PREVIEW: remove the "../" prefix from everywhere

josuah · josuah · commit 3fd8e5e4637c · 2025-03-15T17:05:10.000+01:00
This is not expected to be merged, only there as support for discussion.
diff --git a/toolkit/app-write-mram.py b/toolkit/app-write-mram.py
@@ -291,11 +291,8 @@ def main():
         argList = args.images
 
     if args.skip:
-        idx = argList.find("../build/AppTocPackage.bin 0x")
-        argList = argList[idx : idx + 37]
-
-    if sys.platform == "linux" or sys.platform == "darwin":
-        argList = argList.replace("../", "")
+        idx = argList.find("build/AppTocPackage.bin 0x")
+        argList = argList[idx : idx + 35]
 
     # validate all parameters
     argList = validateArgList(action, argList.strip(), args.pad)
diff --git a/toolkit/bin/application_package.ds b/toolkit/bin/application_package.ds
@@ -1,4 +1,4 @@
-set semihosting args ../build/AppTocPackage.bin 0x8057bf50
-continue
-wait
-reset reset.hardware
+set semihosting args build/AppTocPackage.bin 0x8057bf50
+continue
+wait
+reset reset.hardware
diff --git a/toolkit/build/AppTocPackage.bin b/toolkit/build/AppTocPackage.bin
diff --git a/toolkit/build/AppTocPackage.bin.sign b/toolkit/build/AppTocPackage.bin.sign
diff --git a/toolkit/build/app-package-map.txt b/toolkit/build/app-package-map.txt
diff --git a/toolkit/build/config/app-cfg.json b/toolkit/build/config/app-cfg.json
@@ -7,7 +7,7 @@
     },
     "BLINK-HE": {
         "disabled": false,
-        "binary": "m55_blink_he.bin",
+        "binary": "build/m55_blink_he.bin",
         "version" : "1.0.0",
         "signed": true,
         "cpu_id": "M55_HE",
diff --git a/toolkit/isp/recovery.py b/toolkit/isp/recovery.py
@@ -210,29 +210,25 @@ def recovery_action_no_reset(isp):
         close_isp_and_exit(isp, "Image " + alif_offset + " does not exist!")
 
     argList = (
-        "../"
-        + alif_image
+        alif_image
         + " "
         + hex(ALIF_BASE_ADDRESS)
-        + " ../"
+        + " "
         + alif_offset
         + " "
         + hex(MRAM_BASE_ADDRESS + MRAM_SIZE - 16)
     )
 
     # validate all parameters
     # argList = validateArgList(action, argList.strip())
-    if sys.platform == "linux" or sys.platform == "darwin":
-        argList = argList.replace("../", "")
-    else:
+    if sys.platform != "linux" and sys.platform != "darwin":
         argList = argList.replace("/", "\\")
 
     items = argList.split(" ")
 
     for e in range(1, len(items), 2):
         addr = items[e]
         fileName = items[e - 1]
-        fileName = fileName.replace("..\\", "")
 
         write_mram(isp, fileName, addr, False)
 
diff --git a/toolkit/utils/cert_sb_content_util.py b/toolkit/utils/cert_sb_content_util.py
@@ -75,7 +75,7 @@ def create_certificate(self):
 
         # Compute correct path.
         cert_pkg_file = self.config.cert_pkg
-        assert cert_pkg_file.startswith("../cert/")
+        assert cert_pkg_file.startswith("cert/")
         cert_pkg_file = (paths.OUTPUT_DIR / cert_pkg_file.split("/", 2)[2]).as_posix()
 
         with open(cert_pkg_file, "wb") as bin_output_file:
diff --git a/toolkit/utils/cfg/OEMSBContent_lvs_1.cfg b/toolkit/utils/cfg/OEMSBContent_lvs_1.cfg
@@ -1,55 +1,55 @@
-# This configuration file is for the offline secure boot content certificate generation tool 
-# cert_sb_content_util.py (Content Certificate Generation Tool - CCGT).
-#
-# The available parameters in this configuration file are the following
-#   • [KEY-CFG]          : Mandatory header.
-#          The internal non-configurable header.
-#   • cert-keypair       : Mandatory parameter.
-#          The file holding the RSA keypair for signing this certificate, in PEM format.
-#   • cert-keypair-pwd   : Optional. If omitted the tool prompts for direct input.
-#          The passphrase file for the keypair file, in .txt format.
-#   • load-verify-scheme : Mandatory parameter.
-#          The SW image verification scheme. Supported schemes are:
-#             - 0 : Load and verify from flash to memory.
-#             - 1 : Full hash verification in Flash, with no loading to memory.
-#             - 2 : Verify in memory.
-#             - 3 : Load from flash.
-#          Note: Option 3 is not recommended and is not allowed in Secure LCS.
-#   • crypto-type        : Mandatory parameter.
-#          The cryptographic verification and decryption mode:
-#             - 0 : Both AES and hash are calculated on the plain image.
-#             - 1 : AES is calculated on the plain image, and the hash is calculated on the encrypted image.
-#          Note: We recommend that you use the first mode.
-#   • aes-ce-id          : Mandatory parameter.
-#          The ID of the key used for encryption, matching the entity that signed the certificate chain:
-#             - 0 : None.
-#             - 1 : Kceicv (ICV).
-#             - 2 : Kce (OEM).
-#   • aes-enc-key        : Optional. Can be omitted if no encryption is needed.
-#          The text file containing the encryption key for the authenticated SW images: Kce or Kceicv.
-#          The contents of this file are comma-separated hex Bytes ("0x12,0x34 …") ending with "."
-#   • images-table       : Mandatory parameter.
-#          The text file containing the list of SW image files to be processed. Each line refers to a single image, 
-#          with the following parameters: <image file name> <32b mem load addr> <32b flash store addr> <32b image max size> 
-#          <encryption flag: 0 – not encrypted, 1 -encrypted>
-#          Notes:
-#              - If using loading scheme option 1, the memory address is 0xffffffff (nonexisting address).
-#              - If using loading scheme option 2, the storage address is 0xffffffff (non-existing address).
-#              - If encryption is used, an output file named <image file name>_enc.bin is created for each encrypted image.
-#   • nvcounter-val      : Mandatory parameter.
-#          The NV counter value:
-#             - 0..64  : The ICV counter.
-#             - 0..96  : The OEM counter.
-#             - 0..160 : The full counter, if OEM and ICV are a single entity.
-#   • cert-pkg           : Mandatory parameter.
-#         The content certificate package in binary format.
-[CNT-CFG]
-cert-keypair = key/OEMSBContent.pem
-cert-keypair-pwd = key/oem_keys_pass.pwd
-load-verify-scheme = 1
-crypto-type = 0
-aes-ce-id = 0
-aes-enc-key = key/kce.txt
-images-table = ../build/images/images.txt
-nvcounter-val = 0
-cert-pkg = ../cert/OEMSBContent.crt
+# This configuration file is for the offline secure boot content certificate generation tool
+# cert_sb_content_util.py (Content Certificate Generation Tool - CCGT).
+#
+# The available parameters in this configuration file are the following
+#   • [KEY-CFG]          : Mandatory header.
+#          The internal non-configurable header.
+#   • cert-keypair       : Mandatory parameter.
+#          The file holding the RSA keypair for signing this certificate, in PEM format.
+#   • cert-keypair-pwd   : Optional. If omitted the tool prompts for direct input.
+#          The passphrase file for the keypair file, in .txt format.
+#   • load-verify-scheme : Mandatory parameter.
+#          The SW image verification scheme. Supported schemes are:
+#             - 0 : Load and verify from flash to memory.
+#             - 1 : Full hash verification in Flash, with no loading to memory.
+#             - 2 : Verify in memory.
+#             - 3 : Load from flash.
+#          Note: Option 3 is not recommended and is not allowed in Secure LCS.
+#   • crypto-type        : Mandatory parameter.
+#          The cryptographic verification and decryption mode:
+#             - 0 : Both AES and hash are calculated on the plain image.
+#             - 1 : AES is calculated on the plain image, and the hash is calculated on the encrypted image.
+#          Note: We recommend that you use the first mode.
+#   • aes-ce-id          : Mandatory parameter.
+#          The ID of the key used for encryption, matching the entity that signed the certificate chain:
+#             - 0 : None.
+#             - 1 : Kceicv (ICV).
+#             - 2 : Kce (OEM).
+#   • aes-enc-key        : Optional. Can be omitted if no encryption is needed.
+#          The text file containing the encryption key for the authenticated SW images: Kce or Kceicv.
+#          The contents of this file are comma-separated hex Bytes ("0x12,0x34 …") ending with "."
+#   • images-table       : Mandatory parameter.
+#          The text file containing the list of SW image files to be processed. Each line refers to a single image,
+#          with the following parameters: <image file name> <32b mem load addr> <32b flash store addr> <32b image max size>
+#          <encryption flag: 0 – not encrypted, 1 -encrypted>
+#          Notes:
+#              - If using loading scheme option 1, the memory address is 0xffffffff (nonexisting address).
+#              - If using loading scheme option 2, the storage address is 0xffffffff (non-existing address).
+#              - If encryption is used, an output file named <image file name>_enc.bin is created for each encrypted image.
+#   • nvcounter-val      : Mandatory parameter.
+#          The NV counter value:
+#             - 0..64  : The ICV counter.
+#             - 0..96  : The OEM counter.
+#             - 0..160 : The full counter, if OEM and ICV are a single entity.
+#   • cert-pkg           : Mandatory parameter.
+#         The content certificate package in binary format.
+[CNT-CFG]
+cert-keypair = utils/key/OEMSBContent.pem
+cert-keypair-pwd = utils/key/oem_keys_pass.pwd
+load-verify-scheme = 1
+crypto-type = 0
+aes-ce-id = 0
+aes-enc-key = utils/key/kce.txt
+images-table = build/images/images.txt
+nvcounter-val = 0
+cert-pkg = cert/OEMSBContent.crt
diff --git a/toolkit/utils/cfg/OEMSBContent_lvs_2.cfg b/toolkit/utils/cfg/OEMSBContent_lvs_2.cfg
@@ -1,55 +1,55 @@
-# This configuration file is for the offline secure boot content certificate generation tool 
-# cert_sb_content_util.py (Content Certificate Generation Tool - CCGT).
-#
-# The available parameters in this configuration file are the following
-#   • [KEY-CFG]          : Mandatory header.
-#          The internal non-configurable header.
-#   • cert-keypair       : Mandatory parameter.
-#          The file holding the RSA keypair for signing this certificate, in PEM format.
-#   • cert-keypair-pwd   : Optional. If omitted the tool prompts for direct input.
-#          The passphrase file for the keypair file, in .txt format.
-#   • load-verify-scheme : Mandatory parameter.
-#          The SW image verification scheme. Supported schemes are:
-#             - 0 : Load and verify from flash to memory.
-#             - 1 : Full hash verification in Flash, with no loading to memory.
-#             - 2 : Verify in memory.
-#             - 3 : Load from flash.
-#          Note: Option 3 is not recommended and is not allowed in Secure LCS.
-#   • crypto-type        : Mandatory parameter.
-#          The cryptographic verification and decryption mode:
-#             - 0 : Both AES and hash are calculated on the plain image.
-#             - 1 : AES is calculated on the plain image, and the hash is calculated on the encrypted image.
-#          Note: We recommend that you use the first mode.
-#   • aes-ce-id          : Mandatory parameter.
-#          The ID of the key used for encryption, matching the entity that signed the certificate chain:
-#             - 0 : None.
-#             - 1 : Kceicv (ICV).
-#             - 2 : Kce (OEM).
-#   • aes-enc-key        : Optional. Can be omitted if no encryption is needed.
-#          The text file containing the encryption key for the authenticated SW images: Kce or Kceicv.
-#          The contents of this file are comma-separated hex Bytes ("0x12,0x34 …") ending with "."
-#   • images-table       : Mandatory parameter.
-#          The text file containing the list of SW image files to be processed. Each line refers to a single image, 
-#          with the following parameters: <image file name> <32b mem load addr> <32b flash store addr> <32b image max size> 
-#          <encryption flag: 0 – not encrypted, 1 -encrypted>
-#          Notes:
-#              - If using loading scheme option 1, the memory address is 0xffffffff (nonexisting address).
-#              - If using loading scheme option 2, the storage address is 0xffffffff (non-existing address).
-#              - If encryption is used, an output file named <image file name>_enc.bin is created for each encrypted image.
-#   • nvcounter-val      : Mandatory parameter.
-#          The NV counter value:
-#             - 0..64  : The ICV counter.
-#             - 0..96  : The OEM counter.
-#             - 0..160 : The full counter, if OEM and ICV are a single entity.
-#   • cert-pkg           : Mandatory parameter.
-#         The content certificate package in binary format.
-[CNT-CFG]
-cert-keypair = key/OEMSBContent.pem
-cert-keypair-pwd = key/oem_keys_pass.pwd
-load-verify-scheme = 2
-crypto-type = 0
-aes-ce-id = 2
-aes-enc-key = key/kce.txt
-images-table = ../build/images/images.txt
-nvcounter-val = 0
-cert-pkg = ../cert/OEMSBContent.crt
+# This configuration file is for the offline secure boot content certificate generation tool
+# cert_sb_content_util.py (Content Certificate Generation Tool - CCGT).
+#
+# The available parameters in this configuration file are the following
+#   • [KEY-CFG]          : Mandatory header.
+#          The internal non-configurable header.
+#   • cert-keypair       : Mandatory parameter.
+#          The file holding the RSA keypair for signing this certificate, in PEM format.
+#   • cert-keypair-pwd   : Optional. If omitted the tool prompts for direct input.
+#          The passphrase file for the keypair file, in .txt format.
+#   • load-verify-scheme : Mandatory parameter.
+#          The SW image verification scheme. Supported schemes are:
+#             - 0 : Load and verify from flash to memory.
+#             - 1 : Full hash verification in Flash, with no loading to memory.
+#             - 2 : Verify in memory.
+#             - 3 : Load from flash.
+#          Note: Option 3 is not recommended and is not allowed in Secure LCS.
+#   • crypto-type        : Mandatory parameter.
+#          The cryptographic verification and decryption mode:
+#             - 0 : Both AES and hash are calculated on the plain image.
+#             - 1 : AES is calculated on the plain image, and the hash is calculated on the encrypted image.
+#          Note: We recommend that you use the first mode.
+#   • aes-ce-id          : Mandatory parameter.
+#          The ID of the key used for encryption, matching the entity that signed the certificate chain:
+#             - 0 : None.
+#             - 1 : Kceicv (ICV).
+#             - 2 : Kce (OEM).
+#   • aes-enc-key        : Optional. Can be omitted if no encryption is needed.
+#          The text file containing the encryption key for the authenticated SW images: Kce or Kceicv.
+#          The contents of this file are comma-separated hex Bytes ("0x12,0x34 …") ending with "."
+#   • images-table       : Mandatory parameter.
+#          The text file containing the list of SW image files to be processed. Each line refers to a single image,
+#          with the following parameters: <image file name> <32b mem load addr> <32b flash store addr> <32b image max size>
+#          <encryption flag: 0 – not encrypted, 1 -encrypted>
+#          Notes:
+#              - If using loading scheme option 1, the memory address is 0xffffffff (nonexisting address).
+#              - If using loading scheme option 2, the storage address is 0xffffffff (non-existing address).
+#              - If encryption is used, an output file named <image file name>_enc.bin is created for each encrypted image.
+#   • nvcounter-val      : Mandatory parameter.
+#          The NV counter value:
+#             - 0..64  : The ICV counter.
+#             - 0..96  : The OEM counter.
+#             - 0..160 : The full counter, if OEM and ICV are a single entity.
+#   • cert-pkg           : Mandatory parameter.
+#         The content certificate package in binary format.
+[CNT-CFG]
+cert-keypair = utils/key/OEMSBContent.pem
+cert-keypair-pwd = utils/key/oem_keys_pass.pwd
+load-verify-scheme = 2
+crypto-type = 0
+aes-ce-id = 2
+aes-enc-key = utils/key/kce.txt
+images-table = build/images/images.txt
+nvcounter-val = 0
+cert-pkg = cert/OEMSBContent.crt
diff --git a/toolkit/utils/common/certificates.py b/toolkit/utils/common/certificates.py
@@ -297,7 +297,7 @@ def __init__(
         logger=None,
     ):
         # Compute correct path.
-        assert images_table.startswith("../build/images/")
+        assert images_table.startswith("build/images/")
         images_table = paths.OUTPUT_DIR / images_table.split("/", 3)[3]
 
         self.logger = logger
diff --git a/toolkit/utils/toc_common.py b/toolkit/utils/toc_common.py
@@ -473,7 +473,7 @@ def createContentCerts(fwsections, prefix):
             fsize = sec["uncompressedSize"]
 
         printInfo("Content Certificate1:")
-        # print("../build/" + sec['binary'] + " " + str(mem_load_address) + " " + \
+        # print("build/" + sec['binary'] + " " + str(mem_load_address) + " " + \
         #            str(sec['mramAddress']) + " " + str(fsize) + " " + encrypt)
         file.write(
             sec["binary"]
