mirror of
https://github.com/brain-hackers/u-boot-brain
synced 2024-07-09 20:56:16 +09:00
e874207134
If the string is copied without NULL termination using strncpy(), then strncat() on the next line, may concatenate the string after some stale (or random) data, if the response string was not zero-initialized. Signed-off-by: Dileep Katta <dileep.katta@linaro.org> Reviewed-by: Steve Rae <srae@broadcom.com> Reviewed-by: Lukasz Majewski <l.majewski@samsung.com>
169 lines
4.3 KiB
C
169 lines
4.3 KiB
C
/*
|
|
* Copyright 2014 Broadcom Corporation.
|
|
*
|
|
* SPDX-License-Identifier: GPL-2.0+
|
|
*/
|
|
|
|
#include <config.h>
|
|
#include <common.h>
|
|
#include <fb_mmc.h>
|
|
#include <part.h>
|
|
#include <aboot.h>
|
|
#include <sparse_format.h>
|
|
#include <mmc.h>
|
|
|
|
#ifndef CONFIG_FASTBOOT_GPT_NAME
|
|
#define CONFIG_FASTBOOT_GPT_NAME GPT_ENTRY_NAME
|
|
#endif
|
|
|
|
/* The 64 defined bytes plus the '\0' */
|
|
#define RESPONSE_LEN (64 + 1)
|
|
|
|
static char *response_str;
|
|
|
|
void fastboot_fail(const char *s)
|
|
{
|
|
strncpy(response_str, "FAIL\0", 5);
|
|
strncat(response_str, s, RESPONSE_LEN - 4 - 1);
|
|
}
|
|
|
|
void fastboot_okay(const char *s)
|
|
{
|
|
strncpy(response_str, "OKAY\0", 5);
|
|
strncat(response_str, s, RESPONSE_LEN - 4 - 1);
|
|
}
|
|
|
|
static void write_raw_image(block_dev_desc_t *dev_desc, disk_partition_t *info,
|
|
const char *part_name, void *buffer,
|
|
unsigned int download_bytes)
|
|
{
|
|
lbaint_t blkcnt;
|
|
lbaint_t blks;
|
|
|
|
/* determine number of blocks to write */
|
|
blkcnt = ((download_bytes + (info->blksz - 1)) & ~(info->blksz - 1));
|
|
blkcnt = blkcnt / info->blksz;
|
|
|
|
if (blkcnt > info->size) {
|
|
error("too large for partition: '%s'\n", part_name);
|
|
fastboot_fail("too large for partition");
|
|
return;
|
|
}
|
|
|
|
puts("Flashing Raw Image\n");
|
|
|
|
blks = dev_desc->block_write(dev_desc->dev, info->start, blkcnt,
|
|
buffer);
|
|
if (blks != blkcnt) {
|
|
error("failed writing to device %d\n", dev_desc->dev);
|
|
fastboot_fail("failed writing to device");
|
|
return;
|
|
}
|
|
|
|
printf("........ wrote " LBAFU " bytes to '%s'\n", blkcnt * info->blksz,
|
|
part_name);
|
|
fastboot_okay("");
|
|
}
|
|
|
|
void fb_mmc_flash_write(const char *cmd, void *download_buffer,
|
|
unsigned int download_bytes, char *response)
|
|
{
|
|
block_dev_desc_t *dev_desc;
|
|
disk_partition_t info;
|
|
|
|
/* initialize the response buffer */
|
|
response_str = response;
|
|
|
|
dev_desc = get_dev("mmc", CONFIG_FASTBOOT_FLASH_MMC_DEV);
|
|
if (!dev_desc || dev_desc->type == DEV_TYPE_UNKNOWN) {
|
|
error("invalid mmc device\n");
|
|
fastboot_fail("invalid mmc device");
|
|
return;
|
|
}
|
|
|
|
if (strcmp(cmd, CONFIG_FASTBOOT_GPT_NAME) == 0) {
|
|
printf("%s: updating MBR, Primary and Backup GPT(s)\n",
|
|
__func__);
|
|
if (is_valid_gpt_buf(dev_desc, download_buffer)) {
|
|
printf("%s: invalid GPT - refusing to write to flash\n",
|
|
__func__);
|
|
fastboot_fail("invalid GPT partition");
|
|
return;
|
|
}
|
|
if (write_mbr_and_gpt_partitions(dev_desc, download_buffer)) {
|
|
printf("%s: writing GPT partitions failed\n", __func__);
|
|
fastboot_fail("writing GPT partitions failed");
|
|
return;
|
|
}
|
|
printf("........ success\n");
|
|
fastboot_okay("");
|
|
return;
|
|
} else if (get_partition_info_efi_by_name(dev_desc, cmd, &info)) {
|
|
error("cannot find partition: '%s'\n", cmd);
|
|
fastboot_fail("cannot find partition");
|
|
return;
|
|
}
|
|
|
|
if (is_sparse_image(download_buffer))
|
|
write_sparse_image(dev_desc, &info, cmd, download_buffer,
|
|
download_bytes);
|
|
else
|
|
write_raw_image(dev_desc, &info, cmd, download_buffer,
|
|
download_bytes);
|
|
}
|
|
|
|
void fb_mmc_erase(const char *cmd, char *response)
|
|
{
|
|
int ret;
|
|
block_dev_desc_t *dev_desc;
|
|
disk_partition_t info;
|
|
lbaint_t blks, blks_start, blks_size, grp_size;
|
|
struct mmc *mmc = find_mmc_device(CONFIG_FASTBOOT_FLASH_MMC_DEV);
|
|
|
|
if (mmc == NULL) {
|
|
error("invalid mmc device");
|
|
fastboot_fail("invalid mmc device");
|
|
return;
|
|
}
|
|
|
|
/* initialize the response buffer */
|
|
response_str = response;
|
|
|
|
dev_desc = get_dev("mmc", CONFIG_FASTBOOT_FLASH_MMC_DEV);
|
|
if (!dev_desc || dev_desc->type == DEV_TYPE_UNKNOWN) {
|
|
error("invalid mmc device");
|
|
fastboot_fail("invalid mmc device");
|
|
return;
|
|
}
|
|
|
|
ret = get_partition_info_efi_by_name(dev_desc, cmd, &info);
|
|
if (ret) {
|
|
error("cannot find partition: '%s'", cmd);
|
|
fastboot_fail("cannot find partition");
|
|
return;
|
|
}
|
|
|
|
/* Align blocks to erase group size to avoid erasing other partitions */
|
|
grp_size = mmc->erase_grp_size;
|
|
blks_start = (info.start + grp_size - 1) & ~(grp_size - 1);
|
|
if (info.size >= grp_size)
|
|
blks_size = (info.size - (blks_start - info.start)) &
|
|
(~(grp_size - 1));
|
|
else
|
|
blks_size = 0;
|
|
|
|
printf("Erasing blocks " LBAFU " to " LBAFU " due to alignment\n",
|
|
blks_start, blks_start + blks_size);
|
|
|
|
blks = dev_desc->block_erase(dev_desc->dev, blks_start, blks_size);
|
|
if (blks != blks_size) {
|
|
error("failed erasing from device %d", dev_desc->dev);
|
|
fastboot_fail("failed erasing from device");
|
|
return;
|
|
}
|
|
|
|
printf("........ erased " LBAFU " bytes from '%s'\n",
|
|
blks_size * info.blksz, cmd);
|
|
fastboot_okay("");
|
|
}
|