summaryrefslogtreecommitdiffstats
path: root/common/state/backend_format_raw.c
diff options
context:
space:
mode:
authorMarkus Pargmann <mpa@pengutronix.de>2016-07-06 10:19:43 +0200
committerSascha Hauer <s.hauer@pengutronix.de>2016-07-08 08:59:31 +0200
commitc999b507da9891f22cf2a60105bffa0774eea082 (patch)
treedbc1a712b3ab6919758c1cffc6f979ba8c98d59f /common/state/backend_format_raw.c
parent3d33f178ccd7b0602b20c8fb37d7e57beed22e89 (diff)
downloadbarebox-c999b507da9891f22cf2a60105bffa0774eea082.tar.gz
state: Refactor state framework
The state framework grew organically over the time. Unfortunately the architecture and abstractions disappeared during this period. This patch refactors the framework to recreate the abstractions. The main focus was the backend with its storage. The main use-case was to offer better NAND support with less erase cycles and interchangeable data formats (dtb,raw). The general architecture now has a backend which consists of a data format and storage. The storage consists of multiple storage buckets each holding exactly one copy of the state data. A data format describes a data serialization for the state framework. This can be either dtb or raw. A storage bucket is a storage location which is used to store any data. There is a (new) circular type which writes changes behind the last written data and therefore reduces the number of erases. The other type is a direct bucket which writes directly to a storage offset for all non-erase storage. Furthermore this patch splits up all classes into different files in a subdirectory. This is currently all in one patch as I can't see a good way to split the changes up without having a non-working state framework in between. The following diagram shows the new architecture roughly: .----------. | state | '----------' | | v .----------------------------. | state_backend | |----------------------------| | + state_load(*state); | | + state_save(*state); | | + state_backend_init(...); | | | | | '----------------------------' | | The format describes | | how the state data | '-------------> is serialized | .--------------------------------------------. | | state_backend_format <INTERFACE> | | |--------------------------------------------| | | + verify(*format, magic, *buf, len); | | | + pack(*format, *state, **buf, len); | | | + unpack(*format, *state, *buf, len); | | | + get_packed_len(*format, *state); | | | + free(*format); | | '--------------------------------------------' | ^ ^ | * * | * * | .--------------------. .--------------------. | | backend_format_dtb | | backend_format_raw | | '--------------------' '--------------------' | | | v .----------------------------------------------------------. | state_backend_storage | |----------------------------------------------------------| | + init(...); | | + free(*storage); | | + read(*storage, *format, magic, **buf, *len, len_hint); | | + write(*storage, *buf, len); | | + restore_consistency(*storage, *buf, len); | '----------------------------------------------------------' | The backend storage is responsible to manage multiple data copies and distribute them onto several buckets. Read data is verified against the given format to ensure that the read data is correct. | | | | | v .------------------------------------------. | state_backend_storage_bucket <INTERFACE> | |------------------------------------------| | + init(*bucket); | | + write(*bucket, *buf, len); | | + read(*bucket, **buf, len_hint); | | + free(*bucket); | '------------------------------------------' ^ ^ ^ * * * * * * A storage bucket represents*exactly one data copy at one data location. A circular b*cket writes any new data to the end of the bucket (for *educed erases on NAND). A direct bucket directly writ*s at one location. * * * * * * * * * .-----------------------. * .-------------------------. | backend_bucket_direct | * | backend_bucket_circular | '-----------------------' * '-------------------------' ^ * ^ | * | | * | | * | | .-----------------------. | '--| backend_bucket_cached |---' '-----------------------' A backend_bucket_cached is a transparent bucket that directly uses another bucket as backend device and caches all accesses. Signed-off-by: Markus Pargmann <mpa@pengutronix.de> Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Diffstat (limited to 'common/state/backend_format_raw.c')
-rw-r--r--common/state/backend_format_raw.c329
1 files changed, 329 insertions, 0 deletions
diff --git a/common/state/backend_format_raw.c b/common/state/backend_format_raw.c
new file mode 100644
index 0000000..4209424
--- /dev/null
+++ b/common/state/backend_format_raw.c
@@ -0,0 +1,329 @@
+/*
+ * Copyright (C) 2012-2014 Pengutronix, Jan Luebbe <j.luebbe@pengutronix.de>
+ * Copyright (C) 2013-2014 Pengutronix, Sascha Hauer <s.hauer@pengutronix.de>
+ * Copyright (C) 2015 Pengutronix, Marc Kleine-Budde <mkl@pengutronix.de>
+ * Copyright (C) 2016 Pengutronix, Markus Pargmann <mpa@pengutronix.de>
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * version 2, as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ */
+
+#include <common.h>
+#include <common.h>
+#include <crypto/keystore.h>
+#include <digest.h>
+#include <linux/kernel.h>
+#include <malloc.h>
+#include <crc.h>
+#include <of.h>
+#include <crc.h>
+
+#include "state.h"
+
+struct state_backend_format_raw {
+ struct state_backend_format format;
+
+ struct digest *digest;
+ unsigned int digest_length;
+
+ /* For outputs */
+ struct device_d *dev;
+};
+
+struct backend_raw_header {
+ uint32_t magic;
+ uint16_t reserved;
+ uint16_t data_len;
+ uint32_t data_crc;
+ uint32_t header_crc;
+};
+
+const int format_raw_min_length = sizeof(struct backend_raw_header);
+
+static inline struct state_backend_format_raw *get_format_raw(
+ struct state_backend_format *format)
+{
+ return container_of(format, struct state_backend_format_raw, format);
+}
+
+static int backend_format_raw_verify(struct state_backend_format *format,
+ uint32_t magic, const uint8_t * buf,
+ ssize_t len)
+{
+ uint32_t crc;
+ struct backend_raw_header *header;
+ int d_len = 0;
+ int ret;
+ const uint8_t *data;
+ struct state_backend_format_raw *backend_raw = get_format_raw(format);
+ ssize_t complete_len;
+
+ if (len < format_raw_min_length) {
+ dev_err(backend_raw->dev, "Error, buffer length (%d) is shorter than the minimum required header length\n",
+ len);
+ return -EINVAL;
+ }
+
+ header = (struct backend_raw_header *)buf;
+ crc = crc32(0, header, sizeof(*header) - sizeof(uint32_t));
+ if (crc != header->header_crc) {
+ dev_err(backend_raw->dev, "Error, invalid header crc in raw format, calculated 0x%08x, found 0x%08x\n",
+ crc, header->header_crc);
+ return -EINVAL;
+ }
+
+ if (magic && magic != header->magic) {
+ dev_err(backend_raw->dev, "Error, invalid magic in raw format 0x%08x, should be 0x%08x\n",
+ header->magic, magic);
+ return -EINVAL;
+ }
+
+ if (backend_raw->digest) {
+ d_len = digest_length(backend_raw->digest);
+ }
+
+ complete_len = header->data_len + d_len + format_raw_min_length;
+ if (complete_len > len) {
+ dev_err(backend_raw->dev, "Error, invalid data_len %u in header, have data of len %zu\n",
+ header->data_len, len);
+ return -EINVAL;
+ }
+
+ data = buf + sizeof(*header);
+
+ crc = crc32(0, data, header->data_len);
+ if (crc != header->data_crc) {
+ dev_err(backend_raw->dev, "invalid data crc, calculated 0x%08x, found 0x%08x\n",
+ crc, header->data_crc);
+ return -EINVAL;
+ }
+
+ if (backend_raw->digest) {
+ struct digest *d = backend_raw->digest;
+ const void *hmac = data + header->data_len;
+
+ ret = digest_init(d);
+ if (ret) {
+ dev_err(backend_raw->dev, "Failed to initialize digest, %d\n",
+ ret);
+ return ret;
+ }
+
+ /* hmac over header and data */
+ ret = digest_update(d, buf, sizeof(*header) + header->data_len);
+ if (ret) {
+ dev_err(backend_raw->dev, "Failed to update digest, %d\n",
+ ret);
+ return ret;
+ }
+
+ ret = digest_verify(d, hmac);
+ if (ret < 0) {
+ dev_err(backend_raw->dev, "Failed to verify data, hmac, %d\n",
+ ret);
+ return ret;
+ }
+ }
+
+ return 0;
+}
+
+static int backend_format_raw_unpack(struct state_backend_format *format,
+ struct state *state, const uint8_t * buf,
+ ssize_t len)
+{
+ struct state_variable *sv;
+ const struct backend_raw_header *header;
+ const uint8_t *data;
+ struct state_backend_format_raw *backend_raw = get_format_raw(format);
+
+ header = (const struct backend_raw_header *)buf;
+ data = buf + sizeof(*header);
+
+ list_for_each_entry(sv, &state->variables, list) {
+ if (sv->start + sv->size > header->data_len) {
+ dev_err(backend_raw->dev, "State variable ends behind valid data, %s\n",
+ sv->name);
+ continue;
+ }
+ memcpy(sv->raw, data + sv->start, sv->size);
+ }
+
+ return 0;
+}
+
+static int backend_format_raw_pack(struct state_backend_format *format,
+ struct state *state, uint8_t ** buf_out,
+ ssize_t * len_out)
+{
+ struct state_backend_format_raw *backend_raw = get_format_raw(format);
+ void *buf, *data, *hmac;
+ struct backend_raw_header *header;
+ struct state_variable *sv;
+ unsigned int size_full;
+ unsigned int size_data;
+ int ret;
+
+ sv = list_last_entry(&state->variables, struct state_variable, list);
+ size_data = sv->start + sv->size;
+ size_full = size_data + sizeof(*header) + backend_raw->digest_length;
+
+ buf = xzalloc(size_full);
+ if (!buf)
+ return -ENOMEM;
+
+ header = buf;
+ data = buf + sizeof(*header);
+ hmac = data + size_data;
+
+ list_for_each_entry(sv, &state->variables, list)
+ memcpy(data + sv->start, sv->raw, sv->size);
+
+ header->magic = state->magic;
+ header->data_len = size_data;
+ header->data_crc = crc32(0, data, size_data);
+ header->header_crc = crc32(0, header,
+ sizeof(*header) - sizeof(uint32_t));
+
+ if (backend_raw->digest) {
+ struct digest *d = backend_raw->digest;
+
+ ret = digest_init(d);
+ if (ret) {
+ dev_err(backend_raw->dev, "Failed to initialize digest for packing, %d\n",
+ ret);
+ goto out_free;
+ }
+
+ /* hmac over header and data */
+ ret = digest_update(d, buf, sizeof(*header) + size_data);
+ if (ret) {
+ dev_err(backend_raw->dev, "Failed to update digest for packing, %d\n",
+ ret);
+ goto out_free;
+ }
+
+ ret = digest_final(d, hmac);
+ if (ret < 0) {
+ dev_err(backend_raw->dev, "Failed to finish digest for packing, %d\n",
+ ret);
+ goto out_free;
+ }
+ }
+
+ *buf_out = buf;
+ *len_out = size_full;
+
+ return 0;
+
+out_free:
+ free(buf);
+
+ return ret;
+}
+
+static void backend_format_raw_free(struct state_backend_format *format)
+{
+ struct state_backend_format_raw *backend_raw = get_format_raw(format);
+
+ free(backend_raw);
+}
+
+static int backend_format_raw_init_digest(struct state_backend_format_raw *raw,
+ struct device_node *root,
+ const char *secret_name)
+{
+ struct digest *digest;
+ struct property *p;
+ const char *algo;
+ const unsigned char *key;
+ int key_len, ret;
+
+ p = of_find_property(root, "algo", NULL);
+ if (!p) /* does not exist */
+ return 0;
+
+ ret = of_property_read_string(root, "algo", &algo);
+ if (ret)
+ return ret;
+
+ if (!IS_ENABLED(CONFIG_STATE_CRYPTO) && IS_ENABLED(__BAREBOX__)) {
+ dev_err(raw->dev, "algo %s specified, but crypto support for state framework (CONFIG_STATE_CRYPTO) not enabled.\n",
+ algo);
+ return -EINVAL;
+ }
+
+ ret = keystore_get_secret(secret_name, &key, &key_len);
+ if (ret == -ENOENT) { /* -ENOENT == does not exist */
+ dev_info(raw->dev, "Could not get secret '%s' - probe deferred\n",
+ secret_name);
+ return -EPROBE_DEFER;
+ } else if (ret) {
+ return ret;
+ }
+
+ digest = digest_alloc(algo);
+ if (!digest) {
+ dev_info(raw->dev, "algo %s not found - probe deferred\n",
+ algo);
+ return -EPROBE_DEFER;
+ }
+
+ ret = digest_set_key(digest, key, key_len);
+ if (ret) {
+ digest_free(digest);
+ return ret;
+ }
+
+ raw->digest = digest;
+ raw->digest_length = digest_length(digest);
+
+ return 0;
+}
+
+int backend_format_raw_create(struct state_backend_format **format,
+ struct device_node *node, const char *secret_name,
+ struct device_d *dev)
+{
+ struct state_backend_format_raw *raw;
+ int ret;
+
+ raw = xzalloc(sizeof(*raw));
+ if (!raw)
+ return -ENOMEM;
+
+ raw->dev = dev;
+ ret = backend_format_raw_init_digest(raw, node, secret_name);
+ if (ret == -EPROBE_DEFER) {
+ return ret;
+ } else if (ret) {
+ dev_err(raw->dev, "Failed initializing digest for raw format, %d\n",
+ ret);
+ free(raw);
+ return ret;
+ }
+
+ raw->format.pack = backend_format_raw_pack;
+ raw->format.unpack = backend_format_raw_unpack;
+ raw->format.verify = backend_format_raw_verify;
+ raw->format.free = backend_format_raw_free;
+ raw->format.name = "raw";
+ *format = &raw->format;
+
+ return 0;
+}
+
+struct digest *state_backend_format_raw_get_digest(struct state_backend_format
+ *format)
+{
+ struct state_backend_format_raw *backend_raw = get_format_raw(format);
+
+ return backend_raw->digest;
+}