[openfirmware] [commit] r1945 - in cpu/x86/pc/olpc: . via

repository service svn at openfirmware.info
Tue Aug 31 21:15:48 CEST 2010


Author: wmb
Date: Tue Aug 31 21:15:48 2010
New Revision: 1945
URL: http://tracker.coreboot.org/trac/openfirmware/changeset/1945

Log:
OLPC XO-1.5 - Added keyjector script for XO-1.5, also tweaked XO-1
keyject.bth to reflect the latest olpc.bth .

Added:
   cpu/x86/pc/olpc/via/keyject.bth
   cpu/x86/pc/olpc/via/keyject.fth
Modified:
   cpu/x86/pc/olpc/keyject.bth

Modified: cpu/x86/pc/olpc/keyject.bth
==============================================================================
--- cpu/x86/pc/olpc/keyject.bth	Mon Aug 30 20:31:04 2010	(r1944)
+++ cpu/x86/pc/olpc/keyject.bth	Tue Aug 31 21:15:48 2010	(r1945)
@@ -14,6 +14,7 @@
 in: ${BP}/dev/usb2/hcd/ohci/build/ohci.fc
 in: ${BP}/dev/usb2/hcd/ehci/build/ehci.fc
 in: ${BP}/dev/usb2/device/hub/build/hub.fc
+in: ${BP}/dev/usb2/device/generic/build/generic.fc
 in: ${BP}/dev/usb2/device/net/build/usbnet.fc
 in: ${BP}/dev/usb2/device/serial/build/usbserial.fc
 in: ${BP}/dev/usb2/device/storage/build/usbstorage.fc
@@ -21,7 +22,7 @@
 in: ${BP}/dev/usb2/device/wlan/build/usb8388.fc
 in: ${BP}/dev/olpc/cafenand/build/cafenand.fc
 in: ${BP}/dev/olpc/cafecamera/build/cafecamera.fc
-in: ${BP}/clients/memtest86/memtest
+in: memtest
 in: ${BP}/clients/emacs/x86/emacs
 in: ${BP}/cpu/x86/pc/olpc/build/verify.img
 in: ${BP}/cpu/x86/pc/olpc/build/usb8388.bin
@@ -68,7 +69,7 @@
    fload ${BP}/cpu/x86/pc/olpc/loaddropins.fth
    " sourceurl"   " sourceurl"                    $add-dropin
 
-   " ${BP}/clients/memtest86/memtest"               " memtest"  $add-deflated-dropin
+   " memtest"                                        " memtest"  $add-deflated-dropin
 \   " ${BP}/cpu/x86/pc/olpc/images/olpc16EQima.wav"  " splash"   $add-deflated-dropin
 \   " ${BP}/cpu/x86/pc/olpc/images/Edge1-16k-EQ-Comp-Amp-ima.wav"  " splash"   $add-deflated-dropin
    " ${BP}/cpu/x86/pc/olpc/images/Edge1-8k-EQ-Comp-Amp-Short.wav"  " splash"   $add-deflated-dropin

Added: cpu/x86/pc/olpc/via/keyject.bth
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ cpu/x86/pc/olpc/via/keyject.bth	Tue Aug 31 21:15:48 2010	(r1945)
@@ -0,0 +1,258 @@
+purpose: Construct the Open Firmware module collection
+
+command: &builder &this
+in: ${BP}/cpu/x86/pc/olpc/via/build/ec.img
+in: ${BP}/cpu/x86/pc/olpc/via/build/romreset.di
+in: ${BP}/cpu/x86/pc/olpc/via/build/romstart.di
+in: ${BP}/cpu/x86/pc/olpc/via/build/resume.di
+in: ${BP}/cpu/x86/pc/olpc/via/build/rmstart.img
+in: ${BP}/cpu/x86/pc/olpc/via/build/paging.di
+in: ${BP}/cpu/x86/pc/olpc/via/build/fw.dic
+in: ${BP}/dev/mmc/sdhci/build/sdhci2.fc
+in: ${BP}/dev/mmc/sdhci/build/sdhcixo.fc
+in: ${BP}/dev/mmc/sdhci/build/sdmmc.fc
+in: ${BP}/dev/mmc/sdhci/mv8686/build/mv8686.fc
+in: ${BP}/dev/usb2/hcd/uhci/build/uhci.fc
+in: ${BP}/dev/usb2/hcd/ehci/build/ehci.fc
+in: ${BP}/dev/usb2/device/hub/build/hub.fc
+in: ${BP}/dev/usb2/device/generic/build/generic.fc
+in: ${BP}/dev/usb2/device/net/build/usbnet.fc
+in: ${BP}/dev/usb2/device/serial/build/usbserial.fc
+in: ${BP}/dev/usb2/device/storage/build/usbstorage.fc
+in: ${BP}/dev/usb2/device/keyboard/build/usbkbd.fc
+in: ${BP}/clients/memtest86/memtest
+in: ${BP}/clients/emacs/x86/emacs
+in: ${BP}/cpu/x86/pc/olpc/via/build/verify.img
+in: ${BP}/dev/pci/build/pcibridg.fc
+in: ${BP}/dev/ide/build/idehier.fc
+\ in: ${BP}/dev/ide/build/leghier.fc
+\ in: ${BP}/cpu/x86/pc/olpc/via/build/camera.fc
+in: ${BP}/cpu/x86/pc/olpc/via/build/dsdt.aml
+in: ${BP}/cpu/x86/pc/olpc/via/build/mcastnand.bin
+in: ${BP}/dev/hdaudio/build/hdaudio.fc
+in: sd8686.bin
+in: testicons.bin
+in: ${BP}/cpu/x86/pc/olpc/images/bigx.di
+in: ${BP}/cpu/x86/pc/olpc/images/bigcheck.di
+in: ${BP}/cpu/x86/pc/olpc/images/leds.di
+in: ${BP}/cpu/x86/pc/olpc/images/ebook.di
+
+build-now
+
+fload ${BP}/cpu/x86/pc/olpc/via/fw-version.fth
+macro: FW_MINOR 49z
+
+" macro: FW_VERSION Q3${FW_MAJOR}${FW_MINOR}" expand$ eval
+
+fload ${BP}/cpu/x86/pc/olpc/via/config.fth
+
+\ Always re-create the builton.fth file when we make a new rom.img
+fload ${BP}/cpu/x86/pc/builton.bth
+fload ${BP}/cpu/x86/pc/olpc/via/sourceurl.fth
+
+fload ${BP}/forth/lib/crc32.fth
+
+hex
+
+: pad-file  ( location -- )
+   ofd @ fsize
+   2dup u< abort" The ROM image is too large"
+   ?do  h# ff ofd @ fputc  loop
+;
+
+.( --- Saving as )
+" ${FW_VERSION}.rom" expand$  2dup lower  ( adr len )
+2dup type cr  ( adr len )
+$new-file
+[ifdef] xo-board
+   " ec.img"                $add-file
+[then]
+
+   dropin-base rom-pa -  pad-file
+
+[ifdef] coreboot-loaded
+   " romstart.di"           $add-file
+[else]
+   " romreset.di"           $add-file
+[then]
+
+   " resume.di"             $add-file
+
+\ Loads the set of drivers that is common to different output formats
+
+   " paging.di"             $add-file
+   " ${BP}/cpu/x86/build/inflate.bin"        " inflate"         $add-dropin
+   " fw.img"   " firmware"  $add-deflated-dropin
+\   " fw.img"   " firmware"  $add-dropin
+
+   " ${BP}/dev/usb2/hcd/uhci/build/uhci.fc"	" class0c0300"      $add-deflated-dropin
+   " ${BP}/dev/usb2/hcd/ehci/build/ehci.fc"	" class0c0320"      $add-deflated-dropin
+   " ${BP}/dev/usb2/device/hub/build/hub.fc"     " usb,class9"      $add-dropin
+   " ${BP}/dev/usb2/device/generic/build/generic.fc"  " usbdevice"  $add-deflated-dropin
+   " ${BP}/dev/usb2/device/net/build/usbnet.fc"       " usbnet"     $add-deflated-dropin
+   " ${BP}/dev/usb2/device/keyboard/build/usbkbd.fc"  " usb,class3,1" $add-dropin
+   " ${BP}/dev/usb2/device/serial/build/usbserial.fc" " usbserial"  $add-deflated-dropin
+   " ${BP}/dev/usb2/device/storage/build/usbstorage.fc" " usbstorage"   $add-deflated-dropin
+\  " mrv8686.bin" " mrv8686.bin"                                    $add-deflated-dropin
+
+[ifdef] notdef
+   " ${BP}/dev/pci/build/pcibridg.fc"            " class060400"   $add-deflated-dropin
+\  " ${BP}/dev/ide/build/leghier.fc"             " class01018a"   $add-deflated-dropin
+   " ${BP}/dev/ide/build/idehier.fc"             " class01018f"   $add-deflated-dropin
+[then]
+[ifdef] xo-board
+   " ${BP}/dev/mmc/sdhci/build/sdhcixo.fc"       " class080501"   $add-deflated-dropin
+[then]
+[ifdef] demo-board
+   " ${BP}/dev/mmc/sdhci/build/sdhci2.fc"        " class080501"   $add-deflated-dropin
+[then]
+   " ${BP}/dev/mmc/sdhci/build/sdmmc.fc"         " sdmmc"         $add-deflated-dropin
+   " ${BP}/dev/mmc/sdhci/mv8686/build/mv8686.fc" " mv8686"        $add-deflated-dropin
+   " sd8686_helper.bin"                          " helper_sd.bin" $add-deflated-dropin
+   " sd8686.bin"                                 " sd8686.bin"    $add-deflated-dropin
+
+   " builton.fth"                       " probe-"          $add-dropin
+
+   " ${BP}/clients/emacs/x86/emacs"             " emacs"         $add-deflated-dropin
+   " ${BP}/clients/emacs/x86/emacs.rc"          " emacs.rc"      $add-deflated-dropin
+   " ${BP}/clients/emacs/emacs.hlp"             " emacs.hlp"     $add-deflated-dropin
+
+   " ${BP}/ofw/fcode/memtest.fth"  " memtest.fth"          $add-deflated-dropin
+
+   " ${BP}/dev/hdaudio/build/hdaudio.fc"         " class040300"   $add-deflated-dropin
+
+   " ${BP}/ofw/inet/telnetd.fth"          " telnetd"             $add-deflated-dropin
+
+\    " ${BP}/cpu/x86/pc/olpc/images/warnings.565"  " warnings.565"  $add-deflated-dropin
+   " ${BP}/cpu/x86/pc/olpc/images/lightdot.565"  " lightdot.565"  $add-deflated-dropin
+   " ${BP}/cpu/x86/pc/olpc/images/yellowdot.565" " yellowdot.565" $add-deflated-dropin
+   " ${BP}/cpu/x86/pc/olpc/images/darkdot.565"   " darkdot.565"   $add-deflated-dropin
+   " ${BP}/cpu/x86/pc/olpc/images/lock.565"      " lock.565"      $add-deflated-dropin
+   " ${BP}/cpu/x86/pc/olpc/images/unlock.565"    " unlock.565"    $add-deflated-dropin
+   " ${BP}/cpu/x86/pc/olpc/images/plus.565"      " plus.565"      $add-deflated-dropin
+   " ${BP}/cpu/x86/pc/olpc/images/minus.565"     " minus.565"     $add-deflated-dropin
+   " ${BP}/cpu/x86/pc/olpc/images/x.565"         " x.565"         $add-deflated-dropin
+   " ${BP}/cpu/x86/pc/olpc/images/sad.565"       " sad.565"       $add-deflated-dropin
+   " ${BP}/cpu/x86/pc/olpc/images/bigdot.565"    " bigdot.565"    $add-deflated-dropin
+
+   " ${BP}/cpu/x86/pc/olpc/images/check.565"    " check.565"     $add-deflated-dropin
+   " ${BP}/cpu/x86/pc/olpc/images/xogray.565"   " xogray.565"    $add-deflated-dropin
+   " ${BP}/cpu/x86/pc/olpc/images/ethernet.565" " ethernet.565"  $add-deflated-dropin
+   " ${BP}/cpu/x86/pc/olpc/images/usbkey.565"   " disk.565"      $add-deflated-dropin
+   " ${BP}/cpu/x86/pc/olpc/images/wireless.565" " wlan.565"      $add-deflated-dropin
+   " ${BP}/cpu/x86/pc/olpc/images/laptop.565"   " int.565"       $add-deflated-dropin
+   " ${BP}/cpu/x86/pc/olpc/images/sd.565"       " ext.565"       $add-deflated-dropin
+
+   " ${BP}/cpu/x86/pc/olpc/DisplayEDID.raw"     " edid"          $add-deflated-dropin
+
+   " ${BP}/ofw/termemu/15x30pc.psf"             " font"          $add-deflated-dropin
+[ifdef] use-ega
+   " ${BP}/ofw/termemu/cp881-16.obf"            " pcfont"        $add-deflated-dropin
+[then]
+
+   " memtest"                                   " memtest"       $add-deflated-dropin
+
+   " verify.img"                                " verify"        $add-deflated-dropin
+   " os.public"                                 " ospubkey"      $add-dropin \ Incompressible
+   " fw.public"                                 " fwpubkey"      $add-dropin \ Incompressible
+   " fs.public"                                 " fspubkey"      $add-dropin \ Incompressible
+   " lease.public"                              " leasepubkey"   $add-dropin \ Incompressible
+   " developer.public"                          " develpubkey"   $add-dropin \ Incompressible
+   " sourceurl"   " sourceurl"                    $add-dropin
+
+   " ${BP}/cpu/x86/pc/olpc/images/Edge1-8k-EQ-Comp-Amp-Short.wav"  " splash"   $add-deflated-dropin
+
+   " ${BP}/cpu/x86/pc/olpc/via/build/dsdt.aml"      " dsdt"            $add-deflated-dropin
+\  " ${BP}/cpu/x86/pc/olpc/via/build/ssdt.aml"      " ssdt"            $add-deflated-dropin
+
+   \ icons for mfg test gui
+   " testicons/play.565"        " play.565"     $add-deflated-dropin
+   " testicons/quit.565"        " quit.565"     $add-deflated-dropin
+   " testicons/cpu.565"         " cpu.565"      $add-deflated-dropin
+   " testicons/spi.565"         " spi.565"      $add-deflated-dropin
+   " testicons/ram.565"         " ram.565"      $add-deflated-dropin
+   " testicons/sdcard.565"      " sdcard.565"   $add-deflated-dropin
+   " testicons/keyboard.565"    " keyboard.565" $add-deflated-dropin
+   " testicons/display.565"     " display.565"  $add-deflated-dropin
+   " testicons/touchpad.565"    " touchpad.565" $add-deflated-dropin
+   " testicons/audio.565"       " audio.565"    $add-deflated-dropin
+   " testicons/usb.565"         " usb.565"      $add-deflated-dropin
+   " testicons/battery.565"     " battery.565"  $add-deflated-dropin
+   " testicons/camera.565"      " camera.565"   $add-deflated-dropin
+   " testicons/wifi.565"        " wifi.565"     $add-deflated-dropin
+   " testicons/clock.565"       " clock.565"    $add-deflated-dropin
+   " testicons/timer.565"       " timer.565"    $add-deflated-dropin
+   " ${BP}/cpu/x86/pc/olpc/images/bigx.di"      $add-file
+   " ${BP}/cpu/x86/pc/olpc/images/bigcheck.di"  $add-file
+   " ${BP}/cpu/x86/pc/olpc/images/leds.di"      $add-file
+   " ${BP}/cpu/x86/pc/olpc/images/ebook.di"     $add-file
+
+   " ${BP}/cpu/x86/pc/olpc/via/build/nandblaster15_rx.bin" " nb15_rx"  $add-deflated-dropin
+   " ${BP}/cpu/x86/pc/olpc/via/build/nandblaster_tx.bin" " nb_tx"      $add-deflated-dropin
+
+   " ${BP}/cpu/x86/pc/olpc/keyject.fth"          " probe+"          $add-deflated-dropin
+   " /space/bios-crypto/build/k2.public"         " o1"              $add-dropin  \ Incompressible
+   " /space/bios-crypto/build/k2.public"         " s1"              $add-dropin
+   " /space/bios-crypto/build/k2.public"         " d1"              $add-dropin
+   " /space/bios-crypto/build/k2.public"         " w1"              $add-dropin
+   " /space/bios-crypto/build/k2.public"         " a1"              $add-dropin
+
+.( Dropin top is )  ofd @ fsize  .x cr
+
+[ifdef] coreboot-loaded
+   /rom h# 10000 - pad-file	\ coreboot init image must be in last FLASH block
+   " coreboot.img"   $add-file
+[else]
+   /rom h# 10000 - pad-file	\ coreboot init image must be in last FLASH block
+\  " cforth.img"     $add-file  \ Small Forth that runs from cache
+
+   /rom h# 400 - pad-file	\ rmstart image must start 0x400 from end
+   " rmstart.img"    $add-file
+
+\ Insert the revision signature
+/rom h# 40 - ofd @ fseek
+h# 10 buffer: signature
+signature h# 10 blank
+" CL1"                    signature         swap move
+" ${FW_VERSION}" expand$  signature     6 + swap move
+" Q3${FW_MAJOR}" expand$  signature d# 13 + swap move
+signature h# 10  ofd @ fputs
+
+create sipbuf
+  cc c, 66 c, aa c, 55 c, 54 c, 24 c, 01 c, 88 c,
+  77 c, 77 c, 10 c, 77 c, 14 c, 08 c, 77 c, 00 c,
+  00 c, 00 c, 00 c, 00 c, 00 c, 00 c, 00 c, 00 c,
+  00 c, 00 c, 00 c, 00 c, 00 c, 00 c, 00 c, 00 c, 
+here sipbuf - constant /sipbuf
+
+/l buffer: crcbuf
+/rom buffer: filebuf
+
+\ Via SIP ROM pointer
+\ The address "-30" is fixed by the VX855 hardware.
+\ We get to choose the address ffffffa0
+h# ffffff80 crcbuf l!
+/rom h# 30 - ofd @ fseek
+crcbuf /l ofd @ fputs
+
+/rom h# 80 - ofd @ fseek
+sipbuf /sipbuf ofd @ fputs
+
+\ Read the entire image, compute the CRC, and store it h# 30 from the end
+0 ofd @ fseek
+filebuf /rom ofd @ fgets /rom <> abort" Can't read back image"
+0 crctab  filebuf /rom  ($crc)  crcbuf !
+
+/rom h# 2c - ofd @ fseek
+crcbuf /l ofd @ fputs
+[then]
+
+ofd @ fclose
+
+\ Creating olpc.version serves two purposes:
+\ a) It reports the firmware revision for use by external scripts
+\ b) It provides an olpc.* artifact for the builder dependency management.
+
+writing keyject.version
+" ${FW_VERSION}" expand$  2dup lower  ofd @ fputs
+ofd @ fclose

Added: cpu/x86/pc/olpc/via/keyject.fth
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ cpu/x86/pc/olpc/via/keyject.fth	Tue Aug 31 21:15:48 2010	(r1945)
@@ -0,0 +1,265 @@
+purpose: Inject additional keys into manufacturing data
+\ See license at end of file
+
+\ Search for !!! for things that may need to change for different deployments
+
+\ See HowItWorks near end of file for a description of the overall procedure
+
+\ !!! Re-implement this for each different deployment
+: wrong-sku?  ( -- flag )
+   " P#" find-tag 0=  if  true exit  then              ( pn$ )
+
+   -null                                               ( pn$' )
+   2dup " 1CL11ZP0KD6" $=  if  2drop false exit  then  ( pn$ ) \ UY BYD LiFePO4
+   2dup " 1CL11ZP0KD7" $=  if  2drop false exit  then  ( pn$ ) \ UY GP NiMH
+   2dup " 1CL11ZP0KD9" $=  if  2drop false exit  then  ( pn$ ) \ UY GP LiFePO4
+[ifdef] test-me
+   2dup " 1CL11ZU0KDB" $=  if  2drop false exit  then  ( pn$ ) \ US for testing
+[then]
+   2drop
+
+   true
+;
+
+\ !!! Change the date for each different deployment
+: keyject-expired?  ( -- flag )  " 20090401T000000Z" expired?  ;
+
+\ !!! Change the key list for each different deployment
+: new-key-list$  ( -- )  " o1 s1 d1 w1 a1"  ;
+
+\ True if the all the requested tags are already present.
+\ This prevents endless looping.
+: already-injected?  ( -- flag )
+   new-key-list$  begin  dup  while  ( $ )
+      bl left-parse-string           ( $' name$ )
+      find-tag  if                   ( $ value$ )
+         2drop                       ( $ )
+      else                           ( $ )
+         2drop  false exit
+      then                           ( $ )
+   repeat                            ( $ )
+   2drop true
+;
+
+: inject-key  ( keyname$ -- )
+   2dup find-drop-in  if             ( keyname$ value$ )
+      2over ram-find-tag  if         ( keyname$ value$ oldvalue$ )
+         2 pick <>  if               ( keyname$ value$ oldvalue$ )
+            3drop                    ( keyname$ )
+            ." Warning: inconsistent old tag length for " type cr   ( )
+            exit
+         then                        ( keyname$ value$ oldvalue-adr )
+         >r 2tuck  r> swap  move     ( valu$ keyname$ )
+         green-letters
+         ." Replaced " type cr       ( value$ )
+         black-letters
+      else                           ( keyname$ value$ )
+         2swap                       ( value$ keyname$ )
+         2over 2over                 ( value$ keyname$ value$ keyname$ )
+         ($add-tag)                  ( value$ keyname$ )
+         green-letters
+         ." Added " type cr          ( value$ )
+         black-letters
+      then                           ( value$ )
+      free-mem                       ( )
+   else                              ( keyname$ )
+      ." Warning: Can't find a dropin module for " type cr  ( )
+   then                              ( )
+;
+
+: inject-keys  ( -- )
+   get-mfg-data
+   new-key-list$  begin  dup  while  ( $ )
+      bl left-parse-string           ( $' name$ )
+      inject-key                     ( $ )
+   repeat                            ( $ )
+   2drop                             ( )
+   (put-mfg-data)                    ( )
+;
+
+: keyject-error  ( msg$ -- )
+   cr
+   red-letters  ." Not injecting because:   "  type  cr  black-letters
+   cr
+   ." Will update firmware in 20 seconds" cr
+   d# 20,000 ms
+;
+
+: do-keyject?  ( -- flag )
+   wrong-sku?  if
+      " Wrong SKU" keyject-error
+      false exit
+   then
+   keyject-expired?  if
+      " Date Expired" keyject-error
+      false exit
+   then
+   already-injected?   if
+      " Keys Already Present" keyject-error
+      false exit
+   then
+   true
+;
+
+false value new-firmware?
+: got-firmware?  ( dev$ -- flag )
+   2dup ." Looking for new bootfw2.zip on " type cr     ( dev$ )
+   dn-buf place                                         ( )
+   " \boot" pn-buf place                                ( )
+   filesystem-present?  0=  if  false exit  then        ( )
+   null$ cn-buf place                                   ( )
+   " bootfw2" bundle-present?  0=  if  false exit  then ( )
+   ."   Found" cr                                       ( )
+   secure?  if                                          ( )
+      load-crypto  if                                   ( )
+         ." Crypto load failed" cr  false exit          ( )
+      then                                              ( )
+      fwkey$ to pubkey$                                 ( )
+      img$ sig$ fw-valid?  0=  if                       ( )
+         ."   Bad signature" cr                         ( )
+         false exit
+      then                                              ( )
+   then                                                 ( )
+   img$ tuck  flash-buf swap /flash min  move           ( len )
+   ['] ?image-valid catch  if                           ( x )
+      ."   Bad firmware image" cr                       ( x )
+      drop false exit
+   then                                                 ( )
+   ."   Good image" cr                                  ( )
+
+   true to new-firmware?                                ( )
+   true                                                 ( true )
+;
+
+: get-new-firmware  ( -- )
+   all-devices$  begin  dup  while         ( $ )
+      bl left-parse-string                 ( $' dev$ )
+      got-firmware?  if  2drop exit  then  ( $ )
+   repeat                                  ( $ )
+   2drop
+;
+
+: ac-connected?  ( -- flag )  bat-status@ h# 10 and  0<>  ;
+
+\ Empirically, a weak-but-present battery can present the "trickle charge" (80)
+\ but not present the "present" bit (01).
+: battery-present?  ( -- flag )  bat-status@ h# 81 and  0<>  ;
+
+\ Similarly, a weak-but-present battery can present the "trickle charge" (80)
+\ but not present the "battery low" bit (04).
+: battery-strong?  ( -- flag )  bat-status@ h# 84 and  0=  ;
+
+: wait-enough-power  ( -- )
+   ac-connected?  0=  if
+      ." Please connect the AC adapter to continue..."
+      begin  d# 100 ms  ac-connected?  until
+      cr
+   then
+   battery-present?  0=  if
+      ." Please insert a well-charged battery to continue..."
+      begin  d# 100 ms  battery-present?  until
+      cr
+   then
+   battery-strong?  0=  if
+      ." The battery is low.  Please insert a charged one to continue..."
+      begin  d# 100 ms  battery-present? battery-strong? and  until
+   then
+;
+
+\ Firmware is in flash-buf
+: update-firmware  ( -- )
+   write-firmware
+
+   ['] verify-firmware catch  if
+      ." Verify failed.  Retrying once"  cr
+      spi-identify
+      write-firmware
+      verify-firmware
+   then
+;
+
+: ?keyject  ( -- )
+   visible
+   green-letters  cr ." Security Key Injector" cr cr  black-letters
+   \ Get the new firmware first, so any security checks use the old keys
+   get-new-firmware
+   do-keyject?  if
+      wait-enough-power
+      flash-write-enable
+      inject-keys
+      new-firmware?  if  update-firmware  then
+      flash-write-disable  \ Should reboot
+   else
+      \ If we can't update the firmware, don't touch the SPI FLASH, lest
+      \ we get into an infinite reboot cycle.
+      new-firmware?  if
+         ." Updating firmware ..." cr
+         wait-enough-power
+         flash-write-enable
+         update-firmware
+         flash-write-disable  \ Should reboot
+      then
+   then
+;
+
+?keyject
+
+[ifdef] HowItWorks
+OLPC signs bootfw.zip containing OFW image A and bootfw2.zip containing OFW image B.
+* A is an OFW with additional keyjector functionality
+* B is an ordinary OFW
+Version number B > version number A.
+
+bootfw.zip and bootfw2.zip are presented to a deployment machine in the usual manner,
+either on a USB key or as part of a signed OS image.
+
+On a deployment machine with firmware X (version X < version A):
+
+The deployment machine (with old firmware version X < A)
+auto-reflashes itself with firmware A via the existing secure
+reflash mechanism.
+
+1) Firmware A starts and chacks that:
+  + The SKU is for the intended deployment
+  + the date is before the keyjector expiration date
+  + The override keys are not already present
+so it
+  ! Injects the new keys
+then it
+  ! Reads bootfw2.zip, checks its signature, and reflashes with firmware B (version > A)
+  ! Reboots
+
+2) Firmware B starts, performs the normal fw update attempt step,
+noticing that data.img (firmware A) is downrev, and proceeds to
+boot normally.
+
+In step (1), on a non-UY SKU, or after the expiration date,
+firmware A skips the keyjection step and instead goes straight
+to the "reflash firmware B" step.
+
+In either case, the machine ends up with (normal) firmware B.
+[then]
+
+\ LICENSE_BEGIN
+\ Copyright (c) 2007 FirmWorks
+\ 
+\ Permission is hereby granted, free of charge, to any person obtaining
+\ a copy of this software and associated documentation files (the
+\ "Software"), to deal in the Software without restriction, including
+\ without limitation the rights to use, copy, modify, merge, publish,
+\ distribute, sublicense, and/or sell copies of the Software, and to
+\ permit persons to whom the Software is furnished to do so, subject to
+\ the following conditions:
+\ 
+\ The above copyright notice and this permission notice shall be
+\ included in all copies or substantial portions of the Software.
+\ 
+\ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+\ EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+\ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+\ NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+\ LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+\ OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+\ WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+\
+\ LICENSE_END



More information about the openfirmware mailing list