/*
* Takes a string and what the string should be, and assumes the test passes
* if those strings match (using strcmp).
*/
void
is_string(const char *wanted, const char *seen, const char *format, ...)
{
if (wanted == NULL)
wanted = "(null)";
if (seen == NULL)
seen = "(null)";
fflush(stderr);
if (strcmp(wanted, seen) == 0)
printf("ok %lu", testnum++);
else {
printf("# wanted: %s\n# seen: %s\n", wanted, seen);
printf("not ok %lu", testnum++);
_failed++;
}
if (format != NULL) {
va_list args;
va_start(args, format);
print_desc(format, args);
va_end(args);
}
putchar('\n');
}
int main(int argc, char* argv[])
{
if (getpid() != 1)
return client(argc, argv);
/*
* Hello world.
*/
banner();
/*
* Initial setup of signals, ignore all until we're up.
*/
sig_init();
/*
* Mount base file system, kernel is assumed to run devtmpfs for /dev
*/
chdir("/");
umask(0);
mount("none", "/proc", "proc", 0, NULL);
mount("none", "/proc/bus/usb", "usbfs", 0, NULL);
mount("none", "/sys", "sysfs", 0, NULL);
mkdir("/dev/pts", 0755);
mkdir("/dev/shm", 0755);
mount("none", "/dev/pts", "devpts", 0, "gid=5,mode=620");
mount("none", "/dev/shm", "tmpfs", 0, NULL);
umask(022);
/*
* Parse kernel parameters
*/
parse_kernel_cmdline();
/*
* Populate /dev and prepare for runtime events from kernel.
*/
run_interactive(SETUP_DEVFS, "Populating device tree");
/*
* Parse configuration file
*/
parse_finit_conf(FINIT_CONF);
/*
* Load plugins. Must run after finit.conf has registered
* all services, or service plugins won't have anything to
* hook on to.
*/
print_desc("Loading plugins", NULL);
print_result(plugin_load_all(PLUGIN_PATH));
/*
* Mount filesystems
*/
#ifdef REMOUNT_ROOTFS_RW
run("/bin/mount -n -o remount,rw /");
#endif
#ifdef SYSROOT
run(SYSROOT, "/", NULL, MS_MOVE, NULL);
#endif
_d("Root FS up, calling hooks ...");
plugin_run_hooks(HOOK_ROOTFS_UP);
umask(0);
run("/bin/mount -na");
run("/sbin/swapon -ea");
umask(0022);
/* Cleanup stale files, if any still linger on. */
run_interactive("rm -rf /tmp/* /var/run/* /var/lock/*", "Cleanup temporary directories");
/* Base FS up, enable standard SysV init signals */
sig_setup();
_d("Base FS up, calling hooks ...");
plugin_run_hooks(HOOK_BASEFS_UP);
/*
* Start all bootstrap tasks, no network available!
*/
svc_bootstrap();
/*
* Network stuff
*/
/* Setup kernel specific settings, e.g. allow broadcast ping, etc. */
run("/sbin/sysctl -e -p /etc/sysctl.conf >/dev/null");
/* Set initial hostname. */
set_hostname(hostname);
ifconfig("lo", "127.0.0.1", "255.0.0.0", 1);
if (network)
run_interactive(network, "Starting networking: %s", network);
umask(022);
/* Hooks that rely on loopback, or basic networking being up. */
plugin_run_hooks(HOOK_NETWORK_UP);
/*
* Start all tasks/services in the configured runlevel
*/
svc_runlevel(cfglevel);
_d("Running svc up hooks ...");
plugin_run_hooks(HOOK_SVC_UP);
/*
* Run startup scripts in /etc/finit.d/, if any.
*/
if (rcsd && fisdir(rcsd)) {
_d("Running startup scripts in %s ...", rcsd);
run_parts(rcsd, NULL);
}
/* Hooks that should run at the very end */
plugin_run_hooks(HOOK_SYSTEM_UP);
/*
* Enter main loop to monior /dev/initctl and services
*/
return run_loop();
}
static void print_item(const module_t *m, const module_config_t *item,
const module_config_t **section, bool color, bool desc)
{
#ifndef _WIN32
# define OPTION_VALUE_SEP " "
#else
# define OPTION_VALUE_SEP "="
#endif
const char *bra = OPTION_VALUE_SEP "<", *type, *ket = ">";
const char *prefix = NULL, *suffix = NULL;
char *typebuf = NULL;
switch (CONFIG_CLASS(item->i_type))
{
case 0: // hint class
switch (item->i_type)
{
case CONFIG_HINT_CATEGORY:
case CONFIG_HINT_USAGE:
printf(color ? GREEN "\n %s\n" GRAY : "\n %s\n",
module_gettext(m, item->psz_text));
if (desc && item->psz_longtext != NULL)
printf(color ? CYAN " %s\n" GRAY : " %s\n",
module_gettext(m, item->psz_longtext));
break;
case CONFIG_SECTION:
*section = item;
break;
}
return;
case CONFIG_ITEM_STRING:
type = _("string");
if (item->list_count > 0)
{
size_t len = 0;
for (unsigned i = 0; i < item->list_count; i++)
len += strlen(item->list.psz[i]) + 1;
typebuf = malloc(len);
if (typebuf == NULL)
break;
bra = OPTION_VALUE_SEP "{";
type = typebuf;
ket = "}";
*typebuf = 0;
for (unsigned i = 0; i < item->list_count; i++)
{
if (i > 0)
strcat(typebuf, ",");
strcat(typebuf, item->list.psz[i]);
}
}
break;
case CONFIG_ITEM_INTEGER:
type = _("integer");
if (item->list_count > 0)
{
size_t len = 0;
for (unsigned i = 0; i < item->list_count; i++)
len += strlen(module_gettext(m, item->list_text[i]))
+ 4 * sizeof (int) + 5;
typebuf = malloc(len);
if (typebuf == NULL)
break;
bra = OPTION_VALUE_SEP "{";
type = typebuf;
ket = "}";
*typebuf = 0;
for (unsigned i = 0; i < item->list_count; i++)
{
if (i != 0)
strcat(typebuf, ", ");
sprintf(typebuf + strlen(typebuf), "%i (%s)",
item->list.i[i],
module_gettext(m, item->list_text[i]));
}
}
else if (item->min.i != 0 || item->max.i != 0)
{
if (asprintf(&typebuf, "%s [%"PRId64" .. %"PRId64"]",
type, item->min.i, item->max.i) >= 0)
type = typebuf;
else
typebuf = NULL;
}
break;
case CONFIG_ITEM_FLOAT:
type = _("float");
if (item->min.f != 0.f || item->max.f != 0.f)
{
if (asprintf(&typebuf, "%s [%f .. %f]", type,
item->min.f, item->max.f) >= 0)
type = typebuf;
else
typebuf = NULL;
}
break;
case CONFIG_ITEM_BOOL:
bra = type = ket = "";
prefix = ", --no-";
suffix = item->value.i ? _("(default enabled)")
: _("(default disabled)");
break;
default:
return;
}
print_section(m, section, color, desc);
/* Add short option if any */
char shortopt[4];
if (item->i_short != '\0')
sprintf(shortopt, "-%c,", item->i_short);
else
strcpy(shortopt, " ");
if (CONFIG_CLASS(item->i_type) == CONFIG_ITEM_BOOL)
printf(color ? WHITE" %s --%s" "%s%s%s%s%s "GRAY
: " %s --%s%s%s%s%s%s ", shortopt, item->psz_name,
prefix, item->psz_name, bra, type, ket);
else
printf(color ? WHITE" %s --%s"YELLOW"%s%s%s%s%s "GRAY
: " %s --%s%s%s%s%s%s ", shortopt, item->psz_name,
"", "", /* XXX */ bra, type, ket);
/* Wrap description */
int offset = PADDING_SPACES - strlen(item->psz_name)
- strlen(bra) - vlc_swidth(type) - strlen(ket) - 1;
if (CONFIG_CLASS(item->i_type) == CONFIG_ITEM_BOOL)
offset -= strlen(item->psz_name) + vlc_swidth(prefix);
if (offset < 0)
{
putchar('\n');
offset = PADDING_SPACES + LINE_START;
}
printf("%*s", offset, "");
print_desc(module_gettext(m, item->psz_longtext),
PADDING_SPACES + LINE_START, color);
if (suffix != NULL)
{
printf("%*s", offset, "");
print_desc(suffix, PADDING_SPACES + LINE_START, color);
}
if (desc && (item->psz_longtext != NULL && item->psz_longtext[0]))
{ /* Wrap long description */
printf("%*s", LINE_START + 2, "");
print_desc(module_gettext(m, item->psz_longtext),
LINE_START + 2, false);
}
free(typebuf);
}
/* Remember: service_enabled() must be called before calling service_start() */
int service_start(svc_t *svc)
{
int respawn, sd = 0;
pid_t pid;
sigset_t nmask, omask;
if (!svc)
return 1;
respawn = svc->pid != 0;
/* Don't try and start service if it doesn't exist. */
if (!fexist(svc->cmd) && !svc->inetd.cmd) {
if (verbose) {
char msg[80];
snprintf(msg, sizeof(msg), "Service %s does not exist!", svc->cmd);
print_desc("", msg);
print_result(1);
}
return 1;
}
/* Ignore if finit is SIGSTOP'ed */
if (is_norespawn())
return 0;
#ifndef INETD_DISABLED
if (svc_is_inetd(svc)) {
char ifname[IF_NAMESIZE] = "UNKNOWN";
sd = svc->inetd.watcher.fd;
if (svc->inetd.type == SOCK_STREAM) {
/* Open new client socket from server socket */
sd = accept(sd, NULL, NULL);
if (sd < 0) {
FLOG_PERROR("Failed accepting inetd service %d/tcp", svc->inetd.port);
return 1;
}
_d("New client socket %d accepted for inetd service %d/tcp", sd, svc->inetd.port);
/* Find ifname by means of getsockname() and getifaddrs() */
inetd_stream_peek(sd, ifname);
} else { /* SOCK_DGRAM */
/* Find ifname by means of IP_PKTINFO sockopt --> ifindex + if_indextoname() */
inetd_dgram_peek(sd, ifname);
}
if (!inetd_is_allowed(&svc->inetd, ifname)) {
FLOG_INFO("Service %s on port %d not allowed from interface %s.",
svc->inetd.name, svc->inetd.port, ifname);
if (svc->inetd.type == SOCK_STREAM)
close(sd);
return 1;
}
FLOG_INFO("Starting inetd service %s for requst from iface %s ...", svc->inetd.name, ifname);
} else
#endif
if (verbose) {
if (svc_is_daemon(svc))
print_desc("", svc->desc);
else if (!respawn)
print_desc("Starting ", svc->desc);
}
/* Block sigchild while forking. */
sigemptyset(&nmask);
sigaddset(&nmask, SIGCHLD);
sigprocmask(SIG_BLOCK, &nmask, &omask);
pid = fork();
sigprocmask(SIG_SETMASK, &omask, NULL);
if (pid == 0) {
int i = 0;
int status;
#ifdef ENABLE_STATIC
int uid = 0; /* XXX: Fix better warning that dropprivs is disabled. */
#else
int uid = getuser(svc->username);
#endif
struct sigaction sa;
char *args[MAX_NUM_SVC_ARGS];
sigemptyset(&nmask);
sigaddset(&nmask, SIGCHLD);
sigprocmask(SIG_UNBLOCK, &nmask, NULL);
/* Reset signal handlers that were set by the parent process */
for (i = 1; i < NSIG; i++)
DFLSIG(sa, i, 0);
/* Set desired user */
if (uid >= 0) {
setuid(uid);
/* Set default path for regular users */
if (uid > 0)
setenv("PATH", _PATH_DEFPATH, 1);
}
/* Serve copy of args to process in case it modifies them. */
for (i = 0; i < (MAX_NUM_SVC_ARGS - 1) && svc->args[i][0] != 0; i++)
args[i] = svc->args[i];
args[i] = NULL;
/* Redirect inetd socket to stdin for service */
if (svc_is_inetd(svc)) {
/* sd set previously */
dup2(sd, STDIN_FILENO);
close(sd);
dup2(STDIN_FILENO, STDOUT_FILENO);
dup2(STDIN_FILENO, STDERR_FILENO);
} else if (debug) {
int fd;
char buf[CMD_SIZE] = "";
fd = open(CONSOLE, O_WRONLY | O_APPEND);
if (-1 != fd) {
dup2(fd, STDOUT_FILENO);
dup2(fd, STDERR_FILENO);
close(fd);
}
for (i = 0; i < MAX_NUM_SVC_ARGS && args[i]; i++) {
char arg[MAX_ARG_LEN];
snprintf(arg, sizeof(arg), "%s ", args[i]);
if (strlen(arg) < (sizeof(buf) - strlen(buf)))
strcat(buf, arg);
}
_e("%starting %s: %s", respawn ? "Res" : "S", svc->cmd, buf);
}
if (svc->inetd.cmd)
status = svc->inetd.cmd(svc->inetd.type);
else
status = execv(svc->cmd, args); /* XXX: Maybe use execve() to be able to launch scripts? */
if (svc_is_inetd(svc)) {
if (svc->inetd.type == SOCK_STREAM) {
close(STDIN_FILENO);
close(STDOUT_FILENO);
close(STDERR_FILENO);
}
}
exit(status);
}
svc->pid = pid;
if (svc_is_inetd(svc)) {
if (svc->inetd.type == SOCK_STREAM)
close(sd);
} else {
int result;
if (SVC_TYPE_RUN == svc->type)
result = WEXITSTATUS(complete(svc->cmd, pid));
else if (!respawn)
result = svc->pid > 1 ? 0 : 1;
else
result = 0;
if (verbose)
print_result(result);
}
return 0;
}
int run_interactive(char *cmd, char *fmt, ...)
{
int status, oldout = 1, olderr = 2;
char line[LINE_SIZE];
va_list ap;
FILE *fp;
if (!cmd) {
errno = EINVAL;
return 1;
}
if (verbose && fmt) {
va_start(ap, fmt);
vsnprintf(line, sizeof(line), fmt, ap);
va_end(ap);
print_desc("", line);
}
/* Redirect output from cmd to a tempfile */
fp = tempfile();
if (fp && !debug) {
oldout = dup(STDOUT_FILENO);
olderr = dup(STDERR_FILENO);
dup2(fileno(fp), STDOUT_FILENO);
dup2(fileno(fp), STDERR_FILENO);
}
/* Run cmd ... */
status = run(cmd);
/* Restore stderr/stdout */
if (fp && !debug) {
if (oldout >= 0) {
dup2(oldout, STDOUT_FILENO);
close(oldout);
}
if (olderr >= 0) {
dup2(olderr, STDERR_FILENO);
close(olderr);
}
}
if (verbose && fmt)
print_result(status);
/* Dump any results of cmd on stderr after we've printed [ OK ] or [FAIL] */
if (fp && !debug) {
size_t len, written;
rewind(fp);
do {
len = fread(line, 1, sizeof(line), fp);
written = fwrite(line, len, sizeof(char), stderr);
} while (len > 0 && written == len);
}
if (fp)
fclose(fp);
return status;
}
int main(int UNUSED(args), char *argv[])
{
/*
* Initial setup of signals, ignore all until we're up.
*/
sig_init();
/*
* Mount base file system, kernel is assumed to run devtmpfs for /dev
*/
chdir("/");
umask(0);
mount("none", "/proc", "proc", 0, NULL);
mount("none", "/proc/bus/usb", "usbfs", 0, NULL);
mount("none", "/sys", "sysfs", 0, NULL);
mkdir("/dev/pts", 0755);
mkdir("/dev/shm", 0755);
mount("none", "/dev/pts", "devpts", 0, "gid=5,mode=620");
mount("none", "/dev/shm", "tmpfs", 0, NULL);
umask(022);
/*
* Parse kernel parameters
*/
parse_kernel_cmdline();
cls();
echo("finit " VERSION " (built " __DATE__ " " __TIME__ " by " WHOAMI ")");
/*
* Populate /dev and prepare for runtime events from kernel.
*/
#if defined(USE_UDEV)
run_interactive("udevd --daemon", "Populating device tree");
#elif defined (MDEV)
run_interactive(MDEV " -s", "Populating device tree");
#endif
/*
* Parse configuration file
*/
parse_finit_conf(FINIT_CONF);
/*
* Load plugins. Must run after finit.conf has registered
* all services, or service plugins won't have anything to
* hook on to.
*/
print_desc("", "Loading plugins");
print_result(plugin_load_all(PLUGIN_PATH));
/*
* Mount filesystems
*/
_d("Mount filesystems in /etc/fstab ...");
#ifdef REMOUNT_ROOTFS_RW
run("/bin/mount -n -o remount,rw /");
#endif
#ifdef SYSROOT
run(SYSROOT, "/", NULL, MS_MOVE, NULL);
#endif
_d("Root FS up, calling hooks ...");
plugin_run_hooks(HOOK_ROOTFS_UP);
umask(0);
run("/bin/mount -na");
run("/sbin/swapon -ea");
umask(0022);
/* Cleanup stale files, if any still linger on. */
run_interactive("rm -rf /tmp/* /var/run/* /var/lock/*", "Cleanup temporary directories");
/*
* Base FS up, enable standard SysV init signals
*/
sig_setup();
_d("Base FS up, calling hooks ...");
plugin_run_hooks(HOOK_BASEFS_UP);
/*
* Network stuff
*/
/* Setup kernel specific settings, e.g. allow broadcast ping, etc. */
run("/sbin/sysctl -e -p /etc/sysctl.conf >/dev/null");
/* Set initial hostname. */
set_hostname(hostname);
ifconfig("lo", "127.0.0.1", "255.0.0.0", 1);
if (network)
run_interactive(network, "Starting networking: %s", network);
umask(022);
/*
* Hooks that rely on loopback, or basic networking being up.
*/
plugin_run_hooks(HOOK_NETWORK_UP);
/*
* Start service monitor framework
*/
_d("Starting all static services from %s", FINIT_CONF);
svc_start_all();
/*
* Run startup scripts in /etc/finit.d/, if any.
*/
if (rcsd && fisdir(rcsd)) {
_d("Running startup scripts in %s ...", rcsd);
run_parts(rcsd, NULL);
}
/*
* Hooks that should run at the very end
*/
plugin_run_hooks(HOOK_SYSTEM_UP);
/* Start GETTY on console */
_d("Starting getty on console ...");
run_getty(GETTY, argv);
/*
* Enter main loop to monior /dev/initctl and services
*/
_d("Entering main loop ...");
return run_loop();
}
static int do_erase(char *dev)
{
int fd;
size_t i;
mtd_info_t mtd;
fd = open(dev, O_RDWR | O_SYNC);
if (-1 == fd)
return 1;
memset(&mtd, 0, sizeof(mtd));
if (ioctl(fd, MEMGETINFO, &mtd) < 0 || mtd.erasesize <= 0) {
close(fd);
return 1;
}
for (i = 0; i < mtd.size / mtd.erasesize; i++) {
erase_info_t this = {
.start = i * mtd.erasesize,
.length = mtd.erasesize
};
/* Yield CPU once in a while, to not starve watchdogd */
sched_yield();
if (ioctl(fd, MEMERASE, &this) < 0) {
close(fd);
return 1;
}
}
return close(fd);
}
static void mount_error (void *UNUSED(arg))
{
struct mtd_info_user mtd;
char dev[10];
if (is_mounted("mtd:" MTD_CONFIG_LABEL))
return;
if (!find_mtd(MTD_CONFIG_LABEL, dev, sizeof(dev)))
return;
print_desc("Erasing corrupt configuration partition", NULL);
print_result(do_erase(dev));
/* Finit has not setup any signals yet, sys_reboot() won't work */
reboot(RB_AUTOBOOT);
}
static plugin_t plugin = {
.hook[HOOK_MOUNT_ERROR] = { .cb = mount_error },
};
PLUGIN_INIT(plugin_init)
{
plugin_register(&plugin);
}
PLUGIN_EXIT(plugin_exit)
{
plugin_unregister(&plugin);
}
/*
* This function prepares the In descriptor.
* Prepares the descriptor based on the SA encryption/authentication
* algorithms.
*/
void secfp_prepareInDescriptor(struct sk_buff *skb,
void *pData, void *descriptor,
unsigned int ulIndex)
{
unsigned int *tgt, *src;
dma_addr_t addr;
inSA_t *pSA = (inSA_t *)pData;
unsigned char *pNounceIVCounter;
unsigned int *ptr1;
int len;
struct talitos_desc *desc = (struct talitos_desc *)descriptor;
if (!ulIndex) { /* first iteration */
addr = dma_map_single(pdev, skb->data,
(skb->len + 12 +
SECFP_APPEND_BUF_LEN_FIELD +
SECFP_NOUNCE_IV_LEN), DMA_TO_DEVICE);
ptr1 = (unsigned int *)&(skb->cb[SECFP_SKB_DATA_DMA_INDEX]);
*ptr1 = addr;
ASFIPSEC_DEBUG("ulIndex = %d: addr = 0x%x",
ulIndex, addr);
} else {
/* Take information from the cb field */
addr = *(unsigned int *)&(skb->cb[SECFP_SKB_DATA_DMA_INDEX]);
ASFIPSEC_DEBUG("ulIndex= %d: addr = 0x%x",
ulIndex, addr);
}
desc->hdr_lo = 0;
switch (pSA->option[ulIndex]) {
case SECFP_AUTH:
{
desc->hdr = pSA->hdr_Auth_template_0;
ASFIPSEC_DEBUG("skb->len = %d, addr = 0x%x, pSA->SAParams.uICVSize =%d",
skb->len, addr, pSA->SAParams.uICVSize);
SECFP_SET_DESC_PTR(desc->ptr[0], 0, 0, 0)
SECFP_SET_DESC_PTR(desc->ptr[1], 0, 0, 0)
SECFP_SET_DESC_PTR(desc->ptr[2],
pSA->SAParams.AuthKeyLen,
pSA->AuthKeyDmaAddr, 0)
if (pSA->SAParams.bUseExtendedSequenceNumber) {
len = skb->len + SECFP_APPEND_BUF_LEN_FIELD;
} else {
len = skb->len;
}
/* Setting up data */
SECFP_SET_DESC_PTR(desc->ptr[3], len - 12, addr, 0)
/* Setting up ICV Check :
Only when AES_XCBC_MAC is not programmed */
if (pSA->SAParams.ucAuthAlgo != SECFP_HMAC_AES_XCBC_MAC) {
SECFP_SET_DESC_PTR(desc->ptr[4], pSA->SAParams.uICVSize,
addr + len - pSA->SAParams.uICVSize, 0)
SECFP_SET_DESC_PTR(desc->ptr[6], 0, 0, 0);
} else {
SECFP_SET_DESC_PTR(desc->ptr[4], 0, 0, 0)
SECFP_SET_DESC_PTR(desc->ptr[6], pSA->SAParams.uICVSize,
addr + len, 0);
#ifdef ASF_IPSEC_DEBUG
{
int ii;
for (int ii = 0; ii < 3; ii++)
ASFIPSEC_DEBUG("Offset ii=%d 0x%8x", ii,
*(unsigned int *)&(skb->data[skb->len + ii*4]));
}
#endif
}
SECFP_SET_DESC_PTR(desc->ptr[5], 0, 0, 0);
print_desc(desc);
break;
}
case SECFP_CIPHER:
{
desc->hdr = pSA->desc_hdr_template;
if ((pSA->desc_hdr_template &
(DESC_HDR_MODE0_AES_CTR | DESC_HDR_SEL0_AESU))
== (DESC_HDR_MODE0_AES_CTR | DESC_HDR_SEL0_AESU)) {
/* Set up the AES Context field
- Need to validate this with soft crypto */
src = (unsigned int *)&(pSA->SAParams.ucNounceIVCounter);
pNounceIVCounter = skb->data + skb->len
+ SECFP_APPEND_BUF_LEN_FIELD + 12;
tgt = (unsigned int *)pNounceIVCounter;
/* Copying 2 integers of IV, Assumes that the first
4 bytes of Nounce is valid and the 16th byte
is set to 128; not sure why though? */
*(tgt) = *src;
*(tgt+3) = src[3];
src = (unsigned int *)(skb->data + SECFP_ESP_HDR_LEN);
*(tgt+1) = src[0];
*(tgt+2) = src[1];
SECFP_SET_DESC_PTR(desc->ptr[1], SECFP_COUNTER_BLK_LEN,
addr + skb->len
+ SECFP_APPEND_BUF_LEN_FIELD + 12, 0)
} else {
SECFP_SET_DESC_PTR(desc->ptr[1], pSA->SAParams.ulIvSize,
addr + SECFP_ESP_HDR_LEN, 0)
}
SECFP_SET_DESC_PTR(desc->ptr[2],
pSA->SAParams.EncKeyLen,
pSA->EncKeyDmaAddr, 0)
if ((ulIndex) && (skb->cb[SECFP_REF_INDEX] == 3)) {
/* We have queued the packet and
c/b has not yet triggered */
/* if 2nd iteration is encryption, then we need to
reduce the length by ICV Length */
SECFP_SET_DESC_PTR(desc->ptr[3],
skb->len - pSA->ulSecHdrLen - 12,
addr + pSA->ulSecHdrLen,
0)
SECFP_SET_DESC_PTR(desc->ptr[4],
skb->len - pSA->ulSecHdrLen - 12,
addr + pSA->ulSecHdrLen,
0)
} else {
/* In the 2 descriptor case, callback has triggered,
so we need not to reduce by the ICV length
*/
SECFP_SET_DESC_PTR(desc->ptr[3],
skb->len - pSA->ulSecHdrLen,
addr + pSA->ulSecHdrLen,
0);
SECFP_SET_DESC_PTR(desc->ptr[4],
skb->len - pSA->ulSecHdrLen,
addr + pSA->ulSecHdrLen,
0);
}
/* Set the descriptors 5 and 6 and 6 to 0 */
SECFP_SET_DESC_PTR(desc->ptr[5], 0, 0, 0)
SECFP_SET_DESC_PTR(desc->ptr[6], 0, 0, 0)
print_desc(desc);
break;
}
/*
* Function prepares the descriptors based on the encryption and authentication
* algorithm. The prepared descriptor is submitted to SEC.
*/
void secfp_prepareOutDescriptor(struct sk_buff *skb, void *pData,
void *descriptor, unsigned int ulOptionIndex)
{
dma_addr_t ptr;
unsigned int *src, *tgt;
unsigned char *pNounceIVCounter;
outSA_t *pSA = (outSA_t *) (pData);
int iDword, iDword1;
unsigned int *ptr1;
struct talitos_desc *desc = (struct talitos_desc *)descriptor;
if (!ulOptionIndex) { /* 1st iteration */
ASFIPSEC_DBGL2("prepareOutDescriptor: Doing DMA mapping");
ptr = dma_map_single(pdev, skb->data, (skb->len+12 +
SECFP_APPEND_BUF_LEN_FIELD+SECFP_NOUNCE_IV_LEN),
DMA_TO_DEVICE);
ptr1 = (unsigned int *) &(skb->cb[SECFP_SKB_DATA_DMA_INDEX]);
*ptr1 = ptr;
} else {
/* Take it from the skb->cb */
ptr = *(unsigned int *) &(skb->cb[SECFP_SKB_DATA_DMA_INDEX]);
ASFIPSEC_DBGL2("ptr = 0x%x", ptr);
}
desc->hdr_lo = 0;
switch (pSA->option[ulOptionIndex]) {
case SECFP_AUTH:
{
desc->hdr = pSA->hdr_Auth_template_0;
SECFP_SET_DESC_PTR(desc->ptr[0], 0, 0, 0);
SECFP_SET_DESC_PTR(desc->ptr[1], 0, 0, 0);
SECFP_SET_DESC_PTR(desc->ptr[2],
pSA->SAParams.AuthKeyLen,
pSA->AuthKeyDmaAddr,
0);
if (pSA->SAParams.bUseExtendedSequenceNumber) {
/* To be checked */
SECFP_SET_DESC_PTR(desc->ptr[3],
skb->len + SECFP_APPEND_BUF_LEN_FIELD,
ptr , 0);
} else {
SECFP_SET_DESC_PTR(desc->ptr[3],
skb->len, ptr, 0);
}
SECFP_SET_DESC_PTR(desc->ptr[4], 0, 0, 0);
if (!((pSA->hdr_Auth_template_0 & DESC_HDR_MODE0_AES_XCBC_MAC)
== DESC_HDR_MODE0_AES_XCBC_MAC)) {
iDword = 5;
iDword1 = 6;
} else {
iDword = 6;
iDword1 = 5;
}
SECFP_SET_DESC_PTR(desc->ptr[iDword],
pSA->SAParams.uICVSize,
ptr+skb->len , 0);
SECFP_SET_DESC_PTR(desc->ptr[iDword1],
0, 0, 0);
print_desc(desc);
break;
}
case SECFP_CIPHER:
{
desc->hdr = pSA->desc_hdr_template;
SECFP_SET_DESC_PTR(desc->ptr[0], 0, 0, 0);
if (((pSA->desc_hdr_template &
(DESC_HDR_MODE0_AES_CTR | DESC_HDR_SEL0_AESU))
== (DESC_HDR_MODE0_AES_CTR | DESC_HDR_SEL0_AESU)))
/* Set up the AES Context field */
{
src = (unsigned int *) pSA->SAParams.ucNounceIVCounter;
pNounceIVCounter = skb->data + skb->len
+ SECFP_APPEND_BUF_LEN_FIELD + 12;
tgt = (unsigned int *) pNounceIVCounter;
/* Copying 2 integers of IV, Assumes that the first
4 bytes of Nounce is valid and the 16th byte
is set to 128; not sure why though? */
*(tgt) = *src;
*(tgt + 3) = src[3];
src = (unsigned int *) (skb->data + SECFP_ESP_HDR_LEN);
*(tgt+1) = src[0];
*(tgt+2) = src[1];
/* todo-verify why we are setting COUNTER_BLK_LEN + 8 */
SECFP_SET_DESC_PTR(desc->ptr[1],
SECFP_COUNTER_BLK_LEN,
ptr + skb->len +
SECFP_APPEND_BUF_LEN_FIELD + 12,
0);
} else {
SECFP_SET_DESC_PTR(desc->ptr[1],
pSA->SAParams.ulIvSize,
ptr + SECFP_ESP_HDR_LEN,
0);
}
/* Copy the prepared encryption key */
SECFP_SET_DESC_PTR(desc->ptr[2],
pSA->SAParams.EncKeyLen,
pSA->EncKeyDmaAddr,
0);
SECFP_SET_DESC_PTR(desc->ptr[3],
skb->len - pSA->ulSecHdrLen,
ptr + pSA->ulSecHdrLen,
0);
SECFP_SET_DESC_PTR(desc->ptr[4],
skb->len - pSA->ulSecHdrLen,
ptr + pSA->ulSecHdrLen,
0);
/* removed 12 for extent */
SECFP_SET_DESC_PTR(desc->ptr[5], 0, 0, 0);
SECFP_SET_DESC_PTR(desc->ptr[6], 0, 0, 0);
print_desc(desc);
break;
}
case SECFP_BOTH:
{
desc->hdr = pSA->desc_hdr_template;
ASFIPSEC_PRINT("Desc->hdr = 0x%x", desc->hdr);
/* Set up Auth Key */
/* Copy the prepared authentication key */
SECFP_SET_DESC_PTR(desc->ptr[0],
pSA->SAParams.AuthKeyLen,
pSA->AuthKeyDmaAddr,
0);
ASFIPSEC_DBGL2("AuthkeyLen %d AuthKeyDmaAddr 0x%x\n",
pSA->SAParams.AuthKeyLen, pSA->AuthKeyDmaAddr);
ASFIPSEC_DBGL2("ulSecHdrLen = %d Auth Only data :"
"data ptr=0x%x", pSA->ulSecHdrLen, ptr);
SECFP_SET_DESC_PTR(desc->ptr[1],
pSA->ulSecHdrLen,
ptr,
0);
ASFIPSEC_DBGL2("ulSecHdrLen %d ptr 0c%x\n",
pSA->ulSecHdrLen, ptr);
ASFIPSEC_DBGL2("IVSize = %d, IVdataptr=0x%x, ",
pSA->SAParams.ulIvSize, ptr+SECFP_ESP_HDR_LEN);
SECFP_SET_DESC_PTR(desc->ptr[2],
pSA->SAParams.ulIvSize,
ptr + SECFP_ESP_HDR_LEN,
0);
/* Copy the prepared encryption key */
SECFP_SET_DESC_PTR(desc->ptr[3],
pSA->SAParams.EncKeyLen,
pSA->EncKeyDmaAddr,
0);
ASFIPSEC_DBGL2("EnckeyLen %d EncKeyDmaAddr 0c%x\n",
pSA->SAParams.EncKeyLen, pSA->EncKeyDmaAddr);
ASFIPSEC_DBGL2("Input data setup at 0x%x: len = %d",
ptr + pSA->ulSecHdrLen,
skb->len - pSA->ulSecHdrLen);
SECFP_SET_DESC_PTR(desc->ptr[4],
skb->len - pSA->ulSecHdrLen,
ptr + pSA->ulSecHdrLen,
0);
ASFIPSEC_DBGL2("Output data setup at 0x%x: len = %d",
ptr + pSA->ulSecHdrLen,
skb->len - pSA->ulSecHdrLen);
SECFP_SET_DESC_PTR(desc->ptr[5],
skb->len - pSA->ulSecHdrLen,
ptr + pSA->ulSecHdrLen,
12);
SECFP_SET_DESC_PTR(desc->ptr[6], 0, 0, 0);
print_desc(desc);
break;
}
case SECFP_AESCTR_BOTH:
{
desc->hdr = pSA->desc_hdr_template | pSA->hdr_Auth_template_1;
/* Set up Auth Key */
/* Copy the prepared authentication key */
SECFP_SET_DESC_PTR(desc->ptr[0],
pSA->SAParams.AuthKeyLen,
pSA->AuthKeyDmaAddr,
0);
SECFP_SET_DESC_PTR(desc->ptr[1],
pSA->ulSecHdrLen,
ptr ,
0);
/* Copy the prepared encryption key */
SECFP_SET_DESC_PTR(desc->ptr[2],
pSA->SAParams.EncKeyLen,
pSA->EncKeyDmaAddr,
0);
/* Set up the AES Context field - todo- validate it */
src = (unsigned int *) pSA->SAParams.ucNounceIVCounter;
pNounceIVCounter = skb->data + skb->len
+ SECFP_APPEND_BUF_LEN_FIELD + 12;
tgt = (unsigned int *) pNounceIVCounter;
/* Copying 2 integers of IV, Assumes that the
first 4 bytes of Nounce is valid and the 16th byte
is set to 128; not sure why though? */
*(tgt) = *src;
*(tgt + 3) = src[3];
src = (unsigned int *) (skb->data + SECFP_ESP_HDR_LEN);
*(tgt+1) = src[0];
*(tgt+2) = src[1];
/* Need to verify why we are setting COUNTER_BLK_LEN + 8 */
SECFP_SET_DESC_PTR(desc->ptr[3],
SECFP_COUNTER_BLK_LEN,
ptr + skb->len + SECFP_APPEND_BUF_LEN_FIELD + 12,
0);
SECFP_SET_DESC_PTR(desc->ptr[4],
skb->len - pSA->ulSecHdrLen,
ptr + pSA->ulSecHdrLen ,
0);
SECFP_SET_DESC_PTR(desc->ptr[5],
skb->len - pSA->ulSecHdrLen,
ptr + pSA->ulSecHdrLen,
0);
/* Where to put the ICV */
SECFP_SET_DESC_PTR(desc->ptr[6],
12,
ptr + skb->len ,
0);
break;
}
default:
ASFIPSEC_WARN("Unknown Option :: Index = %d ",
pSA->option[ulOptionIndex]);
break;
}
desc->hdr |= DESC_HDR_DONE_NOTIFY;
}
/* Remember: svc_enabled() must be called before calling svc_start() */
int svc_start(svc_t *svc)
{
int respawn = svc->pid != 0;
pid_t pid;
sigset_t nmask, omask;
char *args[MAX_NUM_SVC_ARGS];
if (!svc)
return 0;
/* Don't try and start service if it doesn't exist. */
if (!fexist(svc->cmd)) {
char msg[80];
snprintf(msg, sizeof(msg), "Service %s does not exist!", svc->cmd);
print_desc("", msg);
print_result(1);
return 0;
}
/* Ignore if finit is SIGSTOP'ed */
if (is_norespawn())
return 0;
if (!respawn)
print_desc("Starting ", svc->desc);
/* Block sigchild while forking. */
sigemptyset(&nmask);
sigaddset(&nmask, SIGCHLD);
sigprocmask(SIG_BLOCK, &nmask, &omask);
pid = fork();
sigprocmask(SIG_SETMASK, &omask, NULL);
if (pid == 0) {
int i = 0;
int uid = getuser(svc->username);
struct sigaction sa;
sigemptyset(&nmask);
sigaddset(&nmask, SIGCHLD);
sigprocmask(SIG_UNBLOCK, &nmask, NULL);
/* Reset signal handlers that were set by the parent process */
for (i = 1; i < NSIG; i++)
DFLSIG(sa, i, 0);
/* Set desired user */
if (uid >= 0)
setuid(uid);
/* Serve copy of args to process in case it modifies them. */
for (i = 0; svc->args[i][0] != 0 && i < MAX_NUM_SVC_ARGS; i++)
args[i] = svc->args[i];
args[i] = NULL;
if (debug) {
int fd;
char buf[CMD_SIZE] = "";
fd = open(CONSOLE, O_WRONLY | O_APPEND);
if (-1 != fd) {
dup2(STDOUT_FILENO, fd);
dup2(STDERR_FILENO, fd);
}
for (i = 0; args[i] && i < MAX_NUM_SVC_ARGS; i++) {
char arg[MAX_ARG_LEN];
snprintf(arg, sizeof(arg), "%s ", args[i]);
if (strlen(arg) < (sizeof(buf) - strlen(buf)))
strcat(buf, arg);
}
_e("%starting %s: %s", respawn ? "Res" : "S", svc->cmd, buf);
}
/* XXX: Maybe change to use execve() to be able to launch scripts? */
execv(svc->cmd, args);
/* Only reach this point if exec() fails. */
exit(0);
}
svc->pid = pid;
if (!respawn)
print_result(svc->pid > 1 ? 0 : 1);
return 0;
}
