1 /*
2 * (C) Copyright 2000-2010
3 * Wolfgang Denk, DENX Software Engineering, wd@denx.de.
4 *
5 * (C) Copyright 2008
6 * Guennadi Liakhovetski, DENX Software Engineering, lg@denx.de.
7 *
8 * SPDX-License-Identifier: GPL-2.0+
9 */
10
11 #define _GNU_SOURCE
12
13 #include <compiler.h>
14 #include <errno.h>
15 #include <env_flags.h>
16 #include <fcntl.h>
17 #include <linux/fs.h>
18 #include <linux/stringify.h>
19 #include <ctype.h>
20 #include <stdio.h>
21 #include <stdlib.h>
22 #include <stddef.h>
23 #include <string.h>
24 #include <sys/types.h>
25 #include <sys/ioctl.h>
26 #include <sys/stat.h>
27 #include <unistd.h>
28
29 #ifdef MTD_OLD
30 # include <stdint.h>
31 # include <linux/mtd/mtd.h>
32 #else
33 # define __user /* nothing */
34 # include <mtd/mtd-user.h>
35 #endif
36
37 #include "fw_env_private.h"
38 #include "fw_env.h"
39
40 struct env_opts default_opts = {
41 #ifdef CONFIG_FILE
42 .config_file = CONFIG_FILE
43 #endif
44 };
45
46 #define DIV_ROUND_UP(n, d) (((n) + (d) - 1) / (d))
47
48 #define min(x, y) ({ \
49 typeof(x) _min1 = (x); \
50 typeof(y) _min2 = (y); \
51 (void) (&_min1 == &_min2); \
52 _min1 < _min2 ? _min1 : _min2; })
53
54 struct envdev_s {
55 const char *devname; /* Device name */
56 long long devoff; /* Device offset */
57 ulong env_size; /* environment size */
58 ulong erase_size; /* device erase size */
59 ulong env_sectors; /* number of environment sectors */
60 uint8_t mtd_type; /* type of the MTD device */
61 };
62
63 static struct envdev_s envdevices[2] =
64 {
65 {
66 .mtd_type = MTD_ABSENT,
67 }, {
68 .mtd_type = MTD_ABSENT,
69 },
70 };
71 static int dev_current;
72
73 #define DEVNAME(i) envdevices[(i)].devname
74 #define DEVOFFSET(i) envdevices[(i)].devoff
75 #define ENVSIZE(i) envdevices[(i)].env_size
76 #define DEVESIZE(i) envdevices[(i)].erase_size
77 #define ENVSECTORS(i) envdevices[(i)].env_sectors
78 #define DEVTYPE(i) envdevices[(i)].mtd_type
79
80 #define CUR_ENVSIZE ENVSIZE(dev_current)
81
82 static unsigned long usable_envsize;
83 #define ENV_SIZE usable_envsize
84
85 struct env_image_single {
86 uint32_t crc; /* CRC32 over data bytes */
87 char data[];
88 };
89
90 struct env_image_redundant {
91 uint32_t crc; /* CRC32 over data bytes */
92 unsigned char flags; /* active or obsolete */
93 char data[];
94 };
95
96 enum flag_scheme {
97 FLAG_NONE,
98 FLAG_BOOLEAN,
99 FLAG_INCREMENTAL,
100 };
101
102 struct environment {
103 void *image;
104 uint32_t *crc;
105 unsigned char *flags;
106 char *data;
107 enum flag_scheme flag_scheme;
108 };
109
110 static struct environment environment = {
111 .flag_scheme = FLAG_NONE,
112 };
113
114 static int env_aes_cbc_crypt(char *data, const int enc, uint8_t *key);
115
116 static int HaveRedundEnv = 0;
117
118 static unsigned char active_flag = 1;
119 /* obsolete_flag must be 0 to efficiently set it on NOR flash without erasing */
120 static unsigned char obsolete_flag = 0;
121
122 #define DEFAULT_ENV_INSTANCE_STATIC
123 #include <env_default.h>
124
125 static int flash_io (int mode);
126 static int parse_config(struct env_opts *opts);
127
128 #if defined(CONFIG_FILE)
129 static int get_config (char *);
130 #endif
131
skip_chars(char * s)132 static char *skip_chars(char *s)
133 {
134 for (; *s != '\0'; s++) {
135 if (isblank(*s))
136 return s;
137 }
138 return NULL;
139 }
140
skip_blanks(char * s)141 static char *skip_blanks(char *s)
142 {
143 for (; *s != '\0'; s++) {
144 if (!isblank(*s))
145 return s;
146 }
147 return NULL;
148 }
149
150 /*
151 * s1 is either a simple 'name', or a 'name=value' pair.
152 * s2 is a 'name=value' pair.
153 * If the names match, return the value of s2, else NULL.
154 */
envmatch(char * s1,char * s2)155 static char *envmatch(char *s1, char *s2)
156 {
157 if (s1 == NULL || s2 == NULL)
158 return NULL;
159
160 while (*s1 == *s2++)
161 if (*s1++ == '=')
162 return s2;
163 if (*s1 == '\0' && *(s2 - 1) == '=')
164 return s2;
165 return NULL;
166 }
167
168 /**
169 * Search the environment for a variable.
170 * Return the value, if found, or NULL, if not found.
171 */
fw_getenv(char * name)172 char *fw_getenv (char *name)
173 {
174 char *env, *nxt;
175
176 for (env = environment.data; *env; env = nxt + 1) {
177 char *val;
178
179 for (nxt = env; *nxt; ++nxt) {
180 if (nxt >= &environment.data[ENV_SIZE]) {
181 fprintf (stderr, "## Error: "
182 "environment not terminated\n");
183 return NULL;
184 }
185 }
186 val = envmatch (name, env);
187 if (!val)
188 continue;
189 return val;
190 }
191 return NULL;
192 }
193
194 /*
195 * Search the default environment for a variable.
196 * Return the value, if found, or NULL, if not found.
197 */
fw_getdefenv(char * name)198 char *fw_getdefenv(char *name)
199 {
200 char *env, *nxt;
201
202 for (env = default_environment; *env; env = nxt + 1) {
203 char *val;
204
205 for (nxt = env; *nxt; ++nxt) {
206 if (nxt >= &default_environment[ENV_SIZE]) {
207 fprintf(stderr, "## Error: "
208 "default environment not terminated\n");
209 return NULL;
210 }
211 }
212 val = envmatch(name, env);
213 if (!val)
214 continue;
215 return val;
216 }
217 return NULL;
218 }
219
parse_aes_key(char * key,uint8_t * bin_key)220 int parse_aes_key(char *key, uint8_t *bin_key)
221 {
222 char tmp[5] = { '0', 'x', 0, 0, 0 };
223 unsigned long ul;
224 int i;
225
226 if (strnlen(key, 64) != 32) {
227 fprintf(stderr,
228 "## Error: '-a' option requires 16-byte AES key\n");
229 return -1;
230 }
231
232 for (i = 0; i < 16; i++) {
233 tmp[2] = key[0];
234 tmp[3] = key[1];
235 errno = 0;
236 ul = strtoul(tmp, NULL, 16);
237 if (errno) {
238 fprintf(stderr,
239 "## Error: '-a' option requires valid AES key\n");
240 return -1;
241 }
242 bin_key[i] = ul & 0xff;
243 key += 2;
244 }
245 return 0;
246 }
247
248 /*
249 * Print the current definition of one, or more, or all
250 * environment variables
251 */
fw_printenv(int argc,char * argv[],int value_only,struct env_opts * opts)252 int fw_printenv(int argc, char *argv[], int value_only, struct env_opts *opts)
253 {
254 int i, rc = 0;
255
256 if (value_only && argc != 1) {
257 fprintf(stderr,
258 "## Error: `-n' option requires exactly one argument\n");
259 return -1;
260 }
261
262 if (!opts)
263 opts = &default_opts;
264
265 if (fw_env_open(opts))
266 return -1;
267
268 if (argc == 0) { /* Print all env variables */
269 char *env, *nxt;
270 for (env = environment.data; *env; env = nxt + 1) {
271 for (nxt = env; *nxt; ++nxt) {
272 if (nxt >= &environment.data[ENV_SIZE]) {
273 fprintf (stderr, "## Error: "
274 "environment not terminated\n");
275 return -1;
276 }
277 }
278
279 printf ("%s\n", env);
280 }
281 fw_env_close(opts);
282 return 0;
283 }
284
285 for (i = 0; i < argc; ++i) { /* print a subset of env variables */
286 char *name = argv[i];
287 char *val = NULL;
288
289 val = fw_getenv(name);
290 if (!val) {
291 fprintf (stderr, "## Error: \"%s\" not defined\n", name);
292 rc = -1;
293 continue;
294 }
295
296 if (value_only) {
297 puts(val);
298 break;
299 }
300
301 printf("%s=%s\n", name, val);
302 }
303
304 fw_env_close(opts);
305
306 return rc;
307 }
308
fw_env_flush(struct env_opts * opts)309 int fw_env_flush(struct env_opts *opts)
310 {
311 int ret;
312
313 if (!opts)
314 opts = &default_opts;
315
316 if (opts->aes_flag) {
317 ret = env_aes_cbc_crypt(environment.data, 1,
318 opts->aes_key);
319 if (ret) {
320 fprintf(stderr,
321 "Error: can't encrypt env for flash\n");
322 return ret;
323 }
324 }
325
326 /*
327 * Update CRC
328 */
329 *environment.crc = crc32(0, (uint8_t *) environment.data, ENV_SIZE);
330
331 /* write environment back to flash */
332 if (flash_io(O_RDWR)) {
333 fprintf(stderr,
334 "Error: can't write fw_env to flash\n");
335 return -1;
336 }
337
338 return 0;
339 }
340
341
342 /*
343 * Set/Clear a single variable in the environment.
344 * This is called in sequence to update the environment
345 * in RAM without updating the copy in flash after each set
346 */
fw_env_write(char * name,char * value)347 int fw_env_write(char *name, char *value)
348 {
349 int len;
350 char *env, *nxt;
351 char *oldval = NULL;
352 int deleting, creating, overwriting;
353
354 /*
355 * search if variable with this name already exists
356 */
357 for (nxt = env = environment.data; *env; env = nxt + 1) {
358 for (nxt = env; *nxt; ++nxt) {
359 if (nxt >= &environment.data[ENV_SIZE]) {
360 fprintf(stderr, "## Error: "
361 "environment not terminated\n");
362 errno = EINVAL;
363 return -1;
364 }
365 }
366 if ((oldval = envmatch (name, env)) != NULL)
367 break;
368 }
369
370 deleting = (oldval && !(value && strlen(value)));
371 creating = (!oldval && (value && strlen(value)));
372 overwriting = (oldval && (value && strlen(value)));
373
374 /* check for permission */
375 if (deleting) {
376 if (env_flags_validate_varaccess(name,
377 ENV_FLAGS_VARACCESS_PREVENT_DELETE)) {
378 printf("Can't delete \"%s\"\n", name);
379 errno = EROFS;
380 return -1;
381 }
382 } else if (overwriting) {
383 if (env_flags_validate_varaccess(name,
384 ENV_FLAGS_VARACCESS_PREVENT_OVERWR)) {
385 printf("Can't overwrite \"%s\"\n", name);
386 errno = EROFS;
387 return -1;
388 } else if (env_flags_validate_varaccess(name,
389 ENV_FLAGS_VARACCESS_PREVENT_NONDEF_OVERWR)) {
390 const char *defval = fw_getdefenv(name);
391
392 if (defval == NULL)
393 defval = "";
394 if (strcmp(oldval, defval)
395 != 0) {
396 printf("Can't overwrite \"%s\"\n", name);
397 errno = EROFS;
398 return -1;
399 }
400 }
401 } else if (creating) {
402 if (env_flags_validate_varaccess(name,
403 ENV_FLAGS_VARACCESS_PREVENT_CREATE)) {
404 printf("Can't create \"%s\"\n", name);
405 errno = EROFS;
406 return -1;
407 }
408 } else
409 /* Nothing to do */
410 return 0;
411
412 if (deleting || overwriting) {
413 if (*++nxt == '\0') {
414 *env = '\0';
415 } else {
416 for (;;) {
417 *env = *nxt++;
418 if ((*env == '\0') && (*nxt == '\0'))
419 break;
420 ++env;
421 }
422 }
423 *++env = '\0';
424 }
425
426 /* Delete only ? */
427 if (!value || !strlen(value))
428 return 0;
429
430 /*
431 * Append new definition at the end
432 */
433 for (env = environment.data; *env || *(env + 1); ++env);
434 if (env > environment.data)
435 ++env;
436 /*
437 * Overflow when:
438 * "name" + "=" + "val" +"\0\0" > CUR_ENVSIZE - (env-environment)
439 */
440 len = strlen (name) + 2;
441 /* add '=' for first arg, ' ' for all others */
442 len += strlen(value) + 1;
443
444 if (len > (&environment.data[ENV_SIZE] - env)) {
445 fprintf (stderr,
446 "Error: environment overflow, \"%s\" deleted\n",
447 name);
448 return -1;
449 }
450
451 while ((*env = *name++) != '\0')
452 env++;
453 *env = '=';
454 while ((*++env = *value++) != '\0')
455 ;
456
457 /* end is marked with double '\0' */
458 *++env = '\0';
459
460 return 0;
461 }
462
463 /*
464 * Deletes or sets environment variables. Returns -1 and sets errno error codes:
465 * 0 - OK
466 * EINVAL - need at least 1 argument
467 * EROFS - certain variables ("ethaddr", "serial#") cannot be
468 * modified or deleted
469 *
470 */
fw_env_set(int argc,char * argv[],struct env_opts * opts)471 int fw_env_set(int argc, char *argv[], struct env_opts *opts)
472 {
473 int i;
474 size_t len;
475 char *name, **valv;
476 char *oldval;
477 char *value = NULL;
478 int valc;
479 int ret;
480
481 if (!opts)
482 opts = &default_opts;
483
484 if (argc < 1) {
485 fprintf(stderr, "## Error: variable name missing\n");
486 errno = EINVAL;
487 return -1;
488 }
489
490 if (fw_env_open(opts)) {
491 fprintf(stderr, "Error: environment not initialized\n");
492 return -1;
493 }
494
495 name = argv[0];
496 valv = argv + 1;
497 valc = argc - 1;
498
499 if (env_flags_validate_env_set_params(name, valv, valc) < 0) {
500 fw_env_close(opts);
501 return -1;
502 }
503
504 len = 0;
505 for (i = 0; i < valc; ++i) {
506 char *val = valv[i];
507 size_t val_len = strlen(val);
508
509 if (value)
510 value[len - 1] = ' ';
511 oldval = value;
512 value = realloc(value, len + val_len + 1);
513 if (!value) {
514 fprintf(stderr,
515 "Cannot malloc %zu bytes: %s\n",
516 len, strerror(errno));
517 free(oldval);
518 return -1;
519 }
520
521 memcpy(value + len, val, val_len);
522 len += val_len;
523 value[len++] = '\0';
524 }
525
526 fw_env_write(name, value);
527
528 free(value);
529
530 ret = fw_env_flush(opts);
531 fw_env_close(opts);
532
533 return ret;
534 }
535
536 /*
537 * Parse a file and configure the u-boot variables.
538 * The script file has a very simple format, as follows:
539 *
540 * Each line has a couple with name, value:
541 * <white spaces>variable_name<white spaces>variable_value
542 *
543 * Both variable_name and variable_value are interpreted as strings.
544 * Any character after <white spaces> and before ending \r\n is interpreted
545 * as variable's value (no comment allowed on these lines !)
546 *
547 * Comments are allowed if the first character in the line is #
548 *
549 * Returns -1 and sets errno error codes:
550 * 0 - OK
551 * -1 - Error
552 */
fw_parse_script(char * fname,struct env_opts * opts)553 int fw_parse_script(char *fname, struct env_opts *opts)
554 {
555 FILE *fp;
556 char dump[1024]; /* Maximum line length in the file */
557 char *name;
558 char *val;
559 int lineno = 0;
560 int len;
561 int ret = 0;
562
563 if (!opts)
564 opts = &default_opts;
565
566 if (fw_env_open(opts)) {
567 fprintf(stderr, "Error: environment not initialized\n");
568 return -1;
569 }
570
571 if (strcmp(fname, "-") == 0)
572 fp = stdin;
573 else {
574 fp = fopen(fname, "r");
575 if (fp == NULL) {
576 fprintf(stderr, "I cannot open %s for reading\n",
577 fname);
578 return -1;
579 }
580 }
581
582 while (fgets(dump, sizeof(dump), fp)) {
583 lineno++;
584 len = strlen(dump);
585
586 /*
587 * Read a whole line from the file. If the line is too long
588 * or is not terminated, reports an error and exit.
589 */
590 if (dump[len - 1] != '\n') {
591 fprintf(stderr,
592 "Line %d not corrected terminated or too long\n",
593 lineno);
594 ret = -1;
595 break;
596 }
597
598 /* Drop ending line feed / carriage return */
599 dump[--len] = '\0';
600 if (len && dump[len - 1] == '\r')
601 dump[--len] = '\0';
602
603 /* Skip comment or empty lines */
604 if (len == 0 || dump[0] == '#')
605 continue;
606
607 /*
608 * Search for variable's name,
609 * remove leading whitespaces
610 */
611 name = skip_blanks(dump);
612 if (!name)
613 continue;
614
615 /* The first white space is the end of variable name */
616 val = skip_chars(name);
617 len = strlen(name);
618 if (val) {
619 *val++ = '\0';
620 if ((val - name) < len)
621 val = skip_blanks(val);
622 else
623 val = NULL;
624 }
625
626 #ifdef DEBUG
627 fprintf(stderr, "Setting %s : %s\n",
628 name, val ? val : " removed");
629 #endif
630
631 if (env_flags_validate_type(name, val) < 0) {
632 ret = -1;
633 break;
634 }
635
636 /*
637 * If there is an error setting a variable,
638 * try to save the environment and returns an error
639 */
640 if (fw_env_write(name, val)) {
641 fprintf(stderr,
642 "fw_env_write returns with error : %s\n",
643 strerror(errno));
644 ret = -1;
645 break;
646 }
647
648 }
649
650 /* Close file if not stdin */
651 if (strcmp(fname, "-") != 0)
652 fclose(fp);
653
654 ret |= fw_env_flush(opts);
655
656 fw_env_close(opts);
657
658 return ret;
659 }
660
661 /**
662 * environment_end() - compute offset of first byte right after environemnt
663 * @dev - index of enviroment buffer
664 * Return:
665 * device offset of first byte right after environemnt
666 */
environment_end(int dev)667 off_t environment_end(int dev)
668 {
669 /* environment is block aligned */
670 return DEVOFFSET(dev) + ENVSECTORS(dev) * DEVESIZE(dev);
671 }
672
673 /*
674 * Test for bad block on NAND, just returns 0 on NOR, on NAND:
675 * 0 - block is good
676 * > 0 - block is bad
677 * < 0 - failed to test
678 */
flash_bad_block(int fd,uint8_t mtd_type,loff_t blockstart)679 static int flash_bad_block(int fd, uint8_t mtd_type, loff_t blockstart)
680 {
681 if (mtd_type == MTD_NANDFLASH) {
682 int badblock = ioctl(fd, MEMGETBADBLOCK, &blockstart);
683
684 if (badblock < 0) {
685 perror ("Cannot read bad block mark");
686 return badblock;
687 }
688
689 if (badblock) {
690 #ifdef DEBUG
691 fprintf (stderr, "Bad block at 0x%llx, skipping\n",
692 (unsigned long long)blockstart);
693 #endif
694 return badblock;
695 }
696 }
697
698 return 0;
699 }
700
701 /*
702 * Read data from flash at an offset into a provided buffer. On NAND it skips
703 * bad blocks but makes sure it stays within ENVSECTORS (dev) starting from
704 * the DEVOFFSET (dev) block. On NOR the loop is only run once.
705 */
flash_read_buf(int dev,int fd,void * buf,size_t count,off_t offset)706 static int flash_read_buf (int dev, int fd, void *buf, size_t count,
707 off_t offset)
708 {
709 size_t blocklen; /* erase / write length - one block on NAND,
710 0 on NOR */
711 size_t processed = 0; /* progress counter */
712 size_t readlen = count; /* current read length */
713 off_t block_seek; /* offset inside the current block to the start
714 of the data */
715 loff_t blockstart; /* running start of the current block -
716 MEMGETBADBLOCK needs 64 bits */
717 int rc;
718
719 blockstart = (offset / DEVESIZE (dev)) * DEVESIZE (dev);
720
721 /* Offset inside a block */
722 block_seek = offset - blockstart;
723
724 if (DEVTYPE(dev) == MTD_NANDFLASH) {
725 /*
726 * NAND: calculate which blocks we are reading. We have
727 * to read one block at a time to skip bad blocks.
728 */
729 blocklen = DEVESIZE (dev);
730
731 /* Limit to one block for the first read */
732 if (readlen > blocklen - block_seek)
733 readlen = blocklen - block_seek;
734 } else {
735 blocklen = 0;
736 }
737
738 /* This only runs once on NOR flash */
739 while (processed < count) {
740 rc = flash_bad_block(fd, DEVTYPE(dev), blockstart);
741 if (rc < 0) /* block test failed */
742 return -1;
743
744 if (blockstart + block_seek + readlen > environment_end(dev)) {
745 /* End of range is reached */
746 fprintf (stderr,
747 "Too few good blocks within range\n");
748 return -1;
749 }
750
751 if (rc) { /* block is bad */
752 blockstart += blocklen;
753 continue;
754 }
755
756 /*
757 * If a block is bad, we retry in the next block at the same
758 * offset - see env/nand.c::writeenv()
759 */
760 lseek (fd, blockstart + block_seek, SEEK_SET);
761
762 rc = read (fd, buf + processed, readlen);
763 if (rc != readlen) {
764 fprintf (stderr, "Read error on %s: %s\n",
765 DEVNAME (dev), strerror (errno));
766 return -1;
767 }
768 #ifdef DEBUG
769 fprintf(stderr, "Read 0x%x bytes at 0x%llx on %s\n",
770 rc, (unsigned long long) blockstart + block_seek,
771 DEVNAME(dev));
772 #endif
773 processed += readlen;
774 readlen = min (blocklen, count - processed);
775 block_seek = 0;
776 blockstart += blocklen;
777 }
778
779 return processed;
780 }
781
782 /*
783 * Write count bytes from begin of environment, but stay within
784 * ENVSECTORS(dev) sectors of
785 * DEVOFFSET (dev). Similar to the read case above, on NOR and dataflash we
786 * erase and write the whole data at once.
787 */
flash_write_buf(int dev,int fd,void * buf,size_t count)788 static int flash_write_buf(int dev, int fd, void *buf, size_t count)
789 {
790 void *data;
791 struct erase_info_user erase;
792 size_t blocklen; /* length of NAND block / NOR erase sector */
793 size_t erase_len; /* whole area that can be erased - may include
794 bad blocks */
795 size_t erasesize; /* erase / write length - one block on NAND,
796 whole area on NOR */
797 size_t processed = 0; /* progress counter */
798 size_t write_total; /* total size to actually write - excluding
799 bad blocks */
800 off_t erase_offset; /* offset to the first erase block (aligned)
801 below offset */
802 off_t block_seek; /* offset inside the erase block to the start
803 of the data */
804 loff_t blockstart; /* running start of the current block -
805 MEMGETBADBLOCK needs 64 bits */
806 int rc;
807
808 /*
809 * For mtd devices only offset and size of the environment do matter
810 */
811 if (DEVTYPE(dev) == MTD_ABSENT) {
812 blocklen = count;
813 erase_len = blocklen;
814 blockstart = DEVOFFSET(dev);
815 block_seek = 0;
816 write_total = blocklen;
817 } else {
818 blocklen = DEVESIZE(dev);
819
820 erase_offset = DEVOFFSET(dev);
821
822 /* Maximum area we may use */
823 erase_len = environment_end(dev) - erase_offset;
824
825 blockstart = erase_offset;
826
827 /* Offset inside a block */
828 block_seek = DEVOFFSET(dev) - erase_offset;
829
830 /*
831 * Data size we actually write: from the start of the block
832 * to the start of the data, then count bytes of data, and
833 * to the end of the block
834 */
835 write_total = ((block_seek + count + blocklen - 1) /
836 blocklen) * blocklen;
837 }
838
839 /*
840 * Support data anywhere within erase sectors: read out the complete
841 * area to be erased, replace the environment image, write the whole
842 * block back again.
843 */
844 if (write_total > count) {
845 data = malloc (erase_len);
846 if (!data) {
847 fprintf (stderr,
848 "Cannot malloc %zu bytes: %s\n",
849 erase_len, strerror (errno));
850 return -1;
851 }
852
853 rc = flash_read_buf(dev, fd, data, write_total, erase_offset);
854 if (write_total != rc)
855 return -1;
856
857 #ifdef DEBUG
858 fprintf(stderr, "Preserving data ");
859 if (block_seek != 0)
860 fprintf(stderr, "0x%x - 0x%lx", 0, block_seek - 1);
861 if (block_seek + count != write_total) {
862 if (block_seek != 0)
863 fprintf(stderr, " and ");
864 fprintf(stderr, "0x%lx - 0x%lx",
865 (unsigned long) block_seek + count,
866 (unsigned long) write_total - 1);
867 }
868 fprintf(stderr, "\n");
869 #endif
870 /* Overwrite the old environment */
871 memcpy (data + block_seek, buf, count);
872 } else {
873 /*
874 * We get here, iff offset is block-aligned and count is a
875 * multiple of blocklen - see write_total calculation above
876 */
877 data = buf;
878 }
879
880 if (DEVTYPE(dev) == MTD_NANDFLASH) {
881 /*
882 * NAND: calculate which blocks we are writing. We have
883 * to write one block at a time to skip bad blocks.
884 */
885 erasesize = blocklen;
886 } else {
887 erasesize = erase_len;
888 }
889
890 erase.length = erasesize;
891
892 /* This only runs once on NOR flash and SPI-dataflash */
893 while (processed < write_total) {
894 rc = flash_bad_block(fd, DEVTYPE(dev), blockstart);
895 if (rc < 0) /* block test failed */
896 return rc;
897
898 if (blockstart + erasesize > environment_end(dev)) {
899 fprintf (stderr, "End of range reached, aborting\n");
900 return -1;
901 }
902
903 if (rc) { /* block is bad */
904 blockstart += blocklen;
905 continue;
906 }
907
908 if (DEVTYPE(dev) != MTD_ABSENT) {
909 erase.start = blockstart;
910 ioctl(fd, MEMUNLOCK, &erase);
911 /* These do not need an explicit erase cycle */
912 if (DEVTYPE(dev) != MTD_DATAFLASH)
913 if (ioctl(fd, MEMERASE, &erase) != 0) {
914 fprintf(stderr,
915 "MTD erase error on %s: %s\n",
916 DEVNAME(dev), strerror(errno));
917 return -1;
918 }
919 }
920
921 if (lseek (fd, blockstart, SEEK_SET) == -1) {
922 fprintf (stderr,
923 "Seek error on %s: %s\n",
924 DEVNAME (dev), strerror (errno));
925 return -1;
926 }
927
928 #ifdef DEBUG
929 fprintf(stderr, "Write 0x%llx bytes at 0x%llx\n",
930 (unsigned long long) erasesize,
931 (unsigned long long) blockstart);
932 #endif
933 if (write (fd, data + processed, erasesize) != erasesize) {
934 fprintf (stderr, "Write error on %s: %s\n",
935 DEVNAME (dev), strerror (errno));
936 return -1;
937 }
938
939 if (DEVTYPE(dev) != MTD_ABSENT)
940 ioctl(fd, MEMLOCK, &erase);
941
942 processed += erasesize;
943 block_seek = 0;
944 blockstart += erasesize;
945 }
946
947 if (write_total > count)
948 free (data);
949
950 return processed;
951 }
952
953 /*
954 * Set obsolete flag at offset - NOR flash only
955 */
flash_flag_obsolete(int dev,int fd,off_t offset)956 static int flash_flag_obsolete (int dev, int fd, off_t offset)
957 {
958 int rc;
959 struct erase_info_user erase;
960
961 erase.start = DEVOFFSET (dev);
962 erase.length = DEVESIZE (dev);
963 /* This relies on the fact, that obsolete_flag == 0 */
964 rc = lseek (fd, offset, SEEK_SET);
965 if (rc < 0) {
966 fprintf (stderr, "Cannot seek to set the flag on %s \n",
967 DEVNAME (dev));
968 return rc;
969 }
970 ioctl (fd, MEMUNLOCK, &erase);
971 rc = write (fd, &obsolete_flag, sizeof (obsolete_flag));
972 ioctl (fd, MEMLOCK, &erase);
973 if (rc < 0)
974 perror ("Could not set obsolete flag");
975
976 return rc;
977 }
978
979 /* Encrypt or decrypt the environment before writing or reading it. */
env_aes_cbc_crypt(char * payload,const int enc,uint8_t * key)980 static int env_aes_cbc_crypt(char *payload, const int enc, uint8_t *key)
981 {
982 uint8_t *data = (uint8_t *)payload;
983 const int len = usable_envsize;
984 uint8_t key_exp[AES_EXPAND_KEY_LENGTH];
985 uint32_t aes_blocks;
986
987 /* First we expand the key. */
988 aes_expand_key(key, key_exp);
989
990 /* Calculate the number of AES blocks to encrypt. */
991 aes_blocks = DIV_ROUND_UP(len, AES_KEY_LENGTH);
992
993 if (enc)
994 aes_cbc_encrypt_blocks(key_exp, data, data, aes_blocks);
995 else
996 aes_cbc_decrypt_blocks(key_exp, data, data, aes_blocks);
997
998 return 0;
999 }
1000
flash_write(int fd_current,int fd_target,int dev_target)1001 static int flash_write (int fd_current, int fd_target, int dev_target)
1002 {
1003 int rc;
1004
1005 switch (environment.flag_scheme) {
1006 case FLAG_NONE:
1007 break;
1008 case FLAG_INCREMENTAL:
1009 (*environment.flags)++;
1010 break;
1011 case FLAG_BOOLEAN:
1012 *environment.flags = active_flag;
1013 break;
1014 default:
1015 fprintf (stderr, "Unimplemented flash scheme %u \n",
1016 environment.flag_scheme);
1017 return -1;
1018 }
1019
1020 #ifdef DEBUG
1021 fprintf(stderr, "Writing new environment at 0x%llx on %s\n",
1022 DEVOFFSET (dev_target), DEVNAME (dev_target));
1023 #endif
1024
1025 rc = flash_write_buf(dev_target, fd_target, environment.image,
1026 CUR_ENVSIZE);
1027 if (rc < 0)
1028 return rc;
1029
1030 if (environment.flag_scheme == FLAG_BOOLEAN) {
1031 /* Have to set obsolete flag */
1032 off_t offset = DEVOFFSET (dev_current) +
1033 offsetof (struct env_image_redundant, flags);
1034 #ifdef DEBUG
1035 fprintf(stderr,
1036 "Setting obsolete flag in environment at 0x%llx on %s\n",
1037 DEVOFFSET (dev_current), DEVNAME (dev_current));
1038 #endif
1039 flash_flag_obsolete (dev_current, fd_current, offset);
1040 }
1041
1042 return 0;
1043 }
1044
flash_read(int fd)1045 static int flash_read (int fd)
1046 {
1047 int rc;
1048
1049 rc = flash_read_buf(dev_current, fd, environment.image, CUR_ENVSIZE,
1050 DEVOFFSET(dev_current));
1051 if (rc != CUR_ENVSIZE)
1052 return -1;
1053
1054 return 0;
1055 }
1056
flash_io(int mode)1057 static int flash_io (int mode)
1058 {
1059 int fd_current, fd_target, rc, dev_target;
1060
1061 /* dev_current: fd_current, erase_current */
1062 fd_current = open (DEVNAME (dev_current), mode);
1063 if (fd_current < 0) {
1064 fprintf (stderr,
1065 "Can't open %s: %s\n",
1066 DEVNAME (dev_current), strerror (errno));
1067 return -1;
1068 }
1069
1070 if (mode == O_RDWR) {
1071 if (HaveRedundEnv) {
1072 /* switch to next partition for writing */
1073 dev_target = !dev_current;
1074 /* dev_target: fd_target, erase_target */
1075 fd_target = open (DEVNAME (dev_target), mode);
1076 if (fd_target < 0) {
1077 fprintf (stderr,
1078 "Can't open %s: %s\n",
1079 DEVNAME (dev_target),
1080 strerror (errno));
1081 rc = -1;
1082 goto exit;
1083 }
1084 } else {
1085 dev_target = dev_current;
1086 fd_target = fd_current;
1087 }
1088
1089 rc = flash_write (fd_current, fd_target, dev_target);
1090
1091 if (fsync(fd_current) &&
1092 !(errno == EINVAL || errno == EROFS)) {
1093 fprintf (stderr,
1094 "fsync failed on %s: %s\n",
1095 DEVNAME (dev_current), strerror (errno));
1096 }
1097
1098 if (HaveRedundEnv) {
1099 if (fsync(fd_target) &&
1100 !(errno == EINVAL || errno == EROFS)) {
1101 fprintf (stderr,
1102 "fsync failed on %s: %s\n",
1103 DEVNAME (dev_current), strerror (errno));
1104 }
1105
1106 if (close (fd_target)) {
1107 fprintf (stderr,
1108 "I/O error on %s: %s\n",
1109 DEVNAME (dev_target),
1110 strerror (errno));
1111 rc = -1;
1112 }
1113 }
1114 } else {
1115 rc = flash_read (fd_current);
1116 }
1117
1118 exit:
1119 if (close (fd_current)) {
1120 fprintf (stderr,
1121 "I/O error on %s: %s\n",
1122 DEVNAME (dev_current), strerror (errno));
1123 return -1;
1124 }
1125
1126 return rc;
1127 }
1128
1129 /*
1130 * Prevent confusion if running from erased flash memory
1131 */
fw_env_open(struct env_opts * opts)1132 int fw_env_open(struct env_opts *opts)
1133 {
1134 int crc0, crc0_ok;
1135 unsigned char flag0;
1136 void *addr0 = NULL;
1137
1138 int crc1, crc1_ok;
1139 unsigned char flag1;
1140 void *addr1 = NULL;
1141
1142 int ret;
1143
1144 struct env_image_single *single;
1145 struct env_image_redundant *redundant;
1146
1147 if (!opts)
1148 opts = &default_opts;
1149
1150 if (parse_config(opts)) /* should fill envdevices */
1151 return -EINVAL;
1152
1153 addr0 = calloc(1, CUR_ENVSIZE);
1154 if (addr0 == NULL) {
1155 fprintf(stderr,
1156 "Not enough memory for environment (%ld bytes)\n",
1157 CUR_ENVSIZE);
1158 ret = -ENOMEM;
1159 goto open_cleanup;
1160 }
1161
1162 /* read environment from FLASH to local buffer */
1163 environment.image = addr0;
1164
1165 if (HaveRedundEnv) {
1166 redundant = addr0;
1167 environment.crc = &redundant->crc;
1168 environment.flags = &redundant->flags;
1169 environment.data = redundant->data;
1170 } else {
1171 single = addr0;
1172 environment.crc = &single->crc;
1173 environment.flags = NULL;
1174 environment.data = single->data;
1175 }
1176
1177 dev_current = 0;
1178 if (flash_io(O_RDONLY)) {
1179 ret = -EIO;
1180 goto open_cleanup;
1181 }
1182
1183 crc0 = crc32 (0, (uint8_t *) environment.data, ENV_SIZE);
1184
1185 if (opts->aes_flag) {
1186 ret = env_aes_cbc_crypt(environment.data, 0,
1187 opts->aes_key);
1188 if (ret)
1189 goto open_cleanup;
1190 }
1191
1192 crc0_ok = (crc0 == *environment.crc);
1193 if (!HaveRedundEnv) {
1194 if (!crc0_ok) {
1195 fprintf (stderr,
1196 "Warning: Bad CRC, using default environment\n");
1197 memcpy(environment.data, default_environment, sizeof default_environment);
1198 }
1199 } else {
1200 flag0 = *environment.flags;
1201
1202 dev_current = 1;
1203 addr1 = calloc(1, CUR_ENVSIZE);
1204 if (addr1 == NULL) {
1205 fprintf(stderr,
1206 "Not enough memory for environment (%ld bytes)\n",
1207 CUR_ENVSIZE);
1208 ret = -ENOMEM;
1209 goto open_cleanup;
1210 }
1211 redundant = addr1;
1212
1213 /*
1214 * have to set environment.image for flash_read(), careful -
1215 * other pointers in environment still point inside addr0
1216 */
1217 environment.image = addr1;
1218 if (flash_io(O_RDONLY)) {
1219 ret = -EIO;
1220 goto open_cleanup;
1221 }
1222
1223 /* Check flag scheme compatibility */
1224 if (DEVTYPE(dev_current) == MTD_NORFLASH &&
1225 DEVTYPE(!dev_current) == MTD_NORFLASH) {
1226 environment.flag_scheme = FLAG_BOOLEAN;
1227 } else if (DEVTYPE(dev_current) == MTD_NANDFLASH &&
1228 DEVTYPE(!dev_current) == MTD_NANDFLASH) {
1229 environment.flag_scheme = FLAG_INCREMENTAL;
1230 } else if (DEVTYPE(dev_current) == MTD_DATAFLASH &&
1231 DEVTYPE(!dev_current) == MTD_DATAFLASH) {
1232 environment.flag_scheme = FLAG_BOOLEAN;
1233 } else if (DEVTYPE(dev_current) == MTD_UBIVOLUME &&
1234 DEVTYPE(!dev_current) == MTD_UBIVOLUME) {
1235 environment.flag_scheme = FLAG_INCREMENTAL;
1236 } else if (DEVTYPE(dev_current) == MTD_ABSENT &&
1237 DEVTYPE(!dev_current) == MTD_ABSENT) {
1238 environment.flag_scheme = FLAG_INCREMENTAL;
1239 } else {
1240 fprintf (stderr, "Incompatible flash types!\n");
1241 ret = -EINVAL;
1242 goto open_cleanup;
1243 }
1244
1245 crc1 = crc32 (0, (uint8_t *) redundant->data, ENV_SIZE);
1246
1247 if (opts->aes_flag) {
1248 ret = env_aes_cbc_crypt(redundant->data, 0,
1249 opts->aes_key);
1250 if (ret)
1251 goto open_cleanup;
1252 }
1253
1254 crc1_ok = (crc1 == redundant->crc);
1255 flag1 = redundant->flags;
1256
1257 if (crc0_ok && !crc1_ok) {
1258 dev_current = 0;
1259 } else if (!crc0_ok && crc1_ok) {
1260 dev_current = 1;
1261 } else if (!crc0_ok && !crc1_ok) {
1262 fprintf (stderr,
1263 "Warning: Bad CRC, using default environment\n");
1264 memcpy (environment.data, default_environment,
1265 sizeof default_environment);
1266 dev_current = 0;
1267 } else {
1268 switch (environment.flag_scheme) {
1269 case FLAG_BOOLEAN:
1270 if (flag0 == active_flag &&
1271 flag1 == obsolete_flag) {
1272 dev_current = 0;
1273 } else if (flag0 == obsolete_flag &&
1274 flag1 == active_flag) {
1275 dev_current = 1;
1276 } else if (flag0 == flag1) {
1277 dev_current = 0;
1278 } else if (flag0 == 0xFF) {
1279 dev_current = 0;
1280 } else if (flag1 == 0xFF) {
1281 dev_current = 1;
1282 } else {
1283 dev_current = 0;
1284 }
1285 break;
1286 case FLAG_INCREMENTAL:
1287 if (flag0 == 255 && flag1 == 0)
1288 dev_current = 1;
1289 else if ((flag1 == 255 && flag0 == 0) ||
1290 flag0 >= flag1)
1291 dev_current = 0;
1292 else /* flag1 > flag0 */
1293 dev_current = 1;
1294 break;
1295 default:
1296 fprintf (stderr, "Unknown flag scheme %u \n",
1297 environment.flag_scheme);
1298 return -1;
1299 }
1300 }
1301
1302 /*
1303 * If we are reading, we don't need the flag and the CRC any
1304 * more, if we are writing, we will re-calculate CRC and update
1305 * flags before writing out
1306 */
1307 if (dev_current) {
1308 environment.image = addr1;
1309 environment.crc = &redundant->crc;
1310 environment.flags = &redundant->flags;
1311 environment.data = redundant->data;
1312 free (addr0);
1313 } else {
1314 environment.image = addr0;
1315 /* Other pointers are already set */
1316 free (addr1);
1317 }
1318 #ifdef DEBUG
1319 fprintf(stderr, "Selected env in %s\n", DEVNAME(dev_current));
1320 #endif
1321 }
1322 return 0;
1323
1324 open_cleanup:
1325 if (addr0)
1326 free(addr0);
1327
1328 if (addr1)
1329 free(addr0);
1330
1331 return ret;
1332 }
1333
1334 /*
1335 * Simply free allocated buffer with environment
1336 */
fw_env_close(struct env_opts * opts)1337 int fw_env_close(struct env_opts *opts)
1338 {
1339 if (environment.image)
1340 free(environment.image);
1341
1342 environment.image = NULL;
1343
1344 return 0;
1345 }
1346
check_device_config(int dev)1347 static int check_device_config(int dev)
1348 {
1349 struct stat st;
1350 int fd, rc = 0;
1351
1352 fd = open(DEVNAME(dev), O_RDONLY);
1353 if (fd < 0) {
1354 fprintf(stderr,
1355 "Cannot open %s: %s\n",
1356 DEVNAME(dev), strerror(errno));
1357 return -1;
1358 }
1359
1360 rc = fstat(fd, &st);
1361 if (rc < 0) {
1362 fprintf(stderr, "Cannot stat the file %s\n",
1363 DEVNAME(dev));
1364 goto err;
1365 }
1366
1367 if (S_ISCHR(st.st_mode)) {
1368 struct mtd_info_user mtdinfo;
1369 rc = ioctl(fd, MEMGETINFO, &mtdinfo);
1370 if (rc < 0) {
1371 fprintf(stderr, "Cannot get MTD information for %s\n",
1372 DEVNAME(dev));
1373 goto err;
1374 }
1375 if (mtdinfo.type != MTD_NORFLASH &&
1376 mtdinfo.type != MTD_NANDFLASH &&
1377 mtdinfo.type != MTD_DATAFLASH &&
1378 mtdinfo.type != MTD_UBIVOLUME) {
1379 fprintf(stderr, "Unsupported flash type %u on %s\n",
1380 mtdinfo.type, DEVNAME(dev));
1381 goto err;
1382 }
1383 DEVTYPE(dev) = mtdinfo.type;
1384 if (DEVESIZE(dev) == 0)
1385 /* Assume the erase size is the same as the env-size */
1386 DEVESIZE(dev) = ENVSIZE(dev);
1387 } else {
1388 uint64_t size;
1389 DEVTYPE(dev) = MTD_ABSENT;
1390 if (DEVESIZE(dev) == 0)
1391 /* Assume the erase size to be 512 bytes */
1392 DEVESIZE(dev) = 0x200;
1393
1394 /*
1395 * Check for negative offsets, treat it as backwards offset
1396 * from the end of the block device
1397 */
1398 if (DEVOFFSET(dev) < 0) {
1399 rc = ioctl(fd, BLKGETSIZE64, &size);
1400 if (rc < 0) {
1401 fprintf(stderr, "Could not get block device size on %s\n",
1402 DEVNAME(dev));
1403 goto err;
1404 }
1405
1406 DEVOFFSET(dev) = DEVOFFSET(dev) + size;
1407 #ifdef DEBUG
1408 fprintf(stderr, "Calculated device offset 0x%llx on %s\n",
1409 DEVOFFSET(dev), DEVNAME(dev));
1410 #endif
1411 }
1412 }
1413
1414 if (ENVSECTORS(dev) == 0)
1415 /* Assume enough sectors to cover the environment */
1416 ENVSECTORS(dev) = DIV_ROUND_UP(ENVSIZE(dev), DEVESIZE(dev));
1417
1418 if (DEVOFFSET(dev) % DEVESIZE(dev) != 0) {
1419 fprintf(stderr, "Environment does not start on (erase) block boundary\n");
1420 errno = EINVAL;
1421 return -1;
1422 }
1423
1424 if (ENVSIZE(dev) > ENVSECTORS(dev) * DEVESIZE(dev)) {
1425 fprintf(stderr, "Environment does not fit into available sectors\n");
1426 errno = EINVAL;
1427 return -1;
1428 }
1429
1430 err:
1431 close(fd);
1432 return rc;
1433 }
1434
parse_config(struct env_opts * opts)1435 static int parse_config(struct env_opts *opts)
1436 {
1437 int rc;
1438
1439 if (!opts)
1440 opts = &default_opts;
1441
1442 #if defined(CONFIG_FILE)
1443 /* Fills in DEVNAME(), ENVSIZE(), DEVESIZE(). Or don't. */
1444 if (get_config(opts->config_file)) {
1445 fprintf(stderr, "Cannot parse config file '%s': %m\n",
1446 opts->config_file);
1447 return -1;
1448 }
1449 #else
1450 DEVNAME (0) = DEVICE1_NAME;
1451 DEVOFFSET (0) = DEVICE1_OFFSET;
1452 ENVSIZE (0) = ENV1_SIZE;
1453
1454 /* Set defaults for DEVESIZE, ENVSECTORS later once we
1455 * know DEVTYPE
1456 */
1457 #ifdef DEVICE1_ESIZE
1458 DEVESIZE (0) = DEVICE1_ESIZE;
1459 #endif
1460 #ifdef DEVICE1_ENVSECTORS
1461 ENVSECTORS (0) = DEVICE1_ENVSECTORS;
1462 #endif
1463
1464 #ifdef HAVE_REDUND
1465 DEVNAME (1) = DEVICE2_NAME;
1466 DEVOFFSET (1) = DEVICE2_OFFSET;
1467 ENVSIZE (1) = ENV2_SIZE;
1468
1469 /* Set defaults for DEVESIZE, ENVSECTORS later once we
1470 * know DEVTYPE
1471 */
1472 #ifdef DEVICE2_ESIZE
1473 DEVESIZE (1) = DEVICE2_ESIZE;
1474 #endif
1475 #ifdef DEVICE2_ENVSECTORS
1476 ENVSECTORS (1) = DEVICE2_ENVSECTORS;
1477 #endif
1478 HaveRedundEnv = 1;
1479 #endif
1480 #endif
1481 rc = check_device_config(0);
1482 if (rc < 0)
1483 return rc;
1484
1485 if (HaveRedundEnv) {
1486 rc = check_device_config(1);
1487 if (rc < 0)
1488 return rc;
1489
1490 if (ENVSIZE(0) != ENVSIZE(1)) {
1491 fprintf(stderr,
1492 "Redundant environments have unequal size");
1493 return -1;
1494 }
1495 }
1496
1497 usable_envsize = CUR_ENVSIZE - sizeof(uint32_t);
1498 if (HaveRedundEnv)
1499 usable_envsize -= sizeof(char);
1500
1501 if (opts->aes_flag)
1502 usable_envsize &= ~(AES_KEY_LENGTH - 1);
1503
1504 return 0;
1505 }
1506
1507 #if defined(CONFIG_FILE)
get_config(char * fname)1508 static int get_config (char *fname)
1509 {
1510 FILE *fp;
1511 int i = 0;
1512 int rc;
1513 char dump[128];
1514 char *devname;
1515
1516 fp = fopen (fname, "r");
1517 if (fp == NULL)
1518 return -1;
1519
1520 while (i < 2 && fgets (dump, sizeof (dump), fp)) {
1521 /* Skip incomplete conversions and comment strings */
1522 if (dump[0] == '#')
1523 continue;
1524
1525 rc = sscanf(dump, "%ms %lli %lx %lx %lx",
1526 &devname,
1527 &DEVOFFSET(i),
1528 &ENVSIZE(i),
1529 &DEVESIZE(i),
1530 &ENVSECTORS(i));
1531
1532 if (rc < 3)
1533 continue;
1534
1535 DEVNAME(i) = devname;
1536
1537 /* Set defaults for DEVESIZE, ENVSECTORS later once we
1538 * know DEVTYPE
1539 */
1540
1541 i++;
1542 }
1543 fclose (fp);
1544
1545 HaveRedundEnv = i - 1;
1546 if (!i) { /* No valid entries found */
1547 errno = EINVAL;
1548 return -1;
1549 } else
1550 return 0;
1551 }
1552 #endif
1553