broadcom: Remove SoC and board support
The reason for this code cleanup is the legacy Google Purin board which isn't available anymore and AFAIK never made it into the stores. * Remove broadcom cygnus SoC support * Remove /util/broadcom tool * Remove Google Purin mainboard * Remove MAINTAINERS entries Change-Id: I148dd7eb0192d396cb69bc26c4062f88a764771a Signed-off-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com> Reviewed-on: https://review.coreboot.org/c/29905 Reviewed-by: Julius Werner <jwerner@chromium.org> Reviewed-by: Angel Pons <th3fanbus@gmail.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
This commit is contained in:
@@ -16,7 +16,6 @@ Technologies, for example the Pistachio SoC. `C`
|
||||
`Yacc`
|
||||
* __board_status__ - Tools to collect logs and upload them to the board
|
||||
status repository `Bash` `Go`
|
||||
* __broadcom__ - Generate Broadcom secure boot image. `C`
|
||||
* __cavium__ - Devicetree_convert Tool to convert a DTB to a static C
|
||||
file `Python`
|
||||
* __cbfstool__
|
||||
|
@@ -1 +0,0 @@
|
||||
subdirs-$(CONFIG_SOC_BROADCOM_CYGNUS) += secimage
|
@@ -1 +0,0 @@
|
||||
Generate Broadcom secure boot image. `C`
|
Binary file not shown.
@@ -1,42 +0,0 @@
|
||||
#
|
||||
# Copyright (C) 2015 Broadcom Corporation
|
||||
#
|
||||
# This program is free software; you can redistribute it and/or
|
||||
# modify it under the terms of the GNU General Public License as
|
||||
# published by the Free Software Foundation version 2.
|
||||
#
|
||||
# This program is distributed "as is" WITHOUT ANY WARRANTY of any
|
||||
# kind, whether express or implied; without even the implied warranty
|
||||
# of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
|
||||
TARGET = secimage
|
||||
OBJS = crypto.o io.o misc.o sbi.o
|
||||
CC = gcc
|
||||
RM = rm
|
||||
CFLAGS += -Wall -g
|
||||
|
||||
LIBS = -lssl -lcrypto -lz
|
||||
|
||||
%.o : %.c
|
||||
$(CC) -c $(CFLAGS) -o $@ $<
|
||||
|
||||
all: $(TARGET)
|
||||
|
||||
$(TARGET): $(OBJS)
|
||||
$(CC) -o $@ $(OBJS) $(LIBS)
|
||||
|
||||
install:
|
||||
install -d $(DESTDIR)/usr/bin
|
||||
install $(TARGET) $(DESTDIR)/usr/bin
|
||||
|
||||
.PHONY: test
|
||||
test: $(TARGET)
|
||||
@find test -maxdepth 1 -type f -executable \
|
||||
| xargs -I "{}" sh -c "{} $$(realpath $<)"
|
||||
|
||||
.PHONY: clean distclean
|
||||
|
||||
clean distclean:
|
||||
$(RM) -f $(TARGET) $(OBJS)
|
@@ -1,18 +0,0 @@
|
||||
secimageobj :=
|
||||
secimageobj += crypto.o
|
||||
secimageobj += io.o
|
||||
secimageobj += misc.o
|
||||
secimageobj += sbi.o
|
||||
|
||||
LIBS = -lssl -lcrypto -lz
|
||||
|
||||
additional-dirs += $(objutil)/broadcom/secimage
|
||||
|
||||
$(objutil)/broadcom/secimage/%.o: $(top)/util/broadcom/secimage/%.c
|
||||
printf " HOSTCC $(subst $(objutil)/,,$(@))\n"
|
||||
$(HOSTCC) $(HOSTCFLAGS) -c -o $@ $<
|
||||
|
||||
$(objutil)/broadcom/secimage/secimage: \
|
||||
$(addprefix $(objutil)/broadcom/secimage/,$(secimageobj))
|
||||
printf " HOSTCC $(subst $(objutil)/,,$(@)) (link)\n"
|
||||
$(HOSTCC) -o $@ $^ $(LIBS)
|
@@ -1,68 +0,0 @@
|
||||
/*
|
||||
* Copyright (C) 2015 Broadcom Corporation
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or
|
||||
* modify it under the terms of the GNU General Public License as
|
||||
* published by the Free Software Foundation version 2.
|
||||
*
|
||||
* This program is distributed "as is" WITHOUT ANY WARRANTY of any
|
||||
* kind, whether express or implied; without even the implied warranty
|
||||
* of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*/
|
||||
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
#include <stdint.h>
|
||||
#include "secimage.h"
|
||||
#include <openssl/hmac.h>
|
||||
|
||||
/*----------------------------------------------------------------------
|
||||
* Name : HmacSha256Hash
|
||||
* Purpose :
|
||||
* Input : none
|
||||
* Output : none
|
||||
*---------------------------------------------------------------------*/
|
||||
int HmacSha256Hash(uint8_t *data, uint32_t len, uint8_t *hash, uint8_t *key)
|
||||
{
|
||||
unsigned int hash_len = 0;
|
||||
|
||||
if (!HMAC(EVP_sha256(), key, 32, data, len, hash, &hash_len)) {
|
||||
printf("HMAC failed\n");
|
||||
return -1;
|
||||
} else if (hash_len != 32) {
|
||||
printf("HMAC reported unexpected md_len of %u\n", hash_len);
|
||||
return -2;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
/*----------------------------------------------------------------------
|
||||
* Name : AppendHMACSignature
|
||||
* Purpose : Appends HMAC signature at the end of the data
|
||||
*---------------------------------------------------------------------*/
|
||||
int AppendHMACSignature(uint8_t *data, uint32_t length, char *filename,
|
||||
uint32_t offset)
|
||||
{
|
||||
uint8_t hmackey[32];
|
||||
uint32_t len;
|
||||
uint32_t status;
|
||||
uint8_t *digest = data + length;
|
||||
|
||||
len = ReadBinaryFile(filename, hmackey, 32);
|
||||
if (len != 32) {
|
||||
printf("Error reading hmac key file\n");
|
||||
return 0;
|
||||
}
|
||||
|
||||
status = HmacSha256Hash(&data[offset], length - offset, digest,
|
||||
hmackey);
|
||||
|
||||
if (status) {
|
||||
printf("HMAC-SHA256 hash error\n");
|
||||
return 0;
|
||||
}
|
||||
|
||||
return 32;
|
||||
}
|
@@ -1,123 +0,0 @@
|
||||
/*
|
||||
* Copyright (C) 2015 Broadcom Corporation
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or
|
||||
* modify it under the terms of the GNU General Public License as
|
||||
* published by the Free Software Foundation version 2.
|
||||
*
|
||||
* This program is distributed "as is" WITHOUT ANY WARRANTY of any
|
||||
* kind, whether express or implied; without even the implied warranty
|
||||
* of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*/
|
||||
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
#include "secimage.h"
|
||||
|
||||
/*----------------------------------------------------------------------
|
||||
* Name : ReadBinaryFile
|
||||
* Purpose : Read some data from file of raw binary
|
||||
* Input : fname : file to be read
|
||||
* buf : buffer which is the data desitnation
|
||||
* maxlen : maiximum length of data to be read
|
||||
* Output : none
|
||||
*---------------------------------------------------------------------*/
|
||||
int ReadBinaryFile(char *fname, uint8_t *buf, int maxlen)
|
||||
{
|
||||
FILE *fp = NULL;
|
||||
int len = 0;
|
||||
|
||||
fp = fopen(fname, "rb");
|
||||
if (fp == NULL)
|
||||
return 0;
|
||||
printf("fname=%s, len=%d\n", fname, maxlen);
|
||||
len = fread(buf, 1, maxlen, fp);
|
||||
fclose(fp);
|
||||
|
||||
return len;
|
||||
}
|
||||
|
||||
/*----------------------------------------------------------------------
|
||||
* Name : FileSizeGet
|
||||
* Purpose : Return the size of the file
|
||||
* Input : file: FILE * to the file to be processed
|
||||
* Output : none
|
||||
*---------------------------------------------------------------------*/
|
||||
size_t FileSizeGet(FILE *file)
|
||||
{
|
||||
long length;
|
||||
|
||||
fseek(file, 0, SEEK_END);
|
||||
length = ftell(file);
|
||||
rewind(file);
|
||||
return (size_t)length;
|
||||
}
|
||||
|
||||
/*----------------------------------------------------------------------
|
||||
* Name : DataRead
|
||||
* Purpose : Read all the data from a file
|
||||
* Input : filename : file to be read
|
||||
* buf : buffer which is the data destination
|
||||
* length : length of data to be read
|
||||
* Output : none
|
||||
*---------------------------------------------------------------------*/
|
||||
int DataRead(char *filename, uint8_t *buf, int *length)
|
||||
{
|
||||
FILE *file;
|
||||
int len = *length;
|
||||
|
||||
file = fopen(filename, "rb");
|
||||
if (file == NULL) {
|
||||
printf("Unable to open file: %s\n", filename);
|
||||
return -1;
|
||||
}
|
||||
len = FileSizeGet(file);
|
||||
if (len < 0) {
|
||||
printf("Unable to seek in file: %s\n", filename);
|
||||
fclose(file);
|
||||
return -1;
|
||||
}
|
||||
if (len < *length)
|
||||
*length = len;
|
||||
else
|
||||
/* Do not exceed the maximum length of the buffer */
|
||||
len = *length;
|
||||
if (fread((uint8_t *)buf, 1, len, file) != len) {
|
||||
printf("Error reading data (%d bytes) from file: %s\n",
|
||||
len, filename);
|
||||
fclose(file);
|
||||
return -1;
|
||||
}
|
||||
fclose(file);
|
||||
return 0;
|
||||
}
|
||||
|
||||
/*----------------------------------------------------------------------
|
||||
* Name : DataWrite
|
||||
* Purpose : Write some binary data to a file
|
||||
* Input : filename : file to be written
|
||||
* buf : buffer which is the data source
|
||||
* length : length of data to be written
|
||||
* Output : none
|
||||
*---------------------------------------------------------------------*/
|
||||
int DataWrite(char *filename, char *buf, int length)
|
||||
{
|
||||
FILE *file;
|
||||
|
||||
file = fopen(filename, "wb");
|
||||
if (file == NULL) {
|
||||
printf("Unable to open output file %s\n", filename);
|
||||
return -1;
|
||||
}
|
||||
if (fwrite(buf, 1, length, file) < length) {
|
||||
printf("Unable to write %d bytes to output file %s (0x%X).\n",
|
||||
length, filename, ferror(file));
|
||||
fclose(file);
|
||||
return -1;
|
||||
}
|
||||
|
||||
fflush(file);
|
||||
fclose(file);
|
||||
return 0;
|
||||
}
|
@@ -1,58 +0,0 @@
|
||||
/*
|
||||
* Copyright (C) 2015 Broadcom Corporation
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or
|
||||
* modify it under the terms of the GNU General Public License as
|
||||
* published by the Free Software Foundation version 2.
|
||||
*
|
||||
* This program is distributed "as is" WITHOUT ANY WARRANTY of any
|
||||
* kind, whether express or implied; without even the implied warranty
|
||||
* of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*/
|
||||
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
#include "secimage.h"
|
||||
|
||||
static unsigned char filebuffer[2049];
|
||||
|
||||
void FillHeaderFromConfigFile(char *h, char *ConfigFileName)
|
||||
{
|
||||
|
||||
int byte_count = 0;
|
||||
char *ptr;
|
||||
FILE *fp;
|
||||
unsigned int Tag;
|
||||
unsigned int Length;
|
||||
unsigned int Reserved;
|
||||
HEADER *h1 = (HEADER *)h;
|
||||
|
||||
fp = fopen(ConfigFileName, "rb");
|
||||
if (fp != NULL) {
|
||||
printf("\r\n Reading config information from file \r\n");
|
||||
byte_count = fread(filebuffer, 1, 2048, fp);
|
||||
filebuffer[2048] = 0;
|
||||
if (byte_count > 0) {
|
||||
ptr = strstr((char *)filebuffer, "Tag=");
|
||||
if (ptr) {
|
||||
ptr += strlen("Tag=");
|
||||
sscanf(ptr, "%x", &Tag);
|
||||
h1->Tag = Tag;
|
||||
}
|
||||
ptr = strstr((char *)filebuffer, "Length=");
|
||||
if (ptr) {
|
||||
ptr += strlen("Length=");
|
||||
sscanf(ptr, "%x", &Length);
|
||||
h1->Length = Length;
|
||||
}
|
||||
ptr = strstr((char *)filebuffer, "Reserved=");
|
||||
if (ptr) {
|
||||
ptr += strlen("Reserved=");
|
||||
sscanf(ptr, "%x", &Reserved);
|
||||
h1->Reserved = Reserved;
|
||||
}
|
||||
}
|
||||
fclose(fp);
|
||||
}
|
||||
}
|
@@ -1,197 +0,0 @@
|
||||
/*
|
||||
* Copyright (C) 2015 Broadcom Corporation
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or
|
||||
* modify it under the terms of the GNU General Public License as
|
||||
* published by the Free Software Foundation version 2.
|
||||
*
|
||||
* This program is distributed "as is" WITHOUT ANY WARRANTY of any
|
||||
* kind, whether express or implied; without even the implied warranty
|
||||
* of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*/
|
||||
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <sys/types.h>
|
||||
#include <sys/stat.h>
|
||||
#include <unistd.h>
|
||||
#include <zlib.h>
|
||||
#include "secimage.h"
|
||||
|
||||
#define MIN_SIZE (1024*120)
|
||||
|
||||
/*----------------------------------------------------------------------
|
||||
* Name : SBIUsage
|
||||
* Purpose :
|
||||
* Input : none
|
||||
* Output : none
|
||||
*---------------------------------------------------------------------*/
|
||||
int SBIUsage(void)
|
||||
{
|
||||
printf("\nTo create a Secure Boot Image:\n");
|
||||
printf("secimage: -out <output binary> [-hmac hmac_binary_key] <-config configfile>");
|
||||
printf("\n\t\t[-bl input binary]\n");
|
||||
return 0;
|
||||
}
|
||||
|
||||
/*----------------------------------------------------------------------
|
||||
* Name : AddImagePayload
|
||||
* Purpose :
|
||||
* Input : none
|
||||
* Output : none
|
||||
*---------------------------------------------------------------------*/
|
||||
int AddImagePayload(char *h, char *filename, unsigned int filesize)
|
||||
{
|
||||
uint32_t totalLen;
|
||||
int length = filesize;
|
||||
int padlen = 0;
|
||||
int status = 0;
|
||||
|
||||
totalLen = 0x40;
|
||||
|
||||
status = DataRead(filename, (uint8_t *)h + totalLen, &length);
|
||||
printf("\r\n Adding file %s ... \r\n", filename);
|
||||
if (!status) {
|
||||
if (length & 15) {
|
||||
padlen = 16 - (length & 15);
|
||||
memset((uint8_t *)h + totalLen + length, 0, padlen);
|
||||
length += padlen;
|
||||
}
|
||||
|
||||
*(uint32_t *)&h[FIELD5_OFFSET] = length;
|
||||
*(uint32_t *)&h[FIELD6_OFFSET] += length;
|
||||
|
||||
} else
|
||||
printf("Error reading image Payload from %s\n", filename);
|
||||
|
||||
return status;
|
||||
}
|
||||
|
||||
/*----------------------------------------------------------------------
|
||||
* Name : CreateSecureBootImage
|
||||
* Purpose :
|
||||
* Input : none
|
||||
* Output : none
|
||||
*---------------------------------------------------------------------*/
|
||||
int CreateSecureBootImage(int ac, char **av)
|
||||
{
|
||||
char *configfile = NULL, *arg, *privkey = NULL, *bl = NULL;
|
||||
int status = 0;
|
||||
uint32_t sbiLen;
|
||||
struct stat file_stat;
|
||||
uint32_t add_header = 1;
|
||||
char *outfile = *av;
|
||||
unsigned int filesize;
|
||||
char *buf;
|
||||
--ac; ++av;
|
||||
|
||||
if (ac <= 0)
|
||||
return SBIUsage();
|
||||
|
||||
while (ac) {
|
||||
arg = *av;
|
||||
if (!strcmp(arg, "-bl")) {
|
||||
--ac, ++av;
|
||||
bl = *av;
|
||||
} else if (!strcmp(arg, "-hmac")) {
|
||||
--ac, ++av;
|
||||
privkey = *av;
|
||||
} else if (!strcmp(arg, "-config")) {
|
||||
--ac, ++av;
|
||||
configfile = *av;
|
||||
} else if (!strcmp(arg, "-noheader")) {
|
||||
add_header = 0;
|
||||
} else {
|
||||
return SBIUsage();
|
||||
}
|
||||
--ac, ++av;
|
||||
}
|
||||
|
||||
if (!bl) {
|
||||
puts("-bl not set");
|
||||
return -1;
|
||||
}
|
||||
|
||||
if (!privkey) {
|
||||
puts("-hmac not set");
|
||||
return -1;
|
||||
}
|
||||
|
||||
if (stat(bl, &file_stat) == -1) {
|
||||
puts("Can't stat bl");
|
||||
return -1;
|
||||
}
|
||||
filesize = file_stat.st_size + MIN_SIZE;
|
||||
buf = calloc(sizeof(uint8_t), filesize);
|
||||
|
||||
if (buf == NULL) {
|
||||
puts("Memory allocation error");
|
||||
status = -1;
|
||||
goto done;
|
||||
}
|
||||
|
||||
*(uint32_t *)&buf[FIELD6_OFFSET] = 0x40;
|
||||
*(uint32_t *)&buf[FIELD9_OFFSET] = 0x45F2D99A;
|
||||
*(uint32_t *)&buf[FIELD3_OFFSET] = 0x900FFFFF;
|
||||
*(uint16_t *)&buf[FIELD1_OFFSET] = 0x40;
|
||||
*(uint32_t *)&buf[FIELD4_OFFSET] = 0x40;
|
||||
*(uint16_t *)&buf[FIELD2_OFFSET] = 0x10;
|
||||
*(uint16_t *)&buf[FIELD8_OFFSET] = 0x20;
|
||||
*(uint16_t *)&buf[FIELD7_OFFSET] = 0x10;
|
||||
|
||||
if (status == 0) {
|
||||
|
||||
if (configfile)
|
||||
FillHeaderFromConfigFile(buf, configfile);
|
||||
|
||||
status = AddImagePayload(buf, bl, filesize);
|
||||
if (status) {
|
||||
status = -1;
|
||||
goto done;
|
||||
}
|
||||
|
||||
sbiLen = *(uint32_t *)&buf[FIELD6_OFFSET];
|
||||
|
||||
printf("HMAC signing %d bytes\n", sbiLen);
|
||||
status = AppendHMACSignature((uint8_t *)buf, sbiLen, privkey,
|
||||
add_header ? 0x10 : 0x40);
|
||||
if (status > 0) {
|
||||
sbiLen += status;
|
||||
status = 0;
|
||||
}
|
||||
|
||||
if (!status) {
|
||||
((HEADER *)buf)->Length = sbiLen;
|
||||
((HEADER *)buf)->crc = crc32(0xFFFFFFFF,
|
||||
(uint8_t *)buf, 12);
|
||||
|
||||
printf("Generating Image file %s: %d bytes\n",
|
||||
outfile, sbiLen);
|
||||
if (!add_header)
|
||||
status = DataWrite(outfile, &buf[0x40],
|
||||
sbiLen - 0x40);
|
||||
else
|
||||
status = DataWrite(outfile, buf, sbiLen);
|
||||
}
|
||||
}
|
||||
if (status < 0)
|
||||
printf("Generation error %d\n", status);
|
||||
|
||||
done:
|
||||
free(buf);
|
||||
return status;
|
||||
}
|
||||
|
||||
int main(int argc, char **argv)
|
||||
{
|
||||
argc--;
|
||||
argv++;
|
||||
if (argc > 0) {
|
||||
if (!strcmp(*argv, "-out"))
|
||||
return CreateSecureBootImage(--argc, ++argv);
|
||||
}
|
||||
SBIUsage();
|
||||
return 0;
|
||||
}
|
@@ -1,44 +0,0 @@
|
||||
/*
|
||||
* Copyright (C) 2015 Broadcom Corporation
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or
|
||||
* modify it under the terms of the GNU General Public License as
|
||||
* published by the Free Software Foundation version 2.
|
||||
*
|
||||
* This program is distributed "as is" WITHOUT ANY WARRANTY of any
|
||||
* kind, whether express or implied; without even the implied warranty
|
||||
* of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*/
|
||||
|
||||
#ifndef _SECIMAGE_H_
|
||||
#define _SECIMAGE_H_
|
||||
|
||||
#include <stdint.h>
|
||||
#include <sys/types.h>
|
||||
|
||||
#define FIELD1_OFFSET 16
|
||||
#define FIELD2_OFFSET 18
|
||||
#define FIELD3_OFFSET 20
|
||||
#define FIELD4_OFFSET 36
|
||||
#define FIELD5_OFFSET 40
|
||||
#define FIELD6_OFFSET 44
|
||||
#define FIELD7_OFFSET 48
|
||||
#define FIELD8_OFFSET 50
|
||||
#define FIELD9_OFFSET 60
|
||||
|
||||
typedef struct Header_t {
|
||||
uint32_t Tag;
|
||||
uint32_t Length;
|
||||
uint32_t Reserved;
|
||||
uint32_t crc;
|
||||
} HEADER;
|
||||
|
||||
int DataWrite(char *filename, char *buf, int length);
|
||||
int DataRead(char *filename, uint8_t *buf, int *length);
|
||||
int AppendHMACSignature(uint8_t *data, uint32_t length, char *filename,
|
||||
uint32_t offset);
|
||||
int ReadBinaryFile(char *fname, uint8_t *buf, int maxlen);
|
||||
void FillHeaderFromConfigFile(char *h, char *ConfigFileName);
|
||||
|
||||
#endif /* _SECIMAGE_H_ */
|
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
@@ -1,41 +0,0 @@
|
||||
00000000: 2f2f 2055 6e61 7574 6820 4865 6164 6572 // Unauth Header |
|
||||
00000010: 0a2f 2f0a 2f2f 2073 7472 7563 7420 556e .//.// struct Un |
|
||||
00000020: 4175 7468 656e 7469 6361 7465 6448 6561 AuthenticatedHea |
|
||||
00000030: 6465 725f 7420 7b0a 2f2f 0975 696e 7433 der_t {.//.uint3 |
|
||||
00000040: 325f 7420 5461 673b 0909 2f2a 2054 6167 2_t Tag;../* Tag |
|
||||
00000050: 2075 7365 6420 746f 206c 6f63 6174 6520 used to locate |
|
||||
00000060: 626f 6f74 2062 696e 6172 7920 696e 206d boot binary in m |
|
||||
00000070: 656d 6f72 7920 2a2f 0a2f 2f09 7569 6e74 emory */.//.uint |
|
||||
00000080: 3332 5f74 204c 656e 6774 683b 092f 2a20 32_t Length;./* |
|
||||
00000090: 4c65 6e67 7468 206f 6620 7468 6520 626f Length of the bo |
|
||||
000000a0: 6f74 2062 696e 6172 7920 2a2f 0a2f 2f09 ot binary */.//. |
|
||||
000000b0: 7569 6e74 3332 5f74 2052 6573 6572 7665 uint32_t Reserve |
|
||||
000000c0: 643b 092f 2a20 4164 6472 6573 7320 666f d;./* Address fo |
|
||||
000000d0: 7220 7468 6520 6e6f 6e2d 6175 7468 656e r the non-authen |
|
||||
000000e0: 7469 6361 7465 6420 626f 6f74 2e0a 2f2f ticated boot..// |
|
||||
000000f0: 0909 0909 2020 2054 6865 2061 6464 7265 .... The addre |
|
||||
00000100: 7373 2069 7320 616c 6967 6e65 6420 746f ss is aligned to |
|
||||
00000110: 2031 3620 6279 7465 7320 626f 756e 6461 16 bytes bounda |
|
||||
00000120: 7279 2e0a 2f2f 0909 0909 2020 2054 6865 ry..//.... The |
|
||||
00000130: 206c 6f77 6572 2034 2062 6974 7320 6172 lower 4 bits ar |
|
||||
00000140: 6520 7573 6564 2066 6f72 2043 6c6b 436f e used for ClkCo |
|
||||
00000150: 6e66 6967 3a0a 2f2f 0909 0909 2020 2056 nfig:.//.... V |
|
||||
00000160: 616c 7565 2020 2046 7265 710a 2f2f 0909 alue Freq.//.. |
|
||||
00000170: 0909 2020 2031 2020 2020 2020 2034 3030 .. 1 400 |
|
||||
00000180: 0a2f 2f09 0909 0920 2020 3220 2020 2020 .//.... 2 |
|
||||
00000190: 2020 3147 487a 0a2f 2f09 0909 0920 2020 1GHz.//.... |
|
||||
000001a0: 3320 2020 2020 2020 4d61 7820 2831 2e32 3 Max (1.2 |
|
||||
000001b0: 4748 7a29 0a2f 2f09 0909 0920 2020 3420 GHz).//.... 4 |
|
||||
000001c0: 2020 2020 2020 6e6f 2050 4c4c 206c 6f63 no PLL loc |
|
||||
000001d0: 6b3a 2032 3030 4d48 7a0a 2f2f 0909 0909 k: 200MHz.//.... |
|
||||
000001e0: 202a 2f0a 2f2f 0975 696e 7433 325f 7420 */.//.uint32_t |
|
||||
000001f0: 6372 633b 0909 2f2a 2043 5243 2063 6f6d crc;../* CRC com |
|
||||
00000200: 7075 7465 6420 6f6e 2061 6c6c 206f 7468 puted on all oth |
|
||||
00000210: 6572 2066 6965 6c64 7320 696e 2074 6869 er fields in thi |
|
||||
00000220: 730a 2f2f 0909 0909 2020 2073 7472 7563 s.//.... struc |
|
||||
00000230: 7475 7265 2065 7863 6c75 6469 6e67 2063 ture excluding c |
|
||||
00000240: 7263 2066 6965 6c64 202a 2f0a 2f2f 207d rc field */.// } |
|
||||
00000250: 3b0a 5461 673d 0909 3078 4135 4135 4135 ;.Tag=..0xA5A5A5 |
|
||||
00000260: 4135 0a4c 656e 6774 683d 0909 3078 3030 A5.Length=..0x00 |
|
||||
00000270: 3030 3030 3030 0a52 6573 6572 7665 643d 000000.Reserved= |
|
||||
00000280: 2020 0930 7830 3030 3030 3030 320a .0x00000002. |
|
@@ -1,2 +0,0 @@
|
||||
00000000: d1ef bcba d798 d871 003d ee3b f7b8 461c .......q.=.;..F. |
|
||||
00000010: 53a8 b9c5 b6dc 57dc 1280 631d aea3 e003 S.....W...c..... |
|
@@ -1,78 +0,0 @@
|
||||
#!/usr/bin/env bash
|
||||
|
||||
##
|
||||
## This file is part of the coreboot project.
|
||||
##
|
||||
## Copyright (C) 2003-2018 Alex Thiessen <alex.thiessen.de+coreboot@gmail.com>
|
||||
##
|
||||
## This program is free software; you can redistribute it and/or modify
|
||||
## it under the terms of the GNU General Public License as published by
|
||||
## the Free Software Foundation; version 3 or later of the License.
|
||||
##
|
||||
## This program is distributed in the hope that it will be useful,
|
||||
## but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
## GNU General Public License for more details.
|
||||
##
|
||||
## SPDX-License-Identifier: GPL-3.0-or-later
|
||||
## <https://spdx.org/licenses/GPL-3.0-or-later.html>
|
||||
##
|
||||
|
||||
set -o errexit
|
||||
set -o nounset
|
||||
set -o pipefail
|
||||
|
||||
# static analysis
|
||||
if command -v shellcheck 1>/dev/null; then
|
||||
shellcheck "${BASH_SOURCE[0]}"
|
||||
else
|
||||
echo "shellcheck not found, running unchecked" >&2
|
||||
fi
|
||||
|
||||
# dependency check
|
||||
dependencies=(basename diff dirname head mkdir mktemp openssl rm tail xxd)
|
||||
for dependency in "${dependencies[@]}"; do
|
||||
if ! command -v "${dependency}" 1>/dev/null; then
|
||||
echo "missing ${dependency}, test skipped" >&2
|
||||
exit 0
|
||||
fi
|
||||
done
|
||||
|
||||
# parameters
|
||||
if [ ${#} -ne 1 ]; then
|
||||
echo "usage: '${0}' <testee>"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# setup
|
||||
testee="${1}"
|
||||
declare -i header_len=16 signature_len=32
|
||||
tmp_dir="$(mktemp --directory --tmpdir secimage-test-XXXXXXXX)"
|
||||
shopt -s globstar nullglob
|
||||
for dump_file in test/data/**/*.xxdump; do
|
||||
bin_file_dir="${tmp_dir}/$(dirname "${dump_file#test/data/}")"
|
||||
mkdir --parents "${bin_file_dir}"
|
||||
xxd -r "${dump_file}" \
|
||||
"${bin_file_dir}/$(basename "${dump_file}" .xxdump)"
|
||||
done
|
||||
tail --bytes=+$((header_len + 1)) "${tmp_dir}/expected/binary" \
|
||||
| head --bytes=-${signature_len} \
|
||||
| openssl dgst -sha256 -mac hmac \
|
||||
-macopt hexkey:"$(xxd -c$((signature_len * 2)) -ps \
|
||||
"${tmp_dir}/input/hmac_binary_key")" \
|
||||
-binary \
|
||||
> "${tmp_dir}/expected/signature"
|
||||
mkdir "${tmp_dir}/actual"
|
||||
|
||||
# test
|
||||
"${testee}" \
|
||||
-out "${tmp_dir}/actual/binary" \
|
||||
-config "${tmp_dir}/input/configfile" \
|
||||
-hmac "${tmp_dir}/input/hmac_binary_key" \
|
||||
-bl "${tmp_dir}/input/binary"
|
||||
tail --bytes=${signature_len} "${tmp_dir}/actual/binary" \
|
||||
> "${tmp_dir}/actual/signature"
|
||||
diff --recursive "${tmp_dir}/actual" "${tmp_dir}/expected" 1>/dev/null
|
||||
|
||||
# teardown
|
||||
rm --force --recursive "${tmp_dir}"
|
@@ -1,20 +0,0 @@
|
||||
// Unauth Header
|
||||
//
|
||||
// struct UnAuthenticatedHeader_t {
|
||||
// uint32_t Tag; /* Tag used to locate boot binary in memory */
|
||||
// uint32_t Length; /* Length of the boot binary */
|
||||
// uint32_t Reserved; /* Address for the non-authenticated boot.
|
||||
// The address is aligned to 16 bytes boundary.
|
||||
// The lower 4 bits are used for ClkConfig:
|
||||
// Value Freq
|
||||
// 1 400
|
||||
// 2 1GHz
|
||||
// 3 Max (1.2GHz)
|
||||
// 4 no PLL lock: 200MHz
|
||||
// */
|
||||
// uint32_t crc; /* CRC computed on all other fields in this
|
||||
// structure excluding crc field */
|
||||
// };
|
||||
Tag= 0xA5A5A5A5
|
||||
Length= 0x00000000
|
||||
Reserved= 0x00000002
|
@@ -60,7 +60,6 @@ junit.xml:
|
||||
echo
|
||||
|
||||
TOOLLIST= \
|
||||
broadcom/secimage \
|
||||
cbmem \
|
||||
ectool \
|
||||
futility \
|
||||
|
Reference in New Issue
Block a user