bcm63xx: nand: support Sercomm firmwares

Add support for Sercomm factory firmwares (AES 256 CBC encrypted).

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>

diff --git a/target/linux/bcm63xx/image/Makefile b/target/linux/bcm63xx/image/Makefile
index 5fbe8ea47011cb1f48332bd04b723c61721585b9..fdeb100dd96a88aa5f1f9cd2b0a443f140392ce8 100644 (file)
--- a/target/linux/bcm63xx/image/Makefile
+++ b/target/linux/bcm63xx/image/Makefile
@@ -223,6 +223,64 @@ define Build/cfe-part-tag
        dd if=$@.part >> $@
 endef
 
+define Build/cfe-sercomm-part
+       $(TOPDIR)/scripts/sercomm-partition-tag.py \
+               --input-file $@ \
+               --output-file $@.kernel_rootfs \
+               --part-name kernel_rootfs \
+               --part-version OpenWrt \
+               --rootfs-version $(SERCOMM_VERSION)
+
+       rm -rf $@-rootfs_lib
+       mkdir -p $@-rootfs_lib
+       echo $(SERCOMM_VERSION) > $@-rootfs_lib/lib_ver
+       $(call Build/cfe-jffs2,$@-rootfs_lib)
+       $(call Build/pad-to,$(BLOCKSIZE))
+       $(TOPDIR)/scripts/sercomm-partition-tag.py \
+               --input-file $@ \
+               --output-file $@.rootfs_lib \
+               --part-name rootfs_lib \
+               --part-version $(SERCOMM_VERSION)
+
+       rm -rf $@-bootloader
+       mkdir -p $@-bootloader
+       cp $(KDIR)/bcm63xx-cfe/$(CFE_RAM_FILE) $@-bootloader/$(CFE_RAM_JFFS2_NAME)
+       $(call Build/cfe-jffs2,$@-bootloader)
+       $(call Build/pad-to,$(BLOCKSIZE))
+       $(TOPDIR)/scripts/sercomm-partition-tag.py \
+               --input-file $@ \
+               --output-file $@.bootloader \
+               --part-name bootloader \
+               --part-version $(SERCOMM_VERSION)
+
+       mv $@.kernel_rootfs $@
+       dd if=$@.rootfs_lib >> $@
+       dd if=$@.bootloader >> $@
+endef
+
+define Build/cfe-sercomm-load
+       mv $@ $@.ser
+       echo $(SERCOMM_PID) | xxd -p -r > $@
+       sha256sum $@.ser | awk '{ print $1 }' | xxd -p -r >> $@
+       dd if=$@.ser >> $@
+       rm -f $@.ser
+endef
+
+define Build/cfe-sercomm-crypto
+       $(TOPDIR)/scripts/sercomm-crypto.py \
+               --input-file $@ \
+               --key-file $@.key \
+               --output-file $@.ser \
+               --version OpenWrt
+       $(STAGING_DIR_HOST)/bin/openssl enc -md md5 -aes-256-cbc \
+               -in $@ -out $@.enc \
+               -K `cat $@.key` \
+               -iv 00000000000000000000000000000000
+       dd if=$@.enc >> $@.ser
+       mv $@.ser $@
+       rm -f $@.enc $@.key
+endef
+
 define Build/cfe-old-bin
        $(TOPDIR)/scripts/brcmImage.pl -t -p \
                -o $@ -b $(CFE_BOARD_ID) -c $(CHIP_ID) \

diff --git a/target/linux/bcm63xx/image/bcm63xx_nand.mk b/target/linux/bcm63xx/image/bcm63xx_nand.mk
index 5483c73077e83306c261659dcbf61e9f66f5d2f8..57a895f9db4b87ba3f23467c54a0f9e530d8c0b4 100644 (file)
--- a/target/linux/bcm63xx/image/bcm63xx_nand.mk
+++ b/target/linux/bcm63xx/image/bcm63xx_nand.mk
@@ -7,6 +7,7 @@ DEVICE_VARS += CFE_RAM_FILE
 DEVICE_VARS += CFE_RAM_JFFS2_NAME CFE_RAM_JFFS2_PAD
 DEVICE_VARS += CFE_WFI_CHIP_ID CFE_WFI_FLASH_TYPE
 DEVICE_VARS += CFE_WFI_FLAGS CFE_WFI_VERSION
+DEVICE_VARS += SERCOMM_PID SERCOMM_VERSION
 
 # CFE expects a single JFFS2 partition with cferam and kernel. However,
 # it's possible to fool CFE into properly loading both cferam and kernel
@@ -36,6 +37,14 @@ define Device/bcm63xx-nand
   SUPPORTED_DEVICES := $(subst _,$(comma),$(1))
 endef
 
+define Device/sercomm-nand
+  $(Device/bcm63xx-nand)
+  IMAGES += factory.img
+  IMAGE/factory.img := append-kernel | pad-to $$$$(KERNEL_SIZE) | append-ubi | cfe-sercomm-part | gzip | cfe-sercomm-load | cfe-sercomm-crypto
+  SERCOM_PID :=
+  SERCOMM_VERSION :=
+endef
+
 ### Comtrend ###
 define Device/comtrend_vr-3032u
   $(Device/bcm63xx-nand)