[Skiboot] [PATCH 2/5] libffs: Understand how to create FFS partition TOCs and entries.

Cyril Bur cyril.bur at au1.ibm.com
Fri Mar 17 16:13:06 AEDT 2017


Signed-off-by: Cyril Bur <cyril.bur at au1.ibm.com>
---
 libflash/ffs.h    |  26 ++++
 libflash/libffs.c | 363 +++++++++++++++++++++++++++++++++++++++++++++++++++---
 libflash/libffs.h |  18 +++
 3 files changed, 393 insertions(+), 14 deletions(-)

diff --git a/libflash/ffs.h b/libflash/ffs.h
index 64e5e6a1..6ba77136 100644
--- a/libflash/ffs.h
+++ b/libflash/ffs.h
@@ -54,6 +54,29 @@ enum ffs_type {
 	FFS_TYPE_PARTITION = 3,
 };
 
+/*
+ * Flag bit definitions
+ */
+#define FFS_FLAGS_PROTECTED	0x0001
+#define FFS_FLAGS_U_BOOT_ENV	0x0002
+
+/* Data integrity flags */
+#define FFS_ENRY_INTEG_ECC 0x8000
+
+/*
+ * User verCheck definitions
+ */
+#define FFS_VERCHECK_SHA512V 0x80
+#define FFS_VERCHECK_SHA512EC 0x40
+
+/*
+ * User miscFlags
+ */
+#define FFS_MISCFLAGS_PRESERVED 0x80
+#define FFS_MISCFLAGS_READONLY 0x40
+#define FFS_MISCFLAGS_BACKUP 0x20
+#define FFS_MISCFLAGS_REPROVISION 0x10
+
 /**
  * struct __ffs_entry_user - On flash user data entries
  *
@@ -186,9 +209,12 @@ struct __ffs_hdr {
  */
 struct ffs_hdr {
 	uint32_t version;
+	uint32_t base;
 	uint32_t size;
 	uint32_t block_size;
 	uint32_t block_count;
+	struct ffs_entry *backup;
+	struct ffs_hdr *side;
 	struct list_head entries;
 };
 
diff --git a/libflash/libffs.c b/libflash/libffs.c
index d2d77638..9ce72248 100644
--- a/libflash/libffs.c
+++ b/libflash/libffs.c
@@ -66,7 +66,12 @@ static uint32_t ffs_entry_checksum(struct __ffs_entry *ent)
 	return ffs_checksum(ent, sizeof(struct __ffs_entry));
 }
 
-__unused static int ffs_num_entries(struct ffs_hdr *hdr)
+static size_t ffs_hdr_raw_size(int num_entries)
+{
+	return sizeof(struct __ffs_hdr) + num_entries * sizeof(struct __ffs_entry);
+}
+
+static int ffs_num_entries(struct ffs_hdr *hdr)
 {
 	struct ffs_entry *ent;
 	int num_entries = 0;
@@ -77,11 +82,6 @@ __unused static int ffs_num_entries(struct ffs_hdr *hdr)
 	return num_entries;
 }
 
-__unused static size_t ffs_hdr_raw_size(int num_entries)
-{
-	return sizeof(struct __ffs_hdr) + num_entries * sizeof(struct __ffs_entry);
-}
-
 static int ffs_check_convert_header(struct ffs_hdr *dst, struct __ffs_hdr *src)
 {
 	if (be32_to_cpu(src->magic) != FFS_MAGIC)
@@ -104,8 +104,8 @@ static int ffs_check_convert_header(struct ffs_hdr *dst, struct __ffs_hdr *src)
 	return 0;
 }
 
-static int ffs_entry_user_to_flash(struct __ffs_entry_user *dst,
-		struct ffs_entry_user *src)
+static int ffs_entry_user_to_flash(struct ffs_hdr *hdr __unused,
+		struct __ffs_entry_user *dst, struct ffs_entry_user *src)
 {
 	memset(dst, 0, sizeof(struct __ffs_entry_user));
 	dst->datainteg = cpu_to_be16(src->datainteg);
@@ -115,8 +115,8 @@ static int ffs_entry_user_to_flash(struct __ffs_entry_user *dst,
 	return 0;
 }
 
-static int ffs_entry_user_to_cpu(struct ffs_entry_user *dst,
-		struct __ffs_entry_user *src)
+static int ffs_entry_user_to_cpu(struct ffs_hdr *hdr __unused,
+		struct ffs_entry_user *dst, struct __ffs_entry_user *src)
 {
 	memset(dst, 0, sizeof(struct ffs_entry_user));
 	dst->datainteg = be16_to_cpu(src->datainteg);
@@ -153,7 +153,7 @@ static int ffs_entry_to_flash(struct ffs_hdr *hdr,
 	dst->type = cpu_to_be32(src->type); /* TODO: Check that it is valid? */
 	dst->flags = cpu_to_be32(src->flags);
 	dst->actual = cpu_to_be32(src->actual);
-	rc = ffs_entry_user_to_flash(&dst->user, &src->user);
+	rc = ffs_entry_user_to_flash(hdr, &dst->user, &src->user);
 	dst->checksum = ffs_entry_checksum(dst);
 
 	return rc;
@@ -175,7 +175,7 @@ static int ffs_entry_to_cpu(struct ffs_hdr *hdr,
 	dst->pid = be32_to_cpu(src->pid);
 	dst->type = be32_to_cpu(src->type); /* TODO: Check that it is valid? */
 	dst->flags = be32_to_cpu(src->flags);
-	rc = ffs_entry_user_to_cpu(&dst->user, &src->user);
+	rc = ffs_entry_user_to_cpu(hdr, &dst->user, &src->user);
 
 	return rc;
 }
@@ -351,7 +351,7 @@ int ffs_lookup_part(struct ffs_handle *ffs, const char *name,
 	struct ffs_entry *ent = NULL;
 
 	list_for_each(&ffs->hdr.entries, ent, list) {
-		if (!strncmp(name, ent->name, sizeof(ent->name)))
+		if (strncmp(name, ent->name, sizeof(ent->name)) == 0)
 			break;
 		i++;
 	}
@@ -431,6 +431,342 @@ int ffs_next_side(struct ffs_handle *ffs, struct ffs_handle **new_ffs,
 	return ffs_init(offset, max_size, ffs->bl, new_ffs, mark_ecc);
 }
 
+static int __ffs_entry_add(struct ffs_hdr *hdr, struct ffs_entry *entry)
+{
+	struct ffs_entry *ent;
+	uint32_t smallest_base;
+	const char *smallest_name;
+	int count = 0;
+	assert(!list_empty(&hdr->entries));
+
+	if (entry->base + entry->size > hdr->block_size * hdr->block_count)
+		return FFS_ERR_BAD_PART_SIZE;
+
+	smallest_base = entry->base;
+	smallest_name = entry->name;
+	/* Input validate first to a) fail early b) do it all together */
+	list_for_each(&hdr->entries, ent, list) {
+		/* Don't allow same names to differ only by case */
+		if (strncasecmp(entry->name, ent->name, FFS_PART_NAME_MAX) == 0)
+			return FFS_ERR_BAD_PART_NAME;
+
+		if (entry->base >= ent->base && entry->base < ent->base + ent->size)
+			return FFS_ERR_BAD_PART_BASE;
+
+		if (entry->base + entry->size > ent->base &&
+				entry->base + entry->size < ent->base + ent->size)
+			return FFS_ERR_BAD_PART_SIZE;
+
+		if (entry->actual > entry->size)
+			return FFS_ERR_BAD_PART_SIZE;
+
+		if (entry->pid != FFS_PID_TOPLEVEL)
+			return FFS_ERR_BAD_PART_PID;
+
+		/* Skip the first partition as it IS the partition table */
+		if (ent->base < smallest_base && count > 0) {
+			smallest_base = ent->base;
+			smallest_name = ent->name;
+		}
+		count++;
+	}
+
+	if (count * sizeof(struct __ffs_entry) +
+			sizeof(struct __ffs_hdr) > smallest_base) {
+		fprintf(stderr, "Adding partition '%s' would cause partition '%s' at "
+				"0x%08x to overlap with the header\n", entry->name, smallest_name,
+				smallest_base);
+		return FFS_ERR_BAD_PART_BASE;
+	}
+
+	/*
+	 * A header can't have zero entries. Was asserted.
+	 */
+	list_for_each(&hdr->entries, ent, list)
+		if (entry->base < ent->base)
+			break;
+
+	if (ent == list_top(&hdr->entries, struct ffs_entry, list)) {
+		/*
+		 * This should never happen because the partition entry
+		 * should ALWAYS be here
+		 */
+		fprintf(stderr, "Warning: replacing first entry in FFS header\n");
+		list_add(&hdr->entries, &entry->list);
+	} else if (!ent) {
+		list_add_tail(&hdr->entries, &entry->list);
+	} else {
+		list_add_before(&hdr->entries, &entry->list, &ent->list);
+	}
+
+	return 0;
+}
+
+int ffs_entry_add(struct ffs_hdr *hdr, struct ffs_entry *entry, unsigned int side)
+{
+	int rc;
+
+	/*
+	 * Refuse to add anything after BACKUP_PART has been added, not
+	 * sure why this is needed anymore
+	 */
+	if (hdr->backup)
+		return FLASH_ERR_PARM_ERROR;
+
+	if (side == 0) { /* Sideless... */
+		rc = __ffs_entry_add(hdr, entry);
+		if (!rc && hdr->side) {
+			struct ffs_entry *other_ent;
+
+			/*
+			 * A rather sneaky copy is hidden here.
+			 * It doesn't make sense for a consumer to be aware that structures
+			 * must be duplicated. The entries list in the header could have
+			 * been an array of pointers and no copy would have been required.
+			 */
+			other_ent = calloc(1, sizeof (struct ffs_entry));
+			if (!other_ent)
+				/* TODO Remove the added entry from side 1 */
+				return FLASH_ERR_PARM_ERROR;
+			memcpy(other_ent, entry, sizeof(struct ffs_entry));
+			rc = __ffs_entry_add(hdr->side, other_ent);
+			if (rc)
+				/* TODO Remove the added entry from side 1 */
+				free(other_ent);
+		}
+	} else if (side == 1) {
+		rc = __ffs_entry_add(hdr, entry);
+	} else if (side == 2 && hdr->side) {
+		rc = __ffs_entry_add(hdr->side, entry);
+	} else {
+		rc = FLASH_ERR_PARM_ERROR;
+	}
+
+	return rc;
+}
+
+/* This should be done last! */
+int ffs_hdr_create_backup(struct ffs_hdr *hdr)
+{
+	struct ffs_entry *ent;
+	struct ffs_entry *backup;
+	int rc = 0;
+	ent = list_tail(&hdr->entries, struct ffs_entry, list);
+	if (!ent) {
+		return FLASH_ERR_PARM_ERROR;
+	}
+
+	rc = ffs_entry_new("BACKUP_PART",
+		hdr->base + (hdr->block_size * (hdr->block_count - 1 )) - hdr->size,
+		hdr->size, &backup);
+	if (rc)
+		return rc;
+
+	rc = __ffs_entry_add(hdr, backup);
+	if (rc) {
+		free(backup);
+		return rc;
+	}
+
+	hdr->backup = backup;
+
+	/* Do we try to roll back completely if that fails or leave what we've added? */
+	if (hdr->side && hdr->base == 0)
+		rc = ffs_hdr_create_backup(hdr->side);
+
+	return rc;
+}
+
+int ffs_hdr_add_side(struct ffs_hdr *hdr)
+{
+	int rc;
+
+	/* Only a second side for now */
+	if (hdr->side)
+		return FLASH_ERR_PARM_ERROR;
+
+	rc = ffs_hdr_new(hdr->size, hdr->block_size, hdr->block_count, &hdr->side);
+	if (rc)
+		return rc;
+
+	hdr->side->base = hdr->block_size * hdr->block_count;
+	/* Sigh */
+	hdr->side->side = hdr;
+
+	return rc;
+}
+
+int ffs_hdr_finalise(struct blocklevel_device *bl, struct ffs_hdr *hdr)
+{
+	int num_entries, i, rc = 0;
+	struct ffs_entry *ent;
+	struct __ffs_hdr *real_hdr;
+
+	num_entries = ffs_num_entries(hdr);
+
+	/* A TOC shouldn't have zero partitions */
+	if (num_entries == 0)
+		return FFS_ERR_BAD_SIZE;
+
+	if (hdr->side) {
+		struct ffs_entry *other_side;
+		/* TODO: Change the hard coded 0x8000 */
+		rc = ffs_entry_new("OTHER_SIDE", hdr->side->base, 0x8000, &other_side);
+		if (rc)
+			return rc;
+		list_add_tail(&hdr->entries, &other_side->list);
+		num_entries++;
+	}
+
+	real_hdr = malloc(ffs_hdr_raw_size(num_entries));
+	if (!real_hdr)
+		return FLASH_ERR_MALLOC_FAILED;
+
+	real_hdr->magic = cpu_to_be32(FFS_MAGIC);
+	real_hdr->version = cpu_to_be32(hdr->version);
+	real_hdr->size = cpu_to_be32(hdr->size / hdr->block_size);
+	real_hdr->entry_size = cpu_to_be32(sizeof(struct __ffs_entry));
+	real_hdr->entry_count = cpu_to_be32(num_entries);
+	real_hdr->block_size = cpu_to_be32(hdr->block_size);
+	real_hdr->block_count = cpu_to_be32(hdr->block_count);
+	real_hdr->checksum = ffs_hdr_checksum(real_hdr);
+
+	i = 0;
+	list_for_each(&hdr->entries, ent, list) {
+		rc = ffs_entry_to_flash(hdr, real_hdr->entries + i, ent);
+		if (rc) {
+			fprintf(stderr, "Couldn't format all entries for new TOC\n");
+			goto out;
+		}
+		i++;
+	}
+
+	/* Don't really care if this fails */
+	blocklevel_erase(bl, hdr->base, hdr->size);
+	rc = blocklevel_write(bl, hdr->base, real_hdr,
+		ffs_hdr_raw_size(num_entries));
+	if (rc)
+		goto out;
+
+	if (hdr->backup) {
+		fprintf(stderr, "Actually writing backup part @ 0x%08x\n", hdr->backup->base);
+		blocklevel_erase(bl, hdr->backup->base, hdr->size);
+		rc = blocklevel_write(bl, hdr->backup->base, real_hdr,
+			ffs_hdr_raw_size(num_entries));
+	}
+	if (rc)
+		goto out;
+
+	if (hdr->side && hdr->base == 0)
+		rc = ffs_hdr_finalise(bl, hdr->side);
+out:
+	free(real_hdr);
+	return rc;
+}
+
+int ffs_entry_user_set(struct ffs_entry *ent, struct ffs_entry_user *user)
+{
+	if (!ent || !user)
+		return -1;
+
+	/*
+	 * Don't allow the user to specify anything we dont't know about.
+	 * Rationale: This is the library providing access to the FFS structures.
+	 *   If the consumer of the library knows more about FFS structures then
+	 *   questions need to be asked.
+	 *   The other possibility is that they've unknowningly supplied invalid
+	 *   flags, we should tell them.
+	 */
+	if (user->chip)
+		return -1;
+	if (user->compresstype)
+		return -1;
+	if (user->datainteg & ~(FFS_ENRY_INTEG_ECC))
+		return -1;
+	if (user->vercheck & ~(FFS_VERCHECK_SHA512V | FFS_VERCHECK_SHA512EC))
+		return -1;
+	if (user->miscflags & ~(FFS_MISCFLAGS_PRESERVED | FFS_MISCFLAGS_BACKUP |
+				FFS_MISCFLAGS_READONLY | FFS_MISCFLAGS_REPROVISION))
+		return -1;
+
+	memcpy(&ent->user, user, sizeof(*user));
+	return 0;
+}
+
+int ffs_entry_new(const char *name, uint32_t base, uint32_t size, struct ffs_entry **r)
+{
+	struct ffs_entry *ret;
+
+	ret = calloc(1, sizeof(*ret));
+	if (!ret)
+		return FLASH_ERR_MALLOC_FAILED;
+
+	strncpy(ret->name, name, FFS_PART_NAME_MAX);
+	ret->name[FFS_PART_NAME_MAX] = '\0';
+	ret->base = base;
+	ret->size = size;
+	ret->actual = size;
+	ret->pid = FFS_PID_TOPLEVEL;
+	ret->type = FFS_TYPE_DATA;
+
+	*r = ret;
+	return 0;
+}
+
+int ffs_hdr_new(uint32_t size, uint32_t block_size, uint32_t block_count, struct ffs_hdr **r)
+{
+	struct ffs_hdr *ret;
+	struct ffs_entry *part_table;
+	int rc;
+
+	if (size % block_size || size > block_size * block_count)
+		return FFS_ERR_BAD_SIZE;
+
+	ret = calloc(1, sizeof(*ret));
+	if (!ret)
+		return FLASH_ERR_MALLOC_FAILED;
+
+	ret->version = FFS_VERSION_1;
+	ret->size = size;
+	ret->block_size = block_size;
+	ret->block_count = block_count;
+	list_head_init(&ret->entries);
+
+	rc = ffs_entry_new("part", 0, size, &part_table);
+	if (rc) {
+		free(ret);
+		return rc;
+	}
+
+	part_table->pid = FFS_PID_TOPLEVEL;
+	part_table->type = FFS_TYPE_PARTITION;
+	part_table->flags = FFS_FLAGS_PROTECTED;
+
+	list_add(&ret->entries, &part_table->list);
+
+	*r = ret;
+
+	return 0;
+}
+
+int ffs_hdr_free(struct ffs_hdr *hdr)
+{
+	struct ffs_entry *ent, *next;
+
+	printf("Freeing hdr\n");
+	list_for_each_safe(&hdr->entries, ent, next, list) {
+		list_del(&ent->list);
+		free(ent);
+	}
+	if (hdr->side) {
+		hdr->side->side = NULL;
+		ffs_hdr_free(hdr->side);
+	}
+	free(hdr);
+
+	return 0;
+}
+
 int ffs_update_act_size(struct ffs_handle *ffs, uint32_t part_idx,
 			uint32_t act_size)
 {
@@ -461,4 +797,3 @@ int ffs_update_act_size(struct ffs_handle *ffs, uint32_t part_idx,
 
 	return blocklevel_smart_write(ffs->bl, offset, &raw_ent, sizeof(struct __ffs_entry));
 }
-
diff --git a/libflash/libffs.h b/libflash/libffs.h
index 09769618..2c1fbd83 100644
--- a/libflash/libffs.h
+++ b/libflash/libffs.h
@@ -21,7 +21,9 @@
 
 /* FFS handle, opaque */
 struct ffs_handle;
+struct ffs_hdr;
 struct ffs_entry;
+struct ffs_entry_user;
 
 /**
  * struct ffs_entry_user - User data entries
@@ -127,4 +129,20 @@ int ffs_part_info(struct ffs_handle *ffs, uint32_t part_idx,
 int ffs_update_act_size(struct ffs_handle *ffs, uint32_t part_idx,
 			uint32_t act_size);
 
+int ffs_hdr_new(uint32_t size, uint32_t block_size, uint32_t block_count,
+		struct ffs_hdr **r);
+
+int ffs_hdr_add_side(struct ffs_hdr *hdr);
+
+int ffs_entry_new(const char *name, uint32_t base, uint32_t size, struct ffs_entry **r);
+
+int ffs_entry_user_set(struct ffs_entry *ent, struct ffs_entry_user *user);
+
+int ffs_entry_add(struct ffs_hdr *hdr, struct ffs_entry *entry, unsigned int side);
+
+int ffs_hdr_create_backup(struct ffs_hdr *hdr);
+
+int ffs_hdr_finalise(struct blocklevel_device *bl, struct ffs_hdr *hdr);
+
+int ffs_hdr_free(struct ffs_hdr *hdr);
 #endif /* __LIBFFS_H */
-- 
2.12.0



More information about the Skiboot mailing list