[openfirmware] [commit] r1906 - cpu/x86/pc/olpc

repository service svn at openfirmware.info
Tue Aug 3 21:52:21 CEST 2010


Author: wmb
Date: Tue Aug  3 21:52:21 2010
New Revision: 1906
URL: http://tracker.coreboot.org/trac/openfirmware/changeset/1906

Log:
svn ignore *.public

Added:
   cpu/x86/pc/olpc/keyinsert.fth
Modified:
   cpu/x86/pc/olpc/   (props changed)

Added: cpu/x86/pc/olpc/keyinsert.fth
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ cpu/x86/pc/olpc/keyinsert.fth	Tue Aug  3 21:52:21 2010	(r1906)
@@ -0,0 +1,172 @@
+purpose: Inject additional keys into manufacturing data on non-secured machine
+\ See license at end of file
+
+\ This key insertion program is for use in manufacturing before the machines
+\ have been secured, i.e. before the wp tag is created.
+
+\ Search for !!! for things that may need to change for different deployments
+
+\ !!! Change the list of SKUs according to which ones should receive the new keys
+: wrong-sku?  ( -- flag )
+   " P#" find-tag 0=  if  true exit  then              ( pn$ )
+
+   -null                                               ( pn$' )
+   2dup " 1CL1BZP0KD6" $=  if  2drop false exit  then  ( pn$ ) \ UY BYD LiFePO4
+   2dup " 1CL11ZP0KD7" $=  if  2drop false exit  then  ( pn$ ) \ UY GP NiMH
+   2dup " 1CL11ZP0KD9" $=  if  2drop false exit  then  ( pn$ ) \ UY GP LiFePO4
+   2dup " 1CL1B000003" $=  if  2drop false exit  then  ( pn$ ) \ Preproduction XO-1.5
+[ifdef] test-me
+   2dup " 1CL11ZU0KDB" $=  if  2drop false exit  then  ( pn$ ) \ US for testing
+[then]
+   2drop
+
+   true
+;
+
+\ !!! Change the key list according to which keys the deployment wants
+: new-key-list$  ( -- )  " a1 d1 o1 s1 t1 w1 "  ;
+
+\ !!! Change the pattern according to the location of key data files
+: get-key-file  ( keyname$ -- false | value$ true )
+\  " ext:\\%s.public"   \ For an SD card formatted with EXT2 (capable of handling long names)
+   " u:\\%s.pub"        \ For a USB driver formatted with FAT (8.3 filename restriction)
+   sprintf $read-file 0=
+;
+
+: keyject-expired?  ( -- flag )  false  ;
+
+\ True if the all the requested tags are already present.
+\ This prevents endless looping.
+: already-injected?  ( -- flag )
+   new-key-list$  begin  dup  while  ( $ )
+      bl left-parse-string           ( $' name$ )
+      find-tag  if                   ( $ value$ )
+         2drop                       ( $ )
+      else                           ( $ )
+         2drop  false exit
+      then                           ( $ )
+   repeat                            ( $ )
+   2drop true
+;
+
+: inject-key  ( keyname$ -- )
+   2dup get-key-file  if             ( keyname$ value$ )
+      2over ram-find-tag  if         ( keyname$ value$ oldvalue$ )
+         2 pick <>  if               ( keyname$ value$ oldvalue$ )
+            3drop                    ( keyname$ )
+            ." Warning: inconsistent old tag length for " type cr   ( )
+            exit
+         then                        ( keyname$ value$ oldvalue-adr )
+         >r 2tuck  r> swap  move     ( valu$ keyname$ )
+         green-letters
+         ." Replaced " type cr       ( value$ )
+         black-letters
+      else                           ( keyname$ value$ )
+         2swap                       ( value$ keyname$ )
+         2over 2over                 ( value$ keyname$ value$ keyname$ )
+         ($add-tag)                  ( value$ keyname$ )
+         green-letters
+         ." Added " type cr          ( value$ )
+         black-letters
+      then                           ( value$ )
+      free-mem                       ( )
+   else                              ( keyname$ )
+      ." Warning: Can't find a dropin module for " type cr  ( )
+   then                              ( )
+;
+
+: inject-keys  ( -- )
+   get-mfg-data
+   new-key-list$  begin  dup  while  ( $ )
+      bl left-parse-string           ( $' name$ )
+      inject-key                     ( $ )
+   repeat                            ( $ )
+   2drop                             ( )
+   (put-mfg-data)                    ( )
+;
+
+: keyject-error  ( msg$ -- )
+   cr
+   red-letters  ." Not injecting because:   "  type  cr  black-letters
+   cr
+;
+
+: do-keyject?  ( -- flag )
+   wrong-sku?  if
+      " Wrong SKU" keyject-error
+      false exit
+   then
+   keyject-expired?  if
+      " Date Expired" keyject-error
+      false exit
+   then
+   already-injected?   if
+      " Keys Already Present" keyject-error
+      false exit
+   then
+   true
+;
+
+: ac-connected?  ( -- flag )  bat-status@ h# 10 and  0<>  ;
+
+\ Empirically, a weak-but-present battery can present the "trickle charge" (80)
+\ but not present the "present" bit (01).
+: battery-present?  ( -- flag )  bat-status@ h# 81 and  0<>  ;
+
+\ Similarly, a weak-but-present battery can present the "trickle charge" (80)
+\ but not present the "battery low" bit (04).
+: battery-strong?  ( -- flag )  bat-status@ h# 84 and  0=  ;
+
+: wait-enough-power  ( -- )
+   ac-connected?  0=  if
+      ." Please connect the AC adapter to continue..."
+      begin  d# 100 ms  ac-connected?  until
+      cr
+   then
+   battery-present?  0=  if
+      ." Please insert a well-charged battery to continue..."
+      begin  d# 100 ms  battery-present?  until
+      cr
+   then
+   battery-strong?  0=  if
+      ." The battery is low.  Please insert a charged one to continue..."
+      begin  d# 100 ms  battery-present? battery-strong? and  until
+   then
+;
+
+: ?keyject  ( -- )
+   visible
+   green-letters  cr ." Security Key Injector" cr cr  black-letters
+   do-keyject?  if
+      wait-enough-power
+      flash-write-enable
+      inject-keys
+      flash-write-disable  \ Should reboot
+   then
+;
+
+?keyject
+
+\ LICENSE_BEGIN
+\ Copyright (c) 2010 FirmWorks
+\ 
+\ Permission is hereby granted, free of charge, to any person obtaining
+\ a copy of this software and associated documentation files (the
+\ "Software"), to deal in the Software without restriction, including
+\ without limitation the rights to use, copy, modify, merge, publish,
+\ distribute, sublicense, and/or sell copies of the Software, and to
+\ permit persons to whom the Software is furnished to do so, subject to
+\ the following conditions:
+\ 
+\ The above copyright notice and this permission notice shall be
+\ included in all copies or substantial portions of the Software.
+\ 
+\ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+\ EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+\ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+\ NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+\ LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+\ OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+\ WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+\
+\ LICENSE_END



More information about the openfirmware mailing list