From 2a79064659cf9d3862e0441ca57b949883607d1d Mon Sep 17 00:00:00 2001 From: Alexis Grojean Date: Thu, 5 Oct 2023 11:44:42 +0200 Subject: [PATCH] Update the way ELF metadata sections are added. --- Makefile.defines | 12 ++++--- Makefile.rules_generic | 17 --------- Makefile.standard_app | 3 -- src/app_metadata.c | 77 +++++++++++++++++++++++++++++++++++++++++ target/nanos/script.ld | 12 +++++++ target/nanos2/script.ld | 12 +++++++ target/nanox/script.ld | 12 +++++++ target/stax/script.ld | 12 +++++++ 8 files changed, 133 insertions(+), 24 deletions(-) create mode 100644 src/app_metadata.c diff --git a/Makefile.defines b/Makefile.defines index 4aa79cfe0..c8731e9ad 100644 --- a/Makefile.defines +++ b/Makefile.defines @@ -43,10 +43,14 @@ endif ifeq ($(SDK_HASH),) SDK_HASH := "None" endif -# Expose API_LEVEL, SDK_VERSION and SDK_HASH to the app. -DEFINES += API_LEVEL=$(API_LEVEL) -DEFINES += SDK_VERSION=\"$(SDK_VERSION)\" -DEFINES += SDK_HASH=\"$(SDK_HASH)\" + +# APPNAME exposed to the app as a CFLAG because it might contain spaces +CFLAGS += -DAPPNAME=\"$(APPNAME)\" + +# Define list of other items to be exposed to the app +# TARGET_ID is not in this list : it is already defined in bolos_target.h. +APP_METADATA_LIST := TARGET TARGET_NAME APPVERSION API_LEVEL SDK_NAME SDK_VERSION SDK_HASH +DEFINES += $(foreach item,$(APP_METADATA_LIST), $(item)=\"$($(item))\") # extra load parameters for loadApp script ifneq ($(SCP_PRIVKEY),) diff --git a/Makefile.rules_generic b/Makefile.rules_generic index d5300fc6f..02b2bd907 100644 --- a/Makefile.rules_generic +++ b/Makefile.rules_generic @@ -111,15 +111,6 @@ $(BIN_DIR)/app.elf: $(LINK_DEPENDENCIES) $(L)$(call link_cmdline,$(OBJECT_FILES) $(LDLIBS),$(BIN_DIR)/app.elf) $(L)$(GCCPATH)arm-none-eabi-objcopy -O ihex -S $(BIN_DIR)/app.elf $(BIN_DIR)/app.hex $(L)$(GCCPATH)arm-none-eabi-objdump -S -d $(BIN_DIR)/app.elf > $(DBG_DIR)/app.asm - $(L)$(call objcopy_add_section_cmdline,$(TARGET), ledger.target) - $(L)$(call objcopy_add_section_cmdline,$(TARGET_NAME), ledger.target_name) - $(L)$(call objcopy_add_section_cmdline,$(TARGET_ID), ledger.target_id) - $(L)$(call objcopy_add_section_cmdline,$(APPNAME), ledger.app_name) - $(L)$(call objcopy_add_section_cmdline,$(APPVERSION), ledger.app_version) - $(L)$(call objcopy_add_section_cmdline,$(API_LEVEL), ledger.api_level) - $(L)$(call objcopy_add_section_cmdline,$(SDK_NAME), ledger.sdk_name) - $(L)$(call objcopy_add_section_cmdline,$(SDK_VERSION), ledger.sdk_version) - $(L)$(call objcopy_add_section_cmdline,$(SDK_HASH), ledger.sdk_hash) # This targets are generated along $(OBJ_DIR)/app.elf but we can't make them co-target # otherwise building with `make -j` fails due to multiple threads running simultaneously @@ -160,14 +151,6 @@ cc_cmdline = $(CC) -c $(CFLAGS) -MMD -MT $(OBJ_DIR)/$(basename $(notdir $(4))).o as_cmdline = $(AS) -c $(AFLAGS) $(addprefix -D,$(2)) $(addprefix -I,$(1)) -o $(4) $(3) -# objcopy_add_section_cmdline(data,section_name) -TMPFILE := $(shell mktemp) -objcopy_add_section_cmdline = echo $(1) > $(TMPFILE) && \ - $(GCCPATH)arm-none-eabi-objcopy --add-section $(2)="$(TMPFILE)" \ - --set-section-flags $(2)=noload,readonly \ - $(BIN_DIR)/app.elf $(BIN_DIR)/app.elf && \ - rm $(TMPFILE) - ### END GCC COMPILER RULES # Run Clang Static Analyzer diff --git a/Makefile.standard_app b/Makefile.standard_app index 3e5ada452..32dfd8310 100644 --- a/Makefile.standard_app +++ b/Makefile.standard_app @@ -75,9 +75,6 @@ endif # STANDARD DEFINES # ##################################################################### DEFINES += $(DEFINES_LIB) -# Added directly as a CFLAG because it might contain spaces -CFLAGS += -DAPPNAME=\"$(APPNAME)\" -DEFINES += APPVERSION=\"$(APPVERSION)\" DEFINES += MAJOR_VERSION=$(APPVERSION_M) MINOR_VERSION=$(APPVERSION_N) PATCH_VERSION=$(APPVERSION_P) DEFINES += IO_HID_EP_LENGTH=64 diff --git a/src/app_metadata.c b/src/app_metadata.c new file mode 100644 index 000000000..fcd7f300d --- /dev/null +++ b/src/app_metadata.c @@ -0,0 +1,77 @@ +/******************************************************************************* + * Ledger - Secure firmware + * (c) 2023 Ledger + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + ********************************************************************************/ + +#if !defined(HAVE_BOLOS) + +#include + +#if !defined(RUST_APP) +#include "bolos_target.h" +#endif + +#pragma GCC diagnostic push +#pragma GCC diagnostic ignored "-Wunused-variable" + +#define STR_IMPL_(x) #x +#define STRINGIFY(x) STR_IMPL_(x) + +#define CREATE_METADATA_STRING_ITEM(ITEM_NAME, section_name) \ + __attribute__((section(".ledger." #section_name))) const char section_name[] = ITEM_NAME; + +#define CREATE_METADATA_STRING_ITEM_FROM_INT(ITEM_NAME, section_name) \ + __attribute__((section(".ledger." #section_name))) const char section_name[] \ + = STRINGIFY(ITEM_NAME); + +#if defined(TARGET) +CREATE_METADATA_STRING_ITEM(TARGET, target) +#endif + +#if defined(TARGET_NAME) +CREATE_METADATA_STRING_ITEM(TARGET_NAME, target_name) +#endif + +#if defined(TARGET_ID) +CREATE_METADATA_STRING_ITEM_FROM_INT(TARGET_ID, target_id) +#endif + +#if defined(APPNAME) +CREATE_METADATA_STRING_ITEM(APPNAME, app_name) +#endif + +#if defined(APPVERSION) +CREATE_METADATA_STRING_ITEM(APPVERSION, app_version) +#endif + +#if defined(API_LEVEL) +CREATE_METADATA_STRING_ITEM(API_LEVEL, api_level) +#endif + +#if defined(SDK_NAME) +CREATE_METADATA_STRING_ITEM(SDK_NAME, sdk_name) +#endif + +#if defined(SDK_VERSION) +CREATE_METADATA_STRING_ITEM(SDK_VERSION, sdk_version) +#endif + +#if defined(SDK_HASH) +CREATE_METADATA_STRING_ITEM(SDK_HASH, sdk_hash) +#endif + +#pragma GCC diagnostic pop + +#endif diff --git a/target/nanos/script.ld b/target/nanos/script.ld index 88c311626..4e31c3b8f 100644 --- a/target/nanos/script.ld +++ b/target/nanos/script.ld @@ -192,6 +192,18 @@ SECTIONS .debug_funcnames 0 : { *(.debug_funcnames) } .debug_typenames 0 : { *(.debug_typenames) } .debug_varnames 0 : { *(.debug_varnames) } + + .ARM.attributes : { *(.ARM.attributes) } + + .ledger.target (INFO): { KEEP(*(.ledger.target)) } + .ledger.target_name (INFO): { KEEP(*(.ledger.target_name)) } + .ledger.target_id (INFO): { KEEP(*(.ledger.target_id)) } + .ledger.app_name (INFO): { KEEP(*(.ledger.app_name)) } + .ledger.app_version (INFO): { KEEP(*(.ledger.app_version)) } + .ledger.api_level (INFO): { KEEP(*(.ledger.api_level)) } + .ledger.sdk_name (INFO): { KEEP(*(.ledger.sdk_name)) } + .ledger.sdk_version (INFO): { KEEP(*(.ledger.sdk_version)) } + .ledger.sdk_hash (INFO): { KEEP(*(.ledger.sdk_hash)) } } PROVIDE(_nvram = ABSOLUTE(_nvram_start)); diff --git a/target/nanos2/script.ld b/target/nanos2/script.ld index 8fd537a6b..66f4c5e45 100644 --- a/target/nanos2/script.ld +++ b/target/nanos2/script.ld @@ -168,6 +168,18 @@ SECTIONS .debug_funcnames 0 : { *(.debug_funcnames) } .debug_typenames 0 : { *(.debug_typenames) } .debug_varnames 0 : { *(.debug_varnames) } + + .ARM.attributes : { *(.ARM.attributes) } + + .ledger.target (INFO): { KEEP(*(.ledger.target)) } + .ledger.target_name (INFO): { KEEP(*(.ledger.target_name)) } + .ledger.target_id (INFO): { KEEP(*(.ledger.target_id)) } + .ledger.app_name (INFO): { KEEP(*(.ledger.app_name)) } + .ledger.app_version (INFO): { KEEP(*(.ledger.app_version)) } + .ledger.api_level (INFO): { KEEP(*(.ledger.api_level)) } + .ledger.sdk_name (INFO): { KEEP(*(.ledger.sdk_name)) } + .ledger.sdk_version (INFO): { KEEP(*(.ledger.sdk_version)) } + .ledger.sdk_hash (INFO): { KEEP(*(.ledger.sdk_hash)) } } PROVIDE(_nvram = ABSOLUTE(_nvram_start)); diff --git a/target/nanox/script.ld b/target/nanox/script.ld index 82b459121..14b92dffb 100644 --- a/target/nanox/script.ld +++ b/target/nanox/script.ld @@ -179,6 +179,18 @@ SECTIONS .debug_funcnames 0 : { *(.debug_funcnames) } .debug_typenames 0 : { *(.debug_typenames) } .debug_varnames 0 : { *(.debug_varnames) } + + .ARM.attributes : { *(.ARM.attributes) } + + .ledger.target (INFO): { KEEP(*(.ledger.target)) } + .ledger.target_name (INFO): { KEEP(*(.ledger.target_name)) } + .ledger.target_id (INFO): { KEEP(*(.ledger.target_id)) } + .ledger.app_name (INFO): { KEEP(*(.ledger.app_name)) } + .ledger.app_version (INFO): { KEEP(*(.ledger.app_version)) } + .ledger.api_level (INFO): { KEEP(*(.ledger.api_level)) } + .ledger.sdk_name (INFO): { KEEP(*(.ledger.sdk_name)) } + .ledger.sdk_version (INFO): { KEEP(*(.ledger.sdk_version)) } + .ledger.sdk_hash (INFO): { KEEP(*(.ledger.sdk_hash)) } } PROVIDE(_nvram = ABSOLUTE(_nvram_start)); diff --git a/target/stax/script.ld b/target/stax/script.ld index 19b296a05..fa8ecc41e 100644 --- a/target/stax/script.ld +++ b/target/stax/script.ld @@ -169,6 +169,18 @@ SECTIONS .debug_funcnames 0 : { *(.debug_funcnames) } .debug_typenames 0 : { *(.debug_typenames) } .debug_varnames 0 : { *(.debug_varnames) } + + .ARM.attributes : { *(.ARM.attributes) } + + .ledger.target (INFO): { KEEP(*(.ledger.target)) } + .ledger.target_name (INFO): { KEEP(*(.ledger.target_name)) } + .ledger.target_id (INFO): { KEEP(*(.ledger.target_id)) } + .ledger.app_name (INFO): { KEEP(*(.ledger.app_name)) } + .ledger.app_version (INFO): { KEEP(*(.ledger.app_version)) } + .ledger.api_level (INFO): { KEEP(*(.ledger.api_level)) } + .ledger.sdk_name (INFO): { KEEP(*(.ledger.sdk_name)) } + .ledger.sdk_version (INFO): { KEEP(*(.ledger.sdk_version)) } + .ledger.sdk_hash (INFO): { KEEP(*(.ledger.sdk_hash)) } } PROVIDE(_nvram = ABSOLUTE(_nvram_start));