mirror of
https://review.coreboot.org/flashrom.git
synced 2025-11-14 03:30:41 +01:00
c09a2f5387
Change-Id: Ic24a54ab520053e49efcba02bd9fa5b8ce69b20a Signed-off-by: Anastasia Klimchuk <aklm@flashrom.org> Reviewed-on: https://review.coreboot.org/c/flashrom/+/89956 Reviewed-by: Antonio Vázquez Blanco <antoniovazquezblanco@gmail.com> Reviewed-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
318 lines
8.6 KiB
C
318 lines
8.6 KiB
C
/*
|
|
* SPDX-License-Identifier: BSD-3-Clause OR GPL-2.0-only
|
|
* SPDX-FileCopyrightText: 2010, Google LLC.
|
|
* SPDX-FileCopyrightText: 2018-present, Facebook Inc. All rights reserved.
|
|
*/
|
|
|
|
#include <ctype.h>
|
|
#include <stdbool.h>
|
|
#include <stdlib.h>
|
|
#include <string.h>
|
|
#include <sys/types.h>
|
|
#include "flash.h"
|
|
#include "fmap.h"
|
|
|
|
static size_t fmap_size(const struct fmap *fmap)
|
|
{
|
|
return sizeof(*fmap) + (fmap->nareas * sizeof(struct fmap_area));
|
|
}
|
|
|
|
/* Make a best-effort assessment if the given fmap is real */
|
|
static int is_valid_fmap(const struct fmap *fmap)
|
|
{
|
|
if (memcmp(fmap, FMAP_SIGNATURE, strlen(FMAP_SIGNATURE)) != 0)
|
|
return 0;
|
|
/* strings containing the magic tend to fail here */
|
|
if (fmap->ver_major != FMAP_VER_MAJOR)
|
|
return 0;
|
|
/* a basic consistency check: flash address space size should be larger
|
|
* than the size of the fmap data structure */
|
|
if (fmap->size < fmap_size(fmap))
|
|
return 0;
|
|
|
|
/* fmap-alikes along binary data tend to fail on having a valid,
|
|
* null-terminated string in the name field.*/
|
|
int i;
|
|
for (i = 0; i < FMAP_STRLEN; i++) {
|
|
if (fmap->name[i] == 0)
|
|
break;
|
|
if (!isgraph(fmap->name[i]))
|
|
return 0;
|
|
if (i == FMAP_STRLEN - 1) {
|
|
/* name is specified to be null terminated single-word string
|
|
* without spaces. We did not break in the 0 test, we know it
|
|
* is a printable spaceless string but we're seeing FMAP_STRLEN
|
|
* symbols, which is one too many.
|
|
*/
|
|
return 0;
|
|
}
|
|
}
|
|
return 1;
|
|
|
|
}
|
|
|
|
/**
|
|
* @brief Do a brute-force linear search for fmap in provided buffer
|
|
*
|
|
* @param[in] buffer The buffer to search
|
|
* @param[in] len Length (in bytes) to search
|
|
*
|
|
* @return offset in buffer where fmap is found if successful
|
|
* -1 to indicate that fmap was not found
|
|
* -2 to indicate fmap is truncated or exceeds buffer + len
|
|
*/
|
|
static ssize_t fmap_lsearch(const uint8_t *buf, size_t len)
|
|
{
|
|
ssize_t offset;
|
|
bool fmap_found = false;
|
|
|
|
if (len < sizeof(struct fmap))
|
|
return -1;
|
|
|
|
for (offset = 0; offset <= (ssize_t)(len - sizeof(struct fmap)); offset++) {
|
|
if (is_valid_fmap((struct fmap *)&buf[offset])) {
|
|
fmap_found = true;
|
|
break;
|
|
}
|
|
}
|
|
|
|
if (!fmap_found)
|
|
return -1;
|
|
|
|
if (offset + fmap_size((struct fmap *)&buf[offset]) > len) {
|
|
msg_gerr("fmap size exceeds buffer boundary.\n");
|
|
return -2;
|
|
}
|
|
|
|
return offset;
|
|
}
|
|
|
|
/**
|
|
* @brief Read fmap from provided buffer and copy it to fmap_out
|
|
*
|
|
* @param[out] fmap_out Double-pointer to location to store fmap contents.
|
|
* Caller must free allocated fmap contents.
|
|
* @param[in] buf Buffer to search
|
|
* @param[in] len Length (in bytes) to search
|
|
*
|
|
* @return 0 if successful
|
|
* 1 to indicate error
|
|
* 2 to indicate fmap is not found
|
|
*/
|
|
int fmap_read_from_buffer(struct fmap **fmap_out, const uint8_t *const buf, size_t len)
|
|
{
|
|
ssize_t offset = fmap_lsearch(buf, len);
|
|
if (offset < 0) {
|
|
msg_gdbg("Unable to find fmap in provided buffer.\n");
|
|
return 2;
|
|
}
|
|
msg_gdbg("Found fmap at offset 0x%06zx\n", (size_t)offset);
|
|
|
|
const struct fmap *fmap = (const struct fmap *)(buf + offset);
|
|
*fmap_out = malloc(fmap_size(fmap));
|
|
if (*fmap_out == NULL) {
|
|
msg_gerr("Out of memory.\n");
|
|
return 1;
|
|
}
|
|
|
|
memcpy(*fmap_out, fmap, fmap_size(fmap));
|
|
return 0;
|
|
}
|
|
|
|
static int fmap_lsearch_rom(struct fmap **fmap_out,
|
|
struct flashctx *const flashctx, size_t rom_offset, size_t len)
|
|
{
|
|
int ret = -1;
|
|
uint8_t *buf;
|
|
|
|
if (prepare_flash_access(flashctx, true, false, false, false))
|
|
goto _finalize_ret;
|
|
|
|
/* likely more memory than we need, but it simplifies handling and
|
|
* printing offsets to keep them uniform with what's on the ROM */
|
|
buf = malloc(rom_offset + len);
|
|
if (!buf) {
|
|
msg_gerr("Out of memory.\n");
|
|
goto _finalize_ret;
|
|
}
|
|
|
|
ret = read_flash(flashctx, buf + rom_offset, rom_offset, len);
|
|
if (ret) {
|
|
msg_pdbg("Cannot read ROM contents.\n");
|
|
goto _free_ret;
|
|
}
|
|
|
|
ret = fmap_read_from_buffer(fmap_out, buf + rom_offset, len);
|
|
_free_ret:
|
|
free(buf);
|
|
_finalize_ret:
|
|
finalize_flash_access(flashctx);
|
|
return ret;
|
|
}
|
|
|
|
static int fmap_bsearch_rom(struct fmap **fmap_out, struct flashctx *const flashctx,
|
|
size_t rom_offset, size_t len, size_t min_stride)
|
|
{
|
|
size_t stride, fmap_len = 0;
|
|
int ret = 1;
|
|
bool fmap_found = false;
|
|
bool check_offset_0 = true;
|
|
struct fmap *fmap;
|
|
const unsigned int chip_size = flashctx->chip->total_size * 1024;
|
|
const int sig_len = strlen(FMAP_SIGNATURE);
|
|
bool skip_unreadable_orig = flashctx->flags.skip_unreadable_regions;
|
|
|
|
if (rom_offset + len > flashctx->chip->total_size * 1024)
|
|
return 1;
|
|
|
|
if (len < sizeof(*fmap))
|
|
return 1;
|
|
|
|
if (prepare_flash_access(flashctx, true, false, false, false))
|
|
return 1;
|
|
|
|
fmap = malloc(sizeof(*fmap));
|
|
if (!fmap) {
|
|
msg_gerr("Out of memory.\n");
|
|
goto _free_ret;
|
|
}
|
|
|
|
/*
|
|
* Ignore unreadable regions when trying to locate the FMAP, in order
|
|
* to avoid a large amount of false-error prints to stderr. Unreadable
|
|
* regions have already reported so errors here are redundant.
|
|
*/
|
|
flashctx->flags.skip_unreadable_regions = true;
|
|
|
|
/*
|
|
* For efficient operation, we start with the largest stride possible
|
|
* and then decrease the stride on each iteration. Also, check for a
|
|
* remainder when modding the offset with the previous stride. This
|
|
* makes it so that each offset is only checked once.
|
|
*
|
|
* Zero (rom_offset == 0) is a special case and is handled using a
|
|
* variable to track whether or not we've checked it.
|
|
*/
|
|
size_t offset;
|
|
for (stride = chip_size / 2; stride >= min_stride; stride /= 2) {
|
|
if (stride > len)
|
|
continue;
|
|
|
|
for (offset = rom_offset;
|
|
offset <= rom_offset + len - sizeof(struct fmap);
|
|
offset += stride) {
|
|
if ((offset % (stride * 2) == 0) && (offset != 0))
|
|
continue;
|
|
if (offset == 0 && !check_offset_0)
|
|
continue;
|
|
check_offset_0 = false;
|
|
|
|
/* Read errors are considered non-fatal since we may
|
|
* encounter locked regions and want to continue. */
|
|
if (read_flash(flashctx, (uint8_t *)fmap, offset, sig_len)) {
|
|
/*
|
|
* Print in verbose mode only to avoid excessive
|
|
* messages for benign errors. Subsequent error
|
|
* prints should be done as usual.
|
|
*/
|
|
msg_cdbg("Cannot read %d bytes at offset %zu\n", sig_len, offset);
|
|
continue;
|
|
}
|
|
|
|
if (memcmp(fmap, FMAP_SIGNATURE, sig_len) != 0)
|
|
continue;
|
|
|
|
if (read_flash(flashctx, (uint8_t *)fmap + sig_len,
|
|
offset + sig_len, sizeof(*fmap) - sig_len)) {
|
|
msg_cerr("Cannot read %zu bytes at offset %06zx\n",
|
|
sizeof(*fmap) - sig_len, offset + sig_len);
|
|
continue;
|
|
}
|
|
|
|
if (is_valid_fmap(fmap)) {
|
|
msg_gdbg("fmap found at offset 0x%06zx\n", offset);
|
|
fmap_found = true;
|
|
break;
|
|
}
|
|
msg_gerr("fmap signature found at %zu but header is invalid.\n", offset);
|
|
ret = 2;
|
|
}
|
|
|
|
if (fmap_found)
|
|
break;
|
|
}
|
|
|
|
/* Restore original flag, since we're done searching */
|
|
flashctx->flags.skip_unreadable_regions = skip_unreadable_orig;
|
|
|
|
if (!fmap_found)
|
|
goto _free_ret;
|
|
|
|
fmap_len = fmap_size(fmap);
|
|
struct fmap *tmp = fmap;
|
|
fmap = realloc(fmap, fmap_len);
|
|
if (!fmap) {
|
|
msg_gerr("Failed to realloc.\n");
|
|
free(tmp);
|
|
goto _free_ret;
|
|
}
|
|
|
|
if (read_flash(flashctx, (uint8_t *)fmap + sizeof(*fmap),
|
|
offset + sizeof(*fmap), fmap_len - sizeof(*fmap))) {
|
|
msg_cerr("Cannot read %zu bytes at offset %06zx\n",
|
|
fmap_len - sizeof(*fmap), offset + sizeof(*fmap));
|
|
/* Treat read failure to be fatal since this
|
|
* should be a valid, usable fmap. */
|
|
ret = 2;
|
|
goto _free_ret;
|
|
}
|
|
|
|
*fmap_out = fmap;
|
|
ret = 0;
|
|
_free_ret:
|
|
if (ret)
|
|
free(fmap);
|
|
finalize_flash_access(flashctx);
|
|
return ret;
|
|
}
|
|
|
|
/**
|
|
* @brief Read fmap from ROM
|
|
*
|
|
* @param[out] fmap_out Double-pointer to location to store fmap contents.
|
|
* Caller must free allocated fmap contents.
|
|
* @param[in] flashctx Flash context
|
|
* @param[in] rom_offset Offset in ROM to begin search
|
|
* @param[in] len Length to search relative to rom_offset
|
|
*
|
|
* @return 0 on success,
|
|
* 2 if the fmap couldn't be read,
|
|
* 1 on any other error.
|
|
*/
|
|
int fmap_read_from_rom(struct fmap **fmap_out,
|
|
struct flashctx *const flashctx, size_t rom_offset, size_t len)
|
|
{
|
|
int ret;
|
|
|
|
if (!flashctx || !flashctx->chip)
|
|
return 1;
|
|
|
|
/*
|
|
* Binary search is used at first to see if we can find an fmap quickly
|
|
* in a usual location (often at a power-of-2 offset). However, once we
|
|
* reach a small enough stride the transaction overhead will reverse the
|
|
* speed benefit of using bsearch at which point we need to use brute-
|
|
* force instead.
|
|
*
|
|
* TODO: Since flashrom is often used with high-latency external
|
|
* programmers we should not be overly aggressive with bsearch.
|
|
*/
|
|
ret = fmap_bsearch_rom(fmap_out, flashctx, rom_offset, len, 256);
|
|
if (ret) {
|
|
msg_gdbg("Binary search failed, trying linear search...\n");
|
|
ret = fmap_lsearch_rom(fmap_out, flashctx, rom_offset, len);
|
|
}
|
|
|
|
return ret;
|
|
}
|