C99 introduced the possibility to mark function parameters declared as
arrays with an extra keyword "static":
void foo(uint8_t digest[static SHA256_DIGEST_LENGTH]);
This requires the respective function argument to be at least as large
as specified. Passing in random pointers (like NULL) then becomes
undefined behaviour, and compilers warn about this.
Newer GCC compilers (starting with GCC 14) will also automatically mark
those parameters as "nonnull", and thus warn if a (redundant) NULL check
is done inside the function:
tools/sunxi_toc0.o tools/sunxi_toc0.c
tools/sunxi_toc0.c: In function 'toc0_verify_cert_item':
tools/sunxi_toc0.c:447:12: warning: 'nonnull' argument 'digest' compared to NULL [-Wnonnull-compare]
447 | if (digest && memcmp(&extension->digest, digest, SHA256_DIGEST_LENGTH)) {
| ^
Remove the unnecessary NULL check from toc0_verify_cert_item(), to avoid
the warning.
Signed-off-by: Seung-Woo Kim <sw0312.kim@samsung.com>
Reviewed-by: Andre Przywara <andre.przywara@arm.com>
[Andre: extend commit message]
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
This allows image type print_header() callback to access struct
image_tool_params *params.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
LibreSSL 3.5.0 and later (also shipped as part of OpenBSD 7.1 and
and later) have an opaque RSA object and do provide the
RSA_get0_* functions that OpenSSL provides.
Fixes: 2ecc354b8e ("tools: mkimage: fix build with LibreSSL")
Signed-off-by: Mark Kettenis <kettenis@openbsd.org>
Reviewed-by: Jonathan Gray <jsg@jsg.id.au>
Building with OpenSSL 3.0 produces warnings like:
../tools/sunxi_toc0.c:846:17: warning: ‘RSA_get0_d’ is deprecated:
Since OpenSSL 3.0 [-Wdeprecated-declarations]
846 | if (root_key && RSA_get0_d(root_key)) {
| ^~
As OpenSSL 3.0 is not available in elder Linux distributions
just silence the warning.
Add missing #include <openssl/bn.h>.
Fixes: e9e87ec47c ("tools: mkimage: Add Allwinner TOC0 support")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Tested-by: Andre Przywara <andre.przywara@arm.com>
Most Allwinner sunxi SoCs have separate boot ROMs in non-secure and
secure mode. The "non-secure" or "normal" boot ROM (NBROM) uses the
existing sunxi_egon image type. The secure boot ROM (SBROM) uses a
completely different image type, known as TOC0.
A TOC0 image is composed of a header and two or more items. One item
is the firmware binary. The others form a chain linking the firmware
signature to the root-of-trust public key (ROTPK), which has its hash
burned in the SoC's eFuses. Signatures are made using RSA-2048 + SHA256.
The pseudo-ASN.1 structure is manually assembled; this is done to work
around bugs/quirks in the boot ROM, which vary between SoCs. This TOC0
implementation has been verified to work with the A50, A64, H5, H6,
and H616 SBROMs, and it may work with other SoCs.
Signed-off-by: Samuel Holland <samuel@sholland.org>
Acked-by: Andre Przywara <andre.przywara@arm.com>
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
