1 /* 2 * (C) Copyright 2008 - 2009 3 * Windriver, <www.windriver.com> 4 * Tom Rix <Tom.Rix@windriver.com> 5 * 6 * Copyright 2011 Sebastian Andrzej Siewior <bigeasy@linutronix.de> 7 * 8 * Copyright 2014 Linaro, Ltd. 9 * Rob Herring <robh@kernel.org> 10 * 11 * SPDX-License-Identifier: GPL-2.0+ 12 */ 13 #include <config.h> 14 #include <common.h> 15 #include <console.h> 16 #include <errno.h> 17 #include <fastboot.h> 18 #include <malloc.h> 19 #include <linux/usb/ch9.h> 20 #include <linux/usb/gadget.h> 21 #include <linux/usb/composite.h> 22 #include <linux/compiler.h> 23 #include <u-boot/sha256.h> 24 #include <version.h> 25 #include <g_dnl.h> 26 #include <fs.h> 27 #include <android_avb/avb_ops_user.h> 28 #include <android_avb/rk_avb_ops_user.h> 29 #include <dm/uclass.h> 30 #include <power/fuel_gauge.h> 31 #ifdef CONFIG_FASTBOOT_FLASH_MMC_DEV 32 #include <fb_mmc.h> 33 #endif 34 #ifdef CONFIG_FASTBOOT_FLASH_NAND_DEV 35 #include <fb_nand.h> 36 #endif 37 #ifdef CONFIG_OPTEE_CLIENT 38 #include <optee_include/OpteeClientInterface.h> 39 #endif 40 #include <boot_rkimg.h> 41 #include <optee_include/tee_client_api.h> 42 #ifdef CONFIG_FASTBOOT_OEM_UNLOCK 43 #include <keymaster.h> 44 #endif 45 46 #define FASTBOOT_VERSION "0.4" 47 48 #define FASTBOOT_INTERFACE_CLASS 0xff 49 #define FASTBOOT_INTERFACE_SUB_CLASS 0x42 50 #define FASTBOOT_INTERFACE_PROTOCOL 0x03 51 52 #define RX_ENDPOINT_MAXIMUM_PACKET_SIZE_2_0 (0x0200) 53 #define RX_ENDPOINT_MAXIMUM_PACKET_SIZE_1_1 (0x0040) 54 #define TX_ENDPOINT_MAXIMUM_PACKET_SIZE (0x0040) 55 56 #define EP_BUFFER_SIZE 4096 57 #define SLEEP_COUNT 20000 58 #define MAX_PART_NUM_STR_SIZE 4 59 #define PARTITION_TYPE_STRINGS "partition-type" 60 61 /* 62 * EP_BUFFER_SIZE must always be an integral multiple of maxpacket size 63 * (64 or 512 or 1024), else we break on certain controllers like DWC3 64 * that expect bulk OUT requests to be divisible by maxpacket size. 65 */ 66 67 struct f_fastboot { 68 struct usb_function usb_function; 69 70 /* IN/OUT EP's and corresponding requests */ 71 struct usb_ep *in_ep, *out_ep; 72 struct usb_request *in_req, *out_req; 73 }; 74 75 static inline struct f_fastboot *func_to_fastboot(struct usb_function *f) 76 { 77 return container_of(f, struct f_fastboot, usb_function); 78 } 79 80 static struct f_fastboot *fastboot_func; 81 static unsigned int download_size; 82 static unsigned int download_bytes; 83 static unsigned int upload_size; 84 static unsigned int upload_bytes; 85 static bool start_upload; 86 static unsigned intthread_wakeup_needed; 87 88 static struct usb_endpoint_descriptor fs_ep_in = { 89 .bLength = USB_DT_ENDPOINT_SIZE, 90 .bDescriptorType = USB_DT_ENDPOINT, 91 .bEndpointAddress = USB_DIR_IN, 92 .bmAttributes = USB_ENDPOINT_XFER_BULK, 93 .wMaxPacketSize = cpu_to_le16(64), 94 }; 95 96 static struct usb_endpoint_descriptor fs_ep_out = { 97 .bLength = USB_DT_ENDPOINT_SIZE, 98 .bDescriptorType = USB_DT_ENDPOINT, 99 .bEndpointAddress = USB_DIR_OUT, 100 .bmAttributes = USB_ENDPOINT_XFER_BULK, 101 .wMaxPacketSize = cpu_to_le16(64), 102 }; 103 104 static struct usb_endpoint_descriptor hs_ep_in = { 105 .bLength = USB_DT_ENDPOINT_SIZE, 106 .bDescriptorType = USB_DT_ENDPOINT, 107 .bEndpointAddress = USB_DIR_IN, 108 .bmAttributes = USB_ENDPOINT_XFER_BULK, 109 .wMaxPacketSize = cpu_to_le16(512), 110 }; 111 112 static struct usb_endpoint_descriptor hs_ep_out = { 113 .bLength = USB_DT_ENDPOINT_SIZE, 114 .bDescriptorType = USB_DT_ENDPOINT, 115 .bEndpointAddress = USB_DIR_OUT, 116 .bmAttributes = USB_ENDPOINT_XFER_BULK, 117 .wMaxPacketSize = cpu_to_le16(512), 118 }; 119 120 static struct usb_endpoint_descriptor ss_ep_in = { 121 .bLength = USB_DT_ENDPOINT_SIZE, 122 .bDescriptorType = USB_DT_ENDPOINT, 123 .bEndpointAddress = USB_DIR_IN, 124 .bmAttributes = USB_ENDPOINT_XFER_BULK, 125 .wMaxPacketSize = cpu_to_le16(1024), 126 }; 127 128 static struct usb_ss_ep_comp_descriptor ss_ep_in_comp_desc = { 129 .bLength = sizeof(ss_ep_in_comp_desc), 130 .bDescriptorType = USB_DT_SS_ENDPOINT_COMP, 131 /* .bMaxBurst = DYNAMIC, */ 132 }; 133 134 static struct usb_endpoint_descriptor ss_ep_out = { 135 .bLength = USB_DT_ENDPOINT_SIZE, 136 .bDescriptorType = USB_DT_ENDPOINT, 137 .bEndpointAddress = USB_DIR_OUT, 138 .bmAttributes = USB_ENDPOINT_XFER_BULK, 139 .wMaxPacketSize = cpu_to_le16(1024), 140 }; 141 142 static struct usb_ss_ep_comp_descriptor ss_ep_out_comp_desc = { 143 .bLength = sizeof(ss_ep_out_comp_desc), 144 .bDescriptorType = USB_DT_SS_ENDPOINT_COMP, 145 /* .bMaxBurst = DYNAMIC, */ 146 }; 147 148 static struct usb_interface_descriptor interface_desc = { 149 .bLength = USB_DT_INTERFACE_SIZE, 150 .bDescriptorType = USB_DT_INTERFACE, 151 .bInterfaceNumber = 0x00, 152 .bAlternateSetting = 0x00, 153 .bNumEndpoints = 0x02, 154 .bInterfaceClass = FASTBOOT_INTERFACE_CLASS, 155 .bInterfaceSubClass = FASTBOOT_INTERFACE_SUB_CLASS, 156 .bInterfaceProtocol = FASTBOOT_INTERFACE_PROTOCOL, 157 }; 158 159 static struct usb_descriptor_header *fb_fs_function[] = { 160 (struct usb_descriptor_header *)&interface_desc, 161 (struct usb_descriptor_header *)&fs_ep_in, 162 (struct usb_descriptor_header *)&fs_ep_out, 163 }; 164 165 static struct usb_descriptor_header *fb_hs_function[] = { 166 (struct usb_descriptor_header *)&interface_desc, 167 (struct usb_descriptor_header *)&hs_ep_in, 168 (struct usb_descriptor_header *)&hs_ep_out, 169 NULL, 170 }; 171 172 static struct usb_descriptor_header *fb_ss_function[] = { 173 (struct usb_descriptor_header *)&interface_desc, 174 (struct usb_descriptor_header *)&ss_ep_in, 175 (struct usb_descriptor_header *)&ss_ep_in_comp_desc, 176 (struct usb_descriptor_header *)&ss_ep_out, 177 (struct usb_descriptor_header *)&ss_ep_out_comp_desc, 178 NULL, 179 }; 180 181 static struct usb_endpoint_descriptor * 182 fb_ep_desc(struct usb_gadget *g, struct usb_endpoint_descriptor *fs, 183 struct usb_endpoint_descriptor *hs, 184 struct usb_endpoint_descriptor *ss, 185 struct usb_ss_ep_comp_descriptor *comp_desc, 186 struct usb_ep *ep) 187 { 188 struct usb_endpoint_descriptor *speed_desc = NULL; 189 190 /* select desired speed */ 191 switch (g->speed) { 192 case USB_SPEED_SUPER: 193 if (gadget_is_superspeed(g)) { 194 speed_desc = ss; 195 ep->comp_desc = comp_desc; 196 break; 197 } 198 /* else: Fall trough */ 199 case USB_SPEED_HIGH: 200 if (gadget_is_dualspeed(g)) { 201 speed_desc = hs; 202 break; 203 } 204 /* else: fall through */ 205 default: 206 speed_desc = fs; 207 } 208 209 return speed_desc; 210 } 211 212 /* 213 * static strings, in UTF-8 214 */ 215 static const char fastboot_name[] = "Android Fastboot"; 216 217 static struct usb_string fastboot_string_defs[] = { 218 [0].s = fastboot_name, 219 { } /* end of list */ 220 }; 221 222 static struct usb_gadget_strings stringtab_fastboot = { 223 .language = 0x0409, /* en-us */ 224 .strings = fastboot_string_defs, 225 }; 226 227 static struct usb_gadget_strings *fastboot_strings[] = { 228 &stringtab_fastboot, 229 NULL, 230 }; 231 232 static void rx_handler_command(struct usb_ep *ep, struct usb_request *req); 233 static int strcmp_l1(const char *s1, const char *s2); 234 static void wakeup_thread(void) 235 { 236 intthread_wakeup_needed = false; 237 } 238 239 static void busy_indicator(void) 240 { 241 static int state; 242 243 switch (state) { 244 case 0: 245 puts("\r|"); break; 246 case 1: 247 puts("\r/"); break; 248 case 2: 249 puts("\r-"); break; 250 case 3: 251 puts("\r\\"); break; 252 case 4: 253 puts("\r|"); break; 254 case 5: 255 puts("\r/"); break; 256 case 6: 257 puts("\r-"); break; 258 case 7: 259 puts("\r\\"); break; 260 default: 261 state = 0; 262 } 263 if (state++ == 8) 264 state = 0; 265 } 266 267 static int fb_get_fstype(const char *ifname, const int part_num, 268 const char **fs_type) 269 { 270 char part_num_str[MAX_PART_NUM_STR_SIZE] = {0}; 271 272 snprintf(part_num_str, ARRAY_SIZE(part_num_str), ":%x", part_num); 273 274 if (fs_set_blk_dev(ifname, part_num_str, FS_TYPE_ANY)) 275 return -1; 276 277 if (fs_get_fstype(fs_type)) 278 return -1; 279 280 return 0; 281 } 282 283 static int sleep_thread(void) 284 { 285 int rc = 0; 286 int i = 0, k = 0; 287 288 /* Wait until a signal arrives or we are woken up */ 289 for (;;) { 290 if (!intthread_wakeup_needed) 291 break; 292 293 if (++i == SLEEP_COUNT) { 294 busy_indicator(); 295 i = 0; 296 k++; 297 } 298 299 if (k == 10) { 300 /* Handle CTRL+C */ 301 if (ctrlc()) 302 return -EPIPE; 303 304 /* Check cable connection */ 305 if (!g_dnl_board_usb_cable_connected()) 306 return -EIO; 307 308 k = 0; 309 } 310 311 usb_gadget_handle_interrupts(0); 312 } 313 intthread_wakeup_needed = true; 314 return rc; 315 } 316 317 static void fastboot_complete(struct usb_ep *ep, struct usb_request *req) 318 { 319 int status = req->status; 320 321 wakeup_thread(); 322 if (!status) 323 return; 324 printf("status: %d ep '%s' trans: %d\n", status, ep->name, req->actual); 325 } 326 327 static int fastboot_bind(struct usb_configuration *c, struct usb_function *f) 328 { 329 int id; 330 struct usb_gadget *gadget = c->cdev->gadget; 331 struct f_fastboot *f_fb = func_to_fastboot(f); 332 const char *s; 333 334 /* DYNAMIC interface numbers assignments */ 335 id = usb_interface_id(c, f); 336 if (id < 0) 337 return id; 338 interface_desc.bInterfaceNumber = id; 339 340 id = usb_string_id(c->cdev); 341 if (id < 0) 342 return id; 343 fastboot_string_defs[0].id = id; 344 interface_desc.iInterface = id; 345 346 f_fb->in_ep = usb_ep_autoconfig(gadget, &fs_ep_in); 347 if (!f_fb->in_ep) 348 return -ENODEV; 349 f_fb->in_ep->driver_data = c->cdev; 350 351 f_fb->out_ep = usb_ep_autoconfig(gadget, &fs_ep_out); 352 if (!f_fb->out_ep) 353 return -ENODEV; 354 f_fb->out_ep->driver_data = c->cdev; 355 356 f->descriptors = fb_fs_function; 357 358 if (gadget_is_dualspeed(gadget)) { 359 /* Assume endpoint addresses are the same for both speeds */ 360 hs_ep_in.bEndpointAddress = fs_ep_in.bEndpointAddress; 361 hs_ep_out.bEndpointAddress = fs_ep_out.bEndpointAddress; 362 /* copy HS descriptors */ 363 f->hs_descriptors = fb_hs_function; 364 } 365 366 if (gadget_is_superspeed(gadget)) { 367 /* Assume endpoint addresses are the same as full speed */ 368 ss_ep_in.bEndpointAddress = fs_ep_in.bEndpointAddress; 369 ss_ep_out.bEndpointAddress = fs_ep_out.bEndpointAddress; 370 /* copy SS descriptors */ 371 f->ss_descriptors = fb_ss_function; 372 } 373 374 s = env_get("serial#"); 375 if (s) 376 g_dnl_set_serialnumber((char *)s); 377 378 return 0; 379 } 380 381 static void fastboot_unbind(struct usb_configuration *c, struct usb_function *f) 382 { 383 memset(fastboot_func, 0, sizeof(*fastboot_func)); 384 } 385 386 static void fastboot_disable(struct usb_function *f) 387 { 388 struct f_fastboot *f_fb = func_to_fastboot(f); 389 390 usb_ep_disable(f_fb->out_ep); 391 usb_ep_disable(f_fb->in_ep); 392 393 if (f_fb->out_req) { 394 free(f_fb->out_req->buf); 395 usb_ep_free_request(f_fb->out_ep, f_fb->out_req); 396 f_fb->out_req = NULL; 397 } 398 if (f_fb->in_req) { 399 free(f_fb->in_req->buf); 400 usb_ep_free_request(f_fb->in_ep, f_fb->in_req); 401 f_fb->in_req = NULL; 402 } 403 } 404 405 static struct usb_request *fastboot_start_ep(struct usb_ep *ep) 406 { 407 struct usb_request *req; 408 409 req = usb_ep_alloc_request(ep, 0); 410 if (!req) 411 return NULL; 412 413 req->length = EP_BUFFER_SIZE; 414 req->buf = memalign(CONFIG_SYS_CACHELINE_SIZE, EP_BUFFER_SIZE); 415 if (!req->buf) { 416 usb_ep_free_request(ep, req); 417 return NULL; 418 } 419 420 memset(req->buf, 0, req->length); 421 return req; 422 } 423 424 static int fastboot_set_alt(struct usb_function *f, 425 unsigned interface, unsigned alt) 426 { 427 int ret; 428 struct usb_composite_dev *cdev = f->config->cdev; 429 struct usb_gadget *gadget = cdev->gadget; 430 struct f_fastboot *f_fb = func_to_fastboot(f); 431 const struct usb_endpoint_descriptor *d; 432 433 debug("%s: func: %s intf: %d alt: %d\n", 434 __func__, f->name, interface, alt); 435 436 d = fb_ep_desc(gadget, &fs_ep_out, &hs_ep_out, &ss_ep_out, 437 &ss_ep_out_comp_desc, f_fb->out_ep); 438 ret = usb_ep_enable(f_fb->out_ep, d); 439 if (ret) { 440 puts("failed to enable out ep\n"); 441 return ret; 442 } 443 444 f_fb->out_req = fastboot_start_ep(f_fb->out_ep); 445 if (!f_fb->out_req) { 446 puts("failed to alloc out req\n"); 447 ret = -EINVAL; 448 goto err; 449 } 450 f_fb->out_req->complete = rx_handler_command; 451 452 d = fb_ep_desc(gadget, &fs_ep_in, &hs_ep_in, &ss_ep_in, 453 &ss_ep_in_comp_desc, f_fb->in_ep); 454 ret = usb_ep_enable(f_fb->in_ep, d); 455 if (ret) { 456 puts("failed to enable in ep\n"); 457 goto err; 458 } 459 460 f_fb->in_req = fastboot_start_ep(f_fb->in_ep); 461 if (!f_fb->in_req) { 462 puts("failed alloc req in\n"); 463 ret = -EINVAL; 464 goto err; 465 } 466 f_fb->in_req->complete = fastboot_complete; 467 468 ret = usb_ep_queue(f_fb->out_ep, f_fb->out_req, 0); 469 if (ret) 470 goto err; 471 472 return 0; 473 err: 474 fastboot_disable(f); 475 return ret; 476 } 477 478 static int fastboot_add(struct usb_configuration *c) 479 { 480 struct f_fastboot *f_fb = fastboot_func; 481 int status; 482 483 debug("%s: cdev: 0x%p\n", __func__, c->cdev); 484 485 if (!f_fb) { 486 f_fb = memalign(CONFIG_SYS_CACHELINE_SIZE, sizeof(*f_fb)); 487 if (!f_fb) 488 return -ENOMEM; 489 490 fastboot_func = f_fb; 491 memset(f_fb, 0, sizeof(*f_fb)); 492 } 493 494 f_fb->usb_function.name = "f_fastboot"; 495 f_fb->usb_function.bind = fastboot_bind; 496 f_fb->usb_function.unbind = fastboot_unbind; 497 f_fb->usb_function.set_alt = fastboot_set_alt; 498 f_fb->usb_function.disable = fastboot_disable; 499 f_fb->usb_function.strings = fastboot_strings; 500 501 status = usb_add_function(c, &f_fb->usb_function); 502 if (status) { 503 free(f_fb); 504 fastboot_func = f_fb; 505 } 506 507 return status; 508 } 509 DECLARE_GADGET_BIND_CALLBACK(usb_dnl_fastboot, fastboot_add); 510 511 static int fastboot_tx_write(const char *buffer, unsigned int buffer_size) 512 { 513 struct usb_request *in_req = fastboot_func->in_req; 514 int ret; 515 516 memcpy(in_req->buf, buffer, buffer_size); 517 in_req->length = buffer_size; 518 519 usb_ep_dequeue(fastboot_func->in_ep, in_req); 520 521 ret = usb_ep_queue(fastboot_func->in_ep, in_req, 0); 522 if (ret) 523 printf("Error %d on queue\n", ret); 524 return 0; 525 } 526 527 static int fastboot_tx_write_str(const char *buffer) 528 { 529 int ret; 530 531 ret = sleep_thread(); 532 if (ret < 0) 533 printf("warning: 0x%x, usb transmission is abnormal!\n", ret); 534 535 return fastboot_tx_write(buffer, strlen(buffer)); 536 } 537 538 static void compl_do_reset(struct usb_ep *ep, struct usb_request *req) 539 { 540 do_reset(NULL, 0, 0, NULL); 541 } 542 543 int __weak fb_set_reboot_flag(void) 544 { 545 return -ENOSYS; 546 } 547 548 static void cb_reboot(struct usb_ep *ep, struct usb_request *req) 549 { 550 char *cmd = req->buf; 551 if (!strcmp_l1("reboot-bootloader", cmd)) { 552 if (fb_set_reboot_flag()) { 553 fastboot_tx_write_str("FAILCannot set reboot flag"); 554 return; 555 } 556 } 557 fastboot_func->in_req->complete = compl_do_reset; 558 fastboot_tx_write_str("OKAY"); 559 } 560 561 static int strcmp_l1(const char *s1, const char *s2) 562 { 563 if (!s1 || !s2) 564 return -1; 565 return strncmp(s1, s2, strlen(s1)); 566 } 567 568 struct name_string { 569 const char *str; 570 int expects_args; 571 char delim; 572 }; 573 574 #define NAME_NO_ARGS(s) {.str = s, .expects_args = 0} 575 #define NAME_ARGS(s, d) {.str = s, .expects_args = 1, .delim = d} 576 577 static size_t name_check_match(const char *str, size_t len, 578 const struct name_string *name) 579 { 580 size_t str_len = strlen(name->str); 581 582 /* If name len is greater than input, return 0. */ 583 if (str_len > len) 584 return 0; 585 586 /* If name str does not match input string, return 0. */ 587 if (memcmp(name->str, str, str_len)) 588 return 0; 589 590 if (name->expects_args) { 591 /* string should have space for delim */ 592 if (len == str_len) 593 return 0; 594 595 /* Check delim match */ 596 if (name->delim != str[str_len]) 597 return 0; 598 } else { 599 /* Name str len should match input len */ 600 if (str_len != len) 601 return 0; 602 } 603 604 return str_len + name->expects_args; 605 } 606 607 static void fb_add_string(char *dst, size_t chars_left, 608 const char *str, const char *args) 609 { 610 if (!str) 611 return; 612 613 int ret = snprintf(dst, chars_left, str, args); 614 615 if (ret < 0) 616 pr_err("snprintf is error!"); 617 } 618 619 static void fb_add_number(char *dst, size_t chars_left, 620 const char *format, size_t num) 621 { 622 if (!format) 623 return; 624 625 int ret = snprintf(dst, chars_left, format, num); 626 627 if (ret > chars_left) 628 pr_err("snprintf is error!"); 629 } 630 631 static int fb_read_var(char *cmd, char *response, 632 fb_getvar_t var, size_t chars_left) 633 { 634 const char *s; 635 int ret = 0; 636 637 switch (var) { 638 case FB_VERSION: 639 fb_add_string(response, chars_left, FASTBOOT_VERSION, NULL); 640 break; 641 case FB_BOOTLOADER_VERSION: 642 fb_add_string(response, chars_left, U_BOOT_VERSION, NULL); 643 break; 644 case FB_BASEBAND_VERSION: 645 fb_add_string(response, chars_left, "N/A", NULL); 646 break; 647 case FB_PRODUCT: 648 fb_add_string(response, chars_left, CONFIG_SYS_BOARD, NULL); 649 break; 650 case FB_SERIAL_NO: 651 s = env_get("serial#"); 652 if (s) 653 fb_add_string(response, chars_left, s, NULL); 654 else 655 ret = -1; 656 break; 657 case FB_SECURE: 658 fb_add_string(response, chars_left, "yes", NULL); 659 break; 660 case FB_VARIANT: 661 fb_add_string(response, chars_left, "userdebug", NULL); 662 break; 663 case FB_DWNLD_SIZE: 664 fb_add_number(response, chars_left, "0x%08x", 665 CONFIG_FASTBOOT_BUF_SIZE); 666 break; 667 case FB_PART_SIZE: 668 case FB_PART_TYPE: { 669 char *part_name = cmd; 670 671 cmd = strsep(&part_name, ":"); 672 if (!cmd || !part_name) { 673 fb_add_string(response, chars_left, 674 "argument Invalid!", NULL); 675 ret = -1; 676 break; 677 } 678 679 #ifdef CONFIG_FASTBOOT_FLASH_MMC_DEV 680 disk_partition_t part_info; 681 struct blk_desc *dev_desc; 682 int part_num = -1; 683 const char *fs_type = NULL; 684 685 #ifdef CONFIG_RKIMG_BOOTLOADER 686 dev_desc = rockchip_get_bootdev(); 687 #else 688 dev_desc = NULL; 689 #endif 690 if (!dev_desc) { 691 fb_add_string(response, chars_left, 692 "block device not found", NULL); 693 ret = -1; 694 break; 695 } 696 697 part_num = part_get_info_by_name(dev_desc, part_name, 698 &part_info); 699 if (part_num < 0) { 700 fb_add_string(response, chars_left, 701 "partition not found", NULL); 702 ret = -1; 703 } else if (!strncmp(PARTITION_TYPE_STRINGS, cmd, 704 strlen(PARTITION_TYPE_STRINGS))) { 705 if (fb_get_fstype("mmc", part_num, &fs_type)) { 706 fb_add_string(response, chars_left, 707 (char *)part_info.type, NULL); 708 } else { 709 fb_add_string(response, chars_left, 710 fs_type, NULL); 711 } 712 } else if (!strncmp("partition-size", cmd, 14)) { 713 u64 part_size; 714 715 part_size = (uint64_t)part_info.size; 716 snprintf(response, chars_left, "0x%llx", 717 part_size * dev_desc->blksz); 718 } 719 #else 720 fb_add_string(response, chars_left, "not implemented", NULL); 721 ret = -1; 722 #endif 723 break; 724 } 725 case FB_BLK_SIZE: { 726 #ifdef CONFIG_FASTBOOT_FLASH_MMC_DEV 727 struct blk_desc *dev_desc; 728 729 #ifdef CONFIG_RKIMG_BOOTLOADER 730 dev_desc = rockchip_get_bootdev(); 731 #else 732 dev_desc = NULL; 733 #endif 734 if (!dev_desc) { 735 fb_add_string(response, chars_left, 736 "block device not found", NULL); 737 ret = -1; 738 } else { 739 fb_add_number(response, chars_left, 740 "0x%lx", dev_desc->blksz); 741 } 742 #else 743 fb_add_string(response, chars_left, "not implemented", NULL); 744 ret = -1; 745 #endif 746 break; 747 } 748 case FB_ERASE_SIZE: { 749 #ifdef CONFIG_FASTBOOT_FLASH_MMC_DEV 750 lbaint_t erase_grp_size; 751 752 erase_grp_size = fb_mmc_get_erase_grp_size(); 753 if (erase_grp_size < 0) { 754 fb_add_string(response, chars_left, 755 "block device not found", NULL); 756 ret = -1; 757 } else { 758 fb_add_number(response, chars_left, "0x"LBAF"", 759 erase_grp_size); 760 } 761 #else 762 fb_add_string(response, chars_left, "not implemented", NULL); 763 ret = -1; 764 #endif 765 break; 766 } 767 case FB_UNLOCKED: { 768 #ifdef CONFIG_RK_AVB_LIBAVB_USER 769 uint8_t flash_lock_state = 0; 770 771 if (rk_avb_read_flash_lock_state(&flash_lock_state)) 772 fb_add_string(response, chars_left, "yes", NULL); 773 else 774 fb_add_string(response, chars_left, "no", NULL); 775 #else 776 fb_add_string(response, chars_left, "not implemented", NULL); 777 ret = -1; 778 #endif 779 break; 780 } 781 case FB_OFF_MODE_CHARGE: { 782 fb_add_string(response, chars_left, "not implemented", NULL); 783 break; 784 } 785 case FB_BATT_VOLTAGE: { 786 fb_add_string(response, chars_left, "not implemented", NULL); 787 break; 788 } 789 case FB_BATT_SOC_OK: { 790 fb_add_string(response, chars_left, "no", NULL); 791 break; 792 } 793 #ifdef CONFIG_RK_AVB_LIBAVB_USER 794 case FB_HAS_COUNT: { 795 char slot_count[2]; 796 char temp; 797 798 slot_count[1] = '\0'; 799 if (rk_avb_read_slot_count(&temp) < 0) { 800 fb_add_number(response, chars_left, "%d", 0); 801 ret = -1; 802 break; 803 } 804 slot_count[0] = temp + 0x30; 805 fb_add_string(response, chars_left, slot_count, NULL); 806 break; 807 } 808 case FB_HAS_SLOT: { 809 char *part_name = cmd; 810 int has_slot = -1; 811 812 cmd = strsep(&part_name, ":"); 813 if (!cmd || !part_name) { 814 fb_add_string(response, chars_left, 815 "argument Invalid!", NULL); 816 ret = -1; 817 break; 818 } 819 820 has_slot = rk_avb_get_part_has_slot_info(part_name); 821 if (has_slot < 0) 822 fb_add_string(response, chars_left, "no", NULL); 823 else 824 fb_add_string(response, chars_left, "yes", NULL); 825 break; 826 } 827 case FB_CURR_SLOT: { 828 char slot_surrent[8] = {0}; 829 830 if (!rk_avb_get_current_slot(slot_surrent)) { 831 fb_add_string(response, chars_left, 832 slot_surrent + 1, NULL); 833 } else { 834 fb_add_string(response, chars_left, "get error", NULL); 835 ret = -1; 836 } 837 break; 838 } 839 case FB_SLOT_SUFFIXES: { 840 char slot_suffixes_temp[4] = {0}; 841 char slot_suffixes[9] = {0}; 842 int slot_cnt = 0; 843 844 rk_avb_read_slot_suffixes(slot_suffixes_temp); 845 while (slot_suffixes_temp[slot_cnt] != '\0') { 846 slot_suffixes[slot_cnt * 2] 847 = slot_suffixes_temp[slot_cnt]; 848 slot_suffixes[slot_cnt * 2 + 1] = ','; 849 slot_cnt++; 850 } 851 852 slot_suffixes[(slot_cnt - 1) * 2 + 1] = '\0'; 853 fb_add_string(response, chars_left, slot_suffixes, NULL); 854 break; 855 } 856 case FB_SLOT_SUCCESSFUL:{ 857 char *slot_name = cmd; 858 AvbABData ab_info; 859 860 cmd = strsep(&slot_name, ":"); 861 if (!cmd || !slot_name) { 862 fb_add_string(response, chars_left, 863 "argument Invalid!", NULL); 864 ret = -1; 865 break; 866 } 867 868 if (rk_avb_get_ab_info(&ab_info) < 0) { 869 fb_add_string(response, chars_left, 870 "get ab info failed!", NULL); 871 ret = -1; 872 break; 873 } 874 875 if (!strcmp(slot_name, "a")) { 876 if (ab_info.slots[0].successful_boot) 877 fb_add_string(response, chars_left, 878 "yes", NULL); 879 else 880 fb_add_string(response, chars_left, 881 "no", NULL); 882 } else if (!strcmp(slot_name, "b")) { 883 if (ab_info.slots[1].successful_boot) 884 fb_add_string(response, chars_left, 885 "yes", NULL); 886 else 887 fb_add_string(response, chars_left, 888 "no", NULL); 889 } else { 890 fb_add_string(response, chars_left, "no", NULL); 891 } 892 break; 893 } 894 case FB_SLOT_UNBOOTABLE: { 895 char *slot_name = cmd; 896 AvbABData ab_info; 897 898 cmd = strsep(&slot_name, ":"); 899 900 if (!cmd || !slot_name) { 901 fb_add_string(response, chars_left, 902 "argument Invalid!", NULL); 903 ret = -1; 904 break; 905 } 906 907 if (rk_avb_get_ab_info(&ab_info) < 0) { 908 fb_add_string(response, chars_left, 909 "get ab info failed!", NULL); 910 ret = -1; 911 break; 912 } 913 914 if (!strcmp(slot_name, "a")) { 915 if (!ab_info.slots[0].successful_boot && 916 !ab_info.slots[0].tries_remaining && 917 !ab_info.slots[0].priority) 918 fb_add_string(response, chars_left, 919 "yes", NULL); 920 else 921 fb_add_string(response, chars_left, "no", NULL); 922 } else if (!strcmp(slot_name, "b")) { 923 if (!ab_info.slots[1].successful_boot && 924 !ab_info.slots[1].tries_remaining && 925 !ab_info.slots[1].priority) 926 fb_add_string(response, chars_left, 927 "yes", NULL); 928 else 929 fb_add_string(response, chars_left, "no", NULL); 930 } else { 931 fb_add_string(response, chars_left, "no", NULL); 932 } 933 break; 934 } 935 case FB_SLOT_RETRY_COUNT: { 936 char *slot_name = cmd; 937 AvbABData ab_info; 938 939 cmd = strsep(&slot_name, ":"); 940 if (!cmd || !slot_name) { 941 fb_add_string(response, chars_left, 942 "argument Invalid!", NULL); 943 ret = -1; 944 break; 945 } 946 947 if (rk_avb_get_ab_info(&ab_info) < 0) { 948 fb_add_string(response, chars_left, 949 "get ab info failed!", NULL); 950 ret = -1; 951 break; 952 } 953 954 if (!strcmp(slot_name, "a")) { 955 fb_add_number(response, chars_left, 956 "%d", ab_info.slots[0].tries_remaining); 957 } else if (!strcmp(slot_name, "b")) { 958 fb_add_number(response, chars_left, "%d", 959 ab_info.slots[1].tries_remaining); 960 961 } else { 962 strcpy(response, "FAILno"); 963 } 964 break; 965 } 966 case FB_AT_VBST: { 967 char vbst[VBOOT_STATE_SIZE] = {0}; 968 char *p_vbst; 969 970 strcpy(response, "INFO"); 971 rk_avb_get_at_vboot_state(vbst); 972 p_vbst = vbst; 973 do { 974 cmd = strsep(&p_vbst, "\n"); 975 if (strlen(cmd) > 0) { 976 memcpy(&response[4], cmd, chars_left); 977 fastboot_tx_write_str(response); 978 } 979 } while (strlen(cmd)); 980 break; 981 } 982 #endif 983 #ifdef CONFIG_OPTEE_CLIENT 984 case FB_AT_DH: { 985 char dhbuf[ATTEST_DH_SIZE]; 986 uint32_t dh_len = ATTEST_DH_SIZE; 987 uint32_t res = trusty_attest_dh((uint8_t *)dhbuf, &dh_len); 988 989 if (res) { 990 fb_add_string(response, chars_left, "dh not set", NULL); 991 ret = -1; 992 } else { 993 fb_add_string(response, chars_left, dhbuf, NULL); 994 } 995 break; 996 } 997 case FB_AT_UUID: { 998 char uuid[ATTEST_UUID_SIZE] = {0}; 999 uint32_t uuid_len = ATTEST_UUID_SIZE; 1000 uint32_t res = trusty_attest_uuid((uint8_t *)uuid, &uuid_len); 1001 1002 uuid[ATTEST_UUID_SIZE - 1] = 0; 1003 if (res) { 1004 fb_add_string(response, chars_left, "dh not set", NULL); 1005 ret = -1; 1006 } else { 1007 fb_add_string(response, chars_left, uuid, NULL); 1008 } 1009 break; 1010 } 1011 #endif 1012 default: { 1013 char *envstr; 1014 1015 envstr = malloc(strlen("fastboot.") + strlen(cmd) + 1); 1016 if (!envstr) { 1017 fb_add_string(response, chars_left, 1018 "malloc error", NULL); 1019 ret = -1; 1020 break; 1021 } 1022 1023 sprintf(envstr, "fastboot.%s", cmd); 1024 s = env_get(envstr); 1025 if (s) { 1026 strncat(response, s, chars_left); 1027 } else { 1028 printf("WARNING: unknown variable: %s\n", cmd); 1029 fb_add_string(response, chars_left, 1030 "not implemented", NULL); 1031 } 1032 1033 free(envstr); 1034 break; 1035 } 1036 } 1037 1038 return ret; 1039 } 1040 1041 static const struct { 1042 /* 1043 *any changes to this array require an update to the corresponding 1044 *enum in fastboot.h 1045 */ 1046 struct name_string name; 1047 fb_getvar_t var; 1048 } getvar_table[] = { 1049 { NAME_NO_ARGS("version"), FB_VERSION}, 1050 { NAME_NO_ARGS("version-bootloader"), FB_BOOTLOADER_VERSION}, 1051 { NAME_NO_ARGS("version-baseband"), FB_BASEBAND_VERSION}, 1052 { NAME_NO_ARGS("product"), FB_PRODUCT}, 1053 { NAME_NO_ARGS("serialno"), FB_SERIAL_NO}, 1054 { NAME_NO_ARGS("secure"), FB_SECURE}, 1055 { NAME_NO_ARGS("max-download-size"), FB_DWNLD_SIZE}, 1056 { NAME_NO_ARGS("logical-block-size"), FB_BLK_SIZE}, 1057 { NAME_NO_ARGS("erase-block-size"), FB_ERASE_SIZE}, 1058 { NAME_ARGS("partition-type", ':'), FB_PART_TYPE}, 1059 { NAME_ARGS("partition-size", ':'), FB_PART_SIZE}, 1060 { NAME_NO_ARGS("unlocked"), FB_UNLOCKED}, 1061 { NAME_NO_ARGS("off-mode-charge"), FB_OFF_MODE_CHARGE}, 1062 { NAME_NO_ARGS("battery-voltage"), FB_BATT_VOLTAGE}, 1063 { NAME_NO_ARGS("variant"), FB_VARIANT}, 1064 { NAME_NO_ARGS("battery-soc-ok"), FB_BATT_SOC_OK}, 1065 #ifdef CONFIG_RK_AVB_LIBAVB_USER 1066 /* Slots related */ 1067 { NAME_NO_ARGS("slot-count"), FB_HAS_COUNT}, 1068 { NAME_ARGS("has-slot", ':'), FB_HAS_SLOT}, 1069 { NAME_NO_ARGS("current-slot"), FB_CURR_SLOT}, 1070 { NAME_NO_ARGS("slot-suffixes"), FB_SLOT_SUFFIXES}, 1071 { NAME_ARGS("slot-successful", ':'), FB_SLOT_SUCCESSFUL}, 1072 { NAME_ARGS("slot-unbootable", ':'), FB_SLOT_UNBOOTABLE}, 1073 { NAME_ARGS("slot-retry-count", ':'), FB_SLOT_RETRY_COUNT}, 1074 { NAME_NO_ARGS("at-vboot-state"), FB_AT_VBST}, 1075 #endif 1076 /* 1077 * OEM specific : 1078 * Spec says names starting with lowercase letter are reserved. 1079 */ 1080 #ifdef CONFIG_OPTEE_CLIENT 1081 { NAME_NO_ARGS("at-attest-dh"), FB_AT_DH}, 1082 { NAME_NO_ARGS("at-attest-uuid"), FB_AT_UUID}, 1083 #endif 1084 }; 1085 1086 static int fb_getvar_single(char *cmd, char *response, size_t chars_left) 1087 { 1088 int i; 1089 size_t match_len = 0; 1090 size_t len = strlen(cmd); 1091 1092 for (i = 0; i < ARRAY_SIZE(getvar_table); i++) { 1093 match_len = name_check_match(cmd, len, &getvar_table[i].name); 1094 if (match_len) 1095 break; 1096 } 1097 1098 if (match_len == 0) { 1099 fb_add_string(response, chars_left, "unknown variable", NULL); 1100 return -1; 1101 } 1102 1103 if (fb_read_var(cmd, response, getvar_table[i].var, chars_left) < 0) 1104 return -1; 1105 1106 return 0; 1107 } 1108 1109 static void fb_getvar_all(void) 1110 { 1111 char response[FASTBOOT_RESPONSE_LEN] = {0}; 1112 char resp_tmp[FASTBOOT_RESPONSE_LEN] = {0}; 1113 char *actual_resp; 1114 size_t chars_left; 1115 int i, p; 1116 disk_partition_t part_info; 1117 struct blk_desc *dev_desc; 1118 1119 strcpy(response, "INFO"); 1120 chars_left = sizeof(response) - strlen(response) - 1; 1121 actual_resp = response + strlen(response); 1122 1123 for (i = 0; i < ARRAY_SIZE(getvar_table); i++) { 1124 fb_getvar_t var = getvar_table[i].var; 1125 1126 switch (var) { 1127 case FB_PART_TYPE: 1128 case FB_PART_SIZE: { 1129 const char *fs_type = NULL; 1130 #ifdef CONFIG_RKIMG_BOOTLOADER 1131 dev_desc = rockchip_get_bootdev(); 1132 #else 1133 dev_desc = NULL; 1134 #endif 1135 if (!dev_desc) { 1136 fb_add_string(actual_resp, chars_left, 1137 "%s:block device not found", 1138 getvar_table[i].name.str); 1139 fastboot_tx_write_str(response); 1140 break; 1141 } 1142 1143 for (p = 1; p <= MAX_SEARCH_PARTITIONS; p++) { 1144 if (part_get_info(dev_desc, p, 1145 &part_info) < 0) { 1146 break; 1147 } 1148 1149 if (var == FB_PART_TYPE) { 1150 fs_type = NULL; 1151 if (fb_get_fstype("mmc", p, 1152 &fs_type)) { 1153 fb_add_string( 1154 resp_tmp, 1155 FASTBOOT_RESPONSE_LEN, 1156 (char *)part_info.type, 1157 NULL); 1158 } else { 1159 fb_add_string( 1160 resp_tmp, 1161 FASTBOOT_RESPONSE_LEN, 1162 fs_type, 1163 NULL); 1164 } 1165 1166 snprintf(actual_resp, 1167 chars_left, 1168 "%s:%s:%s", 1169 getvar_table[i].name.str, 1170 part_info.name, 1171 resp_tmp); 1172 } else { 1173 uint64_t part_size; 1174 1175 part_size = (uint64_t)part_info.size; 1176 snprintf(actual_resp, 1177 chars_left, 1178 "%s:%s:0x%llx", 1179 getvar_table[i].name.str, 1180 part_info.name, 1181 part_size * dev_desc->blksz); 1182 } 1183 fastboot_tx_write_str(response); 1184 } 1185 break; 1186 } 1187 #ifdef CONFIG_RK_AVB_LIBAVB_USER 1188 case FB_HAS_SLOT: { 1189 uchar *ptr_name_tmp; 1190 char c = '_'; 1191 int has_slot = -1; 1192 1193 #ifdef CONFIG_RKIMG_BOOTLOADER 1194 dev_desc = rockchip_get_bootdev(); 1195 #else 1196 dev_desc = NULL; 1197 #endif 1198 if (!dev_desc) { 1199 fb_add_string(actual_resp, chars_left, 1200 "%s:block device not found", 1201 getvar_table[i].name.str); 1202 fastboot_tx_write_str(response); 1203 break; 1204 } 1205 1206 for (p = 1; p <= MAX_SEARCH_PARTITIONS; p++) { 1207 if (part_get_info(dev_desc, p, 1208 &part_info) < 0) { 1209 break; 1210 } else { 1211 ptr_name_tmp = (uchar *)strrchr( 1212 (char *)part_info.name, c); 1213 if (ptr_name_tmp && 1214 part_info.name[ptr_name_tmp - 1215 part_info.name + 2] == '\0') 1216 fb_add_string( 1217 resp_tmp, 1218 ptr_name_tmp - 1219 part_info.name + 1, 1220 (char *)part_info.name, 1221 NULL); 1222 else 1223 strcpy(resp_tmp, 1224 (char *)part_info.name); 1225 1226 has_slot = rk_avb_get_part_has_slot_info( 1227 resp_tmp); 1228 if (has_slot < 0) { 1229 snprintf(actual_resp, 1230 chars_left, 1231 "%s:%s:no", 1232 getvar_table[i].name.str, 1233 resp_tmp); 1234 } else { 1235 snprintf(actual_resp, 1236 chars_left, 1237 "%s:%s:yes", 1238 getvar_table[i].name.str, 1239 resp_tmp); 1240 p++; 1241 } 1242 1243 fastboot_tx_write_str(response); 1244 } 1245 } 1246 break; 1247 } 1248 1249 case FB_SLOT_SUCCESSFUL: { 1250 #ifdef CONFIG_RK_AVB_LIBAVB_USER 1251 AvbABData ab_info; 1252 1253 if (rk_avb_get_ab_info(&ab_info) < 0) { 1254 fb_add_string(actual_resp, 1255 chars_left, 1256 "%s:get ab info failed!", 1257 getvar_table[i].name.str); 1258 fastboot_tx_write_str(response); 1259 break; 1260 } 1261 1262 if (ab_info.slots[0].successful_boot) 1263 fb_add_string(actual_resp, chars_left, 1264 "%s:a:yes", 1265 getvar_table[i].name.str); 1266 else 1267 fb_add_string(actual_resp, chars_left, 1268 "%s:a:no", 1269 getvar_table[i].name.str); 1270 fastboot_tx_write_str(response); 1271 1272 if (ab_info.slots[1].successful_boot) 1273 fb_add_string(actual_resp, chars_left, 1274 "%s:b:yes", 1275 getvar_table[i].name.str); 1276 else 1277 fb_add_string(actual_resp, chars_left, 1278 "%s:b:no", 1279 getvar_table[i].name.str); 1280 fastboot_tx_write_str(response); 1281 #else 1282 fb_add_string(actual_resp, chars_left, 1283 "%s:not find ab info!", 1284 getvar_table[i].name.str); 1285 fastboot_tx_write_str(response); 1286 #endif 1287 break; 1288 } 1289 1290 case FB_SLOT_UNBOOTABLE: { 1291 #ifdef CONFIG_RK_AVB_LIBAVB_USER 1292 AvbABData ab_info; 1293 1294 if (rk_avb_get_ab_info(&ab_info) < 0) { 1295 fb_add_string(actual_resp, chars_left, 1296 "%s:not find ab info!", 1297 getvar_table[i].name.str); 1298 fastboot_tx_write_str(response); 1299 break; 1300 } 1301 1302 if (!ab_info.slots[0].successful_boot && 1303 !ab_info.slots[0].tries_remaining && 1304 !ab_info.slots[0].priority) 1305 fb_add_string(actual_resp, chars_left, 1306 "%s:a:yes", 1307 getvar_table[i].name.str); 1308 else 1309 fb_add_string(actual_resp, chars_left, 1310 "%s:a:no", 1311 getvar_table[i].name.str); 1312 fastboot_tx_write_str(response); 1313 1314 if (!ab_info.slots[1].successful_boot && 1315 !ab_info.slots[1].tries_remaining && 1316 !ab_info.slots[1].priority) 1317 fb_add_string(actual_resp, chars_left, 1318 "%s:b:yes", 1319 getvar_table[i].name.str); 1320 else 1321 fb_add_string(actual_resp, chars_left, 1322 "%s:b:no", 1323 getvar_table[i].name.str); 1324 1325 fastboot_tx_write_str(response); 1326 #else 1327 fb_add_string(actual_resp, chars_left, 1328 "%s:not find ab info!", 1329 getvar_table[i].name.str); 1330 fastboot_tx_write_str(response); 1331 #endif 1332 break; 1333 } 1334 1335 case FB_SLOT_RETRY_COUNT: { 1336 #ifdef CONFIG_RK_AVB_LIBAVB_USER 1337 AvbABData ab_info; 1338 1339 if (rk_avb_get_ab_info(&ab_info) < 0) { 1340 fb_add_string(actual_resp, chars_left, 1341 "%s:not find ab info!", 1342 getvar_table[i].name.str); 1343 fastboot_tx_write_str(response); 1344 break; 1345 } 1346 1347 snprintf(actual_resp, chars_left, "%s:a:%d", 1348 getvar_table[i].name.str, 1349 ab_info.slots[1].tries_remaining); 1350 fastboot_tx_write_str(response); 1351 snprintf(actual_resp, chars_left, "%s:b:%d", 1352 getvar_table[i].name.str, 1353 ab_info.slots[1].tries_remaining); 1354 fastboot_tx_write_str(response); 1355 #else 1356 fb_add_string(actual_resp, chars_left, 1357 "%s:not find ab info!", 1358 getvar_table[i].name.str); 1359 fastboot_tx_write_str(response); 1360 #endif 1361 break; 1362 } 1363 #endif 1364 #ifdef CONFIG_RK_AVB_LIBAVB_USER 1365 case FB_AT_VBST: 1366 break; 1367 #endif 1368 default: 1369 fb_getvar_single((char *)getvar_table[i].name.str, 1370 resp_tmp, FASTBOOT_RESPONSE_LEN); 1371 snprintf(actual_resp, chars_left, "%s:%s", 1372 getvar_table[i].name.str, resp_tmp); 1373 fastboot_tx_write_str(response); 1374 } 1375 } 1376 } 1377 1378 static void cb_getvar(struct usb_ep *ep, struct usb_request *req) 1379 { 1380 char *cmd = req->buf; 1381 char response[FASTBOOT_RESPONSE_LEN] = {0}; 1382 const char *str_read_all = "all"; 1383 size_t len = 0; 1384 size_t chars_left; 1385 1386 strsep(&cmd, ":"); 1387 if (!cmd) { 1388 pr_err("missing variable"); 1389 fastboot_tx_write_str("FAILmissing var"); 1390 return; 1391 } 1392 1393 len = strlen(cmd); 1394 if (len == strlen(str_read_all) && 1395 (strncmp(cmd, str_read_all, len) == 0)) { 1396 fb_getvar_all(); 1397 fastboot_tx_write_str("OKAYDone!"); 1398 } else { 1399 strcpy(response, "OKAY"); 1400 chars_left = sizeof(response) - strlen(response) - 1; 1401 1402 if (fb_getvar_single(cmd, &response[strlen(response)], 1403 chars_left) < 0) { 1404 strcpy(cmd, "FAILunknown variable"); 1405 strncat(cmd, &response[strlen(response)], chars_left); 1406 fastboot_tx_write_str(cmd); 1407 return; 1408 } 1409 fastboot_tx_write_str(response); 1410 } 1411 1412 return; 1413 } 1414 1415 static unsigned int rx_bytes_expected(struct usb_ep *ep) 1416 { 1417 int rx_remain = download_size - download_bytes; 1418 unsigned int rem; 1419 unsigned int maxpacket = ep->maxpacket; 1420 1421 if (rx_remain <= 0) 1422 return 0; 1423 else if (rx_remain > EP_BUFFER_SIZE) 1424 return EP_BUFFER_SIZE; 1425 1426 /* 1427 * Some controllers e.g. DWC3 don't like OUT transfers to be 1428 * not ending in maxpacket boundary. So just make them happy by 1429 * always requesting for integral multiple of maxpackets. 1430 * This shouldn't bother controllers that don't care about it. 1431 */ 1432 rem = rx_remain % maxpacket; 1433 if (rem > 0) 1434 rx_remain = rx_remain + (maxpacket - rem); 1435 1436 return rx_remain; 1437 } 1438 1439 #define BYTES_PER_DOT 0x20000 1440 static void rx_handler_dl_image(struct usb_ep *ep, struct usb_request *req) 1441 { 1442 char response[FASTBOOT_RESPONSE_LEN]; 1443 unsigned int transfer_size = download_size - download_bytes; 1444 const unsigned char *buffer = req->buf; 1445 unsigned int buffer_size = req->actual; 1446 unsigned int pre_dot_num, now_dot_num; 1447 1448 if (req->status != 0) { 1449 printf("Bad status: %d\n", req->status); 1450 return; 1451 } 1452 1453 if (buffer_size < transfer_size) 1454 transfer_size = buffer_size; 1455 1456 memcpy((void *)CONFIG_FASTBOOT_BUF_ADDR + download_bytes, 1457 buffer, transfer_size); 1458 1459 pre_dot_num = download_bytes / BYTES_PER_DOT; 1460 download_bytes += transfer_size; 1461 now_dot_num = download_bytes / BYTES_PER_DOT; 1462 1463 if (pre_dot_num != now_dot_num) { 1464 putc('.'); 1465 if (!(now_dot_num % 74)) 1466 putc('\n'); 1467 } 1468 1469 /* Check if transfer is done */ 1470 if (download_bytes >= download_size) { 1471 /* 1472 * Reset global transfer variable, keep download_bytes because 1473 * it will be used in the next possible flashing command 1474 */ 1475 download_size = 0; 1476 req->complete = rx_handler_command; 1477 req->length = EP_BUFFER_SIZE; 1478 1479 strcpy(response, "OKAY"); 1480 fastboot_tx_write_str(response); 1481 1482 printf("\ndownloading of %d bytes finished\n", download_bytes); 1483 } else { 1484 req->length = rx_bytes_expected(ep); 1485 } 1486 1487 req->actual = 0; 1488 usb_ep_queue(ep, req, 0); 1489 } 1490 1491 static void cb_download(struct usb_ep *ep, struct usb_request *req) 1492 { 1493 char *cmd = req->buf; 1494 char response[FASTBOOT_RESPONSE_LEN]; 1495 1496 strsep(&cmd, ":"); 1497 download_size = simple_strtoul(cmd, NULL, 16); 1498 download_bytes = 0; 1499 1500 printf("Starting download of %d bytes\n", download_size); 1501 1502 if (0 == download_size) { 1503 strcpy(response, "FAILdata invalid size"); 1504 } else if (download_size > CONFIG_FASTBOOT_BUF_SIZE) { 1505 download_size = 0; 1506 strcpy(response, "FAILdata too large"); 1507 } else { 1508 sprintf(response, "DATA%08x", download_size); 1509 req->complete = rx_handler_dl_image; 1510 req->length = rx_bytes_expected(ep); 1511 } 1512 1513 fastboot_tx_write_str(response); 1514 } 1515 1516 static void tx_handler_ul(struct usb_ep *ep, struct usb_request *req) 1517 { 1518 unsigned int xfer_size = 0; 1519 unsigned int pre_dot_num, now_dot_num; 1520 unsigned int remain_size = 0; 1521 unsigned int transferred_size = req->actual; 1522 1523 if (req->status != 0) { 1524 printf("Bad status: %d\n", req->status); 1525 return; 1526 } 1527 1528 if (start_upload) { 1529 pre_dot_num = upload_bytes / BYTES_PER_DOT; 1530 upload_bytes += transferred_size; 1531 now_dot_num = upload_bytes / BYTES_PER_DOT; 1532 1533 if (pre_dot_num != now_dot_num) { 1534 putc('.'); 1535 if (!(now_dot_num % 74)) 1536 putc('\n'); 1537 } 1538 } 1539 1540 remain_size = upload_size - upload_bytes; 1541 xfer_size = (remain_size > EP_BUFFER_SIZE) ? 1542 EP_BUFFER_SIZE : remain_size; 1543 1544 debug("%s: remain_size=%d, transferred_size=%d", 1545 __func__, remain_size, transferred_size); 1546 debug("xfer_size=%d, upload_bytes=%d, upload_size=%d!\n", 1547 xfer_size, upload_bytes, upload_size); 1548 1549 if (remain_size <= 0) { 1550 fastboot_func->in_req->complete = fastboot_complete; 1551 wakeup_thread(); 1552 fastboot_tx_write_str("OKAY"); 1553 printf("\nuploading of %d bytes finished\n", upload_bytes); 1554 upload_bytes = 0; 1555 upload_size = 0; 1556 start_upload = false; 1557 return; 1558 } 1559 1560 /* Remove the transfer callback which response the upload */ 1561 /* request from host */ 1562 if (!upload_bytes) 1563 start_upload = true; 1564 1565 fastboot_tx_write((char *)((phys_addr_t)CONFIG_FASTBOOT_BUF_ADDR + \ 1566 upload_bytes), 1567 xfer_size); 1568 } 1569 1570 static void cb_upload(struct usb_ep *ep, struct usb_request *req) 1571 { 1572 char response[FASTBOOT_RESPONSE_LEN]; 1573 1574 printf("Starting upload of %d bytes\n", upload_size); 1575 1576 if (0 == upload_size) { 1577 strcpy(response, "FAILdata invalid size"); 1578 } else { 1579 start_upload = false; 1580 sprintf(response, "DATA%08x", upload_size); 1581 fastboot_func->in_req->complete = tx_handler_ul; 1582 } 1583 1584 fastboot_tx_write_str(response); 1585 } 1586 1587 static void do_bootm_on_complete(struct usb_ep *ep, struct usb_request *req) 1588 { 1589 char boot_addr_start[12]; 1590 char *bootm_args[] = { "bootm", boot_addr_start, NULL }; 1591 1592 puts("Booting kernel..\n"); 1593 1594 sprintf(boot_addr_start, "0x%lx", (long)CONFIG_FASTBOOT_BUF_ADDR); 1595 do_bootm(NULL, 0, 2, bootm_args); 1596 1597 /* This only happens if image is somehow faulty so we start over */ 1598 do_reset(NULL, 0, 0, NULL); 1599 } 1600 1601 static void cb_boot(struct usb_ep *ep, struct usb_request *req) 1602 { 1603 fastboot_func->in_req->complete = do_bootm_on_complete; 1604 fastboot_tx_write_str("OKAY"); 1605 } 1606 1607 static void do_exit_on_complete(struct usb_ep *ep, struct usb_request *req) 1608 { 1609 g_dnl_trigger_detach(); 1610 } 1611 1612 static void cb_continue(struct usb_ep *ep, struct usb_request *req) 1613 { 1614 fastboot_func->in_req->complete = do_exit_on_complete; 1615 fastboot_tx_write_str("OKAY"); 1616 } 1617 1618 static void cb_set_active(struct usb_ep *ep, struct usb_request *req) 1619 { 1620 char *cmd = req->buf; 1621 1622 debug("%s: %s\n", __func__, cmd); 1623 1624 strsep(&cmd, ":"); 1625 if (!cmd) { 1626 pr_err("missing slot name"); 1627 fastboot_tx_write_str("FAILmissing slot name"); 1628 return; 1629 } 1630 #ifdef CONFIG_RK_AVB_LIBAVB_USER 1631 unsigned int slot_number; 1632 if (strncmp("a", cmd, 1) == 0) { 1633 slot_number = 0; 1634 rk_avb_set_slot_active(&slot_number); 1635 } else if (strncmp("b", cmd, 1) == 0) { 1636 slot_number = 1; 1637 rk_avb_set_slot_active(&slot_number); 1638 } else { 1639 fastboot_tx_write_str("FAILunkown slot name"); 1640 return; 1641 } 1642 1643 fastboot_tx_write_str("OKAY"); 1644 return; 1645 #else 1646 fastboot_tx_write_str("FAILnot implemented"); 1647 return; 1648 #endif 1649 } 1650 1651 #ifdef CONFIG_FASTBOOT_FLASH 1652 static void cb_flash(struct usb_ep *ep, struct usb_request *req) 1653 { 1654 char *cmd = req->buf; 1655 char response[FASTBOOT_RESPONSE_LEN] = {0}; 1656 #ifdef CONFIG_RK_AVB_LIBAVB_USER 1657 uint8_t flash_lock_state; 1658 1659 if (rk_avb_read_flash_lock_state(&flash_lock_state)) { 1660 /* write the device flashing unlock when first read */ 1661 if (rk_avb_write_flash_lock_state(1)) { 1662 fastboot_tx_write_str("FAILflash lock state write failure"); 1663 return; 1664 } 1665 if (rk_avb_read_flash_lock_state(&flash_lock_state)) { 1666 fastboot_tx_write_str("FAILflash lock state read failure"); 1667 return; 1668 } 1669 } 1670 1671 if (flash_lock_state == 0) { 1672 fastboot_tx_write_str("FAILThe device is locked, can not flash!"); 1673 printf("The device is locked, can not flash!\n"); 1674 return; 1675 } 1676 #endif 1677 strsep(&cmd, ":"); 1678 if (!cmd) { 1679 pr_err("missing partition name"); 1680 fastboot_tx_write_str("FAILmissing partition name"); 1681 return; 1682 } 1683 1684 fastboot_fail("no flash device defined", response); 1685 #ifdef CONFIG_FASTBOOT_FLASH_MMC_DEV 1686 fb_mmc_flash_write(cmd, (void *)CONFIG_FASTBOOT_BUF_ADDR, 1687 download_bytes, response); 1688 #endif 1689 #ifdef CONFIG_FASTBOOT_FLASH_NAND_DEV 1690 fb_nand_flash_write(cmd, (void *)CONFIG_FASTBOOT_BUF_ADDR, 1691 download_bytes, response); 1692 #endif 1693 fastboot_tx_write_str(response); 1694 } 1695 1696 static void cb_flashing(struct usb_ep *ep, struct usb_request *req) 1697 { 1698 char *cmd = req->buf; 1699 1700 if (strncmp("lock", cmd + 9, 4) == 0) { 1701 #ifdef CONFIG_RK_AVB_LIBAVB_USER 1702 uint8_t flash_lock_state; 1703 flash_lock_state = 0; 1704 if (rk_avb_write_flash_lock_state(flash_lock_state)) 1705 fastboot_tx_write_str("FAILflash lock state" 1706 " write failure"); 1707 else 1708 fastboot_tx_write_str("OKAY"); 1709 #else 1710 fastboot_tx_write_str("FAILnot implemented"); 1711 #endif 1712 } else if (strncmp("unlock", cmd + 9, 6) == 0) { 1713 #ifdef CONFIG_RK_AVB_LIBAVB_USER 1714 uint8_t flash_lock_state; 1715 flash_lock_state = 1; 1716 if (rk_avb_write_flash_lock_state(flash_lock_state)) 1717 fastboot_tx_write_str("FAILflash lock state" 1718 " write failure"); 1719 else 1720 fastboot_tx_write_str("OKAY"); 1721 #else 1722 fastboot_tx_write_str("FAILnot implemented"); 1723 #endif 1724 } else if (strncmp("lock_critical", cmd + 9, 12) == 0) { 1725 fastboot_tx_write_str("FAILnot implemented"); 1726 } else if (strncmp("unlock_critical", cmd + 9, 14) == 0) { 1727 fastboot_tx_write_str("FAILnot implemented"); 1728 } else if (strncmp("get_unlock_ability", cmd + 9, 17) == 0) { 1729 fastboot_tx_write_str("FAILnot implemented"); 1730 } else if (strncmp("get_unlock_bootloader_nonce", cmd + 4, 27) == 0) { 1731 fastboot_tx_write_str("FAILnot implemented"); 1732 } else if (strncmp("unlock_bootloader", cmd + 9, 17) == 0) { 1733 fastboot_tx_write_str("FAILnot implemented"); 1734 } else if (strncmp("lock_bootloader", cmd + 9, 15) == 0) { 1735 fastboot_tx_write_str("FAILnot implemented"); 1736 } else { 1737 fastboot_tx_write_str("FAILunknown flashing command"); 1738 } 1739 } 1740 #endif 1741 1742 static void cb_oem_perm_attr(void) 1743 { 1744 #ifdef CONFIG_RK_AVB_LIBAVB_USER 1745 sha256_context ctx; 1746 uint8_t digest[SHA256_SUM_LEN] = {0}; 1747 uint8_t digest_temp[SHA256_SUM_LEN] = {0}; 1748 uint8_t perm_attr_temp[PERM_ATTR_TOTAL_SIZE] = {0}; 1749 uint8_t flag = 0; 1750 1751 if (PERM_ATTR_TOTAL_SIZE != download_bytes) { 1752 printf("Permanent attribute size is not equal!\n"); 1753 fastboot_tx_write_str("FAILincorrect perm attribute size"); 1754 return; 1755 } 1756 1757 if (rk_avb_read_perm_attr_flag(&flag)) { 1758 printf("rk_avb_read_perm_attr_flag error!\n"); 1759 fastboot_tx_write_str("FAILperm attr read failed"); 1760 return; 1761 } 1762 1763 if (flag == PERM_ATTR_SUCCESS_FLAG) { 1764 if (rk_avb_read_attribute_hash(digest_temp, 1765 SHA256_SUM_LEN)) { 1766 printf("The efuse IO can not be used!\n"); 1767 fastboot_tx_write_str("FAILefuse IO can not be used"); 1768 return; 1769 } 1770 1771 if (memcmp(digest, digest_temp, SHA256_SUM_LEN) != 0) { 1772 if (rk_avb_read_permanent_attributes(perm_attr_temp, 1773 PERM_ATTR_TOTAL_SIZE)) { 1774 printf("rk_avb_write_permanent_attributes error!\n"); 1775 fastboot_tx_write_str("FAILread perm attr error"); 1776 return; 1777 } 1778 1779 sha256_starts(&ctx); 1780 sha256_update(&ctx, 1781 (const uint8_t *)perm_attr_temp, 1782 PERM_ATTR_TOTAL_SIZE); 1783 sha256_finish(&ctx, digest); 1784 if (memcmp(digest, digest_temp, SHA256_SUM_LEN) == 0) { 1785 printf("The hash has been written!\n"); 1786 fastboot_tx_write_str("OKAY"); 1787 return; 1788 } 1789 } 1790 1791 if (rk_avb_write_perm_attr_flag(0)) { 1792 fastboot_tx_write_str("FAILperm attr flag write failure"); 1793 return; 1794 } 1795 } 1796 1797 if (rk_avb_write_permanent_attributes((uint8_t *) 1798 CONFIG_FASTBOOT_BUF_ADDR, 1799 download_bytes)) { 1800 if (rk_avb_write_perm_attr_flag(0)) { 1801 fastboot_tx_write_str("FAILperm attr flag write failure"); 1802 return; 1803 } 1804 fastboot_tx_write_str("FAILperm attr write failed"); 1805 return; 1806 } 1807 1808 memset(digest, 0, SHA256_SUM_LEN); 1809 sha256_starts(&ctx); 1810 sha256_update(&ctx, (const uint8_t *)CONFIG_FASTBOOT_BUF_ADDR, 1811 PERM_ATTR_TOTAL_SIZE); 1812 sha256_finish(&ctx, digest); 1813 1814 if (rk_avb_write_attribute_hash((uint8_t *)digest, 1815 SHA256_SUM_LEN)) { 1816 if (rk_avb_read_attribute_hash(digest_temp, 1817 SHA256_SUM_LEN)) { 1818 printf("The efuse IO can not be used!\n"); 1819 fastboot_tx_write_str("FAILefuse IO can not be used"); 1820 return; 1821 } 1822 if (memcmp(digest, digest_temp, SHA256_SUM_LEN) != 0) { 1823 if (rk_avb_write_perm_attr_flag(0)) { 1824 fastboot_tx_write_str("FAILperm attr flag write failure"); 1825 return; 1826 } 1827 printf("The hash has been written, but is different!\n"); 1828 fastboot_tx_write_str("FAILhash comparison failure"); 1829 return; 1830 } 1831 } 1832 1833 if (rk_avb_write_perm_attr_flag(PERM_ATTR_SUCCESS_FLAG)) { 1834 fastboot_tx_write_str("FAILperm attr flag write failure"); 1835 return; 1836 } 1837 1838 fastboot_tx_write_str("OKAY"); 1839 #else 1840 fastboot_tx_write_str("FAILnot implemented"); 1841 #endif 1842 } 1843 1844 static void cb_oem(struct usb_ep *ep, struct usb_request *req) 1845 { 1846 char *cmd = req->buf; 1847 1848 #ifdef CONFIG_FASTBOOT_FLASH_MMC_DEV 1849 if (strncmp("format", cmd + 4, 6) == 0) { 1850 char cmdbuf[32]; 1851 sprintf(cmdbuf, "gpt write mmc %x $partitions", 1852 CONFIG_FASTBOOT_FLASH_MMC_DEV); 1853 if (run_command(cmdbuf, 0)) 1854 fastboot_tx_write_str("FAILmmc write failure"); 1855 else 1856 fastboot_tx_write_str("OKAY"); 1857 } else 1858 #endif 1859 if (strncmp("unlock", cmd + 4, 8) == 0) { 1860 #ifdef CONFIG_FASTBOOT_OEM_UNLOCK 1861 #ifdef CONFIG_RK_AVB_LIBAVB_USER 1862 fastboot_tx_write_str("FAILnot implemented"); 1863 return; 1864 #else 1865 uint8_t unlock = 0; 1866 TEEC_Result result; 1867 debug("oem unlock\n"); 1868 result = trusty_read_oem_unlock(&unlock); 1869 if (result) { 1870 printf("read oem unlock status with error : 0x%x\n", result); 1871 fastboot_tx_write_str("FAILRead oem unlock status failed"); 1872 return; 1873 } 1874 if (unlock) { 1875 printf("oem unlock ignored, device already unlocked\n"); 1876 fastboot_tx_write_str("FAILalready unlocked"); 1877 return; 1878 } 1879 printf("oem unlock requested:\n"); 1880 printf("\tUnlocking forces a factory reset and could\n"); 1881 printf("\topen your device up to a world of hurt. If you\n"); 1882 printf("\tare sure you know what you're doing, then accept\n"); 1883 printf("\tvia 'fastboot oem unlock_accept'.\n"); 1884 env_set("unlock", "unlock"); 1885 fastboot_tx_write_str("OKAY"); 1886 #endif 1887 #else 1888 fastboot_tx_write_str("FAILnot implemented"); 1889 return; 1890 #endif 1891 } else if (strncmp("unlock_accept", cmd + 4, 13) == 0) { 1892 #ifdef CONFIG_FASTBOOT_OEM_UNLOCK 1893 #ifdef CONFIG_RK_AVB_LIBAVB_USER 1894 fastboot_tx_write_str("FAILnot implemented"); 1895 return; 1896 #else 1897 char *unlock = env_get("unlock"); 1898 TEEC_Result result; 1899 debug("oem unlock_accept\n"); 1900 if (unlock == NULL || strncmp("unlock", unlock, 6) != 0) { 1901 printf("oem unlock_accept ignored, not pending\n"); 1902 fastboot_tx_write_str("FAILoem unlock not requested"); 1903 return; 1904 } 1905 env_set("unlock", ""); 1906 printf("Erasing userdata partition\n"); 1907 struct blk_desc *dev_desc; 1908 disk_partition_t part_info; 1909 dev_desc = rockchip_get_bootdev(); 1910 if (!dev_desc) { 1911 printf("%s: dev_desc is NULL!\n", __func__); 1912 return; 1913 } 1914 int ret = part_get_info_by_name(dev_desc, "userdata", 1915 &part_info); 1916 if (ret < 0) { 1917 printf("not found userdata partition"); 1918 printf("Erase failed with error %d\n", ret); 1919 fastboot_tx_write_str("FAILErasing userdata failed"); 1920 return; 1921 } 1922 ret = blk_derase(dev_desc, part_info.start, part_info.size); 1923 if (ret != part_info.size) { 1924 printf("Erase failed with error %d\n", ret); 1925 fastboot_tx_write_str("FAILErasing userdata failed"); 1926 return; 1927 } 1928 printf("Erasing succeeded\n"); 1929 1930 result = trusty_write_oem_unlock(1); 1931 if (result) { 1932 printf("write oem unlock status with error : 0x%x\n", result); 1933 fastboot_tx_write_str("FAILWrite oem unlock status failed"); 1934 return; 1935 } 1936 fastboot_tx_write_str("OKAY"); 1937 1938 /* 1939 * now reboot into recovery to do a format of the 1940 * userdata partition so it's ready to use on next boot 1941 */ 1942 board_run_recovery_wipe_data(); 1943 #endif 1944 #else 1945 fastboot_tx_write_str("FAILnot implemented"); 1946 return; 1947 #endif 1948 } else if (strncmp("lock", cmd + 4, 8) == 0) { 1949 #ifdef CONFIG_FASTBOOT_OEM_UNLOCK 1950 #ifdef CONFIG_RK_AVB_LIBAVB_USER 1951 fastboot_tx_write_str("FAILnot implemented"); 1952 return; 1953 #else 1954 TEEC_Result result; 1955 uint8_t unlock = 0; 1956 trusty_read_oem_unlock(&unlock); 1957 if (!unlock) { 1958 printf("oem lock ignored, already locked\n"); 1959 fastboot_tx_write_str("FAILalready locked"); 1960 return; 1961 } 1962 1963 result = trusty_write_oem_unlock(0); 1964 if (result) { 1965 printf("write oem unlock status with error : 0x%x\n", result); 1966 fastboot_tx_write_str("FAILWrite oem unlock status failed"); 1967 return; 1968 } 1969 fastboot_tx_write_str("OKAY"); 1970 #endif 1971 #else 1972 fastboot_tx_write_str("FAILnot implemented"); 1973 return; 1974 #endif 1975 } else if (strncmp("at-get-ca-request", cmd + 4, 17) == 0) { 1976 #ifdef CONFIG_OPTEE_CLIENT 1977 uint8_t out[ATTEST_CA_OUT_SIZE]; 1978 uint32_t operation_size = download_bytes; 1979 uint32_t out_len = ATTEST_CA_OUT_SIZE; 1980 uint32_t res = 0; 1981 1982 res = trusty_attest_get_ca((uint8_t *)CONFIG_FASTBOOT_BUF_ADDR, 1983 &operation_size, out, &out_len); 1984 if (res) { 1985 fastboot_tx_write_str("FAILtrusty_attest_get_ca failed"); 1986 return; 1987 } 1988 upload_size = out_len; 1989 memcpy((void *)CONFIG_FASTBOOT_BUF_ADDR, out, out_len); 1990 fastboot_tx_write_str("OKAY"); 1991 #else 1992 fastboot_tx_write_str("FAILnot implemented"); 1993 return; 1994 #endif 1995 } else if (strncmp("at-set-ca-response", cmd + 4, 18) == 0) { 1996 #ifdef CONFIG_OPTEE_CLIENT 1997 uint32_t ca_response_size = download_bytes; 1998 uint32_t res = 0; 1999 2000 res = trusty_attest_set_ca((uint8_t *)CONFIG_FASTBOOT_BUF_ADDR, 2001 &ca_response_size); 2002 if (res) 2003 fastboot_tx_write_str("FAILtrusty_attest_set_ca failed"); 2004 else 2005 fastboot_tx_write_str("OKAY"); 2006 #else 2007 fastboot_tx_write_str("FAILnot implemented"); 2008 return; 2009 #endif 2010 } else if (strncmp("at-get-vboot-unlock-challenge", cmd + 4, 29) == 0) { 2011 #ifdef CONFIG_RK_AVB_LIBAVB_USER 2012 uint32_t challenge_len = 0; 2013 int ret = 0; 2014 2015 ret = rk_generate_unlock_challenge((void *)CONFIG_FASTBOOT_BUF_ADDR, &challenge_len); 2016 if (ret == 0) { 2017 upload_size = challenge_len; 2018 fastboot_tx_write_str("OKAY"); 2019 } else { 2020 fastboot_tx_write_str("FAILgenerate unlock challenge fail!"); 2021 } 2022 #else 2023 fastboot_tx_write_str("FAILnot implemented"); 2024 return; 2025 #endif 2026 } else if (strncmp("at-lock-vboot", cmd + 4, 13) == 0) { 2027 #ifdef CONFIG_RK_AVB_LIBAVB_USER 2028 uint8_t lock_state; 2029 lock_state = 0; 2030 if (rk_avb_write_lock_state(lock_state)) 2031 fastboot_tx_write_str("FAILwrite lock state failed"); 2032 else 2033 fastboot_tx_write_str("OKAY"); 2034 #else 2035 fastboot_tx_write_str("FAILnot implemented"); 2036 #endif 2037 } else if (strncmp("at-unlock-vboot", cmd + 4, 15) == 0) { 2038 #ifdef CONFIG_RK_AVB_LIBAVB_USER 2039 uint8_t lock_state; 2040 bool out_is_trusted = true; 2041 2042 if (rk_avb_read_lock_state(&lock_state)) 2043 fastboot_tx_write_str("FAILlock sate read failure"); 2044 if (lock_state >> 1 == 1) { 2045 fastboot_tx_write_str("FAILThe vboot is disable!"); 2046 } else { 2047 lock_state = 1; 2048 #ifdef CONFIG_RK_AVB_LIBAVB_ENABLE_ATH_UNLOCK 2049 if (rk_auth_unlock((void *)CONFIG_FASTBOOT_BUF_ADDR, 2050 &out_is_trusted)) { 2051 printf("rk_auth_unlock ops error!\n"); 2052 fastboot_tx_write_str("FAILrk_auth_unlock ops error!"); 2053 return; 2054 } 2055 #endif 2056 if (out_is_trusted == true) { 2057 if (rk_avb_write_lock_state(lock_state)) 2058 fastboot_tx_write_str("FAILwrite lock state failed"); 2059 else 2060 fastboot_tx_write_str("OKAY"); 2061 } else { 2062 fastboot_tx_write_str("FAILauthenticated unlock fail"); 2063 } 2064 } 2065 #else 2066 fastboot_tx_write_str("FAILnot implemented"); 2067 #endif 2068 } else if (strncmp("at-disable-unlock-vboot", cmd + 4, 23) == 0) { 2069 #ifdef CONFIG_RK_AVB_LIBAVB_USER 2070 uint8_t lock_state; 2071 lock_state = 2; 2072 if (rk_avb_write_lock_state(lock_state)) 2073 fastboot_tx_write_str("FAILwrite lock state failed"); 2074 else 2075 fastboot_tx_write_str("OKAY"); 2076 #else 2077 fastboot_tx_write_str("FAILnot implemented"); 2078 #endif 2079 } else if (strncmp("fuse at-perm-attr", cmd + 4, 16) == 0) { 2080 cb_oem_perm_attr(); 2081 } else if (strncmp("fuse at-bootloader-vboot-key", cmd + 4, 27) == 0) { 2082 #ifdef CONFIG_RK_AVB_LIBAVB_USER 2083 sha256_context ctx; 2084 uint8_t digest[SHA256_SUM_LEN]; 2085 2086 if (download_bytes != VBOOT_KEY_HASH_SIZE) { 2087 fastboot_tx_write_str("FAILinvalid vboot key length"); 2088 printf("The vboot key size error!\n"); 2089 return; 2090 } 2091 2092 sha256_starts(&ctx); 2093 sha256_update(&ctx, (const uint8_t *)CONFIG_FASTBOOT_BUF_ADDR, 2094 VBOOT_KEY_SIZE); 2095 sha256_finish(&ctx, digest); 2096 2097 if (rk_avb_write_vbootkey_hash((uint8_t *)digest, 2098 SHA256_SUM_LEN)) { 2099 fastboot_tx_write_str("FAILvbootkey hash write failure"); 2100 return; 2101 } 2102 fastboot_tx_write_str("OKAY"); 2103 #else 2104 fastboot_tx_write_str("FAILnot implemented"); 2105 #endif 2106 } else { 2107 fastboot_tx_write_str("FAILunknown oem command"); 2108 } 2109 } 2110 2111 #ifdef CONFIG_FASTBOOT_FLASH 2112 static void cb_erase(struct usb_ep *ep, struct usb_request *req) 2113 { 2114 char *cmd = req->buf; 2115 char response[FASTBOOT_RESPONSE_LEN]; 2116 2117 strsep(&cmd, ":"); 2118 if (!cmd) { 2119 pr_err("missing partition name"); 2120 fastboot_tx_write_str("FAILmissing partition name"); 2121 return; 2122 } 2123 2124 fastboot_fail("no flash device defined", response); 2125 #ifdef CONFIG_FASTBOOT_FLASH_MMC_DEV 2126 fb_mmc_erase(cmd, response); 2127 #endif 2128 #ifdef CONFIG_FASTBOOT_FLASH_NAND_DEV 2129 fb_nand_erase(cmd, response); 2130 #endif 2131 fastboot_tx_write_str(response); 2132 } 2133 #endif 2134 2135 struct cmd_dispatch_info { 2136 char *cmd; 2137 void (*cb)(struct usb_ep *ep, struct usb_request *req); 2138 }; 2139 2140 static const struct cmd_dispatch_info cmd_dispatch_info[] = { 2141 { 2142 .cmd = "reboot", 2143 .cb = cb_reboot, 2144 }, { 2145 .cmd = "getvar:", 2146 .cb = cb_getvar, 2147 }, { 2148 .cmd = "download:", 2149 .cb = cb_download, 2150 }, { 2151 .cmd = "upload", 2152 .cb = cb_upload, 2153 }, { 2154 .cmd = "boot", 2155 .cb = cb_boot, 2156 }, { 2157 .cmd = "continue", 2158 .cb = cb_continue, 2159 }, { 2160 .cmd = "set_active", 2161 .cb = cb_set_active, 2162 }, 2163 #ifdef CONFIG_FASTBOOT_FLASH 2164 { 2165 .cmd = "flashing", 2166 .cb = cb_flashing, 2167 }, 2168 { 2169 .cmd = "flash", 2170 .cb = cb_flash, 2171 }, { 2172 .cmd = "erase", 2173 .cb = cb_erase, 2174 }, 2175 #endif 2176 { 2177 .cmd = "oem", 2178 .cb = cb_oem, 2179 }, 2180 }; 2181 2182 static void rx_handler_command(struct usb_ep *ep, struct usb_request *req) 2183 { 2184 char *cmdbuf = req->buf; 2185 void (*func_cb)(struct usb_ep *ep, struct usb_request *req) = NULL; 2186 int i; 2187 2188 if (req->status != 0 || req->length == 0) 2189 return; 2190 2191 for (i = 0; i < ARRAY_SIZE(cmd_dispatch_info); i++) { 2192 if (!strcmp_l1(cmd_dispatch_info[i].cmd, cmdbuf)) { 2193 func_cb = cmd_dispatch_info[i].cb; 2194 break; 2195 } 2196 } 2197 2198 if (!func_cb) { 2199 pr_err("unknown command: %.*s", req->actual, cmdbuf); 2200 fastboot_tx_write_str("FAILunknown command"); 2201 } else { 2202 if (req->actual < req->length) { 2203 u8 *buf = (u8 *)req->buf; 2204 buf[req->actual] = 0; 2205 func_cb(ep, req); 2206 } else { 2207 pr_err("buffer overflow"); 2208 fastboot_tx_write_str("FAILbuffer overflow"); 2209 } 2210 } 2211 2212 *cmdbuf = '\0'; 2213 req->actual = 0; 2214 usb_ep_queue(ep, req, 0); 2215 } 2216