(address . guix-patches@gnu.org)
* gnu/packages/bootloaders.scm (u-boot-lichee-rv-dock): New variable.
* gnu/packages/patches/u-boot-lichee-rv-dock-disable-openssl.patch: New file.
* gnu/local.mk(dist_patch_DATA): register it.
---
gnu/local.mk | 1 +
gnu/packages/bootloaders.scm | 39 ++++
...-boot-lichee-rv-dock-disable-openssl.patch | 216 ++++++++++++++++++
3 files changed, 256 insertions(+)
create mode 100644 gnu/packages/patches/u-boot-lichee-rv-dock-disable-openssl.patch
Toggle diff (295 lines)
diff --git a/gnu/local.mk b/gnu/local.mk
index 209556b56d..b2f4aaadc3 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -1993,6 +1993,7 @@ dist_patch_DATA = \
%D%/packages/patches/u-boot-allow-disabling-openssl.patch \
%D%/packages/patches/u-boot-fix-build-python-3.10.patch \
%D%/packages/patches/u-boot-infodocs-target.patch \
+ %D%/packages/patches/u-boot-lichee-rv-dock-disable-openssl.patch \
%D%/packages/patches/u-boot-patman-guix-integration.patch \
%D%/packages/patches/u-boot-nintendo-nes-serial.patch \
%D%/packages/patches/u-boot-rockchip-inno-usb.patch \
diff --git a/gnu/packages/bootloaders.scm b/gnu/packages/bootloaders.scm
index a9685a9ef9..4b80eaf3e8 100644
--- a/gnu/packages/bootloaders.scm
+++ b/gnu/packages/bootloaders.scm
@@ -18,6 +18,7 @@
;;; Copyright © 2022 Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
;;; Copyright © 2021 Stefan <stefan-guix@vodafonemail.de>
;;; Copyright © 2022 Maxim Cournoyer <maxim.cournoyer@gmail.com>
+;;; Cournoyer © 2023 Zheng Junjie <873216071@qq.com>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -1188,6 +1189,44 @@ (define-public u-boot-sifive-unmatched
(modify-inputs (package-inputs base)
(append opensbi-generic))))))
+(define-public u-boot-lichee-rv-dock
+ (let ((commit "528ae9bc6c55edd3ffe642734b4132a8246ea777")
+ (base (make-u-boot-package
+ "lichee_rv_dock"
+ "riscv64-linux-gnu")))
+ (package
+ (inherit base)
+ (source (origin
+ (inherit (package-source base))
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/smaeul/u-boot")
+ (commit commit)))
+ (file-name (git-file-name
+ (package-name base)
+ (package-version base)))
+ (patches
+ (append
+ (search-patches
+ "u-boot-lichee-rv-dock-disable-openssl.patch")
+ ;;; rebase from %u-boot-allow-disabling-openssl-patch
+ (filter (negate (cut string-contains <> "openssl"))
+ (origin-patches (package-source base)))))
+ (sha256
+ (base32
+ "1rfk2d9wxxmf8ypvmwq07g1vifkvzy2nzs4mdwdgxsadlhi8dn9s"))))
+ (arguments
+ (substitute-keyword-arguments (package-arguments base)
+ ((#:phases phases)
+ #~(modify-phases #$phases
+ (add-after 'unpack 'set-environment
+ (lambda* (#:key inputs #:allow-other-keys)
+ (setenv "OPENSBI" (search-input-file inputs
+ "fw_dynamic.bin"))))))))
+ (inputs
+ (modify-inputs (package-inputs base)
+ (append opensbi-generic))))))
+
(define-public u-boot-rock64-rk3328
(let ((base (make-u-boot-package "rock64-rk3328" "aarch64-linux-gnu")))
(package
diff --git a/gnu/packages/patches/u-boot-lichee-rv-dock-disable-openssl.patch b/gnu/packages/patches/u-boot-lichee-rv-dock-disable-openssl.patch
new file mode 100644
index 0000000000..f8e22d2c57
--- /dev/null
+++ b/gnu/packages/patches/u-boot-lichee-rv-dock-disable-openssl.patch
@@ -0,0 +1,216 @@
+From b2dff4fe9d1a53bbe3565435e190db19e7d6f4e7 Mon Sep 17 00:00:00 2001
+From: Z572 <zhengjunjie@iscas.ac.cn>
+Date: Mon, 8 May 2023 18:00:55 +0800
+Subject: [PATCH] remove openssl
+
+---
+ include/image.h | 2 ++
+ tools/fit_image.c | 3 ++-
+ tools/image-host.c | 4 ++++
+ tools/kwbimage.c | 21 +++++++++++++++++++--
+ 4 files changed, 27 insertions(+), 3 deletions(-)
+
+diff --git a/include/image.h b/include/image.h
+index e5e12ce5..5c858a16 100644
+--- a/include/image.h
++++ b/include/image.h
+@@ -1172,6 +1172,7 @@ int fit_image_hash_get_value(const void *fit, int noffset, uint8_t **value,
+
+ int fit_set_timestamp(void *fit, int noffset, time_t timestamp);
+
++#ifdef CONFIG_FIT_PRELOAD
+ /**
+ * fit_pre_load_data() - add public key to fdt blob
+ *
+@@ -1186,6 +1187,7 @@ int fit_set_timestamp(void *fit, int noffset, time_t timestamp);
+ * < 0, on failure
+ */
+ int fit_pre_load_data(const char *keydir, void *keydest, void *fit);
++#endif
+
+ int fit_cipher_data(const char *keydir, void *keydest, void *fit,
+ const char *comment, int require_keys,
+diff --git a/tools/fit_image.c b/tools/fit_image.c
+index 923a9755..7a73f24a 100644
+--- a/tools/fit_image.c
++++ b/tools/fit_image.c
+@@ -59,9 +59,10 @@ static int fit_add_file_data(struct image_tool_params *params, size_t size_inc,
+ ret = fit_set_timestamp(ptr, 0, time);
+ }
+
++#ifdef CONFIG_FIT_PRELOAD
+ if (!ret)
+ ret = fit_pre_load_data(params->keydir, dest_blob, ptr);
+-
++#endif
+ if (!ret) {
+ ret = fit_cipher_data(params->keydir, dest_blob, ptr,
+ params->comment,
+diff --git a/tools/image-host.c b/tools/image-host.c
+index 4e0512be..da70fcb4 100644
+--- a/tools/image-host.c
++++ b/tools/image-host.c
+@@ -14,9 +14,11 @@
+ #include <image.h>
+ #include <version.h>
+
++#ifdef CONFIG_FIT_PRELOAD
+ #include <openssl/pem.h>
+ #include <openssl/evp.h>
+
++#endif
+ /**
+ * fit_set_hash_value - set hash value in requested has node
+ * @fit: pointer to the FIT format image header
+@@ -1119,6 +1121,7 @@ static int fit_config_add_verification_data(const char *keydir,
+ return 0;
+ }
+
++#ifdef CONFIG_FIT_PRELOAD
+ /*
+ * 0) open file (open)
+ * 1) read certificate (PEM_read_X509)
+@@ -1227,6 +1230,7 @@ int fit_pre_load_data(const char *keydir, void *keydest, void *fit)
+ out:
+ return ret;
+ }
++#endif
+
+ int fit_cipher_data(const char *keydir, void *keydest, void *fit,
+ const char *comment, int require_keys,
+diff --git a/tools/kwbimage.c b/tools/kwbimage.c
+index 6abb9f2d..d8159070 100644
+--- a/tools/kwbimage.c
++++ b/tools/kwbimage.c
+@@ -19,6 +19,7 @@
+ #include <stdint.h>
+ #include "kwbimage.h"
+
++#ifdef CONFIG_KWB_SECURE
+ #include <openssl/bn.h>
+ #include <openssl/rsa.h>
+ #include <openssl/pem.h>
+@@ -44,7 +45,7 @@ void EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx)
+ EVP_MD_CTX_reset(ctx);
+ }
+ #endif
+-
++#endif
+ /* fls - find last (most-significant) bit set in 4-bit integer */
+ static inline int fls4(int num)
+ {
+@@ -62,8 +63,9 @@ static inline int fls4(int num)
+
+ static struct image_cfg_element *image_cfg;
+ static int cfgn;
++#ifdef CONFIG_KWB_SECURE
+ static int verbose_mode;
+-
++#endif
+ struct boot_mode {
+ unsigned int id;
+ const char *name;
+@@ -278,6 +280,8 @@ image_count_options(unsigned int optiontype)
+ return count;
+ }
+
++#if defined(CONFIG_KWB_SECURE)
++
+ static int image_get_csk_index(void)
+ {
+ struct image_cfg_element *e;
+@@ -288,6 +292,7 @@ static int image_get_csk_index(void)
+
+ return e->csk_idx;
+ }
++#endif
+
+ static bool image_get_spezialized_img(void)
+ {
+@@ -432,6 +437,7 @@ static uint8_t baudrate_to_option(unsigned int baudrate)
+ }
+ }
+
++#if defined(CONFIG_KWB_SECURE)
+ static void kwb_msg(const char *fmt, ...)
+ {
+ if (verbose_mode) {
+@@ -926,6 +932,7 @@ static int kwb_dump_fuse_cmds(struct secure_hdr_v1 *sec_hdr)
+ done:
+ return ret;
+ }
++#endif
+
+ static size_t image_headersz_align(size_t headersz, uint8_t blockid)
+ {
+@@ -1079,11 +1086,13 @@ static size_t image_headersz_v1(int *hasext)
+ */
+ headersz = sizeof(struct main_hdr_v1);
+
++#if defined(CONFIG_KWB_SECURE)
+ if (image_get_csk_index() >= 0) {
+ headersz += sizeof(struct secure_hdr_v1);
+ if (hasext)
+ *hasext = 1;
+ }
++#endif
+
+ cpu_sheeva = image_is_cpu_sheeva();
+
+@@ -1270,6 +1279,7 @@ err_close:
+ return -1;
+ }
+
++#if defined(CONFIG_KWB_SECURE)
+ static int export_pub_kak_hash(RSA *kak, struct secure_hdr_v1 *secure_hdr)
+ {
+ FILE *hashf;
+@@ -1382,6 +1392,7 @@ static int add_secure_header_v1(struct image_tool_params *params, uint8_t *ptr,
+
+ return 0;
+ }
++#endif
+
+ static void finish_register_set_header_v1(uint8_t **cur, uint8_t **next_ext,
+ struct register_set_hdr_v1 *register_set_hdr,
+@@ -1406,7 +1417,9 @@ static void *image_create_v1(size_t *imagesz, struct image_tool_params *params,
+ struct main_hdr_v1 *main_hdr;
+ struct opt_hdr_v1 *ohdr;
+ struct register_set_hdr_v1 *register_set_hdr;
++#if defined(CONFIG_KWB_SECURE)
+ struct secure_hdr_v1 *secure_hdr = NULL;
++#endif
+ size_t headersz;
+ uint8_t *image, *cur;
+ int hasext = 0;
+@@ -1491,6 +1504,7 @@ static void *image_create_v1(size_t *imagesz, struct image_tool_params *params,
+ if (main_hdr->blockid == IBR_HDR_PEX_ID)
+ main_hdr->srcaddr = cpu_to_le32(0xFFFFFFFF);
+
++#if defined(CONFIG_KWB_SECURE)
+ if (image_get_csk_index() >= 0) {
+ /*
+ * only reserve the space here; we fill the header later since
+@@ -1502,6 +1516,7 @@ static void *image_create_v1(size_t *imagesz, struct image_tool_params *params,
+ next_ext = &secure_hdr->next;
+ }
+
++#endif
+ datai = 0;
+ for (cfgi = 0; cfgi < cfgn; cfgi++) {
+ e = &image_cfg[cfgi];
+@@ -1552,9 +1567,11 @@ static void *image_create_v1(size_t *imagesz, struct image_tool_params *params,
+ &datai, delay);
+ }
+
++#if defined(CONFIG_KWB_SECURE)
+ if (secure_hdr && add_secure_header_v1(params, ptr, payloadsz + headersz,
+ headersz, image, secure_hdr))
+ return NULL;
++#endif
+
+ *imagesz = headersz;
+
+--
+2.39.2
+
base-commit: 7c12255eb9fdd73b481c3c588b02809abd633be8
--
2.40.1