Newer
Older
* (C) Copyright 2000-2010
* Wolfgang Denk, DENX Software Engineering, wd@denx.de.
*
* (C) Copyright 2008
* Guennadi Liakhovetski, DENX Software Engineering, lg@denx.de.
*
* SPDX-License-Identifier: GPL-2.0+
#include <errno.h>
#include <env_flags.h>
#include <fcntl.h>
#include <linux/stringify.h>
#include <stdio.h>
#include <stdlib.h>
#include <stddef.h>
#include <string.h>
#include <sys/types.h>
#include <sys/ioctl.h>
#include <sys/stat.h>
#include <unistd.h>
# include <linux/mtd/mtd.h>
#else
# include <mtd/mtd-user.h>
#endif
#include "fw_env.h"
#include <aes.h>
#define DIV_ROUND_UP(n, d) (((n) + (d) - 1) / (d))
#define WHITESPACE(c) ((c == '\t') || (c == ' '))
#define min(x, y) ({ \
typeof(x) _min1 = (x); \
typeof(y) _min2 = (y); \
(void) (&_min1 == &_min2); \
_min1 < _min2 ? _min1 : _min2; })
struct envdev_s {
const char *devname; /* Device name */
ulong devoff; /* Device offset */
ulong env_size; /* environment size */
ulong erase_size; /* device erase size */
ulong env_sectors; /* number of environment sectors */
uint8_t mtd_type; /* type of the MTD device */
};
static struct envdev_s envdevices[2] =
{
{
.mtd_type = MTD_ABSENT,
}, {
.mtd_type = MTD_ABSENT,
},
};
static int dev_current;
#define DEVNAME(i) envdevices[(i)].devname
#define DEVOFFSET(i) envdevices[(i)].devoff
#define ENVSIZE(i) envdevices[(i)].env_size
#define DEVESIZE(i) envdevices[(i)].erase_size
#define ENVSECTORS(i) envdevices[(i)].env_sectors
#define DEVTYPE(i) envdevices[(i)].mtd_type
#define CUR_ENVSIZE ENVSIZE(dev_current)
#define ENV_SIZE getenvsize()
struct env_image_single {
uint32_t crc; /* CRC32 over data bytes */
char data[];
};
struct env_image_redundant {
uint32_t crc; /* CRC32 over data bytes */
unsigned char flags; /* active or obsolete */
char data[];
};
enum flag_scheme {
FLAG_NONE,
FLAG_BOOLEAN,
FLAG_INCREMENTAL,
};
struct environment {
void *image;
uint32_t *crc;
unsigned char *flags;
char *data;
enum flag_scheme flag_scheme;
};
static struct environment environment = {
.flag_scheme = FLAG_NONE,
};
/* Is AES encryption used? */
static int aes_flag;
static uint8_t aes_key[AES_KEY_LENGTH] = { 0 };
static int env_aes_cbc_crypt(char *data, const int enc);
static int HaveRedundEnv = 0;
static unsigned char active_flag = 1;
/* obsolete_flag must be 0 to efficiently set it on NOR flash without erasing */
static unsigned char obsolete_flag = 0;
#define DEFAULT_ENV_INSTANCE_STATIC
#include <env_default.h>
static char *envmatch (char * s1, char * s2);
static int parse_config (void);
#if defined(CONFIG_FILE)
static char *config_file = CONFIG_FILE;
static inline ulong getenvsize (void)
ulong rc = CUR_ENVSIZE - sizeof(uint32_t);
if (HaveRedundEnv)
if (aes_flag)
rc &= ~(AES_KEY_LENGTH - 1);
static char *fw_string_blank(char *s, int noblank)
{
int i;
int len = strlen(s);
for (i = 0; i < len; i++, s++) {
if ((noblank && !WHITESPACE(*s)) ||
(!noblank && WHITESPACE(*s)))
break;
}
if (i == len)
return NULL;
return s;
}
/*
* Search the environment for a variable.
* Return the value, if found, or NULL, if not found.
*/
char *fw_getenv (char *name)
for (env = environment.data; *env; env = nxt + 1) {
if (nxt >= &environment.data[ENV_SIZE]) {
fprintf (stderr, "## Error: "
"environment not terminated\n");
if (!val)
continue;
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
/*
* Search the default environment for a variable.
* Return the value, if found, or NULL, if not found.
*/
char *fw_getdefenv(char *name)
{
char *env, *nxt;
for (env = default_environment; *env; env = nxt + 1) {
char *val;
for (nxt = env; *nxt; ++nxt) {
if (nxt >= &default_environment[ENV_SIZE]) {
fprintf(stderr, "## Error: "
"default environment not terminated\n");
return NULL;
}
}
val = envmatch(name, env);
if (!val)
continue;
return val;
}
return NULL;
}
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
static int parse_aes_key(char *key)
{
char tmp[5] = { '0', 'x', 0, 0, 0 };
unsigned long ul;
int i;
if (strnlen(key, 64) != 32) {
fprintf(stderr,
"## Error: '-a' option requires 16-byte AES key\n");
return -1;
}
for (i = 0; i < 16; i++) {
tmp[2] = key[0];
tmp[3] = key[1];
errno = 0;
ul = strtoul(tmp, NULL, 16);
if (errno) {
fprintf(stderr,
"## Error: '-a' option requires valid AES key\n");
return -1;
}
aes_key[i] = ul & 0xff;
key += 2;
}
aes_flag = 1;
return 0;
}
/*
* Print the current definition of one, or more, or all
* environment variables
*/
int fw_printenv (int argc, char *argv[])
int i, n_flag;
#ifdef CONFIG_FILE
if (argc >= 2 && strcmp(argv[1], "-c") == 0) {
if (argc < 3) {
fprintf(stderr,
"## Error: '-c' option requires the config file to use\n");
return -1;
}
config_file = argv[2];
argv += 2;
argc -= 2;
}
#endif
if (argc >= 2 && strcmp(argv[1], "-a") == 0) {
if (argc < 3) {
fprintf(stderr,
"## Error: '-a' option requires AES key\n");
return -1;
}
rc = parse_aes_key(argv[2]);
if (rc)
return rc;
argv += 2;
argc -= 2;
}
if (argc == 1) { /* Print all env variables */
for (env = environment.data; *env; env = nxt + 1) {
for (nxt = env; *nxt; ++nxt) {
if (nxt >= &environment.data[ENV_SIZE]) {
fprintf (stderr, "## Error: "
"environment not terminated\n");
n_flag = 1;
++argv;
--argc;
if (argc != 2) {
fprintf (stderr, "## Error: "
"`-n' option requires exactly one argument\n");
}
} else {
n_flag = 0;
}
for (i = 1; i < argc; ++i) { /* print single env variables */
char *name = argv[i];
char *val = NULL;
for (env = environment.data; *env; env = nxt + 1) {
if (nxt >= &environment.data[ENV_SIZE]) {
fprintf (stderr, "## Error: "
"environment not terminated\n");
if (val) {
if (!n_flag) {
fputs (name, stdout);
break;
}
}
fprintf (stderr, "## Error: \"%s\" not defined\n", name);
rc = -1;
}
int fw_env_close(void)
int ret;
if (aes_flag) {
ret = env_aes_cbc_crypt(environment.data, 1);
if (ret) {
fprintf(stderr,
"Error: can't encrypt env for flash\n");
return ret;
}
}
/*
* Update CRC
*/
*environment.crc = crc32(0, (uint8_t *) environment.data, ENV_SIZE);
/* write environment back to flash */
if (flash_io(O_RDWR)) {
fprintf(stderr,
"Error: can't write fw_env to flash\n");
return -1;
/*
* Set/Clear a single variable in the environment.
* This is called in sequence to update the environment
* in RAM without updating the copy in flash after each set
*/
int fw_env_write(char *name, char *value)
{
int len;
char *env, *nxt;
char *oldval = NULL;
int deleting, creating, overwriting;
/*
* search if variable with this name already exists
*/
for (nxt = env = environment.data; *env; env = nxt + 1) {
for (nxt = env; *nxt; ++nxt) {
if (nxt >= &environment.data[ENV_SIZE]) {
fprintf(stderr, "## Error: "
"environment not terminated\n");
if ((oldval = envmatch (name, env)) != NULL)
break;
}
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
deleting = (oldval && !(value && strlen(value)));
creating = (!oldval && (value && strlen(value)));
overwriting = (oldval && (value && strlen(value)));
/* check for permission */
if (deleting) {
if (env_flags_validate_varaccess(name,
ENV_FLAGS_VARACCESS_PREVENT_DELETE)) {
printf("Can't delete \"%s\"\n", name);
errno = EROFS;
return -1;
}
} else if (overwriting) {
if (env_flags_validate_varaccess(name,
ENV_FLAGS_VARACCESS_PREVENT_OVERWR)) {
printf("Can't overwrite \"%s\"\n", name);
errno = EROFS;
return -1;
} else if (env_flags_validate_varaccess(name,
ENV_FLAGS_VARACCESS_PREVENT_NONDEF_OVERWR)) {
const char *defval = fw_getdefenv(name);
if (defval == NULL)
defval = "";
if (strcmp(oldval, defval)
!= 0) {
printf("Can't overwrite \"%s\"\n", name);
errno = EROFS;
return -1;
}
}
} else if (creating) {
if (env_flags_validate_varaccess(name,
ENV_FLAGS_VARACCESS_PREVENT_CREATE)) {
printf("Can't create \"%s\"\n", name);
errno = EROFS;
return -1;
}
} else
/* Nothing to do */
return 0;
if (deleting || overwriting) {
if (*++nxt == '\0') {
*env = '\0';
} else {
for (;;) {
*env = *nxt++;
if ((*env == '\0') && (*nxt == '\0'))
break;
++env;
}
}
*++env = '\0';
}
/* Delete only ? */
if (!value || !strlen(value))
return 0;
/*
* Append new definition at the end
*/
for (env = environment.data; *env || *(env + 1); ++env);
if (env > environment.data)
++env;
/*
* Overflow when:
* "name" + "=" + "val" +"\0\0" > CUR_ENVSIZE - (env-environment)
/* add '=' for first arg, ' ' for all others */
len += strlen(value) + 1;
if (len > (&environment.data[ENV_SIZE] - env)) {
fprintf (stderr,
"Error: environment overflow, \"%s\" deleted\n",
name);
while ((*env = *name++) != '\0')
env++;
*env = '=';
while ((*++env = *value++) != '\0')
;
/* end is marked with double '\0' */
*++env = '\0';
return 0;
}
/*
* Deletes or sets environment variables. Returns -1 and sets errno error codes:
* 0 - OK
* EINVAL - need at least 1 argument
* EROFS - certain variables ("ethaddr", "serial#") cannot be
* modified or deleted
*
*/
int fw_setenv(int argc, char *argv[])
{
char *name;
char *value = NULL;
#ifdef CONFIG_FILE
if (argc >= 2 && strcmp(argv[1], "-c") == 0) {
if (argc < 3) {
fprintf(stderr,
"## Error: '-c' option requires the config file to use\n");
return -1;
}
config_file = argv[2];
argv += 2;
argc -= 2;
}
#endif
if (argc < 2) {
errno = EINVAL;
return -1;
}
if (strcmp(argv[1], "-a") == 0) {
if (argc < 3) {
fprintf(stderr,
"## Error: '-a' option requires AES key\n");
return -1;
}
rc = parse_aes_key(argv[2]);
if (rc)
return rc;
argv += 2;
argc -= 2;
}
if (argc < 2) {
errno = EINVAL;
return -1;
}
if (fw_env_open()) {
fprintf(stderr, "Error: environment not initialized\n");
return -1;
}
name = argv[1];
if (env_flags_validate_env_set_params(argc, argv) < 0)
return 1;
size_t val_len = strlen(val);
if (value)
value[len - 1] = ' ';
value = realloc(value, len + val_len + 1);
len, strerror(errno));
return -1;
memcpy(value + len, val, val_len);
len += val_len;
fw_env_write(name, value);
return fw_env_close();
}
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
/*
* Parse a file and configure the u-boot variables.
* The script file has a very simple format, as follows:
*
* Each line has a couple with name, value:
* <white spaces>variable_name<white spaces>variable_value
*
* Both variable_name and variable_value are interpreted as strings.
* Any character after <white spaces> and before ending \r\n is interpreted
* as variable's value (no comment allowed on these lines !)
*
* Comments are allowed if the first character in the line is #
*
* Returns -1 and sets errno error codes:
* 0 - OK
* -1 - Error
*/
int fw_parse_script(char *fname)
{
FILE *fp;
char dump[1024]; /* Maximum line length in the file */
char *name;
char *val;
int lineno = 0;
int len;
int ret = 0;
if (fw_env_open()) {
fprintf(stderr, "Error: environment not initialized\n");
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
if (strcmp(fname, "-") == 0)
fp = stdin;
else {
fp = fopen(fname, "r");
if (fp == NULL) {
fprintf(stderr, "I cannot open %s for reading\n",
fname);
return -1;
}
}
while (fgets(dump, sizeof(dump), fp)) {
lineno++;
len = strlen(dump);
/*
* Read a whole line from the file. If the line is too long
* or is not terminated, reports an error and exit.
*/
if (dump[len - 1] != '\n') {
fprintf(stderr,
"Line %d not corrected terminated or too long\n",
lineno);
ret = -1;
break;
}
/* Drop ending line feed / carriage return */
while (len > 0 && (dump[len - 1] == '\n' ||
dump[len - 1] == '\r')) {
dump[len - 1] = '\0';
len--;
}
/* Skip comment or empty lines */
if ((len == 0) || dump[0] == '#')
continue;
/*
* Search for variable's name,
* remove leading whitespaces
*/
name = fw_string_blank(dump, 1);
if (!name)
continue;
/* The first white space is the end of variable name */
val = fw_string_blank(name, 0);
len = strlen(name);
if (val) {
*val++ = '\0';
if ((val - name) < len)
val = fw_string_blank(val, 1);
else
val = NULL;
}
#ifdef DEBUG
fprintf(stderr, "Setting %s : %s\n",
name, val ? val : " removed");
#endif
if (env_flags_validate_type(name, val) < 0) {
ret = -1;
break;
}
/*
* If there is an error setting a variable,
* try to save the environment and returns an error
*/
if (fw_env_write(name, val)) {
fprintf(stderr,
"fw_env_write returns with error : %s\n",
strerror(errno));
ret = -1;
break;
}
}
/* Close file if not stdin */
if (strcmp(fname, "-") != 0)
fclose(fp);
ret |= fw_env_close();
return ret;
/*
* Test for bad block on NAND, just returns 0 on NOR, on NAND:
* 0 - block is good
* > 0 - block is bad
* < 0 - failed to test
*/
static int flash_bad_block (int fd, uint8_t mtd_type, loff_t *blockstart)
if (mtd_type == MTD_NANDFLASH) {
int badblock = ioctl (fd, MEMGETBADBLOCK, blockstart);
if (badblock < 0) {
perror ("Cannot read bad block mark");
return badblock;
}
if (badblock) {
#ifdef DEBUG
fprintf (stderr, "Bad block at 0x%llx, "
"skipping\n", *blockstart);
#endif
return badblock;
}
return 0;
}
/*
* Read data from flash at an offset into a provided buffer. On NAND it skips
* bad blocks but makes sure it stays within ENVSECTORS (dev) starting from
* the DEVOFFSET (dev) block. On NOR the loop is only run once.
*/
static int flash_read_buf (int dev, int fd, void *buf, size_t count,
off_t offset, uint8_t mtd_type)
{
size_t blocklen; /* erase / write length - one block on NAND,
0 on NOR */
size_t processed = 0; /* progress counter */
size_t readlen = count; /* current read length */
off_t top_of_range; /* end of the last block we may use */
off_t block_seek; /* offset inside the current block to the start
of the data */
loff_t blockstart; /* running start of the current block -
MEMGETBADBLOCK needs 64 bits */
int rc;
blockstart = (offset / DEVESIZE (dev)) * DEVESIZE (dev);
/* Offset inside a block */
block_seek = offset - blockstart;
if (mtd_type == MTD_NANDFLASH) {
/*
* NAND: calculate which blocks we are reading. We have
* to read one block at a time to skip bad blocks.
*/
blocklen = DEVESIZE (dev);
/*
* To calculate the top of the range, we have to use the
* global DEVOFFSET (dev), which can be different from offset
*/
top_of_range = ((DEVOFFSET(dev) / blocklen) +
ENVSECTORS (dev)) * blocklen;
/* Limit to one block for the first read */
if (readlen > blocklen - block_seek)
readlen = blocklen - block_seek;
} else {
blocklen = 0;
top_of_range = offset + count;
/* This only runs once on NOR flash */
while (processed < count) {
rc = flash_bad_block (fd, mtd_type, &blockstart);
if (rc < 0) /* block test failed */
return -1;
if (blockstart + block_seek + readlen > top_of_range) {
/* End of range is reached */
fprintf (stderr,
"Too few good blocks within range\n");
return -1;
if (rc) { /* block is bad */
blockstart += blocklen;
continue;
/*
* If a block is bad, we retry in the next block at the same
* offset - see common/env_nand.c::writeenv()
*/
lseek (fd, blockstart + block_seek, SEEK_SET);
rc = read (fd, buf + processed, readlen);
if (rc != readlen) {
fprintf (stderr, "Read error on %s: %s\n",
DEVNAME (dev), strerror (errno));
return -1;
fprintf(stderr, "Read 0x%x bytes at 0x%llx on %s\n",
rc, blockstart + block_seek, DEVNAME(dev));
#endif
processed += readlen;
readlen = min (blocklen, count - processed);
block_seek = 0;
blockstart += blocklen;
}
return processed;
}
/*
* Write count bytes at offset, but stay within ENVSECTORS (dev) sectors of
* DEVOFFSET (dev). Similar to the read case above, on NOR and dataflash we
* erase and write the whole data at once.
*/
static int flash_write_buf (int dev, int fd, void *buf, size_t count,
off_t offset, uint8_t mtd_type)
{
void *data;
struct erase_info_user erase;
size_t blocklen; /* length of NAND block / NOR erase sector */
size_t erase_len; /* whole area that can be erased - may include
bad blocks */
size_t erasesize; /* erase / write length - one block on NAND,
whole area on NOR */
size_t processed = 0; /* progress counter */
size_t write_total; /* total size to actually write - excluding
bad blocks */
off_t erase_offset; /* offset to the first erase block (aligned)
below offset */
off_t block_seek; /* offset inside the erase block to the start
of the data */
off_t top_of_range; /* end of the last block we may use */
loff_t blockstart; /* running start of the current block -
MEMGETBADBLOCK needs 64 bits */
int rc;
/*
* For mtd devices only offset and size of the environment do matter
*/
if (mtd_type == MTD_ABSENT) {
blocklen = count;
top_of_range = offset + count;
erase_len = blocklen;
blockstart = offset;
block_seek = 0;
write_total = blocklen;
} else {
blocklen = DEVESIZE(dev);
top_of_range = ((DEVOFFSET(dev) / blocklen) +
ENVSECTORS(dev)) * blocklen;
erase_offset = (offset / blocklen) * blocklen;
/* Maximum area we may use */
erase_len = top_of_range - erase_offset;
blockstart = erase_offset;
/* Offset inside a block */
block_seek = offset - erase_offset;
/*
* Data size we actually write: from the start of the block
* to the start of the data, then count bytes of data, and
* to the end of the block
*/
write_total = ((block_seek + count + blocklen - 1) /
blocklen) * blocklen;
}
/*
* Support data anywhere within erase sectors: read out the complete
* area to be erased, replace the environment image, write the whole
* block back again.
*/
if (write_total > count) {
data = malloc (erase_len);
if (!data) {
erase_len, strerror (errno));
return -1;
rc = flash_read_buf (dev, fd, data, write_total, erase_offset,
mtd_type);
if (write_total != rc)
return -1;
#ifdef DEBUG
fprintf(stderr, "Preserving data ");
if (block_seek != 0)
fprintf(stderr, "0x%x - 0x%lx", 0, block_seek - 1);
if (block_seek + count != write_total) {
if (block_seek != 0)
fprintf(stderr, " and ");
fprintf(stderr, "0x%lx - 0x%x",
block_seek + count, write_total - 1);
}
fprintf(stderr, "\n");
#endif
/* Overwrite the old environment */
memcpy (data + block_seek, buf, count);
} else {
/*
* We get here, iff offset is block-aligned and count is a
* multiple of blocklen - see write_total calculation above
*/
data = buf;
}
if (mtd_type == MTD_NANDFLASH) {
/*
* NAND: calculate which blocks we are writing. We have
* to write one block at a time to skip bad blocks.
*/
erasesize = blocklen;
} else {
erasesize = erase_len;
}
erase.length = erasesize;
/* This only runs once on NOR flash and SPI-dataflash */
while (processed < write_total) {
rc = flash_bad_block (fd, mtd_type, &blockstart);
if (rc < 0) /* block test failed */
return rc;
if (blockstart + erasesize > top_of_range) {
fprintf (stderr, "End of range reached, aborting\n");
return -1;
if (rc) { /* block is bad */
blockstart += blocklen;
continue;
}
if (mtd_type != MTD_ABSENT) {
erase.start = blockstart;
ioctl(fd, MEMUNLOCK, &erase);
/* These do not need an explicit erase cycle */
if (mtd_type != MTD_DATAFLASH)
if (ioctl(fd, MEMERASE, &erase) != 0) {
fprintf(stderr,
"MTD erase error on %s: %s\n",
DEVNAME(dev), strerror(errno));
return -1;
}
}
if (lseek (fd, blockstart, SEEK_SET) == -1) {
fprintf (stderr,
"Seek error on %s: %s\n",
DEVNAME (dev), strerror (errno));
return -1;
fprintf(stderr, "Write 0x%x bytes at 0x%llx\n", erasesize,
blockstart);
#endif
if (write (fd, data + processed, erasesize) != erasesize) {
fprintf (stderr, "Write error on %s: %s\n",
DEVNAME (dev), strerror (errno));
return -1;
if (mtd_type != MTD_ABSENT)
ioctl(fd, MEMLOCK, &erase);
processed += erasesize;
blockstart += erasesize;
}
if (write_total > count)
free (data);
return processed;
}
/*
* Set obsolete flag at offset - NOR flash only
*/
static int flash_flag_obsolete (int dev, int fd, off_t offset)
{
int rc;
struct erase_info_user erase;
erase.start = DEVOFFSET (dev);
erase.length = DEVESIZE (dev);
/* This relies on the fact, that obsolete_flag == 0 */