1 /* 2 * (C) Copyright 2000-2010 3 * Wolfgang Denk, DENX Software Engineering, wd@denx.de. 4 * 5 * (C) Copyright 2008 6 * Guennadi Liakhovetski, DENX Software Engineering, lg@denx.de. 7 * 8 * SPDX-License-Identifier: GPL-2.0+ 9 */ 10 11 #define _GNU_SOURCE 12 13 #include <compiler.h> 14 #include <errno.h> 15 #include <env_flags.h> 16 #include <fcntl.h> 17 #include <linux/fs.h> 18 #include <linux/stringify.h> 19 #include <ctype.h> 20 #include <stdio.h> 21 #include <stdlib.h> 22 #include <stddef.h> 23 #include <string.h> 24 #include <sys/types.h> 25 #include <sys/ioctl.h> 26 #include <sys/stat.h> 27 #include <unistd.h> 28 29 #ifdef MTD_OLD 30 # include <stdint.h> 31 # include <linux/mtd/mtd.h> 32 #else 33 # define __user /* nothing */ 34 # include <mtd/mtd-user.h> 35 #endif 36 37 #include "fw_env_private.h" 38 #include "fw_env.h" 39 40 struct env_opts default_opts = { 41 #ifdef CONFIG_FILE 42 .config_file = CONFIG_FILE 43 #endif 44 }; 45 46 #define DIV_ROUND_UP(n, d) (((n) + (d) - 1) / (d)) 47 48 #define min(x, y) ({ \ 49 typeof(x) _min1 = (x); \ 50 typeof(y) _min2 = (y); \ 51 (void) (&_min1 == &_min2); \ 52 _min1 < _min2 ? _min1 : _min2; }) 53 54 struct envdev_s { 55 const char *devname; /* Device name */ 56 long long devoff; /* Device offset */ 57 ulong env_size; /* environment size */ 58 ulong erase_size; /* device erase size */ 59 ulong env_sectors; /* number of environment sectors */ 60 uint8_t mtd_type; /* type of the MTD device */ 61 }; 62 63 static struct envdev_s envdevices[2] = 64 { 65 { 66 .mtd_type = MTD_ABSENT, 67 }, { 68 .mtd_type = MTD_ABSENT, 69 }, 70 }; 71 static int dev_current; 72 73 #define DEVNAME(i) envdevices[(i)].devname 74 #define DEVOFFSET(i) envdevices[(i)].devoff 75 #define ENVSIZE(i) envdevices[(i)].env_size 76 #define DEVESIZE(i) envdevices[(i)].erase_size 77 #define ENVSECTORS(i) envdevices[(i)].env_sectors 78 #define DEVTYPE(i) envdevices[(i)].mtd_type 79 80 #define CUR_ENVSIZE ENVSIZE(dev_current) 81 82 static unsigned long usable_envsize; 83 #define ENV_SIZE usable_envsize 84 85 struct env_image_single { 86 uint32_t crc; /* CRC32 over data bytes */ 87 char data[]; 88 }; 89 90 struct env_image_redundant { 91 uint32_t crc; /* CRC32 over data bytes */ 92 unsigned char flags; /* active or obsolete */ 93 char data[]; 94 }; 95 96 enum flag_scheme { 97 FLAG_NONE, 98 FLAG_BOOLEAN, 99 FLAG_INCREMENTAL, 100 }; 101 102 struct environment { 103 void *image; 104 uint32_t *crc; 105 unsigned char *flags; 106 char *data; 107 enum flag_scheme flag_scheme; 108 }; 109 110 static struct environment environment = { 111 .flag_scheme = FLAG_NONE, 112 }; 113 114 static int env_aes_cbc_crypt(char *data, const int enc, uint8_t *key); 115 116 static int HaveRedundEnv = 0; 117 118 static unsigned char active_flag = 1; 119 /* obsolete_flag must be 0 to efficiently set it on NOR flash without erasing */ 120 static unsigned char obsolete_flag = 0; 121 122 #define DEFAULT_ENV_INSTANCE_STATIC 123 #include <env_default.h> 124 125 static int flash_io (int mode); 126 static int parse_config(struct env_opts *opts); 127 128 #if defined(CONFIG_FILE) 129 static int get_config (char *); 130 #endif 131 132 static char *skip_chars(char *s) 133 { 134 for (; *s != '\0'; s++) { 135 if (isblank(*s)) 136 return s; 137 } 138 return NULL; 139 } 140 141 static char *skip_blanks(char *s) 142 { 143 for (; *s != '\0'; s++) { 144 if (!isblank(*s)) 145 return s; 146 } 147 return NULL; 148 } 149 150 /* 151 * s1 is either a simple 'name', or a 'name=value' pair. 152 * s2 is a 'name=value' pair. 153 * If the names match, return the value of s2, else NULL. 154 */ 155 static char *envmatch(char *s1, char *s2) 156 { 157 if (s1 == NULL || s2 == NULL) 158 return NULL; 159 160 while (*s1 == *s2++) 161 if (*s1++ == '=') 162 return s2; 163 if (*s1 == '\0' && *(s2 - 1) == '=') 164 return s2; 165 return NULL; 166 } 167 168 /** 169 * Search the environment for a variable. 170 * Return the value, if found, or NULL, if not found. 171 */ 172 char *fw_getenv (char *name) 173 { 174 char *env, *nxt; 175 176 for (env = environment.data; *env; env = nxt + 1) { 177 char *val; 178 179 for (nxt = env; *nxt; ++nxt) { 180 if (nxt >= &environment.data[ENV_SIZE]) { 181 fprintf (stderr, "## Error: " 182 "environment not terminated\n"); 183 return NULL; 184 } 185 } 186 val = envmatch (name, env); 187 if (!val) 188 continue; 189 return val; 190 } 191 return NULL; 192 } 193 194 /* 195 * Search the default environment for a variable. 196 * Return the value, if found, or NULL, if not found. 197 */ 198 char *fw_getdefenv(char *name) 199 { 200 char *env, *nxt; 201 202 for (env = default_environment; *env; env = nxt + 1) { 203 char *val; 204 205 for (nxt = env; *nxt; ++nxt) { 206 if (nxt >= &default_environment[ENV_SIZE]) { 207 fprintf(stderr, "## Error: " 208 "default environment not terminated\n"); 209 return NULL; 210 } 211 } 212 val = envmatch(name, env); 213 if (!val) 214 continue; 215 return val; 216 } 217 return NULL; 218 } 219 220 int parse_aes_key(char *key, uint8_t *bin_key) 221 { 222 char tmp[5] = { '0', 'x', 0, 0, 0 }; 223 unsigned long ul; 224 int i; 225 226 if (strnlen(key, 64) != 32) { 227 fprintf(stderr, 228 "## Error: '-a' option requires 16-byte AES key\n"); 229 return -1; 230 } 231 232 for (i = 0; i < 16; i++) { 233 tmp[2] = key[0]; 234 tmp[3] = key[1]; 235 errno = 0; 236 ul = strtoul(tmp, NULL, 16); 237 if (errno) { 238 fprintf(stderr, 239 "## Error: '-a' option requires valid AES key\n"); 240 return -1; 241 } 242 bin_key[i] = ul & 0xff; 243 key += 2; 244 } 245 return 0; 246 } 247 248 /* 249 * Print the current definition of one, or more, or all 250 * environment variables 251 */ 252 int fw_printenv(int argc, char *argv[], int value_only, struct env_opts *opts) 253 { 254 int i, rc = 0; 255 256 if (value_only && argc != 1) { 257 fprintf(stderr, 258 "## Error: `-n' option requires exactly one argument\n"); 259 return -1; 260 } 261 262 if (!opts) 263 opts = &default_opts; 264 265 if (fw_env_open(opts)) 266 return -1; 267 268 if (argc == 0) { /* Print all env variables */ 269 char *env, *nxt; 270 for (env = environment.data; *env; env = nxt + 1) { 271 for (nxt = env; *nxt; ++nxt) { 272 if (nxt >= &environment.data[ENV_SIZE]) { 273 fprintf (stderr, "## Error: " 274 "environment not terminated\n"); 275 return -1; 276 } 277 } 278 279 printf ("%s\n", env); 280 } 281 fw_env_close(opts); 282 return 0; 283 } 284 285 for (i = 0; i < argc; ++i) { /* print a subset of env variables */ 286 char *name = argv[i]; 287 char *val = NULL; 288 289 val = fw_getenv(name); 290 if (!val) { 291 fprintf (stderr, "## Error: \"%s\" not defined\n", name); 292 rc = -1; 293 continue; 294 } 295 296 if (value_only) { 297 puts(val); 298 break; 299 } 300 301 printf("%s=%s\n", name, val); 302 } 303 304 fw_env_close(opts); 305 306 return rc; 307 } 308 309 int fw_env_flush(struct env_opts *opts) 310 { 311 int ret; 312 313 if (!opts) 314 opts = &default_opts; 315 316 if (opts->aes_flag) { 317 ret = env_aes_cbc_crypt(environment.data, 1, 318 opts->aes_key); 319 if (ret) { 320 fprintf(stderr, 321 "Error: can't encrypt env for flash\n"); 322 return ret; 323 } 324 } 325 326 /* 327 * Update CRC 328 */ 329 *environment.crc = crc32(0, (uint8_t *) environment.data, ENV_SIZE); 330 331 /* write environment back to flash */ 332 if (flash_io(O_RDWR)) { 333 fprintf(stderr, 334 "Error: can't write fw_env to flash\n"); 335 return -1; 336 } 337 338 return 0; 339 } 340 341 342 /* 343 * Set/Clear a single variable in the environment. 344 * This is called in sequence to update the environment 345 * in RAM without updating the copy in flash after each set 346 */ 347 int fw_env_write(char *name, char *value) 348 { 349 int len; 350 char *env, *nxt; 351 char *oldval = NULL; 352 int deleting, creating, overwriting; 353 354 /* 355 * search if variable with this name already exists 356 */ 357 for (nxt = env = environment.data; *env; env = nxt + 1) { 358 for (nxt = env; *nxt; ++nxt) { 359 if (nxt >= &environment.data[ENV_SIZE]) { 360 fprintf(stderr, "## Error: " 361 "environment not terminated\n"); 362 errno = EINVAL; 363 return -1; 364 } 365 } 366 if ((oldval = envmatch (name, env)) != NULL) 367 break; 368 } 369 370 deleting = (oldval && !(value && strlen(value))); 371 creating = (!oldval && (value && strlen(value))); 372 overwriting = (oldval && (value && strlen(value))); 373 374 /* check for permission */ 375 if (deleting) { 376 if (env_flags_validate_varaccess(name, 377 ENV_FLAGS_VARACCESS_PREVENT_DELETE)) { 378 printf("Can't delete \"%s\"\n", name); 379 errno = EROFS; 380 return -1; 381 } 382 } else if (overwriting) { 383 if (env_flags_validate_varaccess(name, 384 ENV_FLAGS_VARACCESS_PREVENT_OVERWR)) { 385 printf("Can't overwrite \"%s\"\n", name); 386 errno = EROFS; 387 return -1; 388 } else if (env_flags_validate_varaccess(name, 389 ENV_FLAGS_VARACCESS_PREVENT_NONDEF_OVERWR)) { 390 const char *defval = fw_getdefenv(name); 391 392 if (defval == NULL) 393 defval = ""; 394 if (strcmp(oldval, defval) 395 != 0) { 396 printf("Can't overwrite \"%s\"\n", name); 397 errno = EROFS; 398 return -1; 399 } 400 } 401 } else if (creating) { 402 if (env_flags_validate_varaccess(name, 403 ENV_FLAGS_VARACCESS_PREVENT_CREATE)) { 404 printf("Can't create \"%s\"\n", name); 405 errno = EROFS; 406 return -1; 407 } 408 } else 409 /* Nothing to do */ 410 return 0; 411 412 if (deleting || overwriting) { 413 if (*++nxt == '\0') { 414 *env = '\0'; 415 } else { 416 for (;;) { 417 *env = *nxt++; 418 if ((*env == '\0') && (*nxt == '\0')) 419 break; 420 ++env; 421 } 422 } 423 *++env = '\0'; 424 } 425 426 /* Delete only ? */ 427 if (!value || !strlen(value)) 428 return 0; 429 430 /* 431 * Append new definition at the end 432 */ 433 for (env = environment.data; *env || *(env + 1); ++env); 434 if (env > environment.data) 435 ++env; 436 /* 437 * Overflow when: 438 * "name" + "=" + "val" +"\0\0" > CUR_ENVSIZE - (env-environment) 439 */ 440 len = strlen (name) + 2; 441 /* add '=' for first arg, ' ' for all others */ 442 len += strlen(value) + 1; 443 444 if (len > (&environment.data[ENV_SIZE] - env)) { 445 fprintf (stderr, 446 "Error: environment overflow, \"%s\" deleted\n", 447 name); 448 return -1; 449 } 450 451 while ((*env = *name++) != '\0') 452 env++; 453 *env = '='; 454 while ((*++env = *value++) != '\0') 455 ; 456 457 /* end is marked with double '\0' */ 458 *++env = '\0'; 459 460 return 0; 461 } 462 463 /* 464 * Deletes or sets environment variables. Returns -1 and sets errno error codes: 465 * 0 - OK 466 * EINVAL - need at least 1 argument 467 * EROFS - certain variables ("ethaddr", "serial#") cannot be 468 * modified or deleted 469 * 470 */ 471 int fw_env_set(int argc, char *argv[], struct env_opts *opts) 472 { 473 int i; 474 size_t len; 475 char *name, **valv; 476 char *oldval; 477 char *value = NULL; 478 int valc; 479 int ret; 480 481 if (!opts) 482 opts = &default_opts; 483 484 if (argc < 1) { 485 fprintf(stderr, "## Error: variable name missing\n"); 486 errno = EINVAL; 487 return -1; 488 } 489 490 if (fw_env_open(opts)) { 491 fprintf(stderr, "Error: environment not initialized\n"); 492 return -1; 493 } 494 495 name = argv[0]; 496 valv = argv + 1; 497 valc = argc - 1; 498 499 if (env_flags_validate_env_set_params(name, valv, valc) < 0) { 500 fw_env_close(opts); 501 return -1; 502 } 503 504 len = 0; 505 for (i = 0; i < valc; ++i) { 506 char *val = valv[i]; 507 size_t val_len = strlen(val); 508 509 if (value) 510 value[len - 1] = ' '; 511 oldval = value; 512 value = realloc(value, len + val_len + 1); 513 if (!value) { 514 fprintf(stderr, 515 "Cannot malloc %zu bytes: %s\n", 516 len, strerror(errno)); 517 free(oldval); 518 return -1; 519 } 520 521 memcpy(value + len, val, val_len); 522 len += val_len; 523 value[len++] = '\0'; 524 } 525 526 fw_env_write(name, value); 527 528 free(value); 529 530 ret = fw_env_flush(opts); 531 fw_env_close(opts); 532 533 return ret; 534 } 535 536 /* 537 * Parse a file and configure the u-boot variables. 538 * The script file has a very simple format, as follows: 539 * 540 * Each line has a couple with name, value: 541 * <white spaces>variable_name<white spaces>variable_value 542 * 543 * Both variable_name and variable_value are interpreted as strings. 544 * Any character after <white spaces> and before ending \r\n is interpreted 545 * as variable's value (no comment allowed on these lines !) 546 * 547 * Comments are allowed if the first character in the line is # 548 * 549 * Returns -1 and sets errno error codes: 550 * 0 - OK 551 * -1 - Error 552 */ 553 int fw_parse_script(char *fname, struct env_opts *opts) 554 { 555 FILE *fp; 556 char dump[1024]; /* Maximum line length in the file */ 557 char *name; 558 char *val; 559 int lineno = 0; 560 int len; 561 int ret = 0; 562 563 if (!opts) 564 opts = &default_opts; 565 566 if (fw_env_open(opts)) { 567 fprintf(stderr, "Error: environment not initialized\n"); 568 return -1; 569 } 570 571 if (strcmp(fname, "-") == 0) 572 fp = stdin; 573 else { 574 fp = fopen(fname, "r"); 575 if (fp == NULL) { 576 fprintf(stderr, "I cannot open %s for reading\n", 577 fname); 578 return -1; 579 } 580 } 581 582 while (fgets(dump, sizeof(dump), fp)) { 583 lineno++; 584 len = strlen(dump); 585 586 /* 587 * Read a whole line from the file. If the line is too long 588 * or is not terminated, reports an error and exit. 589 */ 590 if (dump[len - 1] != '\n') { 591 fprintf(stderr, 592 "Line %d not corrected terminated or too long\n", 593 lineno); 594 ret = -1; 595 break; 596 } 597 598 /* Drop ending line feed / carriage return */ 599 dump[--len] = '\0'; 600 if (len && dump[len - 1] == '\r') 601 dump[--len] = '\0'; 602 603 /* Skip comment or empty lines */ 604 if (len == 0 || dump[0] == '#') 605 continue; 606 607 /* 608 * Search for variable's name, 609 * remove leading whitespaces 610 */ 611 name = skip_blanks(dump); 612 if (!name) 613 continue; 614 615 /* The first white space is the end of variable name */ 616 val = skip_chars(name); 617 len = strlen(name); 618 if (val) { 619 *val++ = '\0'; 620 if ((val - name) < len) 621 val = skip_blanks(val); 622 else 623 val = NULL; 624 } 625 626 #ifdef DEBUG 627 fprintf(stderr, "Setting %s : %s\n", 628 name, val ? val : " removed"); 629 #endif 630 631 if (env_flags_validate_type(name, val) < 0) { 632 ret = -1; 633 break; 634 } 635 636 /* 637 * If there is an error setting a variable, 638 * try to save the environment and returns an error 639 */ 640 if (fw_env_write(name, val)) { 641 fprintf(stderr, 642 "fw_env_write returns with error : %s\n", 643 strerror(errno)); 644 ret = -1; 645 break; 646 } 647 648 } 649 650 /* Close file if not stdin */ 651 if (strcmp(fname, "-") != 0) 652 fclose(fp); 653 654 ret |= fw_env_flush(opts); 655 656 fw_env_close(opts); 657 658 return ret; 659 } 660 661 /** 662 * environment_end() - compute offset of first byte right after environemnt 663 * @dev - index of enviroment buffer 664 * Return: 665 * device offset of first byte right after environemnt 666 */ 667 off_t environment_end(int dev) 668 { 669 /* environment is block aligned */ 670 return DEVOFFSET(dev) + ENVSECTORS(dev) * DEVESIZE(dev); 671 } 672 673 /* 674 * Test for bad block on NAND, just returns 0 on NOR, on NAND: 675 * 0 - block is good 676 * > 0 - block is bad 677 * < 0 - failed to test 678 */ 679 static int flash_bad_block(int fd, uint8_t mtd_type, loff_t blockstart) 680 { 681 if (mtd_type == MTD_NANDFLASH) { 682 int badblock = ioctl(fd, MEMGETBADBLOCK, &blockstart); 683 684 if (badblock < 0) { 685 perror ("Cannot read bad block mark"); 686 return badblock; 687 } 688 689 if (badblock) { 690 #ifdef DEBUG 691 fprintf (stderr, "Bad block at 0x%llx, skipping\n", 692 (unsigned long long)blockstart); 693 #endif 694 return badblock; 695 } 696 } 697 698 return 0; 699 } 700 701 /* 702 * Read data from flash at an offset into a provided buffer. On NAND it skips 703 * bad blocks but makes sure it stays within ENVSECTORS (dev) starting from 704 * the DEVOFFSET (dev) block. On NOR the loop is only run once. 705 */ 706 static int flash_read_buf (int dev, int fd, void *buf, size_t count, 707 off_t offset) 708 { 709 size_t blocklen; /* erase / write length - one block on NAND, 710 0 on NOR */ 711 size_t processed = 0; /* progress counter */ 712 size_t readlen = count; /* current read length */ 713 off_t block_seek; /* offset inside the current block to the start 714 of the data */ 715 loff_t blockstart; /* running start of the current block - 716 MEMGETBADBLOCK needs 64 bits */ 717 int rc; 718 719 blockstart = (offset / DEVESIZE (dev)) * DEVESIZE (dev); 720 721 /* Offset inside a block */ 722 block_seek = offset - blockstart; 723 724 if (DEVTYPE(dev) == MTD_NANDFLASH) { 725 /* 726 * NAND: calculate which blocks we are reading. We have 727 * to read one block at a time to skip bad blocks. 728 */ 729 blocklen = DEVESIZE (dev); 730 731 /* Limit to one block for the first read */ 732 if (readlen > blocklen - block_seek) 733 readlen = blocklen - block_seek; 734 } else { 735 blocklen = 0; 736 } 737 738 /* This only runs once on NOR flash */ 739 while (processed < count) { 740 rc = flash_bad_block(fd, DEVTYPE(dev), blockstart); 741 if (rc < 0) /* block test failed */ 742 return -1; 743 744 if (blockstart + block_seek + readlen > environment_end(dev)) { 745 /* End of range is reached */ 746 fprintf (stderr, 747 "Too few good blocks within range\n"); 748 return -1; 749 } 750 751 if (rc) { /* block is bad */ 752 blockstart += blocklen; 753 continue; 754 } 755 756 /* 757 * If a block is bad, we retry in the next block at the same 758 * offset - see env/nand.c::writeenv() 759 */ 760 lseek (fd, blockstart + block_seek, SEEK_SET); 761 762 rc = read (fd, buf + processed, readlen); 763 if (rc != readlen) { 764 fprintf (stderr, "Read error on %s: %s\n", 765 DEVNAME (dev), strerror (errno)); 766 return -1; 767 } 768 #ifdef DEBUG 769 fprintf(stderr, "Read 0x%x bytes at 0x%llx on %s\n", 770 rc, (unsigned long long) blockstart + block_seek, 771 DEVNAME(dev)); 772 #endif 773 processed += readlen; 774 readlen = min (blocklen, count - processed); 775 block_seek = 0; 776 blockstart += blocklen; 777 } 778 779 return processed; 780 } 781 782 /* 783 * Write count bytes from begin of environment, but stay within 784 * ENVSECTORS(dev) sectors of 785 * DEVOFFSET (dev). Similar to the read case above, on NOR and dataflash we 786 * erase and write the whole data at once. 787 */ 788 static int flash_write_buf(int dev, int fd, void *buf, size_t count) 789 { 790 void *data; 791 struct erase_info_user erase; 792 size_t blocklen; /* length of NAND block / NOR erase sector */ 793 size_t erase_len; /* whole area that can be erased - may include 794 bad blocks */ 795 size_t erasesize; /* erase / write length - one block on NAND, 796 whole area on NOR */ 797 size_t processed = 0; /* progress counter */ 798 size_t write_total; /* total size to actually write - excluding 799 bad blocks */ 800 off_t erase_offset; /* offset to the first erase block (aligned) 801 below offset */ 802 off_t block_seek; /* offset inside the erase block to the start 803 of the data */ 804 loff_t blockstart; /* running start of the current block - 805 MEMGETBADBLOCK needs 64 bits */ 806 int rc; 807 808 /* 809 * For mtd devices only offset and size of the environment do matter 810 */ 811 if (DEVTYPE(dev) == MTD_ABSENT) { 812 blocklen = count; 813 erase_len = blocklen; 814 blockstart = DEVOFFSET(dev); 815 block_seek = 0; 816 write_total = blocklen; 817 } else { 818 blocklen = DEVESIZE(dev); 819 820 erase_offset = DEVOFFSET(dev); 821 822 /* Maximum area we may use */ 823 erase_len = environment_end(dev) - erase_offset; 824 825 blockstart = erase_offset; 826 827 /* Offset inside a block */ 828 block_seek = DEVOFFSET(dev) - erase_offset; 829 830 /* 831 * Data size we actually write: from the start of the block 832 * to the start of the data, then count bytes of data, and 833 * to the end of the block 834 */ 835 write_total = ((block_seek + count + blocklen - 1) / 836 blocklen) * blocklen; 837 } 838 839 /* 840 * Support data anywhere within erase sectors: read out the complete 841 * area to be erased, replace the environment image, write the whole 842 * block back again. 843 */ 844 if (write_total > count) { 845 data = malloc (erase_len); 846 if (!data) { 847 fprintf (stderr, 848 "Cannot malloc %zu bytes: %s\n", 849 erase_len, strerror (errno)); 850 return -1; 851 } 852 853 rc = flash_read_buf(dev, fd, data, write_total, erase_offset); 854 if (write_total != rc) 855 return -1; 856 857 #ifdef DEBUG 858 fprintf(stderr, "Preserving data "); 859 if (block_seek != 0) 860 fprintf(stderr, "0x%x - 0x%lx", 0, block_seek - 1); 861 if (block_seek + count != write_total) { 862 if (block_seek != 0) 863 fprintf(stderr, " and "); 864 fprintf(stderr, "0x%lx - 0x%lx", 865 (unsigned long) block_seek + count, 866 (unsigned long) write_total - 1); 867 } 868 fprintf(stderr, "\n"); 869 #endif 870 /* Overwrite the old environment */ 871 memcpy (data + block_seek, buf, count); 872 } else { 873 /* 874 * We get here, iff offset is block-aligned and count is a 875 * multiple of blocklen - see write_total calculation above 876 */ 877 data = buf; 878 } 879 880 if (DEVTYPE(dev) == MTD_NANDFLASH) { 881 /* 882 * NAND: calculate which blocks we are writing. We have 883 * to write one block at a time to skip bad blocks. 884 */ 885 erasesize = blocklen; 886 } else { 887 erasesize = erase_len; 888 } 889 890 erase.length = erasesize; 891 892 /* This only runs once on NOR flash and SPI-dataflash */ 893 while (processed < write_total) { 894 rc = flash_bad_block(fd, DEVTYPE(dev), blockstart); 895 if (rc < 0) /* block test failed */ 896 return rc; 897 898 if (blockstart + erasesize > environment_end(dev)) { 899 fprintf (stderr, "End of range reached, aborting\n"); 900 return -1; 901 } 902 903 if (rc) { /* block is bad */ 904 blockstart += blocklen; 905 continue; 906 } 907 908 if (DEVTYPE(dev) != MTD_ABSENT) { 909 erase.start = blockstart; 910 ioctl(fd, MEMUNLOCK, &erase); 911 /* These do not need an explicit erase cycle */ 912 if (DEVTYPE(dev) != MTD_DATAFLASH) 913 if (ioctl(fd, MEMERASE, &erase) != 0) { 914 fprintf(stderr, 915 "MTD erase error on %s: %s\n", 916 DEVNAME(dev), strerror(errno)); 917 return -1; 918 } 919 } 920 921 if (lseek (fd, blockstart, SEEK_SET) == -1) { 922 fprintf (stderr, 923 "Seek error on %s: %s\n", 924 DEVNAME (dev), strerror (errno)); 925 return -1; 926 } 927 928 #ifdef DEBUG 929 fprintf(stderr, "Write 0x%llx bytes at 0x%llx\n", 930 (unsigned long long) erasesize, 931 (unsigned long long) blockstart); 932 #endif 933 if (write (fd, data + processed, erasesize) != erasesize) { 934 fprintf (stderr, "Write error on %s: %s\n", 935 DEVNAME (dev), strerror (errno)); 936 return -1; 937 } 938 939 if (DEVTYPE(dev) != MTD_ABSENT) 940 ioctl(fd, MEMLOCK, &erase); 941 942 processed += erasesize; 943 block_seek = 0; 944 blockstart += erasesize; 945 } 946 947 if (write_total > count) 948 free (data); 949 950 return processed; 951 } 952 953 /* 954 * Set obsolete flag at offset - NOR flash only 955 */ 956 static int flash_flag_obsolete (int dev, int fd, off_t offset) 957 { 958 int rc; 959 struct erase_info_user erase; 960 961 erase.start = DEVOFFSET (dev); 962 erase.length = DEVESIZE (dev); 963 /* This relies on the fact, that obsolete_flag == 0 */ 964 rc = lseek (fd, offset, SEEK_SET); 965 if (rc < 0) { 966 fprintf (stderr, "Cannot seek to set the flag on %s \n", 967 DEVNAME (dev)); 968 return rc; 969 } 970 ioctl (fd, MEMUNLOCK, &erase); 971 rc = write (fd, &obsolete_flag, sizeof (obsolete_flag)); 972 ioctl (fd, MEMLOCK, &erase); 973 if (rc < 0) 974 perror ("Could not set obsolete flag"); 975 976 return rc; 977 } 978 979 /* Encrypt or decrypt the environment before writing or reading it. */ 980 static int env_aes_cbc_crypt(char *payload, const int enc, uint8_t *key) 981 { 982 uint8_t *data = (uint8_t *)payload; 983 const int len = usable_envsize; 984 uint8_t key_exp[AES_EXPAND_KEY_LENGTH]; 985 uint32_t aes_blocks; 986 987 /* First we expand the key. */ 988 aes_expand_key(key, key_exp); 989 990 /* Calculate the number of AES blocks to encrypt. */ 991 aes_blocks = DIV_ROUND_UP(len, AES_KEY_LENGTH); 992 993 if (enc) 994 aes_cbc_encrypt_blocks(key_exp, data, data, aes_blocks); 995 else 996 aes_cbc_decrypt_blocks(key_exp, data, data, aes_blocks); 997 998 return 0; 999 } 1000 1001 static int flash_write (int fd_current, int fd_target, int dev_target) 1002 { 1003 int rc; 1004 1005 switch (environment.flag_scheme) { 1006 case FLAG_NONE: 1007 break; 1008 case FLAG_INCREMENTAL: 1009 (*environment.flags)++; 1010 break; 1011 case FLAG_BOOLEAN: 1012 *environment.flags = active_flag; 1013 break; 1014 default: 1015 fprintf (stderr, "Unimplemented flash scheme %u \n", 1016 environment.flag_scheme); 1017 return -1; 1018 } 1019 1020 #ifdef DEBUG 1021 fprintf(stderr, "Writing new environment at 0x%llx on %s\n", 1022 DEVOFFSET (dev_target), DEVNAME (dev_target)); 1023 #endif 1024 1025 rc = flash_write_buf(dev_target, fd_target, environment.image, 1026 CUR_ENVSIZE); 1027 if (rc < 0) 1028 return rc; 1029 1030 if (environment.flag_scheme == FLAG_BOOLEAN) { 1031 /* Have to set obsolete flag */ 1032 off_t offset = DEVOFFSET (dev_current) + 1033 offsetof (struct env_image_redundant, flags); 1034 #ifdef DEBUG 1035 fprintf(stderr, 1036 "Setting obsolete flag in environment at 0x%llx on %s\n", 1037 DEVOFFSET (dev_current), DEVNAME (dev_current)); 1038 #endif 1039 flash_flag_obsolete (dev_current, fd_current, offset); 1040 } 1041 1042 return 0; 1043 } 1044 1045 static int flash_read (int fd) 1046 { 1047 int rc; 1048 1049 rc = flash_read_buf(dev_current, fd, environment.image, CUR_ENVSIZE, 1050 DEVOFFSET(dev_current)); 1051 if (rc != CUR_ENVSIZE) 1052 return -1; 1053 1054 return 0; 1055 } 1056 1057 static int flash_io (int mode) 1058 { 1059 int fd_current, fd_target, rc, dev_target; 1060 1061 /* dev_current: fd_current, erase_current */ 1062 fd_current = open (DEVNAME (dev_current), mode); 1063 if (fd_current < 0) { 1064 fprintf (stderr, 1065 "Can't open %s: %s\n", 1066 DEVNAME (dev_current), strerror (errno)); 1067 return -1; 1068 } 1069 1070 if (mode == O_RDWR) { 1071 if (HaveRedundEnv) { 1072 /* switch to next partition for writing */ 1073 dev_target = !dev_current; 1074 /* dev_target: fd_target, erase_target */ 1075 fd_target = open (DEVNAME (dev_target), mode); 1076 if (fd_target < 0) { 1077 fprintf (stderr, 1078 "Can't open %s: %s\n", 1079 DEVNAME (dev_target), 1080 strerror (errno)); 1081 rc = -1; 1082 goto exit; 1083 } 1084 } else { 1085 dev_target = dev_current; 1086 fd_target = fd_current; 1087 } 1088 1089 rc = flash_write (fd_current, fd_target, dev_target); 1090 1091 if (fsync(fd_current) && 1092 !(errno == EINVAL || errno == EROFS)) { 1093 fprintf (stderr, 1094 "fsync failed on %s: %s\n", 1095 DEVNAME (dev_current), strerror (errno)); 1096 } 1097 1098 if (HaveRedundEnv) { 1099 if (fsync(fd_target) && 1100 !(errno == EINVAL || errno == EROFS)) { 1101 fprintf (stderr, 1102 "fsync failed on %s: %s\n", 1103 DEVNAME (dev_current), strerror (errno)); 1104 } 1105 1106 if (close (fd_target)) { 1107 fprintf (stderr, 1108 "I/O error on %s: %s\n", 1109 DEVNAME (dev_target), 1110 strerror (errno)); 1111 rc = -1; 1112 } 1113 } 1114 } else { 1115 rc = flash_read (fd_current); 1116 } 1117 1118 exit: 1119 if (close (fd_current)) { 1120 fprintf (stderr, 1121 "I/O error on %s: %s\n", 1122 DEVNAME (dev_current), strerror (errno)); 1123 return -1; 1124 } 1125 1126 return rc; 1127 } 1128 1129 /* 1130 * Prevent confusion if running from erased flash memory 1131 */ 1132 int fw_env_open(struct env_opts *opts) 1133 { 1134 int crc0, crc0_ok; 1135 unsigned char flag0; 1136 void *addr0 = NULL; 1137 1138 int crc1, crc1_ok; 1139 unsigned char flag1; 1140 void *addr1 = NULL; 1141 1142 int ret; 1143 1144 struct env_image_single *single; 1145 struct env_image_redundant *redundant; 1146 1147 if (!opts) 1148 opts = &default_opts; 1149 1150 if (parse_config(opts)) /* should fill envdevices */ 1151 return -EINVAL; 1152 1153 addr0 = calloc(1, CUR_ENVSIZE); 1154 if (addr0 == NULL) { 1155 fprintf(stderr, 1156 "Not enough memory for environment (%ld bytes)\n", 1157 CUR_ENVSIZE); 1158 ret = -ENOMEM; 1159 goto open_cleanup; 1160 } 1161 1162 /* read environment from FLASH to local buffer */ 1163 environment.image = addr0; 1164 1165 if (HaveRedundEnv) { 1166 redundant = addr0; 1167 environment.crc = &redundant->crc; 1168 environment.flags = &redundant->flags; 1169 environment.data = redundant->data; 1170 } else { 1171 single = addr0; 1172 environment.crc = &single->crc; 1173 environment.flags = NULL; 1174 environment.data = single->data; 1175 } 1176 1177 dev_current = 0; 1178 if (flash_io(O_RDONLY)) { 1179 ret = -EIO; 1180 goto open_cleanup; 1181 } 1182 1183 crc0 = crc32 (0, (uint8_t *) environment.data, ENV_SIZE); 1184 1185 if (opts->aes_flag) { 1186 ret = env_aes_cbc_crypt(environment.data, 0, 1187 opts->aes_key); 1188 if (ret) 1189 goto open_cleanup; 1190 } 1191 1192 crc0_ok = (crc0 == *environment.crc); 1193 if (!HaveRedundEnv) { 1194 if (!crc0_ok) { 1195 fprintf (stderr, 1196 "Warning: Bad CRC, using default environment\n"); 1197 memcpy(environment.data, default_environment, sizeof default_environment); 1198 } 1199 } else { 1200 flag0 = *environment.flags; 1201 1202 dev_current = 1; 1203 addr1 = calloc(1, CUR_ENVSIZE); 1204 if (addr1 == NULL) { 1205 fprintf(stderr, 1206 "Not enough memory for environment (%ld bytes)\n", 1207 CUR_ENVSIZE); 1208 ret = -ENOMEM; 1209 goto open_cleanup; 1210 } 1211 redundant = addr1; 1212 1213 /* 1214 * have to set environment.image for flash_read(), careful - 1215 * other pointers in environment still point inside addr0 1216 */ 1217 environment.image = addr1; 1218 if (flash_io(O_RDONLY)) { 1219 ret = -EIO; 1220 goto open_cleanup; 1221 } 1222 1223 /* Check flag scheme compatibility */ 1224 if (DEVTYPE(dev_current) == MTD_NORFLASH && 1225 DEVTYPE(!dev_current) == MTD_NORFLASH) { 1226 environment.flag_scheme = FLAG_BOOLEAN; 1227 } else if (DEVTYPE(dev_current) == MTD_NANDFLASH && 1228 DEVTYPE(!dev_current) == MTD_NANDFLASH) { 1229 environment.flag_scheme = FLAG_INCREMENTAL; 1230 } else if (DEVTYPE(dev_current) == MTD_DATAFLASH && 1231 DEVTYPE(!dev_current) == MTD_DATAFLASH) { 1232 environment.flag_scheme = FLAG_BOOLEAN; 1233 } else if (DEVTYPE(dev_current) == MTD_UBIVOLUME && 1234 DEVTYPE(!dev_current) == MTD_UBIVOLUME) { 1235 environment.flag_scheme = FLAG_INCREMENTAL; 1236 } else if (DEVTYPE(dev_current) == MTD_ABSENT && 1237 DEVTYPE(!dev_current) == MTD_ABSENT) { 1238 environment.flag_scheme = FLAG_INCREMENTAL; 1239 } else { 1240 fprintf (stderr, "Incompatible flash types!\n"); 1241 ret = -EINVAL; 1242 goto open_cleanup; 1243 } 1244 1245 crc1 = crc32 (0, (uint8_t *) redundant->data, ENV_SIZE); 1246 1247 if (opts->aes_flag) { 1248 ret = env_aes_cbc_crypt(redundant->data, 0, 1249 opts->aes_key); 1250 if (ret) 1251 goto open_cleanup; 1252 } 1253 1254 crc1_ok = (crc1 == redundant->crc); 1255 flag1 = redundant->flags; 1256 1257 if (crc0_ok && !crc1_ok) { 1258 dev_current = 0; 1259 } else if (!crc0_ok && crc1_ok) { 1260 dev_current = 1; 1261 } else if (!crc0_ok && !crc1_ok) { 1262 fprintf (stderr, 1263 "Warning: Bad CRC, using default environment\n"); 1264 memcpy (environment.data, default_environment, 1265 sizeof default_environment); 1266 dev_current = 0; 1267 } else { 1268 switch (environment.flag_scheme) { 1269 case FLAG_BOOLEAN: 1270 if (flag0 == active_flag && 1271 flag1 == obsolete_flag) { 1272 dev_current = 0; 1273 } else if (flag0 == obsolete_flag && 1274 flag1 == active_flag) { 1275 dev_current = 1; 1276 } else if (flag0 == flag1) { 1277 dev_current = 0; 1278 } else if (flag0 == 0xFF) { 1279 dev_current = 0; 1280 } else if (flag1 == 0xFF) { 1281 dev_current = 1; 1282 } else { 1283 dev_current = 0; 1284 } 1285 break; 1286 case FLAG_INCREMENTAL: 1287 if (flag0 == 255 && flag1 == 0) 1288 dev_current = 1; 1289 else if ((flag1 == 255 && flag0 == 0) || 1290 flag0 >= flag1) 1291 dev_current = 0; 1292 else /* flag1 > flag0 */ 1293 dev_current = 1; 1294 break; 1295 default: 1296 fprintf (stderr, "Unknown flag scheme %u \n", 1297 environment.flag_scheme); 1298 return -1; 1299 } 1300 } 1301 1302 /* 1303 * If we are reading, we don't need the flag and the CRC any 1304 * more, if we are writing, we will re-calculate CRC and update 1305 * flags before writing out 1306 */ 1307 if (dev_current) { 1308 environment.image = addr1; 1309 environment.crc = &redundant->crc; 1310 environment.flags = &redundant->flags; 1311 environment.data = redundant->data; 1312 free (addr0); 1313 } else { 1314 environment.image = addr0; 1315 /* Other pointers are already set */ 1316 free (addr1); 1317 } 1318 #ifdef DEBUG 1319 fprintf(stderr, "Selected env in %s\n", DEVNAME(dev_current)); 1320 #endif 1321 } 1322 return 0; 1323 1324 open_cleanup: 1325 if (addr0) 1326 free(addr0); 1327 1328 if (addr1) 1329 free(addr0); 1330 1331 return ret; 1332 } 1333 1334 /* 1335 * Simply free allocated buffer with environment 1336 */ 1337 int fw_env_close(struct env_opts *opts) 1338 { 1339 if (environment.image) 1340 free(environment.image); 1341 1342 environment.image = NULL; 1343 1344 return 0; 1345 } 1346 1347 static int check_device_config(int dev) 1348 { 1349 struct stat st; 1350 int fd, rc = 0; 1351 1352 fd = open(DEVNAME(dev), O_RDONLY); 1353 if (fd < 0) { 1354 fprintf(stderr, 1355 "Cannot open %s: %s\n", 1356 DEVNAME(dev), strerror(errno)); 1357 return -1; 1358 } 1359 1360 rc = fstat(fd, &st); 1361 if (rc < 0) { 1362 fprintf(stderr, "Cannot stat the file %s\n", 1363 DEVNAME(dev)); 1364 goto err; 1365 } 1366 1367 if (S_ISCHR(st.st_mode)) { 1368 struct mtd_info_user mtdinfo; 1369 rc = ioctl(fd, MEMGETINFO, &mtdinfo); 1370 if (rc < 0) { 1371 fprintf(stderr, "Cannot get MTD information for %s\n", 1372 DEVNAME(dev)); 1373 goto err; 1374 } 1375 if (mtdinfo.type != MTD_NORFLASH && 1376 mtdinfo.type != MTD_NANDFLASH && 1377 mtdinfo.type != MTD_DATAFLASH && 1378 mtdinfo.type != MTD_UBIVOLUME) { 1379 fprintf(stderr, "Unsupported flash type %u on %s\n", 1380 mtdinfo.type, DEVNAME(dev)); 1381 goto err; 1382 } 1383 DEVTYPE(dev) = mtdinfo.type; 1384 if (DEVESIZE(dev) == 0) 1385 /* Assume the erase size is the same as the env-size */ 1386 DEVESIZE(dev) = ENVSIZE(dev); 1387 } else { 1388 uint64_t size; 1389 DEVTYPE(dev) = MTD_ABSENT; 1390 if (DEVESIZE(dev) == 0) 1391 /* Assume the erase size to be 512 bytes */ 1392 DEVESIZE(dev) = 0x200; 1393 1394 /* 1395 * Check for negative offsets, treat it as backwards offset 1396 * from the end of the block device 1397 */ 1398 if (DEVOFFSET(dev) < 0) { 1399 rc = ioctl(fd, BLKGETSIZE64, &size); 1400 if (rc < 0) { 1401 fprintf(stderr, "Could not get block device size on %s\n", 1402 DEVNAME(dev)); 1403 goto err; 1404 } 1405 1406 DEVOFFSET(dev) = DEVOFFSET(dev) + size; 1407 #ifdef DEBUG 1408 fprintf(stderr, "Calculated device offset 0x%llx on %s\n", 1409 DEVOFFSET(dev), DEVNAME(dev)); 1410 #endif 1411 } 1412 } 1413 1414 if (ENVSECTORS(dev) == 0) 1415 /* Assume enough sectors to cover the environment */ 1416 ENVSECTORS(dev) = DIV_ROUND_UP(ENVSIZE(dev), DEVESIZE(dev)); 1417 1418 if (DEVOFFSET(dev) % DEVESIZE(dev) != 0) { 1419 fprintf(stderr, "Environment does not start on (erase) block boundary\n"); 1420 errno = EINVAL; 1421 return -1; 1422 } 1423 1424 if (ENVSIZE(dev) > ENVSECTORS(dev) * DEVESIZE(dev)) { 1425 fprintf(stderr, "Environment does not fit into available sectors\n"); 1426 errno = EINVAL; 1427 return -1; 1428 } 1429 1430 err: 1431 close(fd); 1432 return rc; 1433 } 1434 1435 static int parse_config(struct env_opts *opts) 1436 { 1437 int rc; 1438 1439 if (!opts) 1440 opts = &default_opts; 1441 1442 #if defined(CONFIG_FILE) 1443 /* Fills in DEVNAME(), ENVSIZE(), DEVESIZE(). Or don't. */ 1444 if (get_config(opts->config_file)) { 1445 fprintf(stderr, "Cannot parse config file '%s': %m\n", 1446 opts->config_file); 1447 return -1; 1448 } 1449 #else 1450 DEVNAME (0) = DEVICE1_NAME; 1451 DEVOFFSET (0) = DEVICE1_OFFSET; 1452 ENVSIZE (0) = ENV1_SIZE; 1453 1454 /* Set defaults for DEVESIZE, ENVSECTORS later once we 1455 * know DEVTYPE 1456 */ 1457 #ifdef DEVICE1_ESIZE 1458 DEVESIZE (0) = DEVICE1_ESIZE; 1459 #endif 1460 #ifdef DEVICE1_ENVSECTORS 1461 ENVSECTORS (0) = DEVICE1_ENVSECTORS; 1462 #endif 1463 1464 #ifdef HAVE_REDUND 1465 DEVNAME (1) = DEVICE2_NAME; 1466 DEVOFFSET (1) = DEVICE2_OFFSET; 1467 ENVSIZE (1) = ENV2_SIZE; 1468 1469 /* Set defaults for DEVESIZE, ENVSECTORS later once we 1470 * know DEVTYPE 1471 */ 1472 #ifdef DEVICE2_ESIZE 1473 DEVESIZE (1) = DEVICE2_ESIZE; 1474 #endif 1475 #ifdef DEVICE2_ENVSECTORS 1476 ENVSECTORS (1) = DEVICE2_ENVSECTORS; 1477 #endif 1478 HaveRedundEnv = 1; 1479 #endif 1480 #endif 1481 rc = check_device_config(0); 1482 if (rc < 0) 1483 return rc; 1484 1485 if (HaveRedundEnv) { 1486 rc = check_device_config(1); 1487 if (rc < 0) 1488 return rc; 1489 1490 if (ENVSIZE(0) != ENVSIZE(1)) { 1491 fprintf(stderr, 1492 "Redundant environments have unequal size"); 1493 return -1; 1494 } 1495 } 1496 1497 usable_envsize = CUR_ENVSIZE - sizeof(uint32_t); 1498 if (HaveRedundEnv) 1499 usable_envsize -= sizeof(char); 1500 1501 if (opts->aes_flag) 1502 usable_envsize &= ~(AES_KEY_LENGTH - 1); 1503 1504 return 0; 1505 } 1506 1507 #if defined(CONFIG_FILE) 1508 static int get_config (char *fname) 1509 { 1510 FILE *fp; 1511 int i = 0; 1512 int rc; 1513 char dump[128]; 1514 char *devname; 1515 1516 fp = fopen (fname, "r"); 1517 if (fp == NULL) 1518 return -1; 1519 1520 while (i < 2 && fgets (dump, sizeof (dump), fp)) { 1521 /* Skip incomplete conversions and comment strings */ 1522 if (dump[0] == '#') 1523 continue; 1524 1525 rc = sscanf(dump, "%ms %lli %lx %lx %lx", 1526 &devname, 1527 &DEVOFFSET(i), 1528 &ENVSIZE(i), 1529 &DEVESIZE(i), 1530 &ENVSECTORS(i)); 1531 1532 if (rc < 3) 1533 continue; 1534 1535 DEVNAME(i) = devname; 1536 1537 /* Set defaults for DEVESIZE, ENVSECTORS later once we 1538 * know DEVTYPE 1539 */ 1540 1541 i++; 1542 } 1543 fclose (fp); 1544 1545 HaveRedundEnv = i - 1; 1546 if (!i) { /* No valid entries found */ 1547 errno = EINVAL; 1548 return -1; 1549 } else 1550 return 0; 1551 } 1552 #endif 1553