TamaGo - bare metal Go for ARM SoCs - USB armory example
Copyright (c) F-Secure Corporation
TamaGo is a project that aims to provide compilation and execution of unencumbered Go applications for bare metal ARM System-on-Chip (SoC) components.
The example application performs a variety of simple test procedures, each in its separate goroutine:
Directory and file writt/read from an in-memory filesystem.
Random bytes collection (gathered from SoC TRNG on non-emulated runs).
ECDSA signing and verification.
Test BTC transaction creation and signing.
Key derivation with DCP HSM (only on non-emulated runs).
Large memory allocation.
Once all tests are completed, and only on non-emulated hardware, the following network services are started on Ethernet over USB (ECM protocol, only supported on Linux hosts).
- SSH server on 10.0.0.1:22
- HTTP server on 10.0.0.1:80
- HTTPS server on 10.0.0.1:443
The web servers expose the following routes:
/: a welcome message
/dir: in-memory filesystem
/debug/pprof: Go runtime profiling data through pprof
/debug/charts: Go runtime profiling data through debugcharts
The SSH server expose a basic shell with the following commands:
exit, quit # close session example # launch example test code help # this help md <hex offset> <size> # memory display (use with caution) mw <hex offset> <hex data> # memory write (use with caution) rand # gather 32 bytes from TRNG via crypto/rand reboot # reset watchdog timer stack # stack trace of current goroutine stackall # stack trace of all goroutines
Build the TamaGo compiler:
git clone https://github.com/f-secure-foundry/tamago-go -b tamago1.14 cd tamago-go/src && ./all.bash cd ../bin && export TAMAGO=`pwd`/go
Build the example application:
git clone https://github.com/f-secure-foundry/tamago-example cd tamago-example && make
Executing and debugging
Copy the compiled application on an external microSD card (replace
0) or the internal eMMC (replace
1), then launch it from the
U-Boot console as follows:
ext2load mmc $dev:1 0x90000000 example bootelf -p 0x90000000
For non-interactive execution modify the U-Boot configuration accordingly.
The standard output can be accessed through the
and the following
picocom -b 115200 -eb /dev/ttyUSB2 --imap lfcrlf
The application can be debugged with GDB over JTAG using
openocd and the
gdbinit debugging helpers published
# start openocd daemon openocd -f interface/ftdi/jtagkey.cfg -f imx6ull.cfg # connect to the OpenOCD command line telnet localhost 4444 # debug with GDB arm-none-eabi-gdb -x gdbinit example
Hardware breakpoints can be set in the usual way:
hb ecdsa.Verify continue
The target can be executed under emulation as follows:
cd tamago-example && make qemu
The emulated target can be debugged with GDB by adding the
-S -s flags to the
previous execution command, this will make qemu waiting for a GDB connection
that can be launched as follows:
arm-none-eabi-gdb -ex "target remote 127.0.0.1:1234" example
Breakpoints can be set in the usual way:
b ecdsa.Verify continue
tamago | https://github.com/f-secure-foundry/tamago
Copyright (c) F-Secure Corporation
This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation under version 3 of the License.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
See accompanying LICENSE file for full details.
The TamaGo logo is adapted from the Go gopher designed by Renee French and licensed under the Creative Commons 3.0 Attributions license. Go Gopher vector illustration by Hugo Arganda.