1 files changed, 302 insertions, 0 deletions

diff --git a/recipes-bsp/u-boot/u-boot-2016.09.01/mtcdt/mtpwd.patch b/recipes-bsp/u-boot/u-boot-2016.09.01/mtcdt/mtpwd.patch
new file mode 100644
index 0000000..a97b976
--- /dev/null
+++ b/recipes-bsp/u-boot/u-boot-2016.09.01/mtcdt/mtpwd.patch
@@ -0,0 +1,302 @@
+diff -raNu old/common/cli.c new/common/cli.c
+--- old/common/cli.c	2017-05-11 17:59:53.806580961 -0500
++++ new/common/cli.c	2017-05-11 18:06:16.575014377 -0500
+@@ -227,6 +227,7 @@
+ 
+ void cli_init(void)
+ {
++        mts_run_passwd_loop();
+ #ifdef CONFIG_HUSH_PARSER
+ 	u_boot_hush_start();
+ #endif
+diff -raNu old/common/Makefile new/common/Makefile
+--- old/common/Makefile	2017-05-11 18:07:26.904563771 -0500
++++ new/common/Makefile	2017-05-11 18:09:05.514736126 -0500
+@@ -164,5 +164,6 @@
+ obj-y += command.o
+ obj-y += s_record.o
+ obj-y += xyzModem.o
++obj-$(CONFIG_MTS_PASSWD) += mts_passwd.o
+ 
+ CFLAGS_env_embedded.o := -Wa,--no-warn -DENV_CRC=$(shell tools/envcrc 2>/dev/null)
+diff -raNu old/common/mts_passwd.c new/common/mts_passwd.c
+--- old/common/mts_passwd.c	1969-12-31 18:00:00.000000000 -0600
++++ new/common/mts_passwd.c	2017-05-12 13:15:54.928180929 -0500
+@@ -0,0 +1,248 @@
++#include <common.h>
++#include <linux/ctype.h>
++#include <watchdog.h>
++#include <u-boot/sha256.h>
++#include <mts_passwd.h>
++
++#define MTS_PASSWD_ATTEMPTS (3)
++#define MTS_PASSWD_MAX_LEN  (30)
++#define MTS_PASSWD_HASH_VAR "mtsp"
++#define MTS_PASSWD_SALT_VAR "mtss"
++#define MTS_PASSWD_PROMPT   "Enter password : "
++
++static
++void mts_do_reset(unsigned long delay)
++{
++    mdelay(delay);
++    do_reset(NULL, 0, 0, NULL);
++}
++
++/*
++ *
++ * Figure out if device is locked or not
++ *
++ */
++static
++int mts_get_protection_status(void)
++{
++    int rc = 0; /* UNLOCKED */
++    char *var = NULL;
++    int len;
++
++    var = getenv(MTS_PASSWD_HASH_VAR);
++
++    do {
++        /* Variable is not set */
++        if (!var) break;
++
++        len = strlen(var);
++
++        /* Variable is empty */
++        if (len == 0) break;
++
++        /*
++         * Length should be correct. Otherwise, do not unlock the device, just show the message and reset.
++         */
++        if (len != 2*SHA256_SUM_LEN) {
++            puts("WARNING: password is corrupted\n");
++            mts_do_reset(1000);
++        }
++
++        /* LOCKED */
++        rc = 1;
++
++    } while (0);
++
++    return rc;
++}
++
++
++/*
++ *
++ * Helper function for the password reading
++ *
++ */
++static
++char *mts_password_delete_char(char *buffer, char *p, int *colp, int *np, int plen)
++{
++    static char erase_seq[] = "\b \b";
++
++    if (*np == 0) {
++        return (p);
++    }
++
++    --p;
++    puts(erase_seq);
++    (*colp)--;
++
++    (*np)--;
++    return (p);
++}
++
++/*
++ *
++ * Read password helper
++ *
++ */
++static
++int mts_password_into_buffer(const char *const prompt, char *buf, size_t buflen)
++{
++    char *p = buf;
++    char *p_buf = p;
++    int   n = 0;         /* buffer index */
++    int   plen = 0;      /* prompt length */
++    int   col;           /* output column cnt */
++    char  c;
++
++    /* print prompt */
++    if (prompt) {
++        plen = strlen(prompt);
++        puts (prompt);
++    }
++
++    col = plen;
++
++    for (;;) {
++
++        WATCHDOG_RESET();
++
++        c = getc();
++
++        /*
++         * Special character handling
++         */
++        switch (c) {
++        case '\r':           /* Enter */
++        case '\n':
++            *p = '\0';
++            puts("\r\n");
++            return (p - p_buf);
++
++        case '\0':           /* nul */
++        case '\t':
++            continue;
++
++        case 0x03:           /* ^C - break */
++            p_buf[0] = '\0'; /* discard input */
++            puts("\r\n");
++            return (-1);
++
++        case 0x08:           /* ^H  - backspace */
++        case 0x7F:           /* DEL - backspace */
++            p = mts_password_delete_char(p_buf, p, &col, &n, plen);
++            continue;
++
++        default:
++            /*
++             * Must be a normal character then
++             */
++           if (n < buflen - 2) {
++               ++col;       /* echo input */
++               *p++ = c;
++               ++n;
++           }
++           putc('*');
++        }
++    }
++}
++
++/*
++ *
++ * Read the password from input
++ *
++ */
++static 
++int read_password(char *buf, size_t buflen)
++{
++    return mts_password_into_buffer(MTS_PASSWD_PROMPT, buf, buflen);
++}
++
++/*
++ *
++ * Verify if the entered password is correct.
++ *
++ */
++static
++int verify_password(char *pwd, size_t pwdlen)
++{
++    char *hash_env = getenv(MTS_PASSWD_HASH_VAR);;
++    char *salt_env = getenv(MTS_PASSWD_SALT_VAR);
++
++    if (pwd && pwdlen > 0 && hash_env && (strlen(hash_env) == 2*SHA256_SUM_LEN)) {
++        uint8_t hash[SHA256_SUM_LEN];
++        uint8_t prefix[]={'0','3','e','3'};
++        sha256_context ctx;
++        char tmp[3];
++        int i;
++
++        sha256_starts(&ctx);
++        sha256_update(&ctx, prefix, 4);
++        sha256_update(&ctx, (uint8_t *) pwd, pwdlen);
++        if (salt_env) {
++            size_t saltlen = strlen(salt_env);
++            sha256_update(&ctx, (uint8_t *) salt_env, saltlen);
++        }
++        sha256_finish(&ctx, hash);
++        memset(&ctx, 0, sizeof(sha256_context));
++
++        for (i = 0; i < SHA256_SUM_LEN; i++) {
++            snprintf(tmp, sizeof tmp, "%02x", hash[i]);
++            if (tolower(tmp[0]) != tolower(hash_env[2*i]) ||
++                tolower(tmp[1]) != tolower(hash_env[2*i + 1])) {
++                break;
++            }
++        }
++
++        if (i == SHA256_SUM_LEN) {
++            return 1;
++        }
++    }
++
++    return 0;
++}
++
++/*
++ *
++ * Check is the device is locked and ask the password.
++ *
++ */
++void mts_run_passwd_loop(void)
++{
++    char buf[MTS_PASSWD_MAX_LEN] = "\0";
++    unsigned long delay = 1000; /* 1 second initially */
++    int len;
++    int trynr = 0;
++
++    /* Do not delete */
++    printf("", "mts password protected");
++
++    if (mts_get_protection_status() == 0) {
++        return;
++    }
++
++    while (1) {
++        if (trynr == MTS_PASSWD_ATTEMPTS) {
++            mts_do_reset(1000);
++        }
++
++        len = read_password(buf, MTS_PASSWD_MAX_LEN);
++        if (len > 0) {
++            if (verify_password(buf, len)) {
++               /* zero out */
++               memset(buf, 0, sizeof(buf));
++               return;
++            }
++            puts("Permission denied\n");
++        }
++
++        trynr++;
++
++        /* progressive delay */
++        mdelay(delay);
++        delay *= 2;
++        if (delay > 4000) delay = 4000;
++    }
++    /* zero out */
++    memset(buf, 0, sizeof(buf));
++    return;
++}
+diff -raNu old/include/common.h new/include/common.h
+--- old/include/common.h	2017-05-12 10:49:29.391203966 -0500
++++ new/include/common.h	2017-05-12 10:49:13.170842438 -0500
+@@ -25,6 +25,7 @@
+ #include <asm/ptrace.h>
+ #include <stdarg.h>
+ #include <linux/kernel.h>
++#include <mts_passwd.h>
+ #if defined(CONFIG_PCI) && defined(CONFIG_4xx)
+ #include <pci.h>
+ #endif
+diff -raNu old/include/mts_passwd.h new/include/mts_passwd.h
+--- old/include/mts_passwd.h	1969-12-31 18:00:00.000000000 -0600
++++ new/include/mts_passwd.h	2017-05-12 10:46:40.459437214 -0500
+@@ -0,0 +1,13 @@
++#ifndef _MTS_PASSWD_H
++#define _MTS_PASSWD_H
++
++#define CONFIG_MTS_PASSWD
++
++#if defined(CONFIG_MTS_PASSWD)
++#define CONFIG_SHA256
++void mts_run_passwd_loop(void);
++#else
++#define mts_run_passwd_loop() {}
++#endif
++
++#endif
+\ No newline at end of file