From d630816f9bbb6e1aec4d6fa583ca7ca5045c4f18 Mon Sep 17 00:00:00 2001 From: Rob Austein Date: Tue, 21 Jun 2016 17:59:44 -0400 Subject: First step towards Alpha board firmware release engineering. Committing and pushing early so I can do initial test builds on something with a little more horsepower. --- .gitignore | 1 + .gitmodules | 45 +++++++++++++++++++++++++++++++++++++++++++++ Makefile | 17 +++++++++++++++++ README.md | 19 +++++++++++++++++++ core/cipher/aes | 1 + core/cipher/chacha | 1 + core/comm/fmc | 1 + core/comm/uart | 1 + core/hash/sha1 | 1 + core/hash/sha256 | 1 + core/hash/sha512 | 1 + core/math/modexpa7 | 1 + core/platform/alpha | 1 + core/rng/avalanche_entropy | 1 + core/rng/rosc_entropy | 1 + core/rng/trng | 1 + core/rng/vndecorrelator | 1 + core/util/mkmif | 1 + sw/stm32 | 1 + 19 files changed, 97 insertions(+) create mode 100644 .gitignore create mode 100644 .gitmodules create mode 100644 Makefile create mode 100644 README.md create mode 160000 core/cipher/aes create mode 160000 core/cipher/chacha create mode 160000 core/comm/fmc create mode 160000 core/comm/uart create mode 160000 core/hash/sha1 create mode 160000 core/hash/sha256 create mode 160000 core/hash/sha512 create mode 160000 core/math/modexpa7 create mode 160000 core/platform/alpha create mode 160000 core/rng/avalanche_entropy create mode 160000 core/rng/rosc_entropy create mode 160000 core/rng/trng create mode 160000 core/rng/vndecorrelator create mode 160000 core/util/mkmif create mode 160000 sw/stm32 diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..77d1cab --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +screenlog.0 diff --git a/.gitmodules b/.gitmodules new file mode 100644 index 0000000..719957a --- /dev/null +++ b/.gitmodules @@ -0,0 +1,45 @@ +[submodule "core/cipher/aes"] + path = core/cipher/aes + url = https://git.cryptech.is/core/cipher/aes.git +[submodule "core/cipher/chacha"] + path = core/cipher/chacha + url = https://git.cryptech.is/core/cipher/chacha.git +[submodule "core/comm/fmc"] + path = core/comm/fmc + url = https://git.cryptech.is/core/comm/fmc.git +[submodule "core/comm/uart"] + path = core/comm/uart + url = https://git.cryptech.is/core/comm/uart.git +[submodule "core/hash/sha1"] + path = core/hash/sha1 + url = https://git.cryptech.is/core/hash/sha1.git +[submodule "core/hash/sha256"] + path = core/hash/sha256 + url = https://git.cryptech.is/core/hash/sha256.git +[submodule "core/hash/sha512"] + path = core/hash/sha512 + url = https://git.cryptech.is/core/hash/sha512.git +[submodule "core/math/modexpa7"] + path = core/math/modexpa7 + url = https://git.cryptech.is/core/math/modexpa7.git +[submodule "core/platform/alpha"] + path = core/platform/alpha + url = https://git.cryptech.is/core/platform/alpha.git +[submodule "core/rng/avalanche_entropy"] + path = core/rng/avalanche_entropy + url = https://git.cryptech.is/core/rng/avalanche_entropy.git +[submodule "core/rng/rosc_entropy"] + path = core/rng/rosc_entropy + url = https://git.cryptech.is/core/rng/rosc_entropy.git +[submodule "core/rng/trng"] + path = core/rng/trng + url = https://git.cryptech.is/core/rng/trng.git +[submodule "core/rng/vndecorrelator"] + path = core/rng/vndecorrelator + url = https://git.cryptech.is/core/rng/vndecorrelator.git +[submodule "core/util/mkmif"] + path = core/util/mkmif + url = https://git.cryptech.is/core/util/mkmif.git +[submodule "sw/stm32"] + path = sw/stm32 + url = https://git.cryptech.is/sw/stm32.git diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..38d1a78 --- /dev/null +++ b/Makefile @@ -0,0 +1,17 @@ +# Preliminary makefile for releng/alpha/firmware, just to test the +# basic build sequence before we start messing with packaging scripts, +# version numbers, and other forms of entertainment. Expect changes. + +all: bitstream elves + +bitstream: + cd core/platform/alpha/build; ${MAKE} + +elves: + cd sw/stm32; ${MAKE} bootloader hsm + +clean: + git clean -dfx + git submodule foreach git clean -dfx + +.PHONY: bitstream elves clean diff --git a/README.md b/README.md new file mode 100644 index 0000000..ebf4015 --- /dev/null +++ b/README.md @@ -0,0 +1,19 @@ +Preliminary release engineering super-repository for building firmware +for the Cryptech "Alpha" board. + +Primary tasks here are to build a bitstream for the FPGA and the +"bootstrap" and "hsm" images for the Alpha's CPU. + +Eventually there will be a lot of packaging and versioning glorp here, +but let's start with basic build and clean targets. + +Current repository structure is, um, complicated. On the RTL side, we +have a tree of simple subrepositories, each representing one RTL core. + +On the software side, we have a subrepository which has several +subrepositories of its own: current thinking is that this should +probably be replaced by separate repositories and Makefile VPATH +magic, but this is what we have today so it's what we build with +today. + +This README is probably obsolete by the time you're reading it. diff --git a/core/cipher/aes b/core/cipher/aes new file mode 160000 index 0000000..9157592 --- /dev/null +++ b/core/cipher/aes @@ -0,0 +1 @@ +Subproject commit 915759285c179cf99be3c17ad401c79e4b8be054 diff --git a/core/cipher/chacha b/core/cipher/chacha new file mode 160000 index 0000000..549b75a --- /dev/null +++ b/core/cipher/chacha @@ -0,0 +1 @@ +Subproject commit 549b75a635817ce263c368c9b8b5b0b07f90ec21 diff --git a/core/comm/fmc b/core/comm/fmc new file mode 160000 index 0000000..61c16de --- /dev/null +++ b/core/comm/fmc @@ -0,0 +1 @@ +Subproject commit 61c16de8beb8deaadd2ffedfabfb3ce96e8699f0 diff --git a/core/comm/uart b/core/comm/uart new file mode 160000 index 0000000..0d3acd1 --- /dev/null +++ b/core/comm/uart @@ -0,0 +1 @@ +Subproject commit 0d3acd1815da8fcbd2b30f4fe1ff514f87b25228 diff --git a/core/hash/sha1 b/core/hash/sha1 new file mode 160000 index 0000000..ae915a1 --- /dev/null +++ b/core/hash/sha1 @@ -0,0 +1 @@ +Subproject commit ae915a1ed47a807ec880c2f18053e4f8eda6bd93 diff --git a/core/hash/sha256 b/core/hash/sha256 new file mode 160000 index 0000000..c894f78 --- /dev/null +++ b/core/hash/sha256 @@ -0,0 +1 @@ +Subproject commit c894f78a95a01351f277c3d36bcf6dced08798e2 diff --git a/core/hash/sha512 b/core/hash/sha512 new file mode 160000 index 0000000..88e0d83 --- /dev/null +++ b/core/hash/sha512 @@ -0,0 +1 @@ +Subproject commit 88e0d83768004b6bab2d83edf7eae2841678b51c diff --git a/core/math/modexpa7 b/core/math/modexpa7 new file mode 160000 index 0000000..4612bc2 --- /dev/null +++ b/core/math/modexpa7 @@ -0,0 +1 @@ +Subproject commit 4612bc24a8b43c14580d6be06542b1fa9a6e615a diff --git a/core/platform/alpha b/core/platform/alpha new file mode 160000 index 0000000..fc8be80 --- /dev/null +++ b/core/platform/alpha @@ -0,0 +1 @@ +Subproject commit fc8be8024560bb77221758b0351c3de7b4ea6e93 diff --git a/core/rng/avalanche_entropy b/core/rng/avalanche_entropy new file mode 160000 index 0000000..5742813 --- /dev/null +++ b/core/rng/avalanche_entropy @@ -0,0 +1 @@ +Subproject commit 5742813ab43fec9fa90d970f086f1e266875b8f3 diff --git a/core/rng/rosc_entropy b/core/rng/rosc_entropy new file mode 160000 index 0000000..48e3c11 --- /dev/null +++ b/core/rng/rosc_entropy @@ -0,0 +1 @@ +Subproject commit 48e3c117ae6944775010031b1691446220944b62 diff --git a/core/rng/trng b/core/rng/trng new file mode 160000 index 0000000..953909d --- /dev/null +++ b/core/rng/trng @@ -0,0 +1 @@ +Subproject commit 953909d18796c1caea35263eb902b1dd7021d92d diff --git a/core/rng/vndecorrelator b/core/rng/vndecorrelator new file mode 160000 index 0000000..49e388c --- /dev/null +++ b/core/rng/vndecorrelator @@ -0,0 +1 @@ +Subproject commit 49e388c3dadcaabe1e4e66a37fcd52b2f125c1dc diff --git a/core/util/mkmif b/core/util/mkmif new file mode 160000 index 0000000..fd1dd73 --- /dev/null +++ b/core/util/mkmif @@ -0,0 +1 @@ +Subproject commit fd1dd73410ba6ca3d082ff61e4b39d6e8c2de35e diff --git a/sw/stm32 b/sw/stm32 new file mode 160000 index 0000000..85582f7 --- /dev/null +++ b/sw/stm32 @@ -0,0 +1 @@ +Subproject commit 85582f7a86de10c0e5ad234d6b6f40135549f3da -- cgit v1.2.3 From 480b0f009c0f56f0d570bb4e76d78781db5c0bda Mon Sep 17 00:00:00 2001 From: Rob Austein Date: Tue, 21 Jun 2016 23:05:38 -0400 Subject: First cut at package builder. --- Makefile | 12 +++++++++++- build-package.py | 39 +++++++++++++++++++++++++++++++++++++++ 2 files changed, 50 insertions(+), 1 deletion(-) create mode 100644 build-package.py diff --git a/Makefile b/Makefile index 38d1a78..d8c159d 100644 --- a/Makefile +++ b/Makefile @@ -2,7 +2,7 @@ # basic build sequence before we start messing with packaging scripts, # version numbers, and other forms of entertainment. Expect changes. -all: bitstream elves +all: bitstream elves package bitstream: cd core/platform/alpha/build; ${MAKE} @@ -10,6 +10,16 @@ bitstream: elves: cd sw/stm32; ${MAKE} bootloader hsm +PACKAGE_FILES = sw/stm32/projects/bootloader/bootloader.bin \ + sw/stm32/projects/bootloader/bootloader.elf \ + sw/stm32/projects/hsm/hsm.bin \ + sw/stm32/projects/hsm/hsm.elf \ + core/platform/alpha/build/alpha_fmc.bit + +package: bitstream elves + python build-package.py package.tar ${PACKAGE_FILES} + gzip -9f package.tar + clean: git clean -dfx git submodule foreach git clean -dfx diff --git a/build-package.py b/build-package.py new file mode 100644 index 0000000..ae7b0b1 --- /dev/null +++ b/build-package.py @@ -0,0 +1,39 @@ +#!/usr/bin/env python + +import subprocess +import tempfile +import argparse +import hashlib +import tarfile +import json + +parser = argparse.ArgumentParser() +parser.add_argument("tarfile", type = argparse.FileType("wb"), help = "tarball to create") +parser.add_argument("firmware", nargs = "+", help = "firmware files to stuff into tarball") +args = parser.parse_args() + +tar = tarfile.TarFile(mode = "w", fileobj = args.tarfile) + +status = [line.split() for line in subprocess.check_output(("git", "submodule", "status")).splitlines()] +sha256 = {} + +for fn in args.firmware: + with open(fn, "rb") as f: + sha256[fn] = hashlib.sha256(f.read()).hexdigest() + tar.add(fn) + +# export GNUPGHOME := /home/aptbot/gnupg +# --no-default-keyring --keyring isc-pubring.gpg --secret-keyring isc-secring.gpg + +with tempfile.NamedTemporaryFile() as f: + gpg = subprocess.Popen(("gpg", "--clearsign", "--no-default-keyring", + "--keyring", "/home/aptbot/gnupg/pubring.gpg", + "--secret-keyring", "/home/aptbot/gnupg/secring.gpg", + "--trustdb-name", "/home/aptbot/gnupg/trustdb.gpg", + "--no-random-seed-file", "--no-permission-warning", + "--personal-digest-preferences", "SHA256"), + stdin = subprocess.PIPE, stdout = f) + json.dump(dict(commits = status, sha256 = sha256), gpg.stdin, indent = 2) + gpg.stdin.close() + gpg.wait() + tar.add(f.name, "+MANIFEST") -- cgit v1.2.3 From d0d8f2b2a61b16496f3dfa7debb995f8e9e55064 Mon Sep 17 00:00:00 2001 From: Rob Austein Date: Wed, 22 Jun 2016 00:40:39 -0400 Subject: Cleanup. --- Makefile | 18 +++++++++++------- build-package.py | 30 +++++++++++++++++++----------- 2 files changed, 30 insertions(+), 18 deletions(-) diff --git a/Makefile b/Makefile index d8c159d..2b01f9d 100644 --- a/Makefile +++ b/Makefile @@ -10,18 +10,22 @@ bitstream: elves: cd sw/stm32; ${MAKE} bootloader hsm -PACKAGE_FILES = sw/stm32/projects/bootloader/bootloader.bin \ +TARBALL := package.tar.gz + +FIRMWARE := sw/stm32/projects/bootloader/bootloader.bin \ sw/stm32/projects/bootloader/bootloader.elf \ - sw/stm32/projects/hsm/hsm.bin \ - sw/stm32/projects/hsm/hsm.elf \ + sw/stm32/projects/hsm/hsm.bin \ + sw/stm32/projects/hsm/hsm.elf \ core/platform/alpha/build/alpha_fmc.bit -package: bitstream elves - python build-package.py package.tar ${PACKAGE_FILES} - gzip -9f package.tar +package: bitstream elves ${TARBALL} + +${TARBALL}: ${FIRMWARE} + ./build-package.py $(basename $@) $^ + gzip -9f $(basename $@) clean: git clean -dfx git submodule foreach git clean -dfx -.PHONY: bitstream elves clean +.PHONY: bitstream elves package clean diff --git a/build-package.py b/build-package.py index ae7b0b1..4f35cff 100644 --- a/build-package.py +++ b/build-package.py @@ -6,8 +6,11 @@ import argparse import hashlib import tarfile import json +import os parser = argparse.ArgumentParser() +parser.add_argument("--gpgdir", default = "/home/aptbot/gnupg", help = "gpg keyring directory") +parser.add_argument("--dir-name", help = "internal directory name for files") parser.add_argument("tarfile", type = argparse.FileType("wb"), help = "tarball to create") parser.add_argument("firmware", nargs = "+", help = "firmware files to stuff into tarball") args = parser.parse_args() @@ -17,23 +20,28 @@ tar = tarfile.TarFile(mode = "w", fileobj = args.tarfile) status = [line.split() for line in subprocess.check_output(("git", "submodule", "status")).splitlines()] sha256 = {} +def tar_add(fn, name = None): + if name is None: + name = os.path.basename(fn) + tar.add(fn, name if args.dir_name is None else os.path.join(args.dir_name, name)) + for fn in args.firmware: with open(fn, "rb") as f: sha256[fn] = hashlib.sha256(f.read()).hexdigest() - tar.add(fn) - -# export GNUPGHOME := /home/aptbot/gnupg -# --no-default-keyring --keyring isc-pubring.gpg --secret-keyring isc-secring.gpg + tar_add(fn) with tempfile.NamedTemporaryFile() as f: - gpg = subprocess.Popen(("gpg", "--clearsign", "--no-default-keyring", - "--keyring", "/home/aptbot/gnupg/pubring.gpg", - "--secret-keyring", "/home/aptbot/gnupg/secring.gpg", - "--trustdb-name", "/home/aptbot/gnupg/trustdb.gpg", - "--no-random-seed-file", "--no-permission-warning", - "--personal-digest-preferences", "SHA256"), + gpg = subprocess.Popen(("gpg", + "--clearsign", + "--no-random-seed-file", + "--no-default-keyring", + "--no-permission-warning", + "--personal-digest-preferences", "SHA256", + "--keyring", os.path.join(args.gpgdir, "pubring.gpg"), + "--secret-keyring", os.path.join(args.gpgdir, "secring.gpg"), + "--trustdb-name", os.path.join(args.gpgdir, "trustdb.gpg")), stdin = subprocess.PIPE, stdout = f) json.dump(dict(commits = status, sha256 = sha256), gpg.stdin, indent = 2) gpg.stdin.close() gpg.wait() - tar.add(f.name, "+MANIFEST") + tar_add(f.name, "MANIFEST") -- cgit v1.2.3 From 1f4cb928a0ac606167d7df6f0435e9ad0ef95b30 Mon Sep 17 00:00:00 2001 From: Rob Austein Date: Wed, 22 Jun 2016 13:05:26 -0400 Subject: Simplify, particularly gpg handling; store a bit more repository info in the JSON metadata. --- .gitignore | 1 + Makefile | 18 ++++++++++-------- build-package.py | 39 +++++++++++++-------------------------- 3 files changed, 24 insertions(+), 34 deletions(-) diff --git a/.gitignore b/.gitignore index 77d1cab..f1a0492 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,2 @@ +package.tar.gz screenlog.0 diff --git a/Makefile b/Makefile index 2b01f9d..c6654e0 100644 --- a/Makefile +++ b/Makefile @@ -2,6 +2,16 @@ # basic build sequence before we start messing with packaging scripts, # version numbers, and other forms of entertainment. Expect changes. +export GNUPGHOME := /home/aptbot/gnupg + +TARBALL := package.tar.gz + +FIRMWARE := sw/stm32/projects/bootloader/bootloader.bin \ + sw/stm32/projects/bootloader/bootloader.elf \ + sw/stm32/projects/hsm/hsm.bin \ + sw/stm32/projects/hsm/hsm.elf \ + core/platform/alpha/build/alpha_fmc.bit + all: bitstream elves package bitstream: @@ -10,14 +20,6 @@ bitstream: elves: cd sw/stm32; ${MAKE} bootloader hsm -TARBALL := package.tar.gz - -FIRMWARE := sw/stm32/projects/bootloader/bootloader.bin \ - sw/stm32/projects/bootloader/bootloader.elf \ - sw/stm32/projects/hsm/hsm.bin \ - sw/stm32/projects/hsm/hsm.elf \ - core/platform/alpha/build/alpha_fmc.bit - package: bitstream elves ${TARBALL} ${TARBALL}: ${FIRMWARE} diff --git a/build-package.py b/build-package.py index 4f35cff..494011e 100644 --- a/build-package.py +++ b/build-package.py @@ -9,39 +9,26 @@ import json import os parser = argparse.ArgumentParser() -parser.add_argument("--gpgdir", default = "/home/aptbot/gnupg", help = "gpg keyring directory") -parser.add_argument("--dir-name", help = "internal directory name for files") -parser.add_argument("tarfile", type = argparse.FileType("wb"), help = "tarball to create") -parser.add_argument("firmware", nargs = "+", help = "firmware files to stuff into tarball") +parser.add_argument("tarfile", type = argparse.FileType("wb"), help = "tarball to create") +parser.add_argument("firmware", nargs = "+", help = "firmware files to stuff into tarball") args = parser.parse_args() -tar = tarfile.TarFile(mode = "w", fileobj = args.tarfile) - -status = [line.split() for line in subprocess.check_output(("git", "submodule", "status")).splitlines()] -sha256 = {} - -def tar_add(fn, name = None): - if name is None: - name = os.path.basename(fn) - tar.add(fn, name if args.dir_name is None else os.path.join(args.dir_name, name)) +tar = tarfile.TarFile(mode = "w", fileobj = args.tarfile) +head = subprocess.check_output(("git", "rev-parse", "HEAD")).strip() +time = subprocess.check_output(("git", "show", "-s", "--format=%ct", "HEAD")).strip() +commits = [line.split() for line in subprocess.check_output(("git", "submodule", "status")).splitlines()] +sha256 = {} for fn in args.firmware: with open(fn, "rb") as f: sha256[fn] = hashlib.sha256(f.read()).hexdigest() - tar_add(fn) + tar.add(fn, os.path.basename(fn)) with tempfile.NamedTemporaryFile() as f: - gpg = subprocess.Popen(("gpg", - "--clearsign", - "--no-random-seed-file", - "--no-default-keyring", - "--no-permission-warning", - "--personal-digest-preferences", "SHA256", - "--keyring", os.path.join(args.gpgdir, "pubring.gpg"), - "--secret-keyring", os.path.join(args.gpgdir, "secring.gpg"), - "--trustdb-name", os.path.join(args.gpgdir, "trustdb.gpg")), + gpg = subprocess.Popen(("gpg", "--clearsign", "--personal-digest-preferences", "SHA256"), stdin = subprocess.PIPE, stdout = f) - json.dump(dict(commits = status, sha256 = sha256), gpg.stdin, indent = 2) + json.dump(dict(head = head, time = time, commits = commits, sha256 = sha256), gpg.stdin, indent = 2) gpg.stdin.close() - gpg.wait() - tar_add(f.name, "MANIFEST") + if gpg.wait(): + raise subprocess.CalledProcessError(gpg.returncode, "gpg") + tar.add(f.name, "MANIFEST") -- cgit v1.2.3 From 26fc6e2552488acba023b8f4c8c1670dbe328b0f Mon Sep 17 00:00:00 2001 From: Rob Austein Date: Wed, 22 Jun 2016 13:16:01 -0400 Subject: Fix script permission, and suppress gpg warning that doesn't really apply to dedicated build machine. --- build-package.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) mode change 100644 => 100755 build-package.py diff --git a/build-package.py b/build-package.py old mode 100644 new mode 100755 index 494011e..17932a3 --- a/build-package.py +++ b/build-package.py @@ -25,7 +25,7 @@ for fn in args.firmware: tar.add(fn, os.path.basename(fn)) with tempfile.NamedTemporaryFile() as f: - gpg = subprocess.Popen(("gpg", "--clearsign", "--personal-digest-preferences", "SHA256"), + gpg = subprocess.Popen(("gpg", "--clearsign", "--personal-digest-preferences", "SHA256", "--no-permission-warning"), stdin = subprocess.PIPE, stdout = f) json.dump(dict(head = head, time = time, commits = commits, sha256 = sha256), gpg.stdin, indent = 2) gpg.stdin.close() -- cgit v1.2.3 From 8129748a055a8f3c1224fdb12c6c6bfbf558f5f3 Mon Sep 17 00:00:00 2001 From: Rob Austein Date: Wed, 22 Jun 2016 13:25:54 -0400 Subject: SHA-256 hashes in manifest should use same naming scheme as files in tarball, doh. --- build-package.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build-package.py b/build-package.py index 17932a3..0df116b 100755 --- a/build-package.py +++ b/build-package.py @@ -21,7 +21,7 @@ sha256 = {} for fn in args.firmware: with open(fn, "rb") as f: - sha256[fn] = hashlib.sha256(f.read()).hexdigest() + sha256[os.path.basename(fn)] = hashlib.sha256(f.read()).hexdigest() tar.add(fn, os.path.basename(fn)) with tempfile.NamedTemporaryFile() as f: -- cgit v1.2.3 From 5a310ac47beb5590a21a409168d8b271ff1bc11c Mon Sep 17 00:00:00 2001 From: Rob Austein Date: Thu, 23 Jun 2016 16:38:11 -0400 Subject: Tweak dependencies so we don't rebuild (particularly the bitstream) unnecessarily. --- Makefile | 22 ++++++++++++---------- sw/stm32 | 2 +- 2 files changed, 13 insertions(+), 11 deletions(-) diff --git a/Makefile b/Makefile index c6654e0..fc98e1d 100644 --- a/Makefile +++ b/Makefile @@ -4,23 +4,25 @@ export GNUPGHOME := /home/aptbot/gnupg -TARBALL := package.tar.gz - -FIRMWARE := sw/stm32/projects/bootloader/bootloader.bin \ - sw/stm32/projects/bootloader/bootloader.elf \ - sw/stm32/projects/hsm/hsm.bin \ - sw/stm32/projects/hsm/hsm.elf \ - core/platform/alpha/build/alpha_fmc.bit +TARBALL := package.tar.gz +BITSTREAM := core/platform/alpha/build/alpha_fmc.bit +BINARIES := sw/stm32/projects/bootloader/bootloader.bin sw/stm32/projects/hsm/hsm.bin +FIRMWARE := ${BITSTREAM} ${BINARIES} ${BINARIES:.bin=.elf} +RTLSOURCE := $(shell find core -name .git -prune -o -path core/platform/alpha/build -prune -o -type f -print) all: bitstream elves package -bitstream: +bitstream: ${BITSTREAM} + +${BITSTREAM}: ${RTLSOURCE} cd core/platform/alpha/build; ${MAKE} +${BINARIES}: elves + elves: cd sw/stm32; ${MAKE} bootloader hsm -package: bitstream elves ${TARBALL} +package: ${TARBALL} ${TARBALL}: ${FIRMWARE} ./build-package.py $(basename $@) $^ @@ -30,4 +32,4 @@ clean: git clean -dfx git submodule foreach git clean -dfx -.PHONY: bitstream elves package clean +.PHONY: all bitstream elves package clean diff --git a/sw/stm32 b/sw/stm32 index 85582f7..164c253 160000 --- a/sw/stm32 +++ b/sw/stm32 @@ -1 +1 @@ -Subproject commit 85582f7a86de10c0e5ad234d6b6f40135549f3da +Subproject commit 164c253976d24a39a5a19b5831a693ece53445fe -- cgit v1.2.3 From 5d25ca8e4110e86c40a0c8f9dc645132f43309f3 Mon Sep 17 00:00:00 2001 From: Rob Austein Date: Thu, 23 Jun 2016 23:23:54 -0400 Subject: Drag in submodule updates. --- sw/stm32 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sw/stm32 b/sw/stm32 index 164c253..1865d6d 160000 --- a/sw/stm32 +++ b/sw/stm32 @@ -1 +1 @@ -Subproject commit 164c253976d24a39a5a19b5831a693ece53445fe +Subproject commit 1865d6de2c9f1ccdc0028fc7369df1be2e0b4551 -- cgit v1.2.3 From 8ef9164cae87ef9182a31b95d9185d3541d9e1fb Mon Sep 17 00:00:00 2001 From: Rob Austein Date: Sat, 25 Jun 2016 19:53:24 -0400 Subject: Drag in latest subrepos. --- .gitmodules | 9 +++++++++ sw/libhal | 1 + sw/stm32 | 2 +- sw/thirdparty/libtfm | 1 + user/ft/libcli | 1 + 5 files changed, 13 insertions(+), 1 deletion(-) create mode 160000 sw/libhal create mode 160000 sw/thirdparty/libtfm create mode 160000 user/ft/libcli diff --git a/.gitmodules b/.gitmodules index 719957a..77a2f38 100644 --- a/.gitmodules +++ b/.gitmodules @@ -43,3 +43,12 @@ [submodule "sw/stm32"] path = sw/stm32 url = https://git.cryptech.is/sw/stm32.git +[submodule "sw/libhal"] + path = sw/libhal + url = https://git.cryptech.is/sw/libhal.git +[submodule "sw/thirdparty/libtfm"] + path = sw/thirdparty/libtfm + url = https://git.cryptech.is/sw/thirdparty/libtfm.git +[submodule "user/ft/libcli"] + path = user/ft/libcli + url = https://git.cryptech.is/user/ft/libcli.git diff --git a/sw/libhal b/sw/libhal new file mode 160000 index 0000000..2cd3b6f --- /dev/null +++ b/sw/libhal @@ -0,0 +1 @@ +Subproject commit 2cd3b6fabe5e32f169257caf5532b2bf9c83f803 diff --git a/sw/stm32 b/sw/stm32 index 1865d6d..e3db117 160000 --- a/sw/stm32 +++ b/sw/stm32 @@ -1 +1 @@ -Subproject commit 1865d6de2c9f1ccdc0028fc7369df1be2e0b4551 +Subproject commit e3db117ae05a248773abe4b7ec2ef95ed7203b8e diff --git a/sw/thirdparty/libtfm b/sw/thirdparty/libtfm new file mode 160000 index 0000000..3d85df5 --- /dev/null +++ b/sw/thirdparty/libtfm @@ -0,0 +1 @@ +Subproject commit 3d85df561a40cb4f08aeecb236860c189ed4343a diff --git a/user/ft/libcli b/user/ft/libcli new file mode 160000 index 0000000..54c6b86 --- /dev/null +++ b/user/ft/libcli @@ -0,0 +1 @@ +Subproject commit 54c6b8649b1a13e69a908c96e8d4d19cf8d72845 -- cgit v1.2.3 From 0e95b0bdc18e0736181c99679a1792f0bfeba96a Mon Sep 17 00:00:00 2001 From: Rob Austein Date: Sun, 26 Jun 2016 01:17:02 -0400 Subject: More GNUmakefile cleanup. --- sw/libhal | 2 +- sw/thirdparty/libtfm | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/sw/libhal b/sw/libhal index 2cd3b6f..a161595 160000 --- a/sw/libhal +++ b/sw/libhal @@ -1 +1 @@ -Subproject commit 2cd3b6fabe5e32f169257caf5532b2bf9c83f803 +Subproject commit a16159562d5e7a2998654c3f88ba0f88a3aaa42e diff --git a/sw/thirdparty/libtfm b/sw/thirdparty/libtfm index 3d85df5..269fc4e 160000 --- a/sw/thirdparty/libtfm +++ b/sw/thirdparty/libtfm @@ -1 +1 @@ -Subproject commit 3d85df561a40cb4f08aeecb236860c189ed4343a +Subproject commit 269fc4e58f616a2cf1c318f494ec18a52991da8c -- cgit v1.2.3 From eab67430dc2816993880b4bce0a4639440a12fb7 Mon Sep 17 00:00:00 2001 From: Rob Austein Date: Sun, 26 Jun 2016 10:46:43 -0400 Subject: Drag in subrepository changes. --- sw/libhal | 2 +- sw/stm32 | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/sw/libhal b/sw/libhal index a161595..709a71c 160000 --- a/sw/libhal +++ b/sw/libhal @@ -1 +1 @@ -Subproject commit a16159562d5e7a2998654c3f88ba0f88a3aaa42e +Subproject commit 709a71c0030225ba08cddf5227a1c67c2dbb4176 diff --git a/sw/stm32 b/sw/stm32 index e3db117..0d25f92 160000 --- a/sw/stm32 +++ b/sw/stm32 @@ -1 +1 @@ -Subproject commit e3db117ae05a248773abe4b7ec2ef95ed7203b8e +Subproject commit 0d25f920c9024a3a6f994b8f17b9b28ffa6e0930 -- cgit v1.2.3