-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathMakefile
108 lines (86 loc) · 3.54 KB
/
Makefile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
# Based on http://github.com/usbarmory/tamago-example
BUILD_USER = $(shell whoami)
BUILD_HOST = $(shell hostname)
BUILD_DATE = $(shell /bin/date -u "+%Y-%m-%d %H:%M:%S")
BUILD = ${BUILD_USER}@${BUILD_HOST} on ${BUILD_DATE}
REV = $(shell git rev-parse --short HEAD 2> /dev/null)
APP := fidati
TARGET ?= "usbarmory"
GOENV := GO_EXTLINK_ENABLED=0 CGO_ENABLED=0 GOOS=tamago GOARM=7 GOARCH=arm
TEXT_START := 0x80010000 # ramStart (defined in imx6/imx6ul/memory.go) + 0x10000
LDFLAGS = -s -w -T $(TEXT_START) -E _rt0_arm_tamago -R 0x1000 -X 'main.Build=${BUILD}' -X 'main.Revision=${REV}'
GOFLAGS = -tags ${TARGET} -ldflags "${LDFLAGS}"
SHELL = /bin/bash
.PHONY: clean install test fidati-linux
#### primary targets ####
all: $(APP)
imx: $(APP).imx
imx_signed: $(APP)-signed.imx
elf: $(APP)
#### utilities ####
check_tamago:
@if [ "${TAMAGO}" == "" ] || [ ! -f "${TAMAGO}" ]; then \
echo 'You need to set the TAMAGO variable to a compiled version of https://github.com/usbarmory/tamago-go'; \
exit 1; \
fi
check_usbarmory_git:
@if [ "${USBARMORY_GIT}" == "" ]; then \
echo 'You need to set the USBARMORY_GIT variable to the path of a clone of'; \
echo ' https://github.com/usbarmory/usbarmory'; \
exit 1; \
fi
check_hab_keys:
@if [ "${HAB_KEYS}" == "" ]; then \
echo 'You need to set the HAB_KEYS variable to the path of secure boot keys'; \
echo 'See https://github.com/usbarmory/usbarmory/wiki/Secure-boot-(Mk-II)'; \
exit 1; \
fi
dcd:
@if test "${TARGET}" = "usbarmory"; then \
cp -f $(GOMODCACHE)/$(TAMAGO_PKG)/board/f-secure/usbarmory/mark-two/imximage.cfg $(APP).dcd; \
elif test "${TARGET}" = "mx6ullevk"; then \
cp -f $(GOMODCACHE)/$(TAMAGO_PKG)/board/nxp/mx6ullevk/imximage.cfg $(APP).dcd; \
else \
echo "invalid target - options are: usbarmory, mx6ullevk"; \
exit 1; \
fi
clean:
rm -f $(APP)
@rm -fr $(APP).bin $(APP).imx $(APP)-signed.imx $(APP).csf $(APP).dcd
install: $(APP)
@ssh [email protected] sudo rm /boot/tamago
@scp $(APP) [email protected]:/boot/tamago
@ssh [email protected] sudo reboot
fidati-linux:
$(TAMAGO) build -tags='fidati_logs' -gcflags "all=-N -l" -o ./fidati-linux ./cmd/fidati-linux
#### dependencies ####
$(APP): check_tamago
$(GOENV) $(TAMAGO) build ${GOFLAGS} -o ${APP} ./firmware/
test: check_tamago
$(TAMAGO) test $(shell go list ./... | sed -E '/(fidati|firmware|cmd|cert|certs)$$/d')
$(APP).dcd: check_tamago
$(APP).dcd: GOMODCACHE=$(shell ${TAMAGO} env GOMODCACHE)
$(APP).dcd: TAMAGO_PKG=$(shell grep "github.com/usbarmory/tamago v" go.mod | awk '{print $$1"@"$$2}')
$(APP).dcd: dcd
$(APP).bin: $(APP)
$(CROSS_COMPILE)objcopy -j .text -j .rodata -j .shstrtab -j .typelink \
-j .itablink -j .gopclntab -j .go.buildinfo -j .noptrdata -j .data \
-j .bss --set-section-flags .bss=alloc,load,contents \
-j .noptrbss --set-section-flags .noptrbss=alloc,load,contents\
$(APP) -O binary $(APP).bin
$(APP).imx: check_usbarmory_git $(APP).bin $(APP).dcd
mkimage -n $(APP).dcd -T imximage -e $(TEXT_START) -d $(APP).bin $(APP).imx
# Copy entry point from ELF file
dd if=$(APP) of=$(APP).imx bs=1 count=4 skip=24 seek=4 conv=notrunc
#### secure boot ####
$(APP)-signed.imx: check_usbarmory_git check_hab_keys $(APP).imx
${USBARMORY_GIT}/software/secure_boot/usbarmory_csftool \
--csf_key ${HAB_KEYS}/CSF_1_key.pem \
--csf_crt ${HAB_KEYS}/CSF_1_crt.pem \
--img_key ${HAB_KEYS}/IMG_1_key.pem \
--img_crt ${HAB_KEYS}/IMG_1_crt.pem \
--table ${HAB_KEYS}/SRK_1_2_3_4_table.bin \
--index 1 \
--image $(APP).imx \
--output $(APP).csf && \
cat $(APP).imx $(APP).csf > $(APP)-signed.imx