github.com/google/trillian-examples@v0.0.0-20240520080811-0d40d35cef0e/binary_transparency/firmware/devices/usbarmory/bootloader/main.go (about) 1 // https://github.com/usbarmory/armory-boot 2 // 3 // Copyright (c) F-Secure Corporation 4 // https://foundry.f-secure.com 5 // 6 // Use of this source code is governed by the license 7 // that can be found in the LICENSE file. 8 9 //go:build armory 10 // +build armory 11 12 package main 13 14 import ( 15 "fmt" 16 "log" 17 "strconv" 18 19 usbarmory "github.com/usbarmory/tamago/board/usbarmory/mk2" 20 "github.com/usbarmory/tamago/dma" 21 "github.com/usbarmory/tamago/soc/nxp/imx6ul" 22 ) 23 24 var Build string 25 var Revision string 26 27 var Boot string 28 var StartKernel string 29 var StartProof string 30 31 var PublicKeyStr string 32 33 var ( 34 partition *Partition 35 proofPartition *Partition 36 ) 37 38 func init() { 39 usbarmory.LED("blue", false) 40 usbarmory.LED("white", false) 41 42 log.SetFlags(0) 43 44 if err := imx6ul.SetARMFreq(900); err != nil { 45 panic(fmt.Sprintf("cannot change ARM frequency, %v\n", err)) 46 } 47 48 kernOffset, err := strconv.ParseInt(StartKernel, 10, 64) 49 if err != nil { 50 panic(fmt.Sprintf("invalid start kernel offset, %v\n", err)) 51 } 52 partition = &Partition{ 53 Offset: kernOffset, 54 } 55 56 proofOffset, err := strconv.ParseInt(StartProof, 10, 64) 57 if err != nil { 58 panic(fmt.Sprintf("invalid proof partition start offset: %v\n", err)) 59 } 60 proofPartition = &Partition{ 61 Offset: proofOffset, 62 } 63 64 switch Boot { 65 case "eMMC": 66 partition.Card = usbarmory.MMC 67 proofPartition.Card = usbarmory.MMC 68 case "uSD": 69 partition.Card = usbarmory.SD 70 proofPartition.Card = usbarmory.SD 71 default: 72 panic("invalid boot parameter") 73 } 74 } 75 76 func main() { 77 dma.Init(dmaStart, dmaSize) 78 79 if err := partition.Card.Detect(); err != nil { 80 panic(fmt.Sprintf("boot media error, %v\n", err)) 81 } 82 83 usbarmory.LED("blue", true) 84 85 if err := conf.Init(partition, defaultConfigPath); err != nil { 86 panic(fmt.Sprintf("configuration error, %v\n", err)) 87 } 88 89 if err := verifyIntegrity(proofPartition, partition); err != nil { 90 panic(fmt.Sprintf("invalid proof bundle: %v\n", err)) 91 } 92 93 if len(PublicKeyStr) > 0 { 94 err := conf.Verify(defaultConfigPath+signatureSuffix, PublicKeyStr) 95 96 if err != nil { 97 panic(fmt.Sprintf("configuration error, %v\n", err)) 98 } 99 } else { 100 log.Printf("armory-boot: no public key, skipping signature verification") 101 } 102 103 err := conf.Load() 104 105 if err != nil { 106 panic(fmt.Sprintf("configuration error, %v\n", err)) 107 } 108 109 if !verifyHash(conf.kernel, conf.kernelHash) { 110 panic("invaid kernel hash") 111 } 112 113 if len(conf.params) > 0 { 114 if !verifyHash(conf.params, conf.paramsHash) { 115 panic("invalid dtb hash") 116 } 117 118 conf.params, err = fixupDeviceTree(conf.params, conf.CmdLine) 119 120 if err != nil { 121 panic(fmt.Sprintf("dtb fixup error, %v\n", err)) 122 } 123 } 124 125 usbarmory.LED("white", true) 126 127 mem, _ := dma.Reserve(dmaSize, 0) 128 129 if conf.elf { 130 boot(loadELF(mem, conf.kernel), 0) 131 } else { 132 dma.Write(mem, kernelOffset, conf.kernel) 133 dma.Write(mem, paramsOffset, conf.params) 134 135 boot(mem+kernelOffset, mem+paramsOffset) 136 } 137 }