Merge pull request #19 from jonasblixt/v1.0-for-review

V1.0 for review

.github/workflows/build.yml

@@ -11,9 +11,11 @@ jobs:
       run: |
           sudo apt-get update
           sudo apt-get install autoconf-archive qemu-system-arm libusb-1.0-0 libusb-1.0-0-dev uuid-dev gcc-arm-none-eabi cmake uuid-runtime python3-dev libmbedtls-dev liblzma-dev uuid-dev
+          wget https://github.com/Mbed-TLS/mbedtls/archive/refs/tags/v3.4.0.zip
+          unzip v3.4.0.zip
     - name: Build BPAK
       run: |
-            git clone https://github.com/jonasblixt/bpak --depth 1 --branch v0.8.6
+            git clone https://github.com/jonasblixt/bpak --depth 1 --branch v0.9.3
             pushd bpak
             cmake .
             make
@@ -22,7 +24,7 @@ jobs:
             popd
     - name: Build punchboot-tools
       run: |
-            git clone https://github.com/jonasblixt/punchboot-tools --depth 1 --branch v0.3.1
+            git clone https://github.com/jonasblixt/punchboot-tools --depth 1 --branch v1.0.0
             pushd punchboot-tools
             cmake -DPB_TOOLS_BUILD_SOCKET=1 .
             make
@@ -40,6 +42,7 @@ jobs:
             popd
     - name: Build punchboot and run tests
       run: |
+          export MBEDTLS_DIR=$(readlink -f mbedtls-3.4.0)
           cp configs/test_defconfig .config
           make CROSS_COMPILE=arm-none-eabi- BOARD=src/board/test Q= check
     - name: codecov
@@ -53,6 +56,7 @@ jobs:
         TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }}
     - name: Build with cov-build
       run: |
+        export MBEDTLS_DIR=$(readlink -f mbedtls-3.4.0)
         export PATH=`pwd`/cov-analysis-linux64/bin:$PATH
         make CROSS_COMPILE=arm-none-eabi- BOARD=src/board/test clean
         cov-configure --template --compiler arm-none-eabi-gcc --comptype gcc

.gitignore

@@ -37,3 +37,4 @@ doc/build/
 doc/html/
 doc/latex/
 tags
+download

Makefile

@@ -48,9 +48,9 @@ cflags-y  += -fstack-usage
 cflags-y  += -MMD -MP
 
 # Include path
-cflags-y  += -I src/ -I src/include/
-cflags-y  += -I src/include
-cflags-y  += -I src/libc/include
+cflags-y  += -I src/
+cflags-y  += -I include/
+cflags-y  += -I include/libc
 cflags-y  += -I $(BOARD)/include
 cflags-y  += -I $(BUILD_DIR)
 
@@ -74,54 +74,24 @@ cflags-y += -Waggregate-return
 
 # Bootloader
 src-y   = src/main.c
-src-y  += src/boot.c
 src-y  += keystore.c
 src-y  += src/delay.c
-src-y  += src/timestamp.c
-src-y  += src/usb.c
-src-y  += src/storage.c
+src-$(CONFIG_ENABLE_TIMESTAMPING)  += src/timestamp.c
+src-$(CONFIG_CRYPTO) += src/crypto.c
+src-$(CONFIG_DEVICE_UUID) += src/device_uuid.c
+src-$(CONFIG_SELF_TEST) += src/self_test.c
 src-y  += src/wire.c
-src-y  += src/command.c
-src-y  += src/gpt.c
-src-y  += src/fletcher.c
-src-y  += src/bpak.c
-src-y  += src/crc.c
-src-y  += src/asn1.c
-
-# UUID lib
-src-y  += src/uuid/pack.c
-src-y  += src/uuid/unpack.c
-src-y  += src/uuid/compare.c
-src-y  += src/uuid/copy.c
-src-y  += src/uuid/unparse.c
-src-y  += src/uuid/parse.c
-src-y  += src/uuid/clear.c
-src-y  += src/uuid/conv.c
-src-$(CONFIG_LIB_UUID3)  += src/uuid/uuid3.c
-cflags-y  += -I src/uuid/include
-
-# Device tree lib
-src-y  += src/fdt/fdt.c
-src-y  += src/fdt/fdt_addresses.c
-src-y  += src/fdt/fdt_ro.c
-src-y  += src/fdt/fdt_rw.c
-src-y  += src/fdt/fdt_sw.c
-src-y  += src/fdt/fdt_wip.c
-cflags-y  += -I src/fdt/include
-
-# VM/MMU helpers
-src-y += src/vm/xlat_tables_common.c
-cflags-y += -I src/vm/include
-src-$(CONFIG_ARCH_ARMV7) += src/vm/aarch32/xlat_tables.c
-src-$(CONFIG_ARCH_ARMV8) += src/vm/aarch64/xlat_tables.c
-cflags-$(CONFIG_ARCH_ARMV7) += -I src/vm/include/vm/aarch32
-cflags-$(CONFIG_ARCH_ARMV8) += -I src/vm/include/vm/aarch64
-
-include src/bearssl/makefile.mk
-include src/libc/makefile.mk
+src-y  += src/console.c
+src-y  += src/rot.c
+src-y  += src/slc.c
+
+include src/drivers/*/makefile.mk
+include src/boot/makefile.mk
+include src/lib/makefile.mk
 include $(BOARD)/makefile.mk
 include src/arch/*/makefile.mk
 include src/plat/*/makefile.mk
+include src/cm/makefile.mk
 
 ldflags-y += -Map=$(BUILD_DIR)/pb.map
 ldflags-y += --defsym=PB_ENTRY=$(PB_ENTRY)

README.md

@@ -26,37 +26,6 @@ Punchboot could be useful if you care about the following:
  - Secure boot
  - Downloading software quickly in production
 
-## Building
-
-The easiest way is using docker.
-
-Building the docker image:
-
-```
-$ docker build -f pb.Dockerfile -t pb_docker_env .
-```
-
-Building the jiffy-board target:
-
-```
-$ ./run_docker.sh
-$ cp configs/jiffy_defconfig .config
-$ make
-```
-
-## Run test suite
-
-Run the built in tests:
-
-```
-$ ./run_docker.sh
-$ cp configs/test_defconfig .config
-$ make
-$ make check
-```
-
-The dockerfile in the top directory details the dependencies on ubuntu xenial
-
 ## Design
 
 Punchboot is written in C and some assembler. Currently armv7a and armv8 is supported.

configs/imx8qxmek_defconfig

@@ -1,5 +1,11 @@
 CONFIG_ARCH_ARMV8=y
 # CONFIG_ARCH_ARMV7 is not set
+CONFIG_ARMV8_EL3=y
+
+#
+# Platform support
+#
+CONFIG_SOC_FAMILY_IMX=y
 CONFIG_PLAT_IMX8X=y
 # CONFIG_PLAT_IMX8M is not set
 
@@ -10,9 +16,11 @@ CONFIG_PLAT_IMX8X=y
 #
 # imx8x configuration
 #
-CONFIG_CONSOLE_UART0=y
-# CONFIG_CONSOLE_UART1 is not set
-# CONFIG_CONSOLE_UART2 is not set
+CONFIG_IMX8X_CONSOLE_UART0=y
+# CONFIG_IMX8X_CONSOLE_UART1 is not set
+# CONFIG_IMX8X_CONSOLE_UART2 is not set
+CONFIG_IMX8X_CONSOLE_BAUDRATE=115200
+CONFIG_IMX8X_FUSE_DRY_RUN=y
 # end of imx8x configuration
 
 #
@@ -21,17 +29,26 @@ CONFIG_CONSOLE_UART0=y
 CONFIG_IMX8X_CREATE_IMX_IMAGE=y
 CONFIG_IMX8X_SIGN_IMAGE=y
 # end of Output image
+# end of Platform support
 
 #
 # Generic options
 #
 CONFIG_KEYSTORE="pki/internal_keystore.bpak"
 CONFIG_LOGLEVEL=3
 CONFIG_ENABLE_WATCHDOG=y
+CONFIG_PRINT_BOOT_BANNER=y
 CONFIG_WATCHDOG_TIMEOUT=5
-CONFIG_DUMP_TIMING_ANALYSIS=y
+CONFIG_ENABLE_TIMESTAMPING=y
+CONFIG_PRINT_TIMESTAMPS=y
+CONFIG_NO_OF_TIMESTAMPS=64
 # CONFIG_CALL_BOARD_SLC_SET_CONFIGURATION is not set
 # CONFIG_CALL_BOARD_SLC_SET_CONFIGURATION_LOCK is not set
+CONFIG_DEVICE_UUID=y
+CONFIG_CRYPTO=y
+CONFIG_CRYPTO_MAX_HASH_OPS=1
+CONFIG_CRYPTO_MAX_DSA_OPS=1
+CONFIG_SELF_TEST=y
 # end of Generic options
 
 #
@@ -44,22 +61,112 @@ CONFIG_STACK_SIZE_KB=16
 # end of Build configuration
 
 #
-# Authentication
+# Boot
+#
+CONFIG_BOOT_CORE=y
+CONFIG_BOOT_BPAK_IMAGE_HELPERS=y
+CONFIG_BOOT_AB_DRIVER=y
+CONFIG_BOOT_LINUX=y
+CONFIG_BOOT_LOAD_CHUNK_kB=4096
+# end of Boot
+
+#
+# Drivers
+#
+
+#
+# Block drivers
+#
+CONFIG_DRIVERS_BIO_CORE=y
+CONFIG_DRIVERS_BIO_MAX_DEVS=32
+# end of Block drivers
+
+#
+# Crypto
+#
+CONFIG_DRIVERS_IMX_CAAM=y
+# CONFIG_DRIVERS_CRYPTO_MBEDTLS is not set
+# end of Crypto
+
+#
+# Fusebox
+#
+CONFIG_DRIVERS_FUSE_TEST=y
+# end of Fusebox
+
+#
+# GPIO
+#
+CONFIG_DRIVERS_IMX_GPIO=y
+# end of GPIO
+
+#
+# MMC Host drivers
+#
+CONFIG_MMC_CORE=y
+# CONFIG_MMC_CORE_DEBUG_CMDS is not set
+# CONFIG_MMC_CORE_DEBUG_IOS is not set
+# CONFIG_MMC_CORE_HS200_TUNE is not set
+CONFIG_IMX_USDHC=y
+# CONFIG_IMX_USDHC_XTRA_DEBUG is not set
+# end of MMC Host drivers
+
+#
+# Partition table drivers
 #
-CONFIG_AUTH=y
-CONFIG_AUTH_METHOD_TOKEN=y
-# CONFIG_AUTH_METHOD_PASSWORD is not set
-# end of Authentication
+CONFIG_PARTITION_GPT=y
+# end of Partition table drivers
 
 #
-# Command mode transport configuration
+# Timers
 #
-CONFIG_CMD_BUF_SIZE_KB=4096
-CONFIG_TRANSPORT_MAX_CHUNK_KB=4096
-CONFIG_LOAD_FS_MAX_CHUNK_KB=4096
-CONFIG_TRANSPORT_READY_TIMEOUT=10
-# CONFIG_TRANSPORT_ENTER_BOARD_CB is not set
-# end of Command mode transport configuration
+CONFIG_DRIVERS_IMX_GPT=y
+# end of Timers
 
+#
+# Uart
+#
+CONFIG_DRIVERS_IMX_LPUART=y
+# end of Uart
+
+#
+# USB
+#
+CONFIG_DRIVER_USB_DEVICE=y
+CONFIG_DRIVER_IMX_USB2_PHY=y
+CONFIG_DRIVER_IMX_EHCI=y
+# CONFIG_DRIVER_IMX_USBDCD is not set
+CONFIG_DRIVER_USB_PB_CLS=y
+# end of USB
+
+#
+# Virtio
+#
+# CONFIG_DRIVER_VIRTIO_BLOCK is not set
+# CONFIG_DRIVER_VIRTIO_SERIAL is not set
+# end of Virtio
+# end of Drivers
+
+#
+# Command mode
+#
+CONFIG_CM=y
+CONFIG_CM_BUF_SIZE_KB=4096
+CONFIG_CM_TRANSPORT_READY_TIMEOUT=10
+CONFIG_CM_AUTH=y
+CONFIG_CM_AUTH_TOKEN=y
+CONFIG_CM_AUTH_PASSWORD=y
+# end of Command mode
+
+#
+# Library
+#
+CONFIG_LIB_ZLIB_CRC=y
+CONFIG_LIB_BPAK=y
+CONFIG_LIB_DER_HELPERS=y
+CONFIG_LIB_FDT=y
+CONFIG_LIB_UUID=y
 CONFIG_LIB_UUID3=y
-# CONFIG_BEARSSL is not set
+CONFIG_LIB_XLAT_TBLS=y
+CONFIG_LIB_XLAT_TBLS_ARMV8=y
+# end of Library