Skip to content
This repository has been archived by the owner on Aug 5, 2022. It is now read-only.

Commit

Permalink
Initial commit.
Browse files Browse the repository at this point in the history
  • Loading branch information
@mschuetterle @busykai
mschuetterle authored and busykai committed May 25, 2018
0 parents commit 899d0bc
Show file tree
Hide file tree
Showing 12 changed files with 1,050 additions and 0 deletions.
2 changes: 2 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
*~
*.pyc
26 changes: 26 additions & 0 deletions LICENSE
Original file line number Diff line number Diff line change
@@ -0,0 +1,26 @@
Copyright (c) 2018, Intel Corporation. All rights reserved.

Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:

* Redistributions of source code must retain the above copyright notice, this
list of conditions and the following disclaimer.

* Redistributions in binary form must reproduce the above copyright notice,
this list of conditions and the following disclaimer in the documentation
and/or other materials provided with the distribution.

* Neither the name of the copyright holder nor the names of its
contributors may be used to endorse or promote products derived from
this software without specific prior written permission.

THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
15 changes: 15 additions & 0 deletions Makefile
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
# Copyright (c) 2018 Intel Corporation. All right reserved.
# See LICENSE for terms.

BINDIR := /usr/bin

all: iasimage

install: iasimage
install -D --mode=0755 iasimage ${INSTALL_ROOT}${BINDIR}/iasimage

check:


.PHONY: all check install

37 changes: 37 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,37 @@

iasimage
-----------

iasimage is a utility program for creating Intel Automotive Service (IAS) images, a binary file format understood by Intel© Slim Bootloader to load and initialize Operating Systems or Hypervisor.

iasimage supports the following features:

* Create an image (including kernel cmdline, kernel, hypervisor binary etc.)
* Attach a signature to an IAS image
* Extract components from an IAS image

## Examples

### Create an IAS image
`iasimage create -o iasImage -i 0x30000 cmdline.txt bzImage initrd`

### Create a multi-file IAS image of type #3 with default page alignment:
`iasimage create -o iasImage -i 0x30000 cmdline.txt bzImage initrd acpi Firmware1.bin --page-aligned`

### Create a multi-file IAS image of type #3 given page alignment:
`iasimage create -i 0x40000 cmdLine.txt elf1.bin cmdLine2.txt elf2.bin -o test_image.img --page-aligned=2`

Default page alignment values for multi-file images are:

* for type #3 alignment is 5
* for type #4 alignment is 4
* for type #10 alignment is 2

### Sign an IAS image
`iasimage sign -o iasImage_signed -s rsa.sig -k pub_key.pem iasImage`

### Create a signed IAS image with a private key (for development purposes only).
`iasimage create -o iasImage -i 0x30300 -d priv_key.pem cmdline.txt bzImage initrd`

### Extract components from an IAS image
`iasimage extract iasImage`
24 changes: 24 additions & 0 deletions docs/01_mcd.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
# Overview


iastool is a utility program running in host environment to create Intel Automotive Service (IAS) image files loaded by Intel Slim Bootloader.

The IAS image format consists of a header, a type specific header (optional), the image payload, a payload CRC, an RSA signature and a public key (modulus and exponent) at the end.

The image header consists a common (generic) and an optional (type specific) part.

The image payload contains the raw data or the original data file(s). It is possible to add a type-specific header (optional) containing information that is are only valid for the specific type of an image. CRC-32 checksum of the complete payload is added at the end of the payload data. To secure the image payload, an RSA signature with public key can be attached at the end of the image. Slim Bootloader loads and verifies the the IAS image using the attached signature.

iastool provides the following features:

## Combining:
Add header information at the beginning of the data file(s) and calculate the header and data CRC checksums.

## Signing:
Attache a generated RSA signature and the public key (from signing service) at the end of the image. The signature could be verified by providing the public key.

## Extracting:
Extract payload files from the IAS image.

## Signing for test with a local key:
Signing with a user provided RSA private key. This is for the development use.
150 changes: 150 additions & 0 deletions docs/02_mcd.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,150 @@
# Image format

An ias_image file consists of:

1. Generic Header
2. Type Specific Header (depends on the image type)
3. Payload
4. Payload CRC
5. RSA Signature (optional)
6. Public Key: Modulus and Exponent (optional)

![Figure 1. Ias Image Format](images/image_format.png)
*Blocks made of dash lines are optional.


## Generic Header

### ias_image Header Coding

| Field | Byte offset | Byte length | Description |
|---------------|------------:|------------:|-------------------------------------|
| Magic Pattern | 0 | 4 | This field identifies the structure |
| Image Type | 4 | 4 | The image type (Bit field) |
| Version | 8 | 4 | Version number of the data inside the image |
| Data Length | 12 | 4 | The size of payload (data) in image |
| Data Offset | 16 | 4 | The offset to payload data from header |
| Uncompressed Data Length | 20 | 4 | Uncompressed data length |
| Header CRC | 24 | 4 | CRC-32C over entire header |

Format: 7 x 32 Bit unsigned int

### Magic Pattern

Value to identify at the beginning of an image.

> MAGIC_PATTERN = 0x2E6B7069; /* ".kpi" */
> Format: 32 Bit unsigned int
Optional: Could be used as a valid flag for update process.

### Image Type

The content of an iasImage is described by the image type field at offset 0x4 in the generic header. It consists of five sub-fields that are laid out as follows:

| Field | Bit range | Description |
| ----------- | --------: | ------------------------------------------------------------------------ |
| Reserved | 0:7 | These bits are reserved for future use |
| Signed | 8 | Set if the image is signed (that is, the RSA signature field is present) |
| HaveKey | 9 | Set if the public key (modulus plus exponent) is present |
| Version | 10:15 | Reserved |
| ImageType | 16:31 | The tag that identifies the image type |

> Format: 32 Bit unsigned int
The supported Image types are listed in the next chapter.

### Version

Version number of the data inside the image which is used for the update process.

> Format: 32 Bit unsigned int
### Data Length

Data Length only specifies the length of the data inside the image excluding the type specific header.

> Format: 32 Bit unsigned int
### Data Offset

Offset where the data starts inside the image.

> Format: 32 Bit unsigned int
### Uncompressed Data Length

Specifies the uncompressed data length if there is an compressed data inside the image.
Otherwise it is the same as Data Length.

> Format: 32 Bit unsigned int
### Header CRC

CRC32 checksum of the generic header.

> Format: 32 Bit unsigned int

## Type Specific Header

Additional information belonging to a specific type of data.
On a single-file image these fields are optional and could be added by cmdline parameter [-t].
For a multi-file image the type-specific header by default contains the size of the input files.

> Format: n x 32 Bit unsigned int
Structure:

Normal image:

uint32_t - argument 1
uint32_t - argument 2
...

Multi-file image:

uint32_t - size for file 1
uint32_t - size for file 2
...


## Image Payload

The data normally consists of one file but it can be extended to multiple files depending on the user needs.
When multiple files are used they are aligned to 4 bytes (from the image starting point). Optionally files can be page aligned.


## Payload CRC

At the end a data-CRC32 checksum is added. This is calculated over the type-specific header and the payload data.

CRC32 checksum of the payload.

> Format: 4 Byte unsigned int

## RSA Signature

RSA signature (optional) of the above content will be appended at the end of the image which might be later on acquired by a bootloader if it is in a secure mode. When bootloader is not in a secure mode than RSA signature is not required at all.

It is aligned to a 256 Byte boundary by adding padding bytes.

A verification of the signature could only be done by providing the public key.

> Format: 256 Byte
> Note: It is 256 Byte aligned.

## Public Key
Public Key which is optional is added at the very end of each ias Image and contains Modulus and Exponent files:

### Modulus
> Format: 256 Byte unsigned int
### Exponent

> Format: 4 Byte unsigned int
134 changes: 134 additions & 0 deletions docs/11_type.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,134 @@
# Image types

## List of supported image types

| ID value | Description |
| -------: | ---------------------------------------------------------------- |
| 0 | unspecified (unknown) |
| 1 | Linux kernel command line - deprecated |
| 2 | Linux kernel image (bzImage) - deprecated |
| 3 | Multi-file boot image |
| 4 | Stand-alone ELF multi-boot image |
| 5 | Update package file |
| 6 | ABL Configuration image |
| 7 | Internal - calibration results stored by ABL |
| 8 | IFWI update package |
| 9 | PDR update package |
| 10 | Firmware package |
| 11 | Pre-OS checker image |


## 1. Linux command line

> Type: single-file
> File: cmdline.txt
deprecated


## 2. Linux kernel image (bzImage)

> Type: multi-file
> File: bzImage
deprecated


## 3. Multi-file boot image

> Type: multi-file
> Files: cmdline.txt, bzImage, initrd, acpi.bin, firmware1.bin, firmware2.bin, ...
The boot image (#3) combines at least a kernel command line and the Linux kernel image (bzImage).
Optional a initial RAM disk a ACPI binary (tables) and a list of firmware could be appended.
The input files are in fixed order. If some in between are not in use, they have to be added as empty files.
Optionally files can be page aligned from a given file, by adding dummy file before given file (page alignment parameter) with padded data (zeros) to align image to 4KiB.

![Figure 2. Multiple-file Boot Image Format](images/Multi_file_boot_image.png)
*Blocks made of dash lines are optional.


## 4. Stand-alone ELF multi-boot image

> Type: multi-file
> Files: cmdline1.txt, elf1.bin, cmdline2.txt, elf2.bin, ...
Optionally odd files (cmdlineX.txt) can be padded with zeros before given file (page alignment parameter) to have next file (elf) page aligned.


## 5. Update Package Image with extra header

Inside the ias Image there can be one or more optional Update Package Extra Headers used when one or more update packages are present.
Inside of each update extra header there is a description of what to do with each update package if it is present.
The structure of an update package extra header is described below:

| Field Name | Offset | Size | Description |
| ----------- | -----: | ---: | -------------------------------------------------------------- |
| Region | 0 | 1 | Defined Regions:"0"=Descriptor RO "1"=IFWI RW "4"=PDR RW |
| Res | 1 | 1 | Reserved |
| Action | 2 | 1 | Defined actions: "0"=Erase (No Update Package, No SRC address) "1"=Write (below the SRC/DST address) "2"=Copy (SRC/DST offset on SPI) |
| Res | 3 | 1 | Reserved |
| Length | 4 | 4 | Length of the data to be handled according to the above action |
| DST Address | 8 | 4 | Destination of offset address. >=0 : offset from start of region; <0 : offset (negative) from end of region |
| SRC Address | 12 | 4 | Source offset address. >=0 : offset from start of region; <0 : offset (negative) from end of region. It is region field dependent: - for Action="1"(Write), it is location inside the update image (file), measured from the payload start. - for Action="2"(Copy), it is a flash region offset. |


![Figure 3. Update Package Format](images/Update_package.png)
*Blocks made of dash lines are optional


## 6. ABL Configuration image

> Type: single-file
> File: ABL Configuration binary

## 7. Internal - calibration results stored by ABL

> Type: single-file
> File: Calibration results stored by ABL (e.g. MRC, eMMC DLL)
NOTE: This image type is updated by ABL therefore never signed (only CRC of payload is computed).
Usage of this type is exclusive for internal ABL purposes.


## 8. IFWI update package

> Type: single-file
> File: IFWI Region binary

## 9. PDR update package

> Type: single-file
> File: PDR region binary

## 10. Firmware package

> Type: multi-file
> Files: cmdline1.txt, fw1.bin, cmdline2.txt, fw1.bin, ...
The firmware package format is similar to the multi-boot format of image type #4.
This image could be used by the ABL to additionally load firmware files for the OS into memory.
Optionally odd files (cmdlineX.txt) can padded with zeros to have next file (firmware) page aligned.


## 11. Pre-OS checker image

> Type: single-file
> File: preoschecker.elf
This firmware package contains the ASIL-D Pre Operating System checker. It's function is to validate the state of the
system before passing control the operating system.

Loading

0 comments on commit 899d0bc

Please sign in to comment.