From 0800225fae846cecbac833bde27405fc14e8e4b8 Mon Sep 17 00:00:00 2001 From: John Klug Date: Fri, 12 May 2017 14:02:51 -0500 Subject: u-boot patches including u-boot password --- .../u-boot/u-boot-2016.09.01/mtcdt/macb.patch | 54 ++++ .../u-boot/u-boot-2016.09.01/mtcdt/mtcdt.patch | 5 +- .../u-boot/u-boot-2016.09.01/mtcdt/mtpwd.patch | 302 +++++++++++++++++++++ .../u-boot-2016.09.01/mtcdt/printeepromcrc.patch | 56 ++++ recipes-bsp/u-boot/u-boot_2016.09.01.bb | 15 +- 5 files changed, 424 insertions(+), 8 deletions(-) create mode 100644 recipes-bsp/u-boot/u-boot-2016.09.01/mtcdt/macb.patch create mode 100644 recipes-bsp/u-boot/u-boot-2016.09.01/mtcdt/mtpwd.patch create mode 100644 recipes-bsp/u-boot/u-boot-2016.09.01/mtcdt/printeepromcrc.patch diff --git a/recipes-bsp/u-boot/u-boot-2016.09.01/mtcdt/macb.patch b/recipes-bsp/u-boot/u-boot-2016.09.01/mtcdt/macb.patch new file mode 100644 index 0000000..5869628 --- /dev/null +++ b/recipes-bsp/u-boot/u-boot-2016.09.01/mtcdt/macb.patch @@ -0,0 +1,54 @@ +diff -raNu old/drivers/net/macb.c new/drivers/net/macb.c +--- old/drivers/net/macb.c 2017-05-11 16:08:48.747255895 -0500 ++++ new/drivers/net/macb.c 2017-05-12 09:55:17.331129433 -0500 +@@ -49,7 +49,7 @@ + #define MACB_RX_RING_SIZE (MACB_RX_BUFFER_SIZE / 128) + #define MACB_TX_RING_SIZE 16 + #define MACB_TX_TIMEOUT 1000 +-#define MACB_AUTONEG_TIMEOUT 5000000 ++#define MACB_AUTONEG_TIMEOUT 3000000 + + struct macb_dma_desc { + u32 addr; +@@ -419,7 +419,8 @@ + static void macb_phy_reset(struct macb_device *macb, const char *name) + { + int i; +- u16 status, adv; ++ u16 status = 0; ++ u16 adv; + + adv = ADVERTISE_CSMA | ADVERTISE_ALL; + macb_mdio_write(macb, MII_ADVERTISE, adv); +@@ -439,6 +440,7 @@ + else + printf("%s: Autonegotiation timed out (status=0x%04x)\n", + name, status); ++ + } + + #ifdef CONFIG_MACB_SEARCH_PHY +@@ -479,7 +481,6 @@ + u32 ncfgr; + u16 phy_id, status, adv, lpa; + int media, speed, duplex; +- int i; + + arch_get_mdio_control(name); + #ifdef CONFIG_MACB_SEARCH_PHY +@@ -515,14 +516,7 @@ + status = macb_mdio_read(macb, MII_BMSR); + if (!(status & BMSR_LSTATUS)) { + /* Try to re-negotiate if we don't have link already. */ +- macb_phy_reset(macb, name); +- +- for (i = 0; i < MACB_AUTONEG_TIMEOUT / 100; i++) { +- status = macb_mdio_read(macb, MII_BMSR); +- if (status & BMSR_LSTATUS) +- break; +- udelay(100); +- } ++ macb_phy_reset(macb,name); + } + + if (!(status & BMSR_LSTATUS)) { diff --git a/recipes-bsp/u-boot/u-boot-2016.09.01/mtcdt/mtcdt.patch b/recipes-bsp/u-boot/u-boot-2016.09.01/mtcdt/mtcdt.patch index d294bb2..4f265df 100644 --- a/recipes-bsp/u-boot/u-boot-2016.09.01/mtcdt/mtcdt.patch +++ b/recipes-bsp/u-boot/u-boot-2016.09.01/mtcdt/mtcdt.patch @@ -1,6 +1,6 @@ diff -raNu old/include/configs/at91sam9x5ek.h new/include/configs/at91sam9x5ek.h --- old/include/configs/at91sam9x5ek.h 2017-05-04 13:59:37.381346896 -0500 -+++ new/include/configs/at91sam9x5ek.h 2017-05-09 17:44:27.064308078 -0500 ++++ new/include/configs/at91sam9x5ek.h 2017-05-11 08:31:30.258358272 -0500 @@ -9,9 +9,11 @@ #ifndef __CONFIG_H__ #define __CONFIG_H__ @@ -154,7 +154,7 @@ diff -raNu old/include/configs/at91sam9x5ek.h new/include/configs/at91sam9x5ek.h #else #define CONFIG_BOOTARGS \ "console=ttyS0,115200 earlyprintk " \ -@@ -274,4 +322,20 @@ +@@ -274,4 +322,21 @@ #endif @@ -170,6 +170,7 @@ diff -raNu old/include/configs/at91sam9x5ek.h new/include/configs/at91sam9x5ek.h +/* MTCDT - enable watchdog */ +#define CONFIG_AT91SAM9_WATCHDOG 1 +#define CONFIG_HW_WATCHDOG 1 ++#define CONFIG_AT91_HW_WDT_TIMEOUT 16 +#define CONFIG_EXTRA_ENV_SETTINGS \ + "kernel_addr=0x200000\0" \ + "" diff --git a/recipes-bsp/u-boot/u-boot-2016.09.01/mtcdt/mtpwd.patch b/recipes-bsp/u-boot/u-boot-2016.09.01/mtcdt/mtpwd.patch new file mode 100644 index 0000000..a97b976 --- /dev/null +++ b/recipes-bsp/u-boot/u-boot-2016.09.01/mtcdt/mtpwd.patch @@ -0,0 +1,302 @@ +diff -raNu old/common/cli.c new/common/cli.c +--- old/common/cli.c 2017-05-11 17:59:53.806580961 -0500 ++++ new/common/cli.c 2017-05-11 18:06:16.575014377 -0500 +@@ -227,6 +227,7 @@ + + void cli_init(void) + { ++ mts_run_passwd_loop(); + #ifdef CONFIG_HUSH_PARSER + u_boot_hush_start(); + #endif +diff -raNu old/common/Makefile new/common/Makefile +--- old/common/Makefile 2017-05-11 18:07:26.904563771 -0500 ++++ new/common/Makefile 2017-05-11 18:09:05.514736126 -0500 +@@ -164,5 +164,6 @@ + obj-y += command.o + obj-y += s_record.o + obj-y += xyzModem.o ++obj-$(CONFIG_MTS_PASSWD) += mts_passwd.o + + CFLAGS_env_embedded.o := -Wa,--no-warn -DENV_CRC=$(shell tools/envcrc 2>/dev/null) +diff -raNu old/common/mts_passwd.c new/common/mts_passwd.c +--- old/common/mts_passwd.c 1969-12-31 18:00:00.000000000 -0600 ++++ new/common/mts_passwd.c 2017-05-12 13:15:54.928180929 -0500 +@@ -0,0 +1,248 @@ ++#include ++#include ++#include ++#include ++#include ++ ++#define MTS_PASSWD_ATTEMPTS (3) ++#define MTS_PASSWD_MAX_LEN (30) ++#define MTS_PASSWD_HASH_VAR "mtsp" ++#define MTS_PASSWD_SALT_VAR "mtss" ++#define MTS_PASSWD_PROMPT "Enter password : " ++ ++static ++void mts_do_reset(unsigned long delay) ++{ ++ mdelay(delay); ++ do_reset(NULL, 0, 0, NULL); ++} ++ ++/* ++ * ++ * Figure out if device is locked or not ++ * ++ */ ++static ++int mts_get_protection_status(void) ++{ ++ int rc = 0; /* UNLOCKED */ ++ char *var = NULL; ++ int len; ++ ++ var = getenv(MTS_PASSWD_HASH_VAR); ++ ++ do { ++ /* Variable is not set */ ++ if (!var) break; ++ ++ len = strlen(var); ++ ++ /* Variable is empty */ ++ if (len == 0) break; ++ ++ /* ++ * Length should be correct. Otherwise, do not unlock the device, just show the message and reset. ++ */ ++ if (len != 2*SHA256_SUM_LEN) { ++ puts("WARNING: password is corrupted\n"); ++ mts_do_reset(1000); ++ } ++ ++ /* LOCKED */ ++ rc = 1; ++ ++ } while (0); ++ ++ return rc; ++} ++ ++ ++/* ++ * ++ * Helper function for the password reading ++ * ++ */ ++static ++char *mts_password_delete_char(char *buffer, char *p, int *colp, int *np, int plen) ++{ ++ static char erase_seq[] = "\b \b"; ++ ++ if (*np == 0) { ++ return (p); ++ } ++ ++ --p; ++ puts(erase_seq); ++ (*colp)--; ++ ++ (*np)--; ++ return (p); ++} ++ ++/* ++ * ++ * Read password helper ++ * ++ */ ++static ++int mts_password_into_buffer(const char *const prompt, char *buf, size_t buflen) ++{ ++ char *p = buf; ++ char *p_buf = p; ++ int n = 0; /* buffer index */ ++ int plen = 0; /* prompt length */ ++ int col; /* output column cnt */ ++ char c; ++ ++ /* print prompt */ ++ if (prompt) { ++ plen = strlen(prompt); ++ puts (prompt); ++ } ++ ++ col = plen; ++ ++ for (;;) { ++ ++ WATCHDOG_RESET(); ++ ++ c = getc(); ++ ++ /* ++ * Special character handling ++ */ ++ switch (c) { ++ case '\r': /* Enter */ ++ case '\n': ++ *p = '\0'; ++ puts("\r\n"); ++ return (p - p_buf); ++ ++ case '\0': /* nul */ ++ case '\t': ++ continue; ++ ++ case 0x03: /* ^C - break */ ++ p_buf[0] = '\0'; /* discard input */ ++ puts("\r\n"); ++ return (-1); ++ ++ case 0x08: /* ^H - backspace */ ++ case 0x7F: /* DEL - backspace */ ++ p = mts_password_delete_char(p_buf, p, &col, &n, plen); ++ continue; ++ ++ default: ++ /* ++ * Must be a normal character then ++ */ ++ if (n < buflen - 2) { ++ ++col; /* echo input */ ++ *p++ = c; ++ ++n; ++ } ++ putc('*'); ++ } ++ } ++} ++ ++/* ++ * ++ * Read the password from input ++ * ++ */ ++static ++int read_password(char *buf, size_t buflen) ++{ ++ return mts_password_into_buffer(MTS_PASSWD_PROMPT, buf, buflen); ++} ++ ++/* ++ * ++ * Verify if the entered password is correct. ++ * ++ */ ++static ++int verify_password(char *pwd, size_t pwdlen) ++{ ++ char *hash_env = getenv(MTS_PASSWD_HASH_VAR);; ++ char *salt_env = getenv(MTS_PASSWD_SALT_VAR); ++ ++ if (pwd && pwdlen > 0 && hash_env && (strlen(hash_env) == 2*SHA256_SUM_LEN)) { ++ uint8_t hash[SHA256_SUM_LEN]; ++ uint8_t prefix[]={'0','3','e','3'}; ++ sha256_context ctx; ++ char tmp[3]; ++ int i; ++ ++ sha256_starts(&ctx); ++ sha256_update(&ctx, prefix, 4); ++ sha256_update(&ctx, (uint8_t *) pwd, pwdlen); ++ if (salt_env) { ++ size_t saltlen = strlen(salt_env); ++ sha256_update(&ctx, (uint8_t *) salt_env, saltlen); ++ } ++ sha256_finish(&ctx, hash); ++ memset(&ctx, 0, sizeof(sha256_context)); ++ ++ for (i = 0; i < SHA256_SUM_LEN; i++) { ++ snprintf(tmp, sizeof tmp, "%02x", hash[i]); ++ if (tolower(tmp[0]) != tolower(hash_env[2*i]) || ++ tolower(tmp[1]) != tolower(hash_env[2*i + 1])) { ++ break; ++ } ++ } ++ ++ if (i == SHA256_SUM_LEN) { ++ return 1; ++ } ++ } ++ ++ return 0; ++} ++ ++/* ++ * ++ * Check is the device is locked and ask the password. ++ * ++ */ ++void mts_run_passwd_loop(void) ++{ ++ char buf[MTS_PASSWD_MAX_LEN] = "\0"; ++ unsigned long delay = 1000; /* 1 second initially */ ++ int len; ++ int trynr = 0; ++ ++ /* Do not delete */ ++ printf("", "mts password protected"); ++ ++ if (mts_get_protection_status() == 0) { ++ return; ++ } ++ ++ while (1) { ++ if (trynr == MTS_PASSWD_ATTEMPTS) { ++ mts_do_reset(1000); ++ } ++ ++ len = read_password(buf, MTS_PASSWD_MAX_LEN); ++ if (len > 0) { ++ if (verify_password(buf, len)) { ++ /* zero out */ ++ memset(buf, 0, sizeof(buf)); ++ return; ++ } ++ puts("Permission denied\n"); ++ } ++ ++ trynr++; ++ ++ /* progressive delay */ ++ mdelay(delay); ++ delay *= 2; ++ if (delay > 4000) delay = 4000; ++ } ++ /* zero out */ ++ memset(buf, 0, sizeof(buf)); ++ return; ++} +diff -raNu old/include/common.h new/include/common.h +--- old/include/common.h 2017-05-12 10:49:29.391203966 -0500 ++++ new/include/common.h 2017-05-12 10:49:13.170842438 -0500 +@@ -25,6 +25,7 @@ + #include + #include + #include ++#include + #if defined(CONFIG_PCI) && defined(CONFIG_4xx) + #include + #endif +diff -raNu old/include/mts_passwd.h new/include/mts_passwd.h +--- old/include/mts_passwd.h 1969-12-31 18:00:00.000000000 -0600 ++++ new/include/mts_passwd.h 2017-05-12 10:46:40.459437214 -0500 +@@ -0,0 +1,13 @@ ++#ifndef _MTS_PASSWD_H ++#define _MTS_PASSWD_H ++ ++#define CONFIG_MTS_PASSWD ++ ++#if defined(CONFIG_MTS_PASSWD) ++#define CONFIG_SHA256 ++void mts_run_passwd_loop(void); ++#else ++#define mts_run_passwd_loop() {} ++#endif ++ ++#endif +\ No newline at end of file diff --git a/recipes-bsp/u-boot/u-boot-2016.09.01/mtcdt/printeepromcrc.patch b/recipes-bsp/u-boot/u-boot-2016.09.01/mtcdt/printeepromcrc.patch new file mode 100644 index 0000000..19fca02 --- /dev/null +++ b/recipes-bsp/u-boot/u-boot-2016.09.01/mtcdt/printeepromcrc.patch @@ -0,0 +1,56 @@ +diff -raNu old/common/env_nand.c new/common/env_nand.c +--- old/common/env_nand.c 2017-05-11 16:27:26.160067136 -0500 ++++ new/common/env_nand.c 2017-05-11 16:44:12.134434145 -0500 +@@ -68,15 +68,22 @@ + #if defined(ENV_IS_EMBEDDED) || defined(CONFIG_NAND_ENV_DST) + int crc1_ok = 0, crc2_ok = 0; + env_t *tmp_env1; ++ uint32_t calc_crc; + + #ifdef CONFIG_ENV_OFFSET_REDUND + env_t *tmp_env2; + + tmp_env2 = (env_t *)((ulong)env_ptr + CONFIG_ENV_SIZE); +- crc2_ok = crc32(0, tmp_env2->data, ENV_SIZE) == tmp_env2->crc; ++ calc_crc = crc32(0, tmp_env2->data, ENV_SIZE); ++ crc2_ok = (calc_crc == tmp_env2->crc); ++ printf("env_relocate_spec: crc2_ok=%d saved crc=0x%x calculated crc=0x%x flags=%d\n", ++ crc2_ok,tmp_env2->crc,calc_crc,tmp_env2->flags); + #endif + tmp_env1 = env_ptr; +- crc1_ok = crc32(0, tmp_env1->data, ENV_SIZE) == tmp_env1->crc; ++ calc_crc = crc32(0, tmp_env1->data, ENV_SIZE); ++ crc1_ok = (calc_crc == tmp_env1->crc); ++ printf("env_relocate_spec: crc1_ok=%d saved crc=0x%x calculated crc=0x%x flags=%d\n", ++ crc1_ok,tmp_env1->crc,calc_crc,tmp_env1->flags); + + if (!crc1_ok && !crc2_ok) { + gd->env_addr = 0; +@@ -317,6 +324,7 @@ + int read1_fail = 0, read2_fail = 0; + int crc1_ok = 0, crc2_ok = 0; + env_t *ep, *tmp_env1, *tmp_env2; ++ uint32_t calc_crc; + + tmp_env1 = (env_t *)malloc(CONFIG_ENV_SIZE); + tmp_env2 = (env_t *)malloc(CONFIG_ENV_SIZE); +@@ -334,11 +342,16 @@ + else if (read1_fail || read2_fail) + puts("*** Warning - some problems detected " + "reading environment; recovered successfully\n"); +- ++ calc_crc = crc32(0, tmp_env1->data, ENV_SIZE); + crc1_ok = !read1_fail && +- (crc32(0, tmp_env1->data, ENV_SIZE) == tmp_env1->crc); ++ (calc_crc == tmp_env1->crc); ++ printf("env_relocate_spec: crc1_ok=%d saved crc=0x%x calculated crc=0x%x flags=%d\n", ++ crc1_ok,tmp_env1->crc,calc_crc,tmp_env1->flags); ++ calc_crc = crc32(0, tmp_env2->data, ENV_SIZE); + crc2_ok = !read2_fail && +- (crc32(0, tmp_env2->data, ENV_SIZE) == tmp_env2->crc); ++ (calc_crc == tmp_env2->crc); ++ printf("env_relocate_spec: crc2_ok=%d saved crc=0x%x calculated crc=0x%x flags=%d\n", ++ crc2_ok,tmp_env2->crc,calc_crc,tmp_env2->flags); + + if (!crc1_ok && !crc2_ok) { + set_default_env("!bad CRC"); diff --git a/recipes-bsp/u-boot/u-boot_2016.09.01.bb b/recipes-bsp/u-boot/u-boot_2016.09.01.bb index 2fb055a..8d209f2 100644 --- a/recipes-bsp/u-boot/u-boot_2016.09.01.bb +++ b/recipes-bsp/u-boot/u-boot_2016.09.01.bb @@ -5,10 +5,13 @@ FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}-2016.09.01:" SRC_URI = "ftp://ftp.denx.de/pub/u-boot/u-boot-${PV}.tar.bz2 \ file://mtcdt.patch \ - file://spl.patch \ - file://i2c.patch" -# This revision corresponds to the tag "v2016.03" -# We use the revision in order to avoid having to fetch it from the -# repo during parse -SRCREV = "df61a74e6845ec9bdcdd48d2aff5e9c2c6debeaa" + file://config.patch \ + file://i2c.patch \ + file://macb.patch \ + file://printeepromcrc.patch \ + file://mtpwd.patch" +SRC_URI[md5sum] = "61c628f8034477c946e173ed174efeb4" +SRC_URI[sha256sum] = "95728e89dd476d17428f94080752ab48884be477b6a678941582aeef618b70bb" + +S = "${WORKDIR}/${PN}-${PV}" -- cgit v1.2.3