1 /* 2 * Copyright 2014 Broadcom Corporation. 3 * 4 * SPDX-License-Identifier: GPL-2.0+ 5 */ 6 7 #include <config.h> 8 #include <common.h> 9 #include <blk.h> 10 #include <fastboot.h> 11 #include <fb_mmc.h> 12 #include <image-sparse.h> 13 #include <part.h> 14 #include <mmc.h> 15 #include <div64.h> 16 #include <linux/compat.h> 17 #include <android_image.h> 18 19 /* 20 * FIXME: Ensure we always set these names via Kconfig once xxx_PARTITION is 21 * migrated 22 */ 23 #ifndef CONFIG_FASTBOOT_GPT_NAME 24 #define CONFIG_FASTBOOT_GPT_NAME "gpt" 25 #endif 26 27 28 #ifndef CONFIG_FASTBOOT_MBR_NAME 29 #define CONFIG_FASTBOOT_MBR_NAME "mbr" 30 #endif 31 32 #define BOOT_PARTITION_NAME "boot" 33 #define FASTBOOT_MAX_BLK_WRITE 16384 34 static ulong timer; 35 36 struct fb_mmc_sparse { 37 struct blk_desc *dev_desc; 38 }; 39 40 static int part_get_info_by_name_or_alias(struct blk_desc *dev_desc, 41 const char *name, disk_partition_t *info) 42 { 43 int ret; 44 45 ret = part_get_info_by_name(dev_desc, name, info); 46 if (ret < 0) { 47 /* strlen("fastboot_partition_alias_") + 32(part_name) + 1 */ 48 char env_alias_name[25 + 32 + 1]; 49 char *aliased_part_name; 50 51 /* check for alias */ 52 strcpy(env_alias_name, "fastboot_partition_alias_"); 53 strncat(env_alias_name, name, 32); 54 aliased_part_name = env_get(env_alias_name); 55 if (aliased_part_name != NULL) 56 ret = part_get_info_by_name(dev_desc, 57 aliased_part_name, info); 58 } 59 return ret; 60 } 61 62 static lbaint_t fb_mmc_blk_write(struct blk_desc *block_dev, lbaint_t start, 63 lbaint_t blkcnt, const void *buffer) 64 { 65 lbaint_t blk = start; 66 lbaint_t blks_written; 67 lbaint_t cur_blkcnt; 68 lbaint_t blks = 0; 69 int i; 70 for (i = 0; i < blkcnt; i += FASTBOOT_MAX_BLK_WRITE) { 71 cur_blkcnt = min((int)blkcnt-i, FASTBOOT_MAX_BLK_WRITE); 72 if (buffer != NULL) { 73 timed_send_info(&timer, "writing"); 74 blks_written = blk_dwrite(block_dev, blk, cur_blkcnt, 75 buffer+(i*block_dev->blksz)); 76 } else { 77 timed_send_info(&timer, "erasing"); 78 blks_written = blk_derase(block_dev, blk, cur_blkcnt); 79 } 80 blk += blks_written; 81 blks += blks_written; 82 } 83 return blks; 84 } 85 86 static lbaint_t fb_mmc_sparse_write(struct sparse_storage *info, 87 lbaint_t blk, lbaint_t blkcnt, const void *buffer) 88 { 89 struct fb_mmc_sparse *sparse = info->priv; 90 struct blk_desc *dev_desc = sparse->dev_desc; 91 92 return fb_mmc_blk_write(dev_desc, blk, blkcnt, buffer); 93 } 94 95 static lbaint_t fb_mmc_sparse_reserve(struct sparse_storage *info, 96 lbaint_t blk, lbaint_t blkcnt) 97 { 98 return blkcnt; 99 } 100 101 static void write_raw_image(struct blk_desc *dev_desc, disk_partition_t *info, 102 const char *part_name, void *buffer, 103 unsigned int download_bytes, char *response) 104 { 105 lbaint_t blkcnt; 106 lbaint_t blks; 107 108 /* determine number of blocks to write */ 109 blkcnt = ((download_bytes + (info->blksz - 1)) & ~(info->blksz - 1)); 110 blkcnt = lldiv(blkcnt, info->blksz); 111 112 if (blkcnt > info->size) { 113 error("too large for partition: '%s'\n", part_name); 114 fastboot_fail("too large for partition", response); 115 return; 116 } 117 118 puts("Flashing Raw Image\n"); 119 120 blks = fb_mmc_blk_write(dev_desc, info->start, blkcnt, buffer); 121 if (blks != blkcnt) { 122 error("failed writing to device %d\n", dev_desc->devnum); 123 fastboot_fail("failed writing to device", response); 124 return; 125 } 126 127 printf("........ wrote " LBAFU " bytes to '%s'\n", blkcnt * info->blksz, 128 part_name); 129 fastboot_okay("", response); 130 } 131 132 #ifdef CONFIG_ANDROID_BOOT_IMAGE 133 /** 134 * Read Android boot image header from boot partition. 135 * 136 * @param[in] dev_desc MMC device descriptor 137 * @param[in] info Boot partition info 138 * @param[out] hdr Where to store read boot image header 139 * 140 * @return Boot image header sectors count or 0 on error 141 */ 142 static lbaint_t fb_mmc_get_boot_header(struct blk_desc *dev_desc, 143 disk_partition_t *info, 144 struct andr_img_hdr *hdr) 145 { 146 ulong sector_size; /* boot partition sector size */ 147 lbaint_t hdr_sectors; /* boot image header sectors count */ 148 int res; 149 150 /* Calculate boot image sectors count */ 151 sector_size = info->blksz; 152 hdr_sectors = DIV_ROUND_UP(sizeof(struct andr_img_hdr), sector_size); 153 if (hdr_sectors == 0) { 154 error("invalid number of boot sectors: 0"); 155 fastboot_fail("invalid number of boot sectors: 0"); 156 return 0; 157 } 158 159 /* Read the boot image header */ 160 res = blk_dread(dev_desc, info->start, hdr_sectors, (void *)hdr); 161 if (res != hdr_sectors) { 162 error("cannot read header from boot partition"); 163 fastboot_fail("cannot read header from boot partition"); 164 return 0; 165 } 166 167 /* Check boot header magic string */ 168 res = android_image_check_header(hdr); 169 if (res != 0) { 170 error("bad boot image magic"); 171 fastboot_fail("boot partition not initialized"); 172 return 0; 173 } 174 175 return hdr_sectors; 176 } 177 178 /** 179 * Write downloaded zImage to boot partition and repack it properly. 180 * 181 * @param dev_desc MMC device descriptor 182 * @param download_buffer Address to fastboot buffer with zImage in it 183 * @param download_bytes Size of fastboot buffer, in bytes 184 * 185 * @return 0 on success or -1 on error 186 */ 187 static int fb_mmc_update_zimage(struct blk_desc *dev_desc, 188 void *download_buffer, 189 unsigned int download_bytes) 190 { 191 uintptr_t hdr_addr; /* boot image header address */ 192 struct andr_img_hdr *hdr; /* boot image header */ 193 lbaint_t hdr_sectors; /* boot image header sectors */ 194 u8 *ramdisk_buffer; 195 u32 ramdisk_sector_start; 196 u32 ramdisk_sectors; 197 u32 kernel_sector_start; 198 u32 kernel_sectors; 199 u32 sectors_per_page; 200 disk_partition_t info; 201 int res; 202 203 puts("Flashing zImage\n"); 204 205 /* Get boot partition info */ 206 res = part_get_info_by_name(dev_desc, BOOT_PARTITION_NAME, &info); 207 if (res < 0) { 208 error("cannot find boot partition"); 209 fastboot_fail("cannot find boot partition"); 210 return -1; 211 } 212 213 /* Put boot image header in fastboot buffer after downloaded zImage */ 214 hdr_addr = (uintptr_t)download_buffer + ALIGN(download_bytes, PAGE_SIZE); 215 hdr = (struct andr_img_hdr *)hdr_addr; 216 217 /* Read boot image header */ 218 hdr_sectors = fb_mmc_get_boot_header(dev_desc, &info, hdr); 219 if (hdr_sectors == 0) { 220 error("unable to read boot image header"); 221 fastboot_fail("unable to read boot image header"); 222 return -1; 223 } 224 225 /* Check if boot image has second stage in it (we don't support it) */ 226 if (hdr->second_size > 0) { 227 error("moving second stage is not supported yet"); 228 fastboot_fail("moving second stage is not supported yet"); 229 return -1; 230 } 231 232 /* Extract ramdisk location */ 233 sectors_per_page = hdr->page_size / info.blksz; 234 ramdisk_sector_start = info.start + sectors_per_page; 235 ramdisk_sector_start += DIV_ROUND_UP(hdr->kernel_size, hdr->page_size) * 236 sectors_per_page; 237 ramdisk_sectors = DIV_ROUND_UP(hdr->ramdisk_size, hdr->page_size) * 238 sectors_per_page; 239 240 /* Read ramdisk and put it in fastboot buffer after boot image header */ 241 ramdisk_buffer = (u8 *)hdr + (hdr_sectors * info.blksz); 242 res = blk_dread(dev_desc, ramdisk_sector_start, ramdisk_sectors, 243 ramdisk_buffer); 244 if (res != ramdisk_sectors) { 245 error("cannot read ramdisk from boot partition"); 246 fastboot_fail("cannot read ramdisk from boot partition"); 247 return -1; 248 } 249 250 /* Write new kernel size to boot image header */ 251 hdr->kernel_size = download_bytes; 252 res = blk_dwrite(dev_desc, info.start, hdr_sectors, (void *)hdr); 253 if (res == 0) { 254 error("cannot writeback boot image header"); 255 fastboot_fail("cannot write back boot image header"); 256 return -1; 257 } 258 259 /* Write the new downloaded kernel */ 260 kernel_sector_start = info.start + sectors_per_page; 261 kernel_sectors = DIV_ROUND_UP(hdr->kernel_size, hdr->page_size) * 262 sectors_per_page; 263 res = blk_dwrite(dev_desc, kernel_sector_start, kernel_sectors, 264 download_buffer); 265 if (res == 0) { 266 error("cannot write new kernel"); 267 fastboot_fail("cannot write new kernel"); 268 return -1; 269 } 270 271 /* Write the saved ramdisk back */ 272 ramdisk_sector_start = info.start + sectors_per_page; 273 ramdisk_sector_start += DIV_ROUND_UP(hdr->kernel_size, hdr->page_size) * 274 sectors_per_page; 275 res = blk_dwrite(dev_desc, ramdisk_sector_start, ramdisk_sectors, 276 ramdisk_buffer); 277 if (res == 0) { 278 error("cannot write back original ramdisk"); 279 fastboot_fail("cannot write back original ramdisk"); 280 return -1; 281 } 282 283 puts("........ zImage was updated in boot partition\n"); 284 fastboot_okay(""); 285 return 0; 286 } 287 #endif 288 289 void fb_mmc_flash_write(const char *cmd, void *download_buffer, 290 unsigned int download_bytes, char *response) 291 { 292 struct blk_desc *dev_desc; 293 disk_partition_t info; 294 295 dev_desc = blk_get_dev("mmc", CONFIG_FASTBOOT_FLASH_MMC_DEV); 296 if (!dev_desc || dev_desc->type == DEV_TYPE_UNKNOWN) { 297 error("invalid mmc device\n"); 298 fastboot_fail("invalid mmc device", response); 299 return; 300 } 301 302 #if CONFIG_IS_ENABLED(EFI_PARTITION) 303 if (strcmp(cmd, CONFIG_FASTBOOT_GPT_NAME) == 0) { 304 printf("%s: updating MBR, Primary and Backup GPT(s)\n", 305 __func__); 306 if (is_valid_gpt_buf(dev_desc, download_buffer)) { 307 printf("%s: invalid GPT - refusing to write to flash\n", 308 __func__); 309 fastboot_fail("invalid GPT partition", response); 310 return; 311 } 312 if (write_mbr_and_gpt_partitions(dev_desc, download_buffer)) { 313 printf("%s: writing GPT partitions failed\n", __func__); 314 fastboot_fail( 315 "writing GPT partitions failed", response); 316 return; 317 } 318 printf("........ success\n"); 319 fastboot_okay("", response); 320 return; 321 } 322 #endif 323 324 #if CONFIG_IS_ENABLED(DOS_PARTITION) 325 if (strcmp(cmd, CONFIG_FASTBOOT_MBR_NAME) == 0) { 326 printf("%s: updating MBR\n", __func__); 327 if (is_valid_dos_buf(download_buffer)) { 328 printf("%s: invalid MBR - refusing to write to flash\n", 329 __func__); 330 fastboot_fail("invalid MBR partition"); 331 return; 332 } 333 if (write_mbr_partition(dev_desc, download_buffer)) { 334 printf("%s: writing MBR partition failed\n", __func__); 335 fastboot_fail("writing MBR partition failed"); 336 return; 337 } 338 printf("........ success\n"); 339 fastboot_okay(""); 340 return; 341 } 342 #endif 343 344 #ifdef CONFIG_ANDROID_BOOT_IMAGE 345 if (strncasecmp(cmd, "zimage", 6) == 0) { 346 fb_mmc_update_zimage(dev_desc, download_buffer, download_bytes); 347 return; 348 } 349 #endif 350 351 if (part_get_info_by_name_or_alias(dev_desc, cmd, &info) < 0) { 352 error("cannot find partition: '%s'\n", cmd); 353 fastboot_fail("cannot find partition", response); 354 return; 355 } 356 357 if (is_sparse_image(download_buffer)) { 358 struct fb_mmc_sparse sparse_priv; 359 struct sparse_storage sparse; 360 361 sparse_priv.dev_desc = dev_desc; 362 363 sparse.blksz = info.blksz; 364 sparse.start = info.start; 365 sparse.size = info.size; 366 sparse.write = fb_mmc_sparse_write; 367 sparse.reserve = fb_mmc_sparse_reserve; 368 369 printf("Flashing sparse image at offset " LBAFU "\n", 370 sparse.start); 371 372 sparse.priv = &sparse_priv; 373 write_sparse_image(&sparse, cmd, download_buffer, 374 download_bytes, response); 375 } else { 376 write_raw_image(dev_desc, &info, cmd, download_buffer, 377 download_bytes, response); 378 } 379 } 380 381 void fb_mmc_erase(const char *cmd, char *response) 382 { 383 int ret; 384 struct blk_desc *dev_desc; 385 disk_partition_t info; 386 lbaint_t blks, blks_start, blks_size, grp_size; 387 struct mmc *mmc = find_mmc_device(CONFIG_FASTBOOT_FLASH_MMC_DEV); 388 389 if (mmc == NULL) { 390 error("invalid mmc device"); 391 fastboot_fail("invalid mmc device", response); 392 return; 393 } 394 395 dev_desc = blk_get_dev("mmc", CONFIG_FASTBOOT_FLASH_MMC_DEV); 396 if (!dev_desc || dev_desc->type == DEV_TYPE_UNKNOWN) { 397 error("invalid mmc device"); 398 fastboot_fail("invalid mmc device", response); 399 return; 400 } 401 402 ret = part_get_info_by_name_or_alias(dev_desc, cmd, &info); 403 if (ret < 0) { 404 error("cannot find partition: '%s'", cmd); 405 fastboot_fail("cannot find partition", response); 406 return; 407 } 408 409 /* Align blocks to erase group size to avoid erasing other partitions */ 410 grp_size = mmc->erase_grp_size; 411 blks_start = (info.start + grp_size - 1) & ~(grp_size - 1); 412 if (info.size >= grp_size) 413 blks_size = (info.size - (blks_start - info.start)) & 414 (~(grp_size - 1)); 415 else 416 blks_size = 0; 417 418 printf("Erasing blocks " LBAFU " to " LBAFU " due to alignment\n", 419 blks_start, blks_start + blks_size); 420 421 blks = fb_mmc_blk_write(dev_desc, blks_start, blks_size, NULL); 422 if (blks != blks_size) { 423 error("failed erasing from device %d", dev_desc->devnum); 424 fastboot_fail("failed erasing from device", response); 425 return; 426 } 427 428 printf("........ erased " LBAFU " bytes from '%s'\n", 429 blks_size * info.blksz, cmd); 430 fastboot_okay("", response); 431 } 432