From c1aff767a63828508d83b3cc92771f3745dfd27b Mon Sep 17 00:00:00 2001 From: Michael Cardell Widerkrantz Date: Thu, 24 Oct 2024 16:42:56 +0200 Subject: [PATCH 1/3] Removed whitespace --- README.md | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index fc1187a..39f421b 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,3 @@ - [![ci](https://github.com/tillitis/tkey-devtools/actions/workflows/ci.yaml/badge.svg?branch=main&event=push)](https://github.com/tillitis/tkey-devtools/actions/workflows/ci.yaml) # tkey-tools @@ -9,8 +8,8 @@ This repository contains some development tools for the - `tkey-runapp`: A simple development tool to load and start any TKey device app. -- `run-tkey-qemu`: Script around our - [TKey emulator](https://github.com/tillitis/qemu) OCI image +- `run-tkey-qemu`: Script around our [TKey + emulator](https://github.com/tillitis/qemu) OCI image `ghcr.io/tillitis/tkey-qemu-tk1-23.03.1`. See the [TKey Developer Handbook](https://dev.tillitis.se/) for how to From cebf3230d0edbf65f23430038d2f6f18d5fb10c4 Mon Sep 17 00:00:00 2001 From: Michael Cardell Widerkrantz Date: Sat, 26 Oct 2024 00:44:43 +0200 Subject: [PATCH 2/3] Add tkey-app-builder - Add a tkey-app-builder OCI image source: contrib/tkey-app-builder.dockerfile - Move the qemu source under contrib. - Update documentation to reflect this. --- README.md | 30 ++++++------ contrib/Makefile | 49 +++++++++++++++++++ contrib/tkey-app-builder.dockerfile | 12 +++++ .../tkey-qemu.dockerfile | 2 + tools/spdx-ensure | 1 - 5 files changed, 78 insertions(+), 16 deletions(-) create mode 100644 contrib/Makefile create mode 100644 contrib/tkey-app-builder.dockerfile rename tkey-qemu.dockerfile => contrib/tkey-qemu.dockerfile (97%) diff --git a/README.md b/README.md index 39f421b..5865384 100644 --- a/README.md +++ b/README.md @@ -1,16 +1,21 @@ [![ci](https://github.com/tillitis/tkey-devtools/actions/workflows/ci.yaml/badge.svg?branch=main&event=push)](https://github.com/tillitis/tkey-devtools/actions/workflows/ci.yaml) -# tkey-tools +# tkey-devtools -This repository contains some development tools for the -[Tillitis](https://tillitis.se/) TKey USB security stick. +Some development tools for the [Tillitis](https://tillitis.se/) TKey +USB security stick. - `tkey-runapp`: A simple development tool to load and start any TKey device app. -- `run-tkey-qemu`: Script around our [TKey - emulator](https://github.com/tillitis/qemu) OCI image - `ghcr.io/tillitis/tkey-qemu-tk1-23.03.1`. +- Source to build and run OCI images for apps development in C + (device) and Go (client): tkey-app-builder. See `contrib`. + +- Source to build an OCI image of the QEMU-based [TKey + emulator](https://github.com/tillitis/qemu). See `contrib`. + +- `run-tkey-qemu`: A script to run the above in a container and export + the the serial port as a pty outside the container. See the [TKey Developer Handbook](https://dev.tillitis.se/) for how to develop your own apps, how to run and debug them in the emulator or on @@ -34,23 +39,18 @@ $ make If you want to use podman and you have `make` you can run: ``` -$ podman pull ghcr.io/tillitis/tkey-builder:2 +$ podman pull ghcr.io/tillitis/tkey-builder $ make podman ``` -or run podman directly with - -``` -$ podman run --rm --mount type=bind,source=.,target=/src -w /src -it ghcr.io/tillitis/tkey-builder:2 make -j -``` - -To install: +To install under Linux: ``` sudo make install ``` -If you want to reload the udev rules to access the TKey use: +Note that this installs Linux udev rules to enable you to access the +TKey. If you want to reload the udev rules to access the TKey use: ``` sudo make reload-rules diff --git a/contrib/Makefile b/contrib/Makefile new file mode 100644 index 0000000..806422c --- /dev/null +++ b/contrib/Makefile @@ -0,0 +1,49 @@ +# Copyright (C) 2022, 2023 - Tillitis AB +# SPDX-License-Identifier: GPL-2.0-only + +# image produced by build-image targets +BUILDQEMUIMAGE=qemu-local +BUILDAPPIMAGE=tkey-app-builder-local + +# default images used when running a container +APPIMAGE=tkey-app-builder-local +EMUIMAGE=ghcr.io/tillitis/tkey-qemu-tk1-23.03.1 + +help: all + +all: + @echo "Targets:" + @echo "run-app Run a shell using image '$(APPIMAGE)' for app development" + @echo "pull-app Pull down the image '$(APPIMAGE)'" + @echo "build-app-image Build a development image named '$(BUILDAPPIMAGE)'" + @echo " A newly built image can be used like: make IMAGE=$(BUILDAPPIMAGE) run" + + + @echo "run-emu Run a shell using image '$(EMUIMAGE)' for the TKey emulator" + @echo "pull-emu Pull down the image '$(EMUIMAGE)'" + @echo "build-emu-image Build a toolchain image named '$(BUILDEMUIMAGE)'" + @echo " A newly built image can be used like: make IMAGE=$(BUILDEMUIMAGE) run" + +.PHONY: run-app +run-app: + podman run --rm --mount type=bind,source="`pwd`/../",target=/build -w /build -it $(BUILDAPPIMAGE) + +.PHONY: pull-app +pull-app: + podman pull $(APPIMAGE) + +.PHONY: build-app-image +build-app-image: + podman build -t $(BUILDAPPIMAGE) -f tkey-app-builder.dockerfile + +.PHONY: run-emu +run-emu: + podman run --rm --mount type=bind,source="`pwd`/../",target=/build -w /build -it $(EMUIMAGE) + +.PHONY: pull-emu +pull-emu: + podman pull $(EMUIMAGE) + +.PHONY: build-emu-image +build-emu-image: + podman build -t $(EMUIMAGE) -f tkey-qemu.dockerfile diff --git a/contrib/tkey-app-builder.dockerfile b/contrib/tkey-app-builder.dockerfile new file mode 100644 index 0000000..7beb4e2 --- /dev/null +++ b/contrib/tkey-app-builder.dockerfile @@ -0,0 +1,12 @@ +# Copyright (C) 2024 Tillitis AB +# SPDX-License-Identifier: GPL-2.0-only + +FROM alpine:3.20 + +RUN apk add --no-cache \ + clang \ + clang-extra-tools \ + go \ + lld \ + llvm \ + make diff --git a/tkey-qemu.dockerfile b/contrib/tkey-qemu.dockerfile similarity index 97% rename from tkey-qemu.dockerfile rename to contrib/tkey-qemu.dockerfile index c510f5c..35357e7 100644 --- a/tkey-qemu.dockerfile +++ b/contrib/tkey-qemu.dockerfile @@ -1,3 +1,5 @@ +# Copyright (C) 2023 Tillitis AB +# SPDX-License-Identifier: GPL-2.0-only # This is the tag in the https://github.com/tillitis/tillitis-key1 repo with # the firmware that our TKey/QEMU will run. The published tkey-qemu image will diff --git a/tools/spdx-ensure b/tools/spdx-ensure index bfd3c78..d2e9be8 100755 --- a/tools/spdx-ensure +++ b/tools/spdx-ensure @@ -22,7 +22,6 @@ missingok_files=( LICENSE Makefile README.md -tkey-qemu.dockerfile go.mod go.sum gon.hcl From 7befd319559cccac50d3bf1b179bc341e83806ae Mon Sep 17 00:00:00 2001 From: Michael Cardell Widerkrantz Date: Sat, 26 Oct 2024 01:27:10 +0200 Subject: [PATCH 3/3] Fix qemu OCI image build Temporary fix to make qemu build with our new tkey-app-builder by installing missing package for Python venv and some more supporting packages to be able to build. The 444ee3d26c3acf651ff1bbb12023034ccee6ed68 commit to build the firmware doesn't seem to exist anymore in tillitis-key1 so we use the TK1-23.03.2 tag instead. Of course the digest will be different when we build with new version of the tools. We have to figure this out somehow, that is build a Bellatrix version of a more modern codebase. We probably also want to make the Ubuntu runtime slimmer. --- contrib/tkey-qemu.dockerfile | 27 +++++++++++++-------------- 1 file changed, 13 insertions(+), 14 deletions(-) diff --git a/contrib/tkey-qemu.dockerfile b/contrib/tkey-qemu.dockerfile index 35357e7..054c1be 100644 --- a/contrib/tkey-qemu.dockerfile +++ b/contrib/tkey-qemu.dockerfile @@ -5,38 +5,37 @@ # the firmware that our TKey/QEMU will run. The published tkey-qemu image will # have this as part of its name, the tag is then used for versioning the image # (could be updates to the TKey QEMU machine). -ARG TKEYREPO_TAG=TK1-23.03.1 +ARG TKEYREPO_TAG=TK1-23.03.2 # This is what we'll actually checkout when building the firmware. It # really is the firmware as of the TK1-tag above, but a couple of # commits later where the firmware checksum was committed! -ARG TKEYREPO_TREEISH=444ee3d26c3acf651ff1bbb12023034ccee6ed68 +#ARG TKEYREPO_TREEISH=444ee3d26c3acf651ff1bbb12023034ccee6ed68 # Using tkey-builder image for building since it has the deps. -FROM ghcr.io/tillitis/tkey-builder:2 AS builder +#FROM ghcr.io/tillitis/tkey-builder:2 AS builder +FROM tkey-app-builder-local AS builder -ARG TKEYREPO_TREEISH - -# Cleaning up /usr/local since we will later COPY all from there -RUN rm -rf \ - /usr/local/bin/* \ - /usr/local/pico-sdk \ - /usr/local/repo-commit-* \ - /usr/local/share/icebox \ - /usr/local/share/yosys +RUN apk add --no-cache \ + bash \ + git \ + glib-dev \ + ninja \ + python3 \ + py3-virtualenv RUN git clone -b tk1 --depth=1 https://github.com/tillitis/qemu /src/qemu \ && mkdir /src/qemu/build WORKDIR /src/qemu/build RUN ../configure --target-list=riscv32-softmmu --disable-werror \ - && make -j "$(nproc --ignore=2)" \ + && make -j "$(nproc --ignore=2)" qemu-system-riscv32 \ && make install \ && git >/usr/local/repo-commit-tillitis--qemu describe --all --always --long --dirty RUN git clone https://github.com/tillitis/tillitis-key1 /src/tkey WORKDIR /src/tkey/hw/application_fpga # QEMU needs the .elf, but we build .bin to check sum -RUN git checkout ${TKEYREPO_TREEISH} \ +RUN git checkout ${TKEYREPO_TAG} \ && make firmware.bin && sha512sum -c firmware.bin.sha512 \ && make firmware.elf && cp -af firmware.elf firmware-noconsole.elf \ && make clean \