github.com/usbarmory/armory-boot@v0.0.0-20240307133412-208c66a380b9/Makefile (about) 1 # Copyright (c) WithSecure Corporation 2 # https://foundry.withsecure.com 3 # 4 # Use of this source code is governed by the license 5 # that can be found in the LICENSE file. 6 7 BUILD_USER ?= $(shell whoami) 8 BUILD_HOST ?= $(shell hostname) 9 BUILD_DATE ?= $(shell /bin/date -u "+%Y-%m-%d %H:%M:%S") 10 BUILD_TAGS = linkramsize,linkramstart,linkprintk 11 BUILD = ${BUILD_USER}@${BUILD_HOST} on ${BUILD_DATE} 12 REV = $(shell git rev-parse --short HEAD 2> /dev/null) 13 14 SHELL = /bin/bash 15 START ?= 5242880 16 17 ifeq ("${CONSOLE}","on") 18 BUILD_TAGS := ${BUILD_TAGS},console 19 endif 20 21 APP := armory-boot 22 GOENV := GO_EXTLINK_ENABLED=0 CGO_ENABLED=0 GOOS=tamago GOARM=7 GOARCH=arm 23 TEXT_START := 0x90010000 # ramStart (defined in imx6/imx6ul/memory.go) + 0x10000 24 TAMAGOFLAGS := -tags ${BUILD_TAGS} -trimpath -ldflags "-s -w -T $(TEXT_START) -E _rt0_arm_tamago -R 0x1000 -X 'main.Build=${BUILD}' -X 'main.Revision=${REV}' -X 'main.Boot=${BOOT}' -X 'main.Start=${START}' -X 'main.PublicKeyStr=${PUBLIC_KEY}'" 25 GOFLAGS := -trimpath -ldflags "-s -w" 26 27 .PHONY: clean 28 29 #### primary targets #### 30 31 all: $(APP) 32 33 imx: $(APP).imx 34 35 imx_signed: $(APP)-signed.imx 36 37 elf: $(APP) 38 39 $(APP)-usb: 40 @if [ "${TAMAGO}" != "" ]; then \ 41 ${TAMAGO} build $(GOFLAGS) cmd/$(APP)-usb/*.go; \ 42 else \ 43 go build $(GOFLAGS) cmd/$(APP)-usb/*.go; \ 44 fi 45 46 $(APP)-usb.exe: BUILD_OPTS := GOOS=windows CGO_ENABLED=1 CXX=x86_64-w64-mingw32-g++ CC=x86_64-w64-mingw32-gcc 47 $(APP)-usb.exe: 48 @if [ "${TAMAGO}" != "" ]; then \ 49 $(BUILD_OPTS) ${TAMAGO} build cmd/$(APP)-usb/*.go; \ 50 else \ 51 $(BUILD_OPTS) go build cmd/$(APP)-usb/*.go; \ 52 fi 53 54 #### utilities #### 55 56 check_env: 57 @if [ "${BOOT}" != "eMMC" ] && [ "${BOOT}" != "uSD" ]; then \ 58 echo 'You need to set the BOOT variable to either eMMC or uSD to select boot media'; \ 59 exit 1; \ 60 fi 61 62 check_tamago: 63 @if [ "${TAMAGO}" == "" ] || [ ! -f "${TAMAGO}" ]; then \ 64 echo 'You need to set the TAMAGO variable to a compiled version of https://github.com/usbarmory/tamago-go'; \ 65 exit 1; \ 66 fi 67 68 check_hab_keys: 69 @if [ "${HAB_KEYS}" == "" ]; then \ 70 echo 'You need to set the HAB_KEYS variable to the path of secure boot keys'; \ 71 echo 'See https://github.com/usbarmory/usbarmory/wiki/Secure-boot-(Mk-II)'; \ 72 exit 1; \ 73 fi 74 75 dcd: 76 echo $(GOMODCACHE) 77 echo $(TAMAGO_PKG) 78 cp -f $(GOMODCACHE)/$(TAMAGO_PKG)/board/usbarmory/mk2/imximage.cfg $(APP).dcd 79 80 clean: 81 @rm -fr $(APP) $(APP).bin $(APP).imx $(APP)-signed.imx $(APP).csf $(APP).dcd $(APP)-usb $(APP)-usb.exe 82 83 #### dependencies #### 84 85 $(APP): check_tamago check_env 86 $(GOENV) $(TAMAGO) build $(TAMAGOFLAGS) -o ${APP} 87 88 $(APP).dcd: check_tamago 89 $(APP).dcd: GOMODCACHE=$(shell ${TAMAGO} env GOMODCACHE) 90 $(APP).dcd: TAMAGO_PKG=$(shell grep "github.com/usbarmory/tamago v" go.mod | awk '{print $$1"@"$$2}') 91 $(APP).dcd: dcd 92 93 $(APP).bin: CROSS_COMPILE=arm-none-eabi- 94 $(APP).bin: $(APP) 95 $(CROSS_COMPILE)objcopy --enable-deterministic-archives \ 96 -j .text -j .rodata -j .shstrtab -j .typelink \ 97 -j .itablink -j .gopclntab -j .go.buildinfo -j .noptrdata -j .data \ 98 -j .bss --set-section-flags .bss=alloc,load,contents \ 99 -j .noptrbss --set-section-flags .noptrbss=alloc,load,contents \ 100 $(APP) -O binary $(APP).bin 101 102 $(APP).imx: SOURCE_DATE_EPOCH=0 103 $(APP).imx: $(APP).bin $(APP).dcd 104 mkimage -n $(APP).dcd -T imximage -e $(TEXT_START) -d $(APP).bin $(APP).imx 105 # Copy entry point from ELF file 106 dd if=$(APP) of=$(APP).imx bs=1 count=4 skip=24 seek=4 conv=notrunc 107 108 #### secure boot #### 109 110 $(APP)-signed.imx: check_hab_keys $(APP).imx 111 ${TAMAGO} install github.com/usbarmory/crucible/cmd/habtool@latest 112 $(shell ${TAMAGO} env GOPATH)/bin/habtool \ 113 -A ${HAB_KEYS}/CSF_1_key.pem \ 114 -a ${HAB_KEYS}/CSF_1_crt.pem \ 115 -B ${HAB_KEYS}/IMG_1_key.pem \ 116 -b ${HAB_KEYS}/IMG_1_crt.pem \ 117 -t ${HAB_KEYS}/SRK_1_2_3_4_table.bin \ 118 -x 1 \ 119 -i $(APP).imx \ 120 -o $(APP).csf && \ 121 cat $(APP).imx $(APP).csf > $(APP)-signed.imx