1 /* 2 * Copyright 2014 Broadcom Corporation. 3 * 4 * SPDX-License-Identifier: GPL-2.0+ 5 */ 6 7 #include <config.h> 8 #include <common.h> 9 #include <blk.h> 10 #include <fastboot.h> 11 #include <fb_mmc.h> 12 #include <image-sparse.h> 13 #include <part.h> 14 #include <mmc.h> 15 #include <div64.h> 16 #include <linux/compat.h> 17 #include <android_image.h> 18 19 /* 20 * FIXME: Ensure we always set these names via Kconfig once xxx_PARTITION is 21 * migrated 22 */ 23 #ifndef CONFIG_FASTBOOT_GPT_NAME 24 #define CONFIG_FASTBOOT_GPT_NAME "gpt" 25 #endif 26 27 28 #ifndef CONFIG_FASTBOOT_MBR_NAME 29 #define CONFIG_FASTBOOT_MBR_NAME "mbr" 30 #endif 31 32 #define BOOT_PARTITION_NAME "boot" 33 #define FASTBOOT_MAX_BLK_WRITE 16384 34 static ulong timer; 35 36 struct fb_mmc_sparse { 37 struct blk_desc *dev_desc; 38 }; 39 40 static int part_get_info_by_name_or_alias(struct blk_desc *dev_desc, 41 const char *name, disk_partition_t *info) 42 { 43 int ret; 44 45 ret = part_get_info_by_name(dev_desc, name, info); 46 if (ret < 0) { 47 /* strlen("fastboot_partition_alias_") + 32(part_name) + 1 */ 48 char env_alias_name[25 + 32 + 1]; 49 char *aliased_part_name; 50 51 /* check for alias */ 52 strcpy(env_alias_name, "fastboot_partition_alias_"); 53 strncat(env_alias_name, name, 32); 54 aliased_part_name = env_get(env_alias_name); 55 if (aliased_part_name != NULL) 56 ret = part_get_info_by_name(dev_desc, 57 aliased_part_name, info); 58 } 59 return ret; 60 } 61 62 static lbaint_t fb_mmc_blk_write(struct blk_desc *block_dev, lbaint_t start, 63 lbaint_t blkcnt, const void *buffer) 64 { 65 lbaint_t blk = start; 66 lbaint_t blks_written; 67 lbaint_t cur_blkcnt; 68 lbaint_t blks = 0; 69 int i; 70 for (i = 0; i < blkcnt; i += FASTBOOT_MAX_BLK_WRITE) { 71 cur_blkcnt = min((int)blkcnt-i, FASTBOOT_MAX_BLK_WRITE); 72 if (buffer != NULL) { 73 timed_send_info(&timer, "writing"); 74 blks_written = blk_dwrite(block_dev, blk, cur_blkcnt, 75 buffer+(i*block_dev->blksz)); 76 } else { 77 timed_send_info(&timer, "erasing"); 78 blks_written = blk_derase(block_dev, blk, cur_blkcnt); 79 } 80 blk += blks_written; 81 blks += blks_written; 82 } 83 return blks; 84 } 85 86 static lbaint_t fb_mmc_sparse_write(struct sparse_storage *info, 87 lbaint_t blk, lbaint_t blkcnt, const void *buffer) 88 { 89 struct fb_mmc_sparse *sparse = info->priv; 90 struct blk_desc *dev_desc = sparse->dev_desc; 91 92 return fb_mmc_blk_write(dev_desc, blk, blkcnt, buffer); 93 } 94 95 static lbaint_t fb_mmc_sparse_reserve(struct sparse_storage *info, 96 lbaint_t blk, lbaint_t blkcnt) 97 { 98 return blkcnt; 99 } 100 101 static void write_raw_image(struct blk_desc *dev_desc, disk_partition_t *info, 102 const char *part_name, void *buffer, 103 unsigned int download_bytes, char *response) 104 { 105 lbaint_t blkcnt; 106 lbaint_t blks; 107 108 /* determine number of blocks to write */ 109 blkcnt = ((download_bytes + (info->blksz - 1)) & ~(info->blksz - 1)); 110 blkcnt = lldiv(blkcnt, info->blksz); 111 112 if (blkcnt > info->size) { 113 error("too large for partition: '%s'\n", part_name); 114 fastboot_fail("too large for partition", response); 115 return; 116 } 117 118 puts("Flashing Raw Image\n"); 119 120 blks = fb_mmc_blk_write(dev_desc, info->start, blkcnt, buffer); 121 if (blks != blkcnt) { 122 error("failed writing to device %d\n", dev_desc->devnum); 123 fastboot_fail("failed writing to device", response); 124 return; 125 } 126 127 printf("........ wrote " LBAFU " bytes to '%s'\n", blkcnt * info->blksz, 128 part_name); 129 fastboot_okay("", response); 130 } 131 132 #ifdef CONFIG_ANDROID_BOOT_IMAGE 133 /** 134 * Read Android boot image header from boot partition. 135 * 136 * @param[in] dev_desc MMC device descriptor 137 * @param[in] info Boot partition info 138 * @param[out] hdr Where to store read boot image header 139 * 140 * @return Boot image header sectors count or 0 on error 141 */ 142 static lbaint_t fb_mmc_get_boot_header(struct blk_desc *dev_desc, 143 disk_partition_t *info, 144 struct andr_img_hdr *hdr, 145 char *response) 146 { 147 ulong sector_size; /* boot partition sector size */ 148 lbaint_t hdr_sectors; /* boot image header sectors count */ 149 int res; 150 151 /* Calculate boot image sectors count */ 152 sector_size = info->blksz; 153 hdr_sectors = DIV_ROUND_UP(sizeof(struct andr_img_hdr), sector_size); 154 if (hdr_sectors == 0) { 155 error("invalid number of boot sectors: 0"); 156 fastboot_fail("invalid number of boot sectors: 0", response); 157 return 0; 158 } 159 160 /* Read the boot image header */ 161 res = blk_dread(dev_desc, info->start, hdr_sectors, (void *)hdr); 162 if (res != hdr_sectors) { 163 error("cannot read header from boot partition"); 164 fastboot_fail("cannot read header from boot partition", response); 165 return 0; 166 } 167 168 /* Check boot header magic string */ 169 res = android_image_check_header(hdr); 170 if (res != 0) { 171 error("bad boot image magic"); 172 fastboot_fail("boot partition not initialized", response); 173 return 0; 174 } 175 176 return hdr_sectors; 177 } 178 179 /** 180 * Write downloaded zImage to boot partition and repack it properly. 181 * 182 * @param dev_desc MMC device descriptor 183 * @param download_buffer Address to fastboot buffer with zImage in it 184 * @param download_bytes Size of fastboot buffer, in bytes 185 * 186 * @return 0 on success or -1 on error 187 */ 188 static int fb_mmc_update_zimage(struct blk_desc *dev_desc, 189 void *download_buffer, 190 unsigned int download_bytes, 191 char *response) 192 { 193 uintptr_t hdr_addr; /* boot image header address */ 194 struct andr_img_hdr *hdr; /* boot image header */ 195 lbaint_t hdr_sectors; /* boot image header sectors */ 196 u8 *ramdisk_buffer; 197 u32 ramdisk_sector_start; 198 u32 ramdisk_sectors; 199 u32 kernel_sector_start; 200 u32 kernel_sectors; 201 u32 sectors_per_page; 202 disk_partition_t info; 203 int res; 204 205 puts("Flashing zImage\n"); 206 207 /* Get boot partition info */ 208 res = part_get_info_by_name(dev_desc, BOOT_PARTITION_NAME, &info); 209 if (res < 0) { 210 error("cannot find boot partition"); 211 fastboot_fail("cannot find boot partition", response); 212 return -1; 213 } 214 215 /* Put boot image header in fastboot buffer after downloaded zImage */ 216 hdr_addr = (uintptr_t)download_buffer + ALIGN(download_bytes, PAGE_SIZE); 217 hdr = (struct andr_img_hdr *)hdr_addr; 218 219 /* Read boot image header */ 220 hdr_sectors = fb_mmc_get_boot_header(dev_desc, &info, hdr, response); 221 if (hdr_sectors == 0) { 222 error("unable to read boot image header"); 223 fastboot_fail("unable to read boot image header", response); 224 return -1; 225 } 226 227 /* Check if boot image has second stage in it (we don't support it) */ 228 if (hdr->second_size > 0) { 229 error("moving second stage is not supported yet"); 230 fastboot_fail("moving second stage is not supported yet", response); 231 return -1; 232 } 233 234 /* Extract ramdisk location */ 235 sectors_per_page = hdr->page_size / info.blksz; 236 ramdisk_sector_start = info.start + sectors_per_page; 237 ramdisk_sector_start += DIV_ROUND_UP(hdr->kernel_size, hdr->page_size) * 238 sectors_per_page; 239 ramdisk_sectors = DIV_ROUND_UP(hdr->ramdisk_size, hdr->page_size) * 240 sectors_per_page; 241 242 /* Read ramdisk and put it in fastboot buffer after boot image header */ 243 ramdisk_buffer = (u8 *)hdr + (hdr_sectors * info.blksz); 244 res = blk_dread(dev_desc, ramdisk_sector_start, ramdisk_sectors, 245 ramdisk_buffer); 246 if (res != ramdisk_sectors) { 247 error("cannot read ramdisk from boot partition"); 248 fastboot_fail("cannot read ramdisk from boot partition", response); 249 return -1; 250 } 251 252 /* Write new kernel size to boot image header */ 253 hdr->kernel_size = download_bytes; 254 res = blk_dwrite(dev_desc, info.start, hdr_sectors, (void *)hdr); 255 if (res == 0) { 256 error("cannot writeback boot image header"); 257 fastboot_fail("cannot write back boot image header", response); 258 return -1; 259 } 260 261 /* Write the new downloaded kernel */ 262 kernel_sector_start = info.start + sectors_per_page; 263 kernel_sectors = DIV_ROUND_UP(hdr->kernel_size, hdr->page_size) * 264 sectors_per_page; 265 res = blk_dwrite(dev_desc, kernel_sector_start, kernel_sectors, 266 download_buffer); 267 if (res == 0) { 268 error("cannot write new kernel"); 269 fastboot_fail("cannot write new kernel", response); 270 return -1; 271 } 272 273 /* Write the saved ramdisk back */ 274 ramdisk_sector_start = info.start + sectors_per_page; 275 ramdisk_sector_start += DIV_ROUND_UP(hdr->kernel_size, hdr->page_size) * 276 sectors_per_page; 277 res = blk_dwrite(dev_desc, ramdisk_sector_start, ramdisk_sectors, 278 ramdisk_buffer); 279 if (res == 0) { 280 error("cannot write back original ramdisk"); 281 fastboot_fail("cannot write back original ramdisk", response); 282 return -1; 283 } 284 285 puts("........ zImage was updated in boot partition\n"); 286 fastboot_okay("", response); 287 return 0; 288 } 289 #endif 290 291 void fb_mmc_flash_write(const char *cmd, void *download_buffer, 292 unsigned int download_bytes, char *response) 293 { 294 struct blk_desc *dev_desc; 295 disk_partition_t info; 296 297 dev_desc = blk_get_dev("mmc", CONFIG_FASTBOOT_FLASH_MMC_DEV); 298 if (!dev_desc || dev_desc->type == DEV_TYPE_UNKNOWN) { 299 error("invalid mmc device\n"); 300 fastboot_fail("invalid mmc device", response); 301 return; 302 } 303 304 #if CONFIG_IS_ENABLED(EFI_PARTITION) 305 if (strcmp(cmd, CONFIG_FASTBOOT_GPT_NAME) == 0) { 306 printf("%s: updating MBR, Primary and Backup GPT(s)\n", 307 __func__); 308 if (is_valid_gpt_buf(dev_desc, download_buffer)) { 309 printf("%s: invalid GPT - refusing to write to flash\n", 310 __func__); 311 fastboot_fail("invalid GPT partition", response); 312 return; 313 } 314 if (write_mbr_and_gpt_partitions(dev_desc, download_buffer)) { 315 printf("%s: writing GPT partitions failed\n", __func__); 316 fastboot_fail( 317 "writing GPT partitions failed", response); 318 return; 319 } 320 printf("........ success\n"); 321 fastboot_okay("", response); 322 return; 323 } 324 #endif 325 326 #if CONFIG_IS_ENABLED(DOS_PARTITION) 327 if (strcmp(cmd, CONFIG_FASTBOOT_MBR_NAME) == 0) { 328 printf("%s: updating MBR\n", __func__); 329 if (is_valid_dos_buf(download_buffer)) { 330 printf("%s: invalid MBR - refusing to write to flash\n", 331 __func__); 332 fastboot_fail("invalid MBR partition", response); 333 return; 334 } 335 if (write_mbr_partition(dev_desc, download_buffer)) { 336 printf("%s: writing MBR partition failed\n", __func__); 337 fastboot_fail("writing MBR partition failed", response); 338 return; 339 } 340 printf("........ success\n"); 341 fastboot_okay("", response); 342 return; 343 } 344 #endif 345 346 #ifdef CONFIG_ANDROID_BOOT_IMAGE 347 if (strncasecmp(cmd, "zimage", 6) == 0) { 348 fb_mmc_update_zimage(dev_desc, download_buffer, download_bytes, response); 349 return; 350 } 351 #endif 352 353 if (part_get_info_by_name_or_alias(dev_desc, cmd, &info) < 0) { 354 error("cannot find partition: '%s'\n", cmd); 355 fastboot_fail("cannot find partition", response); 356 return; 357 } 358 359 if (is_sparse_image(download_buffer)) { 360 struct fb_mmc_sparse sparse_priv; 361 struct sparse_storage sparse; 362 363 sparse_priv.dev_desc = dev_desc; 364 365 sparse.blksz = info.blksz; 366 sparse.start = info.start; 367 sparse.size = info.size; 368 sparse.write = fb_mmc_sparse_write; 369 sparse.reserve = fb_mmc_sparse_reserve; 370 371 printf("Flashing sparse image at offset " LBAFU "\n", 372 sparse.start); 373 374 sparse.priv = &sparse_priv; 375 write_sparse_image(&sparse, cmd, download_buffer, 376 download_bytes, response); 377 } else { 378 write_raw_image(dev_desc, &info, cmd, download_buffer, 379 download_bytes, response); 380 } 381 } 382 383 void fb_mmc_erase(const char *cmd, char *response) 384 { 385 int ret; 386 struct blk_desc *dev_desc; 387 disk_partition_t info; 388 lbaint_t blks, blks_start, blks_size, grp_size; 389 struct mmc *mmc = find_mmc_device(CONFIG_FASTBOOT_FLASH_MMC_DEV); 390 391 if (mmc == NULL) { 392 error("invalid mmc device"); 393 fastboot_fail("invalid mmc device", response); 394 return; 395 } 396 397 dev_desc = blk_get_dev("mmc", CONFIG_FASTBOOT_FLASH_MMC_DEV); 398 if (!dev_desc || dev_desc->type == DEV_TYPE_UNKNOWN) { 399 error("invalid mmc device"); 400 fastboot_fail("invalid mmc device", response); 401 return; 402 } 403 404 ret = part_get_info_by_name_or_alias(dev_desc, cmd, &info); 405 if (ret < 0) { 406 error("cannot find partition: '%s'", cmd); 407 fastboot_fail("cannot find partition", response); 408 return; 409 } 410 411 /* Align blocks to erase group size to avoid erasing other partitions */ 412 grp_size = mmc->erase_grp_size; 413 blks_start = (info.start + grp_size - 1) & ~(grp_size - 1); 414 if (info.size >= grp_size) 415 blks_size = (info.size - (blks_start - info.start)) & 416 (~(grp_size - 1)); 417 else 418 blks_size = 0; 419 420 printf("Erasing blocks " LBAFU " to " LBAFU " due to alignment\n", 421 blks_start, blks_start + blks_size); 422 423 blks = fb_mmc_blk_write(dev_desc, blks_start, blks_size, NULL); 424 if (blks != blks_size) { 425 error("failed erasing from device %d", dev_desc->devnum); 426 fastboot_fail("failed erasing from device", response); 427 return; 428 } 429 430 printf("........ erased " LBAFU " bytes from '%s'\n", 431 blks_size * info.blksz, cmd); 432 fastboot_okay("", response); 433 } 434