]> git.ipfire.org Git - people/ms/u-boot.git/blob - tools/env/fw_env.c
projects / people / ms / u-boot.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
env: fix memory leak in fw_env routines
[people/ms/u-boot.git] / tools / env / fw_env.c
1 /*
2 * (C) Copyright 2000-2010
3 * Wolfgang Denk, DENX Software Engineering, wd@denx.de.
4 *
5 * (C) Copyright 2008
6 * Guennadi Liakhovetski, DENX Software Engineering, lg@denx.de.
7 *
8 * SPDX-License-Identifier: GPL-2.0+
9 */
10
11 #define _GNU_SOURCE
12
13 #include <compiler.h>
14 #include <errno.h>
15 #include <env_flags.h>
16 #include <fcntl.h>
17 #include <linux/fs.h>
18 #include <linux/stringify.h>
19 #include <ctype.h>
20 #include <stdio.h>
21 #include <stdlib.h>
22 #include <stddef.h>
23 #include <string.h>
24 #include <sys/types.h>
25 #include <sys/ioctl.h>
26 #include <sys/stat.h>
27 #include <unistd.h>
28
29 #ifdef MTD_OLD
30 # include <stdint.h>
31 # include <linux/mtd/mtd.h>
32 #else
33 # define __user /* nothing */
34 # include <mtd/mtd-user.h>
35 #endif
36
37 #include "fw_env_private.h"
38 #include "fw_env.h"
39
40 struct env_opts default_opts = {
41 #ifdef CONFIG_FILE
42 .config_file = CONFIG_FILE
43 #endif
44 };
45
46 #define DIV_ROUND_UP(n, d) (((n) + (d) - 1) / (d))
47
48 #define min(x, y) ({ \
49 typeof(x) _min1 = (x); \
50 typeof(y) _min2 = (y); \
51 (void) (&_min1 == &_min2); \
52 _min1 < _min2 ? _min1 : _min2; })
53
54 struct envdev_s {
55 const char *devname; /* Device name */
56 long long devoff; /* Device offset */
57 ulong env_size; /* environment size */
58 ulong erase_size; /* device erase size */
59 ulong env_sectors; /* number of environment sectors */
60 uint8_t mtd_type; /* type of the MTD device */
61 };
62
63 static struct envdev_s envdevices[2] =
64 {
65 {
66 .mtd_type = MTD_ABSENT,
67 }, {
68 .mtd_type = MTD_ABSENT,
69 },
70 };
71 static int dev_current;
72
73 #define DEVNAME(i) envdevices[(i)].devname
74 #define DEVOFFSET(i) envdevices[(i)].devoff
75 #define ENVSIZE(i) envdevices[(i)].env_size
76 #define DEVESIZE(i) envdevices[(i)].erase_size
77 #define ENVSECTORS(i) envdevices[(i)].env_sectors
78 #define DEVTYPE(i) envdevices[(i)].mtd_type
79
80 #define CUR_ENVSIZE ENVSIZE(dev_current)
81
82 static unsigned long usable_envsize;
83 #define ENV_SIZE usable_envsize
84
85 struct env_image_single {
86 uint32_t crc; /* CRC32 over data bytes */
87 char data[];
88 };
89
90 struct env_image_redundant {
91 uint32_t crc; /* CRC32 over data bytes */
92 unsigned char flags; /* active or obsolete */
93 char data[];
94 };
95
96 enum flag_scheme {
97 FLAG_NONE,
98 FLAG_BOOLEAN,
99 FLAG_INCREMENTAL,
100 };
101
102 struct environment {
103 void *image;
104 uint32_t *crc;
105 unsigned char *flags;
106 char *data;
107 enum flag_scheme flag_scheme;
108 };
109
110 static struct environment environment = {
111 .flag_scheme = FLAG_NONE,
112 };
113
114 static int env_aes_cbc_crypt(char *data, const int enc, uint8_t *key);
115
116 static int HaveRedundEnv = 0;
117
118 static unsigned char active_flag = 1;
119 /* obsolete_flag must be 0 to efficiently set it on NOR flash without erasing */
120 static unsigned char obsolete_flag = 0;
121
122 #define DEFAULT_ENV_INSTANCE_STATIC
123 #include <env_default.h>
124
125 static int flash_io (int mode);
126 static int parse_config(struct env_opts *opts);
127
128 #if defined(CONFIG_FILE)
129 static int get_config (char *);
130 #endif
131
132 static char *skip_chars(char *s)
133 {
134 for (; *s != '\0'; s++) {
135 if (isblank(*s))
136 return s;
137 }
138 return NULL;
139 }
140
141 static char *skip_blanks(char *s)
142 {
143 for (; *s != '\0'; s++) {
144 if (!isblank(*s))
145 return s;
146 }
147 return NULL;
148 }
149
150 /*
151 * s1 is either a simple 'name', or a 'name=value' pair.
152 * s2 is a 'name=value' pair.
153 * If the names match, return the value of s2, else NULL.
154 */
155 static char *envmatch(char *s1, char *s2)
156 {
157 if (s1 == NULL || s2 == NULL)
158 return NULL;
159
160 while (*s1 == *s2++)
161 if (*s1++ == '=')
162 return s2;
163 if (*s1 == '\0' && *(s2 - 1) == '=')
164 return s2;
165 return NULL;
166 }
167
168 /**
169 * Search the environment for a variable.
170 * Return the value, if found, or NULL, if not found.
171 */
172 char *fw_getenv (char *name)
173 {
174 char *env, *nxt;
175
176 for (env = environment.data; *env; env = nxt + 1) {
177 char *val;
178
179 for (nxt = env; *nxt; ++nxt) {
180 if (nxt >= &environment.data[ENV_SIZE]) {
181 fprintf (stderr, "## Error: "
182 "environment not terminated\n");
183 return NULL;
184 }
185 }
186 val = envmatch (name, env);
187 if (!val)
188 continue;
189 return val;
190 }
191 return NULL;
192 }
193
194 /*
195 * Search the default environment for a variable.
196 * Return the value, if found, or NULL, if not found.
197 */
198 char *fw_getdefenv(char *name)
199 {
200 char *env, *nxt;
201
202 for (env = default_environment; *env; env = nxt + 1) {
203 char *val;
204
205 for (nxt = env; *nxt; ++nxt) {
206 if (nxt >= &default_environment[ENV_SIZE]) {
207 fprintf(stderr, "## Error: "
208 "default environment not terminated\n");
209 return NULL;
210 }
211 }
212 val = envmatch(name, env);
213 if (!val)
214 continue;
215 return val;
216 }
217 return NULL;
218 }
219
220 int parse_aes_key(char *key, uint8_t *bin_key)
221 {
222 char tmp[5] = { '0', 'x', 0, 0, 0 };
223 unsigned long ul;
224 int i;
225
226 if (strnlen(key, 64) != 32) {
227 fprintf(stderr,
228 "## Error: '-a' option requires 16-byte AES key\n");
229 return -1;
230 }
231
232 for (i = 0; i < 16; i++) {
233 tmp[2] = key[0];
234 tmp[3] = key[1];
235 errno = 0;
236 ul = strtoul(tmp, NULL, 16);
237 if (errno) {
238 fprintf(stderr,
239 "## Error: '-a' option requires valid AES key\n");
240 return -1;
241 }
242 bin_key[i] = ul & 0xff;
243 key += 2;
244 }
245 return 0;
246 }
247
248 /*
249 * Print the current definition of one, or more, or all
250 * environment variables
251 */
252 int fw_printenv(int argc, char *argv[], int value_only, struct env_opts *opts)
253 {
254 int i, rc = 0;
255
256 if (value_only && argc != 1) {
257 fprintf(stderr,
258 "## Error: `-n' option requires exactly one argument\n");
259 return -1;
260 }
261
262 if (!opts)
263 opts = &default_opts;
264
265 if (fw_env_open(opts))
266 return -1;
267
268 if (argc == 0) { /* Print all env variables */
269 char *env, *nxt;
270 for (env = environment.data; *env; env = nxt + 1) {
271 for (nxt = env; *nxt; ++nxt) {
272 if (nxt >= &environment.data[ENV_SIZE]) {
273 fprintf (stderr, "## Error: "
274 "environment not terminated\n");
275 return -1;
276 }
277 }
278
279 printf ("%s\n", env);
280 }
281 fw_env_close(opts);
282 return 0;
283 }
284
285 for (i = 0; i < argc; ++i) { /* print a subset of env variables */
286 char *name = argv[i];
287 char *val = NULL;
288
289 val = fw_getenv(name);
290 if (!val) {
291 fprintf (stderr, "## Error: \"%s\" not defined\n", name);
292 rc = -1;
293 continue;
294 }
295
296 if (value_only) {
297 puts(val);
298 break;
299 }
300
301 printf("%s=%s\n", name, val);
302 }
303
304 fw_env_close(opts);
305
306 return rc;
307 }
308
309 int fw_env_flush(struct env_opts *opts)
310 {
311 int ret;
312
313 if (!opts)
314 opts = &default_opts;
315
316 if (opts->aes_flag) {
317 ret = env_aes_cbc_crypt(environment.data, 1,
318 opts->aes_key);
319 if (ret) {
320 fprintf(stderr,
321 "Error: can't encrypt env for flash\n");
322 return ret;
323 }
324 }
325
326 /*
327 * Update CRC
328 */
329 *environment.crc = crc32(0, (uint8_t *) environment.data, ENV_SIZE);
330
331 /* write environment back to flash */
332 if (flash_io(O_RDWR)) {
333 fprintf(stderr,
334 "Error: can't write fw_env to flash\n");
335 return -1;
336 }
337
338 return 0;
339 }
340
341
342 /*
343 * Set/Clear a single variable in the environment.
344 * This is called in sequence to update the environment
345 * in RAM without updating the copy in flash after each set
346 */
347 int fw_env_write(char *name, char *value)
348 {
349 int len;
350 char *env, *nxt;
351 char *oldval = NULL;
352 int deleting, creating, overwriting;
353
354 /*
355 * search if variable with this name already exists
356 */
357 for (nxt = env = environment.data; *env; env = nxt + 1) {
358 for (nxt = env; *nxt; ++nxt) {
359 if (nxt >= &environment.data[ENV_SIZE]) {
360 fprintf(stderr, "## Error: "
361 "environment not terminated\n");
362 errno = EINVAL;
363 return -1;
364 }
365 }
366 if ((oldval = envmatch (name, env)) != NULL)
367 break;
368 }
369
370 deleting = (oldval && !(value && strlen(value)));
371 creating = (!oldval && (value && strlen(value)));
372 overwriting = (oldval && (value && strlen(value)));
373
374 /* check for permission */
375 if (deleting) {
376 if (env_flags_validate_varaccess(name,
377 ENV_FLAGS_VARACCESS_PREVENT_DELETE)) {
378 printf("Can't delete \"%s\"\n", name);
379 errno = EROFS;
380 return -1;
381 }
382 } else if (overwriting) {
383 if (env_flags_validate_varaccess(name,
384 ENV_FLAGS_VARACCESS_PREVENT_OVERWR)) {
385 printf("Can't overwrite \"%s\"\n", name);
386 errno = EROFS;
387 return -1;
388 } else if (env_flags_validate_varaccess(name,
389 ENV_FLAGS_VARACCESS_PREVENT_NONDEF_OVERWR)) {
390 const char *defval = fw_getdefenv(name);
391
392 if (defval == NULL)
393 defval = "";
394 if (strcmp(oldval, defval)
395 != 0) {
396 printf("Can't overwrite \"%s\"\n", name);
397 errno = EROFS;
398 return -1;
399 }
400 }
401 } else if (creating) {
402 if (env_flags_validate_varaccess(name,
403 ENV_FLAGS_VARACCESS_PREVENT_CREATE)) {
404 printf("Can't create \"%s\"\n", name);
405 errno = EROFS;
406 return -1;
407 }
408 } else
409 /* Nothing to do */
410 return 0;
411
412 if (deleting || overwriting) {
413 if (*++nxt == '\0') {
414 *env = '\0';
415 } else {
416 for (;;) {
417 *env = *nxt++;
418 if ((*env == '\0') && (*nxt == '\0'))
419 break;
420 ++env;
421 }
422 }
423 *++env = '\0';
424 }
425
426 /* Delete only ? */
427 if (!value || !strlen(value))
428 return 0;
429
430 /*
431 * Append new definition at the end
432 */
433 for (env = environment.data; *env || *(env + 1); ++env);
434 if (env > environment.data)
435 ++env;
436 /*
437 * Overflow when:
438 * "name" + "=" + "val" +"\0\0" > CUR_ENVSIZE - (env-environment)
439 */
440 len = strlen (name) + 2;
441 /* add '=' for first arg, ' ' for all others */
442 len += strlen(value) + 1;
443
444 if (len > (&environment.data[ENV_SIZE] - env)) {
445 fprintf (stderr,
446 "Error: environment overflow, \"%s\" deleted\n",
447 name);
448 return -1;
449 }
450
451 while ((*env = *name++) != '\0')
452 env++;
453 *env = '=';
454 while ((*++env = *value++) != '\0')
455 ;
456
457 /* end is marked with double '\0' */
458 *++env = '\0';
459
460 return 0;
461 }
462
463 /*
464 * Deletes or sets environment variables. Returns -1 and sets errno error codes:
465 * 0 - OK
466 * EINVAL - need at least 1 argument
467 * EROFS - certain variables ("ethaddr", "serial#") cannot be
468 * modified or deleted
469 *
470 */
471 int fw_setenv(int argc, char *argv[], struct env_opts *opts)
472 {
473 int i;
474 size_t len;
475 char *name, **valv;
476 char *value = NULL;
477 int valc;
478 int ret;
479
480 if (!opts)
481 opts = &default_opts;
482
483 if (argc < 1) {
484 fprintf(stderr, "## Error: variable name missing\n");
485 errno = EINVAL;
486 return -1;
487 }
488
489 if (fw_env_open(opts)) {
490 fprintf(stderr, "Error: environment not initialized\n");
491 return -1;
492 }
493
494 name = argv[0];
495 valv = argv + 1;
496 valc = argc - 1;
497
498 if (env_flags_validate_env_set_params(name, valv, valc) < 0) {
499 fw_env_close(opts);
500 return -1;
501 }
502
503 len = 0;
504 for (i = 0; i < valc; ++i) {
505 char *val = valv[i];
506 size_t val_len = strlen(val);
507
508 if (value)
509 value[len - 1] = ' ';
510 value = realloc(value, len + val_len + 1);
511 if (!value) {
512 fprintf(stderr,
513 "Cannot malloc %zu bytes: %s\n",
514 len, strerror(errno));
515 return -1;
516 }
517
518 memcpy(value + len, val, val_len);
519 len += val_len;
520 value[len++] = '\0';
521 }
522
523 fw_env_write(name, value);
524
525 free(value);
526
527 ret = fw_env_flush(opts);
528 fw_env_close(opts);
529
530 return ret;
531 }
532
533 /*
534 * Parse a file and configure the u-boot variables.
535 * The script file has a very simple format, as follows:
536 *
537 * Each line has a couple with name, value:
538 * <white spaces>variable_name<white spaces>variable_value
539 *
540 * Both variable_name and variable_value are interpreted as strings.
541 * Any character after <white spaces> and before ending \r\n is interpreted
542 * as variable's value (no comment allowed on these lines !)
543 *
544 * Comments are allowed if the first character in the line is #
545 *
546 * Returns -1 and sets errno error codes:
547 * 0 - OK
548 * -1 - Error
549 */
550 int fw_parse_script(char *fname, struct env_opts *opts)
551 {
552 FILE *fp;
553 char dump[1024]; /* Maximum line length in the file */
554 char *name;
555 char *val;
556 int lineno = 0;
557 int len;
558 int ret = 0;
559
560 if (!opts)
561 opts = &default_opts;
562
563 if (fw_env_open(opts)) {
564 fprintf(stderr, "Error: environment not initialized\n");
565 return -1;
566 }
567
568 if (strcmp(fname, "-") == 0)
569 fp = stdin;
570 else {
571 fp = fopen(fname, "r");
572 if (fp == NULL) {
573 fprintf(stderr, "I cannot open %s for reading\n",
574 fname);
575 return -1;
576 }
577 }
578
579 while (fgets(dump, sizeof(dump), fp)) {
580 lineno++;
581 len = strlen(dump);
582
583 /*
584 * Read a whole line from the file. If the line is too long
585 * or is not terminated, reports an error and exit.
586 */
587 if (dump[len - 1] != '\n') {
588 fprintf(stderr,
589 "Line %d not corrected terminated or too long\n",
590 lineno);
591 ret = -1;
592 break;
593 }
594
595 /* Drop ending line feed / carriage return */
596 dump[--len] = '\0';
597 if (len && dump[len - 1] == '\r')
598 dump[--len] = '\0';
599
600 /* Skip comment or empty lines */
601 if (len == 0 || dump[0] == '#')
602 continue;
603
604 /*
605 * Search for variable's name,
606 * remove leading whitespaces
607 */
608 name = skip_blanks(dump);
609 if (!name)
610 continue;
611
612 /* The first white space is the end of variable name */
613 val = skip_chars(name);
614 len = strlen(name);
615 if (val) {
616 *val++ = '\0';
617 if ((val - name) < len)
618 val = skip_blanks(val);
619 else
620 val = NULL;
621 }
622
623 #ifdef DEBUG
624 fprintf(stderr, "Setting %s : %s\n",
625 name, val ? val : " removed");
626 #endif
627
628 if (env_flags_validate_type(name, val) < 0) {
629 ret = -1;
630 break;
631 }
632
633 /*
634 * If there is an error setting a variable,
635 * try to save the environment and returns an error
636 */
637 if (fw_env_write(name, val)) {
638 fprintf(stderr,
639 "fw_env_write returns with error : %s\n",
640 strerror(errno));
641 ret = -1;
642 break;
643 }
644
645 }
646
647 /* Close file if not stdin */
648 if (strcmp(fname, "-") != 0)
649 fclose(fp);
650
651 ret |= fw_env_flush(opts);
652
653 fw_env_close(opts);
654
655 return ret;
656 }
657
658 /**
659 * environment_end() - compute offset of first byte right after environemnt
660 * @dev - index of enviroment buffer
661 * Return:
662 * device offset of first byte right after environemnt
663 */
664 off_t environment_end(int dev)
665 {
666 /* environment is block aligned */
667 return DEVOFFSET(dev) + ENVSECTORS(dev) * DEVESIZE(dev);
668 }
669
670 /*
671 * Test for bad block on NAND, just returns 0 on NOR, on NAND:
672 * 0 - block is good
673 * > 0 - block is bad
674 * < 0 - failed to test
675 */
676 static int flash_bad_block(int fd, uint8_t mtd_type, loff_t blockstart)
677 {
678 if (mtd_type == MTD_NANDFLASH) {
679 int badblock = ioctl(fd, MEMGETBADBLOCK, &blockstart);
680
681 if (badblock < 0) {
682 perror ("Cannot read bad block mark");
683 return badblock;
684 }
685
686 if (badblock) {
687 #ifdef DEBUG
688 fprintf (stderr, "Bad block at 0x%llx, skipping\n",
689 (unsigned long long)blockstart);
690 #endif
691 return badblock;
692 }
693 }
694
695 return 0;
696 }
697
698 /*
699 * Read data from flash at an offset into a provided buffer. On NAND it skips
700 * bad blocks but makes sure it stays within ENVSECTORS (dev) starting from
701 * the DEVOFFSET (dev) block. On NOR the loop is only run once.
702 */
703 static int flash_read_buf (int dev, int fd, void *buf, size_t count,
704 off_t offset)
705 {
706 size_t blocklen; /* erase / write length - one block on NAND,
707 0 on NOR */
708 size_t processed = 0; /* progress counter */
709 size_t readlen = count; /* current read length */
710 off_t block_seek; /* offset inside the current block to the start
711 of the data */
712 loff_t blockstart; /* running start of the current block -
713 MEMGETBADBLOCK needs 64 bits */
714 int rc;
715
716 blockstart = (offset / DEVESIZE (dev)) * DEVESIZE (dev);
717
718 /* Offset inside a block */
719 block_seek = offset - blockstart;
720
721 if (DEVTYPE(dev) == MTD_NANDFLASH) {
722 /*
723 * NAND: calculate which blocks we are reading. We have
724 * to read one block at a time to skip bad blocks.
725 */
726 blocklen = DEVESIZE (dev);
727
728 /* Limit to one block for the first read */
729 if (readlen > blocklen - block_seek)
730 readlen = blocklen - block_seek;
731 } else {
732 blocklen = 0;
733 }
734
735 /* This only runs once on NOR flash */
736 while (processed < count) {
737 rc = flash_bad_block(fd, DEVTYPE(dev), blockstart);
738 if (rc < 0) /* block test failed */
739 return -1;
740
741 if (blockstart + block_seek + readlen > environment_end(dev)) {
742 /* End of range is reached */
743 fprintf (stderr,
744 "Too few good blocks within range\n");
745 return -1;
746 }
747
748 if (rc) { /* block is bad */
749 blockstart += blocklen;
750 continue;
751 }
752
753 /*
754 * If a block is bad, we retry in the next block at the same
755 * offset - see common/env_nand.c::writeenv()
756 */
757 lseek (fd, blockstart + block_seek, SEEK_SET);
758
759 rc = read (fd, buf + processed, readlen);
760 if (rc != readlen) {
761 fprintf (stderr, "Read error on %s: %s\n",
762 DEVNAME (dev), strerror (errno));
763 return -1;
764 }
765 #ifdef DEBUG
766 fprintf(stderr, "Read 0x%x bytes at 0x%llx on %s\n",
767 rc, (unsigned long long) blockstart + block_seek,
768 DEVNAME(dev));
769 #endif
770 processed += readlen;
771 readlen = min (blocklen, count - processed);
772 block_seek = 0;
773 blockstart += blocklen;
774 }
775
776 return processed;
777 }
778
779 /*
780 * Write count bytes from begin of environment, but stay within
781 * ENVSECTORS(dev) sectors of
782 * DEVOFFSET (dev). Similar to the read case above, on NOR and dataflash we
783 * erase and write the whole data at once.
784 */
785 static int flash_write_buf(int dev, int fd, void *buf, size_t count)
786 {
787 void *data;
788 struct erase_info_user erase;
789 size_t blocklen; /* length of NAND block / NOR erase sector */
790 size_t erase_len; /* whole area that can be erased - may include
791 bad blocks */
792 size_t erasesize; /* erase / write length - one block on NAND,
793 whole area on NOR */
794 size_t processed = 0; /* progress counter */
795 size_t write_total; /* total size to actually write - excluding
796 bad blocks */
797 off_t erase_offset; /* offset to the first erase block (aligned)
798 below offset */
799 off_t block_seek; /* offset inside the erase block to the start
800 of the data */
801 loff_t blockstart; /* running start of the current block -
802 MEMGETBADBLOCK needs 64 bits */
803 int rc;
804
805 /*
806 * For mtd devices only offset and size of the environment do matter
807 */
808 if (DEVTYPE(dev) == MTD_ABSENT) {
809 blocklen = count;
810 erase_len = blocklen;
811 blockstart = DEVOFFSET(dev);
812 block_seek = 0;
813 write_total = blocklen;
814 } else {
815 blocklen = DEVESIZE(dev);
816
817 erase_offset = DEVOFFSET(dev);
818
819 /* Maximum area we may use */
820 erase_len = environment_end(dev) - erase_offset;
821
822 blockstart = erase_offset;
823
824 /* Offset inside a block */
825 block_seek = DEVOFFSET(dev) - erase_offset;
826
827 /*
828 * Data size we actually write: from the start of the block
829 * to the start of the data, then count bytes of data, and
830 * to the end of the block
831 */
832 write_total = ((block_seek + count + blocklen - 1) /
833 blocklen) * blocklen;
834 }
835
836 /*
837 * Support data anywhere within erase sectors: read out the complete
838 * area to be erased, replace the environment image, write the whole
839 * block back again.
840 */
841 if (write_total > count) {
842 data = malloc (erase_len);
843 if (!data) {
844 fprintf (stderr,
845 "Cannot malloc %zu bytes: %s\n",
846 erase_len, strerror (errno));
847 return -1;
848 }
849
850 rc = flash_read_buf(dev, fd, data, write_total, erase_offset);
851 if (write_total != rc)
852 return -1;
853
854 #ifdef DEBUG
855 fprintf(stderr, "Preserving data ");
856 if (block_seek != 0)
857 fprintf(stderr, "0x%x - 0x%lx", 0, block_seek - 1);
858 if (block_seek + count != write_total) {
859 if (block_seek != 0)
860 fprintf(stderr, " and ");
861 fprintf(stderr, "0x%lx - 0x%lx",
862 (unsigned long) block_seek + count,
863 (unsigned long) write_total - 1);
864 }
865 fprintf(stderr, "\n");
866 #endif
867 /* Overwrite the old environment */
868 memcpy (data + block_seek, buf, count);
869 } else {
870 /*
871 * We get here, iff offset is block-aligned and count is a
872 * multiple of blocklen - see write_total calculation above
873 */
874 data = buf;
875 }
876
877 if (DEVTYPE(dev) == MTD_NANDFLASH) {
878 /*
879 * NAND: calculate which blocks we are writing. We have
880 * to write one block at a time to skip bad blocks.
881 */
882 erasesize = blocklen;
883 } else {
884 erasesize = erase_len;
885 }
886
887 erase.length = erasesize;
888
889 /* This only runs once on NOR flash and SPI-dataflash */
890 while (processed < write_total) {
891 rc = flash_bad_block(fd, DEVTYPE(dev), blockstart);
892 if (rc < 0) /* block test failed */
893 return rc;
894
895 if (blockstart + erasesize > environment_end(dev)) {
896 fprintf (stderr, "End of range reached, aborting\n");
897 return -1;
898 }
899
900 if (rc) { /* block is bad */
901 blockstart += blocklen;
902 continue;
903 }
904
905 if (DEVTYPE(dev) != MTD_ABSENT) {
906 erase.start = blockstart;
907 ioctl(fd, MEMUNLOCK, &erase);
908 /* These do not need an explicit erase cycle */
909 if (DEVTYPE(dev) != MTD_DATAFLASH)
910 if (ioctl(fd, MEMERASE, &erase) != 0) {
911 fprintf(stderr,
912 "MTD erase error on %s: %s\n",
913 DEVNAME(dev), strerror(errno));
914 return -1;
915 }
916 }
917
918 if (lseek (fd, blockstart, SEEK_SET) == -1) {
919 fprintf (stderr,
920 "Seek error on %s: %s\n",
921 DEVNAME (dev), strerror (errno));
922 return -1;
923 }
924
925 #ifdef DEBUG
926 fprintf(stderr, "Write 0x%llx bytes at 0x%llx\n",
927 (unsigned long long) erasesize,
928 (unsigned long long) blockstart);
929 #endif
930 if (write (fd, data + processed, erasesize) != erasesize) {
931 fprintf (stderr, "Write error on %s: %s\n",
932 DEVNAME (dev), strerror (errno));
933 return -1;
934 }
935
936 if (DEVTYPE(dev) != MTD_ABSENT)
937 ioctl(fd, MEMLOCK, &erase);
938
939 processed += erasesize;
940 block_seek = 0;
941 blockstart += erasesize;
942 }
943
944 if (write_total > count)
945 free (data);
946
947 return processed;
948 }
949
950 /*
951 * Set obsolete flag at offset - NOR flash only
952 */
953 static int flash_flag_obsolete (int dev, int fd, off_t offset)
954 {
955 int rc;
956 struct erase_info_user erase;
957
958 erase.start = DEVOFFSET (dev);
959 erase.length = DEVESIZE (dev);
960 /* This relies on the fact, that obsolete_flag == 0 */
961 rc = lseek (fd, offset, SEEK_SET);
962 if (rc < 0) {
963 fprintf (stderr, "Cannot seek to set the flag on %s \n",
964 DEVNAME (dev));
965 return rc;
966 }
967 ioctl (fd, MEMUNLOCK, &erase);
968 rc = write (fd, &obsolete_flag, sizeof (obsolete_flag));
969 ioctl (fd, MEMLOCK, &erase);
970 if (rc < 0)
971 perror ("Could not set obsolete flag");
972
973 return rc;
974 }
975
976 /* Encrypt or decrypt the environment before writing or reading it. */
977 static int env_aes_cbc_crypt(char *payload, const int enc, uint8_t *key)
978 {
979 uint8_t *data = (uint8_t *)payload;
980 const int len = usable_envsize;
981 uint8_t key_exp[AES_EXPAND_KEY_LENGTH];
982 uint32_t aes_blocks;
983
984 /* First we expand the key. */
985 aes_expand_key(key, key_exp);
986
987 /* Calculate the number of AES blocks to encrypt. */
988 aes_blocks = DIV_ROUND_UP(len, AES_KEY_LENGTH);
989
990 if (enc)
991 aes_cbc_encrypt_blocks(key_exp, data, data, aes_blocks);
992 else
993 aes_cbc_decrypt_blocks(key_exp, data, data, aes_blocks);
994
995 return 0;
996 }
997
998 static int flash_write (int fd_current, int fd_target, int dev_target)
999 {
1000 int rc;
1001
1002 switch (environment.flag_scheme) {
1003 case FLAG_NONE:
1004 break;
1005 case FLAG_INCREMENTAL:
1006 (*environment.flags)++;
1007 break;
1008 case FLAG_BOOLEAN:
1009 *environment.flags = active_flag;
1010 break;
1011 default:
1012 fprintf (stderr, "Unimplemented flash scheme %u \n",
1013 environment.flag_scheme);
1014 return -1;
1015 }
1016
1017 #ifdef DEBUG
1018 fprintf(stderr, "Writing new environment at 0x%llx on %s\n",
1019 DEVOFFSET (dev_target), DEVNAME (dev_target));
1020 #endif
1021
1022 rc = flash_write_buf(dev_target, fd_target, environment.image,
1023 CUR_ENVSIZE);
1024 if (rc < 0)
1025 return rc;
1026
1027 if (environment.flag_scheme == FLAG_BOOLEAN) {
1028 /* Have to set obsolete flag */
1029 off_t offset = DEVOFFSET (dev_current) +
1030 offsetof (struct env_image_redundant, flags);
1031 #ifdef DEBUG
1032 fprintf(stderr,
1033 "Setting obsolete flag in environment at 0x%llx on %s\n",
1034 DEVOFFSET (dev_current), DEVNAME (dev_current));
1035 #endif
1036 flash_flag_obsolete (dev_current, fd_current, offset);
1037 }
1038
1039 return 0;
1040 }
1041
1042 static int flash_read (int fd)
1043 {
1044 int rc;
1045
1046 rc = flash_read_buf(dev_current, fd, environment.image, CUR_ENVSIZE,
1047 DEVOFFSET(dev_current));
1048 if (rc != CUR_ENVSIZE)
1049 return -1;
1050
1051 return 0;
1052 }
1053
1054 static int flash_io (int mode)
1055 {
1056 int fd_current, fd_target, rc, dev_target;
1057
1058 /* dev_current: fd_current, erase_current */
1059 fd_current = open (DEVNAME (dev_current), mode);
1060 if (fd_current < 0) {
1061 fprintf (stderr,
1062 "Can't open %s: %s\n",
1063 DEVNAME (dev_current), strerror (errno));
1064 return -1;
1065 }
1066
1067 if (mode == O_RDWR) {
1068 if (HaveRedundEnv) {
1069 /* switch to next partition for writing */
1070 dev_target = !dev_current;
1071 /* dev_target: fd_target, erase_target */
1072 fd_target = open (DEVNAME (dev_target), mode);
1073 if (fd_target < 0) {
1074 fprintf (stderr,
1075 "Can't open %s: %s\n",
1076 DEVNAME (dev_target),
1077 strerror (errno));
1078 rc = -1;
1079 goto exit;
1080 }
1081 } else {
1082 dev_target = dev_current;
1083 fd_target = fd_current;
1084 }
1085
1086 rc = flash_write (fd_current, fd_target, dev_target);
1087
1088 if (HaveRedundEnv) {
1089 if (close (fd_target)) {
1090 fprintf (stderr,
1091 "I/O error on %s: %s\n",
1092 DEVNAME (dev_target),
1093 strerror (errno));
1094 rc = -1;
1095 }
1096 }
1097 } else {
1098 rc = flash_read (fd_current);
1099 }
1100
1101 exit:
1102 if (close (fd_current)) {
1103 fprintf (stderr,
1104 "I/O error on %s: %s\n",
1105 DEVNAME (dev_current), strerror (errno));
1106 return -1;
1107 }
1108
1109 return rc;
1110 }
1111
1112 /*
1113 * Prevent confusion if running from erased flash memory
1114 */
1115 int fw_env_open(struct env_opts *opts)
1116 {
1117 int crc0, crc0_ok;
1118 unsigned char flag0;
1119 void *addr0 = NULL;
1120
1121 int crc1, crc1_ok;
1122 unsigned char flag1;
1123 void *addr1 = NULL;
1124
1125 int ret;
1126
1127 struct env_image_single *single;
1128 struct env_image_redundant *redundant;
1129
1130 if (!opts)
1131 opts = &default_opts;
1132
1133 if (parse_config(opts)) /* should fill envdevices */
1134 return -EINVAL;
1135
1136 addr0 = calloc(1, CUR_ENVSIZE);
1137 if (addr0 == NULL) {
1138 fprintf(stderr,
1139 "Not enough memory for environment (%ld bytes)\n",
1140 CUR_ENVSIZE);
1141 ret = -ENOMEM;
1142 goto open_cleanup;
1143 }
1144
1145 /* read environment from FLASH to local buffer */
1146 environment.image = addr0;
1147
1148 if (HaveRedundEnv) {
1149 redundant = addr0;
1150 environment.crc = &redundant->crc;
1151 environment.flags = &redundant->flags;
1152 environment.data = redundant->data;
1153 } else {
1154 single = addr0;
1155 environment.crc = &single->crc;
1156 environment.flags = NULL;
1157 environment.data = single->data;
1158 }
1159
1160 dev_current = 0;
1161 if (flash_io(O_RDONLY)) {
1162 ret = -EIO;
1163 goto open_cleanup;
1164 }
1165
1166 crc0 = crc32 (0, (uint8_t *) environment.data, ENV_SIZE);
1167
1168 if (opts->aes_flag) {
1169 ret = env_aes_cbc_crypt(environment.data, 0,
1170 opts->aes_key);
1171 if (ret)
1172 goto open_cleanup;
1173 }
1174
1175 crc0_ok = (crc0 == *environment.crc);
1176 if (!HaveRedundEnv) {
1177 if (!crc0_ok) {
1178 fprintf (stderr,
1179 "Warning: Bad CRC, using default environment\n");
1180 memcpy(environment.data, default_environment, sizeof default_environment);
1181 }
1182 } else {
1183 flag0 = *environment.flags;
1184
1185 dev_current = 1;
1186 addr1 = calloc(1, CUR_ENVSIZE);
1187 if (addr1 == NULL) {
1188 fprintf(stderr,
1189 "Not enough memory for environment (%ld bytes)\n",
1190 CUR_ENVSIZE);
1191 ret = -ENOMEM;
1192 goto open_cleanup;
1193 }
1194 redundant = addr1;
1195
1196 /*
1197 * have to set environment.image for flash_read(), careful -
1198 * other pointers in environment still point inside addr0
1199 */
1200 environment.image = addr1;
1201 if (flash_io(O_RDONLY)) {
1202 ret = -EIO;
1203 goto open_cleanup;
1204 }
1205
1206 /* Check flag scheme compatibility */
1207 if (DEVTYPE(dev_current) == MTD_NORFLASH &&
1208 DEVTYPE(!dev_current) == MTD_NORFLASH) {
1209 environment.flag_scheme = FLAG_BOOLEAN;
1210 } else if (DEVTYPE(dev_current) == MTD_NANDFLASH &&
1211 DEVTYPE(!dev_current) == MTD_NANDFLASH) {
1212 environment.flag_scheme = FLAG_INCREMENTAL;
1213 } else if (DEVTYPE(dev_current) == MTD_DATAFLASH &&
1214 DEVTYPE(!dev_current) == MTD_DATAFLASH) {
1215 environment.flag_scheme = FLAG_BOOLEAN;
1216 } else if (DEVTYPE(dev_current) == MTD_UBIVOLUME &&
1217 DEVTYPE(!dev_current) == MTD_UBIVOLUME) {
1218 environment.flag_scheme = FLAG_INCREMENTAL;
1219 } else if (DEVTYPE(dev_current) == MTD_ABSENT &&
1220 DEVTYPE(!dev_current) == MTD_ABSENT) {
1221 environment.flag_scheme = FLAG_INCREMENTAL;
1222 } else {
1223 fprintf (stderr, "Incompatible flash types!\n");
1224 ret = -EINVAL;
1225 goto open_cleanup;
1226 }
1227
1228 crc1 = crc32 (0, (uint8_t *) redundant->data, ENV_SIZE);
1229
1230 if (opts->aes_flag) {
1231 ret = env_aes_cbc_crypt(redundant->data, 0,
1232 opts->aes_key);
1233 if (ret)
1234 goto open_cleanup;
1235 }
1236
1237 crc1_ok = (crc1 == redundant->crc);
1238 flag1 = redundant->flags;
1239
1240 if (crc0_ok && !crc1_ok) {
1241 dev_current = 0;
1242 } else if (!crc0_ok && crc1_ok) {
1243 dev_current = 1;
1244 } else if (!crc0_ok && !crc1_ok) {
1245 fprintf (stderr,
1246 "Warning: Bad CRC, using default environment\n");
1247 memcpy (environment.data, default_environment,
1248 sizeof default_environment);
1249 dev_current = 0;
1250 } else {
1251 switch (environment.flag_scheme) {
1252 case FLAG_BOOLEAN:
1253 if (flag0 == active_flag &&
1254 flag1 == obsolete_flag) {
1255 dev_current = 0;
1256 } else if (flag0 == obsolete_flag &&
1257 flag1 == active_flag) {
1258 dev_current = 1;
1259 } else if (flag0 == flag1) {
1260 dev_current = 0;
1261 } else if (flag0 == 0xFF) {
1262 dev_current = 0;
1263 } else if (flag1 == 0xFF) {
1264 dev_current = 1;
1265 } else {
1266 dev_current = 0;
1267 }
1268 break;
1269 case FLAG_INCREMENTAL:
1270 if (flag0 == 255 && flag1 == 0)
1271 dev_current = 1;
1272 else if ((flag1 == 255 && flag0 == 0) ||
1273 flag0 >= flag1)
1274 dev_current = 0;
1275 else /* flag1 > flag0 */
1276 dev_current = 1;
1277 break;
1278 default:
1279 fprintf (stderr, "Unknown flag scheme %u \n",
1280 environment.flag_scheme);
1281 return -1;
1282 }
1283 }
1284
1285 /*
1286 * If we are reading, we don't need the flag and the CRC any
1287 * more, if we are writing, we will re-calculate CRC and update
1288 * flags before writing out
1289 */
1290 if (dev_current) {
1291 environment.image = addr1;
1292 environment.crc = &redundant->crc;
1293 environment.flags = &redundant->flags;
1294 environment.data = redundant->data;
1295 free (addr0);
1296 } else {
1297 environment.image = addr0;
1298 /* Other pointers are already set */
1299 free (addr1);
1300 }
1301 #ifdef DEBUG
1302 fprintf(stderr, "Selected env in %s\n", DEVNAME(dev_current));
1303 #endif
1304 }
1305 return 0;
1306
1307 open_cleanup:
1308 if (addr0)
1309 free(addr0);
1310
1311 if (addr1)
1312 free(addr0);
1313
1314 return ret;
1315 }
1316
1317 /*
1318 * Simply free allocated buffer with environment
1319 */
1320 int fw_env_close(struct env_opts *opts)
1321 {
1322 if (environment.image)
1323 free(environment.image);
1324
1325 environment.image = NULL;
1326
1327 return 0;
1328 }
1329
1330 static int check_device_config(int dev)
1331 {
1332 struct stat st;
1333 int fd, rc = 0;
1334
1335 fd = open(DEVNAME(dev), O_RDONLY);
1336 if (fd < 0) {
1337 fprintf(stderr,
1338 "Cannot open %s: %s\n",
1339 DEVNAME(dev), strerror(errno));
1340 return -1;
1341 }
1342
1343 rc = fstat(fd, &st);
1344 if (rc < 0) {
1345 fprintf(stderr, "Cannot stat the file %s\n",
1346 DEVNAME(dev));
1347 goto err;
1348 }
1349
1350 if (S_ISCHR(st.st_mode)) {
1351 struct mtd_info_user mtdinfo;
1352 rc = ioctl(fd, MEMGETINFO, &mtdinfo);
1353 if (rc < 0) {
1354 fprintf(stderr, "Cannot get MTD information for %s\n",
1355 DEVNAME(dev));
1356 goto err;
1357 }
1358 if (mtdinfo.type != MTD_NORFLASH &&
1359 mtdinfo.type != MTD_NANDFLASH &&
1360 mtdinfo.type != MTD_DATAFLASH &&
1361 mtdinfo.type != MTD_UBIVOLUME) {
1362 fprintf(stderr, "Unsupported flash type %u on %s\n",
1363 mtdinfo.type, DEVNAME(dev));
1364 goto err;
1365 }
1366 DEVTYPE(dev) = mtdinfo.type;
1367 if (DEVESIZE(dev) == 0)
1368 /* Assume the erase size is the same as the env-size */
1369 DEVESIZE(dev) = ENVSIZE(dev);
1370 } else {
1371 uint64_t size;
1372 DEVTYPE(dev) = MTD_ABSENT;
1373 if (DEVESIZE(dev) == 0)
1374 /* Assume the erase size to be 512 bytes */
1375 DEVESIZE(dev) = 0x200;
1376
1377 /*
1378 * Check for negative offsets, treat it as backwards offset
1379 * from the end of the block device
1380 */
1381 if (DEVOFFSET(dev) < 0) {
1382 rc = ioctl(fd, BLKGETSIZE64, &size);
1383 if (rc < 0) {
1384 fprintf(stderr, "Could not get block device size on %s\n",
1385 DEVNAME(dev));
1386 goto err;
1387 }
1388
1389 DEVOFFSET(dev) = DEVOFFSET(dev) + size;
1390 #ifdef DEBUG
1391 fprintf(stderr, "Calculated device offset 0x%llx on %s\n",
1392 DEVOFFSET(dev), DEVNAME(dev));
1393 #endif
1394 }
1395 }
1396
1397 if (ENVSECTORS(dev) == 0)
1398 /* Assume enough sectors to cover the environment */
1399 ENVSECTORS(dev) = DIV_ROUND_UP(ENVSIZE(dev), DEVESIZE(dev));
1400
1401 if (DEVOFFSET(dev) % DEVESIZE(dev) != 0) {
1402 fprintf(stderr, "Environment does not start on (erase) block boundary\n");
1403 errno = EINVAL;
1404 return -1;
1405 }
1406
1407 if (ENVSIZE(dev) > ENVSECTORS(dev) * DEVESIZE(dev)) {
1408 fprintf(stderr, "Environment does not fit into available sectors\n");
1409 errno = EINVAL;
1410 return -1;
1411 }
1412
1413 err:
1414 close(fd);
1415 return rc;
1416 }
1417
1418 static int parse_config(struct env_opts *opts)
1419 {
1420 int rc;
1421
1422 if (!opts)
1423 opts = &default_opts;
1424
1425 #if defined(CONFIG_FILE)
1426 /* Fills in DEVNAME(), ENVSIZE(), DEVESIZE(). Or don't. */
1427 if (get_config(opts->config_file)) {
1428 fprintf(stderr, "Cannot parse config file '%s': %m\n",
1429 opts->config_file);
1430 return -1;
1431 }
1432 #else
1433 DEVNAME (0) = DEVICE1_NAME;
1434 DEVOFFSET (0) = DEVICE1_OFFSET;
1435 ENVSIZE (0) = ENV1_SIZE;
1436
1437 /* Set defaults for DEVESIZE, ENVSECTORS later once we
1438 * know DEVTYPE
1439 */
1440 #ifdef DEVICE1_ESIZE
1441 DEVESIZE (0) = DEVICE1_ESIZE;
1442 #endif
1443 #ifdef DEVICE1_ENVSECTORS
1444 ENVSECTORS (0) = DEVICE1_ENVSECTORS;
1445 #endif
1446
1447 #ifdef HAVE_REDUND
1448 DEVNAME (1) = DEVICE2_NAME;
1449 DEVOFFSET (1) = DEVICE2_OFFSET;
1450 ENVSIZE (1) = ENV2_SIZE;
1451
1452 /* Set defaults for DEVESIZE, ENVSECTORS later once we
1453 * know DEVTYPE
1454 */
1455 #ifdef DEVICE2_ESIZE
1456 DEVESIZE (1) = DEVICE2_ESIZE;
1457 #endif
1458 #ifdef DEVICE2_ENVSECTORS
1459 ENVSECTORS (1) = DEVICE2_ENVSECTORS;
1460 #endif
1461 HaveRedundEnv = 1;
1462 #endif
1463 #endif
1464 rc = check_device_config(0);
1465 if (rc < 0)
1466 return rc;
1467
1468 if (HaveRedundEnv) {
1469 rc = check_device_config(1);
1470 if (rc < 0)
1471 return rc;
1472
1473 if (ENVSIZE(0) != ENVSIZE(1)) {
1474 fprintf(stderr,
1475 "Redundant environments have unequal size");
1476 return -1;
1477 }
1478 }
1479
1480 usable_envsize = CUR_ENVSIZE - sizeof(uint32_t);
1481 if (HaveRedundEnv)
1482 usable_envsize -= sizeof(char);
1483
1484 if (opts->aes_flag)
1485 usable_envsize &= ~(AES_KEY_LENGTH - 1);
1486
1487 return 0;
1488 }
1489
1490 #if defined(CONFIG_FILE)
1491 static int get_config (char *fname)
1492 {
1493 FILE *fp;
1494 int i = 0;
1495 int rc;
1496 char dump[128];
1497 char *devname;
1498
1499 fp = fopen (fname, "r");
1500 if (fp == NULL)
1501 return -1;
1502
1503 while (i < 2 && fgets (dump, sizeof (dump), fp)) {
1504 /* Skip incomplete conversions and comment strings */
1505 if (dump[0] == '#')
1506 continue;
1507
1508 rc = sscanf(dump, "%ms %lli %lx %lx %lx",
1509 &devname,
1510 &DEVOFFSET(i),
1511 &ENVSIZE(i),
1512 &DEVESIZE(i),
1513 &ENVSECTORS(i));
1514
1515 if (rc < 3)
1516 continue;
1517
1518 DEVNAME(i) = devname;
1519
1520 /* Set defaults for DEVESIZE, ENVSECTORS later once we
1521 * know DEVTYPE
1522 */
1523
1524 i++;
1525 }
1526 fclose (fp);
1527
1528 HaveRedundEnv = i - 1;
1529 if (!i) { /* No valid entries found */
1530 errno = EINVAL;
1531 return -1;
1532 } else
1533 return 0;
1534 }
1535 #endif
"Das U-Boot" Source Tree