efi_loader: expose efi_image_parse() even if UEFI Secure Boot is disabled

This is preparation for PE/COFF measurement support.
PE/COFF image hash calculation is same in both
UEFI Secure Boot image verification and measurement in
measured boot. PE/COFF image parsing functions are
gathered into efi_image_loader.c, and exposed even if
UEFI Secure Boot is not enabled.

This commit also adds the EFI_SIGNATURE_SUPPORT option
to decide if efi_signature.c shall be compiled.

Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>

1 files changed, 5 insertions, 0 deletions

diff --git a/lib/efi_loader/Kconfig b/lib/efi_loader/Kconfig
index eb5c4d6f29..98845b8ba3 100644
--- a/lib/efi_loader/Kconfig
+++ b/lib/efi_loader/Kconfig
@@ -175,6 +175,7 @@ config EFI_CAPSULE_AUTHENTICATE
 	select PKCS7_VERIFY
 	select IMAGE_SIGN_INFO
 	select HASH_CALCULATE
+	select EFI_SIGNATURE_SUPPORT
 	default n
 	help
 	  Select this option if you want to enable capsule
@@ -344,6 +345,7 @@ config EFI_SECURE_BOOT
 	select PKCS7_MESSAGE_PARSER
 	select PKCS7_VERIFY
 	select HASH_CALCULATE
+	select EFI_SIGNATURE_SUPPORT
 	default n
 	help
 	  Select this option to enable EFI secure boot support.
@@ -351,6 +353,9 @@ config EFI_SECURE_BOOT
 	  it is signed with a trusted key. To do that, you need to install,
 	  at least, PK, KEK and db.
 
+config EFI_SIGNATURE_SUPPORT
+	bool
+
 config EFI_ESRT
 	bool "Enable the UEFI ESRT generation"
 	depends on EFI_CAPSULE_FIRMWARE_MANAGEMENT