/*
* Show a '%p' thing. A kernel extension is that the '%p' is followed
* by an extra set of alphanumeric characters that are extended format
* specifiers.
*
* Right now we handle:
*
* - 'I' [4] for IPv4 addresses printed in the usual way
* IPv4 uses dot-separated decimal without leading 0's (1.2.3.4)
* - 'S' For symbolic direct pointers
* - 'U' For a 16 byte UUID/GUID, it prints the UUID/GUID in the form
* "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
* Options for %pU are:
* b big endian lower case hex (default)
* B big endian UPPER case hex
* l little endian lower case hex
* L little endian UPPER case hex
* big endian output byte order is:
* [0][1][2][3]-[4][5]-[6][7]-[8][9]-[10][11][12][13][14][15]
* little endian output byte order is:
* [3][2][1][0]-[5][4]-[7][6]-[8][9]-[10][11][12][13][14][15]
* - 'a[pd]' For address types [p] phys_addr_t, [d] dma_addr_t and derivatives
* (default assumed to be phys_addr_t, passed by reference)
*
* Note: The difference between 'S' and 'F' is that on ia64 and ppc64
* function pointers are really function descriptors, which contain a
* pointer to the real address.
*/
static char *pointer(const char *fmt, char *buf, char *end, void *ptr, int field_width, int precision, int flags)
{
switch (*fmt) {
case 'S':
return symbol_string(buf, end, ptr, field_width, precision, flags);
case 'U':
if (IS_ENABLED(CONFIG_PRINTF_UUID))
return uuid_string(buf, end, ptr, field_width, precision, flags, fmt);
break;
case 'a':
return address_val(buf, end, ptr, field_width, precision, flags, fmt);
case 'I':
switch (fmt[1]) {
case '4':
return ip4_addr_string(buf, end, ptr, field_width, precision, flags, fmt);
}
break;
}
flags |= SMALL;
if (field_width == -1) {
field_width = 2*sizeof(void *);
flags |= ZEROPAD;
}
return number(buf, end, (unsigned long) ptr, 16, field_width, precision, flags);
}
void print_part_efi(block_dev_desc_t * dev_desc)
{
ALLOC_CACHE_ALIGN_BUFFER_PAD(gpt_header, gpt_head, 1, dev_desc->blksz);
gpt_entry *gpt_pte = NULL;
int i = 0;
char uuid[37];
if (!dev_desc) {
printf("%s: Invalid Argument(s)\n", __func__);
return;
}
/* This function validates AND fills in the GPT header and PTE */
if (is_gpt_valid(dev_desc, GPT_PRIMARY_PARTITION_TABLE_LBA,
gpt_head, &gpt_pte) != 1) {
printf("%s: *** ERROR: Invalid GPT ***\n", __func__);
return;
}
debug("%s: gpt-entry at %p\n", __func__, gpt_pte);
printf("Part\tStart LBA\tEnd LBA\t\tName\n");
printf("\tAttributes\n");
printf("\tType UUID\n");
printf("\tPartition UUID\n");
for (i = 0; i < le32_to_cpu(gpt_head->num_partition_entries); i++) {
/* Stop at the first non valid PTE */
if (!is_pte_valid(&gpt_pte[i]))
break;
printf("%3d\t0x%08llx\t0x%08llx\t\"%s\"\n", (i + 1),
le64_to_cpu(gpt_pte[i].starting_lba),
le64_to_cpu(gpt_pte[i].ending_lba),
print_efiname(&gpt_pte[i]));
printf("\tattrs:\t0x%016llx\n", gpt_pte[i].attributes.raw);
uuid_string(gpt_pte[i].partition_type_guid.b, uuid);
printf("\ttype:\t%s\n", uuid);
uuid_string(gpt_pte[i].unique_partition_guid.b, uuid);
printf("\tuuid:\t%s\n", uuid);
}
/* Remember to free pte */
free(gpt_pte);
return;
}
int get_partition_info_efi(block_dev_desc_t * dev_desc, int part,
disk_partition_t * info)
{
ALLOC_CACHE_ALIGN_BUFFER_PAD(gpt_header, gpt_head, 1, dev_desc->blksz);
gpt_entry *gpt_pte = NULL;
/* "part" argument must be at least 1 */
if (!dev_desc || !info || part < 1) {
printf("%s: Invalid Argument(s)\n", __func__);
return -1;
}
/* This function validates AND fills in the GPT header and PTE */
if (is_gpt_valid(dev_desc, GPT_PRIMARY_PARTITION_TABLE_LBA,
gpt_head, &gpt_pte) != 1) {
printf("%s: *** ERROR: Invalid GPT ***\n", __func__);
return -1;
}
if (part > le32_to_cpu(gpt_head->num_partition_entries) ||
!is_pte_valid(&gpt_pte[part - 1])) {
debug("%s: *** ERROR: Invalid partition number %d ***\n",
__func__, part);
free(gpt_pte);
return -1;
}
/* The ulong casting limits the maximum disk size to 2 TB */
info->start = (u64)le64_to_cpu(gpt_pte[part - 1].starting_lba);
/* The ending LBA is inclusive, to calculate size, add 1 to it */
info->size = ((u64)le64_to_cpu(gpt_pte[part - 1].ending_lba) + 1)
- info->start;
info->blksz = dev_desc->blksz;
sprintf((char *)info->name, "%s",
print_efiname(&gpt_pte[part - 1]));
sprintf((char *)info->type, "U-Boot");
info->bootable = is_bootable(&gpt_pte[part - 1]);
#ifdef CONFIG_PARTITION_UUIDS
uuid_string(gpt_pte[part - 1].unique_partition_guid.b, info->uuid);
#endif
debug("%s: start 0x" LBAF ", size 0x" LBAF ", name %s", __func__,
info->start, info->size, info->name);
/* Remember to free pte */
free(gpt_pte);
return 0;
}
static void
provisioning_mode()
{
INFO("Check for existence of device certificate");
bool need_initialization = (!file_exists(DEVICE_CERT_FILE) || !token_file_exists());
// device needs a device certificate
if (!file_exists(DEVICE_CONF)) {
INFO("Going back to bootloader mode, device config does not exist (Proper"
"userdata image needs to be flashed first)");
reboot_reboot(REBOOT);
}
if (need_initialization) {
sleep(5);
ssl_init();
}
// if no certificate exists, create a csr
if (!file_exists(DEVICE_CERT_FILE)) {
INFO("Device certificate not available. Switch to device provisioning mode");
if (!file_exists(DEVICE_CSR_FILE) || !file_exists(DEVICE_KEY_FILE)) {
DEBUG("Create CSR (recreate if corresponding private key file misses)");
if (file_exists(SCD_TOKEN_DIR) && file_is_dir(SCD_TOKEN_DIR)) {
DEBUG("CSR folder already exists");
} else if (mkdir(SCD_TOKEN_DIR, 00755) != 0) {
FATAL("Failed to create CSR directory");
}
#ifdef ANDROID
char *hw_serial = mem_alloc0(PROPERTY_VALUE_MAX);
char *hw_name = mem_alloc0(PROPERTY_VALUE_MAX);
bool property_read_failure = false;
if (!(property_get(PROP_SERIALNO, hw_serial, NULL) > 0)) {
ERROR("Failed to read hardware serialno property");
property_read_failure = true;
}
if (!(property_get(PROP_HARDWARE, hw_name, NULL) > 0)) {
ERROR("Failed to read hardware name property");
property_read_failure = true;
}
char *common_name;
if (!property_read_failure)
common_name = mem_printf("%s %s", hw_name, hw_serial);
else
common_name = mem_printf("%s %s", "x86", "0000");
DEBUG("Using common name %s", common_name);
#else
char *common_name = mem_strdup("common_name");
char *hw_serial = mem_strdup("hw_serial");
char *hw_name = mem_strdup("hw_unknown");
#endif
// create device uuid and write to device.conf
uuid_t *dev_uuid = uuid_new(NULL);
const char *uid;
if (!dev_uuid || (uid = uuid_string(dev_uuid)) == NULL) {
FATAL("Could not create device uuid");
}
DeviceConfig *dev_cfg = (DeviceConfig *)
protobuf_message_new_from_textfile(DEVICE_CONF, &device_config__descriptor);
if (!dev_cfg) {
FATAL("Failed load device config from file \"%s\"!", DEVICE_CONF);
}
// set device uuid
char *proto_uid = mem_strdup(uid);
// free this element, as it is overwritten
mem_free(dev_cfg->uuid);
dev_cfg->uuid = proto_uid;
// write the uuid to device config file
if (protobuf_message_write_to_file(DEVICE_CONF, (ProtobufCMessage *) dev_cfg) < 0) {
FATAL("Could not write device config to \"%s\"!", DEVICE_CONF);
}
if (ssl_create_csr(DEVICE_CSR_FILE, DEVICE_KEY_FILE, NULL, common_name, uid) != 0) {
FATAL("Unable to create CSR");
}
// this call also frees proto_uid
protobuf_free_message((ProtobufCMessage *) dev_cfg);
mem_free(hw_serial);
mem_free(hw_name);
mem_free(common_name);
uuid_free(dev_uuid);
DEBUG("CSR with keyfile created and stored");
} else {
DEBUG("CSR with keyfile already exists");
}
// self-sign device csr to bring the device up
// corresponding cert is overwritten during provisioning
DEBUG("Create self-signed certificate from CSR");
if (ssl_self_sign_csr(DEVICE_CSR_FILE, DEVICE_CERT_FILE, DEVICE_KEY_FILE) != 0) {
FATAL("Unable to self sign existing device.csr");
}
}
else {
INFO("Device certificate found");
if (file_exists(DEVICE_CSR_FILE)) {
// this is the case when a non-provisioned trustme phone
// created its own device.cert and user.p12
WARN("Device CSR still exists. Device was not correctly provisioned!");
}
}
// self-create a user token to bring the device up
// is removed during provisioning
if (!token_file_exists()) {
DEBUG("Create initial soft token");
char *token_file = mem_printf("%s/%s%s", SCD_TOKEN_DIR,
TOKEN_DEFAULT_NAME, TOKEN_DEFAULT_EXT);
if (ssl_create_pkcs12_token(token_file, NULL, TOKEN_DEFAULT_PASS, TOKEN_DEFAULT_NAME) != 0) {
FATAL("Unable to create initial user token");
}
mem_free(token_file);
}
// we now have anything for a clean startup so just die and let us be restarted by init
if (need_initialization) {
ssl_free();
exit(0);
}
// remark: no certificate validation checks are carried out
if (!file_exists(DEVICE_KEY_FILE) || !file_exists(SSIG_ROOT_CERT)
|| !file_exists(GEN_ROOT_CERT) || !token_file_exists()) {
FATAL("Missing certificate chains, user token, or private key for device certificate");
}
}
