Browse Source
* PASS1-133: Modify cosign file naming for fully signed binaries. (#34) * PASS1-133: Modify cosign file naming for fully signed binaries. * Remove all USE_CRYPTO, it is not used anymore Also remove function that is not needed. * Added use of firmware version from header, also fixed a seg fault * PASS1-135: Fix sticky up or down key (#33) * PASS1-135: Fix sticky up or down key * Add comment for input.reset function * PASS1-128: Add support back for Bitcoin testnet (#29) * Fixes part of PASS-91 Show address and index of the address being verified * Second half of fix for ENV1-91 Add better messaging for address range searching Fix a bug when saving next_addrs (was comparing dicts by ref) * Fixes PASS1-122 Check change addresses in addition to receive address in "Verify Address" * Fix comment punctuation * Show backup filename to user after successful backup (#18) Fix PASS1-92 * Auto-truncate multisig config names (#19) Fix PASS1-101 * PASS1-101: Auto-truncate multisig config names (#19) Fix PASS1-101 * Remove unnecessary comments * PASS1-92 (#20) * Show backup filename to user after successful backup Fix PASS1-92 * Add missing 'card' parameter to `get_backups_folder_path()` calls * Revert path function changes since 'card' is not available * PASS1-102: Fix backwards microSD issue Found that `ErrorCode` in `SD_HandleTypeDef` was not reset after a failure. Updated `HAL_SD_Init()` to reset it before attempting initialization. * PASS1-102: Fix backwards microSD issue (#21) Found that `ErrorCode` in `SD_HandleTypeDef` was not reset after a failure. Updated `HAL_SD_Init()` to reset it before attempting initialization. * PASS1-102_b (#22) * PASS1-102: Fix backwards microSD issue Found that `ErrorCode` in `SD_HandleTypeDef` was not reset after a failure. Updated `HAL_SD_Init()` to reset it before attempting initialization. * Switch back to hard-coded path for now * PASS1-122_b (#23) * PASS1-102: Fix backwards microSD issue Found that `ErrorCode` in `SD_HandleTypeDef` was not reset after a failure. Updated `HAL_SD_Init()` to reset it before attempting initialization. * Update user messaging for found/not found case of Verify Address Fix bug with trailing space at end of line in `word_wrap()` * Strip ever time through the loop * PASS1-125: Add Git commit-msg hook to check for Linear ID (#24) * PASS1-125: Add Git commit-msg hook to check for Linear ID * Update .githooks/commit-msg Co-authored-by: Jean Pierre Dudey <jeandudey@hotmail.com> Co-authored-by: Jean Pierre Dudey <jeandudey@hotmail.com> * PASS1-122: Minor updates to text (#27) * PASS1-127: Fix `reuse lint` issues in the repo (#26) * PASS1-113: Give the user a way to clear the developer pubkey slot (#25) * PASS1-122: Added "Address Verified" text to new wallet pairing (#28) * PASS1-122: Minor updates to text * PASS1-122: Added "Address Verified" text to new wallet pairing * PASS1-128: Add support back for Bitcoin testnet Co-authored-by: Ken Carpenter <ken@foundationdevices.com> Co-authored-by: Ken Carpenter <62639971+FoundationKen@users.noreply.github.com> Co-authored-by: Jean Pierre Dudey <jeandudey@hotmail.com> * PASS1-56: Use XFP in backups filename and don't save `backup_num` (#32) * PASS1-34: Refactor find address code so there is only one copy (#37) * PASS1-94: Prevent installing user-signed firmware if no user-key installed (#38) * PASS1-94: Prevent installing user-signed firmware if no user signing key installed * Fixed case where user pubkey was removed manually * Fixed text to match other areas where text is used * Update text message for developer pubkey * Hard coded user signed field to false Co-authored-by: Ken Carpenter <62639971+FoundationKen@users.noreply.github.com> * PASS1-55: Add menu to switch to a different Passphrase without rebooting (#35) * PASS1-55: Add menu to switch to a different Passphrase without rebooting * Changed order of menu items in Passphrase menu * Modified menu titles and removed "a" from inconsistent text * PASS1-137: Add Justfile support to Gen 1 repo (#36) * PASS1-137: Add Justfile support to Gen 1 repo First pass - not all expected commands are added yet * Update Justfile with fmt command Add py and c/h formatting Need to finalize .clang-format file before doing a full reformatting PR * Refactor Justfiles to separate them out Also add graphics build commands * Update Justfiles a bit Fix formatting of graphics header files in preparation for automatic code formatting * PASS1-139: Implement code to allow OCD to capture a screenshot over JTAG (#42) * PASS1-139: Implement code to allow OCD to capture a screenshot over JTAG * Update sram4.py * PASS1-132: Remove duplicate file compilation (#39) * PASS1-78: In display.text_input, split lines based on pixel widths (#41) * PASS1-78: In display.text_input, split lines based on pixel widths * Check for StringIO object before calling split_by_char_size * PASS1-89: Show exported filename when exporting wallet to microSD (#43) * PASS1-89: Show exported filename when exporting wallet to microSD * Deleted/commented unnecessary lines * PASS1-136: Add Specter wallet back once they fix UR issues (#44) * PASS1-136: Add Specter wallet back once they fix UR issues * Rebase onto dev-v1.0.7 * Remove passport from export filename * Remove flag from all wallets besides Specter wallet * Removed flag from unnecessary field and renamed flag to import * Renamed multisig_import function * PASS1-112: Passphrase input dialog improvements (#48) * PASS1-112: Passphrase input dialog improvements The passphrase is limited to 64 characters. The line spacing was reduced to make room for 7 lines. 63 capital W's will fill all 7 lines (+1 over), otherwise 64 characters usually takes about 4 lines. * Add constant for max message length * TOOL-3: Setup Docker infra for Gen 1 Development (#45) * Add Dockerfile for building the firmware Setting up a local environment for building the firmware can be a painful process. This wraps that process up in a Dockerfile containing all the deps needed which is then used in the justfile to build the firmware. * Add just targets for signing and cleaning * Change sha target to take a sha and verify it directly * Add docs for verifying the firmware SHA sum * Add version param to sign just target * Update verify-sha output to be more explicit * PASS1-67: Change unit to sats in settings (#46) * PASS1-67: Change unit to sats in settings * Added warnings for Testnet and made the setting volatile * Added 'chain' removal to schema_evolution and moved Units menu to top * Moved Units below Change Pin in menu * TOOL-4: Implement CI for Passport Gen 1 build (#49) * TOOL-4: Create CI for firmware build * TOOL-4: Improve handling of git describe output * TOOL-4: Rename Justfile to match others in repo * TOOL-4: Add caching and separated Docker building in CI * TOOL-4: Update CI to push image to local registry service * TOOL-4: Update CI to allow customizing of D_BASE * TOOL-4: Change clang format action * TOOL-4: User correct clang format version * TOOL-4: YAML :( * TOOL-4: Update to clang-format-10.0 * TOOL-4: Updaet to 10 * TOOL-4: Build and export the bootloader * TOOL-4: Add D_BASE to bootload build step * TOOL-4: Correctly pass D_BASE to bootloader job * TOOL-4: Update bootloader make path in Justfile * TOOL-4: Update CI to output tools * PASS1-140: Add Justfile commands to DEVELOPMENT.md (#51) * PASS1-140: Add Justfile commands to DEVELOPMENT.md * Update DEVELOPMENT.md * Update DEVELOPMENT.md Co-authored-by: Ken Carpenter <62639971+FoundationKen@users.noreply.github.com> * PASS1-148: Fix missing address prefixes for testnet (#53) * PASS1-148: Fix missing address prefixes for testnet * Add comma separations to sats values * Casa support added * Added testnet prefix check to Verify Address process * PASS1-150: Fixed missing argument in `import_from_psbt()` call (#55) * PASS1-150: Fixed missing argument in `import_from_psbt()` call Also fixed typo in function description. * Added a space between value and label of BTC/sats * Disable Casa Support Casa has not approved the support for Passport yet, until then Casa is disabled temporarily. Co-authored-by: Corey Lakey <corey.lakey@gmail.com> Co-authored-by: Jean Pierre Dudey <jeandudey@hotmail.com> Co-authored-by: Alex Sears <searsaw@users.noreply.github.com>main v1.0.7
Ken Carpenter
3 years ago
committed by
GitHub
64 changed files with 1119 additions and 313 deletions
@ -0,0 +1 @@ |
|||
cosign |
@ -0,0 +1,126 @@ |
|||
name: Validate and Build |
|||
on: [push] |
|||
jobs: |
|||
lint-py: |
|||
runs-on: ubuntu-18.04 |
|||
steps: |
|||
- uses: actions/checkout@v2 |
|||
- name: Set up Python 3.9 |
|||
uses: actions/setup-python@v2 |
|||
with: |
|||
python-version: 3.9 |
|||
- name: Install dependencies |
|||
run: | |
|||
python -m pip install --upgrade pip |
|||
pip install pycodestyle |
|||
- name: Setup just |
|||
uses: extractions/setup-just@aa5d15c144db4585980a44ebfdd2cf337c4f14cb |
|||
- name: Analysing the code |
|||
run: just ports/stm32/lint-py |
|||
continue-on-error: true |
|||
|
|||
lint-c: |
|||
runs-on: ubuntu-18.04 |
|||
steps: |
|||
- uses: actions/checkout@v2 |
|||
- name: Analysing the code |
|||
uses: jidicula/clang-format-action@7f6b4bf5a7eb211c0872364ccd8072ff8a77ac44 |
|||
with: |
|||
clang-format-version: '10' |
|||
check-path: ./ports/stm32 |
|||
exclude-regex: trezor-firmware |
|||
continue-on-error: true |
|||
|
|||
build-firmware: |
|||
runs-on: ubuntu-18.04 |
|||
needs: [lint-py, lint-c] |
|||
services: |
|||
registry: |
|||
image: registry:2 |
|||
ports: |
|||
- 5000:5000 |
|||
steps: |
|||
- name: Checkout |
|||
uses: actions/checkout@v2 |
|||
with: |
|||
fetch-depth: 0 |
|||
|
|||
- name: Set up Docker Buildx |
|||
uses: docker/setup-buildx-action@v1 |
|||
with: |
|||
driver-opts: network=host |
|||
|
|||
- name: Cache Docker layers |
|||
uses: actions/cache@v2 |
|||
with: |
|||
path: /tmp/.buildx-cache |
|||
key: ${{ runner.os }}-buildx-${{ github.sha }} |
|||
restore-keys: | |
|||
${{ runner.os }}-buildx- |
|||
|
|||
- name: Build the dependency Docker image |
|||
uses: docker/build-push-action@v2 |
|||
with: |
|||
push: true |
|||
tags: localhost:5000/foundation-devices/firmware-builder:${{ github.sha }} |
|||
cache-from: type=local,src=/tmp/.buildx-cache |
|||
cache-to: type=local,dest=/tmp/.buildx-cache |
|||
|
|||
- name: Setup just |
|||
uses: extractions/setup-just@aa5d15c144db4585980a44ebfdd2cf337c4f14cb |
|||
|
|||
- name: Build the firmware |
|||
run: | |
|||
echo "$SIGNING_KEY" > signing_key.pem |
|||
version=$(git describe --all --match *dev* | awk '{print $NF}' | cut -d '-' -f 2) |
|||
|
|||
just DOCKER_REGISTRY_BASE="$D_BASE" sign signing_key.pem "${version#?}" |
|||
env: |
|||
SIGNING_KEY: ${{ secrets.UserSigningKey }} |
|||
D_BASE: localhost:5000/ |
|||
|
|||
- name: Build the bootloader |
|||
run: just DOCKER_REGISTRY_BASE="$D_BASE" bootloader-build |
|||
env: |
|||
D_BASE: localhost:5000/ |
|||
|
|||
- name: Build and make tools available |
|||
run: just DOCKER_REGISTRY_BASE="$D_BASE" tools |
|||
env: |
|||
D_BASE: localhost:5000/ |
|||
|
|||
- name: Upload built firmware file |
|||
uses: actions/upload-artifact@v2 |
|||
with: |
|||
name: firmware.bin |
|||
path: ports/stm32/build-Passport/firmware.bin |
|||
|
|||
- name: Upload signed firmware file |
|||
uses: actions/upload-artifact@v2 |
|||
with: |
|||
name: firmware-key-user.bin |
|||
path: ports/stm32/build-Passport/firmware-key-user.bin |
|||
|
|||
- name: Upload bootloader |
|||
uses: actions/upload-artifact@v2 |
|||
with: |
|||
name: bootloader.bin |
|||
path: ports/stm32/boards/Passport/bootloader/arm/release/bootloader.bin |
|||
|
|||
- name: Upload cosign |
|||
uses: actions/upload-artifact@v2 |
|||
with: |
|||
name: cosign |
|||
path: cosign |
|||
|
|||
- name: Upload add-secrets |
|||
uses: actions/upload-artifact@v2 |
|||
with: |
|||
name: add-secrets |
|||
path: ports/stm32/boards/Passport/tools/add-secrets/x86/release/add-secrets |
|||
|
|||
- name: Upload word_list_gen |
|||
uses: actions/upload-artifact@v2 |
|||
with: |
|||
name: word_list_gen |
|||
path: ports/stm32/boards/Passport/tools/word_list_gen/word_list_gen |
@ -0,0 +1,33 @@ |
|||
FROM ubuntu:18.04 AS cross_build |
|||
RUN apt-get update && \ |
|||
apt-get install -y git make gcc-arm-none-eabi python3 gcc && \ |
|||
rm -rf /var/lib/apt/lists/* |
|||
COPY drivers /workspace/passport-firmware/drivers |
|||
COPY docs /workspace/passport-firmware/docs |
|||
COPY extmod /workspace/passport-firmware/extmod |
|||
COPY lib /workspace/passport-firmware/lib |
|||
COPY mpy-cross /workspace/passport-firmware/mpy-cross |
|||
COPY py /workspace/passport-firmware/py |
|||
WORKDIR /workspace/passport-firmware/mpy-cross |
|||
RUN make |
|||
|
|||
FROM ubuntu:18.04 AS cosign_build |
|||
WORKDIR /workspace |
|||
RUN apt-get update && \ |
|||
apt-get install -y git make libssl-dev gcc && \ |
|||
rm -rf /var/lib/apt/lists/* |
|||
COPY ports/stm32/boards/Passport/tools/cosign /workspace/passport-firmware/ports/stm32/boards/Passport/tools/cosign |
|||
COPY ports/stm32/boards/Passport/include /workspace/passport-firmware/ports/stm32/boards/Passport/include |
|||
COPY lib /workspace/passport-firmware/lib |
|||
COPY ports/stm32/boards/Passport/common /workspace/passport-firmware/ports/stm32/boards/Passport/common |
|||
WORKDIR /workspace/passport-firmware/ports/stm32/boards/Passport/tools/cosign |
|||
RUN make |
|||
|
|||
FROM ubuntu:18.04 AS firmware_builder |
|||
COPY --from=cosign_build \ |
|||
/workspace/passport-firmware/ports/stm32/boards/Passport/tools/cosign/x86/release/cosign /usr/bin/cosign |
|||
COPY --from=cross_build \ |
|||
/workspace/passport-firmware/mpy-cross/mpy-cross /usr/bin/mpy-cross |
|||
RUN apt-get update && \ |
|||
apt-get install -y make gcc-arm-none-eabi autotools-dev automake libtool python3 && \ |
|||
rm -rf /var/lib/apt/lists/* |
@ -0,0 +1,100 @@ |
|||
export DOCKER_REGISTRY_BASE := '' |
|||
|
|||
commit_sha := `git rev-parse HEAD` |
|||
docker_image := 'foundation-devices/firmware-builder:' + commit_sha |
|||
base_path := 'ports/stm32' |
|||
firmware_path := base_path + '/build-Passport/firmware.bin' |
|||
|
|||
# build the docker image and then the firmware and bootloader |
|||
build: docker-build firmware-build bootloader-build |
|||
|
|||
# build the dependency docker image |
|||
docker-build: |
|||
#!/usr/bin/env bash |
|||
set -exo pipefail |
|||
docker build -t ${DOCKER_REGISTRY_BASE}{{ docker_image }} . |
|||
|
|||
# build the firmware inside docker |
|||
firmware-build: |
|||
#!/usr/bin/env bash |
|||
set -exo pipefail |
|||
docker run --rm -v "$PWD":/workspace \ |
|||
-w /workspace/{{ base_path }} \ |
|||
--entrypoint bash \ |
|||
${DOCKER_REGISTRY_BASE}{{ docker_image }} \ |
|||
-c 'make BOARD=Passport MPY_CROSS=/usr/bin/mpy-cross' |
|||
|
|||
# build the bootloader inside docker |
|||
bootloader-build: |
|||
#!/usr/bin/env bash |
|||
set -exo pipefail |
|||
docker run --rm -v "$PWD":/workspace \ |
|||
-w /workspace/{{ base_path }} \ |
|||
--entrypoint bash \ |
|||
${DOCKER_REGISTRY_BASE}{{ docker_image }} \ |
|||
-c 'make -C boards/Passport/bootloader' |
|||
|
|||
# build the docker image and get the tools from it |
|||
tools: docker-build cosign-tool add-secrets-tool word-list-gen-tool |
|||
|
|||
# get cosign tool from built docker image |
|||
cosign-tool: |
|||
#!/usr/bin/env bash |
|||
set -exo pipefail |
|||
docker run --rm -v "$PWD":/workspace \ |
|||
-w /workspace \ |
|||
--entrypoint bash \ |
|||
${DOCKER_REGISTRY_BASE}{{ docker_image }} \ |
|||
-c 'cp /usr/bin/cosign cosign' |
|||
|
|||
# get add-secrets tool from built docker image |
|||
add-secrets-tool: |
|||
#!/usr/bin/env bash |
|||
set -exo pipefail |
|||
docker run --rm -v "$PWD":/workspace \ |
|||
-w /workspace \ |
|||
--entrypoint bash \ |
|||
${DOCKER_REGISTRY_BASE}{{ docker_image }} \ |
|||
-c 'make -C ports/stm32/boards/Passport/tools/add-secrets' |
|||
|
|||
# get word_list_gen tool from built docker image |
|||
word-list-gen-tool: |
|||
#!/usr/bin/env bash |
|||
set -exo pipefail |
|||
docker run --rm -v "$PWD":/workspace \ |
|||
-w /workspace/ports/stm32/boards/Passport/tools/word_list_gen \ |
|||
--entrypoint bash \ |
|||
${DOCKER_REGISTRY_BASE}{{ docker_image }} \ |
|||
-c 'gcc word_list_gen.c bip39_words.c bytewords_words.c -o word_list_gen' |
|||
|
|||
# run the built firmware through SHA256 |
|||
verify-sha sha: build |
|||
#!/usr/bin/env bash |
|||
sha=$(shasum -a 256 {{ firmware_path }} | awk '{print $1}') |
|||
|
|||
echo -e "Expected SHA:\t{{ sha }}" |
|||
echo -e "Actual SHA:\t${sha}" |
|||
if [ "$sha" = "{{ sha }}" ]; then |
|||
echo "Hashes match!" |
|||
else |
|||
echo "ERROR: Hashes DO NOT match!" |
|||
fi |
|||
|
|||
# sign the built firmware using a private key and the cosign tool |
|||
sign keypath version filepath=firmware_path: firmware-build |
|||
#!/usr/bin/env bash |
|||
set -exo pipefail |
|||
|
|||
docker run --rm -v "$PWD":/workspace \ |
|||
-w /workspace \ |
|||
--entrypoint bash \ |
|||
${DOCKER_REGISTRY_BASE}{{ docker_image }} \ |
|||
-c "cosign -f {{ filepath }} -k {{ keypath }} -v {{ version }}" |
|||
|
|||
# clean firmware build |
|||
clean: |
|||
docker run --rm -v "$PWD":/workspace \ |
|||
-w /workspace/{{ base_path }} \ |
|||
--entrypoint bash \ |
|||
${DOCKER_REGISTRY_BASE}{{ docker_image }} \ |
|||
-c "make clean BOARD=Passport" |
@ -0,0 +1,180 @@ |
|||
# SPDX-FileCopyrightText: 2021 Foundation Devices, Inc. <hello@foundationdevices.com> |
|||
# |
|||
# SPDX-License-Identifier: GPL-3.0-or-later |
|||
|
|||
# Install dependencies. |
|||
deps: |
|||
@echo "Not sure we will need this if all deps are setup via Dockerfile" |
|||
|
|||
# Initialize development environment |
|||
init: deps |
|||
git config core.hooksPath .githooks |
|||
|
|||
# Lint only the python code of the project |
|||
lint-py: |
|||
pycodestyle --exclude trezor-firmware --statistics . |
|||
|
|||
# Lint only the C code of the project |
|||
lint-c: |
|||
@echo "TBD" |
|||
|
|||
# Lint only the code of the project |
|||
lint-code: lint-py lint-c |
|||
|
|||
# Lint the licensing |
|||
lint-license: |
|||
reuse lint |
|||
|
|||
# Lint all of the project |
|||
lint: lint-code lint-license |
|||
|
|||
# |
|||
# Firmware Commands |
|||
# |
|||
|
|||
build: |
|||
make BOARD=Passport |
|||
|
|||
# Sign current firmware build with the user.pem key and set specified version |
|||
sign version="1.0.0": build |
|||
@echo "\nAdding user signature...\n" |
|||
@cosign -f build-Passport/firmware.bin -k ~/bin/keys/user.pem -v {{version}} > /dev/null |
|||
|
|||
@cosign -f build-Passport/firmware-key-user.bin -x |
|||
@echo "\nSigning Complete!" |
|||
|
|||
# Build, sign and flash the firmware with the specified version |
|||
flash version="1.0.0": (sign version) |
|||
just run-ocd-command "flash write_image erase build-Passport/firmware-key-user.bin 0x8020000" |
|||
just reset |
|||
|
|||
# Install a recent Foundation-signed build |
|||
flash-foundation version="1.0.0": |
|||
just run-ocd-command "flash write_image erase ../../releases/passport-fw-{{version}}.bin 0x8020000" |
|||
just reset |
|||
|
|||
# Clean the firmware build |
|||
clean: |
|||
make BOARD=Passport clean |
|||
|
|||
# |
|||
# Misc. Commands |
|||
# |
|||
|
|||
# Launch OCD, run a command and then exit |
|||
run-ocd-command command: |
|||
sudo /usr/local/bin/openocd -f stlink.cfg -c "adapter speed 1000; transport select hla_swd" -f stm32h7x.cfg -c "init; reset halt; {{command}}" -c "exit" |
|||
|
|||
run-ocd-command-no-halt command: |
|||
sudo /usr/local/bin/openocd -f stlink.cfg -c "adapter speed 1000; transport select hla_swd" -f stm32h7x.cfg -c "init; {{command}}" -c "exit" |
|||
|
|||
# Build all Python graphics |
|||
graphics-py: |
|||
just -f boards/Passport/graphics/py/Justfile build |
|||
|
|||
# Build all C graphics (firmware & bootloader) |
|||
graphics-c: |
|||
just -f boards/Passport/graphics/c/Justfile build |
|||
|
|||
graphics: graphics-py graphics-c |
|||
|
|||
# Reset the Passport |
|||
reset: |
|||
just run-ocd-command "reset" |
|||
|
|||
# Get the username for use below |
|||
user := `whoami` |
|||
|
|||
# Read the "ROM Secrets" from Passport and save them to a file |
|||
save-secrets filename="boards/Passport/bootloader/secrets": |
|||
just run-ocd-command "dump_image {{filename}} 0x0801FF00 256" |
|||
# Running OCD as sudo makes the output file be owned by root, so switch it back to the user |
|||
sudo chown {{user}}:{{user}} {{filename}} |
|||
|
|||
secrets: |
|||
#!/usr/bin/env bash |
|||
# The last bit below redirects stderr to stdout, which the backticks capture into the variable `secrets` |
|||
secrets=`just run-ocd-command "mdb 0x0801FF00 256" 2>&1` |
|||
secrets=`echo "$secrets" | tail -n 8` |
|||
echo -e "Passport ROM Secrets:\n$secrets" |
|||
|
|||
# Calculate all hashes and format it all for GitHub release notes |
|||
hash filepath: |
|||
#!/usr/bin/env bash |
|||
filename=`basename {{filepath}}` |
|||
|
|||
# SHA256 |
|||
sha=`shasum -b -a 256 {{filepath}} | sed -rn 's/^(.*) .*$/\1/p'` |
|||
echo -e "\n\`SHA256: $sha\`" |
|||
echo -e "\`(shasum -b -a 256 $filename)\`\n" |
|||
|
|||
# MD5 |
|||
md5=`mdsum {{filepath}} | sed -rn 's/^(.*) .*$/\1/p'` |
|||
echo "\`MD5: $md5\`" |
|||
echo -e "\`(md5 $filename or mdsum $filename)\`\n" |
|||
|
|||
# Build Hash |
|||
build_hash=`cosign -f {{filepath}} -x | sed -rn 's/^FW Build Hash: (.*)$/\1/p'` |
|||
echo -e "\`Build Hash: $build_hash\`" |
|||
echo -e "\`(Developers Only)\`\n" |
|||
|
|||
# Run all tests |
|||
test: |
|||
@echo "TBD" |
|||
|
|||
# Format the project's .py files under boards/Passport/modules |
|||
fmt-py: |
|||
#!/usr/bin/env bash |
|||
pushd boards/Passport/modules |
|||
files_to_fmt=`find . -path ./trezor-firmware -prune -false -o -name '*.py'` |
|||
autopep8 --max-line-length=120 --in-place $files_to_fmt |
|||
popd |
|||
|
|||
# Format the project's .c and .h files under boards/Passport/ |
|||
fmt-c: |
|||
#!/usr/bin/env bash |
|||
pushd boards/Passport |
|||
files_to_fmt=`find . -path ./trezor-firmware -prune -false -o -name '*.[c|h]'` |
|||
clang-format-5.0 -i --style=file $files_to_fmt |
|||
popd |
|||
|
|||
# Format the project's source code under boards/Passport |
|||
fmt: fmt-py fmt-c |
|||
|
|||
# Convert a raw pixel map to a PNG |
|||
convert-screenshot from_file to_file: |
|||
#!/usr/bin/python3 |
|||
from PIL import Image, ImageOps |
|||
raw_bits = open('{{from_file}}', 'rb').read() |
|||
WIDTH = 230 |
|||
HEIGHT = 303 |
|||
SCAN_WIDTH = 240 |
|||
|
|||
# Convert |
|||
img = Image.frombuffer('1', (SCAN_WIDTH, HEIGHT), raw_bits) |
|||
|
|||
# Crop to actual width (framebuffer is 240 vs 230 for actual display) |
|||
img = img.crop((0, 0, WIDTH, HEIGHT)) |
|||
|
|||
# Invert since raw image is actually white on black - have to convert to grayscale first since invert() doesn't work |
|||
# for 1-bit per pixel black/white images. |
|||
img = ImageOps.grayscale(img) |
|||
img = ImageOps.invert(img) |
|||
|
|||
# Apply a color shift to make it look nicer |
|||
img = ImageOps.colorize(img, (0,0,0,0), '#E0E0E0') |
|||
|
|||
img.save('{{to_file}}') |
|||
|
|||
# Capture a screenshot from Passport via OCD |
|||
screenshot filename: |
|||
#!/usr/bin/env bash |
|||
ADDR_FILE=screenshot-addr.tmp |
|||
TMP_FILE=screenshot.tmp |
|||
just run-ocd-command-no-halt "dump_image $ADDR_FILE 0x38006920 4" |
|||
N=`head -c 4 $ADDR_FILE | od -An --endian=little -t u4` |
|||
FRAMEBUFFER_ADDR=`printf '%x\n' $N` |
|||
echo FRAMEBUFFER_ADDR=$FRAMEBUFFER_ADDR |
|||
just run-ocd-command-no-halt "dump_image screenshot.tmp 0x$FRAMEBUFFER_ADDR 9090" |
|||
just convert-screenshot $TMP_FILE {{filename}} |
|||
rm -f $TMP_FILE $ADDR_FILE |
@ -1,7 +1,107 @@ |
|||
--- |
|||
# We'll use defaults from the LLVM style, but with 4 columns indentation. |
|||
BasedOnStyle: Mozilla |
|||
IndentWidth: 4 |
|||
--- |
|||
Language: Cpp |
|||
ColumnLimit: 120 |
|||
Language: Cpp |
|||
# BasedOnStyle: Chromium |
|||
AccessModifierOffset: -1 |
|||
AlignAfterOpenBracket: Align |
|||
AlignConsecutiveAssignments: true |
|||
AlignConsecutiveDeclarations: true |
|||
AlignEscapedNewlines: Left |
|||
AlignOperands: true |
|||
AlignTrailingComments: true |
|||
AllowAllParametersOfDeclarationOnNextLine: true |
|||
AllowShortBlocksOnASingleLine: false |
|||
AllowShortCaseLabelsOnASingleLine: false |
|||
AllowShortFunctionsOnASingleLine: Inline |
|||
AllowShortIfStatementsOnASingleLine: true |
|||
AllowShortLoopsOnASingleLine: false |
|||
AlwaysBreakAfterDefinitionReturnType: None |
|||
AlwaysBreakAfterReturnType: None |
|||
AlwaysBreakBeforeMultilineStrings: true |
|||
AlwaysBreakTemplateDeclarations: true |
|||
BinPackArguments: true |
|||
BinPackParameters: false |
|||
BraceWrapping: |
|||
AfterClass: false |
|||
AfterControlStatement: false |
|||
AfterEnum: false |
|||
AfterFunction: false |
|||
AfterNamespace: false |
|||
AfterObjCDeclaration: false |
|||
AfterStruct: false |
|||
AfterUnion: false |
|||
BeforeCatch: false |
|||
BeforeElse: false |
|||
IndentBraces: false |
|||
SplitEmptyFunction: true |
|||
SplitEmptyRecord: true |
|||
SplitEmptyNamespace: true |
|||
BreakBeforeBinaryOperators: None |
|||
BreakBeforeBraces: Attach |
|||
BreakBeforeInheritanceComma: false |
|||
BreakBeforeTernaryOperators: true |
|||
BreakConstructorInitializersBeforeComma: false |
|||
BreakConstructorInitializers: BeforeColon |
|||
BreakAfterJavaFieldAnnotations: false |
|||
BreakStringLiterals: false |
|||
ColumnLimit: 120 |
|||
CommentPragmas: '^ IWYU pragma:' |
|||
CompactNamespaces: false |
|||
ConstructorInitializerAllOnOneLineOrOnePerLine: true |
|||
ConstructorInitializerIndentWidth: 4 |
|||
ContinuationIndentWidth: 4 |
|||
Cpp11BracedListStyle: true |
|||
DerivePointerAlignment: false |
|||
DisableFormat: false |
|||
ExperimentalAutoDetectBinPacking: false |
|||
FixNamespaceComments: true |
|||
ForEachMacros: |
|||
- foreach |
|||
- Q_FOREACH |
|||
- BOOST_FOREACH |
|||
IncludeCategories: |
|||
- Regex: '^<.*\.h>' |
|||
Priority: 1 |
|||
- Regex: '^<.*' |
|||
Priority: 2 |
|||
- Regex: '.*' |
|||
Priority: 3 |
|||
IncludeIsMainRegex: '([-_](test|unittest))?$' |
|||
IndentCaseLabels: true |
|||
IndentWidth: 4 |
|||
IndentWrappedFunctionNames: false |
|||
JavaScriptQuotes: Leave |
|||
JavaScriptWrapImports: true |
|||
KeepEmptyLinesAtTheStartOfBlocks: false |
|||
MacroBlockBegin: '' |
|||
MacroBlockEnd: '' |
|||
MaxEmptyLinesToKeep: 1 |
|||
NamespaceIndentation: None |
|||
ObjCBlockIndentWidth: 2 |
|||
ObjCSpaceAfterProperty: false |
|||
ObjCSpaceBeforeProtocolList: false |
|||
PenaltyBreakAssignment: 2 |
|||
PenaltyBreakBeforeFirstCallParameter: 1 |
|||
PenaltyBreakComment: 300 |
|||
PenaltyBreakFirstLessLess: 120 |
|||
PenaltyBreakString: 1000 |
|||
PenaltyExcessCharacter: 1000000 |
|||
PenaltyReturnTypeOnItsOwnLine: 200 |
|||
PointerAlignment: Left |
|||
ReflowComments: false |
|||
SortIncludes: true |
|||
SortUsingDeclarations: true |
|||
SpaceAfterCStyleCast: false |
|||
SpaceAfterTemplateKeyword: true |
|||
SpaceBeforeAssignmentOperators: true |
|||
SpaceBeforeParens: ControlStatements |
|||
SpaceInEmptyParentheses: false |
|||
SpacesBeforeTrailingComments: 2 |
|||
SpacesInAngles: false |
|||
SpacesInContainerLiterals: true |
|||
SpacesInCStyleCastParentheses: false |
|||
SpacesInParentheses: false |
|||
SpacesInSquareBrackets: false |
|||
Standard: Auto |
|||
TabWidth: 8 |
|||
UseTab: Never |
|||
... |
|||
|
@ -0,0 +1,39 @@ |
|||
# SPDX-FileCopyrightText: 2021 Foundation Devices, Inc. <hello@foundationdevices.com> |
|||
# |
|||
# SPDX-License-Identifier: GPL-3.0-or-later |
|||
|
|||
# Launch OCD, run a command and then exit |
|||
run-ocd-command command: |
|||
cd ../../../; sudo /usr/local/bin/openocd -f stlink.cfg -c "adapter speed 1000; transport select hla_swd" -f stm32h7x.cfg -c "init; reset halt; {{command}}" -c "exit" |
|||
|
|||
|
|||
# Build the bootloader (debug, release, locked or production) |
|||
# TODO: Need to handle {{rel}} for locked and production, which should look in release folder for binary |
|||
build rel="release": |
|||
@echo "\nBuilding Bootloader..." |
|||
make {{rel}} |
|||
|
|||
@echo "\nAppending secrets to the end..." |
|||
add-secrets -b arm/{{rel}}/bootloader.bin -s secrets |
|||
|
|||
@echo "\nBootloader Build Complete" |
|||
|
|||
# Clean the bootloader build |
|||
clean: |
|||
@echo "Cleaning Bootloader..." |
|||
make clean |
|||
@echo "Bootloader Clean Complete" |
|||
|
|||
# Build and flash the bootloader with the secrets appended to the end |
|||
flash rel="release": (build rel) |
|||
just run-ocd-command "flash write_image erase boards/Passport/bootloader/arm/{{rel}}/bootloader-secrets.bin 0x8000000" |
|||
just reset |
|||
|
|||
# Build and flash the bootloader with no secrets (use to setup a new Secure Element) |
|||
flash-raw rel="release": (build rel) |
|||
just run-ocd-command "flash write_image erase boards/Passport/bootloader/arm/{{rel}}/bootloader.bin 0x8000000" |
|||
just reset |
|||
|
|||
# Reset the Passport |
|||
reset: |
|||
just run-ocd-command "reset" |
Binary file not shown.
@ -0,0 +1,9 @@ |
|||
# SPDX-FileCopyrightText: 2021 Foundation Devices, Inc. <hello@foundationdevices.com> |
|||
# |
|||
# SPDX-License-Identifier: GPL-3.0-or-later |
|||
|
|||
# Build all C graphics and copy files to main source folders |
|||
build: |
|||
make |
|||
cp firmware_graphics.* ../../ |
|||
cp bootloader_graphics.* ../../bootloader/ |
@ -0,0 +1,8 @@ |
|||
# SPDX-FileCopyrightText: 2021 Foundation Devices, Inc. <hello@foundationdevices.com> |
|||
# |
|||
# SPDX-License-Identifier: GPL-3.0-or-later |
|||
|
|||
# Build all Python graphics and copy files to main source folder |
|||
build: |
|||
make |
|||
cp graphics.py ../../modules/ |
@ -0,0 +1,2 @@ |
|||
autopep8==1.5.7 |
|||
pycodestyle==2.7.0 |
Loading…
Reference in new issue