mturney mturney has uploaded this change for review. ( https://review.coreboot.org/c/coreboot/+/35506 )
Change subject: trogdor: support mbn_version 6 with python build scripts ......................................................................
trogdor: support mbn_version 6 with python build scripts
Developer/Reviewer, be aware of this patch from Mistral: https://review.coreboot.org/c/coreboot/+/33425/18
Change-Id: I020d1e4d4f5c948948e1b39dd18af1d0e860c279 Signed-off-by: T Michael Turney mturney@codeaurora.org --- M util/qualcomm/createxbl.py M util/qualcomm/mbn_tools.py 2 files changed, 90 insertions(+), 36 deletions(-)
git pull ssh://review.coreboot.org:29418/coreboot refs/changes/06/35506/1
diff --git a/util/qualcomm/createxbl.py b/util/qualcomm/createxbl.py index 4a21854..769e9f1e 100755 --- a/util/qualcomm/createxbl.py +++ b/util/qualcomm/createxbl.py @@ -44,6 +44,7 @@ # # when who what, where, why # -------- --- ------------------------------------------------------ +# 05/21/19 rissha Added --mbn_version to add MBN header accordingly # 03/26/18 tv Added -e to enable extended MBNV5 support # 09/04/15 et Added -x and -d to embed xbl_sec ELF # 02/11/15 ck Fixed missing elf type check in ZI OOB feature @@ -119,6 +120,10 @@ help="Removes ZI segments that have addresses greater" + \ " than 32 bits when converting from a 64 to 32 bit ELF")
+ parser.add_option("--mbn_version", + action="store", type="int", dest="mbn_version", + help="Add mbn header in elf image. '3', '5' or '6'") +
(options, args) = parser.parse_args() if not options.elf_inp_file1: @@ -206,11 +211,16 @@ else: zi_oob_enabled = True
+ header_version = 3 + if options.elf_inp_xbl_sec: is_ext_mbn_v5 = True + header_version = 5 else: is_ext_mbn_v5 = False
+ if options.mbn_version: + header_version = options.mbn_version
mbn_type = 'elf' header_format = 'reg' @@ -259,7 +269,7 @@ source_elf, target_hash, elf_out_file_name = target_phdr_elf, - secure_type = image_header_secflag) + secure_type = image_header_secflag, header_version = header_version ) if rv: raise RuntimeError, "Failed to run pboot_gen_elf"
@@ -270,7 +280,8 @@ target_hash_hd, image_header_secflag, is_ext_mbn_v5, - elf_file_name = source_elf) + elf_file_name = source_elf, + header_version = header_version) if rv: raise RuntimeError, "Failed to create image header for hash segment"
diff --git a/util/qualcomm/mbn_tools.py b/util/qualcomm/mbn_tools.py index 12dc210..079e02e 100755 --- a/util/qualcomm/mbn_tools.py +++ b/util/qualcomm/mbn_tools.py @@ -41,6 +41,7 @@ # # when who what, where, why # -------- --- --------------------------------------------------------- +# 05/21/18 rissha Added support for extended MBNV6 and Add support for hashing elf segments with SHA384 # 03/22/18 thiru Added support for extended MBNV5. # 06/06/13 yliong CR 497042: Signed and encrypted image is corrupted. MRC features. # 03/18/13 dhaval Add support for hashing elf segments with SHA256 and @@ -64,23 +65,24 @@ #---------------------------------------------------------------------------- # GLOBAL VARIABLES BEGIN #---------------------------------------------------------------------------- -PAD_BYTE_1 = 255 # Padding byte 1s -PAD_BYTE_0 = 0 # Padding byte 0s -SHA256_SIGNATURE_SIZE = 256 # Support SHA256 -MAX_NUM_ROOT_CERTS = 4 # Maximum number of OEM root certificates -MI_BOOT_IMG_HDR_SIZE = 40 # sizeof(mi_boot_image_header_type) -MI_BOOT_SBL_HDR_SIZE = 80 # sizeof(sbl_header) -BOOT_HEADER_LENGTH = 20 # Boot Header Number of Elements -SBL_HEADER_LENGTH = 20 # SBL Header Number of Elements -FLASH_PARTI_VERSION = 3 # Flash Partition Version Number -MAX_PHDR_COUNT = 100 # Maximum allowable program headers -CERT_CHAIN_ONEROOT_MAXSIZE = 6*1024 # Default Cert Chain Max Size for one root -VIRTUAL_BLOCK_SIZE = 131072 # Virtual block size for MCs insertion in SBL1 if ENABLE_VIRTUAL_BLK ON -MAGIC_COOKIE_LENGTH = 12 # Length of magic Cookie inserted per VIRTUAL_BLOCK_SIZE -MIN_IMAGE_SIZE_WITH_PAD = 256*1024 # Minimum image size for sbl1 Nand based OTA feature +PAD_BYTE_1 = 255 # Padding byte 1s +PAD_BYTE_0 = 0 # Padding byte 0s +SHA256_SIGNATURE_SIZE = 256 # Support SHA256 +MAX_NUM_ROOT_CERTS = 4 # Maximum number of OEM root certificates +MBN_HEADER_VERSION_3 = 3 # Mbn header_version 3 +MBN_HEADER_VERSION_5 = 5 # Mbn header_version 5 +MBN_HEADER_VERSION_6 = 6 # Mbn header_version 6 +MI_BOOT_SBL_HDR_SIZE = 80 # sizeof(sbl_header) +BOOT_HEADER_LENGTH = 20 # Boot Header Number of Elements +SBL_HEADER_LENGTH = 20 # SBL Header Number of Elements +MAX_PHDR_COUNT = 100 # Maximum allowable program headers +CERT_CHAIN_ONEROOT_MAXSIZE = 6*1024 # Default Cert Chain Max Size for one root +VIRTUAL_BLOCK_SIZE = 131072 # Virtual block size for MCs insertion in SBL1 if ENABLE_VIRTUAL_BLK ON +MAGIC_COOKIE_LENGTH = 12 # Length of magic Cookie inserted per VIRTUAL_BLOCK_SIZE +MIN_IMAGE_SIZE_WITH_PAD = 256*1024 # Minimum image size for sbl1 Nand based OTA feature
-SBL_AARCH64 = 0xF # Indicate that SBL is a Aarch64 image -SBL_AARCH32 = 0x0 # Indicate that SBL is a Aarch32 image +SBL_AARCH64 = 0xF # Indicate that SBL is a Aarch64 image +SBL_AARCH32 = 0x0 # Indicate that SBL is a Aarch32 image
# Magic numbers filled in for boot headers FLASH_CODE_WORD = 0x844BDCD1 @@ -528,7 +530,7 @@ class Boot_Hdr: def __init__(self, init_val): self.image_id = ImageType.NONE_IMG - self.flash_parti_ver = FLASH_PARTI_VERSION + self.flash_parti_ver = MBN_HEADER_VERSION_3 self.image_src = init_val self.image_dest_ptr = init_val self.image_size = init_val @@ -573,6 +575,10 @@ self.reserved_2, self.reserved_3 ]
+ if self.flash_parti_ver == MBN_HEADER_VERSION_6: + values.insert(10, self.metadata_size_qti) + values.insert(11, self.metadata_size) + if self.image_dest_ptr >= 0x100000000: values[3] = 0xFFFFFFFF
@@ -584,8 +590,12 @@
# Write 10 entries(40B) or 20 entries(80B) of boot header if write_full_hdr is False: - s = struct.Struct('I'* 10) - values = values[:10] + if self.flash_parti_ver == MBN_HEADER_VERSION_6: + s = struct.Struct('I'* 12) + values = values[:12] + else: + s = struct.Struct('I'* 10) + values = values[:10] else: s = struct.Struct('I' * self.getLength())
@@ -912,7 +922,8 @@ write_full_hdr = False, in_code_size = None, cert_chain_size_in = CERT_CHAIN_ONEROOT_MAXSIZE, - num_of_pages = None): + num_of_pages = None, + header_version = None):
# Preliminary checks if (requires_preamble is True) and (preamble_file_name is None): @@ -945,9 +956,12 @@ cert_chain_size = 0 image_size = code_size
+ if header_version: + assert header_version in [MBN_HEADER_VERSION_3, MBN_HEADER_VERSION_5, MBN_HEADER_VERSION_6], 'Not a valid MBN header version' + # For ELF or hashed images, image destination will be determined from an ELF input file if gen_dict['IMAGE_KEY_MBN_TYPE'] == 'elf': - image_dest = get_hash_address(elf_file_name) + MI_BOOT_IMG_HDR_SIZE + image_dest = get_hash_address(elf_file_name) + (header_size(header_version)) elif gen_dict['IMAGE_KEY_MBN_TYPE'] == 'bin': image_dest = gen_dict['IMAGE_KEY_IMAGE_DEST'] image_source = gen_dict['IMAGE_KEY_IMAGE_SOURCE'] @@ -993,10 +1007,17 @@ boot_header.cert_chain_size = cert_chain_size
if is_ext_mbn_v5 == True: - # If platform image integrity check is enabled - boot_header.flash_parti_ver = 5 # version - boot_header.image_src = 0 # sig_size_qc - boot_header.image_dest_ptr = 0 # cert_chain_size_qc + # If platform image integrity check is enabled + boot_header.flash_parti_ver = MBN_HEADER_VERSION_5 # version + boot_header.image_src = 0 # sig_size_qc + boot_header.image_dest_ptr = 0 # cert_chain_size_qc + + if header_version == MBN_HEADER_VERSION_6: + boot_header.flash_parti_ver = MBN_HEADER_VERSION_6 # version + boot_header.image_src = 0 # sig_size_qc + boot_header.image_dest_ptr = 0 # cert_chain_size_qc + boot_header.metadata_size_qti = 0 # qti_metadata size + boot_header.metadata_size = 0 # oem_metadata size
# If preamble is required, output the preamble file and update the boot_header if requires_preamble is True: @@ -1021,9 +1042,20 @@ last_phys_addr = None, append_xml_hdr = False, is_sha256_algo = True, - cert_chain_size_in = CERT_CHAIN_ONEROOT_MAXSIZE): + cert_chain_size_in = CERT_CHAIN_ONEROOT_MAXSIZE, + header_version = None): + sha_algo = 'SHA1' + if is_sha256_algo: + sha_algo = 'SHA256' + + if header_version == MBN_HEADER_VERSION_6: + sha_algo = 'SHA384' global MI_PROG_BOOT_DIGEST_SIZE - if (is_sha256_algo is True): + image_header_size = header_size(header_version) + + if (sha_algo == 'SHA384'): + MI_PROG_BOOT_DIGEST_SIZE = 48 + elif sha_algo == 'SHA256': MI_PROG_BOOT_DIGEST_SIZE = 32 else: MI_PROG_BOOT_DIGEST_SIZE = 20 @@ -1110,7 +1142,7 @@ fbuf = elf_in_fp.read(hash_size)
if MI_PBT_CHECK_FLAG_TYPE(curr_phdr.p_flags) is True: - hash = generate_hash(fbuf, is_sha256_algo) + hash = generate_hash(fbuf, sha_algo) else: hash = '\0' * MI_PROG_BOOT_DIGEST_SIZE
@@ -1129,7 +1161,7 @@ file_buff = elf_in_fp.read(data_len)
if (MI_PBT_CHECK_FLAG_TYPE(curr_phdr.p_flags) is True) and (data_len > 0): - hash = generate_hash(file_buff, is_sha256_algo) + hash = generate_hash(file_buff, sha_algo) else: hash = '\0' * MI_PROG_BOOT_DIGEST_SIZE
@@ -1151,7 +1183,7 @@
# Initialize the hash table program header [hash_Phdr, pad_hash_segment, hash_tbl_end_addr, hash_tbl_offset] = \ - initialize_hash_phdr(elf_in_file_name, hashtable_size, MI_BOOT_IMG_HDR_SIZE, ELF_BLOCK_ALIGN, is_elf64) + initialize_hash_phdr(elf_in_file_name, hashtable_size, image_header_size, ELF_BLOCK_ALIGN, is_elf64)
# Check if hash segment max size parameter was passed if (hash_seg_max_size is not None): @@ -1252,7 +1284,7 @@ # Read the program header and compute hash proghdr_buff = elf_out_fp.read(elf_header.e_phnum * phdr_size)
- hash = generate_hash(elfhdr_buff + proghdr_buff, is_sha256_algo) + hash = generate_hash(elfhdr_buff + proghdr_buff, sha_algo)
# Write hash to file as first hash table entry hash_out_fp.seek(0) @@ -1592,7 +1624,7 @@ page = page + elf_in_fp.read(bytes_in_page - len(page)) if (len(page) < DP_PAGE_SIZE): page = page + (struct.pack('b', 0) * (DP_PAGE_SIZE - len(page))) - hashes = hashes + [generate_hash(page, True)] + hashes = hashes + [generate_hash(page, 'SHA256')] bytes_left -= bytes_in_page
# And write them to the hash segment @@ -2101,9 +2133,20 @@ #---------------------------------------------------------------------------- # sha1/sha256 hash routine wrapper #---------------------------------------------------------------------------- -def generate_hash(in_buf, is_sha256_algo): +def header_size(header_version): + if header_version == MBN_HEADER_VERSION_6: + return 48 + else: + return 40 + +#---------------------------------------------------------------------------- +# sha1/sha256 hash routine wrapper +#---------------------------------------------------------------------------- +def generate_hash(in_buf, sha_algo): # Initialize a SHA1 object from the Python hash library - if (is_sha256_algo is True): + if sha_algo == 'SHA384': + m = hashlib.sha384() + elif sha_algo == 'SHA256': m = hashlib.sha256() else: m = hashlib.sha1()
Julius Werner has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/35506 )
Change subject: trogdor: support mbn_version 6 with python build scripts ......................................................................
Patch Set 12:
(1 comment)
https://review.coreboot.org/c/coreboot/+/35506/12/util/qualcomm/createxbl.py File util/qualcomm/createxbl.py:
https://review.coreboot.org/c/coreboot/+/35506/12/util/qualcomm/createxbl.py... PS12, Line 217: is_ext_mbn_v5 = True Please see outstanding comments on Mistral patch (CB:33425), there are still a couple of things to fix up in here (like getting rid of this variable because header_version effectively supersedes it).
Ravi kumar has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/35506 )
Change subject: trogdor: support mbn_version 6 with python build scripts ......................................................................
Patch Set 16:
(1 comment)
https://review.coreboot.org/c/coreboot/+/35506/12/util/qualcomm/createxbl.py File util/qualcomm/createxbl.py:
https://review.coreboot.org/c/coreboot/+/35506/12/util/qualcomm/createxbl.py... PS12, Line 217: is_ext_mbn_v5 = True
Please see outstanding comments on Mistral patch (CB:33425), there are still a couple of things to f […]
a new version will be uploaded with the required fix
Ravi kumar has uploaded a new patch set (#17) to the change originally created by mturney mturney. ( https://review.coreboot.org/c/coreboot/+/35506 )
Change subject: trogdor: support mbn_version 6 with python build scripts ......................................................................
trogdor: support mbn_version 6 with python build scripts
Developer/Reviewer, be aware of this patch from Mistral: https://review.coreboot.org/c/coreboot/+/33425/18
Change-Id: I020d1e4d4f5c948948e1b39dd18af1d0e860c279 Signed-off-by: T Michael Turney mturney@codeaurora.org --- M util/qualcomm/createxbl.py M util/qualcomm/mbn_tools.py 2 files changed, 94 insertions(+), 47 deletions(-)
git pull ssh://review.coreboot.org:29418/coreboot refs/changes/06/35506/17
Julius Werner has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/35506 )
Change subject: trogdor: support mbn_version 6 with python build scripts ......................................................................
Patch Set 17:
(9 comments)
Thanks I think this looks basically good now... just think matching the new header_version variable as a minimum (rather than an exact match) will help make it easier to expand this script in the future.
https://review.coreboot.org/c/coreboot/+/35506/17/util/qualcomm/createxbl.py File util/qualcomm/createxbl.py:
https://review.coreboot.org/c/coreboot/+/35506/17/util/qualcomm/createxbl.py... PS17, Line 269: secure_type = image_header_secflag, header_version = header_version ) nit: on a new line?
https://review.coreboot.org/c/coreboot/+/35506/17/util/qualcomm/createxbl.py... PS17, Line 673: if header_version == 5 or header_version == 6: nit: probably makes more sense to check < 4 (since presumably this will stay this way for future versions, unless it explicitly changes again?)
https://review.coreboot.org/c/coreboot/+/35506/17/util/qualcomm/createxbl.py... PS17, Line 687: if header_version == 5 or header_version == 6: same
https://review.coreboot.org/c/coreboot/+/35506/17/util/qualcomm/mbn_tools.py File util/qualcomm/mbn_tools.py:
https://review.coreboot.org/c/coreboot/+/35506/17/util/qualcomm/mbn_tools.py... PS17, Line 74: MBN_HEADER_VERSION_6 = 6 # Mbn header_version 6 nit: not really sure these constants are that useful as opposed to just using the numbers
https://review.coreboot.org/c/coreboot/+/35506/17/util/qualcomm/mbn_tools.py... PS17, Line 578: if self.flash_parti_ver == MBN_HEADER_VERSION_6: nit: maybe > 5?
https://review.coreboot.org/c/coreboot/+/35506/17/util/qualcomm/mbn_tools.py... PS17, Line 593: if self.flash_parti_ver == MBN_HEADER_VERSION_6: same
https://review.coreboot.org/c/coreboot/+/35506/17/util/qualcomm/mbn_tools.py... PS17, Line 1009: if header_version == MBN_HEADER_VERSION_5: This should probably be
if header_version > 4: boot_header.image_src = 0 boot_header.image_dest_ptr = 0
if header_version > 5: boot_header.metadata_size_qti = 0 boot_header.metadata_size = 0
https://review.coreboot.org/c/coreboot/+/35506/17/util/qualcomm/mbn_tools.py... PS17, Line 1050: global MI_PROG_BOOT_DIGEST_SIZE Can we please change this from a global to a normal local variable (and no ALL_CAPS name)? It's only used inside this function.
https://review.coreboot.org/c/coreboot/+/35506/17/util/qualcomm/mbn_tools.py... PS17, Line 2134: if header_version == MBN_HEADER_VERSION_6:
5?
Julius Werner has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/35506 )
Change subject: trogdor: support mbn_version 6 with python build scripts ......................................................................
Patch Set 17:
(1 comment)
https://review.coreboot.org/c/coreboot/+/35506/17/util/qualcomm/mbn_tools.py File util/qualcomm/mbn_tools.py:
https://review.coreboot.org/c/coreboot/+/35506/17/util/qualcomm/mbn_tools.py... PS17, Line 2134: if header_version == MBN_HEADER_VERSION_6:
5?
Sorry this was supposed to say " > 5" before markdown got there.
Douglas Anderson has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/35506 )
Change subject: trogdor: support mbn_version 6 with python build scripts ......................................................................
Patch Set 17: Code-Review-1
This unsets execute permission of the script, resulting in this error:
make: execvp: util/qualcomm/createxbl.py: Permission deniedmake: *** [src/soc/qualcomm/sc7180/Makefile.inc:176: build_serial-trogdor/cbfs/fallback/bootblock.bin] Error 127
Hello Douglas Anderson, Ravi kumar, build bot (Jenkins),
I'd like you to reexamine a change. Please visit
https://review.coreboot.org/c/coreboot/+/35506
to look at the new patch set (#18).
Change subject: trogdor: support mbn_version 6 with python build scripts ......................................................................
trogdor: support mbn_version 6 with python build scripts
Developer/Reviewer, be aware of this patch from Mistral: https://review.coreboot.org/c/coreboot/+/33425/18
Change-Id: I020d1e4d4f5c948948e1b39dd18af1d0e860c279 Signed-off-by: T Michael Turney mturney@codeaurora.org --- M util/qualcomm/createxbl.py M util/qualcomm/mbn_tools.py M util/qualcomm/qgpt.py 3 files changed, 95 insertions(+), 48 deletions(-)
git pull ssh://review.coreboot.org:29418/coreboot refs/changes/06/35506/18
ashk@codeaurora.org has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/35506 )
Change subject: trogdor: support mbn_version 6 with python build scripts ......................................................................
Patch Set 18:
(1 comment)
https://review.coreboot.org/c/coreboot/+/35506/17/util/qualcomm/mbn_tools.py File util/qualcomm/mbn_tools.py:
https://review.coreboot.org/c/coreboot/+/35506/17/util/qualcomm/mbn_tools.py... PS17, Line 2134: if header_version == MBN_HEADER_VERSION_6:
Sorry this was supposed to say " > 5" before markdown got there.
All the review comments will be addressed by Rishabh Sharma. He is looking in to it.
Rishabh Sharma has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/35506 )
Change subject: trogdor: support mbn_version 6 with python build scripts ......................................................................
Patch Set 25:
(8 comments)
https://review.coreboot.org/c/coreboot/+/35506/17/util/qualcomm/createxbl.py File util/qualcomm/createxbl.py:
https://review.coreboot.org/c/coreboot/+/35506/17/util/qualcomm/createxbl.py... PS17, Line 269: secure_type = image_header_secflag, header_version = header_version )
nit: on a new line?
Done
https://review.coreboot.org/c/coreboot/+/35506/17/util/qualcomm/createxbl.py... PS17, Line 673: if header_version == 5 or header_version == 6:
nit: probably makes more sense to check < 4 (since presumably this will stay this way for future ver […]
Explicitly checking for version 5 and 6 makes much sense, it is more user-friendly.
https://review.coreboot.org/c/coreboot/+/35506/17/util/qualcomm/createxbl.py... PS17, Line 687: if header_version == 5 or header_version == 6:
same
same
https://review.coreboot.org/c/coreboot/+/35506/17/util/qualcomm/mbn_tools.py File util/qualcomm/mbn_tools.py:
https://review.coreboot.org/c/coreboot/+/35506/17/util/qualcomm/mbn_tools.py... PS17, Line 74: MBN_HEADER_VERSION_6 = 6 # Mbn header_version 6
nit: not really sure these constants are that useful as opposed to just using the numbers
It is always good to have constants which are pointing to numbers, even SHA256_SIGNATURE_SIZE is also declared same
https://review.coreboot.org/c/coreboot/+/35506/17/util/qualcomm/mbn_tools.py... PS17, Line 578: if self.flash_parti_ver == MBN_HEADER_VERSION_6:
nit: maybe > 5?
Currently, 7,8,9 and later are not supported so this will be confusing to add check like this
https://review.coreboot.org/c/coreboot/+/35506/17/util/qualcomm/mbn_tools.py... PS17, Line 593: if self.flash_parti_ver == MBN_HEADER_VERSION_6:
same
same reply
https://review.coreboot.org/c/coreboot/+/35506/17/util/qualcomm/mbn_tools.py... PS17, Line 1009: if header_version == MBN_HEADER_VERSION_5:
This should probably be […]
Equality checking here is much more sensible then comparison.
https://review.coreboot.org/c/coreboot/+/35506/17/util/qualcomm/mbn_tools.py... PS17, Line 2134: if header_version == MBN_HEADER_VERSION_6:
All the review comments will be addressed by Rishabh Sharma. He is looking in to it.
same reply as above
Julius Werner has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/35506 )
Change subject: trogdor: support mbn_version 6 with python build scripts ......................................................................
Patch Set 25:
(2 comments)
https://review.coreboot.org/c/coreboot/+/35506/17/util/qualcomm/createxbl.py File util/qualcomm/createxbl.py:
https://review.coreboot.org/c/coreboot/+/35506/17/util/qualcomm/createxbl.py... PS17, Line 673: if header_version == 5 or header_version == 6:
Explicitly checking for version 5 and 6 makes much sense, it is more user-friendly.
I'm trying to suggest code that will be easier to maintain going forward. Yes, there are only versions 5 and 6 right now, but there may be versions 7, 8 and 9 at some point in the future. In general, most development happens by adding new things on top of the latest version -- so it's more likely that version 7 will be the same as versions 5 and 6 in this aspect than version 3 and 4.
If you always write these things by explicitly checking for 5 and 6, that means when version 7 comes around and is mostly the same as 6 (with another minor change somewhere else) you will have to go around and find every single check like this in the code and update them to include 7. If you don't do that, it will break, and it makes it easy to miss the check somewhere (and if you're unlucky it might break in a subtle way that's not immediately obvious).
You shouldn't think of this as "do I want to specify this for version 7 already or not", because you *are* already specifying it for version 7 and later anyway. Whenever you write 'if version == 6: ... else: ...' you automatically say that version 7 and later will be the same as version 5 or below (because it will catch on the else: clause). I'm just saying that's unlikely. It's more likely that it will be similar to version 6. So I would write all these things as less-than/greater-than checks, it will most likely save you work in the future and it may save you from having to chase down weird bugs.
https://review.coreboot.org/c/coreboot/+/35506/17/util/qualcomm/mbn_tools.py File util/qualcomm/mbn_tools.py:
https://review.coreboot.org/c/coreboot/+/35506/17/util/qualcomm/mbn_tools.py... PS17, Line 74: MBN_HEADER_VERSION_6 = 6 # Mbn header_version 6
It is always good to have constants which are pointing to numbers, even SHA256_SIGNATURE_SIZE is als […]
Well, for a SHA size it makes sense because the reader doesn't automatically know what the size is just from reading the name. But at the point where you are defining constants like
NUMBER_1 = 1 NUMBER_2 = 2 NUMBER_3 = 3 ...
I'm not sure it really adds any value anymore.
Anyway, no big deal, I'm fine leaving this like this if you prefer it.
Hello Doug Anderson, Ravi kumar, build bot (Jenkins),
I'd like you to reexamine a change. Please visit
https://review.coreboot.org/c/coreboot/+/35506
to look at the new patch set (#34).
Change subject: trogdor: support mbn_version 6 with python build scripts ......................................................................
trogdor: support mbn_version 6 with python build scripts
Developer/Reviewer, be aware of this patch from Mistral: https://review.coreboot.org/c/coreboot/+/33425/18
Change-Id: I020d1e4d4f5c948948e1b39dd18af1d0e860c279 Signed-off-by: T Michael Turney mturney@codeaurora.org --- M util/qualcomm/createxbl.py M util/qualcomm/mbn_tools.py M util/qualcomm/qgpt.py 3 files changed, 103 insertions(+), 56 deletions(-)
git pull ssh://review.coreboot.org:29418/coreboot refs/changes/06/35506/34
mturney mturney has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/35506 )
Change subject: trogdor: support mbn_version 6 with python build scripts ......................................................................
Patch Set 34:
(2 comments)
https://review.coreboot.org/c/coreboot/+/35506/17/util/qualcomm/createxbl.py File util/qualcomm/createxbl.py:
https://review.coreboot.org/c/coreboot/+/35506/17/util/qualcomm/createxbl.py... PS17, Line 673: if header_version == 5 or header_version == 6:
I'm trying to suggest code that will be easier to maintain going forward. […]
Done
https://review.coreboot.org/c/coreboot/+/35506/17/util/qualcomm/createxbl.py... PS17, Line 687: if header_version == 5 or header_version == 6:
same
Done
Julius Werner has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/35506 )
Change subject: trogdor: support mbn_version 6 with python build scripts ......................................................................
Patch Set 36:
(1 comment)
Looks like you've taking my suggestion in some parts of the patch here but not yet in other parts... please address the remaining open comments and indicate if you consider this ready for review again.
https://review.coreboot.org/c/coreboot/+/35506/36/util/qualcomm/createxbl.py File util/qualcomm/createxbl.py:
https://review.coreboot.org/c/coreboot/+/35506/36/util/qualcomm/createxbl.py... PS36, Line 269: secure_type = image_header_secflag, header_version = header_version ) You said 'Done' here but you didn't actually put it on a new line.
mturney mturney has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/35506 )
Change subject: trogdor: support mbn_version 6 with python build scripts ......................................................................
Patch Set 36:
(1 comment)
Push later today addresses this last item and patch should be ready for review and merge.
https://review.coreboot.org/c/coreboot/+/35506/36/util/qualcomm/createxbl.py File util/qualcomm/createxbl.py:
https://review.coreboot.org/c/coreboot/+/35506/36/util/qualcomm/createxbl.py... PS36, Line 269: secure_type = image_header_secflag, header_version = header_version )
You said 'Done' here but you didn't actually put it on a new line.
Done
Hello Doug Anderson, Ravi kumar, build bot (Jenkins),
I'd like you to reexamine a change. Please visit
https://review.coreboot.org/c/coreboot/+/35506
to look at the new patch set (#37).
Change subject: trogdor: support mbn_version 6 with python build scripts ......................................................................
trogdor: support mbn_version 6 with python build scripts
Developer/Reviewer, be aware of this patch from Mistral: https://review.coreboot.org/c/coreboot/+/33425/18
Change-Id: I020d1e4d4f5c948948e1b39dd18af1d0e860c279 Signed-off-by: T Michael Turney mturney@codeaurora.org --- M util/qualcomm/createxbl.py M util/qualcomm/mbn_tools.py M util/qualcomm/qgpt.py 3 files changed, 106 insertions(+), 57 deletions(-)
git pull ssh://review.coreboot.org:29418/coreboot refs/changes/06/35506/37
Hello Doug Anderson, Ravi kumar, build bot (Jenkins),
I'd like you to reexamine a change. Please visit
https://review.coreboot.org/c/coreboot/+/35506
to look at the new patch set (#38).
Change subject: trogdor: support mbn_version 6 with python build scripts ......................................................................
trogdor: support mbn_version 6 with python build scripts
Developer/Reviewer, be aware of this patch from Mistral: https://review.coreboot.org/c/coreboot/+/33425/18
Change-Id: I020d1e4d4f5c948948e1b39dd18af1d0e860c279 Signed-off-by: T Michael Turney mturney@codeaurora.org --- M util/qualcomm/createxbl.py M util/qualcomm/mbn_tools.py M util/qualcomm/qgpt.py 3 files changed, 112 insertions(+), 70 deletions(-)
git pull ssh://review.coreboot.org:29418/coreboot refs/changes/06/35506/38
mturney mturney has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/35506 )
Change subject: trogdor: support mbn_version 6 with python build scripts ......................................................................
Patch Set 38:
(7 comments)
https://review.coreboot.org/c/coreboot/+/35506/12/util/qualcomm/createxbl.py File util/qualcomm/createxbl.py:
https://review.coreboot.org/c/coreboot/+/35506/12/util/qualcomm/createxbl.py... PS12, Line 217: is_ext_mbn_v5 = True
a new version will be uploaded with the required fix
Done
https://review.coreboot.org/c/coreboot/+/35506/17/util/qualcomm/mbn_tools.py File util/qualcomm/mbn_tools.py:
https://review.coreboot.org/c/coreboot/+/35506/17/util/qualcomm/mbn_tools.py... PS17, Line 74: MBN_HEADER_VERSION_6 = 6 # Mbn header_version 6
Well, for a SHA size it makes sense because the reader doesn't automatically know what the size is j […]
Done
https://review.coreboot.org/c/coreboot/+/35506/17/util/qualcomm/mbn_tools.py... PS17, Line 578: if self.flash_parti_ver == MBN_HEADER_VERSION_6:
Currently, 7,8,9 and later are not supported so this will be confusing to add check like this
Done
https://review.coreboot.org/c/coreboot/+/35506/17/util/qualcomm/mbn_tools.py... PS17, Line 593: if self.flash_parti_ver == MBN_HEADER_VERSION_6:
same reply
Done
https://review.coreboot.org/c/coreboot/+/35506/17/util/qualcomm/mbn_tools.py... PS17, Line 1009: if header_version == MBN_HEADER_VERSION_5:
Equality checking here is much more sensible then comparison.
Done
https://review.coreboot.org/c/coreboot/+/35506/17/util/qualcomm/mbn_tools.py... PS17, Line 1050: global MI_PROG_BOOT_DIGEST_SIZE
Can we please change this from a global to a normal local variable (and no ALL_CAPS name)? It's only […]
Done
https://review.coreboot.org/c/coreboot/+/35506/17/util/qualcomm/mbn_tools.py... PS17, Line 2134: if header_version == MBN_HEADER_VERSION_6:
same reply as above
Done
Julius Werner has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/35506 )
Change subject: trogdor: support mbn_version 6 with python build scripts ......................................................................
Patch Set 38: Code-Review+2
Julius Werner has submitted this change. ( https://review.coreboot.org/c/coreboot/+/35506 )
Change subject: trogdor: support mbn_version 6 with python build scripts ......................................................................
trogdor: support mbn_version 6 with python build scripts
Developer/Reviewer, be aware of this patch from Mistral: https://review.coreboot.org/c/coreboot/+/33425/18
Change-Id: I020d1e4d4f5c948948e1b39dd18af1d0e860c279 Signed-off-by: T Michael Turney mturney@codeaurora.org Reviewed-on: https://review.coreboot.org/c/coreboot/+/35506 Tested-by: build bot (Jenkins) no-reply@coreboot.org Reviewed-by: Julius Werner jwerner@chromium.org --- M util/qualcomm/createxbl.py M util/qualcomm/mbn_tools.py M util/qualcomm/qgpt.py 3 files changed, 112 insertions(+), 70 deletions(-)
Approvals: build bot (Jenkins): Verified Julius Werner: Looks good to me, approved
diff --git a/util/qualcomm/createxbl.py b/util/qualcomm/createxbl.py index 4a21854..861cec9 100755 --- a/util/qualcomm/createxbl.py +++ b/util/qualcomm/createxbl.py @@ -44,11 +44,13 @@ # # when who what, where, why # -------- --- ------------------------------------------------------ +# 05/21/19 rissha Added --mbn_version to add MBN header accordingly # 03/26/18 tv Added -e to enable extended MBNV5 support # 09/04/15 et Added -x and -d to embed xbl_sec ELF # 02/11/15 ck Fixed missing elf type check in ZI OOB feature # 11/04/14 ck Updated calls to mbn_tools functions -# 10/22/14 ck Added -z option to remove out of bounds ZI segments when converting from 64 to 32 +# 10/22/14 ck Added -z option to remove out of bounds ZI segments when +# converting from 64 to 32 # 10/10/14 ck Added -c option and logic to enable elf type swapping # 09/12/14 ck Added single file logic # 08/29/14 ck Added no_hash option @@ -119,6 +121,10 @@ help="Removes ZI segments that have addresses greater" + \ " than 32 bits when converting from a 64 to 32 bit ELF")
+ parser.add_option("--mbn_version", + action="store", type="int", dest="mbn_version", + help="Add mbn header in elf image. '3', '5' or '6'") +
(options, args) = parser.parse_args() if not options.elf_inp_file1: @@ -206,11 +212,13 @@ else: zi_oob_enabled = True
- if options.elf_inp_xbl_sec: - is_ext_mbn_v5 = True - else: - is_ext_mbn_v5 = False + header_version = 3
+ if options.elf_inp_xbl_sec: + header_version = 5 + + if options.mbn_version: + header_version = options.mbn_version
mbn_type = 'elf' header_format = 'reg' @@ -244,7 +252,7 @@ is_elf_xbl_sec_64_bit, is_out_elf_64_bit, zi_oob_enabled, - is_ext_mbn_v5) + header_version)
# Hash the image if user did not explicitly say not to @@ -259,7 +267,8 @@ source_elf, target_hash, elf_out_file_name = target_phdr_elf, - secure_type = image_header_secflag) + secure_type = image_header_secflag, + header_version = header_version ) if rv: raise RuntimeError, "Failed to run pboot_gen_elf"
@@ -269,8 +278,8 @@ target_hash, target_hash_hd, image_header_secflag, - is_ext_mbn_v5, - elf_file_name = source_elf) + elf_file_name = source_elf, + header_version = header_version) if rv: raise RuntimeError, "Failed to create image header for hash segment"
@@ -305,7 +314,7 @@ is_elf_xbl_sec_64_bit, is_out_elf_64_bit, zi_oob_enabled, - is_ext_mbn_v5): + header_version):
[elf_header1, phdr_table1] = \ mbn_tools.preprocess_elf_file(elf_in_file_name1) @@ -663,12 +672,12 @@ new_phdr.p_paddr = phys_virt_addr new_phdr.p_filesz = os.path.getsize(elf_in_file_xbl_sec) new_phdr.p_memsz = new_phdr.p_filesz - if is_ext_mbn_v5 == True: - new_phdr.p_flags = (0x5 | - (mbn_tools.MI_PBT_XBL_SEC_SEGMENT << - mbn_tools.MI_PBT_FLAG_SEGMENT_TYPE_SHIFT)); + if header_version >= 5: + new_phdr.p_flags = (0x5 | + (mbn_tools.MI_PBT_XBL_SEC_SEGMENT << + mbn_tools.MI_PBT_FLAG_SEGMENT_TYPE_SHIFT)); else: - new_phdr.p_flags = 0x5 + new_phdr.p_flags = 0x5 new_phdr.p_align = 0x1000 else: # Converting from 64 to 32 elf requires data size validation @@ -677,12 +686,12 @@ new_phdr = mbn_tools.Elf32_Phdr('\0' * ELF32_PHDR_SIZE) new_phdr.p_type = 0x1 # new_phdr.p_offset = segment_offset - if is_ext_mbn_v5 == True: - new_phdr.p_flags = (0x5 | - (mbn_tools.MI_PBT_XBL_SEC_SEGMENT << - mbn_tools.MI_PBT_FLAG_SEGMENT_TYPE_SHIFT)); + if header_version >= 5: + new_phdr.p_flags = (0x5 | + (mbn_tools.MI_PBT_XBL_SEC_SEGMENT << + mbn_tools.MI_PBT_FLAG_SEGMENT_TYPE_SHIFT)); else: - new_phdr.p_flags = 0x5 + new_phdr.p_flags = 0x5 new_phdr.p_align = 0x1000
if phys_virt_addr > 0xFFFFFFFF: diff --git a/util/qualcomm/mbn_tools.py b/util/qualcomm/mbn_tools.py index 12dc210..6008da5 100755 --- a/util/qualcomm/mbn_tools.py +++ b/util/qualcomm/mbn_tools.py @@ -41,6 +41,7 @@ # # when who what, where, why # -------- --- --------------------------------------------------------- +# 05/21/18 rissha Added support for extended MBNV6 and Add support for hashing elf segments with SHA384 # 03/22/18 thiru Added support for extended MBNV5. # 06/06/13 yliong CR 497042: Signed and encrypted image is corrupted. MRC features. # 03/18/13 dhaval Add support for hashing elf segments with SHA256 and @@ -64,23 +65,21 @@ #---------------------------------------------------------------------------- # GLOBAL VARIABLES BEGIN #---------------------------------------------------------------------------- -PAD_BYTE_1 = 255 # Padding byte 1s -PAD_BYTE_0 = 0 # Padding byte 0s -SHA256_SIGNATURE_SIZE = 256 # Support SHA256 -MAX_NUM_ROOT_CERTS = 4 # Maximum number of OEM root certificates -MI_BOOT_IMG_HDR_SIZE = 40 # sizeof(mi_boot_image_header_type) -MI_BOOT_SBL_HDR_SIZE = 80 # sizeof(sbl_header) -BOOT_HEADER_LENGTH = 20 # Boot Header Number of Elements -SBL_HEADER_LENGTH = 20 # SBL Header Number of Elements -FLASH_PARTI_VERSION = 3 # Flash Partition Version Number -MAX_PHDR_COUNT = 100 # Maximum allowable program headers -CERT_CHAIN_ONEROOT_MAXSIZE = 6*1024 # Default Cert Chain Max Size for one root -VIRTUAL_BLOCK_SIZE = 131072 # Virtual block size for MCs insertion in SBL1 if ENABLE_VIRTUAL_BLK ON -MAGIC_COOKIE_LENGTH = 12 # Length of magic Cookie inserted per VIRTUAL_BLOCK_SIZE -MIN_IMAGE_SIZE_WITH_PAD = 256*1024 # Minimum image size for sbl1 Nand based OTA feature +PAD_BYTE_1 = 255 # Padding byte 1s +PAD_BYTE_0 = 0 # Padding byte 0s +SHA256_SIGNATURE_SIZE = 256 # Support SHA256 +MAX_NUM_ROOT_CERTS = 4 # Maximum number of OEM root certificates +MI_BOOT_SBL_HDR_SIZE = 80 # sizeof(sbl_header) +BOOT_HEADER_LENGTH = 20 # Boot Header Number of Elements +SBL_HEADER_LENGTH = 20 # SBL Header Number of Elements +MAX_PHDR_COUNT = 100 # Maximum allowable program headers +CERT_CHAIN_ONEROOT_MAXSIZE = 6*1024 # Default Cert Chain Max Size for one root +VIRTUAL_BLOCK_SIZE = 131072 # Virtual block size for MCs insertion in SBL1 if ENABLE_VIRTUAL_BLK ON +MAGIC_COOKIE_LENGTH = 12 # Length of magic Cookie inserted per VIRTUAL_BLOCK_SIZE +MIN_IMAGE_SIZE_WITH_PAD = 256*1024 # Minimum image size for sbl1 Nand based OTA feature
-SBL_AARCH64 = 0xF # Indicate that SBL is a Aarch64 image -SBL_AARCH32 = 0x0 # Indicate that SBL is a Aarch32 image +SBL_AARCH64 = 0xF # Indicate that SBL is a Aarch64 image +SBL_AARCH32 = 0x0 # Indicate that SBL is a Aarch32 image
# Magic numbers filled in for boot headers FLASH_CODE_WORD = 0x844BDCD1 @@ -150,7 +149,6 @@ MI_PBT_FLAGS_MASK = 0x0FF00000
# Helper defines to help parse ELF program headers -MI_PROG_BOOT_DIGEST_SIZE = 20 MI_PBT_FLAG_SEGMENT_TYPE_MASK = 0x07000000 MI_PBT_FLAG_SEGMENT_TYPE_SHIFT = 0x18 MI_PBT_FLAG_PAGE_MODE_MASK = 0x00100000 @@ -528,7 +526,7 @@ class Boot_Hdr: def __init__(self, init_val): self.image_id = ImageType.NONE_IMG - self.flash_parti_ver = FLASH_PARTI_VERSION + self.flash_parti_ver = 3 self.image_src = init_val self.image_dest_ptr = init_val self.image_size = init_val @@ -573,6 +571,10 @@ self.reserved_2, self.reserved_3 ]
+ if self.flash_parti_ver >= 6: + values.insert(10, self.metadata_size_qti) + values.insert(11, self.metadata_size) + if self.image_dest_ptr >= 0x100000000: values[3] = 0xFFFFFFFF
@@ -584,8 +586,12 @@
# Write 10 entries(40B) or 20 entries(80B) of boot header if write_full_hdr is False: - s = struct.Struct('I'* 10) - values = values[:10] + if self.flash_parti_ver >= 6: + s = struct.Struct('I'* 12) + values = values[:12] + else: + s = struct.Struct('I'* 10) + values = values[:10] else: s = struct.Struct('I' * self.getLength())
@@ -904,7 +910,6 @@ code_file_name, output_file_name, secure_type, - is_ext_mbn_v5, header_format = 'reg', requires_preamble = False, preamble_file_name = None, @@ -912,7 +917,8 @@ write_full_hdr = False, in_code_size = None, cert_chain_size_in = CERT_CHAIN_ONEROOT_MAXSIZE, - num_of_pages = None): + num_of_pages = None, + header_version = None):
# Preliminary checks if (requires_preamble is True) and (preamble_file_name is None): @@ -945,9 +951,12 @@ cert_chain_size = 0 image_size = code_size
+ if header_version: + assert header_version in [3, 5, 6], 'Not a valid MBN header version' + # For ELF or hashed images, image destination will be determined from an ELF input file if gen_dict['IMAGE_KEY_MBN_TYPE'] == 'elf': - image_dest = get_hash_address(elf_file_name) + MI_BOOT_IMG_HDR_SIZE + image_dest = get_hash_address(elf_file_name) + (header_size(header_version)) elif gen_dict['IMAGE_KEY_MBN_TYPE'] == 'bin': image_dest = gen_dict['IMAGE_KEY_IMAGE_DEST'] image_source = gen_dict['IMAGE_KEY_IMAGE_SOURCE'] @@ -991,12 +1000,15 @@ boot_header.sig_size = signature_size boot_header.cert_chain_ptr = image_dest + code_size + signature_size boot_header.cert_chain_size = cert_chain_size + boot_header.flash_parti_ver = header_version # version
- if is_ext_mbn_v5 == True: - # If platform image integrity check is enabled - boot_header.flash_parti_ver = 5 # version - boot_header.image_src = 0 # sig_size_qc - boot_header.image_dest_ptr = 0 # cert_chain_size_qc + if header_version >= 5: + boot_header.image_src = 0 # sig_size_qc + boot_header.image_dest_ptr = 0 # cert_chain_size_qc + + if header_version >= 6: + boot_header.metadata_size_qti = 0 # qti_metadata size + boot_header.metadata_size = 0 # oem_metadata size
# If preamble is required, output the preamble file and update the boot_header if requires_preamble is True: @@ -1021,12 +1033,22 @@ last_phys_addr = None, append_xml_hdr = False, is_sha256_algo = True, - cert_chain_size_in = CERT_CHAIN_ONEROOT_MAXSIZE): - global MI_PROG_BOOT_DIGEST_SIZE - if (is_sha256_algo is True): - MI_PROG_BOOT_DIGEST_SIZE = 32 + cert_chain_size_in = CERT_CHAIN_ONEROOT_MAXSIZE, + header_version = None): + sha_algo = 'SHA1' + if is_sha256_algo: + sha_algo = 'SHA256' + + if header_version >= 6: + sha_algo = 'SHA384' + image_header_size = header_size(header_version) + + if (sha_algo == 'SHA384'): + mi_prog_boot_digest_size = 48 + elif sha_algo == 'SHA256': + mi_prog_boot_digest_size = 32 else: - MI_PROG_BOOT_DIGEST_SIZE = 20 + mi_prog_boot_digest_size = 20
# Open Files elf_in_fp = OPEN(elf_in_file_name, "rb") @@ -1052,7 +1074,7 @@ elf_header_size = ELF32_HDR_SIZE is_elf64 = False
- hash = '\0' * MI_PROG_BOOT_DIGEST_SIZE + hash = '\0' * mi_prog_boot_digest_size phdr_start = 0 bytes_to_pad = 0 hash_seg_end = 0 @@ -1071,12 +1093,12 @@ elf_header.e_phnum += 2
# Create an empty hash entry for PHDR_TYPE - hash_out_fp.write('\0' * MI_PROG_BOOT_DIGEST_SIZE) - hashtable_size += MI_PROG_BOOT_DIGEST_SIZE + hash_out_fp.write('\0' * mi_prog_boot_digest_size) + hashtable_size += mi_prog_boot_digest_size
# Create an empty hash entry for the hash segment itself - hash_out_fp.write('\0' * MI_PROG_BOOT_DIGEST_SIZE) - hashtable_size += MI_PROG_BOOT_DIGEST_SIZE + hash_out_fp.write('\0' * mi_prog_boot_digest_size) + hashtable_size += mi_prog_boot_digest_size
# Begin hash table generation for i in range(num_phdrs): @@ -1110,14 +1132,14 @@ fbuf = elf_in_fp.read(hash_size)
if MI_PBT_CHECK_FLAG_TYPE(curr_phdr.p_flags) is True: - hash = generate_hash(fbuf, is_sha256_algo) + hash = generate_hash(fbuf, sha_algo) else: - hash = '\0' * MI_PROG_BOOT_DIGEST_SIZE + hash = '\0' * mi_prog_boot_digest_size
# Write hash to file hash_out_fp.write(hash)
- hashtable_size += MI_PROG_BOOT_DIGEST_SIZE + hashtable_size += mi_prog_boot_digest_size seg_offset += ELF_BLOCK_ALIGN
# Copy the hash entry for all that are PAGED segments and those that are not the PHDR type. This is for @@ -1129,14 +1151,14 @@ file_buff = elf_in_fp.read(data_len)
if (MI_PBT_CHECK_FLAG_TYPE(curr_phdr.p_flags) is True) and (data_len > 0): - hash = generate_hash(file_buff, is_sha256_algo) + hash = generate_hash(file_buff, sha_algo) else: - hash = '\0' * MI_PROG_BOOT_DIGEST_SIZE + hash = '\0' * mi_prog_boot_digest_size
# Write hash to file hash_out_fp.write(hash)
- hashtable_size += MI_PROG_BOOT_DIGEST_SIZE + hashtable_size += mi_prog_boot_digest_size # End hash table generation
# Generate the rest of the ELF output file if specified @@ -1151,7 +1173,7 @@
# Initialize the hash table program header [hash_Phdr, pad_hash_segment, hash_tbl_end_addr, hash_tbl_offset] = \ - initialize_hash_phdr(elf_in_file_name, hashtable_size, MI_BOOT_IMG_HDR_SIZE, ELF_BLOCK_ALIGN, is_elf64) + initialize_hash_phdr(elf_in_file_name, hashtable_size, image_header_size, ELF_BLOCK_ALIGN, is_elf64)
# Check if hash segment max size parameter was passed if (hash_seg_max_size is not None): @@ -1252,7 +1274,7 @@ # Read the program header and compute hash proghdr_buff = elf_out_fp.read(elf_header.e_phnum * phdr_size)
- hash = generate_hash(elfhdr_buff + proghdr_buff, is_sha256_algo) + hash = generate_hash(elfhdr_buff + proghdr_buff, sha_algo)
# Write hash to file as first hash table entry hash_out_fp.seek(0) @@ -1592,7 +1614,7 @@ page = page + elf_in_fp.read(bytes_in_page - len(page)) if (len(page) < DP_PAGE_SIZE): page = page + (struct.pack('b', 0) * (DP_PAGE_SIZE - len(page))) - hashes = hashes + [generate_hash(page, True)] + hashes = hashes + [generate_hash(page, 'SHA256')] bytes_left -= bytes_in_page
# And write them to the hash segment @@ -2101,9 +2123,20 @@ #---------------------------------------------------------------------------- # sha1/sha256 hash routine wrapper #---------------------------------------------------------------------------- -def generate_hash(in_buf, is_sha256_algo): +def header_size(header_version): + if header_version >= 6: + return 48 + else: + return 40 + +#---------------------------------------------------------------------------- +# sha1/sha256 hash routine wrapper +#---------------------------------------------------------------------------- +def generate_hash(in_buf, sha_algo): # Initialize a SHA1 object from the Python hash library - if (is_sha256_algo is True): + if sha_algo == 'SHA384': + m = hashlib.sha384() + elif sha_algo == 'SHA256': m = hashlib.sha256() else: m = hashlib.sha1() diff --git a/util/qualcomm/qgpt.py b/util/qualcomm/qgpt.py index 476ca5c..0b096b9 100755 --- a/util/qualcomm/qgpt.py +++ b/util/qualcomm/qgpt.py @@ -1,4 +1,4 @@ -#!/usr/bin/python +#!/usr/bin/env python2 #============================================================================ # #/** @file qgpt.py
-
Douglas Anderson (Code Review) -
Julius Werner (Code Review)
-
mturney mturney (Code Review)
-
Name of user not set (Code Review)
-
Ravi kumar (Code Review)
-
Rishabh Sharma (Code Review)