>From 058efe4b42d6cae866c30de22eace1ef2ff00f48 Mon Sep 17 00:00:00 2001
Message-Id: <058efe4b42d6cae866c30de22eace1ef2ff00f48.1687012310.git.873216071@qq.com>
From: Z572 <873216071@qq.com>
Date: Sat, 17 Jun 2023 22:19:34 +0800
Subject: [PATCH] gnu: Add u-boot-lichee-rv-dock.

* gnu/packages/bootloaders.scm (u-boot-lichee-rv-dock): New variable.
* gnu/packages/patches/u-boot-lichee-rv-dock-disable-openssl.patch: New file.
* gnu/local.mk(dist_patch_DATA): register it.
---
 gnu/local.mk                                  |   1 +
 gnu/packages/bootloaders.scm                  |  39 ++++
 ...-boot-lichee-rv-dock-disable-openssl.patch | 216 ++++++++++++++++++
 3 files changed, 256 insertions(+)
 create mode 100644 gnu/packages/patches/u-boot-lichee-rv-dock-disable-openssl.patch

diff --git a/gnu/local.mk b/gnu/local.mk
index 2b3df5d75a..1cfdebd405 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -1996,6 +1996,7 @@ dist_patch_DATA =						\
   %D%/packages/patches/u-boot-allow-disabling-openssl.patch	\
   %D%/packages/patches/u-boot-fix-build-python-3.10.patch	\
   %D%/packages/patches/u-boot-infodocs-target.patch		\
+  %D%/packages/patches/u-boot-lichee-rv-dock-disable-openssl.patch	\
   %D%/packages/patches/u-boot-patman-guix-integration.patch	\
   %D%/packages/patches/u-boot-nintendo-nes-serial.patch		\
   %D%/packages/patches/u-boot-rockchip-inno-usb.patch		\
diff --git a/gnu/packages/bootloaders.scm b/gnu/packages/bootloaders.scm
index a9685a9ef9..bd89280f1b 100644
--- a/gnu/packages/bootloaders.scm
+++ b/gnu/packages/bootloaders.scm
@@ -18,6 +18,7 @@
 ;;; Copyright © 2022 Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
 ;;; Copyright © 2021 Stefan <stefan-guix@vodafonemail.de>
 ;;; Copyright © 2022 Maxim Cournoyer <maxim.cournoyer@gmail.com>
+;;; Cournoyer © 2023 Zheng Junjie <873216071@qq.com>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -1188,6 +1189,44 @@ (define-public u-boot-sifive-unmatched
        (modify-inputs (package-inputs base)
          (append opensbi-generic))))))
 
+(define-public u-boot-lichee-rv-dock
+  (let ((commit "528ae9bc6c55edd3ffe642734b4132a8246ea777")
+        (base (make-u-boot-package
+               "lichee_rv_dock"
+               "riscv64-linux-gnu")))
+    (package
+      (inherit base)
+      (source (origin
+                (inherit (package-source base))
+                (method git-fetch)
+                (uri (git-reference
+                      (url "https://github.com/smaeul/u-boot")
+                      (commit commit)))
+                (file-name (git-file-name
+                            (package-name base)
+                            (package-version base)))
+                (patches
+                 (append
+                  ;; rebase from %u-boot-allow-disabling-openssl-patch
+                  (search-patches
+                   "u-boot-lichee-rv-dock-disable-openssl.patch")
+                  (delete %u-boot-allow-disabling-openssl-patch
+                          (origin-patches (package-source base)))))
+                (sha256
+                 (base32
+                  "1rfk2d9wxxmf8ypvmwq07g1vifkvzy2nzs4mdwdgxsadlhi8dn9s"))))
+      (arguments
+       (substitute-keyword-arguments (package-arguments base)
+         ((#:phases phases)
+          #~(modify-phases #$phases
+              (add-after 'unpack 'set-environment
+                (lambda* (#:key inputs #:allow-other-keys)
+                  (setenv "OPENSBI" (search-input-file inputs
+                                                       "fw_dynamic.bin"))))))))
+      (inputs
+       (modify-inputs (package-inputs base)
+         (append opensbi-generic))))))
+
 (define-public u-boot-rock64-rk3328
   (let ((base (make-u-boot-package "rock64-rk3328" "aarch64-linux-gnu")))
     (package
diff --git a/gnu/packages/patches/u-boot-lichee-rv-dock-disable-openssl.patch b/gnu/packages/patches/u-boot-lichee-rv-dock-disable-openssl.patch
new file mode 100644
index 0000000000..f8e22d2c57
--- /dev/null
+++ b/gnu/packages/patches/u-boot-lichee-rv-dock-disable-openssl.patch
@@ -0,0 +1,216 @@
+From b2dff4fe9d1a53bbe3565435e190db19e7d6f4e7 Mon Sep 17 00:00:00 2001
+From: Z572 <zhengjunjie@iscas.ac.cn>
+Date: Mon, 8 May 2023 18:00:55 +0800
+Subject: [PATCH] remove openssl
+
+---
+ include/image.h    |  2 ++
+ tools/fit_image.c  |  3 ++-
+ tools/image-host.c |  4 ++++
+ tools/kwbimage.c   | 21 +++++++++++++++++++--
+ 4 files changed, 27 insertions(+), 3 deletions(-)
+
+diff --git a/include/image.h b/include/image.h
+index e5e12ce5..5c858a16 100644
+--- a/include/image.h
++++ b/include/image.h
+@@ -1172,6 +1172,7 @@ int fit_image_hash_get_value(const void *fit, int noffset, uint8_t **value,
+ 
+ int fit_set_timestamp(void *fit, int noffset, time_t timestamp);
+ 
++#ifdef CONFIG_FIT_PRELOAD
+ /**
+  * fit_pre_load_data() - add public key to fdt blob
+  *
+@@ -1186,6 +1187,7 @@ int fit_set_timestamp(void *fit, int noffset, time_t timestamp);
+  *	< 0, on failure
+  */
+ int fit_pre_load_data(const char *keydir, void *keydest, void *fit);
++#endif
+ 
+ int fit_cipher_data(const char *keydir, void *keydest, void *fit,
+ 		    const char *comment, int require_keys,
+diff --git a/tools/fit_image.c b/tools/fit_image.c
+index 923a9755..7a73f24a 100644
+--- a/tools/fit_image.c
++++ b/tools/fit_image.c
+@@ -59,9 +59,10 @@ static int fit_add_file_data(struct image_tool_params *params, size_t size_inc,
+ 		ret = fit_set_timestamp(ptr, 0, time);
+ 	}
+ 
++#ifdef CONFIG_FIT_PRELOAD
+ 	if (!ret)
+ 		ret = fit_pre_load_data(params->keydir, dest_blob, ptr);
+-
++#endif
+ 	if (!ret) {
+ 		ret = fit_cipher_data(params->keydir, dest_blob, ptr,
+ 				      params->comment,
+diff --git a/tools/image-host.c b/tools/image-host.c
+index 4e0512be..da70fcb4 100644
+--- a/tools/image-host.c
++++ b/tools/image-host.c
+@@ -14,9 +14,11 @@
+ #include <image.h>
+ #include <version.h>
+ 
++#ifdef CONFIG_FIT_PRELOAD
+ #include <openssl/pem.h>
+ #include <openssl/evp.h>
+ 
++#endif
+ /**
+  * fit_set_hash_value - set hash value in requested has node
+  * @fit: pointer to the FIT format image header
+@@ -1119,6 +1121,7 @@ static int fit_config_add_verification_data(const char *keydir,
+ 	return 0;
+ }
+ 
++#ifdef CONFIG_FIT_PRELOAD
+ /*
+  * 0) open file (open)
+  * 1) read certificate (PEM_read_X509)
+@@ -1227,6 +1230,7 @@ int fit_pre_load_data(const char *keydir, void *keydest, void *fit)
+  out:
+ 	return ret;
+ }
++#endif
+ 
+ int fit_cipher_data(const char *keydir, void *keydest, void *fit,
+ 		    const char *comment, int require_keys,
+diff --git a/tools/kwbimage.c b/tools/kwbimage.c
+index 6abb9f2d..d8159070 100644
+--- a/tools/kwbimage.c
++++ b/tools/kwbimage.c
+@@ -19,6 +19,7 @@
+ #include <stdint.h>
+ #include "kwbimage.h"
+ 
++#ifdef CONFIG_KWB_SECURE
+ #include <openssl/bn.h>
+ #include <openssl/rsa.h>
+ #include <openssl/pem.h>
+@@ -44,7 +45,7 @@ void EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx)
+ 	EVP_MD_CTX_reset(ctx);
+ }
+ #endif
+-
++#endif
+ /* fls - find last (most-significant) bit set in 4-bit integer */
+ static inline int fls4(int num)
+ {
+@@ -62,8 +63,9 @@ static inline int fls4(int num)
+ 
+ static struct image_cfg_element *image_cfg;
+ static int cfgn;
++#ifdef CONFIG_KWB_SECURE
+ static int verbose_mode;
+-
++#endif
+ struct boot_mode {
+ 	unsigned int id;
+ 	const char *name;
+@@ -278,6 +280,8 @@ image_count_options(unsigned int optiontype)
+ 	return count;
+ }
+ 
++#if defined(CONFIG_KWB_SECURE)
++
+ static int image_get_csk_index(void)
+ {
+ 	struct image_cfg_element *e;
+@@ -288,6 +292,7 @@ static int image_get_csk_index(void)
+ 
+ 	return e->csk_idx;
+ }
++#endif
+ 
+ static bool image_get_spezialized_img(void)
+ {
+@@ -432,6 +437,7 @@ static uint8_t baudrate_to_option(unsigned int baudrate)
+ 	}
+ }
+ 
++#if defined(CONFIG_KWB_SECURE)
+ static void kwb_msg(const char *fmt, ...)
+ {
+ 	if (verbose_mode) {
+@@ -926,6 +932,7 @@ static int kwb_dump_fuse_cmds(struct secure_hdr_v1 *sec_hdr)
+ done:
+ 	return ret;
+ }
++#endif
+ 
+ static size_t image_headersz_align(size_t headersz, uint8_t blockid)
+ {
+@@ -1079,11 +1086,13 @@ static size_t image_headersz_v1(int *hasext)
+ 	 */
+ 	headersz = sizeof(struct main_hdr_v1);
+ 
++#if defined(CONFIG_KWB_SECURE)
+ 	if (image_get_csk_index() >= 0) {
+ 		headersz += sizeof(struct secure_hdr_v1);
+ 		if (hasext)
+ 			*hasext = 1;
+ 	}
++#endif
+ 
+ 	cpu_sheeva = image_is_cpu_sheeva();
+ 
+@@ -1270,6 +1279,7 @@ err_close:
+ 	return -1;
+ }
+ 
++#if defined(CONFIG_KWB_SECURE)
+ static int export_pub_kak_hash(RSA *kak, struct secure_hdr_v1 *secure_hdr)
+ {
+ 	FILE *hashf;
+@@ -1382,6 +1392,7 @@ static int add_secure_header_v1(struct image_tool_params *params, uint8_t *ptr,
+ 
+ 	return 0;
+ }
++#endif
+ 
+ static void finish_register_set_header_v1(uint8_t **cur, uint8_t **next_ext,
+ 					  struct register_set_hdr_v1 *register_set_hdr,
+@@ -1406,7 +1417,9 @@ static void *image_create_v1(size_t *imagesz, struct image_tool_params *params,
+ 	struct main_hdr_v1 *main_hdr;
+ 	struct opt_hdr_v1 *ohdr;
+ 	struct register_set_hdr_v1 *register_set_hdr;
++#if defined(CONFIG_KWB_SECURE)
+ 	struct secure_hdr_v1 *secure_hdr = NULL;
++#endif
+ 	size_t headersz;
+ 	uint8_t *image, *cur;
+ 	int hasext = 0;
+@@ -1491,6 +1504,7 @@ static void *image_create_v1(size_t *imagesz, struct image_tool_params *params,
+ 	if (main_hdr->blockid == IBR_HDR_PEX_ID)
+ 		main_hdr->srcaddr = cpu_to_le32(0xFFFFFFFF);
+ 
++#if defined(CONFIG_KWB_SECURE)
+ 	if (image_get_csk_index() >= 0) {
+ 		/*
+ 		 * only reserve the space here; we fill the header later since
+@@ -1502,6 +1516,7 @@ static void *image_create_v1(size_t *imagesz, struct image_tool_params *params,
+ 		next_ext = &secure_hdr->next;
+ 	}
+ 
++#endif
+ 	datai = 0;
+ 	for (cfgi = 0; cfgi < cfgn; cfgi++) {
+ 		e = &image_cfg[cfgi];
+@@ -1552,9 +1567,11 @@ static void *image_create_v1(size_t *imagesz, struct image_tool_params *params,
+ 					      &datai, delay);
+ 	}
+ 
++#if defined(CONFIG_KWB_SECURE)
+ 	if (secure_hdr && add_secure_header_v1(params, ptr, payloadsz + headersz,
+ 					       headersz, image, secure_hdr))
+ 		return NULL;
++#endif
+ 
+ 	*imagesz = headersz;
+ 
+-- 
+2.39.2
+

base-commit: 428b810ca23fa1c1c565da15c0e95273f6487384
-- 
2.40.1