1 /* 2 * (C) Copyright 2000-2010 3 * Wolfgang Denk, DENX Software Engineering, wd@denx.de. 4 * 5 * (C) Copyright 2008 6 * Guennadi Liakhovetski, DENX Software Engineering, lg@denx.de. 7 * 8 * SPDX-License-Identifier: GPL-2.0+ 9 */ 10 11 #define _GNU_SOURCE 12 13 #include <compiler.h> 14 #include <errno.h> 15 #include <env_flags.h> 16 #include <fcntl.h> 17 #include <linux/fs.h> 18 #include <linux/stringify.h> 19 #include <ctype.h> 20 #include <stdio.h> 21 #include <stdlib.h> 22 #include <stddef.h> 23 #include <string.h> 24 #include <sys/types.h> 25 #include <sys/ioctl.h> 26 #include <sys/stat.h> 27 #include <unistd.h> 28 29 #ifdef MTD_OLD 30 # include <stdint.h> 31 # include <linux/mtd/mtd.h> 32 #else 33 # define __user /* nothing */ 34 # include <mtd/mtd-user.h> 35 #endif 36 37 #include "fw_env.h" 38 39 struct env_opts default_opts = { 40 #ifdef CONFIG_FILE 41 .config_file = CONFIG_FILE 42 #endif 43 }; 44 45 #define DIV_ROUND_UP(n, d) (((n) + (d) - 1) / (d)) 46 47 #define min(x, y) ({ \ 48 typeof(x) _min1 = (x); \ 49 typeof(y) _min2 = (y); \ 50 (void) (&_min1 == &_min2); \ 51 _min1 < _min2 ? _min1 : _min2; }) 52 53 struct envdev_s { 54 const char *devname; /* Device name */ 55 long long devoff; /* Device offset */ 56 ulong env_size; /* environment size */ 57 ulong erase_size; /* device erase size */ 58 ulong env_sectors; /* number of environment sectors */ 59 uint8_t mtd_type; /* type of the MTD device */ 60 }; 61 62 static struct envdev_s envdevices[2] = 63 { 64 { 65 .mtd_type = MTD_ABSENT, 66 }, { 67 .mtd_type = MTD_ABSENT, 68 }, 69 }; 70 static int dev_current; 71 72 #define DEVNAME(i) envdevices[(i)].devname 73 #define DEVOFFSET(i) envdevices[(i)].devoff 74 #define ENVSIZE(i) envdevices[(i)].env_size 75 #define DEVESIZE(i) envdevices[(i)].erase_size 76 #define ENVSECTORS(i) envdevices[(i)].env_sectors 77 #define DEVTYPE(i) envdevices[(i)].mtd_type 78 79 #define CUR_ENVSIZE ENVSIZE(dev_current) 80 81 static unsigned long usable_envsize; 82 #define ENV_SIZE usable_envsize 83 84 struct env_image_single { 85 uint32_t crc; /* CRC32 over data bytes */ 86 char data[]; 87 }; 88 89 struct env_image_redundant { 90 uint32_t crc; /* CRC32 over data bytes */ 91 unsigned char flags; /* active or obsolete */ 92 char data[]; 93 }; 94 95 enum flag_scheme { 96 FLAG_NONE, 97 FLAG_BOOLEAN, 98 FLAG_INCREMENTAL, 99 }; 100 101 struct environment { 102 void *image; 103 uint32_t *crc; 104 unsigned char *flags; 105 char *data; 106 enum flag_scheme flag_scheme; 107 }; 108 109 static struct environment environment = { 110 .flag_scheme = FLAG_NONE, 111 }; 112 113 static int env_aes_cbc_crypt(char *data, const int enc, uint8_t *key); 114 115 static int HaveRedundEnv = 0; 116 117 static unsigned char active_flag = 1; 118 /* obsolete_flag must be 0 to efficiently set it on NOR flash without erasing */ 119 static unsigned char obsolete_flag = 0; 120 121 #define DEFAULT_ENV_INSTANCE_STATIC 122 #include <env_default.h> 123 124 static int flash_io (int mode); 125 static int parse_config(struct env_opts *opts); 126 127 #if defined(CONFIG_FILE) 128 static int get_config (char *); 129 #endif 130 131 static char *skip_chars(char *s) 132 { 133 for (; *s != '\0'; s++) { 134 if (isblank(*s)) 135 return s; 136 } 137 return NULL; 138 } 139 140 static char *skip_blanks(char *s) 141 { 142 for (; *s != '\0'; s++) { 143 if (!isblank(*s)) 144 return s; 145 } 146 return NULL; 147 } 148 149 /* 150 * s1 is either a simple 'name', or a 'name=value' pair. 151 * s2 is a 'name=value' pair. 152 * If the names match, return the value of s2, else NULL. 153 */ 154 static char *envmatch(char *s1, char *s2) 155 { 156 if (s1 == NULL || s2 == NULL) 157 return NULL; 158 159 while (*s1 == *s2++) 160 if (*s1++ == '=') 161 return s2; 162 if (*s1 == '\0' && *(s2 - 1) == '=') 163 return s2; 164 return NULL; 165 } 166 167 /** 168 * Search the environment for a variable. 169 * Return the value, if found, or NULL, if not found. 170 */ 171 char *fw_getenv (char *name) 172 { 173 char *env, *nxt; 174 175 for (env = environment.data; *env; env = nxt + 1) { 176 char *val; 177 178 for (nxt = env; *nxt; ++nxt) { 179 if (nxt >= &environment.data[ENV_SIZE]) { 180 fprintf (stderr, "## Error: " 181 "environment not terminated\n"); 182 return NULL; 183 } 184 } 185 val = envmatch (name, env); 186 if (!val) 187 continue; 188 return val; 189 } 190 return NULL; 191 } 192 193 /* 194 * Search the default environment for a variable. 195 * Return the value, if found, or NULL, if not found. 196 */ 197 char *fw_getdefenv(char *name) 198 { 199 char *env, *nxt; 200 201 for (env = default_environment; *env; env = nxt + 1) { 202 char *val; 203 204 for (nxt = env; *nxt; ++nxt) { 205 if (nxt >= &default_environment[ENV_SIZE]) { 206 fprintf(stderr, "## Error: " 207 "default environment not terminated\n"); 208 return NULL; 209 } 210 } 211 val = envmatch(name, env); 212 if (!val) 213 continue; 214 return val; 215 } 216 return NULL; 217 } 218 219 int parse_aes_key(char *key, uint8_t *bin_key) 220 { 221 char tmp[5] = { '0', 'x', 0, 0, 0 }; 222 unsigned long ul; 223 int i; 224 225 if (strnlen(key, 64) != 32) { 226 fprintf(stderr, 227 "## Error: '-a' option requires 16-byte AES key\n"); 228 return -1; 229 } 230 231 for (i = 0; i < 16; i++) { 232 tmp[2] = key[0]; 233 tmp[3] = key[1]; 234 errno = 0; 235 ul = strtoul(tmp, NULL, 16); 236 if (errno) { 237 fprintf(stderr, 238 "## Error: '-a' option requires valid AES key\n"); 239 return -1; 240 } 241 bin_key[i] = ul & 0xff; 242 key += 2; 243 } 244 return 0; 245 } 246 247 /* 248 * Print the current definition of one, or more, or all 249 * environment variables 250 */ 251 int fw_printenv(int argc, char *argv[], int value_only, struct env_opts *opts) 252 { 253 int i, rc = 0; 254 255 if (value_only && argc != 1) { 256 fprintf(stderr, 257 "## Error: `-n' option requires exactly one argument\n"); 258 return -1; 259 } 260 261 if (!opts) 262 opts = &default_opts; 263 264 if (fw_env_open(opts)) 265 return -1; 266 267 if (argc == 0) { /* Print all env variables */ 268 char *env, *nxt; 269 for (env = environment.data; *env; env = nxt + 1) { 270 for (nxt = env; *nxt; ++nxt) { 271 if (nxt >= &environment.data[ENV_SIZE]) { 272 fprintf (stderr, "## Error: " 273 "environment not terminated\n"); 274 return -1; 275 } 276 } 277 278 printf ("%s\n", env); 279 } 280 return 0; 281 } 282 283 for (i = 0; i < argc; ++i) { /* print a subset of env variables */ 284 char *name = argv[i]; 285 char *val = NULL; 286 287 val = fw_getenv(name); 288 if (!val) { 289 fprintf (stderr, "## Error: \"%s\" not defined\n", name); 290 rc = -1; 291 continue; 292 } 293 294 if (value_only) { 295 puts(val); 296 break; 297 } 298 299 printf("%s=%s\n", name, val); 300 } 301 302 return rc; 303 } 304 305 int fw_env_close(struct env_opts *opts) 306 { 307 int ret; 308 309 if (!opts) 310 opts = &default_opts; 311 312 if (opts->aes_flag) { 313 ret = env_aes_cbc_crypt(environment.data, 1, 314 opts->aes_key); 315 if (ret) { 316 fprintf(stderr, 317 "Error: can't encrypt env for flash\n"); 318 return ret; 319 } 320 } 321 322 /* 323 * Update CRC 324 */ 325 *environment.crc = crc32(0, (uint8_t *) environment.data, ENV_SIZE); 326 327 /* write environment back to flash */ 328 if (flash_io(O_RDWR)) { 329 fprintf(stderr, 330 "Error: can't write fw_env to flash\n"); 331 return -1; 332 } 333 334 return 0; 335 } 336 337 338 /* 339 * Set/Clear a single variable in the environment. 340 * This is called in sequence to update the environment 341 * in RAM without updating the copy in flash after each set 342 */ 343 int fw_env_write(char *name, char *value) 344 { 345 int len; 346 char *env, *nxt; 347 char *oldval = NULL; 348 int deleting, creating, overwriting; 349 350 /* 351 * search if variable with this name already exists 352 */ 353 for (nxt = env = environment.data; *env; env = nxt + 1) { 354 for (nxt = env; *nxt; ++nxt) { 355 if (nxt >= &environment.data[ENV_SIZE]) { 356 fprintf(stderr, "## Error: " 357 "environment not terminated\n"); 358 errno = EINVAL; 359 return -1; 360 } 361 } 362 if ((oldval = envmatch (name, env)) != NULL) 363 break; 364 } 365 366 deleting = (oldval && !(value && strlen(value))); 367 creating = (!oldval && (value && strlen(value))); 368 overwriting = (oldval && (value && strlen(value))); 369 370 /* check for permission */ 371 if (deleting) { 372 if (env_flags_validate_varaccess(name, 373 ENV_FLAGS_VARACCESS_PREVENT_DELETE)) { 374 printf("Can't delete \"%s\"\n", name); 375 errno = EROFS; 376 return -1; 377 } 378 } else if (overwriting) { 379 if (env_flags_validate_varaccess(name, 380 ENV_FLAGS_VARACCESS_PREVENT_OVERWR)) { 381 printf("Can't overwrite \"%s\"\n", name); 382 errno = EROFS; 383 return -1; 384 } else if (env_flags_validate_varaccess(name, 385 ENV_FLAGS_VARACCESS_PREVENT_NONDEF_OVERWR)) { 386 const char *defval = fw_getdefenv(name); 387 388 if (defval == NULL) 389 defval = ""; 390 if (strcmp(oldval, defval) 391 != 0) { 392 printf("Can't overwrite \"%s\"\n", name); 393 errno = EROFS; 394 return -1; 395 } 396 } 397 } else if (creating) { 398 if (env_flags_validate_varaccess(name, 399 ENV_FLAGS_VARACCESS_PREVENT_CREATE)) { 400 printf("Can't create \"%s\"\n", name); 401 errno = EROFS; 402 return -1; 403 } 404 } else 405 /* Nothing to do */ 406 return 0; 407 408 if (deleting || overwriting) { 409 if (*++nxt == '\0') { 410 *env = '\0'; 411 } else { 412 for (;;) { 413 *env = *nxt++; 414 if ((*env == '\0') && (*nxt == '\0')) 415 break; 416 ++env; 417 } 418 } 419 *++env = '\0'; 420 } 421 422 /* Delete only ? */ 423 if (!value || !strlen(value)) 424 return 0; 425 426 /* 427 * Append new definition at the end 428 */ 429 for (env = environment.data; *env || *(env + 1); ++env); 430 if (env > environment.data) 431 ++env; 432 /* 433 * Overflow when: 434 * "name" + "=" + "val" +"\0\0" > CUR_ENVSIZE - (env-environment) 435 */ 436 len = strlen (name) + 2; 437 /* add '=' for first arg, ' ' for all others */ 438 len += strlen(value) + 1; 439 440 if (len > (&environment.data[ENV_SIZE] - env)) { 441 fprintf (stderr, 442 "Error: environment overflow, \"%s\" deleted\n", 443 name); 444 return -1; 445 } 446 447 while ((*env = *name++) != '\0') 448 env++; 449 *env = '='; 450 while ((*++env = *value++) != '\0') 451 ; 452 453 /* end is marked with double '\0' */ 454 *++env = '\0'; 455 456 return 0; 457 } 458 459 /* 460 * Deletes or sets environment variables. Returns -1 and sets errno error codes: 461 * 0 - OK 462 * EINVAL - need at least 1 argument 463 * EROFS - certain variables ("ethaddr", "serial#") cannot be 464 * modified or deleted 465 * 466 */ 467 int fw_setenv(int argc, char *argv[], struct env_opts *opts) 468 { 469 int i; 470 size_t len; 471 char *name, **valv; 472 char *value = NULL; 473 int valc; 474 475 if (!opts) 476 opts = &default_opts; 477 478 if (argc < 1) { 479 fprintf(stderr, "## Error: variable name missing\n"); 480 errno = EINVAL; 481 return -1; 482 } 483 484 if (fw_env_open(opts)) { 485 fprintf(stderr, "Error: environment not initialized\n"); 486 return -1; 487 } 488 489 name = argv[0]; 490 valv = argv + 1; 491 valc = argc - 1; 492 493 if (env_flags_validate_env_set_params(name, valv, valc) < 0) 494 return -1; 495 496 len = 0; 497 for (i = 0; i < valc; ++i) { 498 char *val = valv[i]; 499 size_t val_len = strlen(val); 500 501 if (value) 502 value[len - 1] = ' '; 503 value = realloc(value, len + val_len + 1); 504 if (!value) { 505 fprintf(stderr, 506 "Cannot malloc %zu bytes: %s\n", 507 len, strerror(errno)); 508 return -1; 509 } 510 511 memcpy(value + len, val, val_len); 512 len += val_len; 513 value[len++] = '\0'; 514 } 515 516 fw_env_write(name, value); 517 518 free(value); 519 520 return fw_env_close(opts); 521 } 522 523 /* 524 * Parse a file and configure the u-boot variables. 525 * The script file has a very simple format, as follows: 526 * 527 * Each line has a couple with name, value: 528 * <white spaces>variable_name<white spaces>variable_value 529 * 530 * Both variable_name and variable_value are interpreted as strings. 531 * Any character after <white spaces> and before ending \r\n is interpreted 532 * as variable's value (no comment allowed on these lines !) 533 * 534 * Comments are allowed if the first character in the line is # 535 * 536 * Returns -1 and sets errno error codes: 537 * 0 - OK 538 * -1 - Error 539 */ 540 int fw_parse_script(char *fname, struct env_opts *opts) 541 { 542 FILE *fp; 543 char dump[1024]; /* Maximum line length in the file */ 544 char *name; 545 char *val; 546 int lineno = 0; 547 int len; 548 int ret = 0; 549 550 if (!opts) 551 opts = &default_opts; 552 553 if (fw_env_open(opts)) { 554 fprintf(stderr, "Error: environment not initialized\n"); 555 return -1; 556 } 557 558 if (strcmp(fname, "-") == 0) 559 fp = stdin; 560 else { 561 fp = fopen(fname, "r"); 562 if (fp == NULL) { 563 fprintf(stderr, "I cannot open %s for reading\n", 564 fname); 565 return -1; 566 } 567 } 568 569 while (fgets(dump, sizeof(dump), fp)) { 570 lineno++; 571 len = strlen(dump); 572 573 /* 574 * Read a whole line from the file. If the line is too long 575 * or is not terminated, reports an error and exit. 576 */ 577 if (dump[len - 1] != '\n') { 578 fprintf(stderr, 579 "Line %d not corrected terminated or too long\n", 580 lineno); 581 ret = -1; 582 break; 583 } 584 585 /* Drop ending line feed / carriage return */ 586 dump[--len] = '\0'; 587 if (len && dump[len - 1] == '\r') 588 dump[--len] = '\0'; 589 590 /* Skip comment or empty lines */ 591 if (len == 0 || dump[0] == '#') 592 continue; 593 594 /* 595 * Search for variable's name, 596 * remove leading whitespaces 597 */ 598 name = skip_blanks(dump); 599 if (!name) 600 continue; 601 602 /* The first white space is the end of variable name */ 603 val = skip_chars(name); 604 len = strlen(name); 605 if (val) { 606 *val++ = '\0'; 607 if ((val - name) < len) 608 val = skip_blanks(val); 609 else 610 val = NULL; 611 } 612 613 #ifdef DEBUG 614 fprintf(stderr, "Setting %s : %s\n", 615 name, val ? val : " removed"); 616 #endif 617 618 if (env_flags_validate_type(name, val) < 0) { 619 ret = -1; 620 break; 621 } 622 623 /* 624 * If there is an error setting a variable, 625 * try to save the environment and returns an error 626 */ 627 if (fw_env_write(name, val)) { 628 fprintf(stderr, 629 "fw_env_write returns with error : %s\n", 630 strerror(errno)); 631 ret = -1; 632 break; 633 } 634 635 } 636 637 /* Close file if not stdin */ 638 if (strcmp(fname, "-") != 0) 639 fclose(fp); 640 641 ret |= fw_env_close(opts); 642 643 return ret; 644 } 645 646 /* 647 * Test for bad block on NAND, just returns 0 on NOR, on NAND: 648 * 0 - block is good 649 * > 0 - block is bad 650 * < 0 - failed to test 651 */ 652 static int flash_bad_block (int fd, uint8_t mtd_type, loff_t *blockstart) 653 { 654 if (mtd_type == MTD_NANDFLASH) { 655 int badblock = ioctl (fd, MEMGETBADBLOCK, blockstart); 656 657 if (badblock < 0) { 658 perror ("Cannot read bad block mark"); 659 return badblock; 660 } 661 662 if (badblock) { 663 #ifdef DEBUG 664 fprintf (stderr, "Bad block at 0x%llx, skipping\n", 665 (unsigned long long) *blockstart); 666 #endif 667 return badblock; 668 } 669 } 670 671 return 0; 672 } 673 674 /* 675 * Read data from flash at an offset into a provided buffer. On NAND it skips 676 * bad blocks but makes sure it stays within ENVSECTORS (dev) starting from 677 * the DEVOFFSET (dev) block. On NOR the loop is only run once. 678 */ 679 static int flash_read_buf (int dev, int fd, void *buf, size_t count, 680 off_t offset, uint8_t mtd_type) 681 { 682 size_t blocklen; /* erase / write length - one block on NAND, 683 0 on NOR */ 684 size_t processed = 0; /* progress counter */ 685 size_t readlen = count; /* current read length */ 686 off_t top_of_range; /* end of the last block we may use */ 687 off_t block_seek; /* offset inside the current block to the start 688 of the data */ 689 loff_t blockstart; /* running start of the current block - 690 MEMGETBADBLOCK needs 64 bits */ 691 int rc; 692 693 blockstart = (offset / DEVESIZE (dev)) * DEVESIZE (dev); 694 695 /* Offset inside a block */ 696 block_seek = offset - blockstart; 697 698 if (mtd_type == MTD_NANDFLASH) { 699 /* 700 * NAND: calculate which blocks we are reading. We have 701 * to read one block at a time to skip bad blocks. 702 */ 703 blocklen = DEVESIZE (dev); 704 705 /* 706 * To calculate the top of the range, we have to use the 707 * global DEVOFFSET (dev), which can be different from offset 708 */ 709 top_of_range = ((DEVOFFSET(dev) / blocklen) + 710 ENVSECTORS (dev)) * blocklen; 711 712 /* Limit to one block for the first read */ 713 if (readlen > blocklen - block_seek) 714 readlen = blocklen - block_seek; 715 } else { 716 blocklen = 0; 717 top_of_range = offset + count; 718 } 719 720 /* This only runs once on NOR flash */ 721 while (processed < count) { 722 rc = flash_bad_block (fd, mtd_type, &blockstart); 723 if (rc < 0) /* block test failed */ 724 return -1; 725 726 if (blockstart + block_seek + readlen > top_of_range) { 727 /* End of range is reached */ 728 fprintf (stderr, 729 "Too few good blocks within range\n"); 730 return -1; 731 } 732 733 if (rc) { /* block is bad */ 734 blockstart += blocklen; 735 continue; 736 } 737 738 /* 739 * If a block is bad, we retry in the next block at the same 740 * offset - see common/env_nand.c::writeenv() 741 */ 742 lseek (fd, blockstart + block_seek, SEEK_SET); 743 744 rc = read (fd, buf + processed, readlen); 745 if (rc != readlen) { 746 fprintf (stderr, "Read error on %s: %s\n", 747 DEVNAME (dev), strerror (errno)); 748 return -1; 749 } 750 #ifdef DEBUG 751 fprintf(stderr, "Read 0x%x bytes at 0x%llx on %s\n", 752 rc, (unsigned long long) blockstart + block_seek, 753 DEVNAME(dev)); 754 #endif 755 processed += readlen; 756 readlen = min (blocklen, count - processed); 757 block_seek = 0; 758 blockstart += blocklen; 759 } 760 761 return processed; 762 } 763 764 /* 765 * Write count bytes at offset, but stay within ENVSECTORS (dev) sectors of 766 * DEVOFFSET (dev). Similar to the read case above, on NOR and dataflash we 767 * erase and write the whole data at once. 768 */ 769 static int flash_write_buf (int dev, int fd, void *buf, size_t count, 770 off_t offset, uint8_t mtd_type) 771 { 772 void *data; 773 struct erase_info_user erase; 774 size_t blocklen; /* length of NAND block / NOR erase sector */ 775 size_t erase_len; /* whole area that can be erased - may include 776 bad blocks */ 777 size_t erasesize; /* erase / write length - one block on NAND, 778 whole area on NOR */ 779 size_t processed = 0; /* progress counter */ 780 size_t write_total; /* total size to actually write - excluding 781 bad blocks */ 782 off_t erase_offset; /* offset to the first erase block (aligned) 783 below offset */ 784 off_t block_seek; /* offset inside the erase block to the start 785 of the data */ 786 off_t top_of_range; /* end of the last block we may use */ 787 loff_t blockstart; /* running start of the current block - 788 MEMGETBADBLOCK needs 64 bits */ 789 int rc; 790 791 /* 792 * For mtd devices only offset and size of the environment do matter 793 */ 794 if (mtd_type == MTD_ABSENT) { 795 blocklen = count; 796 top_of_range = offset + count; 797 erase_len = blocklen; 798 blockstart = offset; 799 block_seek = 0; 800 write_total = blocklen; 801 } else { 802 blocklen = DEVESIZE(dev); 803 804 top_of_range = ((DEVOFFSET(dev) / blocklen) + 805 ENVSECTORS(dev)) * blocklen; 806 807 erase_offset = (offset / blocklen) * blocklen; 808 809 /* Maximum area we may use */ 810 erase_len = top_of_range - erase_offset; 811 812 blockstart = erase_offset; 813 /* Offset inside a block */ 814 block_seek = offset - erase_offset; 815 816 /* 817 * Data size we actually write: from the start of the block 818 * to the start of the data, then count bytes of data, and 819 * to the end of the block 820 */ 821 write_total = ((block_seek + count + blocklen - 1) / 822 blocklen) * blocklen; 823 } 824 825 /* 826 * Support data anywhere within erase sectors: read out the complete 827 * area to be erased, replace the environment image, write the whole 828 * block back again. 829 */ 830 if (write_total > count) { 831 data = malloc (erase_len); 832 if (!data) { 833 fprintf (stderr, 834 "Cannot malloc %zu bytes: %s\n", 835 erase_len, strerror (errno)); 836 return -1; 837 } 838 839 rc = flash_read_buf (dev, fd, data, write_total, erase_offset, 840 mtd_type); 841 if (write_total != rc) 842 return -1; 843 844 #ifdef DEBUG 845 fprintf(stderr, "Preserving data "); 846 if (block_seek != 0) 847 fprintf(stderr, "0x%x - 0x%lx", 0, block_seek - 1); 848 if (block_seek + count != write_total) { 849 if (block_seek != 0) 850 fprintf(stderr, " and "); 851 fprintf(stderr, "0x%lx - 0x%lx", 852 (unsigned long) block_seek + count, 853 (unsigned long) write_total - 1); 854 } 855 fprintf(stderr, "\n"); 856 #endif 857 /* Overwrite the old environment */ 858 memcpy (data + block_seek, buf, count); 859 } else { 860 /* 861 * We get here, iff offset is block-aligned and count is a 862 * multiple of blocklen - see write_total calculation above 863 */ 864 data = buf; 865 } 866 867 if (mtd_type == MTD_NANDFLASH) { 868 /* 869 * NAND: calculate which blocks we are writing. We have 870 * to write one block at a time to skip bad blocks. 871 */ 872 erasesize = blocklen; 873 } else { 874 erasesize = erase_len; 875 } 876 877 erase.length = erasesize; 878 879 /* This only runs once on NOR flash and SPI-dataflash */ 880 while (processed < write_total) { 881 rc = flash_bad_block (fd, mtd_type, &blockstart); 882 if (rc < 0) /* block test failed */ 883 return rc; 884 885 if (blockstart + erasesize > top_of_range) { 886 fprintf (stderr, "End of range reached, aborting\n"); 887 return -1; 888 } 889 890 if (rc) { /* block is bad */ 891 blockstart += blocklen; 892 continue; 893 } 894 895 if (mtd_type != MTD_ABSENT) { 896 erase.start = blockstart; 897 ioctl(fd, MEMUNLOCK, &erase); 898 /* These do not need an explicit erase cycle */ 899 if (mtd_type != MTD_DATAFLASH) 900 if (ioctl(fd, MEMERASE, &erase) != 0) { 901 fprintf(stderr, 902 "MTD erase error on %s: %s\n", 903 DEVNAME(dev), strerror(errno)); 904 return -1; 905 } 906 } 907 908 if (lseek (fd, blockstart, SEEK_SET) == -1) { 909 fprintf (stderr, 910 "Seek error on %s: %s\n", 911 DEVNAME (dev), strerror (errno)); 912 return -1; 913 } 914 915 #ifdef DEBUG 916 fprintf(stderr, "Write 0x%llx bytes at 0x%llx\n", 917 (unsigned long long) erasesize, 918 (unsigned long long) blockstart); 919 #endif 920 if (write (fd, data + processed, erasesize) != erasesize) { 921 fprintf (stderr, "Write error on %s: %s\n", 922 DEVNAME (dev), strerror (errno)); 923 return -1; 924 } 925 926 if (mtd_type != MTD_ABSENT) 927 ioctl(fd, MEMLOCK, &erase); 928 929 processed += erasesize; 930 block_seek = 0; 931 blockstart += erasesize; 932 } 933 934 if (write_total > count) 935 free (data); 936 937 return processed; 938 } 939 940 /* 941 * Set obsolete flag at offset - NOR flash only 942 */ 943 static int flash_flag_obsolete (int dev, int fd, off_t offset) 944 { 945 int rc; 946 struct erase_info_user erase; 947 948 erase.start = DEVOFFSET (dev); 949 erase.length = DEVESIZE (dev); 950 /* This relies on the fact, that obsolete_flag == 0 */ 951 rc = lseek (fd, offset, SEEK_SET); 952 if (rc < 0) { 953 fprintf (stderr, "Cannot seek to set the flag on %s \n", 954 DEVNAME (dev)); 955 return rc; 956 } 957 ioctl (fd, MEMUNLOCK, &erase); 958 rc = write (fd, &obsolete_flag, sizeof (obsolete_flag)); 959 ioctl (fd, MEMLOCK, &erase); 960 if (rc < 0) 961 perror ("Could not set obsolete flag"); 962 963 return rc; 964 } 965 966 /* Encrypt or decrypt the environment before writing or reading it. */ 967 static int env_aes_cbc_crypt(char *payload, const int enc, uint8_t *key) 968 { 969 uint8_t *data = (uint8_t *)payload; 970 const int len = usable_envsize; 971 uint8_t key_exp[AES_EXPAND_KEY_LENGTH]; 972 uint32_t aes_blocks; 973 974 /* First we expand the key. */ 975 aes_expand_key(key, key_exp); 976 977 /* Calculate the number of AES blocks to encrypt. */ 978 aes_blocks = DIV_ROUND_UP(len, AES_KEY_LENGTH); 979 980 if (enc) 981 aes_cbc_encrypt_blocks(key_exp, data, data, aes_blocks); 982 else 983 aes_cbc_decrypt_blocks(key_exp, data, data, aes_blocks); 984 985 return 0; 986 } 987 988 static int flash_write (int fd_current, int fd_target, int dev_target) 989 { 990 int rc; 991 992 switch (environment.flag_scheme) { 993 case FLAG_NONE: 994 break; 995 case FLAG_INCREMENTAL: 996 (*environment.flags)++; 997 break; 998 case FLAG_BOOLEAN: 999 *environment.flags = active_flag; 1000 break; 1001 default: 1002 fprintf (stderr, "Unimplemented flash scheme %u \n", 1003 environment.flag_scheme); 1004 return -1; 1005 } 1006 1007 #ifdef DEBUG 1008 fprintf(stderr, "Writing new environment at 0x%llx on %s\n", 1009 DEVOFFSET (dev_target), DEVNAME (dev_target)); 1010 #endif 1011 1012 rc = flash_write_buf(dev_target, fd_target, environment.image, 1013 CUR_ENVSIZE, DEVOFFSET(dev_target), 1014 DEVTYPE(dev_target)); 1015 if (rc < 0) 1016 return rc; 1017 1018 if (environment.flag_scheme == FLAG_BOOLEAN) { 1019 /* Have to set obsolete flag */ 1020 off_t offset = DEVOFFSET (dev_current) + 1021 offsetof (struct env_image_redundant, flags); 1022 #ifdef DEBUG 1023 fprintf(stderr, 1024 "Setting obsolete flag in environment at 0x%llx on %s\n", 1025 DEVOFFSET (dev_current), DEVNAME (dev_current)); 1026 #endif 1027 flash_flag_obsolete (dev_current, fd_current, offset); 1028 } 1029 1030 return 0; 1031 } 1032 1033 static int flash_read (int fd) 1034 { 1035 int rc; 1036 1037 rc = flash_read_buf(dev_current, fd, environment.image, CUR_ENVSIZE, 1038 DEVOFFSET(dev_current), DEVTYPE(dev_current)); 1039 if (rc != CUR_ENVSIZE) 1040 return -1; 1041 1042 return 0; 1043 } 1044 1045 static int flash_io (int mode) 1046 { 1047 int fd_current, fd_target, rc, dev_target; 1048 1049 /* dev_current: fd_current, erase_current */ 1050 fd_current = open (DEVNAME (dev_current), mode); 1051 if (fd_current < 0) { 1052 fprintf (stderr, 1053 "Can't open %s: %s\n", 1054 DEVNAME (dev_current), strerror (errno)); 1055 return -1; 1056 } 1057 1058 if (mode == O_RDWR) { 1059 if (HaveRedundEnv) { 1060 /* switch to next partition for writing */ 1061 dev_target = !dev_current; 1062 /* dev_target: fd_target, erase_target */ 1063 fd_target = open (DEVNAME (dev_target), mode); 1064 if (fd_target < 0) { 1065 fprintf (stderr, 1066 "Can't open %s: %s\n", 1067 DEVNAME (dev_target), 1068 strerror (errno)); 1069 rc = -1; 1070 goto exit; 1071 } 1072 } else { 1073 dev_target = dev_current; 1074 fd_target = fd_current; 1075 } 1076 1077 rc = flash_write (fd_current, fd_target, dev_target); 1078 1079 if (HaveRedundEnv) { 1080 if (close (fd_target)) { 1081 fprintf (stderr, 1082 "I/O error on %s: %s\n", 1083 DEVNAME (dev_target), 1084 strerror (errno)); 1085 rc = -1; 1086 } 1087 } 1088 } else { 1089 rc = flash_read (fd_current); 1090 } 1091 1092 exit: 1093 if (close (fd_current)) { 1094 fprintf (stderr, 1095 "I/O error on %s: %s\n", 1096 DEVNAME (dev_current), strerror (errno)); 1097 return -1; 1098 } 1099 1100 return rc; 1101 } 1102 1103 /* 1104 * Prevent confusion if running from erased flash memory 1105 */ 1106 int fw_env_open(struct env_opts *opts) 1107 { 1108 int crc0, crc0_ok; 1109 unsigned char flag0; 1110 void *addr0; 1111 1112 int crc1, crc1_ok; 1113 unsigned char flag1; 1114 void *addr1; 1115 1116 int ret; 1117 1118 struct env_image_single *single; 1119 struct env_image_redundant *redundant; 1120 1121 if (!opts) 1122 opts = &default_opts; 1123 1124 if (parse_config(opts)) /* should fill envdevices */ 1125 return -1; 1126 1127 addr0 = calloc(1, CUR_ENVSIZE); 1128 if (addr0 == NULL) { 1129 fprintf(stderr, 1130 "Not enough memory for environment (%ld bytes)\n", 1131 CUR_ENVSIZE); 1132 return -1; 1133 } 1134 1135 /* read environment from FLASH to local buffer */ 1136 environment.image = addr0; 1137 1138 if (HaveRedundEnv) { 1139 redundant = addr0; 1140 environment.crc = &redundant->crc; 1141 environment.flags = &redundant->flags; 1142 environment.data = redundant->data; 1143 } else { 1144 single = addr0; 1145 environment.crc = &single->crc; 1146 environment.flags = NULL; 1147 environment.data = single->data; 1148 } 1149 1150 dev_current = 0; 1151 if (flash_io (O_RDONLY)) 1152 return -1; 1153 1154 crc0 = crc32 (0, (uint8_t *) environment.data, ENV_SIZE); 1155 1156 if (opts->aes_flag) { 1157 ret = env_aes_cbc_crypt(environment.data, 0, 1158 opts->aes_key); 1159 if (ret) 1160 return ret; 1161 } 1162 1163 crc0_ok = (crc0 == *environment.crc); 1164 if (!HaveRedundEnv) { 1165 if (!crc0_ok) { 1166 fprintf (stderr, 1167 "Warning: Bad CRC, using default environment\n"); 1168 memcpy(environment.data, default_environment, sizeof default_environment); 1169 } 1170 } else { 1171 flag0 = *environment.flags; 1172 1173 dev_current = 1; 1174 addr1 = calloc(1, CUR_ENVSIZE); 1175 if (addr1 == NULL) { 1176 fprintf(stderr, 1177 "Not enough memory for environment (%ld bytes)\n", 1178 CUR_ENVSIZE); 1179 return -1; 1180 } 1181 redundant = addr1; 1182 1183 /* 1184 * have to set environment.image for flash_read(), careful - 1185 * other pointers in environment still point inside addr0 1186 */ 1187 environment.image = addr1; 1188 if (flash_io (O_RDONLY)) 1189 return -1; 1190 1191 /* Check flag scheme compatibility */ 1192 if (DEVTYPE(dev_current) == MTD_NORFLASH && 1193 DEVTYPE(!dev_current) == MTD_NORFLASH) { 1194 environment.flag_scheme = FLAG_BOOLEAN; 1195 } else if (DEVTYPE(dev_current) == MTD_NANDFLASH && 1196 DEVTYPE(!dev_current) == MTD_NANDFLASH) { 1197 environment.flag_scheme = FLAG_INCREMENTAL; 1198 } else if (DEVTYPE(dev_current) == MTD_DATAFLASH && 1199 DEVTYPE(!dev_current) == MTD_DATAFLASH) { 1200 environment.flag_scheme = FLAG_BOOLEAN; 1201 } else if (DEVTYPE(dev_current) == MTD_UBIVOLUME && 1202 DEVTYPE(!dev_current) == MTD_UBIVOLUME) { 1203 environment.flag_scheme = FLAG_INCREMENTAL; 1204 } else if (DEVTYPE(dev_current) == MTD_ABSENT && 1205 DEVTYPE(!dev_current) == MTD_ABSENT) { 1206 environment.flag_scheme = FLAG_INCREMENTAL; 1207 } else { 1208 fprintf (stderr, "Incompatible flash types!\n"); 1209 return -1; 1210 } 1211 1212 crc1 = crc32 (0, (uint8_t *) redundant->data, ENV_SIZE); 1213 1214 if (opts->aes_flag) { 1215 ret = env_aes_cbc_crypt(redundant->data, 0, 1216 opts->aes_key); 1217 if (ret) 1218 return ret; 1219 } 1220 1221 crc1_ok = (crc1 == redundant->crc); 1222 flag1 = redundant->flags; 1223 1224 if (crc0_ok && !crc1_ok) { 1225 dev_current = 0; 1226 } else if (!crc0_ok && crc1_ok) { 1227 dev_current = 1; 1228 } else if (!crc0_ok && !crc1_ok) { 1229 fprintf (stderr, 1230 "Warning: Bad CRC, using default environment\n"); 1231 memcpy (environment.data, default_environment, 1232 sizeof default_environment); 1233 dev_current = 0; 1234 } else { 1235 switch (environment.flag_scheme) { 1236 case FLAG_BOOLEAN: 1237 if (flag0 == active_flag && 1238 flag1 == obsolete_flag) { 1239 dev_current = 0; 1240 } else if (flag0 == obsolete_flag && 1241 flag1 == active_flag) { 1242 dev_current = 1; 1243 } else if (flag0 == flag1) { 1244 dev_current = 0; 1245 } else if (flag0 == 0xFF) { 1246 dev_current = 0; 1247 } else if (flag1 == 0xFF) { 1248 dev_current = 1; 1249 } else { 1250 dev_current = 0; 1251 } 1252 break; 1253 case FLAG_INCREMENTAL: 1254 if (flag0 == 255 && flag1 == 0) 1255 dev_current = 1; 1256 else if ((flag1 == 255 && flag0 == 0) || 1257 flag0 >= flag1) 1258 dev_current = 0; 1259 else /* flag1 > flag0 */ 1260 dev_current = 1; 1261 break; 1262 default: 1263 fprintf (stderr, "Unknown flag scheme %u \n", 1264 environment.flag_scheme); 1265 return -1; 1266 } 1267 } 1268 1269 /* 1270 * If we are reading, we don't need the flag and the CRC any 1271 * more, if we are writing, we will re-calculate CRC and update 1272 * flags before writing out 1273 */ 1274 if (dev_current) { 1275 environment.image = addr1; 1276 environment.crc = &redundant->crc; 1277 environment.flags = &redundant->flags; 1278 environment.data = redundant->data; 1279 free (addr0); 1280 } else { 1281 environment.image = addr0; 1282 /* Other pointers are already set */ 1283 free (addr1); 1284 } 1285 #ifdef DEBUG 1286 fprintf(stderr, "Selected env in %s\n", DEVNAME(dev_current)); 1287 #endif 1288 } 1289 return 0; 1290 } 1291 1292 static int check_device_config(int dev) 1293 { 1294 struct stat st; 1295 int fd, rc = 0; 1296 1297 fd = open(DEVNAME(dev), O_RDONLY); 1298 if (fd < 0) { 1299 fprintf(stderr, 1300 "Cannot open %s: %s\n", 1301 DEVNAME(dev), strerror(errno)); 1302 return -1; 1303 } 1304 1305 rc = fstat(fd, &st); 1306 if (rc < 0) { 1307 fprintf(stderr, "Cannot stat the file %s\n", 1308 DEVNAME(dev)); 1309 goto err; 1310 } 1311 1312 if (S_ISCHR(st.st_mode)) { 1313 struct mtd_info_user mtdinfo; 1314 rc = ioctl(fd, MEMGETINFO, &mtdinfo); 1315 if (rc < 0) { 1316 fprintf(stderr, "Cannot get MTD information for %s\n", 1317 DEVNAME(dev)); 1318 goto err; 1319 } 1320 if (mtdinfo.type != MTD_NORFLASH && 1321 mtdinfo.type != MTD_NANDFLASH && 1322 mtdinfo.type != MTD_DATAFLASH && 1323 mtdinfo.type != MTD_UBIVOLUME) { 1324 fprintf(stderr, "Unsupported flash type %u on %s\n", 1325 mtdinfo.type, DEVNAME(dev)); 1326 goto err; 1327 } 1328 DEVTYPE(dev) = mtdinfo.type; 1329 } else { 1330 uint64_t size; 1331 DEVTYPE(dev) = MTD_ABSENT; 1332 1333 /* 1334 * Check for negative offsets, treat it as backwards offset 1335 * from the end of the block device 1336 */ 1337 if (DEVOFFSET(dev) < 0) { 1338 rc = ioctl(fd, BLKGETSIZE64, &size); 1339 if (rc < 0) { 1340 fprintf(stderr, "Could not get block device size on %s\n", 1341 DEVNAME(dev)); 1342 goto err; 1343 } 1344 1345 DEVOFFSET(dev) = DEVOFFSET(dev) + size; 1346 #ifdef DEBUG 1347 fprintf(stderr, "Calculated device offset 0x%llx on %s\n", 1348 DEVOFFSET(dev), DEVNAME(dev)); 1349 #endif 1350 } 1351 } 1352 1353 err: 1354 close(fd); 1355 return rc; 1356 } 1357 1358 static int parse_config(struct env_opts *opts) 1359 { 1360 int rc; 1361 1362 if (!opts) 1363 opts = &default_opts; 1364 1365 #if defined(CONFIG_FILE) 1366 /* Fills in DEVNAME(), ENVSIZE(), DEVESIZE(). Or don't. */ 1367 if (get_config(opts->config_file)) { 1368 fprintf(stderr, "Cannot parse config file '%s': %m\n", 1369 opts->config_file); 1370 return -1; 1371 } 1372 #else 1373 DEVNAME (0) = DEVICE1_NAME; 1374 DEVOFFSET (0) = DEVICE1_OFFSET; 1375 ENVSIZE (0) = ENV1_SIZE; 1376 /* Default values are: erase-size=env-size */ 1377 DEVESIZE (0) = ENVSIZE (0); 1378 /* #sectors=env-size/erase-size (rounded up) */ 1379 ENVSECTORS (0) = (ENVSIZE(0) + DEVESIZE(0) - 1) / DEVESIZE(0); 1380 #ifdef DEVICE1_ESIZE 1381 DEVESIZE (0) = DEVICE1_ESIZE; 1382 #endif 1383 #ifdef DEVICE1_ENVSECTORS 1384 ENVSECTORS (0) = DEVICE1_ENVSECTORS; 1385 #endif 1386 1387 #ifdef HAVE_REDUND 1388 DEVNAME (1) = DEVICE2_NAME; 1389 DEVOFFSET (1) = DEVICE2_OFFSET; 1390 ENVSIZE (1) = ENV2_SIZE; 1391 /* Default values are: erase-size=env-size */ 1392 DEVESIZE (1) = ENVSIZE (1); 1393 /* #sectors=env-size/erase-size (rounded up) */ 1394 ENVSECTORS (1) = (ENVSIZE(1) + DEVESIZE(1) - 1) / DEVESIZE(1); 1395 #ifdef DEVICE2_ESIZE 1396 DEVESIZE (1) = DEVICE2_ESIZE; 1397 #endif 1398 #ifdef DEVICE2_ENVSECTORS 1399 ENVSECTORS (1) = DEVICE2_ENVSECTORS; 1400 #endif 1401 HaveRedundEnv = 1; 1402 #endif 1403 #endif 1404 rc = check_device_config(0); 1405 if (rc < 0) 1406 return rc; 1407 1408 if (HaveRedundEnv) { 1409 rc = check_device_config(1); 1410 if (rc < 0) 1411 return rc; 1412 1413 if (ENVSIZE(0) != ENVSIZE(1)) { 1414 ENVSIZE(0) = ENVSIZE(1) = min(ENVSIZE(0), ENVSIZE(1)); 1415 fprintf(stderr, 1416 "Redundant environments have inequal size, set to 0x%08lx\n", 1417 ENVSIZE(1)); 1418 } 1419 } 1420 1421 usable_envsize = CUR_ENVSIZE - sizeof(uint32_t); 1422 if (HaveRedundEnv) 1423 usable_envsize -= sizeof(char); 1424 1425 if (opts->aes_flag) 1426 usable_envsize &= ~(AES_KEY_LENGTH - 1); 1427 1428 return 0; 1429 } 1430 1431 #if defined(CONFIG_FILE) 1432 static int get_config (char *fname) 1433 { 1434 FILE *fp; 1435 int i = 0; 1436 int rc; 1437 char dump[128]; 1438 char *devname; 1439 1440 fp = fopen (fname, "r"); 1441 if (fp == NULL) 1442 return -1; 1443 1444 while (i < 2 && fgets (dump, sizeof (dump), fp)) { 1445 /* Skip incomplete conversions and comment strings */ 1446 if (dump[0] == '#') 1447 continue; 1448 1449 rc = sscanf(dump, "%ms %lli %lx %lx %lx", 1450 &devname, 1451 &DEVOFFSET(i), 1452 &ENVSIZE(i), 1453 &DEVESIZE(i), 1454 &ENVSECTORS(i)); 1455 1456 if (rc < 3) 1457 continue; 1458 1459 DEVNAME(i) = devname; 1460 1461 if (rc < 4) 1462 /* Assume the erase size is the same as the env-size */ 1463 DEVESIZE(i) = ENVSIZE(i); 1464 1465 if (rc < 5) 1466 /* Assume enough env sectors to cover the environment */ 1467 ENVSECTORS (i) = (ENVSIZE(i) + DEVESIZE(i) - 1) / DEVESIZE(i); 1468 1469 i++; 1470 } 1471 fclose (fp); 1472 1473 HaveRedundEnv = i - 1; 1474 if (!i) { /* No valid entries found */ 1475 errno = EINVAL; 1476 return -1; 1477 } else 1478 return 0; 1479 } 1480 #endif 1481