Djam/arm-trusted-firmware
1
0
Fork 0
mirror of https://github.com/ARM-software/arm-trusted-firmware.git synced 2025-04-18 02:24:18 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge changes from topic "ja/boot_protocol" into integration

Browse source 
* changes:
  fix(sptool): update Optee FF-A manifest
  feat(sptool): delete c version of the sptool
  feat(sptool): use python version of sptool
  feat(sptool): python version of the sptool
  refactor(sptool): use SpSetupActions in sp_mk_generator.py
  feat(sptool): add python SpSetupActions framework
This commit is contained in:
Olivier Deprez 2022-05-06 11:52:55 +02:00 committed by TrustedFirmware Code Review
commit 78c82cd099
8 changed files with 471 additions and 488 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
.gitignore vendored
View file

@ -30,8 +30,7 @@ tools/amlogic/doimage
tools/stm32image/*.o tools/stm32image/*.o
tools/stm32image/stm32image tools/stm32image/stm32image
tools/stm32image/stm32image.exe tools/stm32image/stm32image.exe
tools/sptool/sptool tools/sptool/__pycache__/
tools/sptool/sptool.exe
# GNU GLOBAL files # GNU GLOBAL files
GPATH GPATH

10
Makefile
View file

@ -918,7 +918,7 @@ FIPTOOL ?= ${FIPTOOLPATH}/fiptool${BIN_EXT}
# Variables for use with sptool # Variables for use with sptool
SPTOOLPATH ?= tools/sptool SPTOOLPATH ?= tools/sptool
SPTOOL ?= ${SPTOOLPATH}/sptool${BIN_EXT} SPTOOL ?= ${SPTOOLPATH}/sptool.py
SP_MK_GEN ?= ${SPTOOLPATH}/sp_mk_generator.py SP_MK_GEN ?= ${SPTOOLPATH}/sp_mk_generator.py
# Variables for use with ROMLIB # Variables for use with ROMLIB
@ -1336,8 +1336,7 @@ endif
ifeq (${NEED_SP_PKG},yes) ifeq (${NEED_SP_PKG},yes)
$(BUILD_PLAT)/sp_gen.mk: ${SP_MK_GEN} ${SP_LAYOUT_FILE} | ${BUILD_PLAT} $(BUILD_PLAT)/sp_gen.mk: ${SP_MK_GEN} ${SP_LAYOUT_FILE} | ${BUILD_PLAT}
${Q}${PYTHON} "$<" "$@" $(filter-out $<,$^) $(BUILD_PLAT) ${COT} ${Q}${PYTHON} "$<" "$@" $(filter-out $<,$^) $(BUILD_PLAT) ${COT}
sp: $(SPTOOL) $(DTBS) $(BUILD_PLAT)/sp_gen.mk sp: $(DTBS) $(BUILD_PLAT)/sp_gen.mk $(SP_PKGS)
${Q}$(SPTOOL) $(SPTOOL_ARGS)
@${ECHO_BLANK_LINE} @${ECHO_BLANK_LINE}
@echo "Built SP Images successfully" @echo "Built SP Images successfully"
@${ECHO_BLANK_LINE} @${ECHO_BLANK_LINE}
@ -1377,7 +1376,6 @@ else
# to pass the gnumake flags to nmake. # to pass the gnumake flags to nmake.
${Q}set MAKEFLAGS= && ${MSVC_NMAKE} /nologo /f ${FIPTOOLPATH}/Makefile.msvc FIPTOOLPATH=$(subst /,\,$(FIPTOOLPATH)) FIPTOOL=$(subst /,\,$(FIPTOOL)) realclean ${Q}set MAKEFLAGS= && ${MSVC_NMAKE} /nologo /f ${FIPTOOLPATH}/Makefile.msvc FIPTOOLPATH=$(subst /,\,$(FIPTOOLPATH)) FIPTOOL=$(subst /,\,$(FIPTOOL)) realclean
endif endif
${Q}${MAKE} --no-print-directory -C ${SPTOOLPATH} clean
${Q}${MAKE} PLAT=${PLAT} --no-print-directory -C ${CRTTOOLPATH} realclean ${Q}${MAKE} PLAT=${PLAT} --no-print-directory -C ${CRTTOOLPATH} realclean
${Q}${MAKE} PLAT=${PLAT} --no-print-directory -C ${ENCTOOLPATH} realclean ${Q}${MAKE} PLAT=${PLAT} --no-print-directory -C ${ENCTOOLPATH} realclean
${Q}${MAKE} --no-print-directory -C ${ROMLIBPATH} clean ${Q}${MAKE} --no-print-directory -C ${ROMLIBPATH} clean
@ -1471,10 +1469,6 @@ else
${Q}set MAKEFLAGS= && ${MSVC_NMAKE} /nologo /f ${FIPTOOLPATH}/Makefile.msvc FIPTOOLPATH=$(subst /,\,$(FIPTOOLPATH)) FIPTOOL=$(subst /,\,$(FIPTOOL)) ${Q}set MAKEFLAGS= && ${MSVC_NMAKE} /nologo /f ${FIPTOOLPATH}/Makefile.msvc FIPTOOLPATH=$(subst /,\,$(FIPTOOLPATH)) FIPTOOL=$(subst /,\,$(FIPTOOL))
endif endif
sptool: ${SPTOOL}
${SPTOOL}: FORCE
${Q}${MAKE} CPPFLAGS="-DVERSION='\"${VERSION_STRING}\"'" SPTOOL=${SPTOOL} --no-print-directory -C ${SPTOOLPATH}
romlib.bin: libraries FORCE romlib.bin: libraries FORCE
${Q}${MAKE} PLAT_DIR=${PLAT_DIR} BUILD_PLAT=${BUILD_PLAT} ENABLE_BTI=${ENABLE_BTI} ARM_ARCH_MINOR=${ARM_ARCH_MINOR} INCLUDES='${INCLUDES}' DEFINES='${DEFINES}' --no-print-directory -C ${ROMLIBPATH} all ${Q}${MAKE} PLAT_DIR=${PLAT_DIR} BUILD_PLAT=${BUILD_PLAT} ENABLE_BTI=${ENABLE_BTI} ARM_ARCH_MINOR=${ARM_ARCH_MINOR} INCLUDES='${INCLUDES}' DEFINES='${DEFINES}' --no-print-directory -C ${ROMLIBPATH} all

25
include/tools_share/sptool.h
View file

@ -1,25 +0,0 @@
/*
* Copyright (c) 2018-2020, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
#ifndef SPTOOL_H
#define SPTOOL_H
#include <stdint.h>
/* 4 Byte magic name "SPKG" */
#define SECURE_PARTITION_MAGIC 0x474B5053
/* Header for a secure partition package. */
struct sp_pkg_header {
uint32_t magic;
uint32_t version;
uint32_t pm_offset;
uint32_t pm_size;
uint32_t img_offset;
uint32_t img_size;
};
#endif /* SPTOOL_H */

4
plat/arm/board/fvp/fdts/optee_sp_manifest.dts
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 2020-2021, Arm Limited. All rights reserved. * Copyright (c) 2020-2022, Arm Limited. All rights reserved.
* *
* SPDX-License-Identifier: BSD-3-Clause * SPDX-License-Identifier: BSD-3-Clause
* *
@ -22,7 +22,7 @@
exception-level = <2>; /* S-EL1 */ exception-level = <2>; /* S-EL1 */
execution-state = <0>; /* AARCH64 */ execution-state = <0>; /* AARCH64 */
load-address = <0x6280000>; load-address = <0x6280000>;
entrypoint-offset = <0x1000>; entrypoint-offset = <0x4000>;
xlat-granule = <0>; /* 4KiB */ xlat-granule = <0>; /* 4KiB */
boot-order = <0>; boot-order = <0>;
messaging-method = <0x3>; /* Direct request/response supported. */ messaging-method = <0x3>; /* Direct request/response supported. */

257
tools/sptool/sp_mk_generator.py Executable file → Normal file
View file

@ -46,112 +46,187 @@ A typical SP_LAYOUT_FILE file will look like
} }
""" """
import getopt
import json import json
import os import os
import re import re
import sys import sys
import uuid import uuid
from spactions import SpSetupActions
with open(sys.argv[2],'r') as in_file:
data = json.load(in_file)
json_file = os.path.abspath(sys.argv[2])
json_dir = os.path.dirname(json_file)
gen_file = os.path.abspath(sys.argv[1])
out_dir = os.path.abspath(sys.argv[3])
dtb_dir = out_dir + "/fdts/"
MAX_SP = 8 MAX_SP = 8
dualroot = sys.argv[4].lower() == "dualroot" UUID_LEN = 4
split = int(MAX_SP / 2)
print(dtb_dir)
platform_count = 1
sip_count = 1
with open(gen_file, 'w') as out_file: # Some helper functions to access args propagated to the action functions in
for idx, key in enumerate(data.keys()): # SpSetupActions framework.
def check_sp_mk_gen(args :dict):
if "sp_gen_mk" not in args.keys():
raise Exception(f"Path to file sp_gen.mk needs to be in 'args'.")
pkg_num = idx + 1 def check_out_dir(args :dict):
if "out_dir" not in args.keys() or not os.path.isdir(args["out_dir"]):
raise Exception("Define output folder with \'out_dir\' key.")
if (pkg_num > MAX_SP): def check_sp_layout_dir(args :dict):
print("WARNING: Too many secure partitions\n") if "sp_layout_dir" not in args.keys() or not os.path.isdir(args["sp_layout_dir"]):
exit(-1) raise Exception("Define output folder with \'sp_layout_dir\' key.")
if dualroot: def write_to_sp_mk_gen(content, args :dict):
owner = data[key].get('owner') check_sp_mk_gen(args)
if owner == "Plat": with open(args["sp_gen_mk"], "a") as f:
if (platform_count > split): f.write(f"{content}\n")
print("WARNING: Maximum Secure partitions by Plat " +
"have been exceeded (" + str(split) + ")\n")
exit(-1)
pkg_num = split + platform_count
platform_count += 1
elif (sip_count > split):
print("WARNING: Maximum Secure partitions by SiP " +
"have been exceeded (" + str(split) + ")\n")
exit(-1)
else:
pkg_num = sip_count
sip_count += 1
""" def get_sp_manifest_full_path(sp_node, args :dict):
Append FDT_SOURCES check_sp_layout_dir(args)
""" return os.path.join(args["sp_layout_dir"], get_file_from_layout(sp_node["pm"]))
dts = os.path.join(json_dir, data[key]['pm'])
dtb = dtb_dir + os.path.basename(data[key]['pm'][:-1] + "b")
out_file.write("FDT_SOURCES += " + dts + "\n")
""" def get_sp_img_full_path(sp_node, args :dict):
Update SPTOOL_ARGS check_sp_layout_dir(args)
""" return os.path.join(args["sp_layout_dir"], get_file_from_layout(sp_node["image"]))
dst = out_dir + "/" + key + ".pkg"
src = [ json_dir + "/" + data[key]['image'] , dtb ]
out_file.write("SPTOOL_ARGS += -i " + ":".join(src) + " -o " + dst + "\n")
if "uuid" in data[key]: def get_sp_pkg(sp, args :dict):
""" check_out_dir(args)
Extract the UUID from the JSON file if the SP entry has a 'uuid' field return os.path.join(args["out_dir"], f"{sp}.pkg")
"""
uuid_std = uuid.UUID(data[key]['uuid']) def is_line_in_sp_gen(line, args :dict):
with open(args["sp_gen_mk"], "r") as f:
sppkg_rule = [l for l in f if line in l]
return len(sppkg_rule) is not 0
def get_file_from_layout(node):
''' Helper to fetch a file path from sp_layout.json. '''
if type(node) is dict and "file" in node.keys():
return node["file"]
return node
def get_offset_from_layout(node):
''' Helper to fetch an offset from sp_layout.json. '''
if type(node) is dict and "offset" in node.keys():
return int(node["offset"], 0)
return None
def get_image_offset(node):
''' Helper to fetch image offset from sp_layout.json '''
return get_offset_from_layout(node["image"])
def get_pm_offset(node):
''' Helper to fetch pm offset from sp_layout.json '''
return get_offset_from_layout(node["pm"])
@SpSetupActions.sp_action(global_action=True)
def check_max_sps(sp_layout, _, args :dict):
''' Check validate the maximum number of SPs is respected. '''
if len(sp_layout.keys()) > MAX_SP:
raise Exception(f"Too many SPs in SP layout file. Max: {MAX_SP}")
return args
@SpSetupActions.sp_action
def gen_fdt_sources(sp_layout, sp, args :dict):
''' Generate FDT_SOURCES values for a given SP. '''
manifest_path = get_sp_manifest_full_path(sp_layout[sp], args)
write_to_sp_mk_gen(f"FDT_SOURCES += {manifest_path}", args)
return args
@SpSetupActions.sp_action
def gen_sptool_args(sp_layout, sp, args :dict):
''' Generate Sp Pkgs rules. '''
sp_pkg = get_sp_pkg(sp, args)
sp_dtb_name = os.path.basename(get_file_from_layout(sp_layout[sp]["pm"]))[:-1] + "b"
sp_dtb = os.path.join(args["out_dir"], f"fdts/{sp_dtb_name}")
# Do not generate rule if already there.
if is_line_in_sp_gen(f'{sp_pkg}:', args):
return args
write_to_sp_mk_gen(f"SP_PKGS += {sp_pkg}\n", args)
sptool_args = f" -i {get_sp_img_full_path(sp_layout[sp], args)}:{sp_dtb}"
pm_offset = get_pm_offset(sp_layout[sp])
sptool_args += f" --pm-offset {pm_offset}" if pm_offset is not None else ""
image_offset = get_image_offset(sp_layout[sp])
sptool_args += f" --img-offset {image_offset}" if image_offset is not None else ""
sptool_args += f" -o {sp_pkg}"
sppkg_rule = f'''
{sp_pkg}:
\t$(Q)echo Generating {sp_pkg}
\t$(Q)$(PYTHON) $(SPTOOL) {sptool_args}
'''
write_to_sp_mk_gen(sppkg_rule, args)
return args
@SpSetupActions.sp_action(global_action=True, exec_order=1)
def check_dualroot(sp_layout, _, args :dict):
''' Validate the amount of SPs from SiP and Platform owners. '''
if not args.get("dualroot"):
return args
args["split"] = int(MAX_SP / 2)
owners = [sp_layout[sp].get("owner") for sp in sp_layout]
args["plat_max_count"] = owners.count("Plat")
# If it is owned by the platform owner, it is assigned to the SiP.
args["sip_max_count"] = len(sp_layout.keys()) - args["plat_max_count"]
if args["sip_max_count"] > args["split"] or args["sip_max_count"] > args["split"]:
print(f"WARN: SiP Secure Partitions should not be more than {args['split']}")
# Counters for gen_crt_args.
args["sip_count"] = 1
args["plat_count"] = 1
return args
@SpSetupActions.sp_action
def gen_crt_args(sp_layout, sp, args :dict):
''' Append CRT_ARGS. '''
# If "dualroot" is configured, 'sp_pkg_idx' depends on whether the SP is owned
# by the "SiP" or the "Plat".
if args.get("dualroot"):
# If the owner is not specified as "Plat", default to "SiP".
if sp_layout[sp].get("owner") == "Plat":
if args["plat_count"] > args["plat_max_count"]:
raise ValueError("plat_count can't surpass plat_max_count in args.")
sp_pkg_idx = args["plat_count"] + args["split"]
args["plat_count"] += 1
else: else:
""" if args["sip_count"] > args["sip_max_count"]:
Extract uuid from partition manifest raise ValueError("sip_count can't surpass sip_max_count in args.")
""" sp_pkg_idx = args["sip_count"]
pm_file = open(dts) args["sip_count"] += 1
for line in pm_file: else:
if "uuid" in line: sp_pkg_idx = [k for k in sp_layout.keys()].index(sp) + 1
# re.findall returns a list of string tuples. write_to_sp_mk_gen(f"CRT_ARGS += --sp-pkg{sp_pkg_idx} {get_sp_pkg(sp, args)}\n", args)
# uuid_hex is the first item in this list representing the four return args
# uuid hex integers from the manifest uuid field. The heading
# '0x' of the hexadecimal representation is stripped out.
# e.g. uuid = <0x1e67b5b4 0xe14f904a 0x13fb1fb8 0xcbdae1da>;
# uuid_hex = ('1e67b5b4', 'e14f904a', '13fb1fb8', 'cbdae1da')
uuid_hex = re.findall(r'0x([0-9a-f]+) 0x([0-9a-f]+) 0x([0-9a-f]+) 0x([0-9a-f]+)', line)[0];
# uuid_hex is a list of four hex string values @SpSetupActions.sp_action
if len(uuid_hex) != 4: def gen_fiptool_args(sp_layout, sp, args :dict):
print("ERROR: malformed UUID") ''' Generate arguments for the FIP Tool. '''
exit(-1) if "uuid" in sp_layout[sp]:
# Extract the UUID from the JSON file if the SP entry has a 'uuid' field
uuid_std = uuid.UUID(data[key]['uuid'])
else:
with open(get_sp_manifest_full_path(sp_layout[sp], args), "r") as pm_f:
uuid_lines = [l for l in pm_f if 'uuid' in l]
assert(len(uuid_lines) is 1)
# The uuid field in SP manifest is the little endian representation
# mapped to arguments as described in SMCCC section 5.3.
# Convert each unsigned integer value to a big endian representation
# required by fiptool.
uuid_parsed = re.findall("0x([0-9a-f]+)", uuid_lines[0])
y = list(map(bytearray.fromhex, uuid_parsed))
z = [int.from_bytes(i, byteorder='little', signed=False) for i in y]
uuid_std = uuid.UUID(f'{z[0]:08x}{z[1]:08x}{z[2]:08x}{z[3]:08x}')
write_to_sp_mk_gen(f"FIP_ARGS += --blob uuid={str(uuid_std)},file={get_sp_pkg(sp, args)}\n", args)
return args
# The uuid field in SP manifest is the little endian representation def init_sp_actions(sys):
# mapped to arguments as described in SMCCC section 5.3. sp_layout_file = os.path.abspath(sys.argv[2])
# Convert each unsigned integer value to a big endian representation with open(sp_layout_file) as json_file:
# required by fiptool. sp_layout = json.load(json_file)
y=list(map(bytearray.fromhex, uuid_hex)) # Initialize arguments for the SP actions framework
z=(int.from_bytes(y[0], byteorder='little', signed=False), args = {}
int.from_bytes(y[1], byteorder='little', signed=False), args["sp_gen_mk"] = os.path.abspath(sys.argv[1])
int.from_bytes(y[2], byteorder='little', signed=False), args["sp_layout_dir"] = os.path.dirname(sp_layout_file)
int.from_bytes(y[3], byteorder='little', signed=False)) args["out_dir"] = os.path.abspath(sys.argv[3])
uuid_std = uuid.UUID(f'{z[0]:08x}{z[1]:08x}{z[2]:08x}{z[3]:08x}') args["dualroot"] = sys.argv[4] == "dualroot"
#Clear content of file "sp_gen.mk".
with open(args["sp_gen_mk"], "w"):
None
return args, sp_layout
""" if __name__ == "__main__":
Append FIP_ARGS args, sp_layout = init_sp_actions(sys)
""" SpSetupActions.run_actions(sp_layout, args)
out_file.write("FIP_ARGS += --blob uuid=" + str(uuid_std) + ",file=" + dst + "\n")
"""
Append CRT_ARGS
"""
out_file.write("CRT_ARGS += --sp-pkg" + str(pkg_num) + " " + dst + "\n")
out_file.write("\n")

155
tools/sptool/spactions.py Normal file
View file

@ -0,0 +1,155 @@
#!/usr/bin/python3
# Copyright (c) 2022, Arm Limited. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
'''
This is a python module for defining and executing SP setup actions, targeting
a system deploying an SPM implementation.
Each action consists of a function, that processes the SP layout json file and
other provided arguments.
At the core of this is the SpSetupActions which provides a means to register
the functions into a table of actions, and execute them all when invoking
SpSetupActions.run_actions.
Registering the function is done by using the decorator '@SpSetupActions.sp_action'
at function definition.
Functions can be called:
- once only, or per SP defined in the SP layout file;
- following an order, from lowest to highest of their execution order.
More information in the doc comments below.
'''
import bisect
DEFAULT_ACTION_ORDER = 100
class _ConfiguredAction:
"""
Wraps action function with its configuration.
"""
def __init__(self, action, exec_order=DEFAULT_ACTION_ORDER, global_action=True, log_calls = False):
self.exec_order = exec_order
self.__name__ = action.__name__
def logged_action(action):
def inner_logged_action(sp_layout, sp, args :dict):
print(f"Calling {action.__name__} -> {sp}")
return action(sp_layout, sp, args)
return inner_logged_action
self.action = logged_action(action) if log_calls is True else action
self.global_action = global_action
def __lt__(self, other):
"""
To allow for ordered inserts in a list of actions.
"""
return self.exec_order < other.exec_order
def __call__(self, sp_layout, sp, args :dict):
"""
Calls action function.
"""
return self.action(sp_layout, sp, args)
def __repr__(self) -> str:
"""
Pretty format to show debug information about the action.
"""
return f"func: {self.__name__}; global:{self.global_action}; exec_order: {self.exec_order}"
class SpSetupActions:
actions = []
def sp_action(in_action = None, global_action = False, log_calls=False, exec_order=DEFAULT_ACTION_ORDER):
"""
Function decorator that registers and configures action.
:param in_action - function to register
:param global_action - make the function global, i.e. make it be
only called once.
:param log_calls - at every call to action, a useful log will be printed.
:param exec_order - action's calling order.
"""
def append_action(action):
action = _ConfiguredAction(action, exec_order, global_action, log_calls)
bisect.insort(SpSetupActions.actions, action)
return action
if in_action is not None:
return append_action(in_action)
return append_action
def run_actions(sp_layout: dict, args: dict, verbose=False):
"""
Executes all actions in accordance to their registering configuration:
- If set as "global" it will be called once.
- Actions are called respecting the order established by their "exec_order" field.
:param sp_layout - dictionary containing the SP layout information.
:param args - arguments to be propagated through the call of actions.
:param verbose - prints actions information in order of execution.
"""
args["called"] = [] # for debug purposes
def append_called(action, sp, args :dict):
args["called"].append(f"{action.__name__} -> {sp}")
return args
for action in SpSetupActions.actions:
if verbose:
print(f"Calling {action}")
if action.global_action:
scope = "global"
args = action(sp_layout, scope, args)
args = append_called(action, scope, args)
else:
# Functions that are not global called for each SP defined in
# the SP layout.
for sp in sp_layout.keys():
args = action(sp_layout, sp, args)
args = append_called(action, sp, args)
if __name__ == "__main__":
# Executing this module will have the following test code/playground executed
sp_layout = {
"partition1" : {
"boot-info": True,
"image": {
"file": "partition.bin",
"offset":"0x2000"
},
"pm": {
"file": "cactus.dts",
"offset":"0x1000"
},
"owner": "SiP"
},
"partition2" : {
"image": "partition.bin",
"pm": "cactus-secondary.dts",
"owner": "Plat"
},
"partition3" : {
"image": "partition.bin",
"pm": "cactus-tertiary.dts",
"owner": "Plat"
},
"partition4" : {
"image": "ivy.bin",
"pm": "ivy.dts",
"owner": "Plat"
}
}
#Example of how to use this module
@SpSetupActions.sp_action(global_action=True)
def my_action1(sp_layout, _, args :dict):
print(f"inside function my_action1{sp_layout}\n\n args:{args})")
return args # Always return args in action function.
@SpSetupActions.sp_action(exec_order=1)
def my_action2(sp_layout, sp_name, args :dict):
print(f"inside function my_action2; SP: {sp_name} {sp_layout} args:{args}")
return args
# Example arguments to be propagated through the functions.
# 'args' can be extended in the action functions.
args = dict()
args["arg1"] = 0xEEE
args["arg2"] = 0xFF
SpSetupActions.run_actions(sp_layout, args)

360
tools/sptool/sptool.c
View file

@ -1,360 +0,0 @@
/*
* Copyright (c) 2018-2020, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
#include <stdarg.h>
#include <stdbool.h>
#include <stdint.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include "sptool.h"
#define PAGE_SIZE 4096
/*
* Entry describing Secure Partition package.
*/
struct sp_pkg_info {
/* Location of the files in the host's RAM. */
void *img_data, *pm_data;
/* Size of the files. */
uint32_t img_size, pm_size;
/* Location of the binary files inside the package output file */
uint32_t img_offset, pm_offset;
};
/*
* List of input provided by user
*/
struct arg_list {
char *usr_input;
struct arg_list *next;
};
/* Align an address to a power-of-two boundary. */
static unsigned int align_to(unsigned int address, unsigned int boundary)
{
unsigned int mask = boundary - 1U;
if ((address & mask) != 0U)
return (address + boundary) & ~mask;
else
return address;
}
/* Allocate a memory area of 'size' bytes and zero it. */
static void *xzalloc(size_t size, const char *msg)
{
void *d;
d = malloc(size);
if (d == NULL) {
fprintf(stderr, "error: malloc: %s\n", msg);
exit(1);
}
memset(d, 0, size);
return d;
}
/*
* Write 'size' bytes from 'buf' into the specified file stream.
* Exit the program on error.
*/
static void xfwrite(void *buf, size_t size, FILE *fp)
{
if (fwrite(buf, 1, size, fp) != size) {
fprintf(stderr, "error: Failed to write to output file.\n");
exit(1);
}
}
/*
* Set the file position indicator for the specified file stream.
* Exit the program on error.
*/
static void xfseek(FILE *fp, long offset, int whence)
{
if (fseek(fp, offset, whence) != 0) {
fprintf(stderr, "error: Failed to set file to offset 0x%lx (%d).\n",
offset, whence);
perror(NULL);
exit(1);
}
}
/*
* Free SP package structure
*/
static void cleanup(struct sp_pkg_info *sp)
{
if (sp != NULL) {
if (sp->img_data != NULL) {
free(sp->img_data);
}
if (sp->pm_data != NULL) {
free(sp->pm_data);
}
free(sp);
}
}
/*
* Free argument list structure
*/
static void freelist(struct arg_list *head)
{
struct arg_list *tmp;
while (head != NULL) {
tmp = head;
head = head->next;
free(tmp);
}
}
/*
* Append user inputs in argument list structure
*/
static void append_user_input(struct arg_list **head, char *args)
{
struct arg_list *tmp = *head;
if (tmp == NULL) {
tmp = xzalloc(sizeof(struct arg_list),
"Failed to allocate arg_list struct");
tmp->usr_input = args;
*head = tmp;
} else {
while (tmp->next != NULL) {
tmp = tmp->next;
}
tmp->next = xzalloc(sizeof(struct arg_list),
"Failed to allocate arg_list struct");
tmp = tmp->next;
tmp->usr_input = args;
}
}
/*
* Allocate a buffer big enough to store the content of the specified file and
* load the file into it. Fill 'size' with the file size. Exit the program on
* error.
*/
static void load_file(const char *path, void **ptr, uint32_t *size)
{
FILE *f = fopen(path, "rb");
if (f == NULL) {
fprintf(stderr, "error: %s couldn't be opened.\n", path);
exit(1);
}
xfseek(f, 0, SEEK_END);
*size = ftell(f);
if (*size == 0) {
fprintf(stderr, "error: Size of %s is 0\n", path);
exit(1);
}
rewind(f);
*ptr = malloc(*size);
if (*ptr == NULL) {
fprintf(stderr, "error: Not enough memory to load %s\n", path);
exit(1);
}
if (fread(*ptr, *size, 1, f) != 1) {
fprintf(stderr, "error: Couldn't read %s\n", path);
exit(1);
}
fclose(f);
}
/*
* Parse the string containing input payloads and fill in the
* SP Package data structure.
*/
static void load_sp_pm(char *path, struct sp_pkg_info **sp_out)
{
struct sp_pkg_info *sp_pkg;
char *split_mark = strstr(path, ":");
*split_mark = '\0';
char *sp_path = path;
char *pm_path = split_mark + 1;
sp_pkg = xzalloc(sizeof(struct sp_pkg_info),
"Failed to allocate sp_pkg_info struct");
load_file(pm_path, &sp_pkg->pm_data, &sp_pkg->pm_size);
printf("\nLoaded SP Manifest file %s (%u bytes)\n", pm_path, sp_pkg->pm_size);
load_file(sp_path, &sp_pkg->img_data, &sp_pkg->img_size);
printf("Loaded SP Image file %s (%u bytes)\n", sp_path, sp_pkg->img_size);
*sp_out = sp_pkg;
}
/*
* Write SP package data structure into output file.
*/
static void output_write(const char *path, struct sp_pkg_info *sp, bool header)
{
struct sp_pkg_header sp_header_info;
unsigned int file_ptr = 0;
FILE *f = fopen(path, "wb");
if (f == NULL) {
fprintf(stderr, "error: Failed to open %s\n", path);
exit(1);
}
/* Reserve Header size */
if (header) {
file_ptr = sizeof(struct sp_pkg_header);
}
/* Save partition manifest */
xfseek(f, file_ptr, SEEK_SET);
printf("Writing SP Manifest at offset 0x%x (%u bytes)\n",
file_ptr, sp->pm_size);
sp->pm_offset = file_ptr;
xfwrite(sp->pm_data, sp->pm_size, f);
/* Save partition image aligned to Page size */
file_ptr = align_to((sp->pm_offset + sp->pm_size), PAGE_SIZE);
xfseek(f, file_ptr, SEEK_SET);
printf("Writing SP Image at offset 0x%x (%u bytes)\n",
file_ptr, sp->img_size);
sp->img_offset = file_ptr;
xfwrite(sp->img_data, sp->img_size, f);
/* Finally, write header, if needed */
if (header) {
sp_header_info.magic = SECURE_PARTITION_MAGIC;
sp_header_info.version = 0x1;
sp_header_info.img_offset = sp->img_offset;
sp_header_info.img_size = sp->img_size;
sp_header_info.pm_offset = sp->pm_offset;
sp_header_info.pm_size = sp->pm_size;
xfseek(f, 0, SEEK_SET);
printf("Writing package header\n");
xfwrite(&sp_header_info, sizeof(struct sp_pkg_header), f);
}
/* All information has been written now */
printf("\nsptool: Built Secure Partition blob %s\n", path);
fclose(f);
}
static void usage(void)
{
printf("usage: sptool ");
#ifdef VERSION
printf(VERSION);
#else
/* If built from sptool directory, VERSION is not set. */
printf("version unknown");
#endif
printf(" [<args>]\n\n");
printf("This tool takes as input set of image binary files and the\n"
"partition manifest blobs as input and generates set of\n"
"output package files\n"
"Usage example: sptool -i sp1.bin:sp1.dtb -o sp1.pkg\n"
" -i sp2.bin:sp2.dtb -o sp2.pkg ...\n\n");
printf("Commands supported:\n");
printf(" -o <path> Set output file path.\n");
printf(" -i <sp_path:pm_path> Add Secure Partition image and\n"
" Manifest blob (specified in two paths\n"
" separated by a colon).\n");
printf(" -n Generate package without header\n");
printf(" -h Show this message.\n");
exit(1);
}
int main(int argc, char *argv[])
{
struct sp_pkg_info *sp_pkg = NULL;
struct arg_list *in_head = NULL;
struct arg_list *out_head = NULL;
struct arg_list *in_list = NULL;
struct arg_list *out_list = NULL;
unsigned int match_counter = 0;
bool need_header = true;
int ch;
if (argc <= 1) {
fprintf(stderr, "error: File paths must be provided.\n\n");
usage();
return 1;
}
while ((ch = getopt(argc, argv, "hni:o:")) != -1) {
switch (ch) {
case 'i':
append_user_input(&in_head, optarg);
match_counter++;
break;
case 'o':
append_user_input(&out_head, optarg);
match_counter--;
break;
case 'n':
need_header = false;
break;
case 'h':
default:
usage();
}
}
if (match_counter) {
fprintf(stderr, "error: Input/Output count mismatch.\n\n");
freelist(in_head);
freelist(out_head);
usage();
return 1;
}
in_list = in_head;
out_list = out_head;
while (in_list != NULL) {
load_sp_pm(in_list->usr_input, &sp_pkg);
output_write(out_list->usr_input, sp_pkg, need_header);
in_list = in_list->next;
out_list = out_list->next;
}
argc -= optind;
argv += optind;
cleanup(sp_pkg);
freelist(in_head);
freelist(out_head);
return 0;
}

145
tools/sptool/sptool.py Executable file
View file

@ -0,0 +1,145 @@
#!/usr/bin/python3
# Copyright (c) 2022, Arm Limited. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
# Copyright 2022 The Hafnium Authors.
#
# Use of this source code is governed by a BSD-style
# license that can be found in the LICENSE file or at
# https://opensource.org/licenses/BSD-3-Clause.
"""
Script which generates a Secure Partition package.
https://trustedfirmware-a.readthedocs.io/en/latest/components/secure-partition-manager.html#secure-partition-packages
"""
import argparse
from collections import namedtuple
import sys
from shutil import copyfileobj
import os
HF_PAGE_SIZE = 0x1000 # bytes
HEADER_ELEMENT_BYTES = 4 # bytes
MANIFEST_IMAGE_SPLITTER=':'
PM_OFFSET_DEFAULT = "0x1000"
IMG_OFFSET_DEFAULT = "0x4000"
def split_dtb_bin(i : str):
return i.split(MANIFEST_IMAGE_SPLITTER)
def align_to_page(n):
return HF_PAGE_SIZE * \
(round(n / HF_PAGE_SIZE) + \
(1 if n % HF_PAGE_SIZE else 0))
def to_bytes(value):
return int(value).to_bytes(HEADER_ELEMENT_BYTES, 'little')
class SpPkg:
def __init__(self, pm_path : str, img_path : str, pm_offset: int,
img_offset: int):
if not os.path.isfile(pm_path) or not os.path.isfile(img_path):
raise Exception(f"Parameters should be path. \
manifest: {pm_path}; img: {img_path}")
self.pm_path = pm_path
self.img_path = img_path
self._SpPkgHeader = namedtuple("SpPkgHeader",
("magic", "version",
"pm_offset", "pm_size",
"img_offset", "img_size"))
if pm_offset >= img_offset:
raise ValueError("pm_offset must be smaller than img_offset")
is_hfpage_aligned = lambda val : val % HF_PAGE_SIZE == 0
if not is_hfpage_aligned(pm_offset) or not is_hfpage_aligned(img_offset):
raise ValueError(f"Offsets provided need to be page aligned: pm-{pm_offset}, img-{img_offset}")
if img_offset - pm_offset < self.pm_size:
raise ValueError(f"pm_offset and img_offset do not fit the specified file:{pm_path})")
self.pm_offset = pm_offset
self.img_offset = img_offset
def __str__(self):
return \
f'''--SP package Info--
header:{self.header}
pm: {self.pm_path}
img: {self.img_path}
'''
@property
def magic(self):
return "SPKG".encode()
@property
def version(self):
return 0x2
@property
def pm_size(self):
return os.path.getsize(self.pm_path)
@property
def img_size(self):
return os.path.getsize(self.img_path)
@property
def header(self):
return self._SpPkgHeader(
self.magic,
self.version,
self.pm_offset,
self.pm_size,
self.img_offset,
self.img_size)
@property
def header_size(self):
return len(self._SpPkgHeader._fields)
def generate(self, f_out : str):
with open(f_out, "wb+") as output:
for h in self.header:
to_write = h if type(h) is bytes else to_bytes(h)
output.write(to_write)
output.seek(self.pm_offset)
with open(self.pm_path, "rb") as pm:
copyfileobj(pm, output)
output.seek(self.img_offset)
with open(self.img_path, "rb") as img:
copyfileobj(img, output)
def Main():
parser = argparse.ArgumentParser()
parser.add_argument("-i", required=True,
help="path to partition's image and manifest separated by a colon.")
parser.add_argument("--pm-offset", required=False, default=PM_OFFSET_DEFAULT,
help="set partitition manifest offset.")
parser.add_argument("--img-offset", required=False, default=IMG_OFFSET_DEFAULT,
help="set partition image offset.")
parser.add_argument("-o", required=True, help="set output file path.")
parser.add_argument("-v", required=False, action="store_true",
help="print package information.")
args = parser.parse_args()
if not os.path.exists(os.path.dirname(args.o)):
raise Exception("Provide a valid output file path!\n")
image_path, manifest_path = split_dtb_bin(args.i)
pm_offset = int(args.pm_offset, 0)
img_offset = int(args.img_offset, 0)
pkg = SpPkg(manifest_path, image_path, pm_offset, img_offset)
pkg.generate(args.o)
if args.v is True:
print(pkg)
return 0
if __name__ == "__main__":
sys.exit(Main())