/* ----------------------------------------------------------------------- * * * Copyright 2003-2009 H. Peter Anvin - All Rights Reserved * Copyright 2009-2010 Intel Corporation; author: H. Peter Anvin * Copyright 2010 Shao Miller * Copyright 2010-2012 Michal Soltys * * Permission is hereby granted, free of charge, to any person * obtaining a copy of this software and associated documentation * files (the "Software"), to deal in the Software without * restriction, including without limitation the rights to use, * copy, modify, merge, publish, distribute, sublicense, and/or * sell copies of the Software, and to permit persons to whom * the Software is furnished to do so, subject to the following * conditions: * * The above copyright notice and this permission notice shall * be included in all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR * OTHER DEALINGS IN THE SOFTWARE. * * ----------------------------------------------------------------------- */ /* * partiter.c * * Provides disk / partition iteration. */ #include #include #include #include #include #include #include "partiter.h" #include "utility.h" #define ost_is_ext(type) ((type) == 0x05 || (type) == 0x0F || (type) == 0x85) #define ost_is_nondata(type) (ost_is_ext(type) || (type) == 0x00) #define sane(s,l) ((s)+(l) > (s)) /* virtual forwards */ static void pi_dtor_(struct part_iter *); static int pi_next_(struct part_iter *); static int pi_dos_next(struct part_iter *); static int pi_gpt_next(struct part_iter *); /* vtab and types */ static struct itertype types[] = { [0] = { .dtor = &pi_dtor_, .next = &pi_dos_next, }, [1] = { .dtor = &pi_dtor_, .next = &pi_gpt_next, }, [2] = { .dtor = &pi_dtor_, .next = &pi_next_, }}; const struct itertype * const typedos = types; const struct itertype * const typegpt = types+1; const struct itertype * const typeraw = types+2; /* pi_dtor_() - common/raw iterator cleanup */ static void pi_dtor_(struct part_iter *iter) { /* syslinux's free is null resilient */ free(iter->data); } /* pi_ctor() - common/raw iterator initialization */ static int pi_ctor(struct part_iter *iter, const struct disk_info *di, int flags ) { memcpy(&iter->di, di, sizeof *di); iter->flags = flags; iter->index0 = -1; iter->length = di->lbacnt; iter->type = typeraw; return 0; } /* pi_dos_ctor() - MBR/EBR iterator specific initialization */ static int pi_dos_ctor(struct part_iter *iter, const struct disk_info *di, int flags, const struct disk_dos_mbr *mbr ) { if (pi_ctor(iter, di, flags)) return -1; if (!(iter->data = malloc(sizeof *mbr))) { critm(); goto bail; } memcpy(iter->data, mbr, sizeof *mbr); iter->dos.bebr_index0 = -1; iter->dos.disk_sig = mbr->disk_sig; iter->type = typedos; return 0; bail: pi_dtor_(iter); return -1; } /* pi_gpt_ctor() - GPT iterator specific initialization */ static int pi_gpt_ctor(struct part_iter *iter, const struct disk_info *di, int flags, const struct disk_gpt_header *gpth, const struct disk_gpt_part_entry *gptl ) { uint64_t siz; if (pi_ctor(iter, di, flags)) return -1; siz = (uint64_t)gpth->part_count * gpth->part_size; if (!(iter->data = malloc((size_t)siz))) { critm(); goto bail; } memcpy(iter->data, gptl, (size_t)siz); iter->gpt.pe_count = (int)gpth->part_count; iter->gpt.pe_size = (int)gpth->part_size; iter->gpt.ufirst = gpth->lba_first_usable; iter->gpt.ulast = gpth->lba_last_usable; memcpy(&iter->gpt.disk_guid, &gpth->disk_guid, sizeof gpth->disk_guid); memcpy(&iter->gpt.part_guid, &gpth->disk_guid, sizeof gpth->disk_guid); iter->type = typegpt; return 0; bail: pi_dtor_(iter); return -1; } /* Logical partition must be sane, meaning: * - must be data or empty * - must have non-0 start and length * - values must not wrap around 32bit * - must be inside current EBR frame */ static int notsane_logical(const struct part_iter *iter) { const struct disk_dos_part_entry *dp; uint32_t end_log; dp = ((struct disk_dos_mbr *)iter->data)->table; if (!dp[0].ostype) return 0; if (ost_is_ext(dp[0].ostype)) { error("The 1st EBR entry must be data or empty."); return -1; } if (!(iter->flags & PIF_STRICT)) return 0; end_log = dp[0].start_lba + dp[0].length; if (!dp[0].start_lba || !dp[0].length || !sane(dp[0].start_lba, dp[0].length) || end_log > iter->dos.nebr_siz) { error("Logical partition (in EBR) with invalid offset and/or length."); return -1; } return 0; } /* Extended partition must be sane, meaning: * - must be extended or empty * - must have non-0 start and length * - values must not wrap around 32bit * - must be inside base EBR frame */ static int notsane_extended(const struct part_iter *iter) { const struct disk_dos_part_entry *dp; uint32_t end_ebr; dp = ((struct disk_dos_mbr *)iter->data)->table; if (!dp[1].ostype) return 0; if (!ost_is_nondata(dp[1].ostype)) { error("The 2nd EBR entry must be extended or empty."); return -1; } if (!(iter->flags & PIF_STRICT)) return 0; end_ebr = dp[1].start_lba + dp[1].length; if (!dp[1].start_lba || !dp[1].length || !sane(dp[1].start_lba, dp[1].length) || end_ebr > iter->dos.bebr_siz) { error("Extended partition (EBR) with invalid offset and/or length."); return -1; } return 0; } /* Primary partition must be sane, meaning: * - must have non-0 start and length * - values must not wrap around 32bit */ static int notsane_primary(const struct part_iter *iter) { const struct disk_dos_part_entry *dp; dp = ((struct disk_dos_mbr *)iter->data)->table + iter->index0; if (!dp->ostype) return 0; if (!(iter->flags & PIF_STRICT)) return 0; if (!dp->start_lba || !dp->length || !sane(dp->start_lba, dp->length) || ((iter->flags & PIF_STRICTER) && (dp->start_lba + dp->length > iter->di.lbacnt))) { error("Primary partition (in MBR) with invalid offset and/or length."); return -1; } return 0; } static int notsane_gpt(const struct part_iter *iter) { const struct disk_gpt_part_entry *gp; gp = (const struct disk_gpt_part_entry *) (iter->data + iter->index0 * iter->gpt.pe_size); if (guid_is0(&gp->type)) return 0; if (!(iter->flags & PIF_STRICT)) return 0; if (gp->lba_first < iter->gpt.ufirst || gp->lba_last > iter->gpt.ulast) { error("LBA sectors of GPT partition are beyond the range allowed in GPT header."); return -1; } return 0; } static int dos_next_mbr(struct part_iter *iter, uint32_t *lba, struct disk_dos_part_entry **_dp) { struct disk_dos_part_entry *dp; while (++iter->index0 < 4) { dp = ((struct disk_dos_mbr *)iter->data)->table + iter->index0; if (notsane_primary(iter)) { iter->status = PI_INSANE; return -1; } if (ost_is_ext(dp->ostype)) { if (iter->dos.bebr_index0 >= 0) { error("More than 1 extended partition."); iter->status = PI_INSANE; return -1; } /* record base EBR index */ iter->dos.bebr_index0 = iter->index0; } if (!ost_is_nondata(dp->ostype) || (iter->flags & PIF_STEPALL)) { *lba = dp->start_lba; *_dp = dp; break; } } return 0; } static int prep_base_ebr(struct part_iter *iter) { struct disk_dos_part_entry *dp; if (iter->dos.bebr_index0 < 0) /* if we don't have base extended partition at all */ return -1; else if (!iter->dos.bebr_lba) { /* if not initialized yet */ dp = ((struct disk_dos_mbr *)iter->data)->table + iter->dos.bebr_index0; iter->dos.bebr_lba = dp->start_lba; iter->dos.bebr_siz = dp->length; iter->dos.nebr_lba = dp->start_lba; iter->dos.nebr_siz = dp->length; iter->index0--; } return 0; } static int dos_next_ebr(struct part_iter *iter, uint32_t *lba, struct disk_dos_part_entry **_dp) { struct disk_dos_part_entry *dp; if (prep_base_ebr(iter) < 0) { iter->status = PI_DONE; return -1; } while (++iter->index0 < 1024 && iter->dos.nebr_lba) { free(iter->data); if (!(iter->data = disk_read_sectors(&iter->di, iter->dos.nebr_lba, 1))) { error("Couldn't load EBR."); iter->status = PI_ERRLOAD; return -1; } /* check sanity of loaded data */ if (notsane_logical(iter) || notsane_extended(iter)) { iter->status = PI_INSANE; return -1; } dp = ((struct disk_dos_mbr *)iter->data)->table; iter->dos.cebr_lba = iter->dos.nebr_lba; iter->dos.cebr_siz = iter->dos.nebr_siz; /* setup next frame values */ if (dp[1].ostype) { iter->dos.nebr_lba = iter->dos.bebr_lba + dp[1].start_lba; iter->dos.nebr_siz = dp[1].length; } else { iter->dos.nebr_lba = 0; iter->dos.nebr_siz = 0; } if (!dp[0].ostype) iter->dos.logskipcnt++; if (dp[0].ostype || (iter->flags & PIF_STEPALL)) { *lba = dp[0].start_lba ? iter->dos.cebr_lba + dp[0].start_lba : 0; *_dp = dp; return 0; } /* * This way it's possible to continue, if some crazy soft left a "hole" * - EBR with a valid extended partition without a logical one. In * such case, linux will not reserve a number for such hole - so we * don't increase index0. If PIF_STEPALL flag is set, we will never * reach this place. */ } iter->status = PI_DONE; return -1; } static void gpt_conv_label(struct part_iter *iter) { const struct disk_gpt_part_entry *gp; const int16_t *orig_lab; gp = (const struct disk_gpt_part_entry *) (iter->data + iter->index0 * iter->gpt.pe_size); orig_lab = (const int16_t *)gp->name; /* caveat: this is very crude conversion */ for (int i = 0; i < PI_GPTLABSIZE/2; i++) { iter->gpt.part_label[i] = (char)orig_lab[i]; } iter->gpt.part_label[PI_GPTLABSIZE/2] = 0; } static inline int valid_crc(uint32_t crc, const uint8_t *buf, unsigned int siz) { return crc == crc32(crc32(0, NULL, 0), buf, siz); } static int valid_crc_hdr(void *buf) { struct disk_gpt_header *gh = buf; uint32_t crc = gh->chksum; int valid; gh->chksum = 0; valid = crc == crc32(crc32(0, NULL, 0), buf, gh->hdr_size); gh->chksum = crc; return valid; } static int pi_next_(struct part_iter *iter) { iter->status = PI_DONE; return iter->status; } static int pi_dos_next(struct part_iter *iter) { uint32_t abs_lba = 0; struct disk_dos_part_entry *dos_part = NULL; if (iter->status) return iter->status; /* look for primary partitions */ if (iter->index0 < 4 && dos_next_mbr(iter, &abs_lba, &dos_part) < 0) return iter->status; /* look for logical partitions */ if (iter->index0 >= 4 && dos_next_ebr(iter, &abs_lba, &dos_part) < 0) return iter->status; /* * note special index handling: * in case PIF_STEPALL is set - this makes the index consistent with * non-PIF_STEPALL iterators */ if (!dos_part->ostype) iter->index = -1; else iter->index = iter->index0 + 1 - iter->dos.logskipcnt; iter->abs_lba = abs_lba; iter->length = dos_part->length; iter->record = (char *)dos_part; #ifdef DEBUG disk_dos_part_dump(dos_part); #endif return iter->status; } static int pi_gpt_next(struct part_iter *iter) { const struct disk_gpt_part_entry *gpt_part = NULL; if (iter->status) return iter->status; while (++iter->index0 < iter->gpt.pe_count) { gpt_part = (const struct disk_gpt_part_entry *) (iter->data + iter->index0 * iter->gpt.pe_size); if (notsane_gpt(iter)) { iter->status = PI_INSANE; return iter->status; } if (!guid_is0(&gpt_part->type) || (iter->flags & PIF_STEPALL)) break; } /* no more partitions ? */ if (iter->index0 == iter->gpt.pe_count) { iter->status = PI_DONE; return iter->status; } /* gpt_part is guaranteed to be valid here */ iter->index = iter->index0 + 1; iter->abs_lba = gpt_part->lba_first; iter->length = gpt_part->lba_last - gpt_part->lba_first + 1; iter->record = (char *)gpt_part; memcpy(&iter->gpt.part_guid, &gpt_part->uid, sizeof(struct guid)); gpt_conv_label(iter); #ifdef DEBUG disk_gpt_part_dump(gpt_part); #endif return iter->status; } static struct part_iter *pi_alloc(void) { struct part_iter *iter; if (!(iter = malloc(sizeof *iter))) critm(); else memset(iter, 0, sizeof *iter); return iter; } /* pi_del() - delete iterator */ void pi_del(struct part_iter **_iter) { if(!_iter || !*_iter) return; pi_dtor(*_iter); free(*_iter); *_iter = NULL; } static void try_gpt_we(const char *str, int sec) { if (sec) error(str); else warn(str); } static struct disk_gpt_header *try_gpt_hdr(const struct disk_info *di, int sec) { const char *desc = sec ? "backup" : "primary"; uint64_t gpt_cur = sec ? di->lbacnt - 1 : 1; struct disk_gpt_header *gpth; char errbuf[64]; gpth = disk_read_sectors(di, gpt_cur, 1); if (!gpth) { sprintf(errbuf, "Unable to read %s GPT header.", desc); try_gpt_we(errbuf, sec); return NULL; } if(!valid_crc_hdr(gpth)) { sprintf(errbuf, "Invalid checksum of %s GPT header.", desc); try_gpt_we(errbuf, sec); free(gpth); return NULL; } return gpth; } static struct disk_gpt_part_entry *try_gpt_list(const struct disk_info *di, const struct disk_gpt_header *gpth, int alt) { int pri = gpth->lba_cur < gpth->lba_alt; const char *desc = alt ? "alternative" : "main"; struct disk_gpt_part_entry *gptl; char errbuf[64]; uint64_t gpt_lsiz; /* size of GPT partition list in bytes */ uint64_t gpt_lcnt; /* size of GPT partition in sectors */ uint64_t gpt_loff; /* offset to GPT partition list in sectors */ gpt_lsiz = (uint64_t)gpth->part_size * gpth->part_count; gpt_lcnt = (gpt_lsiz + di->bps - 1) / di->bps; if (!alt) { /* prefer header value for partition table if not asking for alternative */ gpt_loff = gpth->lba_table; } else { /* try to read alternative, we have to calculate its position */ if (!pri) gpt_loff = gpth->lba_alt + 1; else gpt_loff = gpth->lba_alt - gpt_lcnt; } gptl = disk_read_sectors(di, gpt_loff, gpt_lcnt); if (!gptl) { sprintf(errbuf, "Unable to read %s GPT partition list.", desc); try_gpt_we(errbuf, alt); return NULL; } if (!valid_crc(gpth->table_chksum, (const uint8_t *)gptl, gpt_lsiz)) { sprintf(errbuf, "Invalid checksum of %s GPT partition list.", desc); try_gpt_we(errbuf, alt); free(gptl); return NULL; } return gptl; } static int notsane_gpt_hdr(const struct disk_info *di, const struct disk_gpt_header *gpth, int flags) { uint64_t gpt_loff; /* offset to GPT partition list in sectors */ uint64_t gpt_lsiz; /* size of GPT partition list in bytes */ uint64_t gpt_lcnt; /* size of GPT partition in sectors */ uint64_t gpt_sec; /* secondary gpt header */ if (!(flags & PIF_STRICT)) return 0; if (gpth->lba_alt < gpth->lba_cur) gpt_sec = gpth->lba_cur; else gpt_sec = gpth->lba_alt; gpt_loff = gpth->lba_table; gpt_lsiz = (uint64_t)gpth->part_size * gpth->part_count; gpt_lcnt = (gpt_lsiz + di->bps - 1) / di->bps; /* * disk_read_sectors allows reading of max 255 sectors, so we use * it as a sanity check base. EFI doesn't specify max (AFAIK). */ if (gpt_loff < 2 || !gpt_lsiz || gpt_lcnt > 255u || gpth->lba_first_usable > gpth->lba_last_usable || !sane(gpt_loff, gpt_lcnt) || (gpt_loff + gpt_lcnt > gpth->lba_first_usable && gpt_loff <= gpth->lba_last_usable) || gpt_loff + gpt_lcnt > gpt_sec || ((flags & PIF_STRICTER) && (gpt_sec >= di->lbacnt)) || gpth->part_size < sizeof(struct disk_gpt_part_entry)) return -1; return 0; } /* pi_begin() - validate and and get proper iterator for a disk described by di */ struct part_iter *pi_begin(const struct disk_info *di, int flags) { int isgpt = 0, ret = -1; struct part_iter *iter; struct disk_dos_mbr *mbr = NULL; struct disk_gpt_header *gpth = NULL; struct disk_gpt_part_entry *gptl = NULL; /* Preallocate iterator */ if (!(iter = pi_alloc())) goto out; /* Read MBR */ if (!(mbr = disk_read_sectors(di, 0, 1))) { error("Unable to read the first disk sector."); goto out; } /* Check for MBR magic */ if (mbr->sig != disk_mbr_sig_magic) { warn("No MBR magic, treating disk as raw."); /* looks like RAW */ ret = pi_ctor(iter, di, flags); goto out; } /* Check for GPT protective MBR */ for (size_t i = 0; i < 4; i++) isgpt |= (mbr->table[i].ostype == 0xEE); isgpt = isgpt && !(flags & PIF_PREFMBR); /* Try to read GPT header */ if (isgpt) { gpth = try_gpt_hdr(di, 0); if (!gpth) /* * this read might fail if bios reports different disk size (different vm/pc) * not much we can do here to avoid it */ gpth = try_gpt_hdr(di, 1); if (!gpth) goto out; } if (gpth && gpth->rev.uint32 == 0x00010000 && !memcmp(gpth->sig, disk_gpt_sig_magic, sizeof gpth->sig)) { /* looks like GPT v1.0 */ #ifdef DEBUG dprintf("Looks like a GPT v1.0 disk.\n"); disk_gpt_header_dump(gpth); #endif if (notsane_gpt_hdr(di, gpth, flags)) { error("GPT header values are corrupted."); goto out; } gptl = try_gpt_list(di, gpth, 0); if (!gptl) gptl = try_gpt_list(di, gpth, 1); if (!gptl) goto out; /* looks like GPT */ ret = pi_gpt_ctor(iter, di, flags, gpth, gptl); } else { /* looks like MBR */ ret = pi_dos_ctor(iter, di, flags, mbr); } out: if (ret < 0) { free(iter); iter = NULL; } free(mbr); free(gpth); free(gptl); return iter; } /* vim: set ts=8 sts=4 sw=4 noet: */