1 /* 2 * Copyright 2014 Broadcom Corporation. 3 * 4 * SPDX-License-Identifier: GPL-2.0+ 5 */ 6 7 #include <config.h> 8 #include <common.h> 9 #include <blk.h> 10 #include <fastboot.h> 11 #include <fb_mmc.h> 12 #include <image-sparse.h> 13 #include <part.h> 14 #include <mmc.h> 15 #include <div64.h> 16 #include <linux/compat.h> 17 #include <android_image.h> 18 19 /* 20 * FIXME: Ensure we always set these names via Kconfig once xxx_PARTITION is 21 * migrated 22 */ 23 #ifndef CONFIG_FASTBOOT_GPT_NAME 24 #define CONFIG_FASTBOOT_GPT_NAME "gpt" 25 #endif 26 27 28 #ifndef CONFIG_FASTBOOT_MBR_NAME 29 #define CONFIG_FASTBOOT_MBR_NAME "mbr" 30 #endif 31 32 #define BOOT_PARTITION_NAME "boot" 33 #define FASTBOOT_MAX_BLK_WRITE 16384 34 static ulong timer; 35 36 struct fb_mmc_sparse { 37 struct blk_desc *dev_desc; 38 }; 39 40 static int part_get_info_by_name_or_alias(struct blk_desc *dev_desc, 41 const char *name, disk_partition_t *info) 42 { 43 int ret; 44 45 ret = part_get_info_by_name(dev_desc, name, info); 46 if (ret < 0) { 47 /* strlen("fastboot_partition_alias_") + 32(part_name) + 1 */ 48 char env_alias_name[25 + 32 + 1]; 49 char *aliased_part_name; 50 51 /* check for alias */ 52 strcpy(env_alias_name, "fastboot_partition_alias_"); 53 strncat(env_alias_name, name, 32); 54 aliased_part_name = env_get(env_alias_name); 55 if (aliased_part_name != NULL) 56 ret = part_get_info_by_name(dev_desc, 57 aliased_part_name, info); 58 } 59 return ret; 60 } 61 62 static lbaint_t fb_mmc_blk_write(struct blk_desc *block_dev, lbaint_t start, 63 lbaint_t blkcnt, const void *buffer) 64 { 65 lbaint_t blk = start; 66 lbaint_t blks_written; 67 lbaint_t cur_blkcnt; 68 lbaint_t blks = 0; 69 int i; 70 for (i = 0; i < blkcnt; i += FASTBOOT_MAX_BLK_WRITE) { 71 cur_blkcnt = min((int)blkcnt-i, FASTBOOT_MAX_BLK_WRITE); 72 if (buffer != NULL) { 73 timed_send_info(&timer, "writing"); 74 blks_written = blk_dwrite(block_dev, blk, cur_blkcnt, 75 buffer+(i*block_dev->blksz)); 76 } else { 77 timed_send_info(&timer, "erasing"); 78 blks_written = blk_derase(block_dev, blk, cur_blkcnt); 79 } 80 blk += blks_written; 81 blks += blks_written; 82 } 83 return blks; 84 } 85 86 static lbaint_t fb_mmc_sparse_write(struct sparse_storage *info, 87 lbaint_t blk, lbaint_t blkcnt, const void *buffer) 88 { 89 struct fb_mmc_sparse *sparse = info->priv; 90 struct blk_desc *dev_desc = sparse->dev_desc; 91 92 return fb_mmc_blk_write(dev_desc, blk, blkcnt, buffer); 93 } 94 95 static lbaint_t fb_mmc_sparse_reserve(struct sparse_storage *info, 96 lbaint_t blk, lbaint_t blkcnt) 97 { 98 return blkcnt; 99 } 100 101 static void write_raw_image(struct blk_desc *dev_desc, disk_partition_t *info, 102 const char *part_name, void *buffer, 103 unsigned int download_bytes, char *response) 104 { 105 lbaint_t blkcnt; 106 lbaint_t blks; 107 108 /* determine number of blocks to write */ 109 blkcnt = ((download_bytes + (info->blksz - 1)) & ~(info->blksz - 1)); 110 blkcnt = lldiv(blkcnt, info->blksz); 111 112 if (blkcnt > info->size) { 113 error("too large for partition: '%s'\n", part_name); 114 fastboot_fail("too large for partition", response); 115 return; 116 } 117 118 puts("Flashing Raw Image\n"); 119 120 blks = fb_mmc_blk_write(dev_desc, info->start, blkcnt, buffer); 121 if (blks != blkcnt) { 122 error("failed writing to device %d\n", dev_desc->devnum); 123 fastboot_fail("failed writing to device", response); 124 return; 125 } 126 127 printf("........ wrote " LBAFU " bytes to '%s'\n", blkcnt * info->blksz, 128 part_name); 129 fastboot_okay("", response); 130 } 131 132 #ifdef CONFIG_ANDROID_BOOT_IMAGE 133 /** 134 * Read Android boot image header from boot partition. 135 * 136 * @param[in] dev_desc MMC device descriptor 137 * @param[in] info Boot partition info 138 * @param[out] hdr Where to store read boot image header 139 * 140 * @return Boot image header sectors count or 0 on error 141 */ 142 static lbaint_t fb_mmc_get_boot_header(struct blk_desc *dev_desc, 143 disk_partition_t *info, 144 struct andr_img_hdr *hdr, 145 char *response) 146 { 147 ulong sector_size; /* boot partition sector size */ 148 lbaint_t hdr_sectors; /* boot image header sectors count */ 149 int res; 150 151 /* Calculate boot image sectors count */ 152 sector_size = info->blksz; 153 hdr_sectors = DIV_ROUND_UP(sizeof(struct andr_img_hdr), sector_size); 154 if (hdr_sectors == 0) { 155 error("invalid number of boot sectors: 0"); 156 fastboot_fail("invalid number of boot sectors: 0", response); 157 return 0; 158 } 159 160 /* Read the boot image header */ 161 res = blk_dread(dev_desc, info->start, hdr_sectors, (void *)hdr); 162 if (res != hdr_sectors) { 163 error("cannot read header from boot partition"); 164 fastboot_fail("cannot read header from boot partition", response); 165 return 0; 166 } 167 168 /* Check boot header magic string */ 169 res = android_image_check_header(hdr); 170 if (res != 0) { 171 error("bad boot image magic"); 172 fastboot_fail("boot partition not initialized", response); 173 return 0; 174 } 175 176 return hdr_sectors; 177 } 178 179 /** 180 * Write downloaded zImage to boot partition and repack it properly. 181 * 182 * @param dev_desc MMC device descriptor 183 * @param download_buffer Address to fastboot buffer with zImage in it 184 * @param download_bytes Size of fastboot buffer, in bytes 185 * 186 * @return 0 on success or -1 on error 187 */ 188 static int fb_mmc_update_zimage(struct blk_desc *dev_desc, 189 void *download_buffer, 190 unsigned int download_bytes, 191 char *response) 192 { 193 uintptr_t hdr_addr; /* boot image header address */ 194 struct andr_img_hdr *hdr; /* boot image header */ 195 lbaint_t hdr_sectors; /* boot image header sectors */ 196 u8 *ramdisk_buffer; 197 u32 ramdisk_sector_start; 198 u32 ramdisk_sectors; 199 u32 kernel_sector_start; 200 u32 kernel_sectors; 201 u32 sectors_per_page; 202 disk_partition_t info; 203 int res; 204 205 puts("Flashing zImage\n"); 206 207 /* Get boot partition info */ 208 res = part_get_info_by_name(dev_desc, BOOT_PARTITION_NAME, &info); 209 if (res < 0) { 210 error("cannot find boot partition"); 211 fastboot_fail("cannot find boot partition", response); 212 return -1; 213 } 214 215 /* Put boot image header in fastboot buffer after downloaded zImage */ 216 hdr_addr = (uintptr_t)download_buffer + ALIGN(download_bytes, PAGE_SIZE); 217 hdr = (struct andr_img_hdr *)hdr_addr; 218 219 /* Read boot image header */ 220 hdr_sectors = fb_mmc_get_boot_header(dev_desc, &info, hdr, response); 221 if (hdr_sectors == 0) { 222 error("unable to read boot image header"); 223 fastboot_fail("unable to read boot image header", response); 224 return -1; 225 } 226 227 /* Check if boot image has second stage in it (we don't support it) */ 228 if (hdr->second_size > 0) { 229 error("moving second stage is not supported yet"); 230 fastboot_fail("moving second stage is not supported yet", response); 231 return -1; 232 } 233 234 /* Extract ramdisk location */ 235 sectors_per_page = hdr->page_size / info.blksz; 236 ramdisk_sector_start = info.start + sectors_per_page; 237 ramdisk_sector_start += DIV_ROUND_UP(hdr->kernel_size, hdr->page_size) * 238 sectors_per_page; 239 ramdisk_sectors = DIV_ROUND_UP(hdr->ramdisk_size, hdr->page_size) * 240 sectors_per_page; 241 242 /* Read ramdisk and put it in fastboot buffer after boot image header */ 243 ramdisk_buffer = (u8 *)hdr + (hdr_sectors * info.blksz); 244 res = blk_dread(dev_desc, ramdisk_sector_start, ramdisk_sectors, 245 ramdisk_buffer); 246 if (res != ramdisk_sectors) { 247 error("cannot read ramdisk from boot partition"); 248 fastboot_fail("cannot read ramdisk from boot partition", response); 249 return -1; 250 } 251 252 /* Write new kernel size to boot image header */ 253 hdr->kernel_size = download_bytes; 254 res = blk_dwrite(dev_desc, info.start, hdr_sectors, (void *)hdr); 255 if (res == 0) { 256 error("cannot writeback boot image header"); 257 fastboot_fail("cannot write back boot image header", response); 258 return -1; 259 } 260 261 /* Write the new downloaded kernel */ 262 kernel_sector_start = info.start + sectors_per_page; 263 kernel_sectors = DIV_ROUND_UP(hdr->kernel_size, hdr->page_size) * 264 sectors_per_page; 265 res = blk_dwrite(dev_desc, kernel_sector_start, kernel_sectors, 266 download_buffer); 267 if (res == 0) { 268 error("cannot write new kernel"); 269 fastboot_fail("cannot write new kernel", response); 270 return -1; 271 } 272 273 /* Write the saved ramdisk back */ 274 ramdisk_sector_start = info.start + sectors_per_page; 275 ramdisk_sector_start += DIV_ROUND_UP(hdr->kernel_size, hdr->page_size) * 276 sectors_per_page; 277 res = blk_dwrite(dev_desc, ramdisk_sector_start, ramdisk_sectors, 278 ramdisk_buffer); 279 if (res == 0) { 280 error("cannot write back original ramdisk"); 281 fastboot_fail("cannot write back original ramdisk", response); 282 return -1; 283 } 284 285 puts("........ zImage was updated in boot partition\n"); 286 fastboot_okay("", response); 287 return 0; 288 } 289 #endif 290 291 void fb_mmc_flash_write(const char *cmd, void *download_buffer, 292 unsigned int download_bytes, char *response) 293 { 294 struct blk_desc *dev_desc; 295 disk_partition_t info; 296 #if CONFIG_IS_ENABLED(EFI_PARTITION) 297 u64 disksize = 0; 298 char reason[128] = {0}; 299 #endif 300 301 dev_desc = blk_get_dev("mmc", CONFIG_FASTBOOT_FLASH_MMC_DEV); 302 if (!dev_desc || dev_desc->type == DEV_TYPE_UNKNOWN) { 303 error("invalid mmc device\n"); 304 fastboot_fail("invalid mmc device", response); 305 return; 306 } 307 308 #if CONFIG_IS_ENABLED(EFI_PARTITION) 309 if (strcmp(cmd, CONFIG_FASTBOOT_GPT_NAME) == 0) { 310 printf("%s: updating MBR, Primary and Backup GPT(s)\n", 311 __func__); 312 if (is_valid_gpt_buf(dev_desc, download_buffer)) { 313 printf("%s: invalid GPT - refusing to write to flash\n", 314 __func__); 315 disksize = dev_desc->blksz * cpu_to_le64(dev_desc->lba); 316 snprintf(reason, ARRAY_SIZE(reason), 317 "%s - %s '%lld.%lld MiB')", 318 "invalid GPT partition", 319 "Actual Disk Size", 320 disksize/0x100000, 321 disksize%0x100000); 322 fastboot_fail(reason, response); 323 return; 324 } 325 if (write_mbr_and_gpt_partitions(dev_desc, download_buffer)) { 326 printf("%s: writing GPT partitions failed\n", __func__); 327 fastboot_fail( 328 "writing GPT partitions failed", response); 329 return; 330 } 331 printf("........ success\n"); 332 fastboot_okay("", response); 333 return; 334 } 335 #endif 336 337 #if CONFIG_IS_ENABLED(DOS_PARTITION) 338 if (strcmp(cmd, CONFIG_FASTBOOT_MBR_NAME) == 0) { 339 printf("%s: updating MBR\n", __func__); 340 if (is_valid_dos_buf(download_buffer)) { 341 printf("%s: invalid MBR - refusing to write to flash\n", 342 __func__); 343 fastboot_fail("invalid MBR partition", response); 344 return; 345 } 346 if (write_mbr_partition(dev_desc, download_buffer)) { 347 printf("%s: writing MBR partition failed\n", __func__); 348 fastboot_fail("writing MBR partition failed", response); 349 return; 350 } 351 printf("........ success\n"); 352 fastboot_okay("", response); 353 return; 354 } 355 #endif 356 357 #ifdef CONFIG_ANDROID_BOOT_IMAGE 358 if (strncasecmp(cmd, "zimage", 6) == 0) { 359 fb_mmc_update_zimage(dev_desc, download_buffer, download_bytes, response); 360 return; 361 } 362 #endif 363 364 if (part_get_info_by_name_or_alias(dev_desc, cmd, &info) < 0) { 365 error("cannot find partition: '%s'\n", cmd); 366 fastboot_fail("cannot find partition", response); 367 return; 368 } 369 370 if (is_sparse_image(download_buffer)) { 371 struct fb_mmc_sparse sparse_priv; 372 struct sparse_storage sparse; 373 374 sparse_priv.dev_desc = dev_desc; 375 376 sparse.blksz = info.blksz; 377 sparse.start = info.start; 378 sparse.size = info.size; 379 sparse.write = fb_mmc_sparse_write; 380 sparse.reserve = fb_mmc_sparse_reserve; 381 382 printf("Flashing sparse image at offset " LBAFU "\n", 383 sparse.start); 384 385 sparse.priv = &sparse_priv; 386 write_sparse_image(&sparse, cmd, download_buffer, 387 download_bytes, response); 388 } else { 389 write_raw_image(dev_desc, &info, cmd, download_buffer, 390 download_bytes, response); 391 } 392 } 393 394 void fb_mmc_erase(const char *cmd, char *response) 395 { 396 int ret; 397 struct blk_desc *dev_desc; 398 disk_partition_t info; 399 lbaint_t blks, blks_start, blks_size, grp_size; 400 struct mmc *mmc = find_mmc_device(CONFIG_FASTBOOT_FLASH_MMC_DEV); 401 402 if (mmc == NULL) { 403 error("invalid mmc device"); 404 fastboot_fail("invalid mmc device", response); 405 return; 406 } 407 408 dev_desc = blk_get_dev("mmc", CONFIG_FASTBOOT_FLASH_MMC_DEV); 409 if (!dev_desc || dev_desc->type == DEV_TYPE_UNKNOWN) { 410 error("invalid mmc device"); 411 fastboot_fail("invalid mmc device", response); 412 return; 413 } 414 415 ret = part_get_info_by_name_or_alias(dev_desc, cmd, &info); 416 if (ret < 0) { 417 error("cannot find partition: '%s'", cmd); 418 fastboot_fail("cannot find partition", response); 419 return; 420 } 421 422 /* Align blocks to erase group size to avoid erasing other partitions */ 423 grp_size = mmc->erase_grp_size; 424 blks_start = (info.start + grp_size - 1) & ~(grp_size - 1); 425 if (info.size >= grp_size) 426 blks_size = (info.size - (blks_start - info.start)) & 427 (~(grp_size - 1)); 428 else 429 blks_size = 0; 430 431 printf("Erasing blocks " LBAFU " to " LBAFU " due to alignment\n", 432 blks_start, blks_start + blks_size); 433 434 blks = fb_mmc_blk_write(dev_desc, blks_start, blks_size, NULL); 435 if (blks != blks_size) { 436 error("failed erasing from device %d", dev_desc->devnum); 437 fastboot_fail("failed erasing from device", response); 438 return; 439 } 440 441 printf("........ erased " LBAFU " bytes from '%s'\n", 442 blks_size * info.blksz, cmd); 443 fastboot_okay("", response); 444 } 445