really need to move from openssl to
> > > > > gnutls or some other library that's compatible as it's been raised
> > > > > before that linking with openssl like we do is a license violation I
> > > > > believe.
> > > > 
> > > > How about the former alternative for now? i.e. compile mkimage with or
> > > > without openssl, and have that be the only host side switch.
> > > 
> > > That would be a step in the right direction, yeah.
> > 
> > We have a NO_SDL build-time control. Perhaps have a NO_SSL one as well?
> 
> It could be a config option instead of an environment variable. I think it
> can be independent of target options, since we don't sign images in the
> buildsystem anyway -- we can enable FIT verification, but mkimage without
> openssl.

As people point out from time to time, "NO_SDL" is very non-obvious and
doesn't fit with how the rest of U-Boot is configured.  So I would
rather not see NO_SSL added.  Frankly, given everything else that's
needed to build today, I don't think just enabling the support for
verified boot in mkimage by default and making it a bit odd to turn off
is a problem.  But given:
https://lists.denx.de/pipermail/u-boot/2017-December/313742.html
I would really like to see the switch to gnutls or some other clearly
compatibly licensed library first.

-- 
Tom


signature.asc
Description: PGP signature

Re: [PATCH v2 16/50] image: Add Kconfig options for FIT in the host build

[Alex G.]

On 5/12/21 10:52 AM, Simon Glass wrote:

Hi,

On Tue, 11 May 2021 at 19:10, Tom Rini  wrote:


On Tue, May 11, 2021 at 07:50:38PM -0500, Alex G. wrote:

On 5/11/21 5:34 PM, Tom Rini wrote:

On Tue, May 11, 2021 at 02:57:03PM -0500, Alex G. wrote:

On 5/6/21 9:24 AM, Simon Glass wrote:

In preparation for enabling CONFIG_IS_ENABLED() on the host build, add
some options to enable the various FIT options expected in these tools.
This will ensure that the code builds correctly when CONFIG_HOST_xxx
is distinct from CONFIG_xxx.

Signed-off-by: Simon Glass 


Reviewed-by: Alexandru Gagniuc 

This makes me wonder whether we should just always enable host features.
Right now, each defconfig can have a different mkimage config. So we should
really have mkimage-imx8, mkimage-stm32mp, etc, which support different
feature sets. This doesn't make much sense.

The alternative is to get rid of all these configs and always enable mkimage
features. The disadvantage is that we'd require openssl for building target
code.

A second alternative is to have a mkimage-nossl that gets built and used
when openssl isn't available. It's really just openssl that causes such a
schism.


It would probably be best to have a single mkimage for everyone, with
everything on.  But before then we really need to move from openssl to
gnutls or some other library that's compatible as it's been raised
before that linking with openssl like we do is a license violation I
believe.


How about the former alternative for now? i.e. compile mkimage with or
without openssl, and have that be the only host side switch.


That would be a step in the right direction, yeah.


We have a NO_SDL build-time control. Perhaps have a NO_SSL one as well?


It could be a config option instead of an environment variable. I think 
it can be independent of target options, since we don't sign images in 
the buildsystem anyway -- we can enable FIT verification, but mkimage 
without openssl.


Alex

Re: [PATCH v2 16/50] image: Add Kconfig options for FIT in the host build

[Alex G.]

On 5/12/21 10:54 AM, Simon Glass wrote:

Hi Alex,

On Wed, 12 May 2021 at 09:48, Alex G.  wrote:




On 5/12/21 9:51 AM, Simon Glass wrote:

Hi Alex,

On Tue, 11 May 2021 at 13:57, Alex G.  wrote:


On 5/6/21 9:24 AM, Simon Glass wrote:


[snip]




+
+config HOST_FIT_PRINT
+ def_bool y
+ help
+   Print the content of the FIT verbosely in the host build


This option also doesn't make sense.This seems to do what 'mkimage -l'
already supports.


Are you sure you have looked at the goal of the CONFIG_IS_ENABLED()
changes? This is here purely to avoid #ifdefs in the share code.


On the one hand, we have the cosmetic inconvenience caused by #ifdefs.
On the other hand we have the config system. To most users, the config
system is likely more visible, while it's mostly developers who will
ever see the ifdefs.

Therefore, in order to get the developer convenience of less ifdefs, we
have to sacrifice user convenience by cloberring the Kconfig options. I
think this is back-to-front.


These Kconfig options are not visible to users. They cannot be updated
in defconfig, nor in 'make menuconfig', etc. They are purely there for
the build system.



Can we reduce the host config count to just SLL/NOSSL?


The point here is that the code has a special case for host builds,
and this is a means to remove that special case and make the code
easier to maintain and follow.


I understand where you're coming from. Without these changes, the code 
knows what it should and should not do, correct? My argument is that if 
the code has the logic to do the correct thing, that logic should not be 
split with the config system.


I agree with the goal of reducing clutter in the source code. I disagree 
with this specific course of fixing it. Instead, I propose a single 
kconfig for host tools for SSL on/off.


The disadvantage of my proposal is that we have to refactor the common 
code in a way consistent with the goals, instead of just changing some 
#ifdefs to if(CONFIG_IS_ENABLED()). I admit that, off the top of my 
head, I don't have a detailed plan on how to achieve this.


Alex

Re: [PATCH v2 16/50] image: Add Kconfig options for FIT in the host build

[Simon Glass]

Hi Alex,

On Wed, 12 May 2021 at 09:48, Alex G.  wrote:
>
>
>
> On 5/12/21 9:51 AM, Simon Glass wrote:
> > Hi Alex,
> >
> > On Tue, 11 May 2021 at 13:57, Alex G.  wrote:
> >>
> >> On 5/6/21 9:24 AM, Simon Glass wrote:
>
> [snip]
>
> >>
> >>> +
> >>> +config HOST_FIT_PRINT
> >>> + def_bool y
> >>> + help
> >>> +   Print the content of the FIT verbosely in the host build
> >>
> >> This option also doesn't make sense.This seems to do what 'mkimage -l'
> >> already supports.
> >
> > Are you sure you have looked at the goal of the CONFIG_IS_ENABLED()
> > changes? This is here purely to avoid #ifdefs in the share code.
>
> On the one hand, we have the cosmetic inconvenience caused by #ifdefs.
> On the other hand we have the config system. To most users, the config
> system is likely more visible, while it's mostly developers who will
> ever see the ifdefs.
>
> Therefore, in order to get the developer convenience of less ifdefs, we
> have to sacrifice user convenience by cloberring the Kconfig options. I
> think this is back-to-front.

These Kconfig options are not visible to users. They cannot be updated
in defconfig, nor in 'make menuconfig', etc. They are purely there for
the build system.

>
> Can we reduce the host config count to just SLL/NOSSL?

The point here is that the code has a special case for host builds,
and this is a means to remove that special case and make the code
easier to maintain and follow.

Regards,
Simon

Re: [PATCH v2 16/50] image: Add Kconfig options for FIT in the host build

[Simon Glass]

Hi,

On Tue, 11 May 2021 at 19:10, Tom Rini  wrote:
>
> On Tue, May 11, 2021 at 07:50:38PM -0500, Alex G. wrote:
> > On 5/11/21 5:34 PM, Tom Rini wrote:
> > > On Tue, May 11, 2021 at 02:57:03PM -0500, Alex G. wrote:
> > > > On 5/6/21 9:24 AM, Simon Glass wrote:
> > > > > In preparation for enabling CONFIG_IS_ENABLED() on the host build, add
> > > > > some options to enable the various FIT options expected in these 
> > > > > tools.
> > > > > This will ensure that the code builds correctly when CONFIG_HOST_xxx
> > > > > is distinct from CONFIG_xxx.
> > > > >
> > > > > Signed-off-by: Simon Glass 
> > > >
> > > > Reviewed-by: Alexandru Gagniuc 
> > > >
> > > > This makes me wonder whether we should just always enable host features.
> > > > Right now, each defconfig can have a different mkimage config. So we 
> > > > should
> > > > really have mkimage-imx8, mkimage-stm32mp, etc, which support different
> > > > feature sets. This doesn't make much sense.
> > > >
> > > > The alternative is to get rid of all these configs and always enable 
> > > > mkimage
> > > > features. The disadvantage is that we'd require openssl for building 
> > > > target
> > > > code.
> > > >
> > > > A second alternative is to have a mkimage-nossl that gets built and used
> > > > when openssl isn't available. It's really just openssl that causes such 
> > > > a
> > > > schism.
> > >
> > > It would probably be best to have a single mkimage for everyone, with
> > > everything on.  But before then we really need to move from openssl to
> > > gnutls or some other library that's compatible as it's been raised
> > > before that linking with openssl like we do is a license violation I
> > > believe.
> >
> > How about the former alternative for now? i.e. compile mkimage with or
> > without openssl, and have that be the only host side switch.
>
> That would be a step in the right direction, yeah.

We have a NO_SDL build-time control. Perhaps have a NO_SSL one as well?

Regards,
Simon

Re: [PATCH v2 16/50] image: Add Kconfig options for FIT in the host build

[Alex G.]

On 5/12/21 9:51 AM, Simon Glass wrote:

Hi Alex,

On Tue, 11 May 2021 at 13:57, Alex G.  wrote:


On 5/6/21 9:24 AM, Simon Glass wrote:


[snip]




+
+config HOST_FIT_PRINT
+ def_bool y
+ help
+   Print the content of the FIT verbosely in the host build


This option also doesn't make sense.This seems to do what 'mkimage -l'
already supports.


Are you sure you have looked at the goal of the CONFIG_IS_ENABLED()
changes? This is here purely to avoid #ifdefs in the share code.


On the one hand, we have the cosmetic inconvenience caused by #ifdefs. 
On the other hand we have the config system. To most users, the config 
system is likely more visible, while it's mostly developers who will 
ever see the ifdefs.


Therefore, in order to get the developer convenience of less ifdefs, we 
have to sacrifice user convenience by cloberring the Kconfig options. I 
think this is back-to-front.


Can we reduce the host config count to just SLL/NOSSL?

Alex

Re: [PATCH v2 16/50] image: Add Kconfig options for FIT in the host build

[Simon Glass]

Hi Alex,

On Tue, 11 May 2021 at 13:57, Alex G.  wrote:
>
> On 5/6/21 9:24 AM, Simon Glass wrote:
> > In preparation for enabling CONFIG_IS_ENABLED() on the host build, add
> > some options to enable the various FIT options expected in these tools.
> > This will ensure that the code builds correctly when CONFIG_HOST_xxx
> > is distinct from CONFIG_xxx.
> >
> > Signed-off-by: Simon Glass 
>
> Reviewed-by: Alexandru Gagniuc 
>
> This makes me wonder whether we should just always enable host features.
> Right now, each defconfig can have a different mkimage config. So we
> should really have mkimage-imx8, mkimage-stm32mp, etc, which support
> different feature sets. This doesn't make much sense.

My intent is that we enable all features in host tools. For
distributions they build the tools-only config and make things work
that way. But perhaps we could avoid building the tools, or do it
separately, if there were no different between boards.

>
> The alternative is to get rid of all these configs and always enable
> mkimage features. The disadvantage is that we'd require openssl for
> building target code.
>
> A second alternative is to have a mkimage-nossl that gets built and used
> when openssl isn't available. It's really just openssl that causes such
> a schism.

Why is openssl such a problem?

>
> Alex
>
> > ---
> >
> > (no changes since v1)
> >
> >   common/image-fit-sig.c |  3 ++-
> >   common/image-fit.c |  4 ++--
> >   tools/Kconfig  | 25 +
> >   tools/Makefile | 18 +-
> >   4 files changed, 38 insertions(+), 12 deletions(-)
> >
> > diff --git a/common/image-fit-sig.c b/common/image-fit-sig.c
> > index 55ddf1879ed..12a6745c642 100644
> > --- a/common/image-fit-sig.c
> > +++ b/common/image-fit-sig.c
> > @@ -72,11 +72,12 @@ static int fit_image_setup_verify(struct 
> > image_sign_info *info,
> >   char *algo_name;
> >   const char *padding_name;
> >
> > +#ifndef USE_HOSTCC
> >   if (fdt_totalsize(fit) > CONFIG_FIT_SIGNATURE_MAX_SIZE) {
> >   *err_msgp = "Total size too large";
> >   return 1;
> >   }
> > -
> > +#endif
> >   if (fit_image_hash_get_algo(fit, noffset, _name)) {
> >   *err_msgp = "Can't get hash algo property";
> >   return -1;
> > diff --git a/common/image-fit.c b/common/image-fit.c
> > index e614643fe39..a16e2dd54a5 100644
> > --- a/common/image-fit.c
> > +++ b/common/image-fit.c
> > @@ -165,7 +165,7 @@ int fit_get_subimage_count(const void *fit, int 
> > images_noffset)
> >   return count;
> >   }
> >
> > -#if CONFIG_IS_ENABLED(FIT_PRINT) || CONFIG_IS_ENABLED(SPL_FIT_PRINT)
> > +#if CONFIG_IS_ENABLED(FIT_PRINT)
> >   /**
> >* fit_image_print_data() - prints out the hash node details
> >* @fit: pointer to the FIT format image header
> > @@ -573,7 +573,7 @@ void fit_image_print(const void *fit, int 
> > image_noffset, const char *p)
> >   #else
> >   void fit_print_contents(const void *fit) { }
> >   void fit_image_print(const void *fit, int image_noffset, const char *p) { 
> > }
> > -#endif /* CONFIG_IS_ENABLED(FIR_PRINT) || CONFIG_IS_ENABLED(SPL_FIT_PRINT) 
> > */
> > +#endif /* CONFIG_IS_ENABLED(FIT_PRINT) */
> >
> >   /**
> >* fit_get_desc - get node description property
> > diff --git a/tools/Kconfig b/tools/Kconfig
> > index b2f5012240c..f00ab661135 100644
> > --- a/tools/Kconfig
> > +++ b/tools/Kconfig
> > @@ -9,4 +9,29 @@ config MKIMAGE_DTC_PATH
> > some cases the system dtc may not support all required features
> > and the path to a different version should be given here.
> >
> > +config HOST_FIT
> > + def_bool y
> > + help
> > +   Enable FIT support in the host build.
>
> Don't we always want to enable this for mkimage?

Yes, that's right.

>
> > +
> > +config HOST_FIT_FULL_CHECK
> > + def_bool y
> > + help
> > +   Do a full check of the FIT before using it in the host build
>
> How would this be used? FIT vs FIT_FULL is mostly an SPL distinction. I
> don't think we should have it in host tools.

It allows us to use CONFIG_IS_ENABLED() everywhere, including in code
built as part of host tools. In fact that is the main purpose of this
series.

>
> > +
> > +config HOST_FIT_PRINT
> > + def_bool y
> > + help
> > +   Print the content of the FIT verbosely in the host build
>
> This option also doesn't make sense.This seems to do what 'mkimage -l'
> already supports.

Are you sure you have looked at the goal of the CONFIG_IS_ENABLED()
changes? This is here purely to avoid #ifdefs in the share code.

>
> > +
> > +config HOST_FIT_SIGNATURE
> > + def_bool y
> > + help
> > +   Enable signature verification of FIT uImages in the host build
>
> s/verification/signing and verification/

OK, yes it does control that in the tools, by virtue of tools/Makefile

>
> > +
> > +config HOST_FIT_SIGNATURE_MAX_SIZE
> > + hex
> > + depends on HOST_FIT_SIGNATURE
> > + default 0x1000
> 

Re: [PATCH v2 16/50] image: Add Kconfig options for FIT in the host build

[Tom Rini]

On Tue, May 11, 2021 at 07:50:38PM -0500, Alex G. wrote:
> On 5/11/21 5:34 PM, Tom Rini wrote:
> > On Tue, May 11, 2021 at 02:57:03PM -0500, Alex G. wrote:
> > > On 5/6/21 9:24 AM, Simon Glass wrote:
> > > > In preparation for enabling CONFIG_IS_ENABLED() on the host build, add
> > > > some options to enable the various FIT options expected in these tools.
> > > > This will ensure that the code builds correctly when CONFIG_HOST_xxx
> > > > is distinct from CONFIG_xxx.
> > > > 
> > > > Signed-off-by: Simon Glass 
> > > 
> > > Reviewed-by: Alexandru Gagniuc 
> > > 
> > > This makes me wonder whether we should just always enable host features.
> > > Right now, each defconfig can have a different mkimage config. So we 
> > > should
> > > really have mkimage-imx8, mkimage-stm32mp, etc, which support different
> > > feature sets. This doesn't make much sense.
> > > 
> > > The alternative is to get rid of all these configs and always enable 
> > > mkimage
> > > features. The disadvantage is that we'd require openssl for building 
> > > target
> > > code.
> > > 
> > > A second alternative is to have a mkimage-nossl that gets built and used
> > > when openssl isn't available. It's really just openssl that causes such a
> > > schism.
> > 
> > It would probably be best to have a single mkimage for everyone, with
> > everything on.  But before then we really need to move from openssl to
> > gnutls or some other library that's compatible as it's been raised
> > before that linking with openssl like we do is a license violation I
> > believe.
> 
> How about the former alternative for now? i.e. compile mkimage with or
> without openssl, and have that be the only host side switch.

That would be a step in the right direction, yeah.

-- 
Tom


signature.asc
Description: PGP signature

Re: [PATCH v2 16/50] image: Add Kconfig options for FIT in the host build

[Alex G.]

On 5/11/21 5:34 PM, Tom Rini wrote:

On Tue, May 11, 2021 at 02:57:03PM -0500, Alex G. wrote:

On 5/6/21 9:24 AM, Simon Glass wrote:

In preparation for enabling CONFIG_IS_ENABLED() on the host build, add
some options to enable the various FIT options expected in these tools.
This will ensure that the code builds correctly when CONFIG_HOST_xxx
is distinct from CONFIG_xxx.

Signed-off-by: Simon Glass 


Reviewed-by: Alexandru Gagniuc 

This makes me wonder whether we should just always enable host features.
Right now, each defconfig can have a different mkimage config. So we should
really have mkimage-imx8, mkimage-stm32mp, etc, which support different
feature sets. This doesn't make much sense.

The alternative is to get rid of all these configs and always enable mkimage
features. The disadvantage is that we'd require openssl for building target
code.

A second alternative is to have a mkimage-nossl that gets built and used
when openssl isn't available. It's really just openssl that causes such a
schism.


It would probably be best to have a single mkimage for everyone, with
everything on.  But before then we really need to move from openssl to
gnutls or some other library that's compatible as it's been raised
before that linking with openssl like we do is a license violation I
believe.


How about the former alternative for now? i.e. compile mkimage with or 
without openssl, and have that be the only host side switch.


Alex

Re: [PATCH v2 16/50] image: Add Kconfig options for FIT in the host build

[Tom Rini]

On Tue, May 11, 2021 at 02:57:03PM -0500, Alex G. wrote:
> On 5/6/21 9:24 AM, Simon Glass wrote:
> > In preparation for enabling CONFIG_IS_ENABLED() on the host build, add
> > some options to enable the various FIT options expected in these tools.
> > This will ensure that the code builds correctly when CONFIG_HOST_xxx
> > is distinct from CONFIG_xxx.
> > 
> > Signed-off-by: Simon Glass 
> 
> Reviewed-by: Alexandru Gagniuc 
> 
> This makes me wonder whether we should just always enable host features.
> Right now, each defconfig can have a different mkimage config. So we should
> really have mkimage-imx8, mkimage-stm32mp, etc, which support different
> feature sets. This doesn't make much sense.
> 
> The alternative is to get rid of all these configs and always enable mkimage
> features. The disadvantage is that we'd require openssl for building target
> code.
> 
> A second alternative is to have a mkimage-nossl that gets built and used
> when openssl isn't available. It's really just openssl that causes such a
> schism.

It would probably be best to have a single mkimage for everyone, with
everything on.  But before then we really need to move from openssl to
gnutls or some other library that's compatible as it's been raised
before that linking with openssl like we do is a license violation I
believe.

-- 
Tom


signature.asc
Description: PGP signature

Re: [PATCH v2 16/50] image: Add Kconfig options for FIT in the host build

[Alex G.]

On 5/6/21 9:24 AM, Simon Glass wrote:

In preparation for enabling CONFIG_IS_ENABLED() on the host build, add
some options to enable the various FIT options expected in these tools.
This will ensure that the code builds correctly when CONFIG_HOST_xxx
is distinct from CONFIG_xxx.

Signed-off-by: Simon Glass 


Reviewed-by: Alexandru Gagniuc 

This makes me wonder whether we should just always enable host features. 
Right now, each defconfig can have a different mkimage config. So we 
should really have mkimage-imx8, mkimage-stm32mp, etc, which support 
different feature sets. This doesn't make much sense.


The alternative is to get rid of all these configs and always enable 
mkimage features. The disadvantage is that we'd require openssl for 
building target code.


A second alternative is to have a mkimage-nossl that gets built and used 
when openssl isn't available. It's really just openssl that causes such 
a schism.


Alex


---

(no changes since v1)

  common/image-fit-sig.c |  3 ++-
  common/image-fit.c |  4 ++--
  tools/Kconfig  | 25 +
  tools/Makefile | 18 +-
  4 files changed, 38 insertions(+), 12 deletions(-)

diff --git a/common/image-fit-sig.c b/common/image-fit-sig.c
index 55ddf1879ed..12a6745c642 100644
--- a/common/image-fit-sig.c
+++ b/common/image-fit-sig.c
@@ -72,11 +72,12 @@ static int fit_image_setup_verify(struct image_sign_info 
*info,
char *algo_name;
const char *padding_name;
  
+#ifndef USE_HOSTCC

if (fdt_totalsize(fit) > CONFIG_FIT_SIGNATURE_MAX_SIZE) {
*err_msgp = "Total size too large";
return 1;
}
-
+#endif
if (fit_image_hash_get_algo(fit, noffset, _name)) {
*err_msgp = "Can't get hash algo property";
return -1;
diff --git a/common/image-fit.c b/common/image-fit.c
index e614643fe39..a16e2dd54a5 100644
--- a/common/image-fit.c
+++ b/common/image-fit.c
@@ -165,7 +165,7 @@ int fit_get_subimage_count(const void *fit, int 
images_noffset)
return count;
  }
  
-#if CONFIG_IS_ENABLED(FIT_PRINT) || CONFIG_IS_ENABLED(SPL_FIT_PRINT)

+#if CONFIG_IS_ENABLED(FIT_PRINT)
  /**
   * fit_image_print_data() - prints out the hash node details
   * @fit: pointer to the FIT format image header
@@ -573,7 +573,7 @@ void fit_image_print(const void *fit, int image_noffset, 
const char *p)
  #else
  void fit_print_contents(const void *fit) { }
  void fit_image_print(const void *fit, int image_noffset, const char *p) { }
-#endif /* CONFIG_IS_ENABLED(FIR_PRINT) || CONFIG_IS_ENABLED(SPL_FIT_PRINT) */
+#endif /* CONFIG_IS_ENABLED(FIT_PRINT) */
  
  /**

   * fit_get_desc - get node description property
diff --git a/tools/Kconfig b/tools/Kconfig
index b2f5012240c..f00ab661135 100644
--- a/tools/Kconfig
+++ b/tools/Kconfig
@@ -9,4 +9,29 @@ config MKIMAGE_DTC_PATH
  some cases the system dtc may not support all required features
  and the path to a different version should be given here.
  
+config HOST_FIT

+   def_bool y
+   help
+ Enable FIT support in the host build.


Don't we always want to enable this for mkimage?


+
+config HOST_FIT_FULL_CHECK
+   def_bool y
+   help
+ Do a full check of the FIT before using it in the host build


How would this be used? FIT vs FIT_FULL is mostly an SPL distinction. I 
don't think we should have it in host tools.



+
+config HOST_FIT_PRINT
+   def_bool y
+   help
+ Print the content of the FIT verbosely in the host build


This option also doesn't make sense.This seems to do what 'mkimage -l' 
already supports.



+
+config HOST_FIT_SIGNATURE
+   def_bool y
+   help
+ Enable signature verification of FIT uImages in the host build


s/verification/signing and verification/


+
+config HOST_FIT_SIGNATURE_MAX_SIZE
+   hex
+   depends on HOST_FIT_SIGNATURE
+   default 0x1000
+


The only use of FIT_SIGNATURE_MAX_SIZE is under "#ifndef USE_HOSTCC". So 
this wouldn't make any sense for the host.



  endmenu
diff --git a/tools/Makefile b/tools/Makefile
index 2b4bc547abd..d143198f7c9 100644
--- a/tools/Makefile
+++ b/tools/Makefile
@@ -53,12 +53,12 @@ hostprogs-y += mkenvimage
  mkenvimage-objs := mkenvimage.o os_support.o lib/crc32.o
  
  hostprogs-y += dumpimage mkimage

-hostprogs-$(CONFIG_FIT_SIGNATURE) += fit_info fit_check_sign
+hostprogs-$(CONFIG_HOST_FIT_SIGNATURE) += fit_info fit_check_sign
  
  hostprogs-$(CONFIG_CMD_BOOTEFI_SELFTEST) += file2include
  
-FIT_OBJS-$(CONFIG_FIT) := fit_common.o fit_image.o image-host.o common/image-fit.o

-FIT_SIG_OBJS-$(CONFIG_FIT_SIGNATURE) := common/image-sig.o 
common/image-fit-sig.o
+FIT_OBJS-$(CONFIG_HOST_FIT) := fit_common.o fit_image.o image-host.o 
common/image-fit.o
+FIT_SIG_OBJS-$(CONFIG_HOST_FIT_SIGNATURE) := common/image-sig.o 
common/image-fit-sig.o
  FIT_CIPHER_OBJS-$(CONFIG_FIT_CIPHER) := common/image-cipher.o
  
  # The following files are synced