[Cryptech-Commits] [user/sra/alpha-releng/omnibus] branch master updated: Add tamper.hex to firmware tarball; start adding support scripts; more minor build process cleanup.
git at cryptech.is
git at cryptech.is
Wed Jun 29 16:55:10 UTC 2016
This is an automated email from the git hooks/post-receive script.
sra at hactrn.net pushed a commit to branch master
in repository user/sra/alpha-releng/omnibus.
The following commit(s) were added to refs/heads/master by this push:
new 13143a8 Add tamper.hex to firmware tarball; start adding support scripts; more minor build process cleanup.
13143a8 is described below
commit 13143a84e45f06728db7f6a0722098eb01b3a236
Author: Rob Austein <sra at hactrn.net>
AuthorDate: Wed Jun 29 12:54:17 2016 -0400
Add tamper.hex to firmware tarball; start adding support scripts; more minor build process cleanup.
---
.gitmodules | 3 +++
Makefile | 21 +++++++++++----------
build-firmware-package.py | 5 ++++-
source/Makefile | 3 ++-
source/user/ln5/tamper | 1 +
5 files changed, 21 insertions(+), 12 deletions(-)
diff --git a/.gitmodules b/.gitmodules
index 6b5d092..5736430 100644
--- a/.gitmodules
+++ b/.gitmodules
@@ -55,3 +55,6 @@
[submodule "source/user/ft/libcli"]
path = source/user/ft/libcli
url = https://git.cryptech.is/user/ft/libcli.git
+[submodule "source/user/ln5/tamper"]
+ path = source/user/ln5/tamper
+ url = https://git.cryptech.is/user/ln5/tamper.git
diff --git a/Makefile b/Makefile
index 0ff5e25..4d3900b 100644
--- a/Makefile
+++ b/Makefile
@@ -28,11 +28,7 @@ REPO_UPLOAD_URI := rsync://apt.cryptech.is/alpha/
FIRMWARE_TARBALL := source/cryptech-alpha-firmware.tar.gz
BITSTREAM := build/core/platform/alpha/build/alpha_fmc.bit
ELVES := build/sw/stm32/projects/bootloader/bootloader.elf build/sw/stm32/projects/hsm/hsm.elf
-FIRMWARE_BINARY := ${ELVES} ${ELVES:.elf=.bin}
-FIRMWARE_ALL := ${BITSTREAM} ${FIRMWARE_BINARY}
-
-RTL_SOURCE := $(shell find source/core -name .git -prune -o -type f -print)
-SW_SOURCE := $(shell find source/sw source/user -name .git -prune -o -type f -print)
+TAMPER := build/user/ln5/tamper/tamper.hex
# Command to generate a new changelog containing one entry.
# Does nothing if the changelog already exists.
@@ -61,13 +57,12 @@ firmware: shadow ${FIRMWARE_TARBALL}
shadow:
./build-shadow-tree.py
-${FIRMWARE_TARBALL}: ${BITSTREAM} $(sort ${ELVES} ${ELVES:.elf=.bin})
- ./build-firmware-package.py $(basename $@) $^
- gzip -9f $(basename $@)
+${FIRMWARE_TARBALL}: ${BITSTREAM} $(sort ${ELVES} ${ELVES:.elf=.bin}) ${TAMPER}
+ ./build-firmware-package.py $@ $^
bitstream: ${BITSTREAM}
-${BITSTREAM}: ${RTL_SOURCE}
+${BITSTREAM}: $(shell find source/core -name .git -prune -o -type f -print)
${MAKE} -C build/core/platform/alpha/build
${ELVES:.elf=.bin}: shadow elves
@@ -75,7 +70,13 @@ ${ELVES:.elf=.bin}: shadow elves
elves:
${MAKE} -C build/sw/stm32 distclean bootloader hsm
+${TAMPER}: tamper
+
+tamper:
+ ${MAKE} -C $(dir ${TAMPER})
+
dsc:
+ rm -f ${PACKAGE_NAME}_*.dsc ${PACKAGE_NAME}_*.tar.xz ${PACKAGE_NAME}_*_source.build ${PACKAGE_NAME}_*_source.changes
cd source; ${DCH}
cd source; debuild -S -uc -us
@@ -95,4 +96,4 @@ upload:
${RSYNC} --ignore-existing ${REPO_BASE}/ ${REPO_UPLOAD_URI}
${RSYNC} --delete --delete-delay ${REPO_BASE}/ ${REPO_UPLOAD_URI}
-.PHONY: all init clean firmware shadow bitstream elves dsc pbuilder homebrew upload enchilada sandblast
+.PHONY: all init clean firmware shadow bitstream elves tamper dsc pbuilder homebrew upload enchilada sandblast
diff --git a/build-firmware-package.py b/build-firmware-package.py
index 0df116b..de77243 100755
--- a/build-firmware-package.py
+++ b/build-firmware-package.py
@@ -13,7 +13,7 @@ parser.add_argument("tarfile", type = argparse.FileType("wb"), help = "tarball
parser.add_argument("firmware", nargs = "+", help = "firmware files to stuff into tarball")
args = parser.parse_args()
-tar = tarfile.TarFile(mode = "w", fileobj = args.tarfile)
+tar = tarfile.TarFile.open(fileobj = args.tarfile, mode = "w|gz")
head = subprocess.check_output(("git", "rev-parse", "HEAD")).strip()
time = subprocess.check_output(("git", "show", "-s", "--format=%ct", "HEAD")).strip()
commits = [line.split() for line in subprocess.check_output(("git", "submodule", "status")).splitlines()]
@@ -32,3 +32,6 @@ with tempfile.NamedTemporaryFile() as f:
if gpg.wait():
raise subprocess.CalledProcessError(gpg.returncode, "gpg")
tar.add(f.name, "MANIFEST")
+
+tar.close()
+args.tarfile.close()
diff --git a/source/Makefile b/source/Makefile
index 18462a8..173efac 100644
--- a/source/Makefile
+++ b/source/Makefile
@@ -17,8 +17,9 @@ clean distclean:
install: all
install -D -m 644 cryptech-alpha-firmware.tar.gz ${DESTDIR}/usr/share/cryptech-alpha-firmware.tar.gz
install -D -m 644 sw/pkcs11/libpkcs11.so ${DESTDIR}/usr/lib/libpkcs11.so
+ ln -s libpkcs11.so ${DESTDIR}/usr/lib/libpkcs11.so.0
install -D sw/pkcs11/p11util ${DESTDIR}/usr/sbin/p11util
install -D sw/pkcs11/libhal/cryptech_rpcd ${DESTDIR}/usr/sbin/cryptech_rpcd
- ln -s libpkcs11.so ${DESTDIR}/usr/lib/libpkcs11.so.0
+ install -D sw/stm32/projects/hsm/cryptech_upload ${DESTDIR}/usr/sbin/cryptech_upload
# Still need scripts to do something useful with the firmware tarball
diff --git a/source/user/ln5/tamper b/source/user/ln5/tamper
new file mode 160000
index 0000000..54cd4de
--- /dev/null
+++ b/source/user/ln5/tamper
@@ -0,0 +1 @@
+Subproject commit 54cd4de78da2534b61c26a7f07abf45907e582d0
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
More information about the Commits
mailing list