1 /* 2 * (C) Copyright 2000-2010 3 * Wolfgang Denk, DENX Software Engineering, wd@denx.de. 4 * 5 * (C) Copyright 2008 6 * Guennadi Liakhovetski, DENX Software Engineering, lg@denx.de. 7 * 8 * SPDX-License-Identifier: GPL-2.0+ 9 */ 10 11 #define _GNU_SOURCE 12 13 #include <compiler.h> 14 #include <errno.h> 15 #include <env_flags.h> 16 #include <fcntl.h> 17 #include <linux/fs.h> 18 #include <linux/stringify.h> 19 #include <ctype.h> 20 #include <stdio.h> 21 #include <stdlib.h> 22 #include <stddef.h> 23 #include <string.h> 24 #include <sys/types.h> 25 #include <sys/ioctl.h> 26 #include <sys/stat.h> 27 #include <unistd.h> 28 29 #ifdef MTD_OLD 30 # include <stdint.h> 31 # include <linux/mtd/mtd.h> 32 #else 33 # define __user /* nothing */ 34 # include <mtd/mtd-user.h> 35 #endif 36 37 #include "fw_env_private.h" 38 #include "fw_env.h" 39 40 struct env_opts default_opts = { 41 #ifdef CONFIG_FILE 42 .config_file = CONFIG_FILE 43 #endif 44 }; 45 46 #define DIV_ROUND_UP(n, d) (((n) + (d) - 1) / (d)) 47 48 #define min(x, y) ({ \ 49 typeof(x) _min1 = (x); \ 50 typeof(y) _min2 = (y); \ 51 (void) (&_min1 == &_min2); \ 52 _min1 < _min2 ? _min1 : _min2; }) 53 54 struct envdev_s { 55 const char *devname; /* Device name */ 56 long long devoff; /* Device offset */ 57 ulong env_size; /* environment size */ 58 ulong erase_size; /* device erase size */ 59 ulong env_sectors; /* number of environment sectors */ 60 uint8_t mtd_type; /* type of the MTD device */ 61 }; 62 63 static struct envdev_s envdevices[2] = 64 { 65 { 66 .mtd_type = MTD_ABSENT, 67 }, { 68 .mtd_type = MTD_ABSENT, 69 }, 70 }; 71 static int dev_current; 72 73 #define DEVNAME(i) envdevices[(i)].devname 74 #define DEVOFFSET(i) envdevices[(i)].devoff 75 #define ENVSIZE(i) envdevices[(i)].env_size 76 #define DEVESIZE(i) envdevices[(i)].erase_size 77 #define ENVSECTORS(i) envdevices[(i)].env_sectors 78 #define DEVTYPE(i) envdevices[(i)].mtd_type 79 80 #define CUR_ENVSIZE ENVSIZE(dev_current) 81 82 static unsigned long usable_envsize; 83 #define ENV_SIZE usable_envsize 84 85 struct env_image_single { 86 uint32_t crc; /* CRC32 over data bytes */ 87 char data[]; 88 }; 89 90 struct env_image_redundant { 91 uint32_t crc; /* CRC32 over data bytes */ 92 unsigned char flags; /* active or obsolete */ 93 char data[]; 94 }; 95 96 enum flag_scheme { 97 FLAG_NONE, 98 FLAG_BOOLEAN, 99 FLAG_INCREMENTAL, 100 }; 101 102 struct environment { 103 void *image; 104 uint32_t *crc; 105 unsigned char *flags; 106 char *data; 107 enum flag_scheme flag_scheme; 108 }; 109 110 static struct environment environment = { 111 .flag_scheme = FLAG_NONE, 112 }; 113 114 static int env_aes_cbc_crypt(char *data, const int enc, uint8_t *key); 115 116 static int HaveRedundEnv = 0; 117 118 static unsigned char active_flag = 1; 119 /* obsolete_flag must be 0 to efficiently set it on NOR flash without erasing */ 120 static unsigned char obsolete_flag = 0; 121 122 #define DEFAULT_ENV_INSTANCE_STATIC 123 #include <env_default.h> 124 125 static int flash_io (int mode); 126 static int parse_config(struct env_opts *opts); 127 128 #if defined(CONFIG_FILE) 129 static int get_config (char *); 130 #endif 131 132 static char *skip_chars(char *s) 133 { 134 for (; *s != '\0'; s++) { 135 if (isblank(*s)) 136 return s; 137 } 138 return NULL; 139 } 140 141 static char *skip_blanks(char *s) 142 { 143 for (; *s != '\0'; s++) { 144 if (!isblank(*s)) 145 return s; 146 } 147 return NULL; 148 } 149 150 /* 151 * s1 is either a simple 'name', or a 'name=value' pair. 152 * s2 is a 'name=value' pair. 153 * If the names match, return the value of s2, else NULL. 154 */ 155 static char *envmatch(char *s1, char *s2) 156 { 157 if (s1 == NULL || s2 == NULL) 158 return NULL; 159 160 while (*s1 == *s2++) 161 if (*s1++ == '=') 162 return s2; 163 if (*s1 == '\0' && *(s2 - 1) == '=') 164 return s2; 165 return NULL; 166 } 167 168 /** 169 * Search the environment for a variable. 170 * Return the value, if found, or NULL, if not found. 171 */ 172 char *fw_getenv (char *name) 173 { 174 char *env, *nxt; 175 176 for (env = environment.data; *env; env = nxt + 1) { 177 char *val; 178 179 for (nxt = env; *nxt; ++nxt) { 180 if (nxt >= &environment.data[ENV_SIZE]) { 181 fprintf (stderr, "## Error: " 182 "environment not terminated\n"); 183 return NULL; 184 } 185 } 186 val = envmatch (name, env); 187 if (!val) 188 continue; 189 return val; 190 } 191 return NULL; 192 } 193 194 /* 195 * Search the default environment for a variable. 196 * Return the value, if found, or NULL, if not found. 197 */ 198 char *fw_getdefenv(char *name) 199 { 200 char *env, *nxt; 201 202 for (env = default_environment; *env; env = nxt + 1) { 203 char *val; 204 205 for (nxt = env; *nxt; ++nxt) { 206 if (nxt >= &default_environment[ENV_SIZE]) { 207 fprintf(stderr, "## Error: " 208 "default environment not terminated\n"); 209 return NULL; 210 } 211 } 212 val = envmatch(name, env); 213 if (!val) 214 continue; 215 return val; 216 } 217 return NULL; 218 } 219 220 int parse_aes_key(char *key, uint8_t *bin_key) 221 { 222 char tmp[5] = { '0', 'x', 0, 0, 0 }; 223 unsigned long ul; 224 int i; 225 226 if (strnlen(key, 64) != 32) { 227 fprintf(stderr, 228 "## Error: '-a' option requires 16-byte AES key\n"); 229 return -1; 230 } 231 232 for (i = 0; i < 16; i++) { 233 tmp[2] = key[0]; 234 tmp[3] = key[1]; 235 errno = 0; 236 ul = strtoul(tmp, NULL, 16); 237 if (errno) { 238 fprintf(stderr, 239 "## Error: '-a' option requires valid AES key\n"); 240 return -1; 241 } 242 bin_key[i] = ul & 0xff; 243 key += 2; 244 } 245 return 0; 246 } 247 248 /* 249 * Print the current definition of one, or more, or all 250 * environment variables 251 */ 252 int fw_printenv(int argc, char *argv[], int value_only, struct env_opts *opts) 253 { 254 int i, rc = 0; 255 256 if (value_only && argc != 1) { 257 fprintf(stderr, 258 "## Error: `-n' option requires exactly one argument\n"); 259 return -1; 260 } 261 262 if (!opts) 263 opts = &default_opts; 264 265 if (fw_env_open(opts)) 266 return -1; 267 268 if (argc == 0) { /* Print all env variables */ 269 char *env, *nxt; 270 for (env = environment.data; *env; env = nxt + 1) { 271 for (nxt = env; *nxt; ++nxt) { 272 if (nxt >= &environment.data[ENV_SIZE]) { 273 fprintf (stderr, "## Error: " 274 "environment not terminated\n"); 275 return -1; 276 } 277 } 278 279 printf ("%s\n", env); 280 } 281 fw_env_close(opts); 282 return 0; 283 } 284 285 for (i = 0; i < argc; ++i) { /* print a subset of env variables */ 286 char *name = argv[i]; 287 char *val = NULL; 288 289 val = fw_getenv(name); 290 if (!val) { 291 fprintf (stderr, "## Error: \"%s\" not defined\n", name); 292 rc = -1; 293 continue; 294 } 295 296 if (value_only) { 297 puts(val); 298 break; 299 } 300 301 printf("%s=%s\n", name, val); 302 } 303 304 fw_env_close(opts); 305 306 return rc; 307 } 308 309 int fw_env_flush(struct env_opts *opts) 310 { 311 int ret; 312 313 if (!opts) 314 opts = &default_opts; 315 316 if (opts->aes_flag) { 317 ret = env_aes_cbc_crypt(environment.data, 1, 318 opts->aes_key); 319 if (ret) { 320 fprintf(stderr, 321 "Error: can't encrypt env for flash\n"); 322 return ret; 323 } 324 } 325 326 /* 327 * Update CRC 328 */ 329 *environment.crc = crc32(0, (uint8_t *) environment.data, ENV_SIZE); 330 331 /* write environment back to flash */ 332 if (flash_io(O_RDWR)) { 333 fprintf(stderr, 334 "Error: can't write fw_env to flash\n"); 335 return -1; 336 } 337 338 return 0; 339 } 340 341 342 /* 343 * Set/Clear a single variable in the environment. 344 * This is called in sequence to update the environment 345 * in RAM without updating the copy in flash after each set 346 */ 347 int fw_env_write(char *name, char *value) 348 { 349 int len; 350 char *env, *nxt; 351 char *oldval = NULL; 352 int deleting, creating, overwriting; 353 354 /* 355 * search if variable with this name already exists 356 */ 357 for (nxt = env = environment.data; *env; env = nxt + 1) { 358 for (nxt = env; *nxt; ++nxt) { 359 if (nxt >= &environment.data[ENV_SIZE]) { 360 fprintf(stderr, "## Error: " 361 "environment not terminated\n"); 362 errno = EINVAL; 363 return -1; 364 } 365 } 366 if ((oldval = envmatch (name, env)) != NULL) 367 break; 368 } 369 370 deleting = (oldval && !(value && strlen(value))); 371 creating = (!oldval && (value && strlen(value))); 372 overwriting = (oldval && (value && strlen(value))); 373 374 /* check for permission */ 375 if (deleting) { 376 if (env_flags_validate_varaccess(name, 377 ENV_FLAGS_VARACCESS_PREVENT_DELETE)) { 378 printf("Can't delete \"%s\"\n", name); 379 errno = EROFS; 380 return -1; 381 } 382 } else if (overwriting) { 383 if (env_flags_validate_varaccess(name, 384 ENV_FLAGS_VARACCESS_PREVENT_OVERWR)) { 385 printf("Can't overwrite \"%s\"\n", name); 386 errno = EROFS; 387 return -1; 388 } else if (env_flags_validate_varaccess(name, 389 ENV_FLAGS_VARACCESS_PREVENT_NONDEF_OVERWR)) { 390 const char *defval = fw_getdefenv(name); 391 392 if (defval == NULL) 393 defval = ""; 394 if (strcmp(oldval, defval) 395 != 0) { 396 printf("Can't overwrite \"%s\"\n", name); 397 errno = EROFS; 398 return -1; 399 } 400 } 401 } else if (creating) { 402 if (env_flags_validate_varaccess(name, 403 ENV_FLAGS_VARACCESS_PREVENT_CREATE)) { 404 printf("Can't create \"%s\"\n", name); 405 errno = EROFS; 406 return -1; 407 } 408 } else 409 /* Nothing to do */ 410 return 0; 411 412 if (deleting || overwriting) { 413 if (*++nxt == '\0') { 414 *env = '\0'; 415 } else { 416 for (;;) { 417 *env = *nxt++; 418 if ((*env == '\0') && (*nxt == '\0')) 419 break; 420 ++env; 421 } 422 } 423 *++env = '\0'; 424 } 425 426 /* Delete only ? */ 427 if (!value || !strlen(value)) 428 return 0; 429 430 /* 431 * Append new definition at the end 432 */ 433 for (env = environment.data; *env || *(env + 1); ++env); 434 if (env > environment.data) 435 ++env; 436 /* 437 * Overflow when: 438 * "name" + "=" + "val" +"\0\0" > CUR_ENVSIZE - (env-environment) 439 */ 440 len = strlen (name) + 2; 441 /* add '=' for first arg, ' ' for all others */ 442 len += strlen(value) + 1; 443 444 if (len > (&environment.data[ENV_SIZE] - env)) { 445 fprintf (stderr, 446 "Error: environment overflow, \"%s\" deleted\n", 447 name); 448 return -1; 449 } 450 451 while ((*env = *name++) != '\0') 452 env++; 453 *env = '='; 454 while ((*++env = *value++) != '\0') 455 ; 456 457 /* end is marked with double '\0' */ 458 *++env = '\0'; 459 460 return 0; 461 } 462 463 /* 464 * Deletes or sets environment variables. Returns -1 and sets errno error codes: 465 * 0 - OK 466 * EINVAL - need at least 1 argument 467 * EROFS - certain variables ("ethaddr", "serial#") cannot be 468 * modified or deleted 469 * 470 */ 471 int fw_setenv(int argc, char *argv[], struct env_opts *opts) 472 { 473 int i; 474 size_t len; 475 char *name, **valv; 476 char *value = NULL; 477 int valc; 478 int ret; 479 480 if (!opts) 481 opts = &default_opts; 482 483 if (argc < 1) { 484 fprintf(stderr, "## Error: variable name missing\n"); 485 errno = EINVAL; 486 return -1; 487 } 488 489 if (fw_env_open(opts)) { 490 fprintf(stderr, "Error: environment not initialized\n"); 491 return -1; 492 } 493 494 name = argv[0]; 495 valv = argv + 1; 496 valc = argc - 1; 497 498 if (env_flags_validate_env_set_params(name, valv, valc) < 0) { 499 fw_env_close(opts); 500 return -1; 501 } 502 503 len = 0; 504 for (i = 0; i < valc; ++i) { 505 char *val = valv[i]; 506 size_t val_len = strlen(val); 507 508 if (value) 509 value[len - 1] = ' '; 510 value = realloc(value, len + val_len + 1); 511 if (!value) { 512 fprintf(stderr, 513 "Cannot malloc %zu bytes: %s\n", 514 len, strerror(errno)); 515 return -1; 516 } 517 518 memcpy(value + len, val, val_len); 519 len += val_len; 520 value[len++] = '\0'; 521 } 522 523 fw_env_write(name, value); 524 525 free(value); 526 527 ret = fw_env_flush(opts); 528 fw_env_close(opts); 529 530 return ret; 531 } 532 533 /* 534 * Parse a file and configure the u-boot variables. 535 * The script file has a very simple format, as follows: 536 * 537 * Each line has a couple with name, value: 538 * <white spaces>variable_name<white spaces>variable_value 539 * 540 * Both variable_name and variable_value are interpreted as strings. 541 * Any character after <white spaces> and before ending \r\n is interpreted 542 * as variable's value (no comment allowed on these lines !) 543 * 544 * Comments are allowed if the first character in the line is # 545 * 546 * Returns -1 and sets errno error codes: 547 * 0 - OK 548 * -1 - Error 549 */ 550 int fw_parse_script(char *fname, struct env_opts *opts) 551 { 552 FILE *fp; 553 char dump[1024]; /* Maximum line length in the file */ 554 char *name; 555 char *val; 556 int lineno = 0; 557 int len; 558 int ret = 0; 559 560 if (!opts) 561 opts = &default_opts; 562 563 if (fw_env_open(opts)) { 564 fprintf(stderr, "Error: environment not initialized\n"); 565 return -1; 566 } 567 568 if (strcmp(fname, "-") == 0) 569 fp = stdin; 570 else { 571 fp = fopen(fname, "r"); 572 if (fp == NULL) { 573 fprintf(stderr, "I cannot open %s for reading\n", 574 fname); 575 return -1; 576 } 577 } 578 579 while (fgets(dump, sizeof(dump), fp)) { 580 lineno++; 581 len = strlen(dump); 582 583 /* 584 * Read a whole line from the file. If the line is too long 585 * or is not terminated, reports an error and exit. 586 */ 587 if (dump[len - 1] != '\n') { 588 fprintf(stderr, 589 "Line %d not corrected terminated or too long\n", 590 lineno); 591 ret = -1; 592 break; 593 } 594 595 /* Drop ending line feed / carriage return */ 596 dump[--len] = '\0'; 597 if (len && dump[len - 1] == '\r') 598 dump[--len] = '\0'; 599 600 /* Skip comment or empty lines */ 601 if (len == 0 || dump[0] == '#') 602 continue; 603 604 /* 605 * Search for variable's name, 606 * remove leading whitespaces 607 */ 608 name = skip_blanks(dump); 609 if (!name) 610 continue; 611 612 /* The first white space is the end of variable name */ 613 val = skip_chars(name); 614 len = strlen(name); 615 if (val) { 616 *val++ = '\0'; 617 if ((val - name) < len) 618 val = skip_blanks(val); 619 else 620 val = NULL; 621 } 622 623 #ifdef DEBUG 624 fprintf(stderr, "Setting %s : %s\n", 625 name, val ? val : " removed"); 626 #endif 627 628 if (env_flags_validate_type(name, val) < 0) { 629 ret = -1; 630 break; 631 } 632 633 /* 634 * If there is an error setting a variable, 635 * try to save the environment and returns an error 636 */ 637 if (fw_env_write(name, val)) { 638 fprintf(stderr, 639 "fw_env_write returns with error : %s\n", 640 strerror(errno)); 641 ret = -1; 642 break; 643 } 644 645 } 646 647 /* Close file if not stdin */ 648 if (strcmp(fname, "-") != 0) 649 fclose(fp); 650 651 ret |= fw_env_flush(opts); 652 653 fw_env_close(opts); 654 655 return ret; 656 } 657 658 /** 659 * environment_end() - compute offset of first byte right after environemnt 660 * @dev - index of enviroment buffer 661 * Return: 662 * device offset of first byte right after environemnt 663 */ 664 off_t environment_end(int dev) 665 { 666 /* environment is block aligned */ 667 return DEVOFFSET(dev) + ENVSECTORS(dev) * DEVESIZE(dev); 668 } 669 670 /* 671 * Test for bad block on NAND, just returns 0 on NOR, on NAND: 672 * 0 - block is good 673 * > 0 - block is bad 674 * < 0 - failed to test 675 */ 676 static int flash_bad_block(int fd, uint8_t mtd_type, loff_t blockstart) 677 { 678 if (mtd_type == MTD_NANDFLASH) { 679 int badblock = ioctl(fd, MEMGETBADBLOCK, &blockstart); 680 681 if (badblock < 0) { 682 perror ("Cannot read bad block mark"); 683 return badblock; 684 } 685 686 if (badblock) { 687 #ifdef DEBUG 688 fprintf (stderr, "Bad block at 0x%llx, skipping\n", 689 (unsigned long long)blockstart); 690 #endif 691 return badblock; 692 } 693 } 694 695 return 0; 696 } 697 698 /* 699 * Read data from flash at an offset into a provided buffer. On NAND it skips 700 * bad blocks but makes sure it stays within ENVSECTORS (dev) starting from 701 * the DEVOFFSET (dev) block. On NOR the loop is only run once. 702 */ 703 static int flash_read_buf (int dev, int fd, void *buf, size_t count, 704 off_t offset) 705 { 706 size_t blocklen; /* erase / write length - one block on NAND, 707 0 on NOR */ 708 size_t processed = 0; /* progress counter */ 709 size_t readlen = count; /* current read length */ 710 off_t block_seek; /* offset inside the current block to the start 711 of the data */ 712 loff_t blockstart; /* running start of the current block - 713 MEMGETBADBLOCK needs 64 bits */ 714 int rc; 715 716 blockstart = (offset / DEVESIZE (dev)) * DEVESIZE (dev); 717 718 /* Offset inside a block */ 719 block_seek = offset - blockstart; 720 721 if (DEVTYPE(dev) == MTD_NANDFLASH) { 722 /* 723 * NAND: calculate which blocks we are reading. We have 724 * to read one block at a time to skip bad blocks. 725 */ 726 blocklen = DEVESIZE (dev); 727 728 /* Limit to one block for the first read */ 729 if (readlen > blocklen - block_seek) 730 readlen = blocklen - block_seek; 731 } else { 732 blocklen = 0; 733 } 734 735 /* This only runs once on NOR flash */ 736 while (processed < count) { 737 rc = flash_bad_block(fd, DEVTYPE(dev), blockstart); 738 if (rc < 0) /* block test failed */ 739 return -1; 740 741 if (blockstart + block_seek + readlen > environment_end(dev)) { 742 /* End of range is reached */ 743 fprintf (stderr, 744 "Too few good blocks within range\n"); 745 return -1; 746 } 747 748 if (rc) { /* block is bad */ 749 blockstart += blocklen; 750 continue; 751 } 752 753 /* 754 * If a block is bad, we retry in the next block at the same 755 * offset - see common/env_nand.c::writeenv() 756 */ 757 lseek (fd, blockstart + block_seek, SEEK_SET); 758 759 rc = read (fd, buf + processed, readlen); 760 if (rc != readlen) { 761 fprintf (stderr, "Read error on %s: %s\n", 762 DEVNAME (dev), strerror (errno)); 763 return -1; 764 } 765 #ifdef DEBUG 766 fprintf(stderr, "Read 0x%x bytes at 0x%llx on %s\n", 767 rc, (unsigned long long) blockstart + block_seek, 768 DEVNAME(dev)); 769 #endif 770 processed += readlen; 771 readlen = min (blocklen, count - processed); 772 block_seek = 0; 773 blockstart += blocklen; 774 } 775 776 return processed; 777 } 778 779 /* 780 * Write count bytes from begin of environment, but stay within 781 * ENVSECTORS(dev) sectors of 782 * DEVOFFSET (dev). Similar to the read case above, on NOR and dataflash we 783 * erase and write the whole data at once. 784 */ 785 static int flash_write_buf(int dev, int fd, void *buf, size_t count) 786 { 787 void *data; 788 struct erase_info_user erase; 789 size_t blocklen; /* length of NAND block / NOR erase sector */ 790 size_t erase_len; /* whole area that can be erased - may include 791 bad blocks */ 792 size_t erasesize; /* erase / write length - one block on NAND, 793 whole area on NOR */ 794 size_t processed = 0; /* progress counter */ 795 size_t write_total; /* total size to actually write - excluding 796 bad blocks */ 797 off_t erase_offset; /* offset to the first erase block (aligned) 798 below offset */ 799 off_t block_seek; /* offset inside the erase block to the start 800 of the data */ 801 loff_t blockstart; /* running start of the current block - 802 MEMGETBADBLOCK needs 64 bits */ 803 int rc; 804 805 /* 806 * For mtd devices only offset and size of the environment do matter 807 */ 808 if (DEVTYPE(dev) == MTD_ABSENT) { 809 blocklen = count; 810 erase_len = blocklen; 811 blockstart = DEVOFFSET(dev); 812 block_seek = 0; 813 write_total = blocklen; 814 } else { 815 blocklen = DEVESIZE(dev); 816 817 erase_offset = DEVOFFSET(dev); 818 819 /* Maximum area we may use */ 820 erase_len = environment_end(dev) - erase_offset; 821 822 blockstart = erase_offset; 823 824 /* Offset inside a block */ 825 block_seek = DEVOFFSET(dev) - erase_offset; 826 827 /* 828 * Data size we actually write: from the start of the block 829 * to the start of the data, then count bytes of data, and 830 * to the end of the block 831 */ 832 write_total = ((block_seek + count + blocklen - 1) / 833 blocklen) * blocklen; 834 } 835 836 /* 837 * Support data anywhere within erase sectors: read out the complete 838 * area to be erased, replace the environment image, write the whole 839 * block back again. 840 */ 841 if (write_total > count) { 842 data = malloc (erase_len); 843 if (!data) { 844 fprintf (stderr, 845 "Cannot malloc %zu bytes: %s\n", 846 erase_len, strerror (errno)); 847 return -1; 848 } 849 850 rc = flash_read_buf(dev, fd, data, write_total, erase_offset); 851 if (write_total != rc) 852 return -1; 853 854 #ifdef DEBUG 855 fprintf(stderr, "Preserving data "); 856 if (block_seek != 0) 857 fprintf(stderr, "0x%x - 0x%lx", 0, block_seek - 1); 858 if (block_seek + count != write_total) { 859 if (block_seek != 0) 860 fprintf(stderr, " and "); 861 fprintf(stderr, "0x%lx - 0x%lx", 862 (unsigned long) block_seek + count, 863 (unsigned long) write_total - 1); 864 } 865 fprintf(stderr, "\n"); 866 #endif 867 /* Overwrite the old environment */ 868 memcpy (data + block_seek, buf, count); 869 } else { 870 /* 871 * We get here, iff offset is block-aligned and count is a 872 * multiple of blocklen - see write_total calculation above 873 */ 874 data = buf; 875 } 876 877 if (DEVTYPE(dev) == MTD_NANDFLASH) { 878 /* 879 * NAND: calculate which blocks we are writing. We have 880 * to write one block at a time to skip bad blocks. 881 */ 882 erasesize = blocklen; 883 } else { 884 erasesize = erase_len; 885 } 886 887 erase.length = erasesize; 888 889 /* This only runs once on NOR flash and SPI-dataflash */ 890 while (processed < write_total) { 891 rc = flash_bad_block(fd, DEVTYPE(dev), blockstart); 892 if (rc < 0) /* block test failed */ 893 return rc; 894 895 if (blockstart + erasesize > environment_end(dev)) { 896 fprintf (stderr, "End of range reached, aborting\n"); 897 return -1; 898 } 899 900 if (rc) { /* block is bad */ 901 blockstart += blocklen; 902 continue; 903 } 904 905 if (DEVTYPE(dev) != MTD_ABSENT) { 906 erase.start = blockstart; 907 ioctl(fd, MEMUNLOCK, &erase); 908 /* These do not need an explicit erase cycle */ 909 if (DEVTYPE(dev) != MTD_DATAFLASH) 910 if (ioctl(fd, MEMERASE, &erase) != 0) { 911 fprintf(stderr, 912 "MTD erase error on %s: %s\n", 913 DEVNAME(dev), strerror(errno)); 914 return -1; 915 } 916 } 917 918 if (lseek (fd, blockstart, SEEK_SET) == -1) { 919 fprintf (stderr, 920 "Seek error on %s: %s\n", 921 DEVNAME (dev), strerror (errno)); 922 return -1; 923 } 924 925 #ifdef DEBUG 926 fprintf(stderr, "Write 0x%llx bytes at 0x%llx\n", 927 (unsigned long long) erasesize, 928 (unsigned long long) blockstart); 929 #endif 930 if (write (fd, data + processed, erasesize) != erasesize) { 931 fprintf (stderr, "Write error on %s: %s\n", 932 DEVNAME (dev), strerror (errno)); 933 return -1; 934 } 935 936 if (DEVTYPE(dev) != MTD_ABSENT) 937 ioctl(fd, MEMLOCK, &erase); 938 939 processed += erasesize; 940 block_seek = 0; 941 blockstart += erasesize; 942 } 943 944 if (write_total > count) 945 free (data); 946 947 return processed; 948 } 949 950 /* 951 * Set obsolete flag at offset - NOR flash only 952 */ 953 static int flash_flag_obsolete (int dev, int fd, off_t offset) 954 { 955 int rc; 956 struct erase_info_user erase; 957 958 erase.start = DEVOFFSET (dev); 959 erase.length = DEVESIZE (dev); 960 /* This relies on the fact, that obsolete_flag == 0 */ 961 rc = lseek (fd, offset, SEEK_SET); 962 if (rc < 0) { 963 fprintf (stderr, "Cannot seek to set the flag on %s \n", 964 DEVNAME (dev)); 965 return rc; 966 } 967 ioctl (fd, MEMUNLOCK, &erase); 968 rc = write (fd, &obsolete_flag, sizeof (obsolete_flag)); 969 ioctl (fd, MEMLOCK, &erase); 970 if (rc < 0) 971 perror ("Could not set obsolete flag"); 972 973 return rc; 974 } 975 976 /* Encrypt or decrypt the environment before writing or reading it. */ 977 static int env_aes_cbc_crypt(char *payload, const int enc, uint8_t *key) 978 { 979 uint8_t *data = (uint8_t *)payload; 980 const int len = usable_envsize; 981 uint8_t key_exp[AES_EXPAND_KEY_LENGTH]; 982 uint32_t aes_blocks; 983 984 /* First we expand the key. */ 985 aes_expand_key(key, key_exp); 986 987 /* Calculate the number of AES blocks to encrypt. */ 988 aes_blocks = DIV_ROUND_UP(len, AES_KEY_LENGTH); 989 990 if (enc) 991 aes_cbc_encrypt_blocks(key_exp, data, data, aes_blocks); 992 else 993 aes_cbc_decrypt_blocks(key_exp, data, data, aes_blocks); 994 995 return 0; 996 } 997 998 static int flash_write (int fd_current, int fd_target, int dev_target) 999 { 1000 int rc; 1001 1002 switch (environment.flag_scheme) { 1003 case FLAG_NONE: 1004 break; 1005 case FLAG_INCREMENTAL: 1006 (*environment.flags)++; 1007 break; 1008 case FLAG_BOOLEAN: 1009 *environment.flags = active_flag; 1010 break; 1011 default: 1012 fprintf (stderr, "Unimplemented flash scheme %u \n", 1013 environment.flag_scheme); 1014 return -1; 1015 } 1016 1017 #ifdef DEBUG 1018 fprintf(stderr, "Writing new environment at 0x%llx on %s\n", 1019 DEVOFFSET (dev_target), DEVNAME (dev_target)); 1020 #endif 1021 1022 rc = flash_write_buf(dev_target, fd_target, environment.image, 1023 CUR_ENVSIZE); 1024 if (rc < 0) 1025 return rc; 1026 1027 if (environment.flag_scheme == FLAG_BOOLEAN) { 1028 /* Have to set obsolete flag */ 1029 off_t offset = DEVOFFSET (dev_current) + 1030 offsetof (struct env_image_redundant, flags); 1031 #ifdef DEBUG 1032 fprintf(stderr, 1033 "Setting obsolete flag in environment at 0x%llx on %s\n", 1034 DEVOFFSET (dev_current), DEVNAME (dev_current)); 1035 #endif 1036 flash_flag_obsolete (dev_current, fd_current, offset); 1037 } 1038 1039 return 0; 1040 } 1041 1042 static int flash_read (int fd) 1043 { 1044 int rc; 1045 1046 rc = flash_read_buf(dev_current, fd, environment.image, CUR_ENVSIZE, 1047 DEVOFFSET(dev_current)); 1048 if (rc != CUR_ENVSIZE) 1049 return -1; 1050 1051 return 0; 1052 } 1053 1054 static int flash_io (int mode) 1055 { 1056 int fd_current, fd_target, rc, dev_target; 1057 1058 /* dev_current: fd_current, erase_current */ 1059 fd_current = open (DEVNAME (dev_current), mode); 1060 if (fd_current < 0) { 1061 fprintf (stderr, 1062 "Can't open %s: %s\n", 1063 DEVNAME (dev_current), strerror (errno)); 1064 return -1; 1065 } 1066 1067 if (mode == O_RDWR) { 1068 if (HaveRedundEnv) { 1069 /* switch to next partition for writing */ 1070 dev_target = !dev_current; 1071 /* dev_target: fd_target, erase_target */ 1072 fd_target = open (DEVNAME (dev_target), mode); 1073 if (fd_target < 0) { 1074 fprintf (stderr, 1075 "Can't open %s: %s\n", 1076 DEVNAME (dev_target), 1077 strerror (errno)); 1078 rc = -1; 1079 goto exit; 1080 } 1081 } else { 1082 dev_target = dev_current; 1083 fd_target = fd_current; 1084 } 1085 1086 rc = flash_write (fd_current, fd_target, dev_target); 1087 1088 if (HaveRedundEnv) { 1089 if (close (fd_target)) { 1090 fprintf (stderr, 1091 "I/O error on %s: %s\n", 1092 DEVNAME (dev_target), 1093 strerror (errno)); 1094 rc = -1; 1095 } 1096 } 1097 } else { 1098 rc = flash_read (fd_current); 1099 } 1100 1101 exit: 1102 if (close (fd_current)) { 1103 fprintf (stderr, 1104 "I/O error on %s: %s\n", 1105 DEVNAME (dev_current), strerror (errno)); 1106 return -1; 1107 } 1108 1109 return rc; 1110 } 1111 1112 /* 1113 * Prevent confusion if running from erased flash memory 1114 */ 1115 int fw_env_open(struct env_opts *opts) 1116 { 1117 int crc0, crc0_ok; 1118 unsigned char flag0; 1119 void *addr0 = NULL; 1120 1121 int crc1, crc1_ok; 1122 unsigned char flag1; 1123 void *addr1 = NULL; 1124 1125 int ret; 1126 1127 struct env_image_single *single; 1128 struct env_image_redundant *redundant; 1129 1130 if (!opts) 1131 opts = &default_opts; 1132 1133 if (parse_config(opts)) /* should fill envdevices */ 1134 return -EINVAL; 1135 1136 addr0 = calloc(1, CUR_ENVSIZE); 1137 if (addr0 == NULL) { 1138 fprintf(stderr, 1139 "Not enough memory for environment (%ld bytes)\n", 1140 CUR_ENVSIZE); 1141 ret = -ENOMEM; 1142 goto open_cleanup; 1143 } 1144 1145 /* read environment from FLASH to local buffer */ 1146 environment.image = addr0; 1147 1148 if (HaveRedundEnv) { 1149 redundant = addr0; 1150 environment.crc = &redundant->crc; 1151 environment.flags = &redundant->flags; 1152 environment.data = redundant->data; 1153 } else { 1154 single = addr0; 1155 environment.crc = &single->crc; 1156 environment.flags = NULL; 1157 environment.data = single->data; 1158 } 1159 1160 dev_current = 0; 1161 if (flash_io(O_RDONLY)) { 1162 ret = -EIO; 1163 goto open_cleanup; 1164 } 1165 1166 crc0 = crc32 (0, (uint8_t *) environment.data, ENV_SIZE); 1167 1168 if (opts->aes_flag) { 1169 ret = env_aes_cbc_crypt(environment.data, 0, 1170 opts->aes_key); 1171 if (ret) 1172 goto open_cleanup; 1173 } 1174 1175 crc0_ok = (crc0 == *environment.crc); 1176 if (!HaveRedundEnv) { 1177 if (!crc0_ok) { 1178 fprintf (stderr, 1179 "Warning: Bad CRC, using default environment\n"); 1180 memcpy(environment.data, default_environment, sizeof default_environment); 1181 } 1182 } else { 1183 flag0 = *environment.flags; 1184 1185 dev_current = 1; 1186 addr1 = calloc(1, CUR_ENVSIZE); 1187 if (addr1 == NULL) { 1188 fprintf(stderr, 1189 "Not enough memory for environment (%ld bytes)\n", 1190 CUR_ENVSIZE); 1191 ret = -ENOMEM; 1192 goto open_cleanup; 1193 } 1194 redundant = addr1; 1195 1196 /* 1197 * have to set environment.image for flash_read(), careful - 1198 * other pointers in environment still point inside addr0 1199 */ 1200 environment.image = addr1; 1201 if (flash_io(O_RDONLY)) { 1202 ret = -EIO; 1203 goto open_cleanup; 1204 } 1205 1206 /* Check flag scheme compatibility */ 1207 if (DEVTYPE(dev_current) == MTD_NORFLASH && 1208 DEVTYPE(!dev_current) == MTD_NORFLASH) { 1209 environment.flag_scheme = FLAG_BOOLEAN; 1210 } else if (DEVTYPE(dev_current) == MTD_NANDFLASH && 1211 DEVTYPE(!dev_current) == MTD_NANDFLASH) { 1212 environment.flag_scheme = FLAG_INCREMENTAL; 1213 } else if (DEVTYPE(dev_current) == MTD_DATAFLASH && 1214 DEVTYPE(!dev_current) == MTD_DATAFLASH) { 1215 environment.flag_scheme = FLAG_BOOLEAN; 1216 } else if (DEVTYPE(dev_current) == MTD_UBIVOLUME && 1217 DEVTYPE(!dev_current) == MTD_UBIVOLUME) { 1218 environment.flag_scheme = FLAG_INCREMENTAL; 1219 } else if (DEVTYPE(dev_current) == MTD_ABSENT && 1220 DEVTYPE(!dev_current) == MTD_ABSENT) { 1221 environment.flag_scheme = FLAG_INCREMENTAL; 1222 } else { 1223 fprintf (stderr, "Incompatible flash types!\n"); 1224 ret = -EINVAL; 1225 goto open_cleanup; 1226 } 1227 1228 crc1 = crc32 (0, (uint8_t *) redundant->data, ENV_SIZE); 1229 1230 if (opts->aes_flag) { 1231 ret = env_aes_cbc_crypt(redundant->data, 0, 1232 opts->aes_key); 1233 if (ret) 1234 goto open_cleanup; 1235 } 1236 1237 crc1_ok = (crc1 == redundant->crc); 1238 flag1 = redundant->flags; 1239 1240 if (crc0_ok && !crc1_ok) { 1241 dev_current = 0; 1242 } else if (!crc0_ok && crc1_ok) { 1243 dev_current = 1; 1244 } else if (!crc0_ok && !crc1_ok) { 1245 fprintf (stderr, 1246 "Warning: Bad CRC, using default environment\n"); 1247 memcpy (environment.data, default_environment, 1248 sizeof default_environment); 1249 dev_current = 0; 1250 } else { 1251 switch (environment.flag_scheme) { 1252 case FLAG_BOOLEAN: 1253 if (flag0 == active_flag && 1254 flag1 == obsolete_flag) { 1255 dev_current = 0; 1256 } else if (flag0 == obsolete_flag && 1257 flag1 == active_flag) { 1258 dev_current = 1; 1259 } else if (flag0 == flag1) { 1260 dev_current = 0; 1261 } else if (flag0 == 0xFF) { 1262 dev_current = 0; 1263 } else if (flag1 == 0xFF) { 1264 dev_current = 1; 1265 } else { 1266 dev_current = 0; 1267 } 1268 break; 1269 case FLAG_INCREMENTAL: 1270 if (flag0 == 255 && flag1 == 0) 1271 dev_current = 1; 1272 else if ((flag1 == 255 && flag0 == 0) || 1273 flag0 >= flag1) 1274 dev_current = 0; 1275 else /* flag1 > flag0 */ 1276 dev_current = 1; 1277 break; 1278 default: 1279 fprintf (stderr, "Unknown flag scheme %u \n", 1280 environment.flag_scheme); 1281 return -1; 1282 } 1283 } 1284 1285 /* 1286 * If we are reading, we don't need the flag and the CRC any 1287 * more, if we are writing, we will re-calculate CRC and update 1288 * flags before writing out 1289 */ 1290 if (dev_current) { 1291 environment.image = addr1; 1292 environment.crc = &redundant->crc; 1293 environment.flags = &redundant->flags; 1294 environment.data = redundant->data; 1295 free (addr0); 1296 } else { 1297 environment.image = addr0; 1298 /* Other pointers are already set */ 1299 free (addr1); 1300 } 1301 #ifdef DEBUG 1302 fprintf(stderr, "Selected env in %s\n", DEVNAME(dev_current)); 1303 #endif 1304 } 1305 return 0; 1306 1307 open_cleanup: 1308 if (addr0) 1309 free(addr0); 1310 1311 if (addr1) 1312 free(addr0); 1313 1314 return ret; 1315 } 1316 1317 /* 1318 * Simply free allocated buffer with environment 1319 */ 1320 int fw_env_close(struct env_opts *opts) 1321 { 1322 if (environment.image) 1323 free(environment.image); 1324 1325 environment.image = NULL; 1326 1327 return 0; 1328 } 1329 1330 static int check_device_config(int dev) 1331 { 1332 struct stat st; 1333 int fd, rc = 0; 1334 1335 fd = open(DEVNAME(dev), O_RDONLY); 1336 if (fd < 0) { 1337 fprintf(stderr, 1338 "Cannot open %s: %s\n", 1339 DEVNAME(dev), strerror(errno)); 1340 return -1; 1341 } 1342 1343 rc = fstat(fd, &st); 1344 if (rc < 0) { 1345 fprintf(stderr, "Cannot stat the file %s\n", 1346 DEVNAME(dev)); 1347 goto err; 1348 } 1349 1350 if (S_ISCHR(st.st_mode)) { 1351 struct mtd_info_user mtdinfo; 1352 rc = ioctl(fd, MEMGETINFO, &mtdinfo); 1353 if (rc < 0) { 1354 fprintf(stderr, "Cannot get MTD information for %s\n", 1355 DEVNAME(dev)); 1356 goto err; 1357 } 1358 if (mtdinfo.type != MTD_NORFLASH && 1359 mtdinfo.type != MTD_NANDFLASH && 1360 mtdinfo.type != MTD_DATAFLASH && 1361 mtdinfo.type != MTD_UBIVOLUME) { 1362 fprintf(stderr, "Unsupported flash type %u on %s\n", 1363 mtdinfo.type, DEVNAME(dev)); 1364 goto err; 1365 } 1366 DEVTYPE(dev) = mtdinfo.type; 1367 if (DEVESIZE(dev) == 0) 1368 /* Assume the erase size is the same as the env-size */ 1369 DEVESIZE(dev) = ENVSIZE(dev); 1370 } else { 1371 uint64_t size; 1372 DEVTYPE(dev) = MTD_ABSENT; 1373 if (DEVESIZE(dev) == 0) 1374 /* Assume the erase size to be 512 bytes */ 1375 DEVESIZE(dev) = 0x200; 1376 1377 /* 1378 * Check for negative offsets, treat it as backwards offset 1379 * from the end of the block device 1380 */ 1381 if (DEVOFFSET(dev) < 0) { 1382 rc = ioctl(fd, BLKGETSIZE64, &size); 1383 if (rc < 0) { 1384 fprintf(stderr, "Could not get block device size on %s\n", 1385 DEVNAME(dev)); 1386 goto err; 1387 } 1388 1389 DEVOFFSET(dev) = DEVOFFSET(dev) + size; 1390 #ifdef DEBUG 1391 fprintf(stderr, "Calculated device offset 0x%llx on %s\n", 1392 DEVOFFSET(dev), DEVNAME(dev)); 1393 #endif 1394 } 1395 } 1396 1397 if (ENVSECTORS(dev) == 0) 1398 /* Assume enough sectors to cover the environment */ 1399 ENVSECTORS(dev) = DIV_ROUND_UP(ENVSIZE(dev), DEVESIZE(dev)); 1400 1401 if (DEVOFFSET(dev) % DEVESIZE(dev) != 0) { 1402 fprintf(stderr, "Environment does not start on (erase) block boundary\n"); 1403 errno = EINVAL; 1404 return -1; 1405 } 1406 1407 if (ENVSIZE(dev) > ENVSECTORS(dev) * DEVESIZE(dev)) { 1408 fprintf(stderr, "Environment does not fit into available sectors\n"); 1409 errno = EINVAL; 1410 return -1; 1411 } 1412 1413 err: 1414 close(fd); 1415 return rc; 1416 } 1417 1418 static int parse_config(struct env_opts *opts) 1419 { 1420 int rc; 1421 1422 if (!opts) 1423 opts = &default_opts; 1424 1425 #if defined(CONFIG_FILE) 1426 /* Fills in DEVNAME(), ENVSIZE(), DEVESIZE(). Or don't. */ 1427 if (get_config(opts->config_file)) { 1428 fprintf(stderr, "Cannot parse config file '%s': %m\n", 1429 opts->config_file); 1430 return -1; 1431 } 1432 #else 1433 DEVNAME (0) = DEVICE1_NAME; 1434 DEVOFFSET (0) = DEVICE1_OFFSET; 1435 ENVSIZE (0) = ENV1_SIZE; 1436 1437 /* Set defaults for DEVESIZE, ENVSECTORS later once we 1438 * know DEVTYPE 1439 */ 1440 #ifdef DEVICE1_ESIZE 1441 DEVESIZE (0) = DEVICE1_ESIZE; 1442 #endif 1443 #ifdef DEVICE1_ENVSECTORS 1444 ENVSECTORS (0) = DEVICE1_ENVSECTORS; 1445 #endif 1446 1447 #ifdef HAVE_REDUND 1448 DEVNAME (1) = DEVICE2_NAME; 1449 DEVOFFSET (1) = DEVICE2_OFFSET; 1450 ENVSIZE (1) = ENV2_SIZE; 1451 1452 /* Set defaults for DEVESIZE, ENVSECTORS later once we 1453 * know DEVTYPE 1454 */ 1455 #ifdef DEVICE2_ESIZE 1456 DEVESIZE (1) = DEVICE2_ESIZE; 1457 #endif 1458 #ifdef DEVICE2_ENVSECTORS 1459 ENVSECTORS (1) = DEVICE2_ENVSECTORS; 1460 #endif 1461 HaveRedundEnv = 1; 1462 #endif 1463 #endif 1464 rc = check_device_config(0); 1465 if (rc < 0) 1466 return rc; 1467 1468 if (HaveRedundEnv) { 1469 rc = check_device_config(1); 1470 if (rc < 0) 1471 return rc; 1472 1473 if (ENVSIZE(0) != ENVSIZE(1)) { 1474 fprintf(stderr, 1475 "Redundant environments have unequal size"); 1476 return -1; 1477 } 1478 } 1479 1480 usable_envsize = CUR_ENVSIZE - sizeof(uint32_t); 1481 if (HaveRedundEnv) 1482 usable_envsize -= sizeof(char); 1483 1484 if (opts->aes_flag) 1485 usable_envsize &= ~(AES_KEY_LENGTH - 1); 1486 1487 return 0; 1488 } 1489 1490 #if defined(CONFIG_FILE) 1491 static int get_config (char *fname) 1492 { 1493 FILE *fp; 1494 int i = 0; 1495 int rc; 1496 char dump[128]; 1497 char *devname; 1498 1499 fp = fopen (fname, "r"); 1500 if (fp == NULL) 1501 return -1; 1502 1503 while (i < 2 && fgets (dump, sizeof (dump), fp)) { 1504 /* Skip incomplete conversions and comment strings */ 1505 if (dump[0] == '#') 1506 continue; 1507 1508 rc = sscanf(dump, "%ms %lli %lx %lx %lx", 1509 &devname, 1510 &DEVOFFSET(i), 1511 &ENVSIZE(i), 1512 &DEVESIZE(i), 1513 &ENVSECTORS(i)); 1514 1515 if (rc < 3) 1516 continue; 1517 1518 DEVNAME(i) = devname; 1519 1520 /* Set defaults for DEVESIZE, ENVSECTORS later once we 1521 * know DEVTYPE 1522 */ 1523 1524 i++; 1525 } 1526 fclose (fp); 1527 1528 HaveRedundEnv = i - 1; 1529 if (!i) { /* No valid entries found */ 1530 errno = EINVAL; 1531 return -1; 1532 } else 1533 return 0; 1534 } 1535 #endif 1536