162306a36Sopenharmony_ci// SPDX-License-Identifier: GPL-2.0-or-later 262306a36Sopenharmony_ci/* 362306a36Sopenharmony_ci * Parse RedBoot-style Flash Image System (FIS) tables and 462306a36Sopenharmony_ci * produce a Linux partition array to match. 562306a36Sopenharmony_ci * 662306a36Sopenharmony_ci * Copyright © 2001 Red Hat UK Limited 762306a36Sopenharmony_ci * Copyright © 2001-2010 David Woodhouse <dwmw2@infradead.org> 862306a36Sopenharmony_ci */ 962306a36Sopenharmony_ci 1062306a36Sopenharmony_ci#include <linux/kernel.h> 1162306a36Sopenharmony_ci#include <linux/slab.h> 1262306a36Sopenharmony_ci#include <linux/init.h> 1362306a36Sopenharmony_ci#include <linux/vmalloc.h> 1462306a36Sopenharmony_ci#include <linux/of.h> 1562306a36Sopenharmony_ci#include <linux/mtd/mtd.h> 1662306a36Sopenharmony_ci#include <linux/mtd/partitions.h> 1762306a36Sopenharmony_ci#include <linux/module.h> 1862306a36Sopenharmony_ci 1962306a36Sopenharmony_cistruct fis_image_desc { 2062306a36Sopenharmony_ci unsigned char name[16]; // Null terminated name 2162306a36Sopenharmony_ci u32 flash_base; // Address within FLASH of image 2262306a36Sopenharmony_ci u32 mem_base; // Address in memory where it executes 2362306a36Sopenharmony_ci u32 size; // Length of image 2462306a36Sopenharmony_ci u32 entry_point; // Execution entry point 2562306a36Sopenharmony_ci u32 data_length; // Length of actual data 2662306a36Sopenharmony_ci unsigned char _pad[256 - (16 + 7 * sizeof(u32))]; 2762306a36Sopenharmony_ci u32 desc_cksum; // Checksum over image descriptor 2862306a36Sopenharmony_ci u32 file_cksum; // Checksum over image data 2962306a36Sopenharmony_ci}; 3062306a36Sopenharmony_ci 3162306a36Sopenharmony_cistruct fis_list { 3262306a36Sopenharmony_ci struct fis_image_desc *img; 3362306a36Sopenharmony_ci struct fis_list *next; 3462306a36Sopenharmony_ci}; 3562306a36Sopenharmony_ci 3662306a36Sopenharmony_cistatic int directory = CONFIG_MTD_REDBOOT_DIRECTORY_BLOCK; 3762306a36Sopenharmony_cimodule_param(directory, int, 0); 3862306a36Sopenharmony_ci 3962306a36Sopenharmony_cistatic inline int redboot_checksum(struct fis_image_desc *img) 4062306a36Sopenharmony_ci{ 4162306a36Sopenharmony_ci /* RedBoot doesn't actually write the desc_cksum field yet AFAICT */ 4262306a36Sopenharmony_ci return 1; 4362306a36Sopenharmony_ci} 4462306a36Sopenharmony_ci 4562306a36Sopenharmony_cistatic void parse_redboot_of(struct mtd_info *master) 4662306a36Sopenharmony_ci{ 4762306a36Sopenharmony_ci struct device_node *np; 4862306a36Sopenharmony_ci struct device_node *npart; 4962306a36Sopenharmony_ci u32 dirblock; 5062306a36Sopenharmony_ci int ret; 5162306a36Sopenharmony_ci 5262306a36Sopenharmony_ci np = mtd_get_of_node(master); 5362306a36Sopenharmony_ci if (!np) 5462306a36Sopenharmony_ci return; 5562306a36Sopenharmony_ci 5662306a36Sopenharmony_ci npart = of_get_child_by_name(np, "partitions"); 5762306a36Sopenharmony_ci if (!npart) 5862306a36Sopenharmony_ci return; 5962306a36Sopenharmony_ci 6062306a36Sopenharmony_ci ret = of_property_read_u32(npart, "fis-index-block", &dirblock); 6162306a36Sopenharmony_ci of_node_put(npart); 6262306a36Sopenharmony_ci if (ret) 6362306a36Sopenharmony_ci return; 6462306a36Sopenharmony_ci 6562306a36Sopenharmony_ci /* 6662306a36Sopenharmony_ci * Assign the block found in the device tree to the local 6762306a36Sopenharmony_ci * directory block pointer. 6862306a36Sopenharmony_ci */ 6962306a36Sopenharmony_ci directory = dirblock; 7062306a36Sopenharmony_ci} 7162306a36Sopenharmony_ci 7262306a36Sopenharmony_cistatic int parse_redboot_partitions(struct mtd_info *master, 7362306a36Sopenharmony_ci const struct mtd_partition **pparts, 7462306a36Sopenharmony_ci struct mtd_part_parser_data *data) 7562306a36Sopenharmony_ci{ 7662306a36Sopenharmony_ci int nrparts = 0; 7762306a36Sopenharmony_ci struct fis_image_desc *buf; 7862306a36Sopenharmony_ci struct mtd_partition *parts; 7962306a36Sopenharmony_ci struct fis_list *fl = NULL, *tmp_fl; 8062306a36Sopenharmony_ci int ret, i; 8162306a36Sopenharmony_ci size_t retlen; 8262306a36Sopenharmony_ci char *names; 8362306a36Sopenharmony_ci char *nullname; 8462306a36Sopenharmony_ci int namelen = 0; 8562306a36Sopenharmony_ci int nulllen = 0; 8662306a36Sopenharmony_ci int numslots; 8762306a36Sopenharmony_ci unsigned long offset; 8862306a36Sopenharmony_ci#ifdef CONFIG_MTD_REDBOOT_PARTS_UNALLOCATED 8962306a36Sopenharmony_ci static char nullstring[] = "unallocated"; 9062306a36Sopenharmony_ci#endif 9162306a36Sopenharmony_ci 9262306a36Sopenharmony_ci parse_redboot_of(master); 9362306a36Sopenharmony_ci 9462306a36Sopenharmony_ci if (directory < 0) { 9562306a36Sopenharmony_ci offset = master->size + directory * master->erasesize; 9662306a36Sopenharmony_ci while (mtd_block_isbad(master, offset)) { 9762306a36Sopenharmony_ci if (!offset) { 9862306a36Sopenharmony_cinogood: 9962306a36Sopenharmony_ci pr_notice("Failed to find a non-bad block to check for RedBoot partition table\n"); 10062306a36Sopenharmony_ci return -EIO; 10162306a36Sopenharmony_ci } 10262306a36Sopenharmony_ci offset -= master->erasesize; 10362306a36Sopenharmony_ci } 10462306a36Sopenharmony_ci } else { 10562306a36Sopenharmony_ci offset = directory * master->erasesize; 10662306a36Sopenharmony_ci while (mtd_block_isbad(master, offset)) { 10762306a36Sopenharmony_ci offset += master->erasesize; 10862306a36Sopenharmony_ci if (offset == master->size) 10962306a36Sopenharmony_ci goto nogood; 11062306a36Sopenharmony_ci } 11162306a36Sopenharmony_ci } 11262306a36Sopenharmony_ci buf = vmalloc(master->erasesize); 11362306a36Sopenharmony_ci 11462306a36Sopenharmony_ci if (!buf) 11562306a36Sopenharmony_ci return -ENOMEM; 11662306a36Sopenharmony_ci 11762306a36Sopenharmony_ci pr_notice("Searching for RedBoot partition table in %s at offset 0x%lx\n", 11862306a36Sopenharmony_ci master->name, offset); 11962306a36Sopenharmony_ci 12062306a36Sopenharmony_ci ret = mtd_read(master, offset, master->erasesize, &retlen, 12162306a36Sopenharmony_ci (void *)buf); 12262306a36Sopenharmony_ci 12362306a36Sopenharmony_ci if (ret) 12462306a36Sopenharmony_ci goto out; 12562306a36Sopenharmony_ci 12662306a36Sopenharmony_ci if (retlen != master->erasesize) { 12762306a36Sopenharmony_ci ret = -EIO; 12862306a36Sopenharmony_ci goto out; 12962306a36Sopenharmony_ci } 13062306a36Sopenharmony_ci 13162306a36Sopenharmony_ci numslots = (master->erasesize / sizeof(struct fis_image_desc)); 13262306a36Sopenharmony_ci for (i = 0; i < numslots; i++) { 13362306a36Sopenharmony_ci if (!memcmp(buf[i].name, "FIS directory", 14)) { 13462306a36Sopenharmony_ci /* This is apparently the FIS directory entry for the 13562306a36Sopenharmony_ci * FIS directory itself. The FIS directory size is 13662306a36Sopenharmony_ci * one erase block; if the buf[i].size field is 13762306a36Sopenharmony_ci * swab32(erasesize) then we know we are looking at 13862306a36Sopenharmony_ci * a byte swapped FIS directory - swap all the entries! 13962306a36Sopenharmony_ci * (NOTE: this is 'size' not 'data_length'; size is 14062306a36Sopenharmony_ci * the full size of the entry.) 14162306a36Sopenharmony_ci */ 14262306a36Sopenharmony_ci 14362306a36Sopenharmony_ci /* RedBoot can combine the FIS directory and 14462306a36Sopenharmony_ci config partitions into a single eraseblock; 14562306a36Sopenharmony_ci we assume wrong-endian if either the swapped 14662306a36Sopenharmony_ci 'size' matches the eraseblock size precisely, 14762306a36Sopenharmony_ci or if the swapped size actually fits in an 14862306a36Sopenharmony_ci eraseblock while the unswapped size doesn't. */ 14962306a36Sopenharmony_ci if (swab32(buf[i].size) == master->erasesize || 15062306a36Sopenharmony_ci (buf[i].size > master->erasesize 15162306a36Sopenharmony_ci && swab32(buf[i].size) < master->erasesize)) { 15262306a36Sopenharmony_ci int j; 15362306a36Sopenharmony_ci /* Update numslots based on actual FIS directory size */ 15462306a36Sopenharmony_ci numslots = swab32(buf[i].size) / sizeof(struct fis_image_desc); 15562306a36Sopenharmony_ci for (j = 0; j < numslots; ++j) { 15662306a36Sopenharmony_ci /* A single 0xff denotes a deleted entry. 15762306a36Sopenharmony_ci * Two of them in a row is the end of the table. 15862306a36Sopenharmony_ci */ 15962306a36Sopenharmony_ci if (buf[j].name[0] == 0xff) { 16062306a36Sopenharmony_ci if (buf[j].name[1] == 0xff) { 16162306a36Sopenharmony_ci break; 16262306a36Sopenharmony_ci } else { 16362306a36Sopenharmony_ci continue; 16462306a36Sopenharmony_ci } 16562306a36Sopenharmony_ci } 16662306a36Sopenharmony_ci 16762306a36Sopenharmony_ci /* The unsigned long fields were written with the 16862306a36Sopenharmony_ci * wrong byte sex, name and pad have no byte sex. 16962306a36Sopenharmony_ci */ 17062306a36Sopenharmony_ci swab32s(&buf[j].flash_base); 17162306a36Sopenharmony_ci swab32s(&buf[j].mem_base); 17262306a36Sopenharmony_ci swab32s(&buf[j].size); 17362306a36Sopenharmony_ci swab32s(&buf[j].entry_point); 17462306a36Sopenharmony_ci swab32s(&buf[j].data_length); 17562306a36Sopenharmony_ci swab32s(&buf[j].desc_cksum); 17662306a36Sopenharmony_ci swab32s(&buf[j].file_cksum); 17762306a36Sopenharmony_ci } 17862306a36Sopenharmony_ci } else if (buf[i].size < master->erasesize) { 17962306a36Sopenharmony_ci /* Update numslots based on actual FIS directory size */ 18062306a36Sopenharmony_ci numslots = buf[i].size / sizeof(struct fis_image_desc); 18162306a36Sopenharmony_ci } 18262306a36Sopenharmony_ci break; 18362306a36Sopenharmony_ci } 18462306a36Sopenharmony_ci } 18562306a36Sopenharmony_ci if (i == numslots) { 18662306a36Sopenharmony_ci /* Didn't find it */ 18762306a36Sopenharmony_ci pr_notice("No RedBoot partition table detected in %s\n", 18862306a36Sopenharmony_ci master->name); 18962306a36Sopenharmony_ci ret = 0; 19062306a36Sopenharmony_ci goto out; 19162306a36Sopenharmony_ci } 19262306a36Sopenharmony_ci 19362306a36Sopenharmony_ci for (i = 0; i < numslots; i++) { 19462306a36Sopenharmony_ci struct fis_list *new_fl, **prev; 19562306a36Sopenharmony_ci 19662306a36Sopenharmony_ci if (buf[i].name[0] == 0xff) { 19762306a36Sopenharmony_ci if (buf[i].name[1] == 0xff) { 19862306a36Sopenharmony_ci break; 19962306a36Sopenharmony_ci } else { 20062306a36Sopenharmony_ci continue; 20162306a36Sopenharmony_ci } 20262306a36Sopenharmony_ci } 20362306a36Sopenharmony_ci if (!redboot_checksum(&buf[i])) 20462306a36Sopenharmony_ci break; 20562306a36Sopenharmony_ci 20662306a36Sopenharmony_ci new_fl = kmalloc(sizeof(struct fis_list), GFP_KERNEL); 20762306a36Sopenharmony_ci namelen += strlen(buf[i].name) + 1; 20862306a36Sopenharmony_ci if (!new_fl) { 20962306a36Sopenharmony_ci ret = -ENOMEM; 21062306a36Sopenharmony_ci goto out; 21162306a36Sopenharmony_ci } 21262306a36Sopenharmony_ci new_fl->img = &buf[i]; 21362306a36Sopenharmony_ci if (data && data->origin) 21462306a36Sopenharmony_ci buf[i].flash_base -= data->origin; 21562306a36Sopenharmony_ci else 21662306a36Sopenharmony_ci buf[i].flash_base &= master->size - 1; 21762306a36Sopenharmony_ci 21862306a36Sopenharmony_ci /* I'm sure the JFFS2 code has done me permanent damage. 21962306a36Sopenharmony_ci * I now think the following is _normal_ 22062306a36Sopenharmony_ci */ 22162306a36Sopenharmony_ci prev = &fl; 22262306a36Sopenharmony_ci while (*prev && (*prev)->img->flash_base < new_fl->img->flash_base) 22362306a36Sopenharmony_ci prev = &(*prev)->next; 22462306a36Sopenharmony_ci new_fl->next = *prev; 22562306a36Sopenharmony_ci *prev = new_fl; 22662306a36Sopenharmony_ci 22762306a36Sopenharmony_ci nrparts++; 22862306a36Sopenharmony_ci } 22962306a36Sopenharmony_ci#ifdef CONFIG_MTD_REDBOOT_PARTS_UNALLOCATED 23062306a36Sopenharmony_ci if (fl->img->flash_base) { 23162306a36Sopenharmony_ci nrparts++; 23262306a36Sopenharmony_ci nulllen = sizeof(nullstring); 23362306a36Sopenharmony_ci } 23462306a36Sopenharmony_ci 23562306a36Sopenharmony_ci for (tmp_fl = fl; tmp_fl->next; tmp_fl = tmp_fl->next) { 23662306a36Sopenharmony_ci if (tmp_fl->img->flash_base + tmp_fl->img->size + master->erasesize <= tmp_fl->next->img->flash_base) { 23762306a36Sopenharmony_ci nrparts++; 23862306a36Sopenharmony_ci nulllen = sizeof(nullstring); 23962306a36Sopenharmony_ci } 24062306a36Sopenharmony_ci } 24162306a36Sopenharmony_ci#endif 24262306a36Sopenharmony_ci parts = kzalloc(sizeof(*parts) * nrparts + nulllen + namelen, GFP_KERNEL); 24362306a36Sopenharmony_ci 24462306a36Sopenharmony_ci if (!parts) { 24562306a36Sopenharmony_ci ret = -ENOMEM; 24662306a36Sopenharmony_ci goto out; 24762306a36Sopenharmony_ci } 24862306a36Sopenharmony_ci 24962306a36Sopenharmony_ci nullname = (char *)&parts[nrparts]; 25062306a36Sopenharmony_ci#ifdef CONFIG_MTD_REDBOOT_PARTS_UNALLOCATED 25162306a36Sopenharmony_ci if (nulllen > 0) 25262306a36Sopenharmony_ci strcpy(nullname, nullstring); 25362306a36Sopenharmony_ci#endif 25462306a36Sopenharmony_ci names = nullname + nulllen; 25562306a36Sopenharmony_ci 25662306a36Sopenharmony_ci i = 0; 25762306a36Sopenharmony_ci 25862306a36Sopenharmony_ci#ifdef CONFIG_MTD_REDBOOT_PARTS_UNALLOCATED 25962306a36Sopenharmony_ci if (fl->img->flash_base) { 26062306a36Sopenharmony_ci parts[0].name = nullname; 26162306a36Sopenharmony_ci parts[0].size = fl->img->flash_base; 26262306a36Sopenharmony_ci parts[0].offset = 0; 26362306a36Sopenharmony_ci i++; 26462306a36Sopenharmony_ci } 26562306a36Sopenharmony_ci#endif 26662306a36Sopenharmony_ci for ( ; i < nrparts; i++) { 26762306a36Sopenharmony_ci parts[i].size = fl->img->size; 26862306a36Sopenharmony_ci parts[i].offset = fl->img->flash_base; 26962306a36Sopenharmony_ci parts[i].name = names; 27062306a36Sopenharmony_ci 27162306a36Sopenharmony_ci strcpy(names, fl->img->name); 27262306a36Sopenharmony_ci#ifdef CONFIG_MTD_REDBOOT_PARTS_READONLY 27362306a36Sopenharmony_ci if (!memcmp(names, "RedBoot", 8) || 27462306a36Sopenharmony_ci !memcmp(names, "RedBoot config", 15) || 27562306a36Sopenharmony_ci !memcmp(names, "FIS directory", 14)) { 27662306a36Sopenharmony_ci parts[i].mask_flags = MTD_WRITEABLE; 27762306a36Sopenharmony_ci } 27862306a36Sopenharmony_ci#endif 27962306a36Sopenharmony_ci names += strlen(names) + 1; 28062306a36Sopenharmony_ci 28162306a36Sopenharmony_ci#ifdef CONFIG_MTD_REDBOOT_PARTS_UNALLOCATED 28262306a36Sopenharmony_ci if (fl->next && fl->img->flash_base + fl->img->size + master->erasesize <= fl->next->img->flash_base) { 28362306a36Sopenharmony_ci i++; 28462306a36Sopenharmony_ci parts[i].offset = parts[i - 1].size + parts[i - 1].offset; 28562306a36Sopenharmony_ci parts[i].size = fl->next->img->flash_base - parts[i].offset; 28662306a36Sopenharmony_ci parts[i].name = nullname; 28762306a36Sopenharmony_ci } 28862306a36Sopenharmony_ci#endif 28962306a36Sopenharmony_ci tmp_fl = fl; 29062306a36Sopenharmony_ci fl = fl->next; 29162306a36Sopenharmony_ci kfree(tmp_fl); 29262306a36Sopenharmony_ci } 29362306a36Sopenharmony_ci ret = nrparts; 29462306a36Sopenharmony_ci *pparts = parts; 29562306a36Sopenharmony_ci out: 29662306a36Sopenharmony_ci while (fl) { 29762306a36Sopenharmony_ci struct fis_list *old = fl; 29862306a36Sopenharmony_ci 29962306a36Sopenharmony_ci fl = fl->next; 30062306a36Sopenharmony_ci kfree(old); 30162306a36Sopenharmony_ci } 30262306a36Sopenharmony_ci vfree(buf); 30362306a36Sopenharmony_ci return ret; 30462306a36Sopenharmony_ci} 30562306a36Sopenharmony_ci 30662306a36Sopenharmony_cistatic const struct of_device_id mtd_parser_redboot_of_match_table[] = { 30762306a36Sopenharmony_ci { .compatible = "redboot-fis" }, 30862306a36Sopenharmony_ci {}, 30962306a36Sopenharmony_ci}; 31062306a36Sopenharmony_ciMODULE_DEVICE_TABLE(of, mtd_parser_redboot_of_match_table); 31162306a36Sopenharmony_ci 31262306a36Sopenharmony_cistatic struct mtd_part_parser redboot_parser = { 31362306a36Sopenharmony_ci .parse_fn = parse_redboot_partitions, 31462306a36Sopenharmony_ci .name = "RedBoot", 31562306a36Sopenharmony_ci .of_match_table = mtd_parser_redboot_of_match_table, 31662306a36Sopenharmony_ci}; 31762306a36Sopenharmony_cimodule_mtd_part_parser(redboot_parser); 31862306a36Sopenharmony_ci 31962306a36Sopenharmony_ci/* mtd parsers will request the module by parser name */ 32062306a36Sopenharmony_ciMODULE_ALIAS("RedBoot"); 32162306a36Sopenharmony_ciMODULE_LICENSE("GPL"); 32262306a36Sopenharmony_ciMODULE_AUTHOR("David Woodhouse <dwmw2@infradead.org>"); 32362306a36Sopenharmony_ciMODULE_DESCRIPTION("Parsing code for RedBoot Flash Image System (FIS) tables"); 324