1 | // SPDX-License-Identifier: GPL-2.0-or-later |
2 | /* |
3 | * Parse RedBoot-style Flash Image System (FIS) tables and |
4 | * produce a Linux partition array to match. |
5 | * |
6 | * Copyright © 2001 Red Hat UK Limited |
7 | * Copyright © 2001-2010 David Woodhouse <dwmw2@infradead.org> |
8 | */ |
9 | |
10 | #include <linux/kernel.h> |
11 | #include <linux/slab.h> |
12 | #include <linux/init.h> |
13 | #include <linux/vmalloc.h> |
14 | #include <linux/of.h> |
15 | #include <linux/mtd/mtd.h> |
16 | #include <linux/mtd/partitions.h> |
17 | #include <linux/module.h> |
18 | |
19 | struct fis_image_desc { |
20 | unsigned char name[16]; // Null terminated name |
21 | u32 flash_base; // Address within FLASH of image |
22 | u32 mem_base; // Address in memory where it executes |
23 | u32 size; // Length of image |
24 | u32 entry_point; // Execution entry point |
25 | u32 data_length; // Length of actual data |
26 | unsigned char _pad[256 - (16 + 7 * sizeof(u32))]; |
27 | u32 desc_cksum; // Checksum over image descriptor |
28 | u32 file_cksum; // Checksum over image data |
29 | }; |
30 | |
31 | struct fis_list { |
32 | struct fis_image_desc *img; |
33 | struct fis_list *next; |
34 | }; |
35 | |
36 | static int directory = CONFIG_MTD_REDBOOT_DIRECTORY_BLOCK; |
37 | module_param(directory, int, 0); |
38 | |
39 | static inline int redboot_checksum(struct fis_image_desc *img) |
40 | { |
41 | /* RedBoot doesn't actually write the desc_cksum field yet AFAICT */ |
42 | return 1; |
43 | } |
44 | |
45 | static void parse_redboot_of(struct mtd_info *master) |
46 | { |
47 | struct device_node *np; |
48 | struct device_node *npart; |
49 | u32 dirblock; |
50 | int ret; |
51 | |
52 | np = mtd_get_of_node(mtd: master); |
53 | if (!np) |
54 | return; |
55 | |
56 | npart = of_get_child_by_name(node: np, name: "partitions" ); |
57 | if (!npart) |
58 | return; |
59 | |
60 | ret = of_property_read_u32(np: npart, propname: "fis-index-block" , out_value: &dirblock); |
61 | of_node_put(node: npart); |
62 | if (ret) |
63 | return; |
64 | |
65 | /* |
66 | * Assign the block found in the device tree to the local |
67 | * directory block pointer. |
68 | */ |
69 | directory = dirblock; |
70 | } |
71 | |
72 | static int parse_redboot_partitions(struct mtd_info *master, |
73 | const struct mtd_partition **pparts, |
74 | struct mtd_part_parser_data *data) |
75 | { |
76 | int nrparts = 0; |
77 | struct fis_image_desc *buf; |
78 | struct mtd_partition *parts; |
79 | struct fis_list *fl = NULL, *tmp_fl; |
80 | int ret, i; |
81 | size_t retlen; |
82 | char *names; |
83 | char *nullname; |
84 | int namelen = 0; |
85 | int nulllen = 0; |
86 | int numslots; |
87 | unsigned long offset; |
88 | #ifdef CONFIG_MTD_REDBOOT_PARTS_UNALLOCATED |
89 | static char nullstring[] = "unallocated" ; |
90 | #endif |
91 | |
92 | parse_redboot_of(master); |
93 | |
94 | if (directory < 0) { |
95 | offset = master->size + directory * master->erasesize; |
96 | while (mtd_block_isbad(mtd: master, ofs: offset)) { |
97 | if (!offset) { |
98 | nogood: |
99 | pr_notice("Failed to find a non-bad block to check for RedBoot partition table\n" ); |
100 | return -EIO; |
101 | } |
102 | offset -= master->erasesize; |
103 | } |
104 | } else { |
105 | offset = directory * master->erasesize; |
106 | while (mtd_block_isbad(mtd: master, ofs: offset)) { |
107 | offset += master->erasesize; |
108 | if (offset == master->size) |
109 | goto nogood; |
110 | } |
111 | } |
112 | buf = vmalloc(size: master->erasesize); |
113 | |
114 | if (!buf) |
115 | return -ENOMEM; |
116 | |
117 | pr_notice("Searching for RedBoot partition table in %s at offset 0x%lx\n" , |
118 | master->name, offset); |
119 | |
120 | ret = mtd_read(mtd: master, from: offset, len: master->erasesize, retlen: &retlen, |
121 | buf: (void *)buf); |
122 | |
123 | if (ret) |
124 | goto out; |
125 | |
126 | if (retlen != master->erasesize) { |
127 | ret = -EIO; |
128 | goto out; |
129 | } |
130 | |
131 | numslots = (master->erasesize / sizeof(struct fis_image_desc)); |
132 | for (i = 0; i < numslots; i++) { |
133 | if (!memcmp(p: buf[i].name, q: "FIS directory" , size: 14)) { |
134 | /* This is apparently the FIS directory entry for the |
135 | * FIS directory itself. The FIS directory size is |
136 | * one erase block; if the buf[i].size field is |
137 | * swab32(erasesize) then we know we are looking at |
138 | * a byte swapped FIS directory - swap all the entries! |
139 | * (NOTE: this is 'size' not 'data_length'; size is |
140 | * the full size of the entry.) |
141 | */ |
142 | |
143 | /* RedBoot can combine the FIS directory and |
144 | config partitions into a single eraseblock; |
145 | we assume wrong-endian if either the swapped |
146 | 'size' matches the eraseblock size precisely, |
147 | or if the swapped size actually fits in an |
148 | eraseblock while the unswapped size doesn't. */ |
149 | if (swab32(buf[i].size) == master->erasesize || |
150 | (buf[i].size > master->erasesize |
151 | && swab32(buf[i].size) < master->erasesize)) { |
152 | int j; |
153 | /* Update numslots based on actual FIS directory size */ |
154 | numslots = swab32(buf[i].size) / sizeof(struct fis_image_desc); |
155 | for (j = 0; j < numslots; ++j) { |
156 | /* A single 0xff denotes a deleted entry. |
157 | * Two of them in a row is the end of the table. |
158 | */ |
159 | if (buf[j].name[0] == 0xff) { |
160 | if (buf[j].name[1] == 0xff) { |
161 | break; |
162 | } else { |
163 | continue; |
164 | } |
165 | } |
166 | |
167 | /* The unsigned long fields were written with the |
168 | * wrong byte sex, name and pad have no byte sex. |
169 | */ |
170 | swab32s(p: &buf[j].flash_base); |
171 | swab32s(p: &buf[j].mem_base); |
172 | swab32s(p: &buf[j].size); |
173 | swab32s(p: &buf[j].entry_point); |
174 | swab32s(p: &buf[j].data_length); |
175 | swab32s(p: &buf[j].desc_cksum); |
176 | swab32s(p: &buf[j].file_cksum); |
177 | } |
178 | } else if (buf[i].size < master->erasesize) { |
179 | /* Update numslots based on actual FIS directory size */ |
180 | numslots = buf[i].size / sizeof(struct fis_image_desc); |
181 | } |
182 | break; |
183 | } |
184 | } |
185 | if (i == numslots) { |
186 | /* Didn't find it */ |
187 | pr_notice("No RedBoot partition table detected in %s\n" , |
188 | master->name); |
189 | ret = 0; |
190 | goto out; |
191 | } |
192 | |
193 | for (i = 0; i < numslots; i++) { |
194 | struct fis_list *new_fl, **prev; |
195 | |
196 | if (buf[i].name[0] == 0xff) { |
197 | if (buf[i].name[1] == 0xff) { |
198 | break; |
199 | } else { |
200 | continue; |
201 | } |
202 | } |
203 | if (!redboot_checksum(img: &buf[i])) |
204 | break; |
205 | |
206 | new_fl = kmalloc(size: sizeof(struct fis_list), GFP_KERNEL); |
207 | namelen += strlen(buf[i].name) + 1; |
208 | if (!new_fl) { |
209 | ret = -ENOMEM; |
210 | goto out; |
211 | } |
212 | new_fl->img = &buf[i]; |
213 | if (data && data->origin) |
214 | buf[i].flash_base -= data->origin; |
215 | else |
216 | buf[i].flash_base &= master->size - 1; |
217 | |
218 | /* I'm sure the JFFS2 code has done me permanent damage. |
219 | * I now think the following is _normal_ |
220 | */ |
221 | prev = &fl; |
222 | while (*prev && (*prev)->img->flash_base < new_fl->img->flash_base) |
223 | prev = &(*prev)->next; |
224 | new_fl->next = *prev; |
225 | *prev = new_fl; |
226 | |
227 | nrparts++; |
228 | } |
229 | #ifdef CONFIG_MTD_REDBOOT_PARTS_UNALLOCATED |
230 | if (fl->img->flash_base) { |
231 | nrparts++; |
232 | nulllen = sizeof(nullstring); |
233 | } |
234 | |
235 | for (tmp_fl = fl; tmp_fl->next; tmp_fl = tmp_fl->next) { |
236 | if (tmp_fl->img->flash_base + tmp_fl->img->size + master->erasesize <= tmp_fl->next->img->flash_base) { |
237 | nrparts++; |
238 | nulllen = sizeof(nullstring); |
239 | } |
240 | } |
241 | #endif |
242 | parts = kzalloc(size: sizeof(*parts) * nrparts + nulllen + namelen, GFP_KERNEL); |
243 | |
244 | if (!parts) { |
245 | ret = -ENOMEM; |
246 | goto out; |
247 | } |
248 | |
249 | nullname = (char *)&parts[nrparts]; |
250 | #ifdef CONFIG_MTD_REDBOOT_PARTS_UNALLOCATED |
251 | if (nulllen > 0) |
252 | strcpy(p: nullname, q: nullstring); |
253 | #endif |
254 | names = nullname + nulllen; |
255 | |
256 | i = 0; |
257 | |
258 | #ifdef CONFIG_MTD_REDBOOT_PARTS_UNALLOCATED |
259 | if (fl->img->flash_base) { |
260 | parts[0].name = nullname; |
261 | parts[0].size = fl->img->flash_base; |
262 | parts[0].offset = 0; |
263 | i++; |
264 | } |
265 | #endif |
266 | for ( ; i < nrparts; i++) { |
267 | parts[i].size = fl->img->size; |
268 | parts[i].offset = fl->img->flash_base; |
269 | parts[i].name = names; |
270 | |
271 | strcpy(p: names, q: fl->img->name); |
272 | #ifdef CONFIG_MTD_REDBOOT_PARTS_READONLY |
273 | if (!memcmp(p: names, q: "RedBoot" , size: 8) || |
274 | !memcmp(p: names, q: "RedBoot config" , size: 15) || |
275 | !memcmp(p: names, q: "FIS directory" , size: 14)) { |
276 | parts[i].mask_flags = MTD_WRITEABLE; |
277 | } |
278 | #endif |
279 | names += strlen(names) + 1; |
280 | |
281 | #ifdef CONFIG_MTD_REDBOOT_PARTS_UNALLOCATED |
282 | if (fl->next && fl->img->flash_base + fl->img->size + master->erasesize <= fl->next->img->flash_base) { |
283 | i++; |
284 | parts[i].offset = parts[i - 1].size + parts[i - 1].offset; |
285 | parts[i].size = fl->next->img->flash_base - parts[i].offset; |
286 | parts[i].name = nullname; |
287 | } |
288 | #endif |
289 | tmp_fl = fl; |
290 | fl = fl->next; |
291 | kfree(objp: tmp_fl); |
292 | } |
293 | ret = nrparts; |
294 | *pparts = parts; |
295 | out: |
296 | while (fl) { |
297 | struct fis_list *old = fl; |
298 | |
299 | fl = fl->next; |
300 | kfree(objp: old); |
301 | } |
302 | vfree(addr: buf); |
303 | return ret; |
304 | } |
305 | |
306 | static const struct of_device_id mtd_parser_redboot_of_match_table[] = { |
307 | { .compatible = "redboot-fis" }, |
308 | {}, |
309 | }; |
310 | MODULE_DEVICE_TABLE(of, mtd_parser_redboot_of_match_table); |
311 | |
312 | static struct mtd_part_parser redboot_parser = { |
313 | .parse_fn = parse_redboot_partitions, |
314 | .name = "RedBoot" , |
315 | .of_match_table = mtd_parser_redboot_of_match_table, |
316 | }; |
317 | module_mtd_part_parser(redboot_parser); |
318 | |
319 | /* mtd parsers will request the module by parser name */ |
320 | MODULE_ALIAS("RedBoot" ); |
321 | MODULE_LICENSE("GPL" ); |
322 | MODULE_AUTHOR("David Woodhouse <dwmw2@infradead.org>" ); |
323 | MODULE_DESCRIPTION("Parsing code for RedBoot Flash Image System (FIS) tables" ); |
324 | |