1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3 * Parse RedBoot-style Flash Image System (FIS) tables and
4 * produce a Linux partition array to match.
5 *
6 * Copyright © 2001 Red Hat UK Limited
7 * Copyright © 2001-2010 David Woodhouse <dwmw2@infradead.org>
8 */
9
10 #include <linux/kernel.h>
11 #include <linux/slab.h>
12 #include <linux/init.h>
13 #include <linux/vmalloc.h>
14 #include <linux/of.h>
15 #include <linux/mtd/mtd.h>
16 #include <linux/mtd/partitions.h>
17 #include <linux/module.h>
18
19 struct fis_image_desc {
20 unsigned char name[16]; // Null terminated name
21 uint32_t flash_base; // Address within FLASH of image
22 uint32_t mem_base; // Address in memory where it executes
23 uint32_t size; // Length of image
24 uint32_t entry_point; // Execution entry point
25 uint32_t data_length; // Length of actual data
26 unsigned char _pad[256-(16+7*sizeof(uint32_t))];
27 uint32_t desc_cksum; // Checksum over image descriptor
28 uint32_t file_cksum; // Checksum over image data
29 };
30
31 struct fis_list {
32 struct fis_image_desc *img;
33 struct fis_list *next;
34 };
35
36 static int directory = CONFIG_MTD_REDBOOT_DIRECTORY_BLOCK;
37 module_param(directory, int, 0);
38
redboot_checksum(struct fis_image_desc * img)39 static inline int redboot_checksum(struct fis_image_desc *img)
40 {
41 /* RedBoot doesn't actually write the desc_cksum field yet AFAICT */
42 return 1;
43 }
44
parse_redboot_of(struct mtd_info * master)45 static void parse_redboot_of(struct mtd_info *master)
46 {
47 struct device_node *np;
48 struct device_node *npart;
49 u32 dirblock;
50 int ret;
51
52 np = mtd_get_of_node(master);
53 if (!np)
54 return;
55
56 npart = of_get_child_by_name(np, "partitions");
57 if (!npart)
58 return;
59
60 ret = of_property_read_u32(npart, "fis-index-block", &dirblock);
61 of_node_put(npart);
62 if (ret)
63 return;
64
65 /*
66 * Assign the block found in the device tree to the local
67 * directory block pointer.
68 */
69 directory = dirblock;
70 }
71
parse_redboot_partitions(struct mtd_info * master,const struct mtd_partition ** pparts,struct mtd_part_parser_data * data)72 static int parse_redboot_partitions(struct mtd_info *master,
73 const struct mtd_partition **pparts,
74 struct mtd_part_parser_data *data)
75 {
76 int nrparts = 0;
77 struct fis_image_desc *buf;
78 struct mtd_partition *parts;
79 struct fis_list *fl = NULL, *tmp_fl;
80 int ret, i;
81 size_t retlen;
82 char *names;
83 char *nullname;
84 int namelen = 0;
85 int nulllen = 0;
86 int numslots;
87 unsigned long offset;
88 #ifdef CONFIG_MTD_REDBOOT_PARTS_UNALLOCATED
89 static char nullstring[] = "unallocated";
90 #endif
91
92 parse_redboot_of(master);
93
94 if ( directory < 0 ) {
95 offset = master->size + directory * master->erasesize;
96 while (mtd_block_isbad(master, offset)) {
97 if (!offset) {
98 nogood:
99 printk(KERN_NOTICE "Failed to find a non-bad block to check for RedBoot partition table\n");
100 return -EIO;
101 }
102 offset -= master->erasesize;
103 }
104 } else {
105 offset = directory * master->erasesize;
106 while (mtd_block_isbad(master, offset)) {
107 offset += master->erasesize;
108 if (offset == master->size)
109 goto nogood;
110 }
111 }
112 buf = vmalloc(master->erasesize);
113
114 if (!buf)
115 return -ENOMEM;
116
117 printk(KERN_NOTICE "Searching for RedBoot partition table in %s at offset 0x%lx\n",
118 master->name, offset);
119
120 ret = mtd_read(master, offset, master->erasesize, &retlen,
121 (void *)buf);
122
123 if (ret)
124 goto out;
125
126 if (retlen != master->erasesize) {
127 ret = -EIO;
128 goto out;
129 }
130
131 numslots = (master->erasesize / sizeof(struct fis_image_desc));
132 for (i = 0; i < numslots; i++) {
133 if (!memcmp(buf[i].name, "FIS directory", 14)) {
134 /* This is apparently the FIS directory entry for the
135 * FIS directory itself. The FIS directory size is
136 * one erase block; if the buf[i].size field is
137 * swab32(erasesize) then we know we are looking at
138 * a byte swapped FIS directory - swap all the entries!
139 * (NOTE: this is 'size' not 'data_length'; size is
140 * the full size of the entry.)
141 */
142
143 /* RedBoot can combine the FIS directory and
144 config partitions into a single eraseblock;
145 we assume wrong-endian if either the swapped
146 'size' matches the eraseblock size precisely,
147 or if the swapped size actually fits in an
148 eraseblock while the unswapped size doesn't. */
149 if (swab32(buf[i].size) == master->erasesize ||
150 (buf[i].size > master->erasesize
151 && swab32(buf[i].size) < master->erasesize)) {
152 int j;
153 /* Update numslots based on actual FIS directory size */
154 numslots = swab32(buf[i].size) / sizeof (struct fis_image_desc);
155 for (j = 0; j < numslots; ++j) {
156
157 /* A single 0xff denotes a deleted entry.
158 * Two of them in a row is the end of the table.
159 */
160 if (buf[j].name[0] == 0xff) {
161 if (buf[j].name[1] == 0xff) {
162 break;
163 } else {
164 continue;
165 }
166 }
167
168 /* The unsigned long fields were written with the
169 * wrong byte sex, name and pad have no byte sex.
170 */
171 swab32s(&buf[j].flash_base);
172 swab32s(&buf[j].mem_base);
173 swab32s(&buf[j].size);
174 swab32s(&buf[j].entry_point);
175 swab32s(&buf[j].data_length);
176 swab32s(&buf[j].desc_cksum);
177 swab32s(&buf[j].file_cksum);
178 }
179 } else if (buf[i].size < master->erasesize) {
180 /* Update numslots based on actual FIS directory size */
181 numslots = buf[i].size / sizeof(struct fis_image_desc);
182 }
183 break;
184 }
185 }
186 if (i == numslots) {
187 /* Didn't find it */
188 printk(KERN_NOTICE "No RedBoot partition table detected in %s\n",
189 master->name);
190 ret = 0;
191 goto out;
192 }
193
194 for (i = 0; i < numslots; i++) {
195 struct fis_list *new_fl, **prev;
196
197 if (buf[i].name[0] == 0xff) {
198 if (buf[i].name[1] == 0xff) {
199 break;
200 } else {
201 continue;
202 }
203 }
204 if (!redboot_checksum(&buf[i]))
205 break;
206
207 new_fl = kmalloc(sizeof(struct fis_list), GFP_KERNEL);
208 namelen += strlen(buf[i].name)+1;
209 if (!new_fl) {
210 ret = -ENOMEM;
211 goto out;
212 }
213 new_fl->img = &buf[i];
214 if (data && data->origin)
215 buf[i].flash_base -= data->origin;
216 else
217 buf[i].flash_base &= master->size-1;
218
219 /* I'm sure the JFFS2 code has done me permanent damage.
220 * I now think the following is _normal_
221 */
222 prev = &fl;
223 while(*prev && (*prev)->img->flash_base < new_fl->img->flash_base)
224 prev = &(*prev)->next;
225 new_fl->next = *prev;
226 *prev = new_fl;
227
228 nrparts++;
229 }
230 #ifdef CONFIG_MTD_REDBOOT_PARTS_UNALLOCATED
231 if (fl->img->flash_base) {
232 nrparts++;
233 nulllen = sizeof(nullstring);
234 }
235
236 for (tmp_fl = fl; tmp_fl->next; tmp_fl = tmp_fl->next) {
237 if (tmp_fl->img->flash_base + tmp_fl->img->size + master->erasesize <= tmp_fl->next->img->flash_base) {
238 nrparts++;
239 nulllen = sizeof(nullstring);
240 }
241 }
242 #endif
243 parts = kzalloc(sizeof(*parts)*nrparts + nulllen + namelen, GFP_KERNEL);
244
245 if (!parts) {
246 ret = -ENOMEM;
247 goto out;
248 }
249
250 nullname = (char *)&parts[nrparts];
251 #ifdef CONFIG_MTD_REDBOOT_PARTS_UNALLOCATED
252 if (nulllen > 0) {
253 strcpy(nullname, nullstring);
254 }
255 #endif
256 names = nullname + nulllen;
257
258 i=0;
259
260 #ifdef CONFIG_MTD_REDBOOT_PARTS_UNALLOCATED
261 if (fl->img->flash_base) {
262 parts[0].name = nullname;
263 parts[0].size = fl->img->flash_base;
264 parts[0].offset = 0;
265 i++;
266 }
267 #endif
268 for ( ; i<nrparts; i++) {
269 parts[i].size = fl->img->size;
270 parts[i].offset = fl->img->flash_base;
271 parts[i].name = names;
272
273 strcpy(names, fl->img->name);
274 #ifdef CONFIG_MTD_REDBOOT_PARTS_READONLY
275 if (!memcmp(names, "RedBoot", 8) ||
276 !memcmp(names, "RedBoot config", 15) ||
277 !memcmp(names, "FIS directory", 14)) {
278 parts[i].mask_flags = MTD_WRITEABLE;
279 }
280 #endif
281 names += strlen(names)+1;
282
283 #ifdef CONFIG_MTD_REDBOOT_PARTS_UNALLOCATED
284 if(fl->next && fl->img->flash_base + fl->img->size + master->erasesize <= fl->next->img->flash_base) {
285 i++;
286 parts[i].offset = parts[i-1].size + parts[i-1].offset;
287 parts[i].size = fl->next->img->flash_base - parts[i].offset;
288 parts[i].name = nullname;
289 }
290 #endif
291 tmp_fl = fl;
292 fl = fl->next;
293 kfree(tmp_fl);
294 }
295 ret = nrparts;
296 *pparts = parts;
297 out:
298 while (fl) {
299 struct fis_list *old = fl;
300 fl = fl->next;
301 kfree(old);
302 }
303 vfree(buf);
304 return ret;
305 }
306
307 static const struct of_device_id mtd_parser_redboot_of_match_table[] = {
308 { .compatible = "redboot-fis" },
309 {},
310 };
311 MODULE_DEVICE_TABLE(of, mtd_parser_redboot_of_match_table);
312
313 static struct mtd_part_parser redboot_parser = {
314 .parse_fn = parse_redboot_partitions,
315 .name = "RedBoot",
316 .of_match_table = mtd_parser_redboot_of_match_table,
317 };
318 module_mtd_part_parser(redboot_parser);
319
320 /* mtd parsers will request the module by parser name */
321 MODULE_ALIAS("RedBoot");
322 MODULE_LICENSE("GPL");
323 MODULE_AUTHOR("David Woodhouse <dwmw2@infradead.org>");
324 MODULE_DESCRIPTION("Parsing code for RedBoot Flash Image System (FIS) tables");
325