Cherry pick for API_LEVEL_5

.github/workflows/build_all_apps.yml

@@ -128,9 +128,7 @@ env:
 \"app-terra\",
 \"app-symbol\",
 \"app-arweave\",
-\"app-ravencoin\",
 \"app-vechain\",
-\"app-avalanche-legacy\",
 \"app-decred\",
 \"app-cryptocom\",
 \"app-icp\",

Makefile.app_params

@@ -0,0 +1,121 @@
+#*******************************************************************************
+#   Ledger SDK
+#   (c) 2023 Ledger
+#
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+#*******************************************************************************
+
+# Command to print ICONNAME hexadecimal bitmap on stdout
+# according to the hardware target.
+ifeq ($(TARGET_NAME),TARGET_STAX)
+ICONHEX_CMD=python3 $(BOLOS_SDK)/lib_nbgl/tools/icon2glyph.py --hexbitmaponly $(ICONNAME)
+else
+ICONHEX_CMD=python3 $(BOLOS_SDK)/icon3.py --hexbitmaponly $(ICONNAME)
+endif
+
+
+#########################################
+#         Parse APP_LOAD_PARAMS         #
+#########################################
+# This is necessary when makefile.standard_app is not completely used.
+# Correctly implemented apps should not set anything in APP_LOAD_PARAMS anymore
+# Potential presents info are:
+# --appFlags
+# --curve
+# --path
+# --path_slip21
+# --tlvraw
+# --dep
+# --nocrc
+# Other info are considered an error and will be silently discarded.
+
+ifneq ($(APP_LOAD_PARAMS),)
+	EXTRACTED_APP_FLAGS := $(shell python3 $(BOLOS_SDK)/extract_param.py --appFlags $(APP_LOAD_PARAMS))
+	APP_FLAGS_APP_LOAD_PARAMS += $(EXTRACTED_APP_FLAGS)
+
+	EXTRACTED_CURVE := $(shell python3 $(BOLOS_SDK)/extract_param.py --curve $(APP_LOAD_PARAMS))
+	CURVE_APP_LOAD_PARAMS += $(EXTRACTED_CURVE)
+
+	EXTRACTED_PATH := $(shell python3 $(BOLOS_SDK)/extract_param.py --path $(APP_LOAD_PARAMS))
+	PATH_APP_LOAD_PARAMS += $(EXTRACTED_PATH)
+
+	EXTRACTED_PATH_SLIP21 := $(shell python3 $(BOLOS_SDK)/extract_param.py --path_slip21 $(APP_LOAD_PARAMS))
+	PATH_SLIP21_APP_LOAD_PARAMS += $(EXTRACTED_PATH_SLIP21)
+
+	EXTRACTED_TLVRAW := $(shell python3 $(BOLOS_SDK)/extract_param.py --tlvraw $(APP_LOAD_PARAMS))
+	TLVRAW_APP_LOAD_PARAMS += $(EXTRACTED_TLVRAW)
+
+	EXTRACTED_DEP := $(shell python3 $(BOLOS_SDK)/extract_param.py --dep $(APP_LOAD_PARAMS))
+	DEP_APP_LOAD_PARAMS += $(EXTRACTED_DEP)
+
+	ifneq ($(findstring --nocrc,$(APP_LOAD_PARAMS)),)
+		ENABLE_NOCRC_APP_LOAD_PARAMS = 1
+	endif
+endif
+
+
+#########################################
+#        Generate install_params        #
+#########################################
+# Compute params to call install_params.py
+# Consider only one path_slip21 can be added, whereas LedgerBlue seems to
+# support multiple, but has the path can hold a " " in it, it mess with the
+# foreach, so we choose to restrict to only one path_slip21.
+APP_INSTALL_PARAMS = --appName $(APPNAME)
+APP_INSTALL_PARAMS += --appVersion $(APPVERSION)
+APP_INSTALL_PARAMS += `ICONHEX=\`$(ICONHEX_CMD)  2>/dev/null\` ; [ ! -z "$$ICONHEX" ] && echo "--icon $$ICONHEX"`
+APP_INSTALL_PARAMS += $(foreach curve, $(CURVE_APP_LOAD_PARAMS), --curve $(curve))
+APP_INSTALL_PARAMS += $(foreach path, $(PATH_APP_LOAD_PARAMS), --path $(path))
+ifneq ($(PATH_SLIP21_APP_LOAD_PARAMS),)
+	APP_INSTALL_PARAMS += --path_slip21 $(PATH_SLIP21_APP_LOAD_PARAMS)
+endif
+APP_INSTALL_PARAMS += $(foreach tlvraw, $(TLVRAW_APP_LOAD_PARAMS), --tlvraw $(tlvraw))
+APP_INSTALL_PARAMS += $(foreach dep, $(DEP_APP_LOAD_PARAMS), --dep $(dep))
+
+# Compute install_params tlv binary blob then expose it via a define to
+# src/app_metadata.c so that it is inserted in the binary at link time
+APP_INSTALL_PARAMS_DATA := $(shell python3 $(BOLOS_SDK)/install_params.py $(APP_INSTALL_PARAMS))
+DEFINES += APP_INSTALL_PARAMS_DATA=$(APP_INSTALL_PARAMS_DATA)
+
+#########################################
+#        Generate APP_LOAD_PARAMS       #
+#########################################
+# Rewrite APP_LOAD_PARAMS with params needed for generating the sideloading
+# APDUs.
+# This variable is then used in some Makefiles target as Ledgerblue.loadapp
+# script parameters.
+APP_LOAD_PARAMS = --targetId $(TARGET_ID)
+APP_LOAD_PARAMS += --targetVersion="$(TARGET_VERSION)"
+APP_LOAD_PARAMS += --apiLevel $(API_LEVEL)
+APP_LOAD_PARAMS += --fileName bin/app.hex
+APP_LOAD_PARAMS += --appName $(APPNAME)
+ifneq ($(APP_FLAGS_APP_LOAD_PARAMS),)
+	APP_LOAD_PARAMS += --appFlags $(APP_FLAGS_APP_LOAD_PARAMS)
+endif
+APP_LOAD_PARAMS += --delete
+APP_LOAD_PARAMS += --tlv
+APP_LOAD_PARAMS += --dataSize $$((0x`cat debug/app.map | grep _envram_data | tr -s ' ' | cut -f2 -d' ' |cut -f2 -d'x' ` - 0x`cat debug/app.map | grep _nvram_data | tr -s ' ' | cut -f2 -d' ' | cut -f2 -d'x'`))
+APP_LOAD_PARAMS += --installparamsSize $$((0x`cat debug/app.map | grep _einstall_parameters | tr -s ' ' | cut -f2 -d' ' |cut -f2 -d'x'` - 0x`cat debug/app.map | grep _install_parameters | tr -s ' ' | cut -f2 -d' ' |cut -f2 -d'x'`))
+
+ifeq ($(ENABLE_NOCRC_APP_LOAD_PARAMS), 1)
+    APP_LOAD_PARAMS += --nocrc
+endif
+
+COMMON_DELETE_PARAMS = --targetId $(TARGET_ID) --appName $(APPNAME)
+
+# Extra load parameters for loadApp script
+ifneq ($(SCP_PRIVKEY),)
+	PARAM_SCP += --rootPrivateKey $(SCP_PRIVKEY)
+	APP_LOAD_PARAMS += $(PARAM_SCP)
+	COMMON_DELETE_PARAMS += $(PARAM_SCP)
+endif

Makefile.defines

@@ -43,26 +43,17 @@ endif
 ifeq ($(SDK_HASH),)
 SDK_HASH := "None"
 endif
-# Expose API_LEVEL, SDK_VERSION and SDK_HASH to the app.
-DEFINES += API_LEVEL=$(API_LEVEL)
-DEFINES += SDK_VERSION=\"$(SDK_VERSION)\"
-DEFINES += SDK_HASH=\"$(SDK_HASH)\"
 
-# extra load parameters for loadApp script
-ifneq ($(SCP_PRIVKEY),)
-PARAM_SCP+=--rootPrivateKey $(SCP_PRIVKEY)
-endif
+# APPNAME exposed to the app as a CFLAG because it might contain spaces
+CFLAGS += -DAPPNAME=\"$(APPNAME)\"
 
-# Command to print ICONNAME hexadecimal bitmap on stdout
-# according to the hardware target.
-ifeq ($(TARGET_NAME),TARGET_STAX)
-ICONHEX_CMD=python3 $(BOLOS_SDK)/lib_nbgl/tools/icon2glyph.py --hexbitmaponly $(ICONNAME)
-else
-ICONHEX_CMD=python3 $(BOLOS_SDK)/icon3.py --hexbitmaponly $(ICONNAME)
-endif
+# API_LEVEL exposed to the app as an integer
+DEFINES += API_LEVEL=$(API_LEVEL)
 
-COMMON_LOAD_PARAMS=--tlv --targetId $(TARGET_ID) --targetVersion="$(TARGET_VERSION)" --apiLevel $(API_LEVEL) --delete --fileName bin/app.hex --appName $(APPNAME) --appVersion $(APPVERSION) --dataSize $$((0x`cat debug/app.map |grep _envram_data | tr -s ' ' | cut -f2 -d' '|cut -f2 -d'x'` - 0x`cat debug/app.map |grep _nvram_data | tr -s ' ' | cut -f2 -d' '|cut -f2 -d'x'`)) `ICONHEX=\`$(ICONHEX_CMD)  2>/dev/null\` ; [ ! -z "$$ICONHEX" ] && echo "--icon $$ICONHEX"` $(PARAM_SCP)
-COMMON_DELETE_PARAMS=--targetId $(TARGET_ID) --appName $(APPNAME) $(PARAM_SCP)
+# Define list of other items to be exposed to the app as strings
+# TARGET_ID is not in this list: it is already defined in bolos_target.h.
+APP_METADATA_LIST := TARGET TARGET_NAME APPVERSION SDK_NAME SDK_VERSION SDK_HASH
+DEFINES += $(foreach item,$(APP_METADATA_LIST), $(item)=\"$($(item))\")
 
 BUILD_DIR := build
 TARGET_BUILD_DIR := $(BUILD_DIR)/$(TARGET)
@@ -172,8 +163,8 @@ LDFLAGS  += -L$(BOLOS_SDK)/arch/st33k1/lib/
 AFLAGS   += -mcpu=cortex-m35p+nodsp -mthumb
 endif
 
-NO_UI ?= 0
-ifeq ($(NO_UI), 0)
+DISABLE_UI ?= 0
+ifeq ($(DISABLE_UI),0)
 ifeq ($(TARGET_NAME),TARGET_STAX)
 DEFINES += HAVE_BAGL_FONT_INTER_REGULAR_24PX
 DEFINES += HAVE_BAGL_FONT_INTER_SEMIBOLD_24PX

Makefile.rules

@@ -16,14 +16,12 @@
 #*******************************************************************************
 
 # temporary redef, to ensure wider compliance of the SDK with pre-1.6 apps
-ifeq ($(TARGET_NAME),$(filter $(TARGET_NAME),TARGET_NANOS TARGET_NANOX TARGET_NANOS2))
-ifeq ($(NO_UI), 0)
-SDK_SOURCE_PATH += lib_bagl lib_ux
-endif
-else ifeq ($(TARGET_NAME),TARGET_STAX)
-ifeq ($(NO_UI), 0)
-SDK_SOURCE_PATH += lib_nbgl lib_ux_stax
-endif
+ifeq ($(DISABLE_UI),0)
+    ifeq ($(TARGET_NAME),$(filter $(TARGET_NAME),TARGET_NANOS TARGET_NANOX TARGET_NANOS2))
+        SDK_SOURCE_PATH += lib_bagl lib_ux
+    else ifeq ($(TARGET_NAME),TARGET_STAX)
+        SDK_SOURCE_PATH += lib_nbgl lib_ux_stax
+    endif
 endif
 
 # adding the correct target header to sources

Makefile.rules_generic

@@ -15,6 +15,10 @@
 #  limitations under the License.
 #*******************************************************************************
 
+# Include Makefile.app_params here so that it is:
+# - included on all apps Makefile, without changing them
+# - included after apps Makefile changes on APP_LOAD_PARAMS
+include $(BOLOS_SDK)/Makefile.app_params
 
 # consider every intermediate target as final to avoid deleting intermediate files
 .SECONDARY:
@@ -88,16 +92,21 @@ $(OBJ_DIR)/%.o: %.S $(BUILD_DEPENDENCIES) prepare
 	@echo "[AS]   $@"
 	$(L)$(call as_cmdline,$(INCLUDES_PATH), $(DEFINES),$<,$@)
 
-ifeq ($(SCRIPT_LD),)
+ifeq (,$(filter $(DEFINES),BOLOS_OS_UPGRADER_APP))
+ifneq ($(SCRIPT_LD),)
+ifneq ($(ENABLE_SDK_WERROR),0)
+$(error Deprecated SCRIPT_LD setting)
+else
+$(warning Deprecated SCRIPT_LD setting)
+endif
+endif
 LDFLAGS += -L$(BOLOS_SDK)/target/$(TARGET)
 ifeq ($(IS_PLUGIN),)
 SCRIPT_LD := $(BOLOS_SDK)/target/$(TARGET)/script.ld
 else
 SCRIPT_LD := $(BOLOS_SDK)/target/$(TARGET)/plugin_script.ld
 $(info Using plugin link script: $(SCRIPT_LD))
 endif
-else
-$(info Using custom link script: $(SCRIPT_LD))
 endif
 LDFLAGS  += -T$(SCRIPT_LD)
 
@@ -111,15 +120,6 @@ $(BIN_DIR)/app.elf: $(LINK_DEPENDENCIES)
 	$(L)$(call link_cmdline,$(OBJECT_FILES) $(LDLIBS),$(BIN_DIR)/app.elf)
 	$(L)$(GCCPATH)arm-none-eabi-objcopy -O ihex -S $(BIN_DIR)/app.elf $(BIN_DIR)/app.hex
 	$(L)$(GCCPATH)arm-none-eabi-objdump -S -d $(BIN_DIR)/app.elf > $(DBG_DIR)/app.asm
-	$(L)$(call objcopy_add_section_cmdline,$(TARGET), ledger.target)
-	$(L)$(call objcopy_add_section_cmdline,$(TARGET_NAME), ledger.target_name)
-	$(L)$(call objcopy_add_section_cmdline,$(TARGET_ID), ledger.target_id)
-	$(L)$(call objcopy_add_section_cmdline,$(APPNAME), ledger.app_name)
-	$(L)$(call objcopy_add_section_cmdline,$(APPVERSION), ledger.app_version)
-	$(L)$(call objcopy_add_section_cmdline,$(API_LEVEL), ledger.api_level)
-	$(L)$(call objcopy_add_section_cmdline,$(SDK_NAME), ledger.sdk_name)
-	$(L)$(call objcopy_add_section_cmdline,$(SDK_VERSION), ledger.sdk_version)
-	$(L)$(call objcopy_add_section_cmdline,$(SDK_HASH), ledger.sdk_hash)
 
 # This targets are generated along $(OBJ_DIR)/app.elf but we can't make them co-target
 # otherwise building with `make -j` fails due to multiple threads running simultaneously
@@ -151,7 +151,14 @@ debug/app.map debug/app.asm: debug/app.%: $(DBG_DIR)/app.%
 # link_cmdline(objects,dest)		Macro that is used to format arguments for the linker
 link_cmdline = $(LD) $(LDFLAGS) -o $(2) $(1)
 ifneq ($(APP_STACK_SIZE),)
-link_cmdline += -Wl,--defsym=stack_size=$(APP_STACK_SIZE)
+ifneq ($(ENABLE_SDK_WERROR),0)
+$(error Deprecated APP_STACK_SIZE define, use APP_STACK_MIN_SIZE if really needed)
+else
+$(warning Deprecated APP_STACK_SIZE define, use APP_STACK_MIN_SIZE if really needed)
+endif
+endif
+ifneq ($(APP_STACK_MIN_SIZE),)
+link_cmdline += -Wl,--defsym=stack_min_size=$(APP_STACK_MIN_SIZE)
 endif
 
 # cc_cmdline(include,defines,src,dest)	Macro that is used to format arguments for the compiler
@@ -160,14 +167,6 @@ cc_cmdline = $(CC) -c $(CFLAGS) -MMD -MT $(OBJ_DIR)/$(basename $(notdir $(4))).o
 
 as_cmdline = $(AS) -c $(AFLAGS) $(addprefix -D,$(2)) $(addprefix -I,$(1)) -o $(4) $(3)
 
-# objcopy_add_section_cmdline(data,section_name)
-TMPFILE := $(shell mktemp)
-objcopy_add_section_cmdline = echo $(1) > $(TMPFILE) && \
-    $(GCCPATH)arm-none-eabi-objcopy --add-section $(2)="$(TMPFILE)" \
-	--set-section-flags $(2)=noload,readonly \
-	$(BIN_DIR)/app.elf $(BIN_DIR)/app.elf && \
-	rm $(TMPFILE)
-
 ### END GCC COMPILER RULES
 
 # Run Clang Static Analyzer

Makefile.standard_app

@@ -56,6 +56,13 @@ ifneq ($(DEBUG), 0)
     else
         DEFINES += PRINTF=mcu_usb_printf
     endif
+    ifneq ($(DISABLE_DEBUG_LEDGER_ASSERT), 1)
+        DEFINES += HAVE_LEDGER_ASSERT_DISPLAY
+        DEFINES += LEDGER_ASSERT_CONFIG_FILE_INFO
+    endif
+    ifneq ($(DISABLE_DEBUG_THROW), 1)
+        DEFINES += HAVE_DEBUG_THROWS
+    endif
 else
         DEFINES += PRINTF\(...\)=
 endif
@@ -75,9 +82,6 @@ endif
 #                          STANDARD DEFINES                         #
 #####################################################################
 DEFINES += $(DEFINES_LIB)
-# Added directly as a CFLAG because it might contain spaces
-CFLAGS += -DAPPNAME=\"$(APPNAME)\"
-DEFINES += APPVERSION=\"$(APPVERSION)\"
 DEFINES += MAJOR_VERSION=$(APPVERSION_M) MINOR_VERSION=$(APPVERSION_N) PATCH_VERSION=$(APPVERSION_P)
 DEFINES += IO_HID_EP_LENGTH=64
 
@@ -86,20 +90,13 @@ ifeq ($(DISABLE_STANDARD_APP_DEFINES), 1)
     DISABLE_STANDARD_USB = 1
     DISABLE_STANDARD_WEBUSB = 1
     DISABLE_STANDARD_BAGL_UX_FLOW = 1
+    DISABLE_STANDARD_SEPROXYHAL = 1
 endif
 
 ifneq ($(DISABLE_STANDARD_SNPRINTF), 1)
     DEFINES += HAVE_SPRINTF HAVE_SNPRINTF_FORMAT_U
 endif
 
-ifneq ($(DEBUG), 0)
-    # Since the PRINTF implementation uses the USB code
-    ifneq ($(TARGET_NAME),TARGET_NANOS)
-        DISABLE_STANDARD_USB = 0
-    endif
-    DISABLE_SEPROXYHAL = 0
-endif
-
 ifneq ($(DISABLE_STANDARD_USB), 1)
     DEFINES += HAVE_IO_USB HAVE_L4_USBLIB IO_USB_MAX_ENDPOINTS=4 HAVE_USB_APDU
     DEFINES += USB_SEGMENT_SIZE=64
@@ -119,7 +116,7 @@ ifneq ($(TARGET_NAME), TARGET_STAX)
 endif
 endif
 
-ifneq ($(DISABLE_SEPROXYHAL), 1)
+ifneq ($(DISABLE_STANDARD_SEPROXYHAL), 1)
     DEFINES += OS_IO_SEPROXYHAL
 endif
 
@@ -175,22 +172,14 @@ ifeq ($(HAVE_APPLICATION_FLAG_LIBRARY), 1)
 STANDARD_APP_FLAGS := $(shell echo $$(($(STANDARD_APP_FLAGS) + 0x800)))
 endif
 
-APP_FLAGS = $(shell printf '0x%x' $$(( $(STANDARD_APP_FLAGS) + $(CUSTOM_APP_FLAGS) )) )
-
-APP_LOAD_PARAMS += --appFlags $(APP_FLAGS)
-
-APP_LOAD_PARAMS += $(foreach curve, $(CURVE_APP_LOAD_PARAMS), --curve $(curve))
-
-APP_LOAD_PARAMS += $(foreach path, $(PATH_APP_LOAD_PARAMS), --path $(path))
-
-APP_LOAD_PARAMS += $(COMMON_LOAD_PARAMS)
-
 # Pending review flag
 ifeq ($(ENABLE_PENDING_REVIEW_SCREEN), 1)
-    APP_LOAD_PARAMS += --tlvraw 9F:01
+    TLVRAW_APP_LOAD_PARAMS += 9F:01
     DEFINES += HAVE_PENDING_REVIEW_SCREEN
 endif
 
+APP_FLAGS_APP_LOAD_PARAMS = $(shell printf '0x%x' $$(( $(STANDARD_APP_FLAGS) + $(CUSTOM_APP_FLAGS) )) )
+
 #####################################################################
 #                         COMPILER SETTINGS                         #
 #####################################################################

extract_param.py

@@ -0,0 +1,20 @@
+"""
+Helper to extract APP_LOAD_PARAMS parameters values.
+It takes as a first parameter the parameter name to be search and output the
+corresponding values from the rest of the script parameters.
+"""
+
+from sys import argv
+
+if __name__ == '__main__':
+
+    assert len(argv) > 2
+    searching = argv[1]
+
+    res = []
+    args = argv[2:]
+
+    for i, arg in enumerate(args):
+        if arg == searching and len(args) > i:
+            res.append(repr(args[i + 1]))
+    print(" ".join(res))

include/checks.h

@@ -23,7 +23,6 @@
 
 #define CHECK_NOT_AUDITED_TLV_TAG 0x9F
 #define CHECK_NOT_AUDITED_TLV_VAL 0x01
-#define CHECK_NOT_AUDITED_MAX_LEN 0x40
 
 void check_audited_app(void);
 #endif  // !defined(HAVE_BOLOS) && defined(HAVE_PENDING_REVIEW_SCREEN)