def _execute_install(env, sectools_install_base_dir, install_file_name, sectools_builder_output, alternate_source, msmid_jtagid_dict, build_policy): util = BuilderUtil(env) sectools_install_base_dir = os.path.realpath( util.envsubst(sectools_install_base_dir)) install_file_name = util.envsubst(install_file_name) rt_list = [] for i, sec_image_policy in enumerate( build_policy.enabled_sec_image_policies): rtt = _execute_install_policy( env, sectools_install_base_dir=sectools_install_base_dir, install_file_name=install_file_name, sectools_builder_output=sectools_builder_output[i] if sectools_builder_output else None, alternate_source=alternate_source[i] if alternate_source else None, msmid_jtagid_dict=msmid_jtagid_dict, install_policies=build_policy.enabled_install_policies, sec_image_policy_id=sec_image_policy.id) for rt in rtt: rt_list.append(rt) return rt_list
def _execute_install(env, sectools_install_base_dir, install_file_name, sectools_builder_output, msmid_jtagid_dict, build_policy ): util = BuilderUtil(env) sectools_install_base_dir = os.path.realpath(util.envsubst(sectools_install_base_dir)) install_file_name = util.envsubst(install_file_name) rt_list = [] for i, sec_image_policy in enumerate(build_policy.enabled_sec_image_policies): rtt = _execute_postprocess_policy(env, sectools_install_base_dir=sectools_install_base_dir, install_file_name=install_file_name, sectools_builder_output=sectools_builder_output[i], msmid_jtagid_dict=msmid_jtagid_dict, install_policies=build_policy.enabled_install_policies, sec_image_policy=sec_image_policy) rt_list.append(rtt) return rt_list
def _execute_postprocess_policy(env, sectools_install_base_dir, install_file_name, sectools_builder_output, msmid_jtagid_dict, install_policies, sec_image_policy, postprocess=POSTPROCESS_INSTALL): rt_list = [] if len(sectools_builder_output) == 0: #Empty list - the target is excluded return rt_list util = BuilderUtil(env) for install_policy in install_policies: install_directory = install_policy.getDirectory(sec_image_policy.id) if install_directory is None: continue install_directory_processed = signerutils.macro_replace( install_directory, "sectools_install_base_dir", sectools_install_base_dir, isMandatory=False) install_directory_processed = os.path.normpath( util.envsubst(install_directory_processed)) if install_file_name is not None: target_file_path = os.path.join(install_directory_processed, install_file_name) else: path, filename = os.path.split(sectools_builder_output[0]) target_file_path = os.path.join(install_directory_processed, filename) if postprocess == POSTPROCESS_INSTALL: rt = util.installas(target_file_path, sectools_builder_output[0]) elif postprocess == POSTPROCESS_PILSPLIT: pil_split_path, ext = os.path.splitext(target_file_path) rt = util.pilsplit(pil_split_path + ".mdt", sectools_builder_output[0]) else: raise RuntimeError( "{0} not supported in _execute_postprocess_policy".format( postprocess)) rt_list.append(rt) return rt_list
def _execute_postprocess_policy(env, sectools_install_base_dir, install_file_name, sectools_builder_output, msmid_jtagid_dict, install_policies, sec_image_policy, postprocess=POSTPROCESS_INSTALL): rt_list=[] if len(sectools_builder_output) == 0: #Empty list - the target is excluded return rt_list util = BuilderUtil(env) for install_policy in install_policies: install_directory = install_policy.getDirectory(sec_image_policy.id) if install_directory is None: continue install_directory_processed = signerutils.macro_replace(install_directory, "sectools_install_base_dir", sectools_install_base_dir, isMandatory=False) install_directory_processed = os.path.normpath( util.envsubst(install_directory_processed)) if install_file_name is not None: target_file_path = os.path.join(install_directory_processed, install_file_name) else: path, filename = os.path.split(sectools_builder_output[0]) target_file_path = os.path.join(install_directory_processed, filename) if postprocess == POSTPROCESS_INSTALL: rt = util.installas(target_file_path, sectools_builder_output[0]) elif postprocess == POSTPROCESS_PILSPLIT: pil_split_path, ext = os.path.splitext(target_file_path) rt = util.pilsplit(pil_split_path + ".mdt", sectools_builder_output[0]) else: raise RuntimeError("{0} not supported in _execute_postprocess_policy".format(postprocess)) rt_list.append(rt) return rt_list
def _execute_pilsplit(env, pilsplitter_target_base_dir, install_file_name, sectools_builder_output, build_policy, pilsplitter_path): util = BuilderUtil(env) pilsplitter_target_base_dir = os.path.realpath( util.envsubst(pilsplitter_target_base_dir)) pilsplitter_path = os.path.realpath(util.envsubst(pilsplitter_path)) install_file_name = util.envsubst(install_file_name) rt_list = [] if c_path.validate_file(pilsplitter_path): util.loadToolScript(pilsplitter_path) for i, sec_image_policy in enumerate( build_policy.enabled_sec_image_policies): rtt = _execute_postprocess_policy( env, sectools_install_base_dir=pilsplitter_target_base_dir, install_file_name=install_file_name, sectools_builder_output=sectools_builder_output[i], install_policies=build_policy.enabled_install_policies, sec_image_policy=sec_image_policy, postprocess=POSTPROCESS_PILSPLIT) rt_list.append(rtt) return rt_list
class GenericSecImageBuilder(object): def __init__(self, env): self.env = env self.builderutil = BuilderUtil(env) def build(self, target, source, sign_id, config, target_base_dir, chipset, sec_image_policy): #import pdb; pdb.set_trace() self.builderutil.printinfo( "sectools_signer_builder: SECTOOLS_DIR = %s" % SECTOOLS_DIR) # Issuing sectools command cmds = [ "python", os.path.join(SECTOOLS_DIR, "sectools.py"), "secimage", "-i", source, "-o", target_base_dir, "-g", sign_id, "-c", config ] cmds.append(sec_image_policy.cmd_options) self.builderutil.printinfo("sectools_signer_builder: %s" % " ".join(cmds)) self.builderutil.execcmds(cmds, target=target) return self.builderutil.getReturnValueInBuilder(target)
def getUnsignedInstallPath(env, install_base_dir, featureflags=DEFAULT_INSTALL_DEFAULT_FLAGS, disable_featureflags=DEFAULT_DISABLE_FEATURE_FLAGS, policy_file=DEFAULT_POLICY_FILE): util = BuilderUtil(env) build_policy = BuildPolicy(policy_file, env) unsigned_install_path = install_base_dir if _isPolicyRun( env, disable_featureflags, build_policy) and build_policy.isFeatureEnabled(featureflags): unsigned_install_path = os.path.normpath( os.path.join(install_base_dir, "unsigned")) util.printinfo("unsigned install path = %s" % unsigned_install_path) return unsigned_install_path
def _execute_sec_image_policy(env, target_base_dir, source, sign_id, signer, qc_sign, jtag_id, soc_hw_version, soc_vers, app_id, config, msmid_jtagid_dict, sec_image_policy, image_entry, relocatable): # msmid_list can be used to set "chipset" in config file msmid_list = msmid_jtagid_dict.keys() num_targets = len(msmid_list) source_name = os.path.basename(source) rt_list = [] if _is_excluded(sec_image_policy, sign_id) is True: # Do not execute if sign_id match the exclude list util = BuilderUtil(env) util.printinfo( "sec_image_policy = {0} is excluded for sign_id = {1}".format( sec_image_policy.id, sign_id)) return rt_list for i in range(0, num_targets): policy_target_base_dir = os.path.join(target_base_dir, sec_image_policy.id) target_str = os.path.join(policy_target_base_dir, msmid_list[i], sign_id, source_name) signerbuilderglue = SecImageBuilderGlue(env) rtt = signerbuilderglue.build(target_str, source, sign_id=sign_id, signer=signer, qc_sign=qc_sign, jtag_id=jtag_id, soc_hw_version=soc_hw_version, soc_vers=soc_vers, app_id=app_id, config=config, target_base_dir=policy_target_base_dir, sec_image_policy=sec_image_policy, image_entry=image_entry, relocatable=relocatable) rt_list.append(rtt) return rt_list
def _isPolicyRun(env, disable_buildtags, build_policy, source=[]): isPolicyRun = False util = BuilderUtil(env) if (disable_buildtags is None or util.isKeyEnable(disable_buildtags) is False) and \ build_policy.enabled_sec_image_policies != []: isPolicyRun = True else: enabled_policy_ids=[] for sec_image_policy in build_policy.enabled_sec_image_policies: enabled_policy_ids.append(sec_image_policy.id) util.printinfo("sectools is not run for {0} due to build tags constraint.".format(source)) util.printinfo("enabled_sec_image_policies = {0}".format(enabled_policy_ids)) util.printinfo("disable_buildtags = %s" % disable_buildtags) return isPolicyRun
def _execute_pilsplit(env, pilsplitter_target_base_dir, install_file_name, sectools_builder_output, msmid_jtagid_dict, build_policy, pilsplitter_path ): util = BuilderUtil(env) pilsplitter_target_base_dir = os.path.realpath(util.envsubst(pilsplitter_target_base_dir)) pilsplitter_path = os.path.realpath(util.envsubst(pilsplitter_path)) install_file_name = util.envsubst(install_file_name) rt_list = [] if c_path.validate_file(pilsplitter_path): util.loadToolScript(pilsplitter_path) for i, sec_image_policy in enumerate(build_policy.enabled_sec_image_policies): rtt = _execute_postprocess_policy(env, sectools_install_base_dir=pilsplitter_target_base_dir, install_file_name=install_file_name, sectools_builder_output=sectools_builder_output[i], msmid_jtagid_dict=msmid_jtagid_dict, install_policies=build_policy.enabled_install_policies, sec_image_policy=sec_image_policy, postprocess=POSTPROCESS_PILSPLIT) rt_list.append(rtt) return rt_list
def build(env, target_base_dir, source, sign_id, jtagid=None, sectools_install_base_dir=None, install_file_name=None, msmid=None, msmid_jtagid_dict=None, msm_jtag_mapping_file=DEFAULT_MSM_JTAG_MAPPING_FILE, disable_featureflags=DEFAULT_DISABLE_FEATURE_FLAGS, config=DEFAULT_CONFIG_FILE, policy_file=DEFAULT_POLICY_FILE): rt = [] util = BuilderUtil(env) source = util.envsubst(source) if type(source) is not list: source = [source] source_str = os.path.realpath(str(source[0])) policy_file = os.path.realpath(util.envsubst(policy_file)) target_dir_realpath = os.path.realpath(util.envsubst(target_base_dir)) build_policy = BuildPolicy(policy_file, env) # don't do anything if none of the tags match. if _isPolicyRun(env, disable_featureflags, build_policy, source_str) is True: if msmid_jtagid_dict is None: msmid_jtagid_dict = get_msm_jtag_dict_from_file(env, msmid) rt_signed_list = [] rt_installed_list = [] for sec_image_policy in build_policy.enabled_sec_image_policies: rtt = _execute_sec_image_policy( env, target_base_dir=target_dir_realpath, source=source_str, sign_id=sign_id, config=os.path.realpath(util.envsubst(config)), msmid_jtagid_dict=msmid_jtagid_dict, sec_image_policy=sec_image_policy) rt_signed_list.append(rtt) rt = rt_signed_list if sectools_install_base_dir is not None: rt_installed_list = _execute_install( env, sectools_install_base_dir=sectools_install_base_dir, install_file_name=install_file_name, sectools_builder_output=rt_signed_list, alternate_source=None, msmid_jtagid_dict=msmid_jtagid_dict, build_policy=build_policy) rt = rt_installed_list return rt
def _execute_install_policy(env, sectools_install_base_dir, install_file_name, sectools_builder_output, alternate_source, msmid_jtagid_dict, install_policies, sec_image_policy_id): rt_list = [] util = BuilderUtil(env) for install_policy in install_policies: install_directory = install_policy.getDirectory(sec_image_policy_id) if install_directory is None: continue install_directory_processed = signerutils.macro_replace( install_directory, "sectools_install_base_dir", sectools_install_base_dir, isMandatory=False) install_directory_processed = os.path.normpath( util.envsubst(install_directory_processed)) if install_file_name is not None: target_file_path = os.path.join(install_directory_processed, install_file_name) else: path, filename = os.path.split(sectools_builder_output[0]) target_file_path = os.path.join(install_directory_processed, filename) if alternate_source is not None: rt = util.installas(target_file_path, alternate_source) else: rt = util.installas(target_file_path, sectools_builder_output[0]) rt_list.append(rt) return rt_list
def _execute_sec_image_policy(env, target_base_dir, source, sign_id, config, msmid_jtagid_dict, sec_image_policy, image_entry, relocatable): #msmid_list can be used to set "chipset" in config file msmid_list = msmid_jtagid_dict.keys() num_targets = len(msmid_list) source_path, source_file = os.path.split(source) rt_list = [] if _is_excluded(sec_image_policy, sign_id) is True: #Do not execute if sign_id match the exclude list util = BuilderUtil(env) util.printinfo("sec_image_policy = {0} is excluded for sign_id = {1}". format(sec_image_policy.id, sign_id)) return rt_list for i in range(0, num_targets): policy_target_base_dir = os.path.join(target_base_dir, sec_image_policy.id) target_str = os.path.join(policy_target_base_dir, msmid_list[i], sign_id, source_file) signerbuilderglue = SecImageBuilderGlue(env) rtt = signerbuilderglue.build(target_str, source, sign_id=sign_id, config=config, target_base_dir=policy_target_base_dir, chipset=msmid_list[i], sec_image_policy=sec_image_policy, image_entry=image_entry, relocatable=relocatable) rt_list.append(rtt) return rt_list
class GenericSecImageBuilder(object): def __init__(self, env): self.env = env self.builderutil = BuilderUtil(env) def _generate_config_file(self, src_config, dest_config, image_entry, relocatable): config = ConfigParser(src_config) image_type_list = config.root.parsegen.get_image_types_list() for image_type in image_type_list.get_image_type(): if image_type.id == "elf_wrapped_mbn": #Override relocatable setting image_type.ewm_properties.relocatable = relocatable if image_entry is not None: #Override image_entry image_type.ewm_properties.image_entry = image_entry config.generate(dest_config) def build(self, target, source, sign_id, config, target_base_dir, chipset, sec_image_policy, image_entry, relocatable): #import pdb; pdb.set_trace() self.builderutil.printinfo("sectools_signer_builder: SECTOOLS_DIR = %s" % SECTOOLS_DIR) if sign_id == "mba_ewm": c_path.create_dir(target_base_dir) generated_config = os.path.join(target_base_dir, "generated_config.xml") self._generate_config_file(config, generated_config, image_entry, relocatable) config_used = generated_config else: config_used = config # Issuing sectools command cmds = ["python", os.path.join(SECTOOLS_DIR, "sectools.py"), "secimage", "-i", source, "-o", target_base_dir, "-g", sign_id, "-c", config_used] cmds.append(sec_image_policy.cmd_options) self.builderutil.printinfo("sectools_signer_builder: %s" % " ".join(cmds)) self.builderutil.execcmds(cmds, target=target) return self.builderutil.getReturnValueInBuilder(target)
def get_msm_jtag_dict_from_file(env, msmid, msm_jtag_mapping_file=DEFAULT_MSM_JTAG_MAPPING_FILE, file_type="xml"): if msmid is None: return DEFAULT_MSM_JTAG_DICT util = BuilderUtil(env) msm_jtag_mapping_file = os.path.realpath(util.envsubst(msm_jtag_mapping_file)) util.printinfo("sectools_builder: msm_jtag_mapping_file= %s" % msm_jtag_mapping_file) try: msmid_jtagid_dict = _get_msm_jtag_dict_from_file_impl(msmid, msm_jtag_mapping_file, file_type) except Exception, e: util.returnError(str(e))
def build(env, target_base_dir, source, sign_id, signer=None, qc_sign=False, jtag_id=None, soc_hw_version=None, soc_vers=None, app_id=None, sectools_install_base_dir=None, install_file_name=None, msmid=None, msmid_jtagid_dict=None, msm_jtag_mapping_file=DEFAULT_MSM_JTAG_MAPPING_FILE, disable_featureflags=DEFAULT_DISABLE_FEATURE_FLAGS, config=DEFAULT_CONFIG_FILE, policy_file=DEFAULT_POLICY_FILE, pilsplitter_target_base_dir=None, pilsplitter_path=DEFAULT_PILSPLITTER_PATH, pilsplitter_featureflag=[], image_entry=None, relocatable=False): rt = [] util = BuilderUtil(env) source = util.envsubst(source) if type(source) is not list: source = [source] source_path = os.path.realpath(str(source[0])) policy_file = os.path.realpath(util.envsubst(policy_file)) target_dir_realpath = os.path.realpath(util.envsubst(target_base_dir)) build_policy = BuildPolicy(policy_file, env) if msmid_jtagid_dict is None: msmid_jtagid_dict = get_msm_jtag_dict_from_file(env, msmid) # don't do anything if none of the tags match. if _isPolicyRun(env, disable_featureflags, build_policy, source_path) is True: rt_signed_list = _execute_sign(env, target_base_dir=target_dir_realpath, source=source_path, signer=signer, qc_sign=qc_sign, sign_id=sign_id, jtag_id=jtag_id, soc_hw_version=soc_hw_version, soc_vers=soc_vers, app_id=app_id, config=os.path.realpath( util.envsubst(config)), msmid_jtagid_dict=msmid_jtagid_dict, build_policy=build_policy, image_entry=image_entry, relocatable=relocatable) rt.append(rt_signed_list) if sectools_install_base_dir is not None: rt_installed_list = _execute_install( env, sectools_install_base_dir=sectools_install_base_dir, install_file_name=install_file_name, sectools_builder_output=rt_signed_list, build_policy=build_policy) rt.append(rt_installed_list) if (len(pilsplitter_featureflag) == 0 or util.isKeyEnable(pilsplitter_featureflag)) and \ pilsplitter_target_base_dir is not None: rt_pilsplit_list = _execute_pilsplit( env, pilsplitter_target_base_dir=pilsplitter_target_base_dir, install_file_name=install_file_name, sectools_builder_output=rt_signed_list, build_policy=build_policy, pilsplitter_path=pilsplitter_path) rt.append(rt_pilsplit_list) return rt
def __init__(self, env): self.env = env self.builderutil = BuilderUtil(env)
def build(env, target_base_dir, source, sign_id, jtagid=None, sectools_install_base_dir = None, install_file_name = None, msmid = None, msmid_jtagid_dict = None, msm_jtag_mapping_file=DEFAULT_MSM_JTAG_MAPPING_FILE, disable_featureflags=DEFAULT_DISABLE_FEATURE_FLAGS, config=DEFAULT_CONFIG_FILE, policy_file=DEFAULT_POLICY_FILE, pilsplitter_target_base_dir = None, pilsplitter_path = DEFAULT_PILSPLITTER_PATH, pilsplitter_featureflag = [], image_entry = None, relocatable = False): rt = [] util = BuilderUtil(env) source = util.envsubst(source) if type(source) is not list: source = [source] source_str = os.path.realpath(str(source[0])) policy_file = os.path.realpath(util.envsubst(policy_file)) target_dir_realpath = os.path.realpath(util.envsubst(target_base_dir)) build_policy = BuildPolicy(policy_file, env) # don't do anything if none of the tags match. if _isPolicyRun(env, disable_featureflags, build_policy, source_str) is True: if msmid_jtagid_dict is None: msmid_jtagid_dict = get_msm_jtag_dict_from_file(env, msmid) rt_signed_list = _execute_sign(env, target_base_dir=target_dir_realpath, source=source_str, sign_id=sign_id, config=os.path.realpath(util.envsubst(config)), msmid_jtagid_dict=msmid_jtagid_dict, build_policy=build_policy, image_entry=image_entry, relocatable=relocatable) rt.append(rt_signed_list) if sectools_install_base_dir is not None: rt_installed_list = _execute_install(env, sectools_install_base_dir=sectools_install_base_dir, install_file_name=install_file_name, sectools_builder_output=rt_signed_list, msmid_jtagid_dict=msmid_jtagid_dict, build_policy=build_policy) rt.append(rt_installed_list) if (len(pilsplitter_featureflag) == 0 or util.isKeyEnable(pilsplitter_featureflag)) and \ pilsplitter_target_base_dir is not None: rt_pilsplit_list = _execute_pilsplit(env, pilsplitter_target_base_dir=pilsplitter_target_base_dir, install_file_name=install_file_name, sectools_builder_output=rt_signed_list, msmid_jtagid_dict=msmid_jtagid_dict, build_policy=build_policy, pilsplitter_path=pilsplitter_path) rt.append(rt_pilsplit_list) return rt
class GenericSecImageBuilder(object): def __init__(self, env): self.env = env self.builderutil = BuilderUtil(env) def _generate_config_file(self, src_config, dest_config, image_entry, relocatable): config = ConfigParser(src_config) image_type_list = config.root.parsegen.get_image_types_list() for image_type in image_type_list.get_image_type(): if image_type.id == EWM_TYPE: #Override relocatable setting image_type.ewm_properties.relocatable = relocatable if image_entry is not None: #Override image_entry image_type.ewm_properties.image_entry = image_entry config.generate(dest_config) def build(self, target, source, sign_id, jtag_id, soc_hw_version, config, target_base_dir, sec_image_policy, image_entry, relocatable): if jtag_id is not None and soc_hw_version is not None: self.builderutil.printinfo( 'both JTAG_ID and SOC_HW_VERSION are provided: jtag_id = ' + str(jtag_id) + ' soc_hw_version = ' + str(soc_hw_version)) raise RuntimeError( 'please specify only one, JTAG_ID or SOC_HW_VERSION') self.builderutil.printinfo("sectools_builder: SECTOOLS_DIR = %s" % SECTOOLS_DIR) if sign_id.endswith("ewm"): c_path.create_dir(target_base_dir) generated_config = c_path.join(target_base_dir, "generated_config.xml") self._generate_config_file(config, generated_config, image_entry, relocatable) config = generated_config # Issuing sectools command cmds = [ "python", c_path.join(SECTOOLS_DIR, "sectools.py"), "secimage", "-i", source, "-o", target_base_dir, "-g", sign_id, "-c", config ] """ FR 27556: Test keys to sign CRM builds if both jtag_id and soc_hw_version are provided, return error and exit; if one is provided, use that to sign the image; if neither is provided, use jtag_id=0 to sign the image. """ if jtag_id is not None: jtag_id_arg = ["--cfg_msm_part", jtag_id] cmds = cmds + jtag_id_arg elif soc_hw_version is not None: soc_hw_version_arg = [ "--cfg_soc_hw_version", soc_hw_version, "--cfg_in_use_soc_hw_version", "1", "--cfg_msm_part", "" ] cmds = cmds + soc_hw_version_arg cmds.append(sec_image_policy.cmd_options) self.builderutil.printinfo("sectools_builder: %s" % " ".join(cmds)) self.builderutil.execcmds(cmds, target=target) return self.builderutil.getReturnValueInBuilder(target)