# pylint: disable=E0602 import os import tools, models, ui TREZOR_MODEL = ARGUMENTS.get('TREZOR_MODEL', 'T') CMAKELISTS = int(ARGUMENTS.get('CMAKELISTS', 0)) PRODUCTION = ARGUMENTS.get('PRODUCTION', '0') == '1' BOOTLOADER_DEVEL = ARGUMENTS.get('BOOTLOADER_DEVEL', '0') == '1' HW_REVISION = ARGUMENTS.get('HW_REVISION', None) FEATURES_WANTED = ["input", "sbu", "sd_card", "rdb_led", "usb", "consumption_mask", "optiga", "haptic"] CCFLAGS_MOD = '' CPPPATH_MOD = [] CPPDEFINES_MOD = [ 'KERNEL_MODE', 'AES_128', 'USE_INSECURE_PRNG', ] SOURCE_MOD = [] SOURCE_MOD_CRYPTO = [] CPPDEFINES_HAL = [] SOURCE_HAL = [] PATH_HAL = [] RUST_UI_FEATURES = [] # modtrezorcrypto CPPPATH_MOD += [ 'vendor/trezor-crypto', 'vendor/trezor-storage', ] SOURCE_MOD += [ 'vendor/trezor-storage/flash_area.c', ] SOURCE_MOD_CRYPTO += [ 'vendor/trezor-crypto/aes/aes_modes.c', 'vendor/trezor-crypto/aes/aesccm.c', 'vendor/trezor-crypto/aes/aescrypt.c', 'vendor/trezor-crypto/aes/aeskey.c', 'vendor/trezor-crypto/aes/aestab.c', 'vendor/trezor-crypto/bignum.c', 'vendor/trezor-crypto/buffer.c', 'vendor/trezor-crypto/chacha_drbg.c', 'vendor/trezor-crypto/chacha20poly1305/chacha_merged.c', 'vendor/trezor-crypto/der.c', 'vendor/trezor-crypto/ecdsa.c', 'vendor/trezor-crypto/hmac.c', 'vendor/trezor-crypto/hmac_drbg.c', 'vendor/trezor-crypto/memzero.c', 'vendor/trezor-crypto/nist256p1.c', 'vendor/trezor-crypto/rand.c', 'vendor/trezor-crypto/rfc6979.c', 'vendor/trezor-crypto/secp256k1.c', 'vendor/trezor-crypto/sha2.c', 'vendor/trezor-crypto/tls_prf.c', ] # modtrezorui CPPPATH_MOD += [ 'vendor/micropython/lib/uzlib', ] SOURCE_MOD += [ 'embed/gfx/bitblt/gfx_bitblt.c', 'embed/gfx/bitblt/gfx_bitblt_rgb565.c', 'embed/gfx/bitblt/gfx_bitblt_rgba8888.c', 'embed/gfx/bitblt/gfx_bitblt_mono8.c', 'embed/gfx/fonts/font_bitmap.c', 'embed/gfx/fonts/fonts.c', 'embed/gfx/gfx_color.c', 'embed/gfx/gfx_draw.c', 'embed/gfx/terminal.c', 'embed/gfx/qrcode/qrcodegen.c', 'embed/io/display/display_utils.c', 'embed/util/image/image.c', 'embed/util/rsod/rsod.c', 'embed/rtl/error_handling.c', 'embed/rtl/mini_printf.c', 'vendor/micropython/lib/uzlib/adler32.c', 'vendor/micropython/lib/uzlib/crc32.c', 'vendor/micropython/lib/uzlib/tinflate.c', ] ui.init_ui(TREZOR_MODEL, "prodtest", CPPDEFINES_MOD, SOURCE_MOD, RUST_UI_FEATURES) env = Environment( ENV=os.environ, CFLAGS='%s -DPRODUCTION=%s' % (ARGUMENTS.get('CFLAGS', ''), ARGUMENTS.get('PRODUCTION', '0')), CPPDEFINES_IMPLICIT=[]) FEATURES_AVAILABLE = models.configure_board(TREZOR_MODEL, HW_REVISION, FEATURES_WANTED, env, CPPDEFINES_HAL, SOURCE_HAL, PATH_HAL) FILE_SUFFIX= env.get('ENV')['SUFFIX'] SOURCE_PRODTEST = [ f'embed/sys/startup/{FILE_SUFFIX}/startup_stage_2.s', 'embed/projects/prodtest/header.S', 'embed/projects/prodtest/main.c', 'embed/projects/prodtest/prodtest_common.c', ] if 'optiga' in FEATURES_AVAILABLE: SOURCE_PRODTEST += [ 'embed/projects/prodtest/optiga_prodtest.c', ] env.Replace( CAT='cat', CP='cp', AS='arm-none-eabi-as', AR='arm-none-eabi-ar', CC='arm-none-eabi-gcc', LINK='arm-none-eabi-gcc', SIZE='arm-none-eabi-size', STRIP='arm-none-eabi-strip', OBJCOPY='arm-none-eabi-objcopy', PYTHON='python', MAKECMAKELISTS='$PYTHON tools/make_cmakelists.py',) env.Replace( TREZOR_MODEL=TREZOR_MODEL, ) env.Replace( COPT=env.get('ENV').get('OPTIMIZE', '-Os'), CCFLAGS='$COPT ' '-g3 ' '-nostdlib ' '-std=gnu11 -Wall -Werror -Wdouble-promotion -Wpointer-arith -Wno-missing-braces -fno-common ' '-fsingle-precision-constant -fdata-sections -ffunction-sections ' '-ffreestanding ' '-fstack-protector-all ' + env.get('ENV')["CPU_CCFLAGS"] + CCFLAGS_MOD, CCFLAGS_QSTR='-DNO_QSTR -DN_X64 -DN_X86 -DN_THUMB', LINKFLAGS=f'-T build/prodtest/memory.ld -Wl,--gc-sections -Wl,-Map=build/prodtest/prodtest.map -Wl,--warn-common', CPPPATH=[ 'embed/projects/prodtest', 'embed/rtl/inc', 'embed/models', 'embed/gfx/inc', 'embed/sys/bsp/inc', 'embed/util/image/inc', 'embed/util/rsod/inc', 'embed/upymod/modtrezorui', ] + CPPPATH_MOD + PATH_HAL, CPPDEFINES=[ 'TREZOR_PRODTEST', 'TREZOR_MODEL_'+TREZOR_MODEL, 'ARM_USER_MODE', 'USE_HAL_DRIVER', ] + CPPDEFINES_MOD + CPPDEFINES_HAL, ASFLAGS=env.get('ENV')['CPU_ASFLAGS'], ASPPFLAGS='$CFLAGS $CCFLAGS', ) env.Replace( HEADERTOOL='headertool', ) env.Replace( ALLSOURCES=SOURCE_MOD + SOURCE_MOD_CRYPTO + SOURCE_PRODTEST + SOURCE_HAL, ALLDEFS=tools.get_defs_for_cmake(env['CPPDEFINES'] + env['CPPDEFINES_IMPLICIT'])) cmake_gen = env.Command( target='CMakeLists.txt', source='', action='$MAKECMAKELISTS --sources $ALLSOURCES --dirs $CPPPATH --defs $ALLDEFS', ) # # Program objects # obj_program = [] obj_program.extend(env.Object(source=SOURCE_MOD)) obj_program.extend(env.Object(source=SOURCE_MOD_CRYPTO, CCFLAGS='$CCFLAGS -ftrivial-auto-var-init=zero')) obj_program.extend(env.Object(source=SOURCE_PRODTEST)) obj_program.extend(env.Object(source=SOURCE_HAL)) MODEL_IDENTIFIER = models.get_model_identifier(TREZOR_MODEL) if (vh := ARGUMENTS.get("VENDOR_HEADER", None)): VENDORHEADER = vh elif (vh := os.environ.get("VENDOR_HEADER", None)): # TODO looking at envvars in a build script is not very nice. But justifiable in case # of vendor header which does not affect reproducibility of the build. Nonetheless, # we should figure out a cleaner way to pass in this argument, without having to teach # the Makefile about it. VENDORHEADER = f'embed/models/{MODEL_IDENTIFIER}/vendorheader/{vh}' elif PRODUCTION: VENDORHEADER = f'embed/models/{MODEL_IDENTIFIER}/vendorheader/vendorheader_prodtest_signed_prod.bin' elif BOOTLOADER_DEVEL: VENDORHEADER = f'embed/models/{MODEL_IDENTIFIER}/vendorheader/vendorheader_dev_DO_NOT_SIGN_signed_dev.bin' else: VENDORHEADER = f'embed/models/{MODEL_IDENTIFIER}/vendorheader/vendorheader_unsafe_signed_prod.bin' tools.embed_raw_binary( obj_program, env, 'vendorheader', 'embed/projects/firmware/vendorheader.o', VENDORHEADER, ) linkerscript_gen = env.Command( target='memory.ld', source=[f'embed/models/{MODEL_IDENTIFIER}/memory.ld', env.get('ENV')['LINKER_SCRIPT'].format(target='prodtest')], action='$CAT $SOURCES > $TARGET', ) program_elf = env.Command( target='prodtest.elf', source=obj_program, action= '$LINK -o $TARGET $CCFLAGS $CFLAGS $LINKFLAGS $SOURCES -lc_nano -lgcc -lm', ) env.Depends(program_elf, linkerscript_gen) BINARY_NAME = f"build/prodtest/prodtest-{models.get_model_identifier(TREZOR_MODEL)}" BINARY_NAME += "-" + tools.get_version('embed/projects/prodtest/version.h') BINARY_NAME += "-" + tools.get_git_revision_short_hash() BINARY_NAME += "-dirty" if tools.get_git_modified() else "" BINARY_NAME += ".bin" if CMAKELISTS != 0: env.Depends(program_elf, cmake_gen) program_bin = env.Command( target='prodtest.bin', source=program_elf, action=[ '$OBJCOPY -O binary -j .vendorheader -j .header -j .flash -j .data -j .confidential $SOURCE $TARGET', '$HEADERTOOL $TARGET ' + ('-D' if ARGUMENTS.get('PRODUCTION', '0') == '0' else ''), '$CP $TARGET ' + BINARY_NAME, ], )