Skip to content

Oemconfig example

Overview

Oemconfig.so can be programmed to blacklist certain shared objects which have security vulnerabilities. DSP restricts any shared object from loading on to DSP, which is blacklisted in oemconfig.so

oemconfig.so generation

  • Information pertaining to shared objects and their respective versions stored in JSON format
  • Blacklisting can be either with library version or library hash.
  • Shared objects and blacklisted version pairs are stored in a dictionary like format in an array of JSON strings. Versioning Scheme should stick to the format defined below. Versions should only contain integers. "\"lib_vers_pairs\":[\"library1:4.3.0\", \"library2:3.4\"],"
  • Hash details are stored as a string of hex values (64 Hex values corresponding to a 32 byte hash) "\"lib_hash\":[\"72557abe35e4dc5abc58bca2b3b5a32a45a89cd34e53efa3ba4c332a45afe2aa\"],"
  • It is not required to provide "\"chip_id\", "\"tcg_codesig\" and "\"tcg_testsig\" for blacklisting shared objects using "\"lib_vers_pairs\" and "\"lib_hash\". It is valid to just provide "\"lib_vers_pairs\" or "\"lib_hash\" in oemconfig, without including "\"chip_id\", "\"tcg_codesig\" and "\"tcg_testsig\".

Sample code

    #include <string.h>
    #include "oemconfig.h"


    static const char *pszSecurity = {
        "{"
            "\"chip_id\": 11,"
            "\"tcg_codesig\": [ 10, 11, 12 ],"
            "\"tcg_testsig\": [ 13, 14, 15, 16 ],"
            "\"lib_vers_pairs\":[\"libcalculator_skel.so:4.3.0\", \"library2.so:3.4\"],"
            "\"lib_hash\":[\"72557abe35e4dc5abc58bca2b3b5a32a45a89cd34e53efa3ba4c332a45afe2aa\"],"

        "}"
    };

    int getstring(const char *key, const char** psz)
    {
        if (0 == strcmp("security", key)) {
            *psz = pszSecurity;
            return 0;
        }
        return -1;
    }

Using command line

Building

The example comes with a walkthrough script called oemconfig_walkthrough.py. Please review the generic setup and walkthrough_scripts instructions to learn more about setting up your device and using walkthrough scripts. Walkthrough script automates building, running and signing the device steps mentioned in this section. You can run walkthrough script if you are stuck at any step in this section and examine the output of script and/or script itself for better understanding.

Without the walkthrough script, you will need to build Hexagon modules. This is accomplished by running the following make commands (assuming your desired Hexagon architecture version is v73):

make hexagon BUILD=Debug DSP_ARCH=v73

For more information on the build syntax, please refer to the building reference instructions.

Alternatively, you can build the same Hexagon modules with CMake.

build_cmake hexagon BUILD=Debug

To target a different DSP architecture than the default one (V73), simply use the DSP_ARCH option when using the hexagon target. For more information on CMake usage, see the CMake documentation.

Flashing on target

Let's discuss the process of flashing oemconfig on target.

If you want to run your code on target without using the walkthrough script, please use the following steps:

  • Use ADB as root and remount system read/write

    adb root
adb wait-for-device
adb remount

  • Push the Hexagon oemconfig Shared Object to the device's file system

    adb shell mkdir -p /vendor/lib/rfsa/adsp/
adb push hexagon_Debug_toolv86_v73/ship/oemconfig.so /vendor/lib/rfsa/adsp/

  • Generate and push a device-specific test signature based on the device's serial number.

    Follow the steps listed in the Use signer.py section of the signing documentation.

    Note: This step only needs to be done once as the same test signature will enable loading any module.