mail archive of the barebox mailing list
 help / color / mirror / Atom feed
From: Sascha Hauer <s.hauer@pengutronix.de>
To: Barebox List <barebox@lists.infradead.org>
Subject: [PATCH 30/34] scripts: imx-image: Allow to create HAB signed images suitable for USB upload
Date: Tue,  2 Feb 2016 15:48:13 +0100	[thread overview]
Message-ID: <1454424497-7157-31-git-send-email-s.hauer@pengutronix.de> (raw)
In-Reply-To: <1454424497-7157-1-git-send-email-s.hauer@pengutronix.de>

For USB upload we must execute the DCD table manually and
invalidate the DCD table in the uploaded image afterwards
to prevent the ROM from executing the DCD data again. Doing this
changes the image and thus also invalidates the signature. To
make HAB signed images suitable for USB upload possible we add an
option to create HAB signed images suitable for USB upload. With
this option the image is created like this:

- The image is created like usual, but with already invalidated DCD
  data (DCD length is set to zero)
- This image is then signed using the CST
- After this the DCD data is made valid (Set DCD length to the real
  length)

imx-usb-loader now finds valid DCD data, executes it and by invalidating
the DCD data it restores the state the image had during signing.

Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
---
 scripts/imx/imx-image.c | 60 ++++++++++++++++++++++++++++++++++++++++++++-----
 1 file changed, 54 insertions(+), 6 deletions(-)

diff --git a/scripts/imx/imx-image.c b/scripts/imx/imx-image.c
index 78bbbbc..20815bf 100644
--- a/scripts/imx/imx-image.c
+++ b/scripts/imx/imx-image.c
@@ -40,6 +40,7 @@
 static uint32_t dcdtable[MAX_DCD];
 static int curdcd;
 static int add_barebox_header;
+static int create_usb_image;
 static char *prgname;
 
 /*
@@ -197,6 +198,9 @@ static int add_srk(void *buf, int offset, uint32_t loadaddr, const char *srkfile
 }
 #endif /* IMXIMAGE_SSL_SUPPORT */
 
+static int dcd_ptr_offset;
+static uint32_t dcd_ptr_content;
+
 static int add_header_v1(struct config_data *data, void *buf)
 {
 	struct imx_flash_header *hdr;
@@ -219,10 +223,17 @@ static int add_header_v1(struct config_data *data, void *buf)
 	hdr->app_code_csf = 0x0;
 	hdr->dcd_ptr_ptr = loadaddr + offset + offsetof(struct imx_flash_header, dcd);
 	hdr->super_root_key = 0x0;
-	hdr->dcd = loadaddr + offset + offsetof(struct imx_flash_header, dcd_barker);
+	hdr->dcd =  loadaddr + offset + offsetof(struct imx_flash_header, dcd_barker);
+
 	hdr->app_dest = loadaddr;
 	hdr->dcd_barker = DCD_BARKER;
-	hdr->dcd_block_len = dcdsize;
+	if (create_usb_image) {
+		dcd_ptr_offset = offsetof(struct imx_flash_header, dcd_block_len) + offset;
+		hdr->dcd_block_len = 0;
+		dcd_ptr_content = dcdsize;
+	} else {
+		hdr->dcd_block_len = dcdsize;
+	}
 
 	buf += sizeof(struct imx_flash_header);
 
@@ -281,6 +292,11 @@ static int add_header_v2(struct config_data *data, void *buf)
 
 	hdr->entry		= loadaddr + HEADER_LEN;
 	hdr->dcd_ptr		= loadaddr + offset + offsetof(struct imx_flash_header_v2, dcd_header);
+	if (create_usb_image) {
+		dcd_ptr_content = hdr->dcd_ptr;
+		dcd_ptr_offset = offsetof(struct imx_flash_header_v2, dcd_ptr) + offset;
+		hdr->dcd_ptr = 0;
+	}
 	hdr->boot_data_ptr	= loadaddr + offset + offsetof(struct imx_flash_header_v2, boot_data);
 	hdr->self		= loadaddr + offset;
 
@@ -619,7 +635,7 @@ int main(int argc, char *argv[])
 
 	prgname = argv[0];
 
-	while ((opt = getopt(argc, argv, "c:hf:o:bds")) != -1) {
+	while ((opt = getopt(argc, argv, "c:hf:o:bdus")) != -1) {
 		switch (opt) {
 		case 'c':
 			configfile = optarg;
@@ -639,6 +655,9 @@ int main(int argc, char *argv[])
 		case 's':
 			sign_image = 1;
 			break;
+		case 'u':
+			create_usb_image = 1;
+			break;
 		case 'h':
 			usage(argv[0]);
 		default:
@@ -688,14 +707,20 @@ int main(int argc, char *argv[])
 	if (!sign_image)
 		data.csf = NULL;
 
+	if (create_usb_image && !data.csf) {
+		fprintf(stderr, "Warning: the -u option only has effect with signed images\n");
+		create_usb_image = 0;
+	}
+
 	buf = calloc(1, HEADER_LEN);
 	if (!buf)
 		exit(1);
 
 	if (data.image_dcd_offset == 0xffffffff) {
-		fprintf(stderr, "no dcd offset given ('dcdofs'). Defaulting to 0x%08x\n",
-			FLASH_HEADER_OFFSET);
-		data.image_dcd_offset = FLASH_HEADER_OFFSET;
+		if (create_usb_image)
+			data.image_dcd_offset = 0x0;
+		else
+			data.image_dcd_offset = FLASH_HEADER_OFFSET;
 	}
 
 	if (!data.header_version) {
@@ -786,5 +811,28 @@ int main(int argc, char *argv[])
 			exit(1);
 	}
 
+	if (create_usb_image) {
+		uint32_t *dcd;
+
+		infile = read_file(data.outfile, &insize);
+
+		dcd = infile + dcd_ptr_offset;
+		*dcd = dcd_ptr_content;
+
+		outfd = open(data.outfile, O_WRONLY | O_TRUNC);
+		if (outfd < 0) {
+			fprintf(stderr, "Cannot open %s: %s\n", data.outfile, strerror(errno));
+			exit(1);
+		}
+
+		ret = xwrite(outfd, infile, insize);
+		if (ret < 0) {
+			perror("write");
+			exit (1);
+		}
+
+		close(outfd);
+	}
+
 	exit(0);
 }
-- 
2.7.0.rc3


_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox

  parent reply	other threads:[~2016-02-02 14:48 UTC|newest]

Thread overview: 35+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2016-02-02 14:47 [PATCH v2] i.MX HABv4 rework and HABv3 support Sascha Hauer
2016-02-02 14:47 ` [PATCH 01/34] scripts: Add common header files for tools Sascha Hauer
2016-02-02 14:47 ` [PATCH 02/34] scripts/include: Add ARRAY_SIZE Sascha Hauer
2016-02-02 14:47 ` [PATCH 03/34] scripts: Add scripts/include to host compiler includes Sascha Hauer
2016-02-02 14:47 ` [PATCH 04/34] scripts: imx: Use Kernel includes Sascha Hauer
2016-02-02 14:47 ` [PATCH 05/34] scripts: mxs: " Sascha Hauer
2016-02-02 14:47 ` [PATCH 06/34] ARM: i.MX: Add HABv3 Kconfig variables Sascha Hauer
2016-02-02 14:47 ` [PATCH 07/34] imx: hab: rename driver dir to hab/ Sascha Hauer
2016-02-02 14:47 ` [PATCH 08/34] hab: Add HABv3 status report function Sascha Hauer
2016-02-02 14:47 ` [PATCH 09/34] scripts: imx-usb-loader: Make readonly arguments const Sascha Hauer
2016-02-02 14:47 ` [PATCH 10/34] scripts: imx-usb-loader: Move definitions up Sascha Hauer
2016-02-02 14:47 ` [PATCH 11/34] scripts: imx-image: Allow dcd offset 0x0 Sascha Hauer
2016-02-02 14:47 ` [PATCH 12/34] scripts: imx-usb-loader: fully read images into memory Sascha Hauer
2016-02-02 14:47 ` [PATCH 13/34] scripts: imx-usb-loader: Move load_file up Sascha Hauer
2016-02-02 14:47 ` [PATCH 14/34] scripts: imx: Consolidate flash headers in imx tools Sascha Hauer
2016-02-02 14:47 ` [PATCH 15/34] scripts: imx-image: Add context struct to config parsers Sascha Hauer
2016-02-02 14:47 ` [PATCH 16/34] scripts: imx-image: move write_mem to context data Sascha Hauer
2016-02-02 14:48 ` [PATCH 17/34] scripts: imx-image: move check " Sascha Hauer
2016-02-02 14:48 ` [PATCH 18/34] scripts: imx: move config file parser to separate file Sascha Hauer
2016-02-02 14:48 ` [PATCH 19/34] scripts: imx: make libusb variables global Sascha Hauer
2016-02-02 14:48 ` [PATCH 20/34] scripts: imx-usb-loader: Add -s and -i options Sascha Hauer
2016-02-02 14:48 ` [PATCH 21/34] scripts: imx: Drop double check Sascha Hauer
2016-02-02 14:48 ` [PATCH 22/34] scripts: imx-image: move more variables to context data Sascha Hauer
2016-02-02 14:48 ` [PATCH 23/34] scripts: imx-image: pass config data to add_header_* Sascha Hauer
2016-02-02 14:48 ` [PATCH 24/34] scripts: imx-image: Support adding a Super Root Key to the image Sascha Hauer
2016-02-02 14:48 ` [PATCH 25/34] scripts: imx: Create CSF files from imx config file Sascha Hauer
2016-02-02 14:48 ` [PATCH 26/34] scripts: imx: Allow to create signed images Sascha Hauer
2016-02-02 14:48 ` [PATCH 27/34] scripts: imx: Generate signed images with imx-image Sascha Hauer
2016-02-02 14:48 ` [PATCH 28/34] scripts: imx-usb-loader: Use dcd len to invalidate dcd data Sascha Hauer
2016-02-02 14:48 ` [PATCH 29/34] scripts: imx-image: Factor out a read_file function Sascha Hauer
2016-02-02 14:48 ` Sascha Hauer [this message]
2016-02-02 14:48 ` [PATCH 31/34] Make: i.MX: Allow to pass config file to cmd_imx_image Sascha Hauer
2016-02-02 14:48 ` [PATCH 32/34] images: imx: Add targets for signed images and signed usb images Sascha Hauer
2016-02-02 14:48 ` [PATCH 33/34] scripts: imx-usb-loader: Do not zero out boot_data_ptr Sascha Hauer
2016-02-02 14:48 ` [PATCH 34/34] imx: hab: Make hab status functions SoC specific Sascha Hauer

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1454424497-7157-31-git-send-email-s.hauer@pengutronix.de \
    --to=s.hauer@pengutronix.de \
    --cc=barebox@lists.infradead.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox