1 /* Copyright 2015 The ChromiumOS Authors
2 * Use of this source code is governed by a BSD-style license that can be
3 * found in the LICENSE file.
4 *
5 * This utility wraps around "cgpt" execution to work with NAND. If the target
6 * device is an MTD device, this utility will read the GPT structures from
7 * FMAP, invokes "cgpt" on that, and writes the result back to NOR flash. */
8
9 #include <err.h>
10 #include <errno.h>
11 #include <fcntl.h>
12 #include <inttypes.h>
13 #include <limits.h>
14 #if !defined(__FreeBSD__)
15 #include <linux/major.h>
16 #endif
17 #include <stdbool.h>
18 #include <stdlib.h>
19 #include <stdint.h>
20 #include <stdio.h>
21 #include <string.h>
22 #include <sys/stat.h>
23 #if !defined(__FreeBSD__)
24 #include <sys/sysmacros.h>
25 #endif
26 #include <sys/types.h>
27 #include <unistd.h>
28
29 #include "2common.h"
30 #include "2sha.h"
31 #include "2sysincludes.h"
32 #include "cgpt.h"
33 #include "cgpt_nor.h"
34 #include "file_keys.h"
35
36 // Check if cmdline |argv| has "-D". "-D" signifies that GPT structs are stored
37 // off device, and hence we should not wrap around cgpt.
has_dash_D(int argc,const char * const argv[])38 static bool has_dash_D(int argc, const char *const argv[]) {
39 int i;
40 // We go from 2, because the second arg is a cgpt command such as "create".
41 for (i = 2; i < argc; ++i) {
42 if (strcmp("-D", argv[i]) == 0) {
43 return true;
44 }
45 }
46 return false;
47 }
48
49 // Check if |device_path| is an MTD device based on its major number being 90.
is_mtd(const char * device_path)50 static bool is_mtd(const char *device_path) {
51 struct stat stat;
52 if (lstat(device_path, &stat) != 0) {
53 return false;
54 }
55
56 #if !defined(__FreeBSD__)
57 if (major(stat.st_rdev) == MTD_CHAR_MAJOR) {
58 return true;
59 }
60 #endif
61 return false;
62 }
63
64 // Return the element in |argv| that is an MTD device.
find_mtd_device(int argc,const char * const argv[])65 static const char *find_mtd_device(int argc, const char *const argv[]) {
66 int i;
67 for (i = 2; i < argc; ++i) {
68 if (is_mtd(argv[i])) {
69 return argv[i];
70 }
71 }
72 return NULL;
73 }
74
wrap_cgpt(int argc,const char * const argv[],const char * mtd_device)75 static int wrap_cgpt(int argc,
76 const char *const argv[],
77 const char *mtd_device) {
78 uint8_t original_hash[VB2_SHA1_DIGEST_SIZE];
79 uint8_t modified_hash[VB2_SHA1_DIGEST_SIZE];
80 int ret = 0;
81
82 // Create a temp dir to work in.
83 ret++;
84 char temp_dir[] = VBOOT_TMP_DIR "/cgpt_wrapper.XXXXXX";
85 if (mkdtemp(temp_dir_template) == NULL) {
86 Error("Cannot create a temporary directory.\n");
87 return ret;
88 }
89 if (ReadNorFlash(temp_dir) != 0) {
90 goto cleanup;
91 }
92 char rw_gpt_path[PATH_MAX];
93 if (snprintf(rw_gpt_path, sizeof(rw_gpt_path), "%s/rw_gpt", temp_dir) < 0) {
94 goto cleanup;
95 }
96 if (VB2_SUCCESS != DigestFile(rw_gpt_path, VB2_HASH_SHA1,
97 original_hash, sizeof(original_hash))) {
98 Error("Cannot compute original GPT digest.\n");
99 goto cleanup;
100 }
101
102 // Obtain the MTD size.
103 ret++;
104 uint64_t drive_size = 0;
105 if (GetMtdSize(mtd_device, &drive_size) != 0) {
106 Error("Cannot get the size of %s.\n", mtd_device);
107 goto cleanup;
108 }
109
110 // Launch cgpt on "rw_gpt" with -D size.
111 ret++;
112 const char** my_argv = calloc(argc + 2 + 1, sizeof(char *));
113 if (my_argv == NULL) {
114 errno = ENOMEM;
115 goto cleanup;
116 }
117 memcpy(my_argv, argv, sizeof(char *) * argc);
118 char *real_cgpt;
119 if (asprintf(&real_cgpt, "%s.bin", argv[0]) == -1) {
120 free(my_argv);
121 goto cleanup;
122 }
123 my_argv[0] = real_cgpt;
124
125 int i;
126 for (i = 2; i < argc; ++i) {
127 if (strcmp(my_argv[i], mtd_device) == 0) {
128 my_argv[i] = rw_gpt_path;
129 }
130 }
131 my_argv[argc] = "-D";
132 char size[32];
133 snprintf(size, sizeof(size), "%" PRIu64, drive_size);
134 my_argv[argc + 1] = size;
135 i = ForkExecV(NULL, my_argv);
136 free(real_cgpt);
137 free(my_argv);
138 if (i != 0) {
139 Error("Cannot exec cgpt to modify rw_gpt.\n");
140 goto cleanup;
141 }
142
143 // Write back "rw_gpt" to NOR flash in two chunks.
144 ret++;
145 if (VB2_SUCCESS == DigestFile(rw_gpt_path, VB2_HASH_SHA1,
146 modified_hash, sizeof(modified_hash))) {
147 if (memcmp(original_hash, modified_hash, VB2_SHA1_DIGEST_SIZE) != 0) {
148 ret = WriteNorFlash(temp_dir);
149 } else {
150 ret = 0;
151 }
152 }
153
154 cleanup:
155 RemoveDir(temp_dir);
156 return ret;
157 }
158
main(int argc,const char * argv[])159 int main(int argc, const char *argv[]) {
160 char resolved_cgpt[PATH_MAX];
161 pid_t pid = getpid();
162 char exe_link[40];
163 int retval = 0;
164
165 if (argc < 1) {
166 return -1;
167 }
168
169 const char *orig_argv0 = argv[0];
170
171 snprintf(exe_link, sizeof(exe_link), "/proc/%d/exe", pid);
172 memset(resolved_cgpt, 0, sizeof(resolved_cgpt));
173 if (readlink(exe_link, resolved_cgpt, sizeof(resolved_cgpt) - 1) == -1) {
174 perror("readlink");
175 return -1;
176 }
177
178 argv[0] = resolved_cgpt;
179
180 if (argc > 2 && !has_dash_D(argc, argv)) {
181 const char *mtd_device = find_mtd_device(argc, argv);
182 if (mtd_device) {
183 retval = wrap_cgpt(argc, argv, mtd_device);
184 goto cleanup;
185 }
186 }
187
188 // Forward to cgpt as-is. Real cgpt has been renamed cgpt.bin.
189 char *real_cgpt;
190 if (asprintf(&real_cgpt, "%s.bin", argv[0]) == -1) {
191 retval = -1;
192 goto cleanup;
193 }
194 argv[0] = real_cgpt;
195 if (execv(argv[0], (char * const *)argv) == -1) {
196 err(-2, "execv(%s) failed", real_cgpt);
197 }
198 free(real_cgpt);
199 retval = -2;
200
201 cleanup:
202 argv[0] = orig_argv0;
203 return retval;
204 }
205