summaryrefslogtreecommitdiff
path: root/recipes-bsp/u-boot/u-boot-2016.09.01/mtpwd.patch
diff options
context:
space:
mode:
Diffstat (limited to 'recipes-bsp/u-boot/u-boot-2016.09.01/mtpwd.patch')
-rw-r--r--recipes-bsp/u-boot/u-boot-2016.09.01/mtpwd.patch300
1 files changed, 300 insertions, 0 deletions
diff --git a/recipes-bsp/u-boot/u-boot-2016.09.01/mtpwd.patch b/recipes-bsp/u-boot/u-boot-2016.09.01/mtpwd.patch
new file mode 100644
index 0000000..fb07372
--- /dev/null
+++ b/recipes-bsp/u-boot/u-boot-2016.09.01/mtpwd.patch
@@ -0,0 +1,300 @@
+diff -raNu old/common/autoboot.c new/common/autoboot.c
+--- old/common/autoboot.c 2017-05-19 10:43:49.378496833 -0500
++++ new/common/autoboot.c 2017-05-19 10:52:10.561509423 -0500
+@@ -362,4 +362,5 @@
+ run_command_list(s, -1, 0);
+ }
+ #endif /* CONFIG_MENUKEY */
++ mts_run_passwd_loop();
+ }
+diff -raNu old/common/Makefile new/common/Makefile
+--- old/common/Makefile 2017-05-11 18:07:26.904563771 -0500
++++ new/common/Makefile 2017-05-11 18:09:05.514736126 -0500
+@@ -164,5 +164,6 @@
+ obj-y += command.o
+ obj-y += s_record.o
+ obj-y += xyzModem.o
++obj-$(CONFIG_MTS_PASSWD) += mts_passwd.o
+
+ CFLAGS_env_embedded.o := -Wa,--no-warn -DENV_CRC=$(shell tools/envcrc 2>/dev/null)
+diff -raNu old/common/mts_passwd.c new/common/mts_passwd.c
+--- old/common/mts_passwd.c 1969-12-31 18:00:00.000000000 -0600
++++ new/common/mts_passwd.c 2017-05-12 13:15:54.928180929 -0500
+@@ -0,0 +1,248 @@
++#include <common.h>
++#include <linux/ctype.h>
++#include <watchdog.h>
++#include <u-boot/sha256.h>
++#include <mts_passwd.h>
++
++#define MTS_PASSWD_ATTEMPTS (3)
++#define MTS_PASSWD_MAX_LEN (30)
++#define MTS_PASSWD_HASH_VAR "mtsp"
++#define MTS_PASSWD_SALT_VAR "mtss"
++#define MTS_PASSWD_PROMPT "Enter password : "
++
++static
++void mts_do_reset(unsigned long delay)
++{
++ mdelay(delay);
++ do_reset(NULL, 0, 0, NULL);
++}
++
++/*
++ *
++ * Figure out if device is locked or not
++ *
++ */
++static
++int mts_get_protection_status(void)
++{
++ int rc = 0; /* UNLOCKED */
++ char *var = NULL;
++ int len;
++
++ var = getenv(MTS_PASSWD_HASH_VAR);
++
++ do {
++ /* Variable is not set */
++ if (!var) break;
++
++ len = strlen(var);
++
++ /* Variable is empty */
++ if (len == 0) break;
++
++ /*
++ * Length should be correct. Otherwise, do not unlock the device, just show the message and reset.
++ */
++ if (len != 2*SHA256_SUM_LEN) {
++ puts("WARNING: password is corrupted\n");
++ mts_do_reset(1000);
++ }
++
++ /* LOCKED */
++ rc = 1;
++
++ } while (0);
++
++ return rc;
++}
++
++
++/*
++ *
++ * Helper function for the password reading
++ *
++ */
++static
++char *mts_password_delete_char(char *buffer, char *p, int *colp, int *np, int plen)
++{
++ static char erase_seq[] = "\b \b";
++
++ if (*np == 0) {
++ return (p);
++ }
++
++ --p;
++ puts(erase_seq);
++ (*colp)--;
++
++ (*np)--;
++ return (p);
++}
++
++/*
++ *
++ * Read password helper
++ *
++ */
++static
++int mts_password_into_buffer(const char *const prompt, char *buf, size_t buflen)
++{
++ char *p = buf;
++ char *p_buf = p;
++ int n = 0; /* buffer index */
++ int plen = 0; /* prompt length */
++ int col; /* output column cnt */
++ char c;
++
++ /* print prompt */
++ if (prompt) {
++ plen = strlen(prompt);
++ puts (prompt);
++ }
++
++ col = plen;
++
++ for (;;) {
++
++ WATCHDOG_RESET();
++
++ c = getc();
++
++ /*
++ * Special character handling
++ */
++ switch (c) {
++ case '\r': /* Enter */
++ case '\n':
++ *p = '\0';
++ puts("\r\n");
++ return (p - p_buf);
++
++ case '\0': /* nul */
++ case '\t':
++ continue;
++
++ case 0x03: /* ^C - break */
++ p_buf[0] = '\0'; /* discard input */
++ puts("\r\n");
++ return (-1);
++
++ case 0x08: /* ^H - backspace */
++ case 0x7F: /* DEL - backspace */
++ p = mts_password_delete_char(p_buf, p, &col, &n, plen);
++ continue;
++
++ default:
++ /*
++ * Must be a normal character then
++ */
++ if (n < buflen - 2) {
++ ++col; /* echo input */
++ *p++ = c;
++ ++n;
++ }
++ putc('*');
++ }
++ }
++}
++
++/*
++ *
++ * Read the password from input
++ *
++ */
++static
++int read_password(char *buf, size_t buflen)
++{
++ return mts_password_into_buffer(MTS_PASSWD_PROMPT, buf, buflen);
++}
++
++/*
++ *
++ * Verify if the entered password is correct.
++ *
++ */
++static
++int verify_password(char *pwd, size_t pwdlen)
++{
++ char *hash_env = getenv(MTS_PASSWD_HASH_VAR);;
++ char *salt_env = getenv(MTS_PASSWD_SALT_VAR);
++
++ if (pwd && pwdlen > 0 && hash_env && (strlen(hash_env) == 2*SHA256_SUM_LEN)) {
++ uint8_t hash[SHA256_SUM_LEN];
++ uint8_t prefix[]={'0','3','e','3'};
++ sha256_context ctx;
++ char tmp[3];
++ int i;
++
++ sha256_starts(&ctx);
++ sha256_update(&ctx, prefix, 4);
++ sha256_update(&ctx, (uint8_t *) pwd, pwdlen);
++ if (salt_env) {
++ size_t saltlen = strlen(salt_env);
++ sha256_update(&ctx, (uint8_t *) salt_env, saltlen);
++ }
++ sha256_finish(&ctx, hash);
++ memset(&ctx, 0, sizeof(sha256_context));
++
++ for (i = 0; i < SHA256_SUM_LEN; i++) {
++ snprintf(tmp, sizeof tmp, "%02x", hash[i]);
++ if (tolower(tmp[0]) != tolower(hash_env[2*i]) ||
++ tolower(tmp[1]) != tolower(hash_env[2*i + 1])) {
++ break;
++ }
++ }
++
++ if (i == SHA256_SUM_LEN) {
++ return 1;
++ }
++ }
++
++ return 0;
++}
++
++/*
++ *
++ * Check is the device is locked and ask the password.
++ *
++ */
++void mts_run_passwd_loop(void)
++{
++ char buf[MTS_PASSWD_MAX_LEN] = "\0";
++ unsigned long delay = 1000; /* 1 second initially */
++ int len;
++ int trynr = 0;
++
++ /* Do not delete */
++ printf("", "mts password protected");
++
++ if (mts_get_protection_status() == 0) {
++ return;
++ }
++
++ while (1) {
++ if (trynr == MTS_PASSWD_ATTEMPTS) {
++ mts_do_reset(1000);
++ }
++
++ len = read_password(buf, MTS_PASSWD_MAX_LEN);
++ if (len > 0) {
++ if (verify_password(buf, len)) {
++ /* zero out */
++ memset(buf, 0, sizeof(buf));
++ return;
++ }
++ puts("Permission denied\n");
++ }
++
++ trynr++;
++
++ /* progressive delay */
++ mdelay(delay);
++ delay *= 2;
++ if (delay > 4000) delay = 4000;
++ }
++ /* zero out */
++ memset(buf, 0, sizeof(buf));
++ return;
++}
+diff -raNu old/include/common.h new/include/common.h
+--- old/include/common.h 2017-05-12 10:49:29.391203966 -0500
++++ new/include/common.h 2017-05-12 10:49:13.170842438 -0500
+@@ -25,6 +25,7 @@
+ #include <asm/ptrace.h>
+ #include <stdarg.h>
+ #include <linux/kernel.h>
++#include <mts_passwd.h>
+ #if defined(CONFIG_PCI) && defined(CONFIG_4xx)
+ #include <pci.h>
+ #endif
+diff -raNu old/include/mts_passwd.h new/include/mts_passwd.h
+--- old/include/mts_passwd.h 1969-12-31 18:00:00.000000000 -0600
++++ new/include/mts_passwd.h 2017-05-12 10:46:40.459437214 -0500
+@@ -0,0 +1,13 @@
++#ifndef _MTS_PASSWD_H
++#define _MTS_PASSWD_H
++
++#define CONFIG_MTS_PASSWD
++
++#if defined(CONFIG_MTS_PASSWD)
++#define CONFIG_SHA256
++void mts_run_passwd_loop(void);
++#else
++#define mts_run_passwd_loop() {}
++#endif
++
++#endif
+\ No newline at end of file
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-18 12:55:43 +0000