Digi
/
meta-digi
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

rocko migration: u-boot-fw-utils: update patches 

Pending to update the patch for dynamic environment location in NAND.

https://jira.digi.com/browse/DEL-5518

Signed-off-by: Jose Diaz de Grenu <Jose.DiazdeGrenu@digi.com>
This commit is contained in:
Jose Diaz de Grenu 2017-12-27 18:00:42 +01:00
parent 2c39f48c51
commit 0307d0c975
7 changed files with 48 additions and 280 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

56
meta-digi-arm/recipes-bsp/u-boot/u-boot-fw-utils/0001-tools-env-implement-support-for-environment-encrypti.patch
View File

@ -1,7 +1,7 @@
From: "Diaz de Grenu, Jose" <Jose.DiazdeGrenu@digi.com>
Date: Tue, 23 Aug 2016 13:05:05 +0200
Subject: [PATCH] tools: env: implement support for environment encryption by
CAAM
Subject: [PATCH 1/4] tools: env: implement support for environment encryption
by CAAM
https://jira.digi.com/browse/DEL-2836
@ -10,21 +10,21 @@ Signed-off-by: Diaz de Grenu, Jose <Jose.DiazdeGrenu@digi.com>
configs/sandbox_defconfig | 1 +
tools/env/Makefile | 2 +-
tools/env/caam_keyblob.h | 45 +++++++++++++++
tools/env/fw_env.c | 138 ++++++++++++++++++++++++++++++++++++++++++++++
4 files changed, 185 insertions(+), 1 deletion(-)
tools/env/fw_env.c | 139 ++++++++++++++++++++++++++++++++++++++++++++++
4 files changed, 186 insertions(+), 1 deletion(-)
create mode 100644 tools/env/caam_keyblob.h
diff --git a/configs/sandbox_defconfig b/configs/sandbox_defconfig
index 02534bfea761..5a690c1cc623 100644
index 4c4e4809be76..82ebe96067b5 100644
--- a/configs/sandbox_defconfig
+++ b/configs/sandbox_defconfig
@@ -90,3 +90,4 @@ CONFIG_UNIT_TEST=y
@@ -193,3 +193,4 @@ CONFIG_UNIT_TEST=y
CONFIG_UT_TIME=y
CONFIG_UT_DM=y
CONFIG_UT_ENV=y
+CONFIG_MD5=y
diff --git a/tools/env/Makefile b/tools/env/Makefile
index 38ad118d032f..fa2a564bb357 100644
index 95b28c0b3a3c..c10ff66c7772 100644
--- a/tools/env/Makefile
+++ b/tools/env/Makefile
@@ -25,7 +25,7 @@ hostprogs-y := fw_printenv
@ -88,10 +88,10 @@ index 000000000000..1cdf3946c1ba
+
+#endif /* CAAM_KEYBLOB_H */
diff --git a/tools/env/fw_env.c b/tools/env/fw_env.c
index b2f62827d918..46c619b211b5 100644
index ab06415898c2..de2e693e9f93 100644
--- a/tools/env/fw_env.c
+++ b/tools/env/fw_env.c
@@ -22,6 +22,7 @@
@@ -24,6 +24,7 @@
#include <sys/types.h>
#include <sys/ioctl.h>
#include <sys/stat.h>
@ -99,17 +99,14 @@ index b2f62827d918..46c619b211b5 100644
#include <unistd.h>
#ifdef MTD_OLD
@@ -32,12 +33,21 @@
@@ -34,9 +35,19 @@
# include <mtd/mtd-user.h>
#endif
+#include "caam_keyblob.h"
#include "fw_env_private.h"
#include "fw_env.h"
struct common_args common_args;
struct printenv_args printenv_args;
struct setenv_args setenv_args;
+/*
+ * The BLOB includes a random AES-256 key (32 bytes) and a
+ * Message Authentication Code (MAC) (16 bytes)
@ -118,19 +115,20 @@ index b2f62827d918..46c619b211b5 100644
+#define CAAM_KEY_DEV "/dev/caam_kb"
+
+#define ARRAY_SIZE(arr) (sizeof(arr) / sizeof((arr)[0]))
#define DIV_ROUND_UP(n, d) (((n) + (d) - 1) / (d))
+
struct env_opts default_opts = {
#ifdef CONFIG_FILE
.config_file = CONFIG_FILE
@@ -113,6 +124,8 @@ static struct environment environment = {
#define WHITESPACE(c) ((c == '\t') || (c == ' '))
@@ -109,6 +119,8 @@ static struct environment environment = {
static int env_aes_cbc_crypt(char *data, const int enc);
static int env_aes_cbc_crypt(char *data, const int enc, uint8_t *key);
+static int caam_encryption_flag;
+
static int HaveRedundEnv = 0;
static unsigned char active_flag = 1;
@@ -234,6 +246,103 @@ int parse_aes_key(char *key, uint8_t *bin_key)
@@ -245,6 +258,103 @@ int parse_aes_key(char *key, uint8_t *bin_key)
return 0;
}
@ -179,7 +177,7 @@ index b2f62827d918..46c619b211b5 100644
+ struct caam_kb_data enc_data;
+ int fd;
+ int ret = 0;
+ const int len = getenvsize();
+ const int len = usable_envsize;
+ int ioctl_mode;
+ char *buffer;
+ unsigned char key_modifier[16];
@ -234,7 +232,7 @@ index b2f62827d918..46c619b211b5 100644
/*
* Print the current definition of one, or more, or all
* environment variables
@@ -311,6 +420,15 @@ int fw_env_close(void)
@@ -323,6 +433,15 @@ int fw_env_flush(struct env_opts *opts)
}
}
@ -250,17 +248,17 @@ index b2f62827d918..46c619b211b5 100644
/*
* Update CRC
*/
@@ -1154,6 +1272,8 @@ int fw_env_open(void)
@@ -1144,6 +1263,8 @@ int fw_env_open(struct env_opts *opts)
struct env_image_single *single;
struct env_image_redundant *redundant;
+ check_caam_encryption();
+
if (parse_config ()) /* should fill envdevices */
return -1;
if (!opts)
opts = &default_opts;
@@ -1192,6 +1312,15 @@ int fw_env_open(void)
return ret;
@@ -1189,6 +1310,15 @@ int fw_env_open(struct env_opts *opts)
goto open_cleanup;
}
+ if (caam_encryption_flag) {
@ -275,8 +273,8 @@ index b2f62827d918..46c619b211b5 100644
crc0_ok = (crc0 == *environment.crc);
if (!HaveRedundEnv) {
if (!crc0_ok) {
@@ -1249,6 +1378,15 @@ int fw_env_open(void)
return ret;
@@ -1251,6 +1381,15 @@ int fw_env_open(struct env_opts *opts)
goto open_cleanup;
}
+ if (caam_encryption_flag) {

13
meta-digi-arm/recipes-bsp/u-boot/u-boot-fw-utils/0002-Implement-U-Boot-environment-access-functions.patch
View File

@ -1,8 +1,9 @@
From: Javier Viguera <javier.viguera@digi.com>
Date: Tue, 10 Jan 2017 19:34:26 +0100
Subject: [PATCH] Implement U-Boot environment access functions
Subject: [PATCH 2/4] Implement U-Boot environment access functions
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Signed-off-by: Jose Diaz de Grenu <Jose.DiazdeGrenu@digi.com>
---
tools/env/Makefile | 2 +-
tools/env/ubootenv.c | 62 ++++++++++++++++++++++++++++++++++++++++++++++++++++
@ -12,7 +13,7 @@ Signed-off-by: Javier Viguera <javier.viguera@digi.com>
create mode 100644 tools/env/ubootenv.h
diff --git a/tools/env/Makefile b/tools/env/Makefile
index fa2a564bb357..b29dcea16fe8 100644
index c10ff66c7772..1d99e3b65dc6 100644
--- a/tools/env/Makefile
+++ b/tools/env/Makefile
@@ -25,7 +25,7 @@ hostprogs-y := fw_printenv
@ -26,7 +27,7 @@ index fa2a564bb357..b29dcea16fe8 100644
diff --git a/tools/env/ubootenv.c b/tools/env/ubootenv.c
new file mode 100644
index 000000000000..db789a55adaa
index 000000000000..836fcd14a67f
--- /dev/null
+++ b/tools/env/ubootenv.c
@@ -0,0 +1,62 @@
@ -61,7 +62,7 @@ index 000000000000..db789a55adaa
+{
+ int ret = 0;
+
+ ret = fw_env_open();
+ ret = fw_env_open(NULL);
+ if (ret)
+ goto err;
+
@ -79,7 +80,7 @@ index 000000000000..db789a55adaa
+{
+ int ret = 0;
+
+ ret = fw_env_open();
+ ret = fw_env_open(NULL);
+ if (ret)
+ goto err;
+
@ -87,7 +88,7 @@ index 000000000000..db789a55adaa
+ if (ret)
+ goto err;
+
+ ret = fw_env_close();
+ ret = fw_env_close(NULL);
+
+err:
+ return ret ? -1 : 0;

19
meta-digi-arm/recipes-bsp/u-boot/u-boot-fw-utils/0003-fw_env-add-support-to-unlock-emmc-boot-partition.patch
View File

@ -1,17 +1,17 @@
From: Javier Viguera <javier.viguera@digi.com>
Date: Thu, 16 Feb 2017 14:53:44 +0100
Subject: [PATCH] fw_env: add support to unlock emmc boot partition
Subject: [PATCH 3/4] fw_env: add support to unlock emmc boot partition
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
---
tools/env/fw_env.c | 31 +++++++++++++++++++++++++++++++
1 file changed, 31 insertions(+)
tools/env/fw_env.c | 32 ++++++++++++++++++++++++++++++++
1 file changed, 32 insertions(+)
diff --git a/tools/env/fw_env.c b/tools/env/fw_env.c
index 46c619b211b5..1c337b4727a9 100644
index de2e693e9f93..db1182c7216e 100644
--- a/tools/env/fw_env.c
+++ b/tools/env/fw_env.c
@@ -1177,9 +1177,31 @@ static int flash_read (int fd)
@@ -1173,9 +1173,31 @@ static int flash_read (int fd)
return 0;
}
@ -43,10 +43,11 @@ index 46c619b211b5..1c337b4727a9 100644
/* dev_current: fd_current, erase_current */
fd_current = open (DEVNAME (dev_current), mode);
@@ -1209,8 +1231,17 @@ static int flash_io (int mode)
@@ -1205,8 +1227,18 @@ static int flash_io (int mode)
fd_target = fd_current;
}
+
+ /* Disable mmcboot protection if using EMMC (set read-write) */
+ mmcblk = strstr(DEVNAME(dev_target), "mmcblk");
+ if (mmcblk)
@ -58,6 +59,6 @@ index 46c619b211b5..1c337b4727a9 100644
+ if (mmcblk)
+ sysfs_mmcboot_set_protection(mmcblk, 1);
+
if (HaveRedundEnv) {
if (close (fd_target)) {
fprintf (stderr,
if (fsync(fd_current) &&
!(errno == EINVAL || errno == EROFS)) {
fprintf (stderr,

68
meta-digi-arm/recipes-bsp/u-boot/u-boot-fw-utils/0004-tools-env-factorize-function-to-get-device-type.patch
View File

@ -1,68 +0,0 @@
From: Hector Palacios <hector.palacios@digi.com>
Date: Mon, 29 May 2017 11:41:23 +0200
Subject: [PATCH 1/2] tools: env: factorize function to get device type
This function may be reused to determine the device type in other helper
functions.
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://jira.digi.com/browse/DUB-741
---
tools/env/fw_env.c | 20 +++++++++++++++-----
1 file changed, 15 insertions(+), 5 deletions(-)
diff --git a/tools/env/fw_env.c b/tools/env/fw_env.c
index 1c337b4727a9..08ba0fd1111f 100644
--- a/tools/env/fw_env.c
+++ b/tools/env/fw_env.c
@@ -1134,7 +1134,7 @@ static int flash_write (int fd_current, int fd_target, int dev_target)
return 0;
}
-static int flash_read (int fd)
+static int get_type(int dev, int fd)
{
struct mtd_info_user mtdinfo;
struct stat st;
@@ -1151,7 +1151,7 @@ static int flash_read (int fd)
rc = ioctl(fd, MEMGETINFO, &mtdinfo);
if (rc < 0) {
fprintf(stderr, "Cannot get MTD information for %s\n",
- DEVNAME(dev_current));
+ DEVNAME(dev));
return -1;
}
if (mtdinfo.type != MTD_NORFLASH &&
@@ -1159,7 +1159,7 @@ static int flash_read (int fd)
mtdinfo.type != MTD_DATAFLASH &&
mtdinfo.type != MTD_UBIVOLUME) {
fprintf (stderr, "Unsupported flash type %u on %s\n",
- mtdinfo.type, DEVNAME(dev_current));
+ mtdinfo.type, DEVNAME(dev));
return -1;
}
} else {
@@ -1167,10 +1167,20 @@ static int flash_read (int fd)
mtdinfo.type = MTD_ABSENT;
}
- DEVTYPE(dev_current) = mtdinfo.type;
+ DEVTYPE(dev) = mtdinfo.type;
+ return 0;
+}
+
+static int flash_read (int fd)
+{
+ int rc;
+
+ rc = get_type(dev_current, fd);
+ if (rc < 0)
+ return -1;
rc = flash_read_buf(dev_current, fd, environment.image, CUR_ENVSIZE,
- DEVOFFSET (dev_current), mtdinfo.type);
+ DEVOFFSET(dev_current), DEVTYPE(dev_current));
if (rc != CUR_ENVSIZE)
return -1;

166
meta-digi-arm/recipes-bsp/u-boot/u-boot-fw-utils/0005-tools-env-add-support-to-set-dynamic-location-of-env.patch
View File

@ -1,166 +0,0 @@
From: Hector Palacios <hector.palacios@digi.com>
Date: Mon, 29 May 2017 12:10:10 +0200
Subject: [PATCH 2/2] tools: env: add support to set dynamic location of
environment copies
A mechanism was added in U-Boot to set the location of environment copies
dynamically in an shared area. If the config file sets both copies to the
same offset, a function will be called to set the offset of each copy to
the first two good NAND sectors within the specified area.
The config file should contain the sector size and the number of sectors
of the area, like in this example:
# Device name Offset Size Erase-size No.Blocks
/dev/mtd1 0x0 0x20000 0x20000 8
/dev/mtd1 0x0 0x20000 0x20000 8
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
https://jira.digi.com/browse/DUB-741
---
tools/env/fw_env.c | 103 +++++++++++++++++++++++++++++++++++++++++++++++++----
1 file changed, 96 insertions(+), 7 deletions(-)
diff --git a/tools/env/fw_env.c b/tools/env/fw_env.c
index 08ba0fd1111f..c1a4d89f62c0 100644
--- a/tools/env/fw_env.c
+++ b/tools/env/fw_env.c
@@ -122,6 +122,8 @@ static int env_aes_cbc_crypt(char *data, const int enc);
static int caam_encryption_flag;
static int HaveRedundEnv = 0;
+static int have_dynamic_env;
+static off_t top_of_range; /* end of the last block we may use */
static unsigned char active_flag = 1;
/* obsolete_flag must be 0 to efficiently set it on NOR flash without erasing */
@@ -790,7 +792,6 @@ static int flash_read_buf (int dev, int fd, void *buf, size_t count,
0 on NOR */
size_t processed = 0; /* progress counter */
size_t readlen = count; /* current read length */
- off_t top_of_range; /* end of the last block we may use */
off_t block_seek; /* offset inside the current block to the start
of the data */
loff_t blockstart; /* running start of the current block -
@@ -809,12 +810,22 @@ static int flash_read_buf (int dev, int fd, void *buf, size_t count,
*/
blocklen = DEVESIZE (dev);
- /*
- * To calculate the top of the range, we have to use the
- * global DEVOFFSET (dev), which can be different from offset
- */
- top_of_range = ((DEVOFFSET(dev) / blocklen) +
- ENVSECTORS (dev)) * blocklen;
+ if (!have_dynamic_env) {
+ /*
+ * To calculate the top of the range, we have to use the
+ * global DEVOFFSET (dev), which can be different from
+ * offset
+ */
+ top_of_range = ((DEVOFFSET(dev) / blocklen) +
+ ENVSECTORS(dev)) * blocklen;
+ }
+
+ if (offset >= top_of_range) {
+ /* End of range is reached */
+ fprintf(stderr,
+ "Too few good blocks within range\n");
+ return -1;
+ }
/* Limit to one block for the first read */
if (readlen > blocklen - block_seek)
@@ -1208,6 +1219,72 @@ static int sysfs_mmcboot_set_protection(const char *device, int value)
return 0;
}
+static int set_dynamic_location(void)
+{
+ int fd, i, nsectors, type;
+ loff_t offset, blocksize;
+ int dev = 0;
+ int copies = 1;
+ int rc = 0;
+
+ if (HaveRedundEnv)
+ copies++;
+
+ fd = open(DEVNAME(dev), O_RDONLY);
+ if (fd < 0) {
+ fprintf(stderr, "Can't open %s: %s\n", DEVNAME(dev),
+ strerror(errno));
+ rc = -1;
+ goto error;
+ }
+
+ rc = get_type(dev, fd);
+ if (rc < 0) {
+ fprintf(stderr, "could not get type\n", DEVNAME(dev),
+ strerror(errno));
+ rc = -1;
+ goto error;
+ }
+
+ /* Set initial block to start looking for environment */
+ offset = DEVOFFSET(dev);
+ /* Use variables for common values */
+ blocksize = DEVESIZE(dev);
+ type = DEVTYPE(dev);
+ /* Look for the number of sectors specified for the primary copy */
+ nsectors = ENVSECTORS(dev);
+
+ for (i = 0; i < nsectors && copies; i++) {
+ rc = flash_bad_block(fd, type, &offset);
+ if (rc < 0) {
+ rc = -1;
+ goto error;
+ } else if (!rc) {
+ /*
+ * Set first good block as primary (no matter if it is
+ * the other copy. After all, the 'current' copy is
+ * determined by the active flag.
+ */
+ DEVOFFSET(dev) = offset;
+ copies--;
+ dev++;
+ }
+ offset += blocksize;
+ }
+
+ while (copies) {
+ /* No good sectors available. Set offset out of bounds */
+ DEVOFFSET(dev) = offset;
+ copies--;
+ dev++;
+ }
+ rc = 0;
+
+error:
+ close(fd);
+ return rc;
+}
+
static int flash_io (int mode)
{
int fd_current, fd_target, rc, dev_target;
@@ -1341,6 +1418,18 @@ int fw_env_open(void)
environment.data = single->data;
}
+ /*
+ * Trigger dynamic location of environment if redundant copy has the
+ * same offset than primary copy.
+ */
+ if (HaveRedundEnv && (DEVOFFSET(0) == DEVOFFSET(1))) {
+ have_dynamic_env = 1;
+ top_of_range = DEVOFFSET(0) + (ENVSECTORS(0) * DEVESIZE(0));
+
+ if (set_dynamic_location() < 0)
+ return -1;
+ }
+
dev_current = 0;
if (flash_io (O_RDONLY))
return -1;

2
meta-digi-arm/recipes-bsp/u-boot/u-boot-fw-utils_%.bbappend
View File

@ -10,8 +10,6 @@ UBOOT_FW_UTILS_PATCHES = " \
file://0001-tools-env-implement-support-for-environment-encrypti.patch \
file://0002-Implement-U-Boot-environment-access-functions.patch \
file://0003-fw_env-add-support-to-unlock-emmc-boot-partition.patch \
file://0004-tools-env-factorize-function-to-get-device-type.patch \
file://0005-tools-env-add-support-to-set-dynamic-location-of-env.patch \
"
# Patches from 'meta-swupdate' touch the same files than ours, so we need to

4
meta-digi-dey/conf/distro/dey.conf
View File

@ -51,6 +51,10 @@ PREFERRED_PROVIDER_jpeg_armv7a ?= "libjpeg-turbo"
PREFERRED_VERSION_linux-yocto ?= "4.12%"
# Some features (swupdate, environment encryption) depends on this specific
# provider for u-boot-fw-tools
PREFERRED_PROVIDER_u-boot-fw-utils ?= "u-boot-fw-utils"
# Use git recipe for libsoc
PREFERRED_VERSION_libsoc = "git"