rockchip: binman: Support use of crc32 hash for FIT images

Use of SHA256 checksum validation on ARMv7 SoCs can be very time
consuming compared to when used on a ARMv8 SoC with Crypto Extensions.

Add support for use of the much faster CRC32 hash algo when SHA256 is
not supported in SPL. Also use FIT_HASH_ALGO to simplify the ifdefs when
no known hash algo has been compiled.

Signed-off-by: Jonas Karlman <jonas@kwiboo.se>
Reviewed-by: Kever Yang <kever.yang@rock-chips.com>
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>

diff --git a/arch/arm/dts/rockchip-u-boot.dtsi b/arch/arm/dts/rockchip-u-boot.dtsi
index f60cc31fb1a6c7199f31f306f83e0fc5067a182e..cc2feed6464fb3d3f19f7fc188e8a48cac436698 100644 (file)
--- a/arch/arm/dts/rockchip-u-boot.dtsi
+++ b/arch/arm/dts/rockchip-u-boot.dtsi
@@ -19,6 +19,18 @@
 #define FIT_UBOOT_COMP         "none"
 #endif
 
+/*
+ * SHA256 should be enabled in SPL when signature validation is involved,
+ * CRC32 should only be used for basic checksum validation of FIT images.
+ */
+#if defined(CONFIG_SPL_FIT_SIGNATURE)
+#if defined(CONFIG_SPL_SHA256)
+#define FIT_HASH_ALGO          "sha256"
+#elif defined(CONFIG_SPL_CRC32)
+#define FIT_HASH_ALGO          "crc32"
+#endif
+#endif
+
 #if defined(CONFIG_SPL_FIT) && (defined(CONFIG_ARM64) || defined(CONFIG_SPL_OPTEE_IMAGE))
 #define HAS_FIT
 #endif
@@ -55,9 +67,9 @@
                                u-boot-nodtb {
                                        compress = FIT_UBOOT_COMP;
                                };
-#ifdef CONFIG_SPL_FIT_SIGNATURE
+#ifdef FIT_HASH_ALGO
                                hash {
-                                       algo = "sha256";
+                                       algo = FIT_HASH_ALGO;
                                };
 #endif
                        };
@@ -76,9 +88,9 @@
 
                                atf-bl31 {
                                };
-#ifdef CONFIG_SPL_FIT_SIGNATURE
+#ifdef FIT_HASH_ALGO
                                hash {
-                                       algo = "sha256";
+                                       algo = FIT_HASH_ALGO;
                                };
 #endif
                        };
@@ -96,9 +108,9 @@
                                tee-os {
                                        optional;
                                };
-#ifdef CONFIG_SPL_FIT_SIGNATURE
+#ifdef FIT_HASH_ALGO
                                hash {
-                                       algo = "sha256";
+                                       algo = FIT_HASH_ALGO;
                                };
 #endif
                        };
@@ -114,9 +126,9 @@
 
                                tee-os {
                                };
-#ifdef CONFIG_SPL_FIT_SIGNATURE
+#ifdef FIT_HASH_ALGO
                                hash {
-                                       algo = "sha256";
+                                       algo = FIT_HASH_ALGO;
                                };
 #endif
                        };
@@ -126,9 +138,9 @@
                                description = "fdt-NAME";
                                compression = "none";
                                type = "flat_dt";
-#ifdef CONFIG_SPL_FIT_SIGNATURE
+#ifdef FIT_HASH_ALGO
                                hash {
-                                       algo = "sha256";
+                                       algo = FIT_HASH_ALGO;
                                };
 #endif
                        };