forked from usbarmory/armory-boot
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathMakefile
115 lines (90 loc) · 3.63 KB
/
Makefile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
# http://github.com/f-secure-foundry/tamago-example
#
# Copyright (c) F-Secure Corporation
# https://foundry.f-secure.com
#
# Use of this source code is governed by the license
# that can be found in the LICENSE file.
BUILD_USER = $(shell whoami)
BUILD_HOST = $(shell hostname)
BUILD_DATE = $(shell /bin/date -u "+%Y-%m-%d %H:%M:%S")
BUILD = ${BUILD_USER}@${BUILD_HOST} on ${BUILD_DATE}
REV = $(shell git rev-parse --short HEAD 2> /dev/null)
SHELL = /bin/bash
START ?= 5242880
APP := armory-boot
GOENV := GO_EXTLINK_ENABLED=0 CGO_ENABLED=0 GOOS=tamago GOARM=7 GOARCH=arm
TEXT_START := 0x90010000 # ramStart (defined in imx6/imx6ul/memory.go) + 0x10000
GOFLAGS := -tags linkramsize,linkramstart -ldflags "-s -w -T $(TEXT_START) -E _rt0_arm_tamago -R 0x1000 -X 'main.Build=${BUILD}' -X 'main.Revision=${REV}' -X 'main.Boot=${BOOT}' -X 'main.Start=${START}' -X 'main.PublicKeyStr=${PUBLIC_KEY}'"
QEMU ?= qemu-system-arm -machine mcimx6ul-evk -cpu cortex-a7 -m 512M \
-nographic -monitor none -serial null -serial stdio -net none \
-semihosting -d unimp
.PHONY: clean qemu qemu-gdb
#### primary targets ####
all: $(APP)
imx: $(APP).imx
imx_signed: $(APP)-signed.imx
elf: $(APP)
#### utilities ####
check_env:
@if [ "${BOOT}" != "eMMC" ] && [ "${BOOT}" != "uSD" ]; then \
echo 'You need to set the BOOT variable to either eMMC or uSD to select boot media'; \
exit 1; \
fi
check_tamago:
@if [ "${TAMAGO}" == "" ] || [ ! -f "${TAMAGO}" ]; then \
echo 'You need to set the TAMAGO variable to a compiled version of https://github.com/f-secure-foundry/tamago-go'; \
exit 1; \
fi
check_usbarmory_git:
@if [ "${USBARMORY_GIT}" == "" ]; then \
echo 'You need to set the USBARMORY_GIT variable to the path of a clone of'; \
echo ' https://github.com/f-secure-foundry/usbarmory'; \
exit 1; \
fi
check_hab_keys:
@if [ "${HAB_KEYS}" == "" ]; then \
echo 'You need to set the HAB_KEYS variable to the path of secure boot keys'; \
echo 'See https://github.com/f-secure-foundry/usbarmory/wiki/Secure-boot-(Mk-II)'; \
exit 1; \
fi
dcd:
echo $(GOMODCACHE)
echo $(TAMAGO_PKG)
cp -f $(GOMODCACHE)/$(TAMAGO_PKG)/board/f-secure/usbarmory/mark-two/imximage.cfg $(APP).dcd
clean:
rm -f $(APP)
@rm -fr $(APP).bin $(APP).imx $(APP)-signed.imx $(APP).csf $(APP).dcd
qemu: $(APP)
$(QEMU) -kernel $(APP)
qemu-gdb: $(APP)
$(QEMU) -kernel $(APP) -S -s
#### dependencies ####
$(APP): check_tamago check_env
$(GOENV) $(TAMAGO) build $(GOFLAGS) -o ${APP}
$(APP).dcd: check_tamago
$(APP).dcd: GOMODCACHE=$(shell ${TAMAGO} env GOMODCACHE)
$(APP).dcd: TAMAGO_PKG=$(shell grep "github.com/f-secure-foundry/tamago " go.mod | awk '{print $$1"@"$$2}')
$(APP).dcd: dcd
$(APP).bin: $(APP)
$(CROSS_COMPILE)objcopy -j .text -j .rodata -j .shstrtab -j .typelink \
-j .itablink -j .gopclntab -j .go.buildinfo -j .noptrdata -j .data \
-j .bss --set-section-flags .bss=alloc,load,contents \
-j .noptrbss --set-section-flags .noptrbss=alloc,load,contents\
$(APP) -O binary $(APP).bin
$(APP).imx: $(APP).bin $(APP).dcd
mkimage -n $(APP).dcd -T imximage -e $(TEXT_START) -d $(APP).bin $(APP).imx
# Copy entry point from ELF file
dd if=$(APP) of=$(APP).imx bs=1 count=4 skip=24 seek=4 conv=notrunc
#### secure boot ####
$(APP)-signed.imx: check_usbarmory_git check_hab_keys $(APP).imx
${USBARMORY_GIT}/software/secure_boot/usbarmory_csftool \
--csf_key ${HAB_KEYS}/CSF_1_key.pem \
--csf_crt ${HAB_KEYS}/CSF_1_crt.pem \
--img_key ${HAB_KEYS}/IMG_1_key.pem \
--img_crt ${HAB_KEYS}/IMG_1_crt.pem \
--table ${HAB_KEYS}/SRK_1_2_3_4_table.bin \
--index 1 \
--image $(APP).imx \
--output $(APP).csf && \
cat $(APP).imx $(APP).csf > $(APP)-signed.imx