[OpenBIOS] r647 - cpu/x86/pc/olpc cpu/x86/pc/olpc/images dev/geode/display dev/video/common ofw/termemu
svn at openbios.org
svn at openbios.org
Sat Sep 29 21:25:03 CEST 2007
Author: wmb
Date: 2007-09-29 21:25:03 +0200 (Sat, 29 Sep 2007)
New Revision: 647
Added:
cpu/x86/pc/olpc/images/check.565
cpu/x86/pc/olpc/images/check.bmp
cpu/x86/pc/olpc/images/darkdot.565
cpu/x86/pc/olpc/images/darkdot.bmp
cpu/x86/pc/olpc/images/develkey.565
cpu/x86/pc/olpc/images/develkey.bmp
cpu/x86/pc/olpc/images/lightdot.565
cpu/x86/pc/olpc/images/lightdot.bmp
cpu/x86/pc/olpc/images/lock.565
cpu/x86/pc/olpc/images/lock.bmp
cpu/x86/pc/olpc/images/minus.565
cpu/x86/pc/olpc/images/minus.bmp
cpu/x86/pc/olpc/images/plus.565
cpu/x86/pc/olpc/images/plus.bmp
cpu/x86/pc/olpc/images/sad.565
cpu/x86/pc/olpc/images/sad.bmp
cpu/x86/pc/olpc/images/topkey.565
cpu/x86/pc/olpc/images/topkey.bmp
cpu/x86/pc/olpc/images/unlock.565
cpu/x86/pc/olpc/images/unlock.bmp
cpu/x86/pc/olpc/images/x.565
cpu/x86/pc/olpc/images/x.bmp
cpu/x86/pc/olpc/images/xogray.565
cpu/x86/pc/olpc/images/xogray.bmp
cpu/x86/pc/olpc/images/yellowdot.565
cpu/x86/pc/olpc/images/yellowdot.bmp
Modified:
cpu/x86/pc/olpc/crypto.bth
cpu/x86/pc/olpc/crypto.fth
cpu/x86/pc/olpc/fw.bth
cpu/x86/pc/olpc/gui.fth
cpu/x86/pc/olpc/images/sd.565
cpu/x86/pc/olpc/images/sd.bmp
cpu/x86/pc/olpc/loaddropins.fth
cpu/x86/pc/olpc/security.fth
dev/geode/display/gxfb.fth
dev/video/common/rectangle16.fth
ofw/termemu/fb16.fth
Log:
New pretty-boot scheme tied in with security (omnibus checkin of many files)
Modified: cpu/x86/pc/olpc/crypto.bth
===================================================================
--- cpu/x86/pc/olpc/crypto.bth 2007-09-29 19:16:30 UTC (rev 646)
+++ cpu/x86/pc/olpc/crypto.bth 2007-09-29 19:25:03 UTC (rev 647)
@@ -6,6 +6,7 @@
fload ${BP}/cpu/x86/pc/olpc/versions.fth
" wget http://dev.laptop.org/pub/firmware/crypto/bios_verify-${CRYPTO_VERSION}.img -O verify.img" expand$ $sh
+" wget http://dev.laptop.org/pub/firmware/crypto/bios_hasher-${CRYPTO_VERSION}.img -O hasher.img" expand$ $sh
" wget http://dev.laptop.org/pub/firmware/crypto/testkeys/os.public -O os.public" expand$ $sh
" wget http://dev.laptop.org/pub/firmware/crypto/testkeys/fw.public -O fw.public" expand$ $sh
" wget http://dev.laptop.org/pub/firmware/crypto/testkeys/lease.public -O lease.public" expand$ $sh
Modified: cpu/x86/pc/olpc/crypto.fth
===================================================================
--- cpu/x86/pc/olpc/crypto.fth 2007-09-29 19:16:30 UTC (rev 646)
+++ cpu/x86/pc/olpc/crypto.fth 2007-09-29 19:25:03 UTC (rev 647)
@@ -5,18 +5,24 @@
h# d0000 constant verify-bss \ The address the code is linked to run at
h# 10000 constant /verify-bss
-0 [if]
-h# c0000 constant hasher-base \ The address the code is linked to run at
+1 [if]
+h# 70000 constant hasher-base \ The address the code is linked to run at
+h# 80000 constant hasher-bss
+h# 18000 constant /hasher-bss
variable hashlen
d# 128 buffer: hashbuf
+: get-hasher ( -- )
+ " hasher" find-drop-in 0= if 4drop true exit then ( prog$ )
+ 2dup hasher-base swap move free-mem ( hashname$ )
+;
+
: hash ( data$ hashname$ -- result$ )
- " hasher" find-drop-in 0= if 4drop true exit then ( data$ hashname$ prog$ )
- 2dup hasher-base swap move free-mem ( data$ hashname$ )
-
d# 128 hashlen !
- 2>r swap hashlen hashbuf 2swap 2r> $cstr ( &reslen resbuf datalen databuf hashname-cstr )
+ $cstr hashbuf hashlen ( databuf datalen hashname-cstr resbuf &reslen )
+ hasher-bss /hasher-bss erase
+
hasher-base dup h# 10 - sp-call abort" Hash failed" drop 4drop ( )
hashbuf hashlen @
;
@@ -25,7 +31,9 @@
0 value crypto-loaded?
: load-crypto ( -- error? )
crypto-loaded? if false exit then
- " verify" find-drop-in 0= if true exit then ( prog$ )
+ " verify" find-drop-in 0= if
+ ." Can't find crypto code" cr true exit
+ then ( prog$ )
2dup verify-base swap move free-mem ( )
true to crypto-loaded?
false
Modified: cpu/x86/pc/olpc/fw.bth
===================================================================
--- cpu/x86/pc/olpc/fw.bth 2007-09-29 19:16:30 UTC (rev 646)
+++ cpu/x86/pc/olpc/fw.bth 2007-09-29 19:25:03 UTC (rev 647)
@@ -272,7 +272,7 @@
." Interacting due to botched resume" cr hex interact
then
i-key-wait if
- " patch false fast-boot? startup" eval
+\ " patch false fast-boot? startup" eval
." Interacting" cr hex interact
then
[ifdef] lx-devel
@@ -335,6 +335,7 @@
\ fload ${BP}/cpu/x86/pc/olpc/carousel.fth \ Carouseled NAND writing
fload ${BP}/cpu/x86/pc/olpc/crypto.fth \ Cryptographic image validation
fload ${BP}/cpu/x86/pc/olpc/lzip.fth \ Access zip images from memory
+fload ${BP}/cpu/x86/pc/olpc/gamekeys.fth
fload ${BP}/cpu/x86/pc/olpc/security.fth
fload ${BP}/cpu/x86/pc/olpc/setwp.fth
fload ${BP}/ofw/gui/ofpong.fth
@@ -438,23 +439,9 @@
\ fload ${BP}/cpu/x86/pc/report.fth
fload ${BP}/ofw/core/dualconsole.fth
-0 value game-key-mask
-
-: read-game-keys ( -- )
-[ifdef] lx-devel false exit [then]
- board-revision h# b18 < if
- h# 100 to game-key-mask
- exit
- then
-
- game-key@ dup to game-key-mask if
- ." Release the game key to continue" cr
- begin d# 100 ms game-key@ 0= until
- then
-;
: fast-boot? ( -- flag )
[ifdef] rom-loaded
- game-key-mask h# 120 and 0=
+ button-x game-key? 0=
[else]
false
[then]
@@ -506,11 +493,6 @@
then
;
-: optional-startup ( -- )
- probe-usb
- ?usb-keyboard
-;
-
: go-hook-freeze
[ ' go-hook behavior compile, ]
0 " set-source" $call-screen
@@ -519,13 +501,13 @@
: unfreeze ( -- ) ['] usb-quiet to go-hook ;
: ?sound ( -- )
- game-key-mask h# 40 and 0= if sound then
+ button-rotate game-key? 0= if sound then
;
: ?freeze ( -- )
- game-key-mask h# 40 and 0= if freeze then
+ button-rotate game-key? 0= if freeze then
;
: ?games ( -- )
- game-key-mask h# 20 and if
+ rocker-right game-key? if
time&date 5drop 1 and if pong else life-demo then
then
;
@@ -540,36 +522,51 @@
console-start
read-game-keys
+[ifdef] notdef
fast-boot? if
- stdout off
+( D) stdout off \ banner
probe-pci
?sound
open-keyboard
+( D) \ ?games
?freeze
- ['] false to interrupt-auto-boot?
+\ ['] false to interrupt-auto-boot?
probe-usb
\ " nand" $dev-update-flash
interpreter-init
-[ifndef] lx-devel
- enable-power-button
-[then]
- auto-boot
- screen-ih stdout !
- ?usb-keyboard
+ secure-startup
+( D) screen-ih stdout ! \
+( D) ?usb-keyboard \
else
- banner
+( D) banner \ stdout off
probe-pci
?sound
open-keyboard
+( D) ?games \
+ ?freeze
+ probe-usb
+( D) ?usb-keyboard \
+ interpreter-init
+ secure-startup
+ then
+[else]
+ stdout off \
+ probe-pci
+ ?sound
+ open-keyboard
?games
?freeze
- optional-startup
+ ['] false to interrupt-auto-boot?
+ probe-usb
+\ " nand" $dev-update-flash
interpreter-init
-[ifndef] lx-devel
- enable-power-button
+ secure-startup
+ ['] (interrupt-auto-boot?) to interrupt-auto-boot?
+ screen-ih stdout !
+ banner
+ ?usb-keyboard
[then]
- auto-boot
- then
+ auto-boot
blue-letters ." Type 'help' for more information." black-letters
cr cr
Modified: cpu/x86/pc/olpc/gui.fth
===================================================================
--- cpu/x86/pc/olpc/gui.fth 2007-09-29 19:16:30 UTC (rev 646)
+++ cpu/x86/pc/olpc/gui.fth 2007-09-29 19:25:03 UTC (rev 647)
@@ -3,6 +3,7 @@
d# 0 d# 0 2value first-icon-xy
0 0 2value icon-xy
+0 0 2value last-xy
0 value text-y
: ?next-row ( -- )
@@ -14,15 +15,15 @@
then
;
-: show-565 ( image-adr,len -- )
+: prep-565 ( image-adr,len -- bits-adr x y w h )
drop
dup " C565" comp abort" Not in C565 format"
dup 4 + le-w@ to image-width
dup 6 + le-w@ to image-height
8 +
?next-row
+ icon-xy to last-xy
icon-xy image-width image-height
- " draw-rectangle" $call-screen
;
: $get-image ( filename$ -- true | adr,len false )
@@ -34,13 +35,21 @@
;
: $show ( filename$ -- )
not-screen? if 2drop exit then
- $get-image if exit then 2dup show-565 free-mem
+ 0 to image-width \ In case $show fails
+ $get-image if exit then
+ 2dup prep-565 " draw-transparent-rectangle" $call-screen
+ free-mem
;
-: $show&advance ( filename$ -- )
- 0 to image-width \ In case $show fails
- $show
+: $show-opaque ( filename$ -- )
+ not-screen? if 2drop exit then
+ $get-image if exit then
+ 2dup prep-565 " draw-rectangle" $call-screen
+ free-mem
+;
+: advance ( -- )
icon-xy image-width 0 d+ to icon-xy
;
+: $show&advance ( filename$ -- ) $show advance ;
: fix-cursor ( -- ) cursor-on ['] user-ok to (ok) user-ok ;
@@ -247,7 +256,7 @@
\ Make the terminal emulator use a region that avoids the logo area
: avoid-logo ( -- )
- 0 h# f ( fg-color bg-color )
+ screen-ih package( foreground-color background-color )package ( fg-color bg-color )
screen-wh drop char-wh drop d# 80 * - 2/ ( fg-color bg-color x )
text-y ( fg-color bg-color x y )
char-wh drop d# 80 * ( fg-color bg-color x y w )
@@ -309,7 +318,9 @@
avoid-logo
0 to image-width 0 to image-height \ In case $show-bmp fails
- " rom:olpc.565" $show&advance
+[ifdef] old-way
+ " rom:olpc.565" $show&advance
+[then]
icon-xy to first-icon-xy
@@ -347,13 +358,13 @@
h# 32 buffer: icon-name
-: show-icon-file ( basename$ -- )
+: show-icon ( basename$ -- )
" rom:" icon-name pack $cat ( )
" .565" icon-name $cat ( )
- icon-name count $show&advance ( )
+ icon-name count $show ( )
;
-: ?show-icon ( adr len -- )
+: ?show-package-icon ( adr len -- )
locate-device if exit then ( phandle )
" icon" 2 pick get-package-property 0= if ( phandle prop$ )
@@ -362,19 +373,19 @@
then ( phandle )
" iconname" 2 pick get-package-property 0= if ( phandle prop$ )
- get-encoded-string show-icon-file ( phandle )
+ get-encoded-string show-icon advance ( phandle )
drop exit
then ( phandle )
" name" 2 pick get-package-property 0= if ( phandle prop$ )
- get-encoded-string show-icon-file ( phandle )
+ get-encoded-string show-icon advance ( phandle )
drop exit
then ( phandle )
drop
;
: (?show-device) ( adr len -- adr len )
- not-screen? 0= if 2dup ?show-icon then
+ not-screen? 0= if 2dup ?show-package-icon then
;
' (?show-device) to ?show-device
Added: cpu/x86/pc/olpc/images/check.565
===================================================================
(Binary files differ)
Property changes on: cpu/x86/pc/olpc/images/check.565
___________________________________________________________________
Name: svn:executable
+ *
Name: svn:mime-type
+ application/octet-stream
Added: cpu/x86/pc/olpc/images/check.bmp
===================================================================
(Binary files differ)
Property changes on: cpu/x86/pc/olpc/images/check.bmp
___________________________________________________________________
Name: svn:executable
+ *
Name: svn:mime-type
+ application/octet-stream
Added: cpu/x86/pc/olpc/images/darkdot.565
===================================================================
(Binary files differ)
Property changes on: cpu/x86/pc/olpc/images/darkdot.565
___________________________________________________________________
Name: svn:executable
+ *
Name: svn:mime-type
+ application/octet-stream
Added: cpu/x86/pc/olpc/images/darkdot.bmp
===================================================================
(Binary files differ)
Property changes on: cpu/x86/pc/olpc/images/darkdot.bmp
___________________________________________________________________
Name: svn:executable
+ *
Name: svn:mime-type
+ application/octet-stream
Added: cpu/x86/pc/olpc/images/develkey.565
===================================================================
(Binary files differ)
Property changes on: cpu/x86/pc/olpc/images/develkey.565
___________________________________________________________________
Name: svn:executable
+ *
Name: svn:mime-type
+ application/octet-stream
Added: cpu/x86/pc/olpc/images/develkey.bmp
===================================================================
(Binary files differ)
Property changes on: cpu/x86/pc/olpc/images/develkey.bmp
___________________________________________________________________
Name: svn:executable
+ *
Name: svn:mime-type
+ application/octet-stream
Added: cpu/x86/pc/olpc/images/lightdot.565
===================================================================
(Binary files differ)
Property changes on: cpu/x86/pc/olpc/images/lightdot.565
___________________________________________________________________
Name: svn:executable
+ *
Name: svn:mime-type
+ application/octet-stream
Added: cpu/x86/pc/olpc/images/lightdot.bmp
===================================================================
(Binary files differ)
Property changes on: cpu/x86/pc/olpc/images/lightdot.bmp
___________________________________________________________________
Name: svn:executable
+ *
Name: svn:mime-type
+ application/octet-stream
Added: cpu/x86/pc/olpc/images/lock.565
===================================================================
(Binary files differ)
Property changes on: cpu/x86/pc/olpc/images/lock.565
___________________________________________________________________
Name: svn:executable
+ *
Name: svn:mime-type
+ application/octet-stream
Added: cpu/x86/pc/olpc/images/lock.bmp
===================================================================
(Binary files differ)
Property changes on: cpu/x86/pc/olpc/images/lock.bmp
___________________________________________________________________
Name: svn:executable
+ *
Name: svn:mime-type
+ application/octet-stream
Added: cpu/x86/pc/olpc/images/minus.565
===================================================================
(Binary files differ)
Property changes on: cpu/x86/pc/olpc/images/minus.565
___________________________________________________________________
Name: svn:executable
+ *
Name: svn:mime-type
+ application/octet-stream
Added: cpu/x86/pc/olpc/images/minus.bmp
===================================================================
(Binary files differ)
Property changes on: cpu/x86/pc/olpc/images/minus.bmp
___________________________________________________________________
Name: svn:executable
+ *
Name: svn:mime-type
+ application/octet-stream
Added: cpu/x86/pc/olpc/images/plus.565
===================================================================
(Binary files differ)
Property changes on: cpu/x86/pc/olpc/images/plus.565
___________________________________________________________________
Name: svn:executable
+ *
Name: svn:mime-type
+ application/octet-stream
Added: cpu/x86/pc/olpc/images/plus.bmp
===================================================================
(Binary files differ)
Property changes on: cpu/x86/pc/olpc/images/plus.bmp
___________________________________________________________________
Name: svn:executable
+ *
Name: svn:mime-type
+ application/octet-stream
Added: cpu/x86/pc/olpc/images/sad.565
===================================================================
(Binary files differ)
Property changes on: cpu/x86/pc/olpc/images/sad.565
___________________________________________________________________
Name: svn:executable
+ *
Name: svn:mime-type
+ application/octet-stream
Added: cpu/x86/pc/olpc/images/sad.bmp
===================================================================
(Binary files differ)
Property changes on: cpu/x86/pc/olpc/images/sad.bmp
___________________________________________________________________
Name: svn:executable
+ *
Name: svn:mime-type
+ application/octet-stream
Modified: cpu/x86/pc/olpc/images/sd.565
===================================================================
(Binary files differ)
Modified: cpu/x86/pc/olpc/images/sd.bmp
===================================================================
(Binary files differ)
Added: cpu/x86/pc/olpc/images/topkey.565
===================================================================
(Binary files differ)
Property changes on: cpu/x86/pc/olpc/images/topkey.565
___________________________________________________________________
Name: svn:executable
+ *
Name: svn:mime-type
+ application/octet-stream
Added: cpu/x86/pc/olpc/images/topkey.bmp
===================================================================
(Binary files differ)
Property changes on: cpu/x86/pc/olpc/images/topkey.bmp
___________________________________________________________________
Name: svn:executable
+ *
Name: svn:mime-type
+ application/octet-stream
Added: cpu/x86/pc/olpc/images/unlock.565
===================================================================
(Binary files differ)
Property changes on: cpu/x86/pc/olpc/images/unlock.565
___________________________________________________________________
Name: svn:executable
+ *
Name: svn:mime-type
+ application/octet-stream
Added: cpu/x86/pc/olpc/images/unlock.bmp
===================================================================
(Binary files differ)
Property changes on: cpu/x86/pc/olpc/images/unlock.bmp
___________________________________________________________________
Name: svn:executable
+ *
Name: svn:mime-type
+ application/octet-stream
Added: cpu/x86/pc/olpc/images/x.565
===================================================================
(Binary files differ)
Property changes on: cpu/x86/pc/olpc/images/x.565
___________________________________________________________________
Name: svn:executable
+ *
Name: svn:mime-type
+ application/octet-stream
Added: cpu/x86/pc/olpc/images/x.bmp
===================================================================
(Binary files differ)
Property changes on: cpu/x86/pc/olpc/images/x.bmp
___________________________________________________________________
Name: svn:executable
+ *
Name: svn:mime-type
+ application/octet-stream
Added: cpu/x86/pc/olpc/images/xogray.565
===================================================================
(Binary files differ)
Property changes on: cpu/x86/pc/olpc/images/xogray.565
___________________________________________________________________
Name: svn:executable
+ *
Name: svn:mime-type
+ application/octet-stream
Added: cpu/x86/pc/olpc/images/xogray.bmp
===================================================================
(Binary files differ)
Property changes on: cpu/x86/pc/olpc/images/xogray.bmp
___________________________________________________________________
Name: svn:executable
+ *
Name: svn:mime-type
+ application/octet-stream
Added: cpu/x86/pc/olpc/images/yellowdot.565
===================================================================
(Binary files differ)
Property changes on: cpu/x86/pc/olpc/images/yellowdot.565
___________________________________________________________________
Name: svn:executable
+ *
Name: svn:mime-type
+ application/octet-stream
Added: cpu/x86/pc/olpc/images/yellowdot.bmp
===================================================================
(Binary files differ)
Property changes on: cpu/x86/pc/olpc/images/yellowdot.bmp
___________________________________________________________________
Name: svn:executable
+ *
Name: svn:mime-type
+ application/octet-stream
Modified: cpu/x86/pc/olpc/loaddropins.fth
===================================================================
--- cpu/x86/pc/olpc/loaddropins.fth 2007-09-29 19:16:30 UTC (rev 646)
+++ cpu/x86/pc/olpc/loaddropins.fth 2007-09-29 19:25:03 UTC (rev 647)
@@ -28,13 +28,34 @@
" ${BP}/ofw/inet/telnetd.fth" " telnetd" $add-deflated-dropin
- " ${BP}/cpu/x86/pc/olpc/images/olpclogo.565" " olpc.565" $add-deflated-dropin
- " ${BP}/cpu/x86/pc/olpc/images/laptop.565" " nandflash.565" $add-deflated-dropin
+ " ${BP}/cpu/x86/pc/olpc/images/lightdot.565" " lightdot.565" $add-deflated-dropin
+ " ${BP}/cpu/x86/pc/olpc/images/yellowdot.565" " yellowdot.565" $add-deflated-dropin
+ " ${BP}/cpu/x86/pc/olpc/images/darkdot.565" " darkdot.565" $add-deflated-dropin
+ " ${BP}/cpu/x86/pc/olpc/images/lock.565" " lock.565" $add-deflated-dropin
+ " ${BP}/cpu/x86/pc/olpc/images/unlock.565" " unlock.565" $add-deflated-dropin
+ " ${BP}/cpu/x86/pc/olpc/images/plus.565" " plus.565" $add-deflated-dropin
+ " ${BP}/cpu/x86/pc/olpc/images/minus.565" " minus.565" $add-deflated-dropin
+ " ${BP}/cpu/x86/pc/olpc/images/x.565" " x.565" $add-deflated-dropin
+ " ${BP}/cpu/x86/pc/olpc/images/sad.565" " sad.565" $add-deflated-dropin
+
+\ " ${BP}/cpu/x86/pc/olpc/images/topkey.565" " topkey.565" $add-deflated-dropin
+\ " ${BP}/cpu/x86/pc/olpc/images/dot0.565" " mark0.565" $add-deflated-dropin
+\ " ${BP}/cpu/x86/pc/olpc/images/dot1.565" " mark1.565" $add-deflated-dropin
+\ " ${BP}/cpu/x86/pc/olpc/images/dot2.565" " mark2.565" $add-deflated-dropin
+\ " ${BP}/cpu/x86/pc/olpc/images/dot3.565" " mark3.565" $add-deflated-dropin
+\ " ${BP}/cpu/x86/pc/olpc/images/lock2.565" " lock2.565" $add-deflated-dropin
+\ " ${BP}/cpu/x86/pc/olpc/images/unlock2.565" " unlock2.565" $add-deflated-dropin
+ " ${BP}/cpu/x86/pc/olpc/images/check.565" " check.565" $add-deflated-dropin
+\ " ${BP}/cpu/x86/pc/olpc/images/leasekey.565" " leasekey.565" $add-deflated-dropin
+ " ${BP}/cpu/x86/pc/olpc/images/xogray.565" " xogray.565" $add-deflated-dropin
+\ " ${BP}/cpu/x86/pc/olpc/images/olpclogo.565" " olpc.565" $add-deflated-dropin
+ " ${BP}/cpu/x86/pc/olpc/images/laptop.565" " nand.565" $add-deflated-dropin
+ " ${BP}/cpu/x86/pc/olpc/images/laptop.565" " fastnand.565" $add-deflated-dropin
" ${BP}/cpu/x86/pc/olpc/images/ethernet.565" " ethernet.565" $add-deflated-dropin
- " ${BP}/cpu/x86/pc/olpc/images/usbkey.565" " usbdisk.565" $add-deflated-dropin
+ " ${BP}/cpu/x86/pc/olpc/images/usbkey.565" " disk.565" $add-deflated-dropin
" ${BP}/cpu/x86/pc/olpc/images/wireless.565" " wlan.565" $add-deflated-dropin
" ${BP}/cpu/x86/pc/olpc/images/xo.565" " xo.565" $add-deflated-dropin
- " ${BP}/cpu/x86/pc/olpc/images/sd.565" " sdmmc.565" $add-deflated-dropin
+ " ${BP}/cpu/x86/pc/olpc/images/sd.565" " sd.565" $add-deflated-dropin
" ${BP}/ofw/termemu/gallant.obf" " font" $add-deflated-dropin
@@ -43,3 +64,5 @@
" fw.public" " fwpubkey" $add-dropin \ Incompressible
" lease.public" " leasepubkey" $add-dropin \ Incompressible
" developer.public" " develpubkey" $add-dropin \ Incompressible
+
+ " hasher.img" " hasher" $add-deflated-dropin
Modified: cpu/x86/pc/olpc/security.fth
===================================================================
--- cpu/x86/pc/olpc/security.fth 2007-09-29 19:16:30 UTC (rev 646)
+++ cpu/x86/pc/olpc/security.fth 2007-09-29 19:25:03 UTC (rev 647)
@@ -3,7 +3,11 @@
\ Specs at http://wiki.laptop.org/go/Firmware_Security
-: developer-device-list " disk sd nand" ;
+: security-failure ( -- )
+ ." Security failure" cr
+ d# 10000 ms power-off
+;
+
: boot-device-list " disk sd nand" ;
true value debug-security?
@@ -131,7 +135,8 @@
\ bundle whose name is constructed from the current settings of the
\ device (DN), path (PN), filename head (CN), and filename body (FN).
-: bundle-present? ( -- flag )
+: bundle-present? ( fn$ -- flag )
+ fn-buf place
bundle-name$
" Trying " ?lease-debug 2dup ?lease-debug-cr
['] (boot-read) catch if 2drop false exit then
@@ -166,6 +171,11 @@
hashname place ( data$ sig$ )
pubkey$ hashname count signature-bad? 0= ( okay? )
+ dup if
+ " Signature valid" ?lease-debug-cr
+ else
+ " Signature invalid" ?lease-debug-cr
+ then
;
\ earliest is the earliest acceptable date value (in seconds).
@@ -374,12 +384,6 @@
4drop -1 exit
then ( sig$ expiration$ )
check-machine-signature ( -1|1 )
-
- dup 0< if
- " has bad signature" ?lease-debug-cr
- else
- " valid" ?lease-debug-cr
- then
;
\ lease-valid? tries to read a lease file from the currently-selected
@@ -391,6 +395,7 @@
" ${DN}:\security\lease.sig" expand$ ( name$ )
" Trying " ?lease-debug 2dup ?lease-debug-cr
r/o open-file if drop false exit then ( ih )
+ load-started
>r ( r: ih )
" Lease " ?lease-debug ( r: ih )
leasekey$ to pubkey$ ( r: ih )
@@ -400,8 +405,8 @@
then ( actual -eof? )
while ( actual )
sec-line-buf swap check-lease case ( -1|0|1 )
- 1 of r> close-file drop true exit endof
- -1 of r> close-file drop false exit endof
+ 1 of r> close-file drop " unlock" show-icon true exit endof
+ -1 of r> close-file drop " lock" show-icon false exit endof
endcase
repeat
r> close-file drop false
@@ -414,7 +419,7 @@
\ present) or "actos.zip" (the activation version of the OS).
: ?leased ( -- )
- lease-valid? if " run" else " act" then cn-buf place
+ lease-valid? if " run" else " act" then cn-buf place
;
\ olpc-load-image is factor that is close the top level of the
@@ -425,22 +430,18 @@
\ "runos.zip" according to whether or not a valid lease for
\ this machine is present on the same device.
-: olpc-load-image ( list$ dirname$ -- okay? )
- pn-buf place ( list$ )
+: olpc-load-image ( list$ -- okay? )
begin dup while ( list$ )
bl left-parse-string ( list$ devname$ )
dn-buf place ( list$' )
?leased ( list$ )
- bundle-present? if ( list$ )
+ " os" bundle-present? if ( list$ )
" OS found - " ?lease-debug
0 hashname c!
oskey$ to pubkey$
img$ sig$ valid? if
- " Signature valid" ?lease-debug-cr
img$ tuck load-base swap move !load-size
2drop true exit
- else
- " Signature invalid" ?lease-debug-cr
then
then ( list$ )
repeat ( list$ )
@@ -453,21 +454,41 @@
\ the NAND FLASH for an alternate OS image.
: secure-load ( -- okay? )
- load-crypto if ( )
- ." Can't get crypto code" cr ( )
- false exit
- then ( )
+ load-crypto if false exit then
get-my-sn if false exit then
get-date if false exit then
- " os" fn-buf place
-
- boot-device-list " \boot" olpc-load-image if true exit then
- " nand" " \boot-alt" olpc-load-image if true exit then
+ " \boot" pn-buf place boot-device-list olpc-load-image if true exit then
+ " \boot-alt" pn-buf place " nand" olpc-load-image if true exit then
false
;
+0 value alternate?
+: set-alternate ( -- )
+ button-o game-key? if true to alternate? exit then
+ h# 82 cmos@ [char] A = if
+ [char] N h# 82 cmos!
+ true to alternate? exit
+ then
+ false to alternate?
+;
+
+0 0 2value base-xy
+: show-check ( -- )
+ icon-xy base-xy to icon-xy " check" show-icon to icon-xy
+;
+: +icon-xy ( delta-x,y -- ) icon-xy d+ to icon-xy ;
+
+: show-dot ( -- )
+ alternate? if " yellowdot" else " lightdot" then show-icon
+;
+: show-x ( -- ) " x" show-icon ;
+: show-sad ( -- ) " sad" show-icon ;
+: show-lock ( -- ) " lock" show-icon ;
+: show-unlock ( -- ) " unlock" show-icon ;
+
+
\ secure-load-ramdisk is called during the process of preparing an
\ OS image for execution. It looks for an initrd bundle file on
\ the same device where the OS image was found, in a file named
@@ -490,27 +511,28 @@
['] load-path behavior >r ( r: xt )
['] ramdisk-buf to load-path ( r: xt )
- " rd" fn-buf place
- bundle-present? if
+ d# 16 0 +icon-xy show-dot
+ \ cn-buf is already set as a result of the ?leased that
+ \ happened before loading the OS file
+ " rd" bundle-present? if
r> to load-path
" RD found - " ?lease-debug
0 hashname c!
img$ sig$ valid? if
- " Signature valid" ?lease-debug-cr
+ show-unlock
load-base to ramdisk-adr
img$ dup to /ramdisk ( adr len )
load-base swap move ( )
exit
else
- " Signature invalid" ?lease-debug-cr
+ show-unlock
fail-load
then
then
r> to load-path
;
-
\ secure-boot performs the secure boot process
: secure-boot ( -- )
@@ -527,12 +549,12 @@
" wp" find-tag if 2drop true to secure? then
;
-\ ?secure-boot performs either the secure boot algorithm or the
+\ do-secure-boot performs either the secure boot algorithm or the
\ historical boot algorithm depending on the presence of a "wp"
\ manufacturing data tag.
-: ?secure-boot ( -- ) secure? if secure-boot else boot then ;
-" ?secure-boot" ' boot-command set-config-string-default
+: do-secure-boot ( -- ) secure? if secure-boot else boot then ;
+\ " do-secure-boot" ' boot-command set-config-string-default
\ check-devel-key tests the developer signature string "dev01$".
@@ -559,8 +581,10 @@
: has-developer-key? ( -- flag )
" ${DN}:\security\develop.sig" expand$ ( name$ )
+ " Trying " ?lease-debug 2dup ?lease-debug-cr
r/o open-file if drop false exit then ( ih )
>r
+ load-started
begin
sec-line-buf /sec-line-max r@ read-line if ( actual -eof? )
2drop r> close-file drop false exit
@@ -577,71 +601,153 @@
\ developer? searches a list of devices (given by "developer-device-list")
\ for a valid developer key
-: developer? ( -- flag )
- get-my-sn if false exit then
+: checked-load-started ( -- )
+ not-screen? if exit then
+ show-check
+;
+\ ' checked-load-started to load-started
+\ noop to load-started
- load-crypto if ( )
- ." Can't get crypt code" cr ( )
- false exit
- then ( )
+: ?toggle-secure ( -- ) button-x game-key? if secure? 0= to secure? then ;
- developer-device-list ( list$ )
- begin dup while ( list$ )
- bl left-parse-string dn-buf place ( list$' )
- has-developer-key? if ( list$' )
- 2drop true exit
- then ( list$ )
- repeat ( list$ )
- 2drop false
+6 buffer: fw#buf
+: (fw-version) ( base-adr -- n )
+ h# f.ffc7 + fw#buf 5 move
+ fw#buf 4 + c@ bl = if [char] 0 fw#buf 4 + c! then
+ base @ >r d# 36 base !
+ fw#buf 5 $number if
+ show-x
+ ." Invalid firmware version number" security-failure
+ then
+ pop-base
;
+: firmware-up-to-date? ( img$ -- )
+ /flash <> if show-x ." Invalid Firmware image" security-failure then ( adr )
+ (fw-version) ( file-version# )
+ rom-pa (fw-version) ( file-version# rom-version# )
+ u<=
+;
-fexit
+: load-from-device ( devname$ -- done? )
-Firmware security use cases:
+ d# 16 0 +icon-xy show-dot
+ null$ cn-buf place
+ " bootfw" bundle-present? if
+ " FW found - " ?lease-debug
-a) load image signing:
+ img$ firmware-up-to-date? if
+ " plus" show-icon
+ " current FW is up-to-date" ?lease-debug-cr
+ else
+ " minus" show-icon
+ " new - " ?lease-debug
+ 0 hashname c!
+ fwkey$ to pubkey$
+ img$ sig$ valid? if
+ img$ tuck flash-buf swap move ( len )
+ ?image-valid ( )
+ true to file-loaded?
+ " Updating firmware" ?lease-debug
-Package: {run,act}{os,rd}.zip
-Expiration: none
-Signed object: OS or RD image file in .zip file
-Signature: sha256_rsa256.sig in .zip file
-Verification Algorithm: sha256 -> rsa256
-Verification Key: OLPC-run-public-key
+ \ Latch alternate? flag for next startup
+ alternate? if [char] A h# 82 cmos! then
-Rule: Don't run the image if the signature fails
+ reflash \ Should power-off and reboot
+ show-x
+ ." Reflash returned, unexpectedly" cr
+ security-failure
+ then
+ show-lock
+ then
+ then
-b) Firmware update key
+ d# 16 0 +icon-xy show-dot
+ ?leased \ Sets cn-buf
-Package: /boot/bootfw.zip
-Expiration: none (but should be versioned to avoid repeated updates)
-Signed object: image in .zip file
-Signature1: sha255.rsa in .zip file
-Signature2: whirl.rsa in .zip file
-Verification Algorithm: sha256 -> rsa256, whirlpool -> rsa256
-Verification Key: OLPC-fw-public-key
+ d# 16 0 +icon-xy show-dot
+ " os" bundle-present? if
+ " OS found - " ?lease-debug
+ 0 hashname c!
+ oskey$ to pubkey$
+ img$ sig$ valid? if
+ img$ tuck load-base swap move !load-size
+ show-unlock
+ true exit
+ then
+ show-lock
+ then
+ false ( done? )
+;
-Rule: If the developer key is valid, enter unlocked firmware state
+: filesystem-present? ( -- flag )
+ " ${DN}:\" expand$ ( name$ )
+ open-dev dup if dup close-dev then
+ 0<>
+;
-c) Developer key
+0 0 2value next-xy
+: load-from-list ( list$ -- devkey? )
+ begin dup while ( list$ )
+ bl left-parse-string ( list$ devname$ )
+ 2dup dn-buf place ( list$ devname$ )
-Package: /security/develop.key
-Expiration: none
-Signed object: <serial#>:<uuid>:00000000T000000Z (representing the machine)
-Signature: rsa256 data in sig01 line
-Verification Algorithm: rsa256
-Verification Key: OLPC-devel-public-key
+ show-icon ( list$ xy )
+ icon-xy to base-xy
+ icon-xy image-width 0 d+ to next-xy ( list$ )
-Rule: If the developer key is valid, enter unlocked firmware state
+ filesystem-present? if
-d) Activation lease
+ d# 5 d# 77 +icon-xy show-dot
+ has-developer-key? if
+ show-unlock
+ true exit
+ then
-Package: /security/lease
-Expiration: Yes - time on signature line
-Signed object: <serial#>:<uuid>:<expiration time> (representing the machine)
-Signature: rsa256 data in sig01 line
-Verification Algorithm: rsa256
-Verification Key: OLPC-act-public-key
+ load-from-device if
+ 2drop
+ ['] secure-load-ramdisk to load-ramdisk
+ " init-program" $find if execute go then
+ show-x
+ security-failure
+ then
+ then
-Rule: If the lease is invalid, invoke act{os,rd}.zip instead of run{os,rd}.zip
+ next-xy to icon-xy
+ repeat ( list$ )
+ " sad" show-icon
+ 2drop false
+;
+: text-on screen-ih stdout ! ;
+: persistent-devkey? ( -- flag ) " dk" find-tag dup if nip nip then ;
+
+: all-devices$ ( -- list$ ) " disk sd fastnand nand" ;
+: secure-startup ( -- )
+ ['] noop to ?show-device
+ ['] noop to load-done
+ ['] noop to load-started
+
+ set-alternate
+
+ d# 552 d# 383 to icon-xy " rom:xogray.565" $show-opaque
+ d# 410 d# 540 to icon-xy \ For boot progress reports
+
+ button-check game-key? if text-on then
+ ?toggle-secure
+
+ secure? 0= if exit then
+
+ persistent-devkey? if exit then
+
+ get-my-sn if ." No serial number" cr show-sad security-failure then
+ get-date if ." Invalid system date" cr show-sad security-failure then
+
+ load-crypto if show-sad security-failure then ( )
+
+ alternate? if " \boot-alt" else " \boot" then pn-buf place
+
+ all-devices$ load-from-list if exit then \ Returns only if no images found
+
+ ." Boot failed" cr show-sad security-failure
+;
Modified: dev/geode/display/gxfb.fth
===================================================================
--- dev/geode/display/gxfb.fth 2007-09-29 19:16:30 UTC (rev 646)
+++ dev/geode/display/gxfb.fth 2007-09-29 19:25:03 UTC (rev 647)
@@ -555,9 +555,10 @@
map-frame-buffer
bytes/pixel case
1 of frame-buffer-adr /fb h# 0f fill endof
- 2 of frame-buffer-adr /fb h# ffff wfill endof
+ 2 of frame-buffer-adr /fb h# c0 dup dup rgb>565 wfill endof
4 of frame-buffer-adr /fb h# ffff.ffff lfill endof
endcase
+ 7 to background-color
;
: display-remove ( -- )
Modified: dev/video/common/rectangle16.fth
===================================================================
--- dev/video/common/rectangle16.fth 2007-09-29 19:16:30 UTC (rev 646)
+++ dev/video/common/rectangle16.fth 2007-09-29 19:25:03 UTC (rev 647)
@@ -29,6 +29,24 @@
loop ( adr' wbytes fbadr' )
3drop
;
+
+: draw-transparent-rectangle ( adr x y w h -- )
+ rectangle-setup ( adr wbytes fbadr h )
+ >r rot r> ( wbytes fbadr adr h )
+ 0 ?do ( wbytes fbadr adr )
+ 2 pick 0 ?do ( wbytes fbadr adr )
+ dup w@ >r wa1+ r> ( wbytes fbadr adr' color )
+ dup h# ffff = if ( wbytes fbadr adr color )
+ drop ( wbytes fbadr adr )
+ else ( wbytes fbadr adr color )
+ 2 pick i + w! ( wbytes fbadr adr )
+ then ( wbytes fbadr adr )
+ /w +loop ( wbytes fbadr adr )
+ swap /scanline + swap ( wbytes fbadr' adr )
+ loop ( wbytes fbadr' adr' )
+ 3drop
+;
+
: read-rectangle ( adr x y w h -- )
rectangle-setup 0 ?do ( adr wbytes fbadr )
3dup -rot move ( adr wbytes fbadr )
Modified: ofw/termemu/fb16.fth
===================================================================
--- ofw/termemu/fb16.fth 2007-09-29 19:16:30 UTC (rev 646)
+++ ofw/termemu/fb16.fth 2007-09-29 19:25:03 UTC (rev 647)
@@ -93,7 +93,8 @@
aa 00 00 rgb>565 , \ Dark red
aa 00 aa rgb>565 , \ Dark magenta
aa 55 aa rgb>565 , \ Brown
- aa aa aa rgb>565 , \ Light gray
+\ aa aa aa rgb>565 , \ Light gray
+ c0 c0 c0 rgb>565 , \ Light gray (OLPC background)
55 55 55 rgb>565 , \ Dark gray
55 55 ff rgb>565 , \ Light blue
55 ff 55 rgb>565 , \ Light green
@@ -117,7 +118,7 @@
text-foreground16 screen-background16 fb16-invert
;
: fb16-erase-screen ( -- )
- frame-buffer-adr bytes/line16 screen-height * screen-background16 fb-fill
+ frame-buffer-adr bytes/line16 screen-height * screen-background16 wfill
;
: fb16-blink-screen ( -- ) \ Better done by poking the DAC
fb16-invert-screen fb16-invert-screen
@@ -156,7 +157,7 @@
headerless
: move-line16 ( src-line-adr dst-line-adr -- ) emu-bytes/line fb-move ;
-: erase-line16 ( line-adr -- ) emu-bytes/line screen-background16 fb-fill ;
+: erase-line16 ( line-adr -- ) emu-bytes/line screen-background16 wfill ;
: erase-lines16 ( last-line first-line -- )
?do i erase-line16 bytes/line16 +loop
;
@@ -208,7 +209,7 @@
: erase-chars16 ( #chars start-col# -- )
swap char-width 2* * swap ( #bytes start-col# )
column-adr16 char-height 0 do ( #bytes adr )
- 2dup swap text-background16 fb-fill ( #bytes adr )
+ 2dup swap text-background16 wfill ( #bytes adr )
bytes/line16 + ( #bytes adr' )
loop 2drop ( )
;
More information about the OpenBIOS
mailing list