mirror of
https://review.coreboot.org/flashrom.git
synced 2025-04-26 22:52:34 +02:00
594d3357b6
This forges the way for flashchips.c to be pure declarative data and lookup functions for dispatch to be pure. This means that the flashchips data could be extracted out to be agnostic data of the flashrom code and algorithms. TEST='R|W|E && --flash-name' on ARM, AMD & Intel DUT's. Change-Id: I612d46fefedf2b69e7e2064aa857fa0756efb4e7 Signed-off-by: Edward O'Callaghan <quasisec@google.com> Reviewed-on: https://review.coreboot.org/c/flashrom/+/66788 Reviewed-by: Nikolai Artemiev <nartemiev@google.com> Reviewed-by: Felix Singer <felixsinger@posteo.net> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
338 lines
9.7 KiB
C
338 lines
9.7 KiB
C
/*
|
|
* Copyright 2010, Google LLC.
|
|
* Copyright 2018-present, Facebook Inc.
|
|
* All rights reserved.
|
|
*
|
|
* Redistribution and use in source and binary forms, with or without
|
|
* modification, are permitted provided that the following conditions are
|
|
* met:
|
|
*
|
|
* * Redistributions of source code must retain the above copyright
|
|
* notice, this list of conditions and the following disclaimer.
|
|
* * Redistributions in binary form must reproduce the above
|
|
* copyright notice, this list of conditions and the following disclaimer
|
|
* in the documentation and/or other materials provided with the
|
|
* distribution.
|
|
* * Neither the name of Google Inc. nor the names of its
|
|
* contributors may be used to endorse or promote products derived from
|
|
* this software without specific prior written permission.
|
|
*
|
|
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
|
|
* A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
* OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
*
|
|
* Alternatively, this software may be distributed under the terms of the
|
|
* GNU General Public License ("GPL") version 2 as published by the Free
|
|
* Software Foundation.
|
|
*/
|
|
|
|
#include <ctype.h>
|
|
#include <stdbool.h>
|
|
#include <stdlib.h>
|
|
#include <string.h>
|
|
#include <sys/types.h>
|
|
#include "flash.h"
|
|
#include "fmap.h"
|
|
|
|
static size_t fmap_size(const struct fmap *fmap)
|
|
{
|
|
return sizeof(*fmap) + (fmap->nareas * sizeof(struct fmap_area));
|
|
}
|
|
|
|
static int is_valid_fmap(const struct fmap *fmap)
|
|
{
|
|
if (memcmp(fmap, FMAP_SIGNATURE, strlen(FMAP_SIGNATURE)) != 0)
|
|
return 0;
|
|
/* strings containing the magic tend to fail here */
|
|
if (fmap->ver_major > FMAP_VER_MAJOR)
|
|
return 0;
|
|
if (fmap->ver_minor > FMAP_VER_MINOR)
|
|
return 0;
|
|
/* a basic consistency check: flash address space size should be larger
|
|
* than the size of the fmap data structure */
|
|
if (fmap->size < fmap_size(fmap))
|
|
return 0;
|
|
|
|
/* fmap-alikes along binary data tend to fail on having a valid,
|
|
* null-terminated string in the name field.*/
|
|
int i;
|
|
for (i = 0; i < FMAP_STRLEN; i++) {
|
|
if (fmap->name[i] == 0)
|
|
break;
|
|
if (!isgraph(fmap->name[i]))
|
|
return 0;
|
|
if (i == FMAP_STRLEN - 1) {
|
|
/* name is specified to be null terminated single-word string
|
|
* without spaces. We did not break in the 0 test, we know it
|
|
* is a printable spaceless string but we're seeing FMAP_STRLEN
|
|
* symbols, which is one too many.
|
|
*/
|
|
return 0;
|
|
}
|
|
}
|
|
return 1;
|
|
|
|
}
|
|
|
|
/**
|
|
* @brief Do a brute-force linear search for fmap in provided buffer
|
|
*
|
|
* @param[in] buffer The buffer to search
|
|
* @param[in] len Length (in bytes) to search
|
|
*
|
|
* @return offset in buffer where fmap is found if successful
|
|
* -1 to indicate that fmap was not found
|
|
* -2 to indicate fmap is truncated or exceeds buffer + len
|
|
*/
|
|
static ssize_t fmap_lsearch(const uint8_t *buf, size_t len)
|
|
{
|
|
ssize_t offset;
|
|
bool fmap_found = false;
|
|
|
|
if (len < sizeof(struct fmap))
|
|
return -1;
|
|
|
|
for (offset = 0; offset <= (ssize_t)(len - sizeof(struct fmap)); offset++) {
|
|
if (is_valid_fmap((struct fmap *)&buf[offset])) {
|
|
fmap_found = true;
|
|
break;
|
|
}
|
|
}
|
|
|
|
if (!fmap_found)
|
|
return -1;
|
|
|
|
if (offset + fmap_size((struct fmap *)&buf[offset]) > len) {
|
|
msg_gerr("fmap size exceeds buffer boundary.\n");
|
|
return -2;
|
|
}
|
|
|
|
return offset;
|
|
}
|
|
|
|
/**
|
|
* @brief Read fmap from provided buffer and copy it to fmap_out
|
|
*
|
|
* @param[out] fmap_out Double-pointer to location to store fmap contents.
|
|
* Caller must free allocated fmap contents.
|
|
* @param[in] buf Buffer to search
|
|
* @param[in] len Length (in bytes) to search
|
|
*
|
|
* @return 0 if successful
|
|
* 1 to indicate error
|
|
* 2 to indicate fmap is not found
|
|
*/
|
|
int fmap_read_from_buffer(struct fmap **fmap_out, const uint8_t *const buf, size_t len)
|
|
{
|
|
ssize_t offset = fmap_lsearch(buf, len);
|
|
if (offset < 0) {
|
|
msg_gdbg("Unable to find fmap in provided buffer.\n");
|
|
return 2;
|
|
}
|
|
msg_gdbg("Found fmap at offset 0x%06zx\n", (size_t)offset);
|
|
|
|
const struct fmap *fmap = (const struct fmap *)(buf + offset);
|
|
*fmap_out = malloc(fmap_size(fmap));
|
|
if (*fmap_out == NULL) {
|
|
msg_gerr("Out of memory.\n");
|
|
return 1;
|
|
}
|
|
|
|
memcpy(*fmap_out, fmap, fmap_size(fmap));
|
|
return 0;
|
|
}
|
|
|
|
static int fmap_lsearch_rom(struct fmap **fmap_out,
|
|
struct flashctx *const flashctx, size_t rom_offset, size_t len)
|
|
{
|
|
int ret = -1;
|
|
uint8_t *buf;
|
|
|
|
if (prepare_flash_access(flashctx, true, false, false, false))
|
|
goto _finalize_ret;
|
|
|
|
/* likely more memory than we need, but it simplifies handling and
|
|
* printing offsets to keep them uniform with what's on the ROM */
|
|
buf = malloc(rom_offset + len);
|
|
if (!buf) {
|
|
msg_gerr("Out of memory.\n");
|
|
goto _finalize_ret;
|
|
}
|
|
|
|
ret = read_flash(flashctx, buf + rom_offset, rom_offset, len);
|
|
if (ret) {
|
|
msg_pdbg("Cannot read ROM contents.\n");
|
|
goto _free_ret;
|
|
}
|
|
|
|
ret = fmap_read_from_buffer(fmap_out, buf + rom_offset, len);
|
|
_free_ret:
|
|
free(buf);
|
|
_finalize_ret:
|
|
finalize_flash_access(flashctx);
|
|
return ret;
|
|
}
|
|
|
|
static int fmap_bsearch_rom(struct fmap **fmap_out, struct flashctx *const flashctx,
|
|
size_t rom_offset, size_t len, size_t min_stride)
|
|
{
|
|
size_t stride, fmap_len = 0;
|
|
int ret = 1;
|
|
bool fmap_found = false;
|
|
bool check_offset_0 = true;
|
|
struct fmap *fmap;
|
|
const unsigned int chip_size = flashctx->chip->total_size * 1024;
|
|
const int sig_len = strlen(FMAP_SIGNATURE);
|
|
|
|
if (rom_offset + len > flashctx->chip->total_size * 1024)
|
|
return 1;
|
|
|
|
if (len < sizeof(*fmap))
|
|
return 1;
|
|
|
|
if (prepare_flash_access(flashctx, true, false, false, false))
|
|
return 1;
|
|
|
|
fmap = malloc(sizeof(*fmap));
|
|
if (!fmap) {
|
|
msg_gerr("Out of memory.\n");
|
|
goto _free_ret;
|
|
}
|
|
|
|
/*
|
|
* For efficient operation, we start with the largest stride possible
|
|
* and then decrease the stride on each iteration. Also, check for a
|
|
* remainder when modding the offset with the previous stride. This
|
|
* makes it so that each offset is only checked once.
|
|
*
|
|
* Zero (rom_offset == 0) is a special case and is handled using a
|
|
* variable to track whether or not we've checked it.
|
|
*/
|
|
size_t offset;
|
|
for (stride = chip_size / 2; stride >= min_stride; stride /= 2) {
|
|
if (stride > len)
|
|
continue;
|
|
|
|
for (offset = rom_offset;
|
|
offset <= rom_offset + len - sizeof(struct fmap);
|
|
offset += stride) {
|
|
if ((offset % (stride * 2) == 0) && (offset != 0))
|
|
continue;
|
|
if (offset == 0 && !check_offset_0)
|
|
continue;
|
|
check_offset_0 = false;
|
|
|
|
/* Read errors are considered non-fatal since we may
|
|
* encounter locked regions and want to continue. */
|
|
if (read_flash(flashctx, (uint8_t *)fmap, offset, sig_len)) {
|
|
/*
|
|
* Print in verbose mode only to avoid excessive
|
|
* messages for benign errors. Subsequent error
|
|
* prints should be done as usual.
|
|
*/
|
|
msg_cdbg("Cannot read %d bytes at offset %zu\n", sig_len, offset);
|
|
continue;
|
|
}
|
|
|
|
if (memcmp(fmap, FMAP_SIGNATURE, sig_len) != 0)
|
|
continue;
|
|
|
|
if (read_flash(flashctx, (uint8_t *)fmap + sig_len,
|
|
offset + sig_len, sizeof(*fmap) - sig_len)) {
|
|
msg_cerr("Cannot read %zu bytes at offset %06zx\n",
|
|
sizeof(*fmap) - sig_len, offset + sig_len);
|
|
continue;
|
|
}
|
|
|
|
if (is_valid_fmap(fmap)) {
|
|
msg_gdbg("fmap found at offset 0x%06zx\n", offset);
|
|
fmap_found = true;
|
|
break;
|
|
}
|
|
msg_gerr("fmap signature found at %zu but header is invalid.\n", offset);
|
|
ret = 2;
|
|
}
|
|
|
|
if (fmap_found)
|
|
break;
|
|
}
|
|
|
|
if (!fmap_found)
|
|
goto _free_ret;
|
|
|
|
fmap_len = fmap_size(fmap);
|
|
struct fmap *tmp = fmap;
|
|
fmap = realloc(fmap, fmap_len);
|
|
if (!fmap) {
|
|
msg_gerr("Failed to realloc.\n");
|
|
free(tmp);
|
|
goto _free_ret;
|
|
}
|
|
|
|
if (read_flash(flashctx, (uint8_t *)fmap + sizeof(*fmap),
|
|
offset + sizeof(*fmap), fmap_len - sizeof(*fmap))) {
|
|
msg_cerr("Cannot read %zu bytes at offset %06zx\n",
|
|
fmap_len - sizeof(*fmap), offset + sizeof(*fmap));
|
|
/* Treat read failure to be fatal since this
|
|
* should be a valid, usable fmap. */
|
|
ret = 2;
|
|
goto _free_ret;
|
|
}
|
|
|
|
*fmap_out = fmap;
|
|
ret = 0;
|
|
_free_ret:
|
|
if (ret)
|
|
free(fmap);
|
|
finalize_flash_access(flashctx);
|
|
return ret;
|
|
}
|
|
|
|
/**
|
|
* @brief Read fmap from ROM
|
|
*
|
|
* @param[out] fmap_out Double-pointer to location to store fmap contents.
|
|
* Caller must free allocated fmap contents.
|
|
* @param[in] flashctx Flash context
|
|
* @param[in] rom_offset Offset in ROM to begin search
|
|
* @param[in] len Length to search relative to rom_offset
|
|
*
|
|
* @return 0 on success,
|
|
* 2 if the fmap couldn't be read,
|
|
* 1 on any other error.
|
|
*/
|
|
int fmap_read_from_rom(struct fmap **fmap_out,
|
|
struct flashctx *const flashctx, size_t rom_offset, size_t len)
|
|
{
|
|
int ret;
|
|
|
|
if (!flashctx || !flashctx->chip)
|
|
return 1;
|
|
|
|
/*
|
|
* Binary search is used at first to see if we can find an fmap quickly
|
|
* in a usual location (often at a power-of-2 offset). However, once we
|
|
* reach a small enough stride the transaction overhead will reverse the
|
|
* speed benefit of using bsearch at which point we need to use brute-
|
|
* force instead.
|
|
*
|
|
* TODO: Since flashrom is often used with high-latency external
|
|
* programmers we should not be overly aggressive with bsearch.
|
|
*/
|
|
ret = fmap_bsearch_rom(fmap_out, flashctx, rom_offset, len, 256);
|
|
if (ret) {
|
|
msg_gdbg("Binary search failed, trying linear search...\n");
|
|
ret = fmap_lsearch_rom(fmap_out, flashctx, rom_offset, len);
|
|
}
|
|
|
|
return ret;
|
|
}
|