summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--commands/login.c24
-rw-r--r--commands/passwd.c8
-rw-r--r--common/Kconfig23
-rw-r--r--common/Makefile20
-rw-r--r--common/console.c6
-rw-r--r--common/console_common.c60
-rw-r--r--common/console_simple.c7
-rw-r--r--common/globalvar.c2
-rw-r--r--common/password.c94
-rw-r--r--common/startup.c2
-rw-r--r--defaultenv-2/base/bin/init18
-rw-r--r--drivers/base/driver.c6
-rw-r--r--include/console.h5
-rw-r--r--include/globalvar.h84
-rw-r--r--include/password.h22
-rw-r--r--include/printk.h9
16 files changed, 360 insertions, 30 deletions
diff --git a/commands/login.c b/commands/login.c
index fb6bb35cfc..b616bf15fc 100644
--- a/commands/login.c
+++ b/commands/login.c
@@ -20,6 +20,11 @@
#include <complete.h>
#include <password.h>
#include <getopt.h>
+#include <environment.h>
+#include <globalvar.h>
+#include <magicvar.h>
+#include <init.h>
+#include <console.h>
#define PASSWD_MAX_LENGTH (128 + 1)
@@ -31,13 +36,16 @@
#define LOGIN_MODE HIDE
#endif
+static int login_timeout = 0;
+
static int do_login(int argc, char *argv[])
{
unsigned char passwd[PASSWD_MAX_LENGTH];
int passwd_len, opt;
- int timeout = 0;
+ int timeout = login_timeout;
char *timeout_cmd = "boot";
+ console_allow_input(true);
if (!is_passwd_enable()) {
puts("login: password not set\n");
return 0;
@@ -58,8 +66,10 @@ static int do_login(int argc, char *argv[])
puts("Password: ");
passwd_len = password(passwd, PASSWD_MAX_LENGTH, LOGIN_MODE, timeout);
- if (passwd_len < 0)
+ if (passwd_len < 0) {
+ console_allow_input(false);
run_command(timeout_cmd, 0);
+ }
if (check_passwd(passwd, passwd_len))
return 0;
@@ -80,3 +90,13 @@ BAREBOX_CMD_START(login)
BAREBOX_CMD_HELP(cmd_login_help)
BAREBOX_CMD_COMPLETE(empty_complete)
BAREBOX_CMD_END
+
+static int login_global_init(void)
+{
+ globalvar_add_simple_int("login.timeout", &login_timeout, "%d");
+
+ return 0;
+}
+late_initcall(login_global_init);
+
+BAREBOX_MAGICVAR_NAMED(global_login_timeout, global.login.timeout, "timeout to type the password");
diff --git a/commands/passwd.c b/commands/passwd.c
index baccfa6c0c..368c4016b9 100644
--- a/commands/passwd.c
+++ b/commands/passwd.c
@@ -63,7 +63,7 @@ static int do_passwd(int argc, char *argv[])
goto err;
}
- ret = set_passwd(passwd1, passwd1_len);
+ ret = set_env_passwd(passwd1, passwd1_len);
if (ret < 0) {
puts("Sorry, passwords write failed\n");
@@ -78,15 +78,15 @@ err:
return 1;
disable:
- passwd_disable();
+ passwd_env_disable();
puts("passwd: password disabled\n");
return ret;
}
static const __maybe_unused char cmd_passwd_help[] =
"Usage: passwd\n"
-"passwd allow you to specify a password\n"
-"to disable it put an empty password\n"
+"passwd allow you to specify a password in the env\n"
+"to disable it put an empty password will still use the default password if set\n"
;
BAREBOX_CMD_START(passwd)
diff --git a/common/Kconfig b/common/Kconfig
index 7b0b0db2cf..13419dc5bd 100644
--- a/common/Kconfig
+++ b/common/Kconfig
@@ -386,6 +386,11 @@ config PASSWORD
help
allow you to have password protection framework
+config PASSWORD_DEFAULT
+ string
+ prompt "Password default"
+ depends on PASSWORD
+
if PASSWORD
choice
@@ -604,7 +609,7 @@ endmenu
menu "Debugging"
config COMPILE_LOGLEVEL
- int "loglevel"
+ int "compile loglevel"
default 6
help
This defines the maximum loglevel compiled into the binary. Less important
@@ -619,6 +624,22 @@ config COMPILE_LOGLEVEL
6 informational (info)
7 debug-level messages (debug)
+config DEFAULT_LOGLEVEL
+ int "default loglevel"
+ default 7
+ help
+ This defines the default runtime loglevel. It can be changed using the
+ global.loglevel variable. Available logelevels are:
+
+ 0 system is unusable (emerg)
+ 1 action must be taken immediately (alert)
+ 2 critical conditions (crit)
+ 3 error conditions (err)
+ 4 warning conditions (warn)
+ 5 normal but significant condition (notice)
+ 6 informational (info)
+ 7 debug-level messages (debug)
+
config DEBUG_INFO
bool
prompt "enable debug symbols"
diff --git a/common/Makefile b/common/Makefile
index 64eacc3047..9a9e3fe7d9 100644
--- a/common/Makefile
+++ b/common/Makefile
@@ -114,6 +114,26 @@ cmd_env_h = cat $< | (cd $(obj) && $(objtree)/scripts/bin2c default_environment)
$(obj)/barebox_default_env.h: $(obj)/barebox_default_env$(barebox_default_env_comp) FORCE
$(call if_changed,env_h)
+quiet_cmd_pwd_h = PWDH $@
+ifneq ($(CONFIG_PASSWORD_DEFAULT),"")
+PASSWD_FILE := $(shell cd $(srctree); find $(CONFIG_PASSWORD_DEFAULT) -type f)
+cmd_pwd_h = echo -n "const char default_passwd[] = \"" > $@; \
+ cat $< | tr -d '\n' >> $@; \
+ echo "\";" >> $@
+
+include/generated/passwd.h: $(PASSWD_FILE)
+ $(call if_changed,pwd_h)
+else
+cmd_pwd_h = echo "const char default_passwd[] = \"\";" > $@
+
+include/generated/passwd.h: FORCE
+ $(call if_changed,pwd_h)
+endif
+
+targets += include/generated/passwd.h
+
+$(obj)/password.o: include/generated/passwd.h
+
# dependencies on generated files need to be listed explicitly
$(obj)/version.o: include/generated/compile.h
diff --git a/common/console.c b/common/console.c
index 4ca5f1809f..56bc864ad1 100644
--- a/common/console.c
+++ b/common/console.c
@@ -238,6 +238,9 @@ int getc(void)
unsigned char ch;
uint64_t start;
+ if (unlikely(!console_is_input_allow()))
+ return -EPERM;
+
/*
* For 100us we read the characters from the serial driver
* into a kfifo. This helps us not to lose characters
@@ -272,6 +275,9 @@ EXPORT_SYMBOL(fgetc);
int tstc(void)
{
+ if (unlikely(!console_is_input_allow()))
+ return 0;
+
return kfifo_len(console_input_fifo) || tstc_raw();
}
EXPORT_SYMBOL(tstc);
diff --git a/common/console_common.c b/common/console_common.c
index a3aca6f46b..5d2ccdb6e7 100644
--- a/common/console_common.c
+++ b/common/console_common.c
@@ -21,9 +21,69 @@
#include <common.h>
#include <fs.h>
#include <errno.h>
+#include <console.h>
+#include <init.h>
+#include <environment.h>
+#include <globalvar.h>
+#include <magicvar.h>
+#include <password.h>
#ifndef CONFIG_CONSOLE_NONE
+static int console_input_allow;
+
+static int console_global_init(void)
+{
+ if (IS_ENABLED(CONFIG_CMD_LOGIN) && is_passwd_enable())
+ console_input_allow = 0;
+ else
+ console_input_allow = 1;
+
+ globalvar_add_simple_bool("console.input_allow", &console_input_allow);
+
+ return 0;
+}
+late_initcall(console_global_init);
+
+BAREBOX_MAGICVAR_NAMED(global_console_input_allow, global.console.input_allow, "console input allowed");
+
+bool console_is_input_allow(void)
+{
+ return console_input_allow;
+}
+
+void console_allow_input(bool val)
+{
+ console_input_allow = val;
+}
+
+int barebox_loglevel = CONFIG_DEFAULT_LOGLEVEL;
+
+int pr_print(int level, const char *fmt, ...)
+{
+ va_list args;
+ uint i;
+ char printbuffer[CFG_PBSIZE];
+
+ if (level > barebox_loglevel)
+ return 0;
+
+ va_start(args, fmt);
+ i = vsprintf(printbuffer, fmt, args);
+ va_end(args);
+
+ /* Print the string */
+ puts(printbuffer);
+
+ return i;
+}
+
+static int loglevel_init(void)
+{
+ return globalvar_add_simple_int("loglevel", &barebox_loglevel, "%d");
+}
+device_initcall(loglevel_init);
+
int printf(const char *fmt, ...)
{
va_list args;
diff --git a/common/console_simple.c b/common/console_simple.c
index 5ab937fdb7..6cb72bb46a 100644
--- a/common/console_simple.c
+++ b/common/console_simple.c
@@ -3,6 +3,7 @@
#include <fs.h>
#include <errno.h>
#include <debug_ll.h>
+#include <console.h>
LIST_HEAD(console_list);
EXPORT_SYMBOL(console_list);
@@ -40,6 +41,9 @@ EXPORT_SYMBOL(console_putc);
int tstc(void)
{
+ if (unlikely(!console_is_input_allow()))
+ return 0;
+
if (!console)
return 0;
@@ -49,6 +53,9 @@ EXPORT_SYMBOL(tstc);
int getc(void)
{
+ if (unlikely(!console_is_input_allow()))
+ return -EPERM;
+
if (!console)
return -EINVAL;
return console->getc(console);
diff --git a/common/globalvar.c b/common/globalvar.c
index edb66ddca6..6ef4a6a680 100644
--- a/common/globalvar.c
+++ b/common/globalvar.c
@@ -6,7 +6,7 @@
#include <magicvar.h>
#include <generated/utsrelease.h>
-static struct device_d global_device = {
+struct device_d global_device = {
.name = "global",
.id = DEVICE_ID_SINGLE,
};
diff --git a/common/password.c b/common/password.c
index d157a11b7b..9c1e54a359 100644
--- a/common/password.c
+++ b/common/password.c
@@ -25,6 +25,7 @@
#include <malloc.h>
#include <xfuncs.h>
#include <clock.h>
+#include <generated/passwd.h>
#if defined(CONFIG_PASSWD_SUM_MD5)
#define PASSWD_SUM "md5"
@@ -97,7 +98,13 @@ int password(unsigned char *passwd, size_t length, int flags, int timeout)
}
EXPORT_SYMBOL(password);
-int is_passwd_enable(void)
+int is_passwd_default_enable(void)
+{
+ return strlen(default_passwd) > 0;
+}
+EXPORT_SYMBOL(is_passwd_default_enable);
+
+int is_passwd_env_enable(void)
{
int fd;
@@ -110,13 +117,13 @@ int is_passwd_enable(void)
return 1;
}
-EXPORT_SYMBOL(is_passwd_enable);
+EXPORT_SYMBOL(is_passwd_env_enable);
-int passwd_disable(void)
+int passwd_env_disable(void)
{
return unlink(PASSWD_FILE);
}
-EXPORT_SYMBOL(passwd_disable);
+EXPORT_SYMBOL(passwd_env_disable);
static unsigned char to_digit(unsigned char c)
{
@@ -140,6 +147,43 @@ static unsigned char to_hexa(unsigned char c)
int read_passwd(unsigned char *sum, size_t length)
{
+ if (is_passwd_env_enable())
+ return read_env_passwd(sum, length);
+ else if (is_passwd_default_enable())
+ return read_default_passwd(sum, length);
+ else
+ return -EINVAL;
+}
+
+int read_default_passwd(unsigned char *sum, size_t length)
+{
+ int i = 0;
+ int len = strlen(default_passwd);
+ unsigned char *buf = (unsigned char *)default_passwd;
+ unsigned char c;
+
+ if (!sum || length < 1)
+ return -EINVAL;
+
+ for (i = 0; i < len && length > 0; i++) {
+ c = buf[i];
+ i++;
+
+ *sum = to_digit(c) << 4;
+
+ c = buf[i];
+
+ *sum |= to_digit(c);
+ sum++;
+ length--;
+ }
+
+ return 0;
+}
+EXPORT_SYMBOL(read_default_passwd);
+
+int read_env_passwd(unsigned char *sum, size_t length)
+{
int fd;
int ret = 0;
unsigned char c;
@@ -178,9 +222,9 @@ exit:
return ret;
}
-EXPORT_SYMBOL(read_passwd);
+EXPORT_SYMBOL(read_env_passwd);
-int write_passwd(unsigned char *sum, size_t length)
+int write_env_passwd(unsigned char *sum, size_t length)
{
int fd;
unsigned char c;
@@ -227,9 +271,9 @@ exit:
return ret;
}
-EXPORT_SYMBOL(write_passwd);
+EXPORT_SYMBOL(write_env_passwd);
-int check_passwd(unsigned char* passwd, size_t length)
+static int __check_passwd(unsigned char* passwd, size_t length, int std)
{
struct digest *d;
unsigned char *passwd1_sum;
@@ -256,7 +300,10 @@ int check_passwd(unsigned char* passwd, size_t length)
d->final(d, passwd1_sum);
- ret = read_passwd(passwd2_sum, d->length);
+ if (std)
+ ret = read_env_passwd(passwd2_sum, d->length);
+ else
+ ret = read_default_passwd(passwd2_sum, d->length);
if (ret < 0)
goto err2;
@@ -271,9 +318,30 @@ err1:
return ret;
}
-EXPORT_SYMBOL(check_passwd);
-int set_passwd(unsigned char* passwd, size_t length)
+int check_default_passwd(unsigned char* passwd, size_t length)
+{
+ return __check_passwd(passwd, length, 0);
+}
+EXPORT_SYMBOL(check_default_passwd);
+
+int check_env_passwd(unsigned char* passwd, size_t length)
+{
+ return __check_passwd(passwd, length, 1);
+}
+EXPORT_SYMBOL(check_env_passwd);
+
+int check_passwd(unsigned char* passwd, size_t length)
+{
+ if (is_passwd_env_enable())
+ return check_env_passwd(passwd, length);
+ else if (is_passwd_default_enable())
+ return check_default_passwd(passwd, length);
+ else
+ return -EINVAL;
+}
+
+int set_env_passwd(unsigned char* passwd, size_t length)
{
struct digest *d;
unsigned char *passwd_sum;
@@ -292,10 +360,10 @@ int set_passwd(unsigned char* passwd, size_t length)
d->final(d, passwd_sum);
- ret = write_passwd(passwd_sum, d->length);
+ ret = write_env_passwd(passwd_sum, d->length);
free(passwd_sum);
return ret;
}
-EXPORT_SYMBOL(set_passwd);
+EXPORT_SYMBOL(set_env_passwd);
diff --git a/common/startup.c b/common/startup.c
index 9b33a92c86..0a36c07aae 100644
--- a/common/startup.c
+++ b/common/startup.c
@@ -138,6 +138,8 @@ void __noreturn start_barebox(void)
run_command("source /env/bin/init", 0);
} else {
pr_err("/env/bin/init not found\n");
+ if (IS_ENABLED(CONFIG_CMD_LOGIN))
+ while(run_command("login -t 0", 0));
}
}
diff --git a/defaultenv-2/base/bin/init b/defaultenv-2/base/bin/init
index ca02ba6427..81b3434913 100644
--- a/defaultenv-2/base/bin/init
+++ b/defaultenv-2/base/bin/init
@@ -16,14 +16,24 @@ global editcmd=sedit
[ -e /env/config-board ] && /env/config-board
/env/config
+# request password to login if a timeout is specified and password set
+if [ -n ${global.login.timeout} ]; then
+ [ ${global.login.timeout} -gt 0 ] && login_cmd=login
+fi
+# allow the input if not
+[ -n ${global.console.input_allow} ] && global.console.input_allow=1
+
# allow to stop the boot before execute the /env/init/*
# but without waiting
timeout -s -a -v key 0
if [ "${key}" = "q" ]; then
+ ${login_cmd}
exit
fi
+[ -n ${login_cmd} ] && global.console.input_allow=0
+
for i in /env/init/*; do
. $i
done
@@ -34,10 +44,15 @@ else
echo -e -n "\nHit any key to stop autoboot: "
fi
+[ -n ${login_cmd} ] && global.console.input_allow=1
+
timeout -a $global.autoboot_timeout -v key
autoboot="$?"
+[ -n ${login_cmd} ] && global.console.input_allow=0
+
if [ "${key}" = "q" ]; then
+ ${login_cmd}
exit
fi
@@ -46,9 +61,12 @@ if [ "$autoboot" = 0 ]; then
fi
if [ -e /env/menu ]; then
+ ${login_cmd}
if [ "${key}" != "m" ]; then
echo -e "\ntype exit to get to the menu"
sh
fi
/env/menu/mainmenu
fi
+
+${login_cmd}
diff --git a/drivers/base/driver.c b/drivers/base/driver.c
index 16b7f06c4a..e587e3acc1 100644
--- a/drivers/base/driver.c
+++ b/drivers/base/driver.c
@@ -26,6 +26,7 @@
#include <command.h>
#include <driver.h>
#include <malloc.h>
+#include <console.h>
#include <linux/ctype.h>
#include <errno.h>
#include <fs.h>
@@ -370,11 +371,14 @@ const char *dev_id(const struct device_d *dev)
return buf;
}
-int dev_printf(const struct device_d *dev, const char *format, ...)
+int dev_printf(int level, const struct device_d *dev, const char *format, ...)
{
va_list args;
int ret = 0;
+ if (level > barebox_loglevel)
+ return 0;
+
if (dev->driver && dev->driver->name)
ret += printf("%s ", dev->driver->name);
diff --git a/include/console.h b/include/console.h
index 707ba92f3a..d12a06ebe7 100644
--- a/include/console.h
+++ b/include/console.h
@@ -53,6 +53,11 @@ extern struct list_head console_list;
#define CFG_PBSIZE (CONFIG_CBSIZE+sizeof(CONFIG_PROMPT)+16)
+bool console_is_input_allow(void);
+void console_allow_input(bool val);
+
+extern int barebox_loglevel;
+
struct console_device *console_get_first_active(void);
#endif
diff --git a/include/globalvar.h b/include/globalvar.h
index c2a13b3657..456e8cd1f8 100644
--- a/include/globalvar.h
+++ b/include/globalvar.h
@@ -2,6 +2,10 @@
#define __GLOBALVAR_H
#include <param.h>
+#include <driver.h>
+#include <linux/err.h>
+
+extern struct device_d global_device;
#ifdef CONFIG_GLOBALVAR
int globalvar_add_simple(const char *name, const char *value);
@@ -12,12 +16,92 @@ int globalvar_add(const char *name,
unsigned long flags);
char *globalvar_get_match(const char *match, const char *separator);
void globalvar_set_match(const char *match, const char *val);
+
+static inline int globalvar_add_simple_int(const char *name,
+ int *value, const char *format)
+{
+ struct param_d *p;
+
+ p = dev_add_param_int(&global_device, name, NULL, NULL,
+ value, format, NULL);
+
+ if (IS_ERR(p))
+ return PTR_ERR(p);
+
+ return 0;
+}
+
+static inline int globalvar_add_simple_bool(const char *name,
+ int *value)
+{
+ struct param_d *p;
+
+ p = dev_add_param_bool(&global_device, name, NULL, NULL,
+ value, NULL);
+
+ if (IS_ERR(p))
+ return PTR_ERR(p);
+
+ return 0;
+}
+
+static inline int globalvar_add_simple_enum(const char *name,
+ int *value, const char **names, int max)
+{
+ struct param_d *p;
+
+ p = dev_add_param_enum(&global_device, name, NULL, NULL,
+ value, names, max, NULL);
+
+ if (IS_ERR(p))
+ return PTR_ERR(p);
+
+ return 0;
+}
+
+static inline int globalvar_add_simple_ip(const char *name,
+ IPaddr_t *ip)
+{
+ struct param_d *p;
+
+ p = dev_add_param_ip(&global_device, name, NULL, NULL,
+ ip, NULL);
+
+ if (IS_ERR(p))
+ return PTR_ERR(p);
+
+ return 0;
+}
#else
static inline int globalvar_add_simple(const char *name, const char *value)
{
return 0;
}
+static inline int globalvar_add_simple_int(const char *name,
+ int *value, const char *format)
+{
+ return 0;
+}
+
+static inline int globalvar_add_simple_bool(const char *name,
+ int *value)
+{
+ return 0;
+}
+
+static inline int globalvar_add_simple_enum(const char *name,
+ int *value, const char **names, int max)
+{
+ return 0;
+}
+
+static inline int globalvar_add_simple_ip(const char *name,
+ IPaddr_t *ip)
+{
+ return 0;
+}
+
static inline int globalvar_add(const char *name,
int (*set)(struct device_d *dev, struct param_d *p, const char *val),
const char *(*get)(struct device_d *, struct param_d *p),
diff --git a/include/password.h b/include/password.h
index df03cd7561..0dd1054054 100644
--- a/include/password.h
+++ b/include/password.h
@@ -28,11 +28,23 @@
int password(unsigned char *passwd, size_t length, int flags, int timeout);
int read_passwd(unsigned char *sum, size_t length);
-int write_passwd(unsigned char *sum, size_t length);
-
-int is_passwd_enable(void);
-int passwd_disable(void);
int check_passwd(unsigned char* passwd, size_t length);
-int set_passwd(unsigned char* passwd, size_t length);
+
+int read_env_passwd(unsigned char *sum, size_t length);
+int write_env_passwd(unsigned char *sum, size_t length);
+
+int read_default_passwd(unsigned char *sum, size_t length);
+int is_passwd_default_enable(void);
+int check_default_passwd(unsigned char* passwd, size_t length);
+
+int is_passwd_env_enable(void);
+int passwd_env_disable(void);
+int check_env_passwd(unsigned char* passwd, size_t length);
+int set_env_passwd(unsigned char* passwd, size_t length);
+
+static inline int is_passwd_enable(void)
+{
+ return is_passwd_default_enable() || is_passwd_env_enable();
+}
#endif /* __PASSWORD_H__ */
diff --git a/include/printk.h b/include/printk.h
index 86bf208425..f550f07bb8 100644
--- a/include/printk.h
+++ b/include/printk.h
@@ -18,12 +18,15 @@
/* debugging and troubleshooting/diagnostic helpers. */
-int dev_printf(const struct device_d *dev, const char *format, ...)
+int pr_print(int level, const char *format, ...)
__attribute__ ((format(__printf__, 2, 3)));
+int dev_printf(int level, const struct device_d *dev, const char *format, ...)
+ __attribute__ ((format(__printf__, 3, 4)));
+
#define __dev_printf(level, dev, format, args...) \
({ \
- (level) <= LOGLEVEL ? dev_printf((dev), (format), ##args) : 0; \
+ (level) <= LOGLEVEL ? dev_printf((level), (dev), (format), ##args) : 0; \
})
@@ -46,7 +49,7 @@ int dev_printf(const struct device_d *dev, const char *format, ...)
#define __pr_printk(level, format, args...) \
({ \
- (level) <= LOGLEVEL ? printk((format), ##args) : 0; \
+ (level) <= LOGLEVEL ? pr_print((level), (format), ##args) : 0; \
})
#ifndef pr_fmt