diff options
Diffstat (limited to 'common')
| -rw-r--r-- | common/Kconfig | 23 | ||||
| -rw-r--r-- | common/Makefile | 20 | ||||
| -rw-r--r-- | common/console.c | 6 | ||||
| -rw-r--r-- | common/console_common.c | 60 | ||||
| -rw-r--r-- | common/console_simple.c | 7 | ||||
| -rw-r--r-- | common/globalvar.c | 2 | ||||
| -rw-r--r-- | common/password.c | 94 | ||||
| -rw-r--r-- | common/startup.c | 2 |
8 files changed, 199 insertions, 15 deletions
diff --git a/common/Kconfig b/common/Kconfig index 7b0b0db2cf..13419dc5bd 100644 --- a/common/Kconfig +++ b/common/Kconfig @@ -386,6 +386,11 @@ config PASSWORD help allow you to have password protection framework +config PASSWORD_DEFAULT + string + prompt "Password default" + depends on PASSWORD + if PASSWORD choice @@ -604,7 +609,7 @@ endmenu menu "Debugging" config COMPILE_LOGLEVEL - int "loglevel" + int "compile loglevel" default 6 help This defines the maximum loglevel compiled into the binary. Less important @@ -619,6 +624,22 @@ config COMPILE_LOGLEVEL 6 informational (info) 7 debug-level messages (debug) +config DEFAULT_LOGLEVEL + int "default loglevel" + default 7 + help + This defines the default runtime loglevel. It can be changed using the + global.loglevel variable. Available logelevels are: + + 0 system is unusable (emerg) + 1 action must be taken immediately (alert) + 2 critical conditions (crit) + 3 error conditions (err) + 4 warning conditions (warn) + 5 normal but significant condition (notice) + 6 informational (info) + 7 debug-level messages (debug) + config DEBUG_INFO bool prompt "enable debug symbols" diff --git a/common/Makefile b/common/Makefile index 64eacc3047..9a9e3fe7d9 100644 --- a/common/Makefile +++ b/common/Makefile @@ -114,6 +114,26 @@ cmd_env_h = cat $< | (cd $(obj) && $(objtree)/scripts/bin2c default_environment) $(obj)/barebox_default_env.h: $(obj)/barebox_default_env$(barebox_default_env_comp) FORCE $(call if_changed,env_h) +quiet_cmd_pwd_h = PWDH $@ +ifneq ($(CONFIG_PASSWORD_DEFAULT),"") +PASSWD_FILE := $(shell cd $(srctree); find $(CONFIG_PASSWORD_DEFAULT) -type f) +cmd_pwd_h = echo -n "const char default_passwd[] = \"" > $@; \ + cat $< | tr -d '\n' >> $@; \ + echo "\";" >> $@ + +include/generated/passwd.h: $(PASSWD_FILE) + $(call if_changed,pwd_h) +else +cmd_pwd_h = echo "const char default_passwd[] = \"\";" > $@ + +include/generated/passwd.h: FORCE + $(call if_changed,pwd_h) +endif + +targets += include/generated/passwd.h + +$(obj)/password.o: include/generated/passwd.h + # dependencies on generated files need to be listed explicitly $(obj)/version.o: include/generated/compile.h diff --git a/common/console.c b/common/console.c index 4ca5f1809f..56bc864ad1 100644 --- a/common/console.c +++ b/common/console.c @@ -238,6 +238,9 @@ int getc(void) unsigned char ch; uint64_t start; + if (unlikely(!console_is_input_allow())) + return -EPERM; + /* * For 100us we read the characters from the serial driver * into a kfifo. This helps us not to lose characters @@ -272,6 +275,9 @@ EXPORT_SYMBOL(fgetc); int tstc(void) { + if (unlikely(!console_is_input_allow())) + return 0; + return kfifo_len(console_input_fifo) || tstc_raw(); } EXPORT_SYMBOL(tstc); diff --git a/common/console_common.c b/common/console_common.c index a3aca6f46b..5d2ccdb6e7 100644 --- a/common/console_common.c +++ b/common/console_common.c @@ -21,9 +21,69 @@ #include <common.h> #include <fs.h> #include <errno.h> +#include <console.h> +#include <init.h> +#include <environment.h> +#include <globalvar.h> +#include <magicvar.h> +#include <password.h> #ifndef CONFIG_CONSOLE_NONE +static int console_input_allow; + +static int console_global_init(void) +{ + if (IS_ENABLED(CONFIG_CMD_LOGIN) && is_passwd_enable()) + console_input_allow = 0; + else + console_input_allow = 1; + + globalvar_add_simple_bool("console.input_allow", &console_input_allow); + + return 0; +} +late_initcall(console_global_init); + +BAREBOX_MAGICVAR_NAMED(global_console_input_allow, global.console.input_allow, "console input allowed"); + +bool console_is_input_allow(void) +{ + return console_input_allow; +} + +void console_allow_input(bool val) +{ + console_input_allow = val; +} + +int barebox_loglevel = CONFIG_DEFAULT_LOGLEVEL; + +int pr_print(int level, const char *fmt, ...) +{ + va_list args; + uint i; + char printbuffer[CFG_PBSIZE]; + + if (level > barebox_loglevel) + return 0; + + va_start(args, fmt); + i = vsprintf(printbuffer, fmt, args); + va_end(args); + + /* Print the string */ + puts(printbuffer); + + return i; +} + +static int loglevel_init(void) +{ + return globalvar_add_simple_int("loglevel", &barebox_loglevel, "%d"); +} +device_initcall(loglevel_init); + int printf(const char *fmt, ...) { va_list args; diff --git a/common/console_simple.c b/common/console_simple.c index 5ab937fdb7..6cb72bb46a 100644 --- a/common/console_simple.c +++ b/common/console_simple.c @@ -3,6 +3,7 @@ #include <fs.h> #include <errno.h> #include <debug_ll.h> +#include <console.h> LIST_HEAD(console_list); EXPORT_SYMBOL(console_list); @@ -40,6 +41,9 @@ EXPORT_SYMBOL(console_putc); int tstc(void) { + if (unlikely(!console_is_input_allow())) + return 0; + if (!console) return 0; @@ -49,6 +53,9 @@ EXPORT_SYMBOL(tstc); int getc(void) { + if (unlikely(!console_is_input_allow())) + return -EPERM; + if (!console) return -EINVAL; return console->getc(console); diff --git a/common/globalvar.c b/common/globalvar.c index edb66ddca6..6ef4a6a680 100644 --- a/common/globalvar.c +++ b/common/globalvar.c @@ -6,7 +6,7 @@ #include <magicvar.h> #include <generated/utsrelease.h> -static struct device_d global_device = { +struct device_d global_device = { .name = "global", .id = DEVICE_ID_SINGLE, }; diff --git a/common/password.c b/common/password.c index d157a11b7b..9c1e54a359 100644 --- a/common/password.c +++ b/common/password.c @@ -25,6 +25,7 @@ #include <malloc.h> #include <xfuncs.h> #include <clock.h> +#include <generated/passwd.h> #if defined(CONFIG_PASSWD_SUM_MD5) #define PASSWD_SUM "md5" @@ -97,7 +98,13 @@ int password(unsigned char *passwd, size_t length, int flags, int timeout) } EXPORT_SYMBOL(password); -int is_passwd_enable(void) +int is_passwd_default_enable(void) +{ + return strlen(default_passwd) > 0; +} +EXPORT_SYMBOL(is_passwd_default_enable); + +int is_passwd_env_enable(void) { int fd; @@ -110,13 +117,13 @@ int is_passwd_enable(void) return 1; } -EXPORT_SYMBOL(is_passwd_enable); +EXPORT_SYMBOL(is_passwd_env_enable); -int passwd_disable(void) +int passwd_env_disable(void) { return unlink(PASSWD_FILE); } -EXPORT_SYMBOL(passwd_disable); +EXPORT_SYMBOL(passwd_env_disable); static unsigned char to_digit(unsigned char c) { @@ -140,6 +147,43 @@ static unsigned char to_hexa(unsigned char c) int read_passwd(unsigned char *sum, size_t length) { + if (is_passwd_env_enable()) + return read_env_passwd(sum, length); + else if (is_passwd_default_enable()) + return read_default_passwd(sum, length); + else + return -EINVAL; +} + +int read_default_passwd(unsigned char *sum, size_t length) +{ + int i = 0; + int len = strlen(default_passwd); + unsigned char *buf = (unsigned char *)default_passwd; + unsigned char c; + + if (!sum || length < 1) + return -EINVAL; + + for (i = 0; i < len && length > 0; i++) { + c = buf[i]; + i++; + + *sum = to_digit(c) << 4; + + c = buf[i]; + + *sum |= to_digit(c); + sum++; + length--; + } + + return 0; +} +EXPORT_SYMBOL(read_default_passwd); + +int read_env_passwd(unsigned char *sum, size_t length) +{ int fd; int ret = 0; unsigned char c; @@ -178,9 +222,9 @@ exit: return ret; } -EXPORT_SYMBOL(read_passwd); +EXPORT_SYMBOL(read_env_passwd); -int write_passwd(unsigned char *sum, size_t length) +int write_env_passwd(unsigned char *sum, size_t length) { int fd; unsigned char c; @@ -227,9 +271,9 @@ exit: return ret; } -EXPORT_SYMBOL(write_passwd); +EXPORT_SYMBOL(write_env_passwd); -int check_passwd(unsigned char* passwd, size_t length) +static int __check_passwd(unsigned char* passwd, size_t length, int std) { struct digest *d; unsigned char *passwd1_sum; @@ -256,7 +300,10 @@ int check_passwd(unsigned char* passwd, size_t length) d->final(d, passwd1_sum); - ret = read_passwd(passwd2_sum, d->length); + if (std) + ret = read_env_passwd(passwd2_sum, d->length); + else + ret = read_default_passwd(passwd2_sum, d->length); if (ret < 0) goto err2; @@ -271,9 +318,30 @@ err1: return ret; } -EXPORT_SYMBOL(check_passwd); -int set_passwd(unsigned char* passwd, size_t length) +int check_default_passwd(unsigned char* passwd, size_t length) +{ + return __check_passwd(passwd, length, 0); +} +EXPORT_SYMBOL(check_default_passwd); + +int check_env_passwd(unsigned char* passwd, size_t length) +{ + return __check_passwd(passwd, length, 1); +} +EXPORT_SYMBOL(check_env_passwd); + +int check_passwd(unsigned char* passwd, size_t length) +{ + if (is_passwd_env_enable()) + return check_env_passwd(passwd, length); + else if (is_passwd_default_enable()) + return check_default_passwd(passwd, length); + else + return -EINVAL; +} + +int set_env_passwd(unsigned char* passwd, size_t length) { struct digest *d; unsigned char *passwd_sum; @@ -292,10 +360,10 @@ int set_passwd(unsigned char* passwd, size_t length) d->final(d, passwd_sum); - ret = write_passwd(passwd_sum, d->length); + ret = write_env_passwd(passwd_sum, d->length); free(passwd_sum); return ret; } -EXPORT_SYMBOL(set_passwd); +EXPORT_SYMBOL(set_env_passwd); diff --git a/common/startup.c b/common/startup.c index 9b33a92c86..0a36c07aae 100644 --- a/common/startup.c +++ b/common/startup.c @@ -138,6 +138,8 @@ void __noreturn start_barebox(void) run_command("source /env/bin/init", 0); } else { pr_err("/env/bin/init not found\n"); + if (IS_ENABLED(CONFIG_CMD_LOGIN)) + while(run_command("login -t 0", 0)); } } |