Newer
Older
* (C) Copyright 2000-2010
* Wolfgang Denk, DENX Software Engineering, wd@denx.de.
*
* (C) Copyright 2008
* Guennadi Liakhovetski, DENX Software Engineering, lg@denx.de.
*
* SPDX-License-Identifier: GPL-2.0+
#include <errno.h>
#include <env_flags.h>
#include <fcntl.h>
#include <linux/stringify.h>
#include <stdio.h>
#include <stdlib.h>
#include <stddef.h>
#include <string.h>
#include <sys/types.h>
#include <sys/ioctl.h>
#include <sys/stat.h>
#include <unistd.h>
# include <linux/mtd/mtd.h>
#else
# include <mtd/mtd-user.h>
#endif
#include "fw_env.h"
struct common_args common_args;
struct printenv_args printenv_args;
struct setenv_args setenv_args;
#define DIV_ROUND_UP(n, d) (((n) + (d) - 1) / (d))
#define min(x, y) ({ \
typeof(x) _min1 = (x); \
typeof(y) _min2 = (y); \
(void) (&_min1 == &_min2); \
_min1 < _min2 ? _min1 : _min2; })
struct envdev_s {
const char *devname; /* Device name */
ulong devoff; /* Device offset */
ulong env_size; /* environment size */
ulong erase_size; /* device erase size */
ulong env_sectors; /* number of environment sectors */
uint8_t mtd_type; /* type of the MTD device */
};
static struct envdev_s envdevices[2] =
{
{
.mtd_type = MTD_ABSENT,
}, {
.mtd_type = MTD_ABSENT,
},
};
static int dev_current;
#define DEVNAME(i) envdevices[(i)].devname
#define DEVOFFSET(i) envdevices[(i)].devoff
#define ENVSIZE(i) envdevices[(i)].env_size
#define DEVESIZE(i) envdevices[(i)].erase_size
#define ENVSECTORS(i) envdevices[(i)].env_sectors
#define DEVTYPE(i) envdevices[(i)].mtd_type
#define CUR_ENVSIZE ENVSIZE(dev_current)
#define ENV_SIZE getenvsize()
struct env_image_single {
uint32_t crc; /* CRC32 over data bytes */
char data[];
};
struct env_image_redundant {
uint32_t crc; /* CRC32 over data bytes */
unsigned char flags; /* active or obsolete */
char data[];
};
enum flag_scheme {
FLAG_NONE,
FLAG_BOOLEAN,
FLAG_INCREMENTAL,
};
struct environment {
void *image;
uint32_t *crc;
unsigned char *flags;
char *data;
enum flag_scheme flag_scheme;
};
static struct environment environment = {
.flag_scheme = FLAG_NONE,
};
static int env_aes_cbc_crypt(char *data, const int enc, uint8_t *key);
static int HaveRedundEnv = 0;
static unsigned char active_flag = 1;
/* obsolete_flag must be 0 to efficiently set it on NOR flash without erasing */
static unsigned char obsolete_flag = 0;
#define DEFAULT_ENV_INSTANCE_STATIC
#include <env_default.h>
static char *envmatch (char * s1, char * s2);
static int parse_config (void);
#if defined(CONFIG_FILE)
static inline ulong getenvsize (void)
ulong rc = CUR_ENVSIZE - sizeof(uint32_t);
if (HaveRedundEnv)
if (common_args.aes_flag)
rc &= ~(AES_KEY_LENGTH - 1);
static char *skip_chars(char *s)
for (; *s != '\0'; s++) {
if (isblank(*s))
return s;
}
return NULL;
}
static char *skip_blanks(char *s)
{
for (; *s != '\0'; s++) {
if (!isblank(*s))
return s;
return NULL;
/*
* Search the environment for a variable.
* Return the value, if found, or NULL, if not found.
*/
char *fw_getenv (char *name)
for (env = environment.data; *env; env = nxt + 1) {
if (nxt >= &environment.data[ENV_SIZE]) {
fprintf (stderr, "## Error: "
"environment not terminated\n");
if (!val)
continue;
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
/*
* Search the default environment for a variable.
* Return the value, if found, or NULL, if not found.
*/
char *fw_getdefenv(char *name)
{
char *env, *nxt;
for (env = default_environment; *env; env = nxt + 1) {
char *val;
for (nxt = env; *nxt; ++nxt) {
if (nxt >= &default_environment[ENV_SIZE]) {
fprintf(stderr, "## Error: "
"default environment not terminated\n");
return NULL;
}
}
val = envmatch(name, env);
if (!val)
continue;
return val;
}
return NULL;
}
int parse_aes_key(char *key, uint8_t *bin_key)
{
char tmp[5] = { '0', 'x', 0, 0, 0 };
unsigned long ul;
int i;
if (strnlen(key, 64) != 32) {
fprintf(stderr,
"## Error: '-a' option requires 16-byte AES key\n");
return -1;
}
for (i = 0; i < 16; i++) {
tmp[2] = key[0];
tmp[3] = key[1];
errno = 0;
ul = strtoul(tmp, NULL, 16);
if (errno) {
fprintf(stderr,
"## Error: '-a' option requires valid AES key\n");
return -1;
}
key += 2;
}
return 0;
}
/*
* Print the current definition of one, or more, or all
* environment variables
*/
int fw_printenv(int argc, char *argv[], int value_only)
int i, rc = 0;
if (argc == 0) { /* Print all env variables */
for (env = environment.data; *env; env = nxt + 1) {
for (nxt = env; *nxt; ++nxt) {
if (nxt >= &environment.data[ENV_SIZE]) {
fprintf (stderr, "## Error: "
"environment not terminated\n");
if (value_only && argc != 1) {
fprintf(stderr,
"## Error: `-n' option requires exactly one argument\n");
return -1;
for (i = 0; i < argc; ++i) { /* print single env variables */
char *name = argv[i];
char *val = NULL;
for (env = environment.data; *env; env = nxt + 1) {
if (nxt >= &environment.data[ENV_SIZE]) {
fprintf (stderr, "## Error: "
"environment not terminated\n");
fputs (name, stdout);
break;
}
}
fprintf (stderr, "## Error: \"%s\" not defined\n", name);
rc = -1;
}
int fw_env_close(void)
if (common_args.aes_flag) {
ret = env_aes_cbc_crypt(environment.data, 1,
common_args.aes_key);
if (ret) {
fprintf(stderr,
"Error: can't encrypt env for flash\n");
return ret;
}
}
/*
* Update CRC
*/
*environment.crc = crc32(0, (uint8_t *) environment.data, ENV_SIZE);
/* write environment back to flash */
if (flash_io(O_RDWR)) {
fprintf(stderr,
"Error: can't write fw_env to flash\n");
return -1;
/*
* Set/Clear a single variable in the environment.
* This is called in sequence to update the environment
* in RAM without updating the copy in flash after each set
*/
int fw_env_write(char *name, char *value)
{
int len;
char *env, *nxt;
char *oldval = NULL;
int deleting, creating, overwriting;
/*
* search if variable with this name already exists
*/
for (nxt = env = environment.data; *env; env = nxt + 1) {
for (nxt = env; *nxt; ++nxt) {
if (nxt >= &environment.data[ENV_SIZE]) {
fprintf(stderr, "## Error: "
"environment not terminated\n");
if ((oldval = envmatch (name, env)) != NULL)
break;
}
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
deleting = (oldval && !(value && strlen(value)));
creating = (!oldval && (value && strlen(value)));
overwriting = (oldval && (value && strlen(value)));
/* check for permission */
if (deleting) {
if (env_flags_validate_varaccess(name,
ENV_FLAGS_VARACCESS_PREVENT_DELETE)) {
printf("Can't delete \"%s\"\n", name);
errno = EROFS;
return -1;
}
} else if (overwriting) {
if (env_flags_validate_varaccess(name,
ENV_FLAGS_VARACCESS_PREVENT_OVERWR)) {
printf("Can't overwrite \"%s\"\n", name);
errno = EROFS;
return -1;
} else if (env_flags_validate_varaccess(name,
ENV_FLAGS_VARACCESS_PREVENT_NONDEF_OVERWR)) {
const char *defval = fw_getdefenv(name);
if (defval == NULL)
defval = "";
if (strcmp(oldval, defval)
!= 0) {
printf("Can't overwrite \"%s\"\n", name);
errno = EROFS;
return -1;
}
}
} else if (creating) {
if (env_flags_validate_varaccess(name,
ENV_FLAGS_VARACCESS_PREVENT_CREATE)) {
printf("Can't create \"%s\"\n", name);
errno = EROFS;
return -1;
}
} else
/* Nothing to do */
return 0;
if (deleting || overwriting) {
if (*++nxt == '\0') {
*env = '\0';
} else {
for (;;) {
*env = *nxt++;
if ((*env == '\0') && (*nxt == '\0'))
break;
++env;
}
}
*++env = '\0';
}
/* Delete only ? */
if (!value || !strlen(value))
return 0;
/*
* Append new definition at the end
*/
for (env = environment.data; *env || *(env + 1); ++env);
if (env > environment.data)
++env;
/*
* Overflow when:
* "name" + "=" + "val" +"\0\0" > CUR_ENVSIZE - (env-environment)
/* add '=' for first arg, ' ' for all others */
len += strlen(value) + 1;
if (len > (&environment.data[ENV_SIZE] - env)) {
fprintf (stderr,
"Error: environment overflow, \"%s\" deleted\n",
name);
while ((*env = *name++) != '\0')
env++;
*env = '=';
while ((*++env = *value++) != '\0')
;
/* end is marked with double '\0' */
*++env = '\0';
return 0;
}
/*
* Deletes or sets environment variables. Returns -1 and sets errno error codes:
* 0 - OK
* EINVAL - need at least 1 argument
* EROFS - certain variables ("ethaddr", "serial#") cannot be
* modified or deleted
*
*/
int fw_setenv(int argc, char *argv[])
{
if (argc < 1) {
fprintf(stderr, "## Error: variable name missing\n");
errno = EINVAL;
return -1;
}
if (fw_env_open()) {
fprintf(stderr, "Error: environment not initialized\n");
return -1;
}
name = argv[0];
valv = argv + 1;
valc = argc - 1;
if (env_flags_validate_env_set_params(name, valv, valc) < 0)
for (i = 0; i < valc; ++i) {
char *val = valv[i];
size_t val_len = strlen(val);
if (value)
value[len - 1] = ' ';
value = realloc(value, len + val_len + 1);
len, strerror(errno));
return -1;
memcpy(value + len, val, val_len);
len += val_len;
fw_env_write(name, value);
return fw_env_close();
}
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
/*
* Parse a file and configure the u-boot variables.
* The script file has a very simple format, as follows:
*
* Each line has a couple with name, value:
* <white spaces>variable_name<white spaces>variable_value
*
* Both variable_name and variable_value are interpreted as strings.
* Any character after <white spaces> and before ending \r\n is interpreted
* as variable's value (no comment allowed on these lines !)
*
* Comments are allowed if the first character in the line is #
*
* Returns -1 and sets errno error codes:
* 0 - OK
* -1 - Error
*/
int fw_parse_script(char *fname)
{
FILE *fp;
char dump[1024]; /* Maximum line length in the file */
char *name;
char *val;
int lineno = 0;
int len;
int ret = 0;
if (fw_env_open()) {
fprintf(stderr, "Error: environment not initialized\n");
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
if (strcmp(fname, "-") == 0)
fp = stdin;
else {
fp = fopen(fname, "r");
if (fp == NULL) {
fprintf(stderr, "I cannot open %s for reading\n",
fname);
return -1;
}
}
while (fgets(dump, sizeof(dump), fp)) {
lineno++;
len = strlen(dump);
/*
* Read a whole line from the file. If the line is too long
* or is not terminated, reports an error and exit.
*/
if (dump[len - 1] != '\n') {
fprintf(stderr,
"Line %d not corrected terminated or too long\n",
lineno);
ret = -1;
break;
}
/* Drop ending line feed / carriage return */
dump[--len] = '\0';
if (len && dump[len - 1] == '\r')
dump[--len] = '\0';
/* Skip comment or empty lines */
if (len == 0 || dump[0] == '#')
continue;
/*
* Search for variable's name,
* remove leading whitespaces
*/
name = skip_blanks(dump);
if (!name)
continue;
/* The first white space is the end of variable name */
val = skip_chars(name);
len = strlen(name);
if (val) {
*val++ = '\0';
if ((val - name) < len)
val = skip_blanks(val);
else
val = NULL;
}
#ifdef DEBUG
fprintf(stderr, "Setting %s : %s\n",
name, val ? val : " removed");
#endif
if (env_flags_validate_type(name, val) < 0) {
ret = -1;
break;
}
/*
* If there is an error setting a variable,
* try to save the environment and returns an error
*/
if (fw_env_write(name, val)) {
fprintf(stderr,
"fw_env_write returns with error : %s\n",
strerror(errno));
ret = -1;
break;
}
}
/* Close file if not stdin */
if (strcmp(fname, "-") != 0)
fclose(fp);
ret |= fw_env_close();
return ret;
/*
* Test for bad block on NAND, just returns 0 on NOR, on NAND:
* 0 - block is good
* > 0 - block is bad
* < 0 - failed to test
*/
static int flash_bad_block (int fd, uint8_t mtd_type, loff_t *blockstart)
if (mtd_type == MTD_NANDFLASH) {
int badblock = ioctl (fd, MEMGETBADBLOCK, blockstart);
if (badblock < 0) {
perror ("Cannot read bad block mark");
return badblock;
}
if (badblock) {
#ifdef DEBUG
fprintf (stderr, "Bad block at 0x%llx, "
"skipping\n", *blockstart);
#endif
return badblock;
}
return 0;
}
/*
* Read data from flash at an offset into a provided buffer. On NAND it skips
* bad blocks but makes sure it stays within ENVSECTORS (dev) starting from
* the DEVOFFSET (dev) block. On NOR the loop is only run once.
*/
static int flash_read_buf (int dev, int fd, void *buf, size_t count,
off_t offset, uint8_t mtd_type)
{
size_t blocklen; /* erase / write length - one block on NAND,
0 on NOR */
size_t processed = 0; /* progress counter */
size_t readlen = count; /* current read length */
off_t top_of_range; /* end of the last block we may use */
off_t block_seek; /* offset inside the current block to the start
of the data */
loff_t blockstart; /* running start of the current block -
MEMGETBADBLOCK needs 64 bits */
int rc;
blockstart = (offset / DEVESIZE (dev)) * DEVESIZE (dev);
/* Offset inside a block */
block_seek = offset - blockstart;
if (mtd_type == MTD_NANDFLASH) {
/*
* NAND: calculate which blocks we are reading. We have
* to read one block at a time to skip bad blocks.
*/
blocklen = DEVESIZE (dev);
/*
* To calculate the top of the range, we have to use the
* global DEVOFFSET (dev), which can be different from offset
*/
top_of_range = ((DEVOFFSET(dev) / blocklen) +
ENVSECTORS (dev)) * blocklen;
/* Limit to one block for the first read */
if (readlen > blocklen - block_seek)
readlen = blocklen - block_seek;
} else {
blocklen = 0;
top_of_range = offset + count;
/* This only runs once on NOR flash */
while (processed < count) {
rc = flash_bad_block (fd, mtd_type, &blockstart);
if (rc < 0) /* block test failed */
return -1;
if (blockstart + block_seek + readlen > top_of_range) {
/* End of range is reached */
fprintf (stderr,
"Too few good blocks within range\n");
return -1;
if (rc) { /* block is bad */
blockstart += blocklen;
continue;
/*
* If a block is bad, we retry in the next block at the same
* offset - see common/env_nand.c::writeenv()
*/
lseek (fd, blockstart + block_seek, SEEK_SET);
rc = read (fd, buf + processed, readlen);
if (rc != readlen) {
fprintf (stderr, "Read error on %s: %s\n",
DEVNAME (dev), strerror (errno));
return -1;
fprintf(stderr, "Read 0x%x bytes at 0x%llx on %s\n",
rc, blockstart + block_seek, DEVNAME(dev));
#endif
processed += readlen;
readlen = min (blocklen, count - processed);
block_seek = 0;
blockstart += blocklen;
}
return processed;
}
/*
* Write count bytes at offset, but stay within ENVSECTORS (dev) sectors of
* DEVOFFSET (dev). Similar to the read case above, on NOR and dataflash we
* erase and write the whole data at once.
*/
static int flash_write_buf (int dev, int fd, void *buf, size_t count,
off_t offset, uint8_t mtd_type)
{
void *data;
struct erase_info_user erase;
size_t blocklen; /* length of NAND block / NOR erase sector */
size_t erase_len; /* whole area that can be erased - may include
bad blocks */
size_t erasesize; /* erase / write length - one block on NAND,
whole area on NOR */
size_t processed = 0; /* progress counter */
size_t write_total; /* total size to actually write - excluding
bad blocks */
off_t erase_offset; /* offset to the first erase block (aligned)
below offset */
off_t block_seek; /* offset inside the erase block to the start
of the data */
off_t top_of_range; /* end of the last block we may use */
loff_t blockstart; /* running start of the current block -
MEMGETBADBLOCK needs 64 bits */
int rc;
/*
* For mtd devices only offset and size of the environment do matter
*/
if (mtd_type == MTD_ABSENT) {
blocklen = count;
top_of_range = offset + count;
erase_len = blocklen;
blockstart = offset;
block_seek = 0;
write_total = blocklen;
} else {
blocklen = DEVESIZE(dev);
top_of_range = ((DEVOFFSET(dev) / blocklen) +
ENVSECTORS(dev)) * blocklen;
erase_offset = (offset / blocklen) * blocklen;
/* Maximum area we may use */
erase_len = top_of_range - erase_offset;
blockstart = erase_offset;
/* Offset inside a block */
block_seek = offset - erase_offset;
/*
* Data size we actually write: from the start of the block
* to the start of the data, then count bytes of data, and
* to the end of the block
*/
write_total = ((block_seek + count + blocklen - 1) /
blocklen) * blocklen;
}
/*
* Support data anywhere within erase sectors: read out the complete
* area to be erased, replace the environment image, write the whole
* block back again.
*/
if (write_total > count) {
data = malloc (erase_len);
if (!data) {
erase_len, strerror (errno));
return -1;
rc = flash_read_buf (dev, fd, data, write_total, erase_offset,
mtd_type);
if (write_total != rc)
return -1;
#ifdef DEBUG
fprintf(stderr, "Preserving data ");
if (block_seek != 0)
fprintf(stderr, "0x%x - 0x%lx", 0, block_seek - 1);
if (block_seek + count != write_total) {
if (block_seek != 0)
fprintf(stderr, " and ");
fprintf(stderr, "0x%lx - 0x%x",
block_seek + count, write_total - 1);
}
fprintf(stderr, "\n");
#endif
/* Overwrite the old environment */
memcpy (data + block_seek, buf, count);
} else {
/*
* We get here, iff offset is block-aligned and count is a
* multiple of blocklen - see write_total calculation above
*/
data = buf;
}
if (mtd_type == MTD_NANDFLASH) {
/*
* NAND: calculate which blocks we are writing. We have
* to write one block at a time to skip bad blocks.
*/
erasesize = blocklen;
} else {
erasesize = erase_len;
}
erase.length = erasesize;
/* This only runs once on NOR flash and SPI-dataflash */
while (processed < write_total) {
rc = flash_bad_block (fd, mtd_type, &blockstart);
if (rc < 0) /* block test failed */
return rc;
if (blockstart + erasesize > top_of_range) {
fprintf (stderr, "End of range reached, aborting\n");
return -1;
if (rc) { /* block is bad */
blockstart += blocklen;
continue;
}
if (mtd_type != MTD_ABSENT) {
erase.start = blockstart;
ioctl(fd, MEMUNLOCK, &erase);
/* These do not need an explicit erase cycle */
if (mtd_type != MTD_DATAFLASH)
if (ioctl(fd, MEMERASE, &erase) != 0) {
fprintf(stderr,
"MTD erase error on %s: %s\n",
DEVNAME(dev), strerror(errno));
return -1;
}
}
if (lseek (fd, blockstart, SEEK_SET) == -1) {
fprintf (stderr,
"Seek error on %s: %s\n",
DEVNAME (dev), strerror (errno));
return -1;
fprintf(stderr, "Write 0x%x bytes at 0x%llx\n", erasesize,
blockstart);
#endif
if (write (fd, data + processed, erasesize) != erasesize) {
fprintf (stderr, "Write error on %s: %s\n",
DEVNAME (dev), strerror (errno));
return -1;
if (mtd_type != MTD_ABSENT)
ioctl(fd, MEMLOCK, &erase);
processed += erasesize;
blockstart += erasesize;
}
if (write_total > count)
free (data);
return processed;
}
/*
* Set obsolete flag at offset - NOR flash only
*/
static int flash_flag_obsolete (int dev, int fd, off_t offset)
{
int rc;
struct erase_info_user erase;
erase.start = DEVOFFSET (dev);
erase.length = DEVESIZE (dev);
/* This relies on the fact, that obsolete_flag == 0 */
rc = lseek (fd, offset, SEEK_SET);
if (rc < 0) {
fprintf (stderr, "Cannot seek to set the flag on %s \n",
DEVNAME (dev));
return rc;
}
ioctl (fd, MEMUNLOCK, &erase);
rc = write (fd, &obsolete_flag, sizeof (obsolete_flag));
ioctl (fd, MEMLOCK, &erase);
if (rc < 0)
perror ("Could not set obsolete flag");
return rc;
}
/* Encrypt or decrypt the environment before writing or reading it. */
static int env_aes_cbc_crypt(char *payload, const int enc, uint8_t *key)
{
uint8_t *data = (uint8_t *)payload;
const int len = getenvsize();
uint8_t key_exp[AES_EXPAND_KEY_LENGTH];
uint32_t aes_blocks;
/* First we expand the key. */
aes_expand_key(key, key_exp);
/* Calculate the number of AES blocks to encrypt. */
aes_blocks = DIV_ROUND_UP(len, AES_KEY_LENGTH);
if (enc)
aes_cbc_encrypt_blocks(key_exp, data, data, aes_blocks);
else
aes_cbc_decrypt_blocks(key_exp, data, data, aes_blocks);
return 0;
}
static int flash_write (int fd_current, int fd_target, int dev_target)
{
int rc;
switch (environment.flag_scheme) {
case FLAG_NONE:
break;
case FLAG_INCREMENTAL:
(*environment.flags)++;
break;
case FLAG_BOOLEAN:
*environment.flags = active_flag;
break;
default:
fprintf (stderr, "Unimplemented flash scheme %u \n",
environment.flag_scheme);
return -1;
}
#ifdef DEBUG
fprintf(stderr, "Writing new environment at 0x%lx on %s\n",
DEVOFFSET (dev_target), DEVNAME (dev_target));
#endif
rc = flash_write_buf(dev_target, fd_target, environment.image,
CUR_ENVSIZE, DEVOFFSET(dev_target),