1 /*
2 * This file is part of the flashrom project.
3 *
4 * Copyright (C) 2000 Silicon Integrated System Corporation
5 * Copyright (C) 2004 Tyan Corp <yhlu@tyan.com>
6 * Copyright (C) 2005-2008 coresystems GmbH
7 * Copyright (C) 2008,2009 Carl-Daniel Hailfinger
8 * Copyright (C) 2016 secunet Security Networks AG
9 * (Written by Nico Huber <nico.huber@secunet.com> for secunet)
10 *
11 * This program is free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License as published by
13 * the Free Software Foundation; either version 2 of the License, or
14 * (at your option) any later version.
15 *
16 * This program is distributed in the hope that it will be useful,
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 * GNU General Public License for more details.
20 */
21
22 #include <stdio.h>
23 #include <sys/types.h>
24 #ifndef __LIBPAYLOAD__
25 #include <fcntl.h>
26 #include <sys/stat.h>
27 #endif
28 #include <string.h>
29 #include <unistd.h>
30 #include <stdlib.h>
31 #include <errno.h>
32 #include <ctype.h>
33 #include <getopt.h>
34 #if HAVE_UTSNAME == 1
35 #include <sys/utsname.h>
36 #endif
37 #include "flash.h"
38 #include "flashchips.h"
39 #include "programmer.h"
40 #include "hwaccess.h"
41 #include "chipdrivers.h"
42
43 const char flashrom_version[] = FLASHROM_VERSION;
44 const char *chip_to_probe = NULL;
45
46 static enum programmer programmer = PROGRAMMER_INVALID;
47 static const char *programmer_param = NULL;
48
49 /*
50 * Programmers supporting multiple buses can have differing size limits on
51 * each bus. Store the limits for each bus in a common struct.
52 */
53 struct decode_sizes max_rom_decode;
54
55 /* If nonzero, used as the start address of bottom-aligned flash. */
56 unsigned long flashbase;
57
58 /* Is writing allowed with this programmer? */
59 int programmer_may_write;
60
61 const struct programmer_entry programmer_table[] = {
62 #if CONFIG_INTERNAL == 1
63 {
64 .name = "internal",
65 .type = OTHER,
66 .devs.note = NULL,
67 .init = internal_init,
68 .map_flash_region = physmap,
69 .unmap_flash_region = physunmap,
70 .delay = internal_delay,
71 },
72 #endif
73
74 #if CONFIG_DUMMY == 1
75 {
76 .name = "dummy",
77 .type = OTHER,
78 /* FIXME */
79 .devs.note = "Dummy device, does nothing and logs all accesses\n",
80 .init = dummy_init,
81 .map_flash_region = dummy_map,
82 .unmap_flash_region = dummy_unmap,
83 .delay = internal_delay,
84 },
85 #endif
86
87 #if CONFIG_NIC3COM == 1
88 {
89 .name = "nic3com",
90 .type = PCI,
91 .devs.dev = nics_3com,
92 .init = nic3com_init,
93 .map_flash_region = fallback_map,
94 .unmap_flash_region = fallback_unmap,
95 .delay = internal_delay,
96 },
97 #endif
98
99 #if CONFIG_NICREALTEK == 1
100 {
101 /* This programmer works for Realtek RTL8139 and SMC 1211. */
102 .name = "nicrealtek",
103 .type = PCI,
104 .devs.dev = nics_realtek,
105 .init = nicrealtek_init,
106 .map_flash_region = fallback_map,
107 .unmap_flash_region = fallback_unmap,
108 .delay = internal_delay,
109 },
110 #endif
111
112 #if CONFIG_NICNATSEMI == 1
113 {
114 .name = "nicnatsemi",
115 .type = PCI,
116 .devs.dev = nics_natsemi,
117 .init = nicnatsemi_init,
118 .map_flash_region = fallback_map,
119 .unmap_flash_region = fallback_unmap,
120 .delay = internal_delay,
121 },
122 #endif
123
124 #if CONFIG_GFXNVIDIA == 1
125 {
126 .name = "gfxnvidia",
127 .type = PCI,
128 .devs.dev = gfx_nvidia,
129 .init = gfxnvidia_init,
130 .map_flash_region = fallback_map,
131 .unmap_flash_region = fallback_unmap,
132 .delay = internal_delay,
133 },
134 #endif
135
136 #if CONFIG_DRKAISER == 1
137 {
138 .name = "drkaiser",
139 .type = PCI,
140 .devs.dev = drkaiser_pcidev,
141 .init = drkaiser_init,
142 .map_flash_region = fallback_map,
143 .unmap_flash_region = fallback_unmap,
144 .delay = internal_delay,
145 },
146 #endif
147
148 #if CONFIG_SATASII == 1
149 {
150 .name = "satasii",
151 .type = PCI,
152 .devs.dev = satas_sii,
153 .init = satasii_init,
154 .map_flash_region = fallback_map,
155 .unmap_flash_region = fallback_unmap,
156 .delay = internal_delay,
157 },
158 #endif
159
160 #if CONFIG_ATAHPT == 1
161 {
162 .name = "atahpt",
163 .type = PCI,
164 .devs.dev = ata_hpt,
165 .init = atahpt_init,
166 .map_flash_region = fallback_map,
167 .unmap_flash_region = fallback_unmap,
168 .delay = internal_delay,
169 },
170 #endif
171
172 #if CONFIG_ATAVIA == 1
173 {
174 .name = "atavia",
175 .type = PCI,
176 .devs.dev = ata_via,
177 .init = atavia_init,
178 .map_flash_region = atavia_map,
179 .unmap_flash_region = fallback_unmap,
180 .delay = internal_delay,
181 },
182 #endif
183
184 #if CONFIG_ATAPROMISE == 1
185 {
186 .name = "atapromise",
187 .type = PCI,
188 .devs.dev = ata_promise,
189 .init = atapromise_init,
190 .map_flash_region = atapromise_map,
191 .unmap_flash_region = fallback_unmap,
192 .delay = internal_delay,
193 },
194 #endif
195
196 #if CONFIG_IT8212 == 1
197 {
198 .name = "it8212",
199 .type = PCI,
200 .devs.dev = devs_it8212,
201 .init = it8212_init,
202 .map_flash_region = fallback_map,
203 .unmap_flash_region = fallback_unmap,
204 .delay = internal_delay,
205 },
206 #endif
207
208 #if CONFIG_FT2232_SPI == 1
209 {
210 .name = "ft2232_spi",
211 .type = USB,
212 .devs.dev = devs_ft2232spi,
213 .init = ft2232_spi_init,
214 .map_flash_region = fallback_map,
215 .unmap_flash_region = fallback_unmap,
216 .delay = internal_delay,
217 },
218 #endif
219
220 #if CONFIG_SERPROG == 1
221 {
222 .name = "serprog",
223 .type = OTHER,
224 /* FIXME */
225 .devs.note = "All programmer devices speaking the serprog protocol\n",
226 .init = serprog_init,
227 .map_flash_region = serprog_map,
228 .unmap_flash_region = fallback_unmap,
229 .delay = serprog_delay,
230 },
231 #endif
232
233 #if CONFIG_BUSPIRATE_SPI == 1
234 {
235 .name = "buspirate_spi",
236 .type = OTHER,
237 /* FIXME */
238 .devs.note = "Dangerous Prototypes Bus Pirate\n",
239 .init = buspirate_spi_init,
240 .map_flash_region = fallback_map,
241 .unmap_flash_region = fallback_unmap,
242 .delay = internal_delay,
243 },
244 #endif
245
246 #if CONFIG_DEDIPROG == 1
247 {
248 .name = "dediprog",
249 .type = USB,
250 .devs.dev = devs_dediprog,
251 .init = dediprog_init,
252 .map_flash_region = fallback_map,
253 .unmap_flash_region = fallback_unmap,
254 .delay = internal_delay,
255 },
256 #endif
257
258 #if CONFIG_DEVELOPERBOX_SPI == 1
259 {
260 .name = "developerbox",
261 .type = USB,
262 .devs.dev = devs_developerbox_spi,
263 .init = developerbox_spi_init,
264 .map_flash_region = fallback_map,
265 .unmap_flash_region = fallback_unmap,
266 .delay = internal_delay,
267 },
268 #endif
269
270 #if CONFIG_RAYER_SPI == 1
271 {
272 .name = "rayer_spi",
273 .type = OTHER,
274 /* FIXME */
275 .devs.note = "RayeR parallel port programmer\n",
276 .init = rayer_spi_init,
277 .map_flash_region = fallback_map,
278 .unmap_flash_region = fallback_unmap,
279 .delay = internal_delay,
280 },
281 #endif
282
283 #if CONFIG_PONY_SPI == 1
284 {
285 .name = "pony_spi",
286 .type = OTHER,
287 /* FIXME */
288 .devs.note = "Programmers compatible with SI-Prog, serbang or AJAWe\n",
289 .init = pony_spi_init,
290 .map_flash_region = fallback_map,
291 .unmap_flash_region = fallback_unmap,
292 .delay = internal_delay,
293 },
294 #endif
295
296 #if CONFIG_NICINTEL == 1
297 {
298 .name = "nicintel",
299 .type = PCI,
300 .devs.dev = nics_intel,
301 .init = nicintel_init,
302 .map_flash_region = fallback_map,
303 .unmap_flash_region = fallback_unmap,
304 .delay = internal_delay,
305 },
306 #endif
307
308 #if CONFIG_NICINTEL_SPI == 1
309 {
310 .name = "nicintel_spi",
311 .type = PCI,
312 .devs.dev = nics_intel_spi,
313 .init = nicintel_spi_init,
314 .map_flash_region = fallback_map,
315 .unmap_flash_region = fallback_unmap,
316 .delay = internal_delay,
317 },
318 #endif
319
320 #if CONFIG_NICINTEL_EEPROM == 1
321 {
322 .name = "nicintel_eeprom",
323 .type = PCI,
324 .devs.dev = nics_intel_ee,
325 .init = nicintel_ee_init,
326 .map_flash_region = fallback_map,
327 .unmap_flash_region = fallback_unmap,
328 .delay = internal_delay,
329 },
330 #endif
331
332 #if CONFIG_OGP_SPI == 1
333 {
334 .name = "ogp_spi",
335 .type = PCI,
336 .devs.dev = ogp_spi,
337 .init = ogp_spi_init,
338 .map_flash_region = fallback_map,
339 .unmap_flash_region = fallback_unmap,
340 .delay = internal_delay,
341 },
342 #endif
343
344 #if CONFIG_SATAMV == 1
345 {
346 .name = "satamv",
347 .type = PCI,
348 .devs.dev = satas_mv,
349 .init = satamv_init,
350 .map_flash_region = fallback_map,
351 .unmap_flash_region = fallback_unmap,
352 .delay = internal_delay,
353 },
354 #endif
355
356 #if CONFIG_LINUX_MTD == 1
357 {
358 .name = "linux_mtd",
359 .type = OTHER,
360 .devs.note = "Device files /dev/mtd*\n",
361 .init = linux_mtd_init,
362 .map_flash_region = fallback_map,
363 .unmap_flash_region = fallback_unmap,
364 .delay = internal_delay,
365 },
366 #endif
367
368 #if CONFIG_LINUX_SPI == 1
369 {
370 .name = "linux_spi",
371 .type = OTHER,
372 .devs.note = "Device files /dev/spidev*.*\n",
373 .init = linux_spi_init,
374 .map_flash_region = fallback_map,
375 .unmap_flash_region = fallback_unmap,
376 .delay = internal_delay,
377 },
378 #endif
379
380 #if CONFIG_USBBLASTER_SPI == 1
381 {
382 .name = "usbblaster_spi",
383 .type = USB,
384 .devs.dev = devs_usbblasterspi,
385 .init = usbblaster_spi_init,
386 .map_flash_region = fallback_map,
387 .unmap_flash_region = fallback_unmap,
388 .delay = internal_delay,
389 },
390 #endif
391
392 #if CONFIG_MSTARDDC_SPI == 1
393 {
394 .name = "mstarddc_spi",
395 .type = OTHER,
396 .devs.note = "MSTAR DDC devices addressable via /dev/i2c-* on Linux.\n",
397 .init = mstarddc_spi_init,
398 .map_flash_region = fallback_map,
399 .unmap_flash_region = fallback_unmap,
400 .delay = internal_delay,
401 },
402 #endif
403
404 #if CONFIG_PICKIT2_SPI == 1
405 {
406 .name = "pickit2_spi",
407 .type = USB,
408 .devs.dev = devs_pickit2_spi,
409 .init = pickit2_spi_init,
410 .map_flash_region = fallback_map,
411 .unmap_flash_region = fallback_unmap,
412 .delay = internal_delay,
413 },
414 #endif
415
416 #if CONFIG_CH341A_SPI == 1
417 {
418 .name = "ch341a_spi",
419 .type = USB,
420 .devs.dev = devs_ch341a_spi,
421 .init = ch341a_spi_init,
422 .map_flash_region = fallback_map,
423 .unmap_flash_region = fallback_unmap,
424 .delay = ch341a_spi_delay,
425 },
426 #endif
427
428 #if CONFIG_DIGILENT_SPI == 1
429 {
430 .name = "digilent_spi",
431 .type = USB,
432 .devs.dev = devs_digilent_spi,
433 .init = digilent_spi_init,
434 .map_flash_region = fallback_map,
435 .unmap_flash_region = fallback_unmap,
436 .delay = internal_delay,
437 },
438 #endif
439
440 #if CONFIG_JLINK_SPI == 1
441 {
442 .name = "jlink_spi",
443 .type = OTHER,
444 .init = jlink_spi_init,
445 .devs.note = "SEGGER J-Link and compatible devices\n",
446 .map_flash_region = fallback_map,
447 .unmap_flash_region = fallback_unmap,
448 .delay = internal_delay,
449 },
450 #endif
451
452 #if CONFIG_NI845X_SPI == 1
453 {
454 .name = "ni845x_spi",
455 .type = OTHER, // choose other because NI-845x uses own USB implementation
456 .devs.note = "National Instruments USB-845x\n",
457 .init = ni845x_spi_init,
458 .map_flash_region = fallback_map,
459 .unmap_flash_region = fallback_unmap,
460 .delay = internal_delay,
461 },
462 #endif
463
464 #if CONFIG_STLINKV3_SPI == 1
465 {
466 .name = "stlinkv3_spi",
467 .type = USB,
468 .devs.dev = devs_stlinkv3_spi,
469 .init = stlinkv3_spi_init,
470 .map_flash_region = fallback_map,
471 .unmap_flash_region = fallback_unmap,
472 .delay = internal_delay,
473 },
474 #endif
475
476 {0}, /* This entry corresponds to PROGRAMMER_INVALID. */
477 };
478
479 #define SHUTDOWN_MAXFN 32
480 static int shutdown_fn_count = 0;
481 /** @private */
482 static struct shutdown_func_data {
483 int (*func) (void *data);
484 void *data;
485 } shutdown_fn[SHUTDOWN_MAXFN];
486 /* Initialize to 0 to make sure nobody registers a shutdown function before
487 * programmer init.
488 */
489 static int may_register_shutdown = 0;
490
491 /* Did we change something or was every erase/write skipped (if any)? */
492 static bool all_skipped = true;
493
494 static int check_block_eraser(const struct flashctx *flash, int k, int log);
495
shutdown_free(void * data)496 int shutdown_free(void *data)
497 {
498 free(data);
499 return 0;
500 }
501
502 /* Register a function to be executed on programmer shutdown.
503 * The advantage over atexit() is that you can supply a void pointer which will
504 * be used as parameter to the registered function upon programmer shutdown.
505 * This pointer can point to arbitrary data used by said function, e.g. undo
506 * information for GPIO settings etc. If unneeded, set data=NULL.
507 * Please note that the first (void *data) belongs to the function signature of
508 * the function passed as first parameter.
509 */
register_shutdown(int (* function)(void * data),void * data)510 int register_shutdown(int (*function) (void *data), void *data)
511 {
512 if (shutdown_fn_count >= SHUTDOWN_MAXFN) {
513 msg_perr("Tried to register more than %i shutdown functions.\n",
514 SHUTDOWN_MAXFN);
515 return 1;
516 }
517 if (!may_register_shutdown) {
518 msg_perr("Tried to register a shutdown function before "
519 "programmer init.\n");
520 return 1;
521 }
522 shutdown_fn[shutdown_fn_count].func = function;
523 shutdown_fn[shutdown_fn_count].data = data;
524 shutdown_fn_count++;
525
526 return 0;
527 }
528
programmer_init(enum programmer prog,const char * param)529 int programmer_init(enum programmer prog, const char *param)
530 {
531 int ret;
532
533 if (prog >= PROGRAMMER_INVALID) {
534 msg_perr("Invalid programmer specified!\n");
535 return -1;
536 }
537 programmer = prog;
538 /* Initialize all programmer specific data. */
539 /* Default to unlimited decode sizes. */
540 max_rom_decode = (const struct decode_sizes) {
541 .parallel = 0xffffffff,
542 .lpc = 0xffffffff,
543 .fwh = 0xffffffff,
544 .spi = 0xffffffff,
545 };
546 /* Default to top aligned flash at 4 GB. */
547 flashbase = 0;
548 /* Registering shutdown functions is now allowed. */
549 may_register_shutdown = 1;
550 /* Default to allowing writes. Broken programmers set this to 0. */
551 programmer_may_write = 1;
552
553 programmer_param = param;
554 msg_pdbg("Initializing %s programmer\n", programmer_table[programmer].name);
555 ret = programmer_table[programmer].init();
556 if (programmer_param && strlen(programmer_param)) {
557 if (ret != 0) {
558 /* It is quite possible that any unhandled programmer parameter would have been valid,
559 * but an error in actual programmer init happened before the parameter was evaluated.
560 */
561 msg_pwarn("Unhandled programmer parameters (possibly due to another failure): %s\n",
562 programmer_param);
563 } else {
564 /* Actual programmer init was successful, but the user specified an invalid or unusable
565 * (for the current programmer configuration) parameter.
566 */
567 msg_perr("Unhandled programmer parameters: %s\n", programmer_param);
568 msg_perr("Aborting.\n");
569 ret = ERROR_FATAL;
570 }
571 }
572 return ret;
573 }
574
575 /** Calls registered shutdown functions and resets internal programmer-related variables.
576 * Calling it is safe even without previous initialization, but further interactions with programmer support
577 * require a call to programmer_init() (afterwards).
578 *
579 * @return The OR-ed result values of all shutdown functions (i.e. 0 on success). */
programmer_shutdown(void)580 int programmer_shutdown(void)
581 {
582 int ret = 0;
583
584 /* Registering shutdown functions is no longer allowed. */
585 may_register_shutdown = 0;
586 while (shutdown_fn_count > 0) {
587 int i = --shutdown_fn_count;
588 ret |= shutdown_fn[i].func(shutdown_fn[i].data);
589 }
590
591 programmer_param = NULL;
592 registered_master_count = 0;
593
594 return ret;
595 }
596
programmer_map_flash_region(const char * descr,uintptr_t phys_addr,size_t len)597 void *programmer_map_flash_region(const char *descr, uintptr_t phys_addr, size_t len)
598 {
599 void *ret = programmer_table[programmer].map_flash_region(descr, phys_addr, len);
600 msg_gspew("%s: mapping %s from 0x%0*" PRIxPTR " to 0x%0*" PRIxPTR "\n",
601 __func__, descr, PRIxPTR_WIDTH, phys_addr, PRIxPTR_WIDTH, (uintptr_t) ret);
602 return ret;
603 }
604
programmer_unmap_flash_region(void * virt_addr,size_t len)605 void programmer_unmap_flash_region(void *virt_addr, size_t len)
606 {
607 programmer_table[programmer].unmap_flash_region(virt_addr, len);
608 msg_gspew("%s: unmapped 0x%0*" PRIxPTR "\n", __func__, PRIxPTR_WIDTH, (uintptr_t)virt_addr);
609 }
610
chip_writeb(const struct flashctx * flash,uint8_t val,chipaddr addr)611 void chip_writeb(const struct flashctx *flash, uint8_t val, chipaddr addr)
612 {
613 flash->mst->par.chip_writeb(flash, val, addr);
614 }
615
chip_writew(const struct flashctx * flash,uint16_t val,chipaddr addr)616 void chip_writew(const struct flashctx *flash, uint16_t val, chipaddr addr)
617 {
618 flash->mst->par.chip_writew(flash, val, addr);
619 }
620
chip_writel(const struct flashctx * flash,uint32_t val,chipaddr addr)621 void chip_writel(const struct flashctx *flash, uint32_t val, chipaddr addr)
622 {
623 flash->mst->par.chip_writel(flash, val, addr);
624 }
625
chip_writen(const struct flashctx * flash,const uint8_t * buf,chipaddr addr,size_t len)626 void chip_writen(const struct flashctx *flash, const uint8_t *buf, chipaddr addr, size_t len)
627 {
628 flash->mst->par.chip_writen(flash, buf, addr, len);
629 }
630
chip_readb(const struct flashctx * flash,const chipaddr addr)631 uint8_t chip_readb(const struct flashctx *flash, const chipaddr addr)
632 {
633 return flash->mst->par.chip_readb(flash, addr);
634 }
635
chip_readw(const struct flashctx * flash,const chipaddr addr)636 uint16_t chip_readw(const struct flashctx *flash, const chipaddr addr)
637 {
638 return flash->mst->par.chip_readw(flash, addr);
639 }
640
chip_readl(const struct flashctx * flash,const chipaddr addr)641 uint32_t chip_readl(const struct flashctx *flash, const chipaddr addr)
642 {
643 return flash->mst->par.chip_readl(flash, addr);
644 }
645
chip_readn(const struct flashctx * flash,uint8_t * buf,chipaddr addr,size_t len)646 void chip_readn(const struct flashctx *flash, uint8_t *buf, chipaddr addr,
647 size_t len)
648 {
649 flash->mst->par.chip_readn(flash, buf, addr, len);
650 }
651
programmer_delay(unsigned int usecs)652 void programmer_delay(unsigned int usecs)
653 {
654 if (usecs > 0)
655 programmer_table[programmer].delay(usecs);
656 }
657
read_memmapped(struct flashctx * flash,uint8_t * buf,unsigned int start,int unsigned len)658 int read_memmapped(struct flashctx *flash, uint8_t *buf, unsigned int start,
659 int unsigned len)
660 {
661 chip_readn(flash, buf, flash->virtual_memory + start, len);
662
663 return 0;
664 }
665
666 /* This is a somewhat hacked function similar in some ways to strtok().
667 * It will look for needle with a subsequent '=' in haystack, return a copy of
668 * needle and remove everything from the first occurrence of needle to the next
669 * delimiter from haystack.
670 */
extract_param(const char * const * haystack,const char * needle,const char * delim)671 char *extract_param(const char *const *haystack, const char *needle, const char *delim)
672 {
673 char *param_pos, *opt_pos, *rest;
674 char *opt = NULL;
675 int optlen;
676 int needlelen;
677
678 needlelen = strlen(needle);
679 if (!needlelen) {
680 msg_gerr("%s: empty needle! Please report a bug at "
681 "flashrom@flashrom.org\n", __func__);
682 return NULL;
683 }
684 /* No programmer parameters given. */
685 if (*haystack == NULL)
686 return NULL;
687 param_pos = strstr(*haystack, needle);
688 do {
689 if (!param_pos)
690 return NULL;
691 /* Needle followed by '='? */
692 if (param_pos[needlelen] == '=') {
693 /* Beginning of the string? */
694 if (param_pos == *haystack)
695 break;
696 /* After a delimiter? */
697 if (strchr(delim, *(param_pos - 1)))
698 break;
699 }
700 /* Continue searching. */
701 param_pos++;
702 param_pos = strstr(param_pos, needle);
703 } while (1);
704
705 if (param_pos) {
706 /* Get the string after needle and '='. */
707 opt_pos = param_pos + needlelen + 1;
708 optlen = strcspn(opt_pos, delim);
709 /* Return an empty string if the parameter was empty. */
710 opt = malloc(optlen + 1);
711 if (!opt) {
712 msg_gerr("Out of memory!\n");
713 exit(1);
714 }
715 strncpy(opt, opt_pos, optlen);
716 opt[optlen] = '\0';
717 rest = opt_pos + optlen;
718 /* Skip all delimiters after the current parameter. */
719 rest += strspn(rest, delim);
720 memmove(param_pos, rest, strlen(rest) + 1);
721 /* We could shrink haystack, but the effort is not worth it. */
722 }
723
724 return opt;
725 }
726
extract_programmer_param(const char * param_name)727 char *extract_programmer_param(const char *param_name)
728 {
729 return extract_param(&programmer_param, param_name, ",");
730 }
731
732 /* Returns the number of well-defined erasers for a chip. */
count_usable_erasers(const struct flashctx * flash)733 static unsigned int count_usable_erasers(const struct flashctx *flash)
734 {
735 unsigned int usable_erasefunctions = 0;
736 int k;
737 for (k = 0; k < NUM_ERASEFUNCTIONS; k++) {
738 if (!check_block_eraser(flash, k, 0))
739 usable_erasefunctions++;
740 }
741 return usable_erasefunctions;
742 }
743
compare_range(const uint8_t * wantbuf,const uint8_t * havebuf,unsigned int start,unsigned int len)744 static int compare_range(const uint8_t *wantbuf, const uint8_t *havebuf, unsigned int start, unsigned int len)
745 {
746 int ret = 0, failcount = 0;
747 unsigned int i;
748 for (i = 0; i < len; i++) {
749 if (wantbuf[i] != havebuf[i]) {
750 /* Only print the first failure. */
751 if (!failcount++)
752 msg_cerr("FAILED at 0x%08x! Expected=0x%02x, Found=0x%02x,",
753 start + i, wantbuf[i], havebuf[i]);
754 }
755 }
756 if (failcount) {
757 msg_cerr(" failed byte count from 0x%08x-0x%08x: 0x%x\n",
758 start, start + len - 1, failcount);
759 ret = -1;
760 }
761 return ret;
762 }
763
764 /* start is an offset to the base address of the flash chip */
check_erased_range(struct flashctx * flash,unsigned int start,unsigned int len)765 static int check_erased_range(struct flashctx *flash, unsigned int start, unsigned int len)
766 {
767 int ret;
768 uint8_t *cmpbuf = malloc(len);
769 const uint8_t erased_value = ERASED_VALUE(flash);
770
771 if (!cmpbuf) {
772 msg_gerr("Could not allocate memory!\n");
773 exit(1);
774 }
775 memset(cmpbuf, erased_value, len);
776 ret = verify_range(flash, cmpbuf, start, len);
777 free(cmpbuf);
778 return ret;
779 }
780
781 /*
782 * @cmpbuf buffer to compare against, cmpbuf[0] is expected to match the
783 * flash content at location start
784 * @start offset to the base address of the flash chip
785 * @len length of the verified area
786 * @return 0 for success, -1 for failure
787 */
verify_range(struct flashctx * flash,const uint8_t * cmpbuf,unsigned int start,unsigned int len)788 int verify_range(struct flashctx *flash, const uint8_t *cmpbuf, unsigned int start, unsigned int len)
789 {
790 if (!len)
791 return -1;
792
793 if (!flash->chip->read) {
794 msg_cerr("ERROR: flashrom has no read function for this flash chip.\n");
795 return -1;
796 }
797
798 uint8_t *readbuf = malloc(len);
799 if (!readbuf) {
800 msg_gerr("Could not allocate memory!\n");
801 return -1;
802 }
803 int ret = 0;
804
805 if (start + len > flash->chip->total_size * 1024) {
806 msg_gerr("Error: %s called with start 0x%x + len 0x%x >"
807 " total_size 0x%x\n", __func__, start, len,
808 flash->chip->total_size * 1024);
809 ret = -1;
810 goto out_free;
811 }
812
813 ret = flash->chip->read(flash, readbuf, start, len);
814 if (ret) {
815 msg_gerr("Verification impossible because read failed "
816 "at 0x%x (len 0x%x)\n", start, len);
817 ret = -1;
818 goto out_free;
819 }
820
821 ret = compare_range(cmpbuf, readbuf, start, len);
822 out_free:
823 free(readbuf);
824 return ret;
825 }
826
827 /* Helper function for need_erase() that focuses on granularities of gran bytes. */
need_erase_gran_bytes(const uint8_t * have,const uint8_t * want,unsigned int len,unsigned int gran,const uint8_t erased_value)828 static int need_erase_gran_bytes(const uint8_t *have, const uint8_t *want, unsigned int len,
829 unsigned int gran, const uint8_t erased_value)
830 {
831 unsigned int i, j, limit;
832 for (j = 0; j < len / gran; j++) {
833 limit = min (gran, len - j * gran);
834 /* Are 'have' and 'want' identical? */
835 if (!memcmp(have + j * gran, want + j * gran, limit))
836 continue;
837 /* have needs to be in erased state. */
838 for (i = 0; i < limit; i++)
839 if (have[j * gran + i] != erased_value)
840 return 1;
841 }
842 return 0;
843 }
844
845 /*
846 * Check if the buffer @have can be programmed to the content of @want without
847 * erasing. This is only possible if all chunks of size @gran are either kept
848 * as-is or changed from an all-ones state to any other state.
849 *
850 * Warning: This function assumes that @have and @want point to naturally
851 * aligned regions.
852 *
853 * @have buffer with current content
854 * @want buffer with desired content
855 * @len length of the checked area
856 * @gran write granularity (enum, not count)
857 * @return 0 if no erase is needed, 1 otherwise
858 */
need_erase(const uint8_t * have,const uint8_t * want,unsigned int len,enum write_granularity gran,const uint8_t erased_value)859 int need_erase(const uint8_t *have, const uint8_t *want, unsigned int len,
860 enum write_granularity gran, const uint8_t erased_value)
861 {
862 int result = 0;
863 unsigned int i;
864
865 switch (gran) {
866 case write_gran_1bit:
867 for (i = 0; i < len; i++)
868 if ((have[i] & want[i]) != want[i]) {
869 result = 1;
870 break;
871 }
872 break;
873 case write_gran_1byte:
874 for (i = 0; i < len; i++)
875 if ((have[i] != want[i]) && (have[i] != erased_value)) {
876 result = 1;
877 break;
878 }
879 break;
880 case write_gran_128bytes:
881 result = need_erase_gran_bytes(have, want, len, 128, erased_value);
882 break;
883 case write_gran_256bytes:
884 result = need_erase_gran_bytes(have, want, len, 256, erased_value);
885 break;
886 case write_gran_264bytes:
887 result = need_erase_gran_bytes(have, want, len, 264, erased_value);
888 break;
889 case write_gran_512bytes:
890 result = need_erase_gran_bytes(have, want, len, 512, erased_value);
891 break;
892 case write_gran_528bytes:
893 result = need_erase_gran_bytes(have, want, len, 528, erased_value);
894 break;
895 case write_gran_1024bytes:
896 result = need_erase_gran_bytes(have, want, len, 1024, erased_value);
897 break;
898 case write_gran_1056bytes:
899 result = need_erase_gran_bytes(have, want, len, 1056, erased_value);
900 break;
901 case write_gran_1byte_implicit_erase:
902 /* Do not erase, handle content changes from anything->0xff by writing 0xff. */
903 result = 0;
904 break;
905 default:
906 msg_cerr("%s: Unsupported granularity! Please report a bug at "
907 "flashrom@flashrom.org\n", __func__);
908 }
909 return result;
910 }
911
912 /**
913 * Check if the buffer @have needs to be programmed to get the content of @want.
914 * If yes, return 1 and fill in first_start with the start address of the
915 * write operation and first_len with the length of the first to-be-written
916 * chunk. If not, return 0 and leave first_start and first_len undefined.
917 *
918 * Warning: This function assumes that @have and @want point to naturally
919 * aligned regions.
920 *
921 * @have buffer with current content
922 * @want buffer with desired content
923 * @len length of the checked area
924 * @gran write granularity (enum, not count)
925 * @first_start offset of the first byte which needs to be written (passed in
926 * value is increased by the offset of the first needed write
927 * relative to have/want or unchanged if no write is needed)
928 * @return length of the first contiguous area which needs to be written
929 * 0 if no write is needed
930 *
931 * FIXME: This function needs a parameter which tells it about coalescing
932 * in relation to the max write length of the programmer and the max write
933 * length of the chip.
934 */
get_next_write(const uint8_t * have,const uint8_t * want,unsigned int len,unsigned int * first_start,enum write_granularity gran)935 static unsigned int get_next_write(const uint8_t *have, const uint8_t *want, unsigned int len,
936 unsigned int *first_start,
937 enum write_granularity gran)
938 {
939 int need_write = 0;
940 unsigned int rel_start = 0, first_len = 0;
941 unsigned int i, limit, stride;
942
943 switch (gran) {
944 case write_gran_1bit:
945 case write_gran_1byte:
946 case write_gran_1byte_implicit_erase:
947 stride = 1;
948 break;
949 case write_gran_128bytes:
950 stride = 128;
951 break;
952 case write_gran_256bytes:
953 stride = 256;
954 break;
955 case write_gran_264bytes:
956 stride = 264;
957 break;
958 case write_gran_512bytes:
959 stride = 512;
960 break;
961 case write_gran_528bytes:
962 stride = 528;
963 break;
964 case write_gran_1024bytes:
965 stride = 1024;
966 break;
967 case write_gran_1056bytes:
968 stride = 1056;
969 break;
970 default:
971 msg_cerr("%s: Unsupported granularity! Please report a bug at "
972 "flashrom@flashrom.org\n", __func__);
973 /* Claim that no write was needed. A write with unknown
974 * granularity is too dangerous to try.
975 */
976 return 0;
977 }
978 for (i = 0; i < len / stride; i++) {
979 limit = min(stride, len - i * stride);
980 /* Are 'have' and 'want' identical? */
981 if (memcmp(have + i * stride, want + i * stride, limit)) {
982 if (!need_write) {
983 /* First location where have and want differ. */
984 need_write = 1;
985 rel_start = i * stride;
986 }
987 } else {
988 if (need_write) {
989 /* First location where have and want
990 * do not differ anymore.
991 */
992 break;
993 }
994 }
995 }
996 if (need_write)
997 first_len = min(i * stride - rel_start, len);
998 *first_start += rel_start;
999 return first_len;
1000 }
1001
1002 /* Returns the number of busses commonly supported by the current programmer and flash chip where the latter
1003 * can not be completely accessed due to size/address limits of the programmer. */
count_max_decode_exceedings(const struct flashctx * flash)1004 unsigned int count_max_decode_exceedings(const struct flashctx *flash)
1005 {
1006 unsigned int limitexceeded = 0;
1007 uint32_t size = flash->chip->total_size * 1024;
1008 enum chipbustype buses = flash->mst->buses_supported & flash->chip->bustype;
1009
1010 if ((buses & BUS_PARALLEL) && (max_rom_decode.parallel < size)) {
1011 limitexceeded++;
1012 msg_pdbg("Chip size %u kB is bigger than supported "
1013 "size %u kB of chipset/board/programmer "
1014 "for %s interface, "
1015 "probe/read/erase/write may fail. ", size / 1024,
1016 max_rom_decode.parallel / 1024, "Parallel");
1017 }
1018 if ((buses & BUS_LPC) && (max_rom_decode.lpc < size)) {
1019 limitexceeded++;
1020 msg_pdbg("Chip size %u kB is bigger than supported "
1021 "size %u kB of chipset/board/programmer "
1022 "for %s interface, "
1023 "probe/read/erase/write may fail. ", size / 1024,
1024 max_rom_decode.lpc / 1024, "LPC");
1025 }
1026 if ((buses & BUS_FWH) && (max_rom_decode.fwh < size)) {
1027 limitexceeded++;
1028 msg_pdbg("Chip size %u kB is bigger than supported "
1029 "size %u kB of chipset/board/programmer "
1030 "for %s interface, "
1031 "probe/read/erase/write may fail. ", size / 1024,
1032 max_rom_decode.fwh / 1024, "FWH");
1033 }
1034 if ((buses & BUS_SPI) && (max_rom_decode.spi < size)) {
1035 limitexceeded++;
1036 msg_pdbg("Chip size %u kB is bigger than supported "
1037 "size %u kB of chipset/board/programmer "
1038 "for %s interface, "
1039 "probe/read/erase/write may fail. ", size / 1024,
1040 max_rom_decode.spi / 1024, "SPI");
1041 }
1042 return limitexceeded;
1043 }
1044
unmap_flash(struct flashctx * flash)1045 void unmap_flash(struct flashctx *flash)
1046 {
1047 if (flash->virtual_registers != (chipaddr)ERROR_PTR) {
1048 programmer_unmap_flash_region((void *)flash->virtual_registers, flash->chip->total_size * 1024);
1049 flash->physical_registers = 0;
1050 flash->virtual_registers = (chipaddr)ERROR_PTR;
1051 }
1052
1053 if (flash->virtual_memory != (chipaddr)ERROR_PTR) {
1054 programmer_unmap_flash_region((void *)flash->virtual_memory, flash->chip->total_size * 1024);
1055 flash->physical_memory = 0;
1056 flash->virtual_memory = (chipaddr)ERROR_PTR;
1057 }
1058 }
1059
map_flash(struct flashctx * flash)1060 int map_flash(struct flashctx *flash)
1061 {
1062 /* Init pointers to the fail-safe state to distinguish them later from legit values. */
1063 flash->virtual_memory = (chipaddr)ERROR_PTR;
1064 flash->virtual_registers = (chipaddr)ERROR_PTR;
1065
1066 /* FIXME: This avoids mapping (and unmapping) of flash chip definitions with size 0.
1067 * These are used for various probing-related hacks that would not map successfully anyway and should be
1068 * removed ASAP. */
1069 if (flash->chip->total_size == 0)
1070 return 0;
1071
1072 const chipsize_t size = flash->chip->total_size * 1024;
1073 uintptr_t base = flashbase ? flashbase : (0xffffffff - size + 1);
1074 void *addr = programmer_map_flash_region(flash->chip->name, base, size);
1075 if (addr == ERROR_PTR) {
1076 msg_perr("Could not map flash chip %s at 0x%0*" PRIxPTR ".\n",
1077 flash->chip->name, PRIxPTR_WIDTH, base);
1078 return 1;
1079 }
1080 flash->physical_memory = base;
1081 flash->virtual_memory = (chipaddr)addr;
1082
1083 /* FIXME: Special function registers normally live 4 MByte below flash space, but it might be somewhere
1084 * completely different on some chips and programmers, or not mappable at all.
1085 * Ignore these problems for now and always report success. */
1086 if (flash->chip->feature_bits & FEATURE_REGISTERMAP) {
1087 base = 0xffffffff - size - 0x400000 + 1;
1088 addr = programmer_map_flash_region("flash chip registers", base, size);
1089 if (addr == ERROR_PTR) {
1090 msg_pdbg2("Could not map flash chip registers %s at 0x%0*" PRIxPTR ".\n",
1091 flash->chip->name, PRIxPTR_WIDTH, base);
1092 return 0;
1093 }
1094 flash->physical_registers = base;
1095 flash->virtual_registers = (chipaddr)addr;
1096 }
1097 return 0;
1098 }
1099
1100 /*
1101 * Return a string corresponding to the bustype parameter.
1102 * Memory is obtained with malloc() and must be freed with free() by the caller.
1103 */
flashbuses_to_text(enum chipbustype bustype)1104 char *flashbuses_to_text(enum chipbustype bustype)
1105 {
1106 char *ret = calloc(1, 1);
1107 /*
1108 * FIXME: Once all chipsets and flash chips have been updated, NONSPI
1109 * will cease to exist and should be eliminated here as well.
1110 */
1111 if (bustype == BUS_NONSPI) {
1112 ret = strcat_realloc(ret, "Non-SPI, ");
1113 } else {
1114 if (bustype & BUS_PARALLEL)
1115 ret = strcat_realloc(ret, "Parallel, ");
1116 if (bustype & BUS_LPC)
1117 ret = strcat_realloc(ret, "LPC, ");
1118 if (bustype & BUS_FWH)
1119 ret = strcat_realloc(ret, "FWH, ");
1120 if (bustype & BUS_SPI)
1121 ret = strcat_realloc(ret, "SPI, ");
1122 if (bustype & BUS_PROG)
1123 ret = strcat_realloc(ret, "Programmer-specific, ");
1124 if (bustype == BUS_NONE)
1125 ret = strcat_realloc(ret, "None, ");
1126 }
1127 /* Kill last comma. */
1128 ret[strlen(ret) - 2] = '\0';
1129 ret = realloc(ret, strlen(ret) + 1);
1130 return ret;
1131 }
1132
probe_flash(struct registered_master * mst,int startchip,struct flashctx * flash,int force)1133 int probe_flash(struct registered_master *mst, int startchip, struct flashctx *flash, int force)
1134 {
1135 const struct flashchip *chip;
1136 enum chipbustype buses_common;
1137 char *tmp;
1138
1139 for (chip = flashchips + startchip; chip && chip->name; chip++) {
1140 if (chip_to_probe && strcmp(chip->name, chip_to_probe) != 0)
1141 continue;
1142 buses_common = mst->buses_supported & chip->bustype;
1143 if (!buses_common)
1144 continue;
1145 /* Only probe for SPI25 chips by default. */
1146 if (chip->bustype == BUS_SPI && !chip_to_probe && chip->spi_cmd_set != SPI25)
1147 continue;
1148 msg_gdbg("Probing for %s %s, %d kB: ", chip->vendor, chip->name, chip->total_size);
1149 if (!chip->probe && !force) {
1150 msg_gdbg("failed! flashrom has no probe function for this flash chip.\n");
1151 continue;
1152 }
1153
1154 /* Start filling in the dynamic data. */
1155 flash->chip = calloc(1, sizeof(struct flashchip));
1156 if (!flash->chip) {
1157 msg_gerr("Out of memory!\n");
1158 exit(1);
1159 }
1160 memcpy(flash->chip, chip, sizeof(struct flashchip));
1161 flash->mst = mst;
1162
1163 if (map_flash(flash) != 0)
1164 goto notfound;
1165
1166 /* We handle a forced match like a real match, we just avoid probing. Note that probe_flash()
1167 * is only called with force=1 after normal probing failed.
1168 */
1169 if (force)
1170 break;
1171
1172 if (flash->chip->probe(flash) != 1)
1173 goto notfound;
1174
1175 /* If this is the first chip found, accept it.
1176 * If this is not the first chip found, accept it only if it is
1177 * a non-generic match. SFDP and CFI are generic matches.
1178 * startchip==0 means this call to probe_flash() is the first
1179 * one for this programmer interface (master) and thus no other chip has
1180 * been found on this interface.
1181 */
1182 if (startchip == 0 && flash->chip->model_id == SFDP_DEVICE_ID) {
1183 msg_cinfo("===\n"
1184 "SFDP has autodetected a flash chip which is "
1185 "not natively supported by flashrom yet.\n");
1186 if (count_usable_erasers(flash) == 0)
1187 msg_cinfo("The standard operations read and "
1188 "verify should work, but to support "
1189 "erase, write and all other "
1190 "possible features");
1191 else
1192 msg_cinfo("All standard operations (read, "
1193 "verify, erase and write) should "
1194 "work, but to support all possible "
1195 "features");
1196
1197 msg_cinfo(" we need to add them manually.\n"
1198 "You can help us by mailing us the output of the following command to "
1199 "flashrom@flashrom.org:\n"
1200 "'flashrom -VV [plus the -p/--programmer parameter]'\n"
1201 "Thanks for your help!\n"
1202 "===\n");
1203 }
1204
1205 /* First flash chip detected on this bus. */
1206 if (startchip == 0)
1207 break;
1208 /* Not the first flash chip detected on this bus, but not a generic match either. */
1209 if ((flash->chip->model_id != GENERIC_DEVICE_ID) && (flash->chip->model_id != SFDP_DEVICE_ID))
1210 break;
1211 /* Not the first flash chip detected on this bus, and it's just a generic match. Ignore it. */
1212 notfound:
1213 unmap_flash(flash);
1214 free(flash->chip);
1215 flash->chip = NULL;
1216 }
1217
1218 if (!flash->chip)
1219 return -1;
1220
1221 /* Fill fallback layout covering the whole chip. */
1222 struct single_layout *const fallback = &flash->fallback_layout;
1223 fallback->base.entries = &fallback->entry;
1224 fallback->base.num_entries = 1;
1225 fallback->entry.start = 0;
1226 fallback->entry.end = flash->chip->total_size * 1024 - 1;
1227 fallback->entry.included = true;
1228 fallback->entry.name = strdup("complete flash");
1229 if (!fallback->entry.name) {
1230 msg_cerr("Failed to probe chip: %s\n", strerror(errno));
1231 return -1;
1232 }
1233
1234 tmp = flashbuses_to_text(flash->chip->bustype);
1235 msg_cinfo("%s %s flash chip \"%s\" (%d kB, %s) ", force ? "Assuming" : "Found",
1236 flash->chip->vendor, flash->chip->name, flash->chip->total_size, tmp);
1237 free(tmp);
1238 #if CONFIG_INTERNAL == 1
1239 if (programmer_table[programmer].map_flash_region == physmap)
1240 msg_cinfo("mapped at physical address 0x%0*" PRIxPTR ".\n",
1241 PRIxPTR_WIDTH, flash->physical_memory);
1242 else
1243 #endif
1244 msg_cinfo("on %s.\n", programmer_table[programmer].name);
1245
1246 /* Flash registers may more likely not be mapped if the chip was forced.
1247 * Lock info may be stored in registers, so avoid lock info printing. */
1248 if (!force)
1249 if (flash->chip->printlock)
1250 flash->chip->printlock(flash);
1251
1252 /* Get out of the way for later runs. */
1253 unmap_flash(flash);
1254
1255 /* Return position of matching chip. */
1256 return chip - flashchips;
1257 }
1258
read_buf_from_file(unsigned char * buf,unsigned long size,const char * filename)1259 int read_buf_from_file(unsigned char *buf, unsigned long size,
1260 const char *filename)
1261 {
1262 #ifdef __LIBPAYLOAD__
1263 msg_gerr("Error: No file I/O support in libpayload\n");
1264 return 1;
1265 #else
1266 int ret = 0;
1267
1268 FILE *image;
1269 if ((image = fopen(filename, "rb")) == NULL) {
1270 msg_gerr("Error: opening file \"%s\" failed: %s\n", filename, strerror(errno));
1271 return 1;
1272 }
1273
1274 struct stat image_stat;
1275 if (fstat(fileno(image), &image_stat) != 0) {
1276 msg_gerr("Error: getting metadata of file \"%s\" failed: %s\n", filename, strerror(errno));
1277 ret = 1;
1278 goto out;
1279 }
1280 if (image_stat.st_size != (intmax_t)size) {
1281 msg_gerr("Error: Image size (%jd B) doesn't match the flash chip's size (%lu B)!\n",
1282 (intmax_t)image_stat.st_size, size);
1283 ret = 1;
1284 goto out;
1285 }
1286
1287 unsigned long numbytes = fread(buf, 1, size, image);
1288 if (numbytes != size) {
1289 msg_gerr("Error: Failed to read complete file. Got %ld bytes, "
1290 "wanted %ld!\n", numbytes, size);
1291 ret = 1;
1292 }
1293 out:
1294 (void)fclose(image);
1295 return ret;
1296 #endif
1297 }
1298
write_buf_to_file(const unsigned char * buf,unsigned long size,const char * filename)1299 int write_buf_to_file(const unsigned char *buf, unsigned long size, const char *filename)
1300 {
1301 #ifdef __LIBPAYLOAD__
1302 msg_gerr("Error: No file I/O support in libpayload\n");
1303 return 1;
1304 #else
1305 FILE *image;
1306 int ret = 0;
1307
1308 if (!filename) {
1309 msg_gerr("No filename specified.\n");
1310 return 1;
1311 }
1312 if ((image = fopen(filename, "wb")) == NULL) {
1313 msg_gerr("Error: opening file \"%s\" failed: %s\n", filename, strerror(errno));
1314 return 1;
1315 }
1316
1317 unsigned long numbytes = fwrite(buf, 1, size, image);
1318 if (numbytes != size) {
1319 msg_gerr("Error: file %s could not be written completely.\n", filename);
1320 ret = 1;
1321 goto out;
1322 }
1323 if (fflush(image)) {
1324 msg_gerr("Error: flushing file \"%s\" failed: %s\n", filename, strerror(errno));
1325 ret = 1;
1326 }
1327 // Try to fsync() only regular files and if that function is available at all (e.g. not on MinGW).
1328 #if defined(_POSIX_FSYNC) && (_POSIX_FSYNC != -1)
1329 struct stat image_stat;
1330 if (fstat(fileno(image), &image_stat) != 0) {
1331 msg_gerr("Error: getting metadata of file \"%s\" failed: %s\n", filename, strerror(errno));
1332 ret = 1;
1333 goto out;
1334 }
1335 if (S_ISREG(image_stat.st_mode)) {
1336 if (fsync(fileno(image))) {
1337 msg_gerr("Error: fsyncing file \"%s\" failed: %s\n", filename, strerror(errno));
1338 ret = 1;
1339 }
1340 }
1341 #endif
1342 out:
1343 if (fclose(image)) {
1344 msg_gerr("Error: closing file \"%s\" failed: %s\n", filename, strerror(errno));
1345 ret = 1;
1346 }
1347 return ret;
1348 #endif
1349 }
1350
1351 static int read_by_layout(struct flashctx *, uint8_t *);
read_flash_to_file(struct flashctx * flash,const char * filename)1352 int read_flash_to_file(struct flashctx *flash, const char *filename)
1353 {
1354 unsigned long size = flash->chip->total_size * 1024;
1355 unsigned char *buf = calloc(size, sizeof(unsigned char));
1356 int ret = 0;
1357
1358 msg_cinfo("Reading flash... ");
1359 if (!buf) {
1360 msg_gerr("Memory allocation failed!\n");
1361 msg_cinfo("FAILED.\n");
1362 return 1;
1363 }
1364 if (!flash->chip->read) {
1365 msg_cerr("No read function available for this flash chip.\n");
1366 ret = 1;
1367 goto out_free;
1368 }
1369 if (read_by_layout(flash, buf)) {
1370 msg_cerr("Read operation failed!\n");
1371 ret = 1;
1372 goto out_free;
1373 }
1374
1375 ret = write_buf_to_file(buf, size, filename);
1376 out_free:
1377 free(buf);
1378 msg_cinfo("%s.\n", ret ? "FAILED" : "done");
1379 return ret;
1380 }
1381
1382 /* Even if an error is found, the function will keep going and check the rest. */
selfcheck_eraseblocks(const struct flashchip * chip)1383 static int selfcheck_eraseblocks(const struct flashchip *chip)
1384 {
1385 int i, j, k;
1386 int ret = 0;
1387
1388 for (k = 0; k < NUM_ERASEFUNCTIONS; k++) {
1389 unsigned int done = 0;
1390 struct block_eraser eraser = chip->block_erasers[k];
1391
1392 for (i = 0; i < NUM_ERASEREGIONS; i++) {
1393 /* Blocks with zero size are bugs in flashchips.c. */
1394 if (eraser.eraseblocks[i].count &&
1395 !eraser.eraseblocks[i].size) {
1396 msg_gerr("ERROR: Flash chip %s erase function "
1397 "%i region %i has size 0. Please report"
1398 " a bug at flashrom@flashrom.org\n",
1399 chip->name, k, i);
1400 ret = 1;
1401 }
1402 /* Blocks with zero count are bugs in flashchips.c. */
1403 if (!eraser.eraseblocks[i].count &&
1404 eraser.eraseblocks[i].size) {
1405 msg_gerr("ERROR: Flash chip %s erase function "
1406 "%i region %i has count 0. Please report"
1407 " a bug at flashrom@flashrom.org\n",
1408 chip->name, k, i);
1409 ret = 1;
1410 }
1411 done += eraser.eraseblocks[i].count *
1412 eraser.eraseblocks[i].size;
1413 }
1414 /* Empty eraseblock definition with erase function. */
1415 if (!done && eraser.block_erase)
1416 msg_gspew("Strange: Empty eraseblock definition with "
1417 "non-empty erase function. Not an error.\n");
1418 if (!done)
1419 continue;
1420 if (done != chip->total_size * 1024) {
1421 msg_gerr("ERROR: Flash chip %s erase function %i "
1422 "region walking resulted in 0x%06x bytes total,"
1423 " expected 0x%06x bytes. Please report a bug at"
1424 " flashrom@flashrom.org\n", chip->name, k,
1425 done, chip->total_size * 1024);
1426 ret = 1;
1427 }
1428 if (!eraser.block_erase)
1429 continue;
1430 /* Check if there are identical erase functions for different
1431 * layouts. That would imply "magic" erase functions. The
1432 * easiest way to check this is with function pointers.
1433 */
1434 for (j = k + 1; j < NUM_ERASEFUNCTIONS; j++) {
1435 if (eraser.block_erase ==
1436 chip->block_erasers[j].block_erase) {
1437 msg_gerr("ERROR: Flash chip %s erase function "
1438 "%i and %i are identical. Please report"
1439 " a bug at flashrom@flashrom.org\n",
1440 chip->name, k, j);
1441 ret = 1;
1442 }
1443 }
1444 }
1445 return ret;
1446 }
1447
check_block_eraser(const struct flashctx * flash,int k,int log)1448 static int check_block_eraser(const struct flashctx *flash, int k, int log)
1449 {
1450 struct block_eraser eraser = flash->chip->block_erasers[k];
1451
1452 if (!eraser.block_erase && !eraser.eraseblocks[0].count) {
1453 if (log)
1454 msg_cdbg("not defined. ");
1455 return 1;
1456 }
1457 if (!eraser.block_erase && eraser.eraseblocks[0].count) {
1458 if (log)
1459 msg_cdbg("eraseblock layout is known, but matching "
1460 "block erase function is not implemented. ");
1461 return 1;
1462 }
1463 if (eraser.block_erase && !eraser.eraseblocks[0].count) {
1464 if (log)
1465 msg_cdbg("block erase function found, but "
1466 "eraseblock layout is not defined. ");
1467 return 1;
1468 }
1469 // TODO: Once erase functions are annotated with allowed buses, check that as well.
1470 return 0;
1471 }
1472
1473 /**
1474 * @brief Reads the included layout regions into a buffer.
1475 *
1476 * If there is no layout set in the given flash context, the whole chip will
1477 * be read.
1478 *
1479 * @param flashctx Flash context to be used.
1480 * @param buffer Buffer of full chip size to read into.
1481 * @return 0 on success,
1482 * 1 if any read fails.
1483 */
read_by_layout(struct flashctx * const flashctx,uint8_t * const buffer)1484 static int read_by_layout(struct flashctx *const flashctx, uint8_t *const buffer)
1485 {
1486 const struct flashrom_layout *const layout = get_layout(flashctx);
1487 const struct romentry *entry = NULL;
1488
1489 while ((entry = layout_next_included(layout, entry))) {
1490 const chipoff_t region_start = entry->start;
1491 const chipsize_t region_len = entry->end - entry->start + 1;
1492
1493 if (flashctx->chip->read(flashctx, buffer + region_start, region_start, region_len))
1494 return 1;
1495 }
1496 return 0;
1497 }
1498
1499 typedef int (*erasefn_t)(struct flashctx *, unsigned int addr, unsigned int len);
1500 /**
1501 * @private
1502 *
1503 * For read-erase-write, `curcontents` and `newcontents` shall point
1504 * to buffers of the chip's size. Both are supposed to be prefilled
1505 * with at least the included layout regions of the current flash
1506 * contents (`curcontents`) and the data to be written to the flash
1507 * (`newcontents`).
1508 *
1509 * For erase, `curcontents` and `newcontents` shall be NULL-pointers.
1510 *
1511 * The `chipoff_t` values are used internally by `walk_by_layout()`.
1512 */
1513 struct walk_info {
1514 uint8_t *curcontents;
1515 const uint8_t *newcontents;
1516 chipoff_t region_start;
1517 chipoff_t region_end;
1518 chipoff_t erase_start;
1519 chipoff_t erase_end;
1520 };
1521 /* returns 0 on success, 1 to retry with another erase function, 2 for immediate abort */
1522 typedef int (*per_blockfn_t)(struct flashctx *, const struct walk_info *, erasefn_t);
1523
walk_eraseblocks(struct flashctx * const flashctx,struct walk_info * const info,const size_t erasefunction,const per_blockfn_t per_blockfn)1524 static int walk_eraseblocks(struct flashctx *const flashctx,
1525 struct walk_info *const info,
1526 const size_t erasefunction, const per_blockfn_t per_blockfn)
1527 {
1528 int ret;
1529 size_t i, j;
1530 bool first = true;
1531 struct block_eraser *const eraser = &flashctx->chip->block_erasers[erasefunction];
1532
1533 info->erase_start = 0;
1534 for (i = 0; i < NUM_ERASEREGIONS; ++i) {
1535 /* count==0 for all automatically initialized array
1536 members so the loop below won't be executed for them. */
1537 for (j = 0; j < eraser->eraseblocks[i].count; ++j, info->erase_start = info->erase_end + 1) {
1538 info->erase_end = info->erase_start + eraser->eraseblocks[i].size - 1;
1539
1540 /* Skip any eraseblock that is completely outside the current region. */
1541 if (info->erase_end < info->region_start)
1542 continue;
1543 if (info->region_end < info->erase_start)
1544 break;
1545
1546 /* Print this for every block except the first one. */
1547 if (first)
1548 first = false;
1549 else
1550 msg_cdbg(", ");
1551 msg_cdbg("0x%06x-0x%06x:", info->erase_start, info->erase_end);
1552
1553 ret = per_blockfn(flashctx, info, eraser->block_erase);
1554 if (ret)
1555 return ret;
1556 }
1557 if (info->region_end < info->erase_start)
1558 break;
1559 }
1560 msg_cdbg("\n");
1561 return 0;
1562 }
1563
walk_by_layout(struct flashctx * const flashctx,struct walk_info * const info,const per_blockfn_t per_blockfn)1564 static int walk_by_layout(struct flashctx *const flashctx, struct walk_info *const info,
1565 const per_blockfn_t per_blockfn)
1566 {
1567 const struct flashrom_layout *const layout = get_layout(flashctx);
1568 const struct romentry *entry = NULL;
1569
1570 all_skipped = true;
1571 msg_cinfo("Erasing and writing flash chip... ");
1572
1573 while ((entry = layout_next_included(layout, entry))) {
1574 info->region_start = entry->start;
1575 info->region_end = entry->end;
1576
1577 size_t j;
1578 int error = 1; /* retry as long as it's 1 */
1579 for (j = 0; j < NUM_ERASEFUNCTIONS; ++j) {
1580 if (j != 0)
1581 msg_cinfo("Looking for another erase function.\n");
1582 msg_cdbg("Trying erase function %zi... ", j);
1583 if (check_block_eraser(flashctx, j, 1))
1584 continue;
1585
1586 error = walk_eraseblocks(flashctx, info, j, per_blockfn);
1587 if (error != 1)
1588 break;
1589
1590 if (info->curcontents) {
1591 msg_cinfo("Reading current flash chip contents... ");
1592 if (read_by_layout(flashctx, info->curcontents)) {
1593 /* Now we are truly screwed. Read failed as well. */
1594 msg_cerr("Can't read anymore! Aborting.\n");
1595 /* We have no idea about the flash chip contents, so
1596 retrying with another erase function is pointless. */
1597 error = 2;
1598 break;
1599 }
1600 msg_cinfo("done. ");
1601 }
1602 }
1603 if (error == 1)
1604 msg_cinfo("No usable erase functions left.\n");
1605 if (error) {
1606 msg_cerr("FAILED!\n");
1607 return 1;
1608 }
1609 }
1610 if (all_skipped)
1611 msg_cinfo("\nWarning: Chip content is identical to the requested image.\n");
1612 msg_cinfo("Erase/write done.\n");
1613 return 0;
1614 }
1615
erase_block(struct flashctx * const flashctx,const struct walk_info * const info,const erasefn_t erasefn)1616 static int erase_block(struct flashctx *const flashctx,
1617 const struct walk_info *const info, const erasefn_t erasefn)
1618 {
1619 const unsigned int erase_len = info->erase_end + 1 - info->erase_start;
1620 const bool region_unaligned = info->region_start > info->erase_start ||
1621 info->erase_end > info->region_end;
1622 uint8_t *backup_contents = NULL, *erased_contents = NULL;
1623 int ret = 2;
1624
1625 /*
1626 * If the region is not erase-block aligned, merge current flash con-
1627 * tents into a new buffer `backup_contents`.
1628 */
1629 if (region_unaligned) {
1630 backup_contents = malloc(erase_len);
1631 erased_contents = malloc(erase_len);
1632 if (!backup_contents || !erased_contents) {
1633 msg_cerr("Out of memory!\n");
1634 ret = 1;
1635 goto _free_ret;
1636 }
1637 memset(backup_contents, ERASED_VALUE(flashctx), erase_len);
1638 memset(erased_contents, ERASED_VALUE(flashctx), erase_len);
1639
1640 msg_cdbg("R");
1641 /* Merge data preceding the current region. */
1642 if (info->region_start > info->erase_start) {
1643 const chipoff_t start = info->erase_start;
1644 const chipsize_t len = info->region_start - info->erase_start;
1645 if (flashctx->chip->read(flashctx, backup_contents, start, len)) {
1646 msg_cerr("Can't read! Aborting.\n");
1647 goto _free_ret;
1648 }
1649 }
1650 /* Merge data following the current region. */
1651 if (info->erase_end > info->region_end) {
1652 const chipoff_t start = info->region_end + 1;
1653 const chipoff_t rel_start = start - info->erase_start; /* within this erase block */
1654 const chipsize_t len = info->erase_end - info->region_end;
1655 if (flashctx->chip->read(flashctx, backup_contents + rel_start, start, len)) {
1656 msg_cerr("Can't read! Aborting.\n");
1657 goto _free_ret;
1658 }
1659 }
1660 }
1661
1662 ret = 1;
1663 all_skipped = false;
1664
1665 msg_cdbg("E");
1666 if (erasefn(flashctx, info->erase_start, erase_len))
1667 goto _free_ret;
1668 if (check_erased_range(flashctx, info->erase_start, erase_len)) {
1669 msg_cerr("ERASE FAILED!\n");
1670 goto _free_ret;
1671 }
1672
1673 if (region_unaligned) {
1674 unsigned int starthere = 0, lenhere = 0, writecount = 0;
1675 /* get_next_write() sets starthere to a new value after the call. */
1676 while ((lenhere = get_next_write(erased_contents + starthere, backup_contents + starthere,
1677 erase_len - starthere, &starthere, flashctx->chip->gran))) {
1678 if (!writecount++)
1679 msg_cdbg("W");
1680 /* Needs the partial write function signature. */
1681 if (flashctx->chip->write(flashctx, backup_contents + starthere,
1682 info->erase_start + starthere, lenhere))
1683 goto _free_ret;
1684 starthere += lenhere;
1685 }
1686 }
1687
1688 ret = 0;
1689
1690 _free_ret:
1691 free(erased_contents);
1692 free(backup_contents);
1693 return ret;
1694 }
1695
1696 /**
1697 * @brief Erases the included layout regions.
1698 *
1699 * If there is no layout set in the given flash context, the whole chip will
1700 * be erased.
1701 *
1702 * @param flashctx Flash context to be used.
1703 * @param buffer Buffer of full chip size to read into.
1704 * @return 0 on success,
1705 * 1 if all available erase functions failed.
1706 */
erase_by_layout(struct flashctx * const flashctx)1707 static int erase_by_layout(struct flashctx *const flashctx)
1708 {
1709 struct walk_info info = { 0 };
1710 return walk_by_layout(flashctx, &info, &erase_block);
1711 }
1712
read_erase_write_block(struct flashctx * const flashctx,const struct walk_info * const info,const erasefn_t erasefn)1713 static int read_erase_write_block(struct flashctx *const flashctx,
1714 const struct walk_info *const info, const erasefn_t erasefn)
1715 {
1716 const chipsize_t erase_len = info->erase_end + 1 - info->erase_start;
1717 const bool region_unaligned = info->region_start > info->erase_start ||
1718 info->erase_end > info->region_end;
1719 const uint8_t *newcontents = NULL;
1720 int ret = 2;
1721
1722 /*
1723 * If the region is not erase-block aligned, merge current flash con-
1724 * tents into `info->curcontents` and a new buffer `newc`. The former
1725 * is necessary since we have no guarantee that the full erase block
1726 * was already read into `info->curcontents`. For the latter a new
1727 * buffer is used since `info->newcontents` might contain data for
1728 * other unaligned regions that touch this erase block too.
1729 */
1730 if (region_unaligned) {
1731 msg_cdbg("R");
1732 uint8_t *const newc = malloc(erase_len);
1733 if (!newc) {
1734 msg_cerr("Out of memory!\n");
1735 return 1;
1736 }
1737 memcpy(newc, info->newcontents + info->erase_start, erase_len);
1738
1739 /* Merge data preceding the current region. */
1740 if (info->region_start > info->erase_start) {
1741 const chipoff_t start = info->erase_start;
1742 const chipsize_t len = info->region_start - info->erase_start;
1743 if (flashctx->chip->read(flashctx, newc, start, len)) {
1744 msg_cerr("Can't read! Aborting.\n");
1745 goto _free_ret;
1746 }
1747 memcpy(info->curcontents + start, newc, len);
1748 }
1749 /* Merge data following the current region. */
1750 if (info->erase_end > info->region_end) {
1751 const chipoff_t start = info->region_end + 1;
1752 const chipoff_t rel_start = start - info->erase_start; /* within this erase block */
1753 const chipsize_t len = info->erase_end - info->region_end;
1754 if (flashctx->chip->read(flashctx, newc + rel_start, start, len)) {
1755 msg_cerr("Can't read! Aborting.\n");
1756 goto _free_ret;
1757 }
1758 memcpy(info->curcontents + start, newc + rel_start, len);
1759 }
1760
1761 newcontents = newc;
1762 } else {
1763 newcontents = info->newcontents + info->erase_start;
1764 }
1765
1766 ret = 1;
1767 bool skipped = true;
1768 uint8_t *const curcontents = info->curcontents + info->erase_start;
1769 const uint8_t erased_value = ERASED_VALUE(flashctx);
1770 if (!(flashctx->chip->feature_bits & FEATURE_NO_ERASE) &&
1771 need_erase(curcontents, newcontents, erase_len, flashctx->chip->gran, erased_value)) {
1772 if (erase_block(flashctx, info, erasefn))
1773 goto _free_ret;
1774 /* Erase was successful. Adjust curcontents. */
1775 memset(curcontents, erased_value, erase_len);
1776 skipped = false;
1777 }
1778
1779 unsigned int starthere = 0, lenhere = 0, writecount = 0;
1780 /* get_next_write() sets starthere to a new value after the call. */
1781 while ((lenhere = get_next_write(curcontents + starthere, newcontents + starthere,
1782 erase_len - starthere, &starthere, flashctx->chip->gran))) {
1783 if (!writecount++)
1784 msg_cdbg("W");
1785 /* Needs the partial write function signature. */
1786 if (flashctx->chip->write(flashctx, newcontents + starthere,
1787 info->erase_start + starthere, lenhere))
1788 goto _free_ret;
1789 starthere += lenhere;
1790 skipped = false;
1791 }
1792 if (skipped)
1793 msg_cdbg("S");
1794 else
1795 all_skipped = false;
1796
1797 /* Update curcontents, other regions with overlapping erase blocks
1798 might rely on this. */
1799 memcpy(curcontents, newcontents, erase_len);
1800 ret = 0;
1801
1802 _free_ret:
1803 if (region_unaligned)
1804 free((void *)newcontents);
1805 return ret;
1806 }
1807
1808 /**
1809 * @brief Writes the included layout regions from a given image.
1810 *
1811 * If there is no layout set in the given flash context, the whole image
1812 * will be written.
1813 *
1814 * @param flashctx Flash context to be used.
1815 * @param curcontents A buffer of full chip size with current chip contents of included regions.
1816 * @param newcontents The new image to be written.
1817 * @return 0 on success,
1818 * 1 if anything has gone wrong.
1819 */
write_by_layout(struct flashctx * const flashctx,void * const curcontents,const void * const newcontents)1820 static int write_by_layout(struct flashctx *const flashctx,
1821 void *const curcontents, const void *const newcontents)
1822 {
1823 struct walk_info info;
1824 info.curcontents = curcontents;
1825 info.newcontents = newcontents;
1826 return walk_by_layout(flashctx, &info, read_erase_write_block);
1827 }
1828
1829 /**
1830 * @brief Compares the included layout regions with content from a buffer.
1831 *
1832 * If there is no layout set in the given flash context, the whole chip's
1833 * contents will be compared.
1834 *
1835 * @param flashctx Flash context to be used.
1836 * @param curcontents A buffer of full chip size to read current chip contents into.
1837 * @param newcontents The new image to compare to.
1838 * @return 0 on success,
1839 * 1 if reading failed,
1840 * 3 if the contents don't match.
1841 */
verify_by_layout(struct flashctx * const flashctx,void * const curcontents,const uint8_t * const newcontents)1842 static int verify_by_layout(struct flashctx *const flashctx,
1843 void *const curcontents, const uint8_t *const newcontents)
1844 {
1845 const struct flashrom_layout *const layout = get_layout(flashctx);
1846 const struct romentry *entry = NULL;
1847
1848 while ((entry = layout_next_included(layout, entry))) {
1849 const chipoff_t region_start = entry->start;
1850 const chipsize_t region_len = entry->end - entry->start + 1;
1851
1852 if (flashctx->chip->read(flashctx, curcontents + region_start, region_start, region_len))
1853 return 1;
1854 if (compare_range(newcontents + region_start, curcontents + region_start,
1855 region_start, region_len))
1856 return 3;
1857 }
1858 return 0;
1859 }
1860
nonfatal_help_message(void)1861 static void nonfatal_help_message(void)
1862 {
1863 msg_gerr("Good, writing to the flash chip apparently didn't do anything.\n");
1864 #if CONFIG_INTERNAL == 1
1865 if (programmer == PROGRAMMER_INTERNAL)
1866 msg_gerr("This means we have to add special support for your board, programmer or flash\n"
1867 "chip. Please report this on IRC at chat.freenode.net (channel #flashrom) or\n"
1868 "mail flashrom@flashrom.org, thanks!\n"
1869 "-------------------------------------------------------------------------------\n"
1870 "You may now reboot or simply leave the machine running.\n");
1871 else
1872 #endif
1873 msg_gerr("Please check the connections (especially those to write protection pins) between\n"
1874 "the programmer and the flash chip. If you think the error is caused by flashrom\n"
1875 "please report this on IRC at chat.freenode.net (channel #flashrom) or\n"
1876 "mail flashrom@flashrom.org, thanks!\n");
1877 }
1878
emergency_help_message(void)1879 static void emergency_help_message(void)
1880 {
1881 msg_gerr("Your flash chip is in an unknown state.\n");
1882 #if CONFIG_INTERNAL == 1
1883 if (programmer == PROGRAMMER_INTERNAL)
1884 msg_gerr("Get help on IRC at chat.freenode.net (channel #flashrom) or\n"
1885 "mail flashrom@flashrom.org with the subject \"FAILED: <your board name>\"!\n"
1886 "-------------------------------------------------------------------------------\n"
1887 "DO NOT REBOOT OR POWEROFF!\n");
1888 else
1889 #endif
1890 msg_gerr("Please report this on IRC at chat.freenode.net (channel #flashrom) or\n"
1891 "mail flashrom@flashrom.org, thanks!\n");
1892 }
1893
list_programmers_linebreak(int startcol,int cols,int paren)1894 void list_programmers_linebreak(int startcol, int cols, int paren)
1895 {
1896 const char *pname;
1897 int pnamelen;
1898 int remaining = 0, firstline = 1;
1899 enum programmer p;
1900 int i;
1901
1902 for (p = 0; p < PROGRAMMER_INVALID; p++) {
1903 pname = programmer_table[p].name;
1904 pnamelen = strlen(pname);
1905 if (remaining - pnamelen - 2 < 0) {
1906 if (firstline)
1907 firstline = 0;
1908 else
1909 msg_ginfo("\n");
1910 for (i = 0; i < startcol; i++)
1911 msg_ginfo(" ");
1912 remaining = cols - startcol;
1913 } else {
1914 msg_ginfo(" ");
1915 remaining--;
1916 }
1917 if (paren && (p == 0)) {
1918 msg_ginfo("(");
1919 remaining--;
1920 }
1921 msg_ginfo("%s", pname);
1922 remaining -= pnamelen;
1923 if (p < PROGRAMMER_INVALID - 1) {
1924 msg_ginfo(",");
1925 remaining--;
1926 } else {
1927 if (paren)
1928 msg_ginfo(")");
1929 }
1930 }
1931 }
1932
print_sysinfo(void)1933 static void print_sysinfo(void)
1934 {
1935 #if IS_WINDOWS
1936 SYSTEM_INFO si;
1937 OSVERSIONINFOEX osvi;
1938
1939 memset(&si, 0, sizeof(SYSTEM_INFO));
1940 memset(&osvi, 0, sizeof(OSVERSIONINFOEX));
1941 msg_ginfo(" on Windows");
1942 /* Tell Windows which version of the structure we want. */
1943 osvi.dwOSVersionInfoSize = sizeof(OSVERSIONINFOEX);
1944 if (GetVersionEx((OSVERSIONINFO*) &osvi))
1945 msg_ginfo(" %lu.%lu", osvi.dwMajorVersion, osvi.dwMinorVersion);
1946 else
1947 msg_ginfo(" unknown version");
1948 GetSystemInfo(&si);
1949 switch (si.wProcessorArchitecture) {
1950 case PROCESSOR_ARCHITECTURE_AMD64:
1951 msg_ginfo(" (x86_64)");
1952 break;
1953 case PROCESSOR_ARCHITECTURE_INTEL:
1954 msg_ginfo(" (x86)");
1955 break;
1956 default:
1957 msg_ginfo(" (unknown arch)");
1958 break;
1959 }
1960 #elif HAVE_UTSNAME == 1
1961 struct utsname osinfo;
1962
1963 uname(&osinfo);
1964 msg_ginfo(" on %s %s (%s)", osinfo.sysname, osinfo.release,
1965 osinfo.machine);
1966 #else
1967 msg_ginfo(" on unknown machine");
1968 #endif
1969 }
1970
print_buildinfo(void)1971 void print_buildinfo(void)
1972 {
1973 msg_gdbg("flashrom was built with");
1974 #if NEED_PCI == 1
1975 #ifdef PCILIB_VERSION
1976 msg_gdbg(" libpci %s,", PCILIB_VERSION);
1977 #else
1978 msg_gdbg(" unknown PCI library,");
1979 #endif
1980 #endif
1981 #ifdef __clang__
1982 msg_gdbg(" LLVM Clang");
1983 #ifdef __clang_version__
1984 msg_gdbg(" %s,", __clang_version__);
1985 #else
1986 msg_gdbg(" unknown version (before r102686),");
1987 #endif
1988 #elif defined(__GNUC__)
1989 msg_gdbg(" GCC");
1990 #ifdef __VERSION__
1991 msg_gdbg(" %s,", __VERSION__);
1992 #else
1993 msg_gdbg(" unknown version,");
1994 #endif
1995 #else
1996 msg_gdbg(" unknown compiler,");
1997 #endif
1998 #if defined (__FLASHROM_LITTLE_ENDIAN__)
1999 msg_gdbg(" little endian");
2000 #elif defined (__FLASHROM_BIG_ENDIAN__)
2001 msg_gdbg(" big endian");
2002 #else
2003 #error Endianness could not be determined
2004 #endif
2005 msg_gdbg("\n");
2006 }
2007
print_version(void)2008 void print_version(void)
2009 {
2010 msg_ginfo("flashrom %s", flashrom_version);
2011 print_sysinfo();
2012 msg_ginfo("\n");
2013 }
2014
print_banner(void)2015 void print_banner(void)
2016 {
2017 msg_ginfo("flashrom is free software, get the source code at "
2018 "https://flashrom.org\n");
2019 msg_ginfo("\n");
2020 }
2021
selfcheck(void)2022 int selfcheck(void)
2023 {
2024 unsigned int i;
2025 int ret = 0;
2026
2027 /* Safety check. Instead of aborting after the first error, check
2028 * if more errors exist.
2029 */
2030 if (ARRAY_SIZE(programmer_table) - 1 != PROGRAMMER_INVALID) {
2031 msg_gerr("Programmer table miscompilation!\n");
2032 ret = 1;
2033 }
2034 for (i = 0; i < PROGRAMMER_INVALID; i++) {
2035 const struct programmer_entry p = programmer_table[i];
2036 if (p.name == NULL) {
2037 msg_gerr("All programmers need a valid name, but the one with index %d does not!\n", i);
2038 ret = 1;
2039 /* This might hide other problems with this programmer, but allows for better error
2040 * messages below without jumping through hoops. */
2041 continue;
2042 }
2043 switch (p.type) {
2044 case USB:
2045 case PCI:
2046 case OTHER:
2047 if (p.devs.note == NULL) {
2048 if (strcmp("internal", p.name) == 0)
2049 break; /* This one has its device list stored separately. */
2050 msg_gerr("Programmer %s has neither a device list nor a textual description!\n",
2051 p.name);
2052 ret = 1;
2053 }
2054 break;
2055 default:
2056 msg_gerr("Programmer %s does not have a valid type set!\n", p.name);
2057 ret = 1;
2058 break;
2059 }
2060 if (p.init == NULL) {
2061 msg_gerr("Programmer %s does not have a valid init function!\n", p.name);
2062 ret = 1;
2063 }
2064 if (p.delay == NULL) {
2065 msg_gerr("Programmer %s does not have a valid delay function!\n", p.name);
2066 ret = 1;
2067 }
2068 if (p.map_flash_region == NULL) {
2069 msg_gerr("Programmer %s does not have a valid map_flash_region function!\n", p.name);
2070 ret = 1;
2071 }
2072 if (p.unmap_flash_region == NULL) {
2073 msg_gerr("Programmer %s does not have a valid unmap_flash_region function!\n", p.name);
2074 ret = 1;
2075 }
2076 }
2077
2078 /* It would be favorable if we could check for the correct layout (especially termination) of various
2079 * constant arrays: flashchips, chipset_enables, board_matches, boards_known, laptops_known.
2080 * They are all defined as externs in this compilation unit so we don't know their sizes which vary
2081 * depending on compiler flags, e.g. the target architecture, and can sometimes be 0.
2082 * For 'flashchips' we export the size explicitly to work around this and to be able to implement the
2083 * checks below. */
2084 if (flashchips_size <= 1 || flashchips[flashchips_size - 1].name != NULL) {
2085 msg_gerr("Flashchips table miscompilation!\n");
2086 ret = 1;
2087 } else {
2088 for (i = 0; i < flashchips_size - 1; i++) {
2089 const struct flashchip *chip = &flashchips[i];
2090 if (chip->vendor == NULL || chip->name == NULL || chip->bustype == BUS_NONE) {
2091 ret = 1;
2092 msg_gerr("ERROR: Some field of flash chip #%d (%s) is misconfigured.\n"
2093 "Please report a bug at flashrom@flashrom.org\n", i,
2094 chip->name == NULL ? "unnamed" : chip->name);
2095 }
2096 if (selfcheck_eraseblocks(chip)) {
2097 ret = 1;
2098 }
2099 }
2100 }
2101
2102 #if CONFIG_INTERNAL == 1
2103 ret |= selfcheck_board_enables();
2104 #endif
2105
2106 /* TODO: implement similar sanity checks for other arrays where deemed necessary. */
2107 return ret;
2108 }
2109
2110 /* FIXME: This function signature needs to be improved once doit() has a better
2111 * function signature.
2112 */
chip_safety_check(const struct flashctx * flash,int force,int read_it,int write_it,int erase_it,int verify_it)2113 static int chip_safety_check(const struct flashctx *flash, int force,
2114 int read_it, int write_it, int erase_it, int verify_it)
2115 {
2116 const struct flashchip *chip = flash->chip;
2117
2118 if (!programmer_may_write && (write_it || erase_it)) {
2119 msg_perr("Write/erase is not working yet on your programmer in "
2120 "its current configuration.\n");
2121 /* --force is the wrong approach, but it's the best we can do
2122 * until the generic programmer parameter parser is merged.
2123 */
2124 if (!force)
2125 return 1;
2126 msg_cerr("Continuing anyway.\n");
2127 }
2128
2129 if (read_it || erase_it || write_it || verify_it) {
2130 /* Everything needs read. */
2131 if (chip->tested.read == BAD) {
2132 msg_cerr("Read is not working on this chip. ");
2133 if (!force)
2134 return 1;
2135 msg_cerr("Continuing anyway.\n");
2136 }
2137 if (!chip->read) {
2138 msg_cerr("flashrom has no read function for this "
2139 "flash chip.\n");
2140 return 1;
2141 }
2142 }
2143 if (erase_it || write_it) {
2144 /* Write needs erase. */
2145 if (chip->tested.erase == NA) {
2146 msg_cerr("Erase is not possible on this chip.\n");
2147 return 1;
2148 }
2149 if (chip->tested.erase == BAD) {
2150 msg_cerr("Erase is not working on this chip. ");
2151 if (!force)
2152 return 1;
2153 msg_cerr("Continuing anyway.\n");
2154 }
2155 if(count_usable_erasers(flash) == 0) {
2156 msg_cerr("flashrom has no erase function for this "
2157 "flash chip.\n");
2158 return 1;
2159 }
2160 }
2161 if (write_it) {
2162 if (chip->tested.write == NA) {
2163 msg_cerr("Write is not possible on this chip.\n");
2164 return 1;
2165 }
2166 if (chip->tested.write == BAD) {
2167 msg_cerr("Write is not working on this chip. ");
2168 if (!force)
2169 return 1;
2170 msg_cerr("Continuing anyway.\n");
2171 }
2172 if (!chip->write) {
2173 msg_cerr("flashrom has no write function for this "
2174 "flash chip.\n");
2175 return 1;
2176 }
2177 }
2178 return 0;
2179 }
2180
prepare_flash_access(struct flashctx * const flash,const bool read_it,const bool write_it,const bool erase_it,const bool verify_it)2181 int prepare_flash_access(struct flashctx *const flash,
2182 const bool read_it, const bool write_it,
2183 const bool erase_it, const bool verify_it)
2184 {
2185 if (chip_safety_check(flash, flash->flags.force, read_it, write_it, erase_it, verify_it)) {
2186 msg_cerr("Aborting.\n");
2187 return 1;
2188 }
2189
2190 if (flash->layout == get_global_layout() && normalize_romentries(flash)) {
2191 msg_cerr("Requested regions can not be handled. Aborting.\n");
2192 return 1;
2193 }
2194
2195 if (map_flash(flash) != 0)
2196 return 1;
2197
2198 /* Given the existence of read locks, we want to unlock for read,
2199 erase and write. */
2200 if (flash->chip->unlock)
2201 flash->chip->unlock(flash);
2202
2203 flash->address_high_byte = -1;
2204 flash->in_4ba_mode = false;
2205
2206 /* Be careful about 4BA chips and broken masters */
2207 if (flash->chip->total_size > 16 * 1024 && spi_master_no_4ba_modes(flash)) {
2208 /* If we can't use native instructions, bail out */
2209 if ((flash->chip->feature_bits & FEATURE_4BA_NATIVE) != FEATURE_4BA_NATIVE
2210 || !spi_master_4ba(flash)) {
2211 msg_cerr("Programmer doesn't support this chip. Aborting.\n");
2212 return 1;
2213 }
2214 }
2215
2216 /* Enable/disable 4-byte addressing mode if flash chip supports it */
2217 if (flash->chip->feature_bits & (FEATURE_4BA_ENTER | FEATURE_4BA_ENTER_WREN | FEATURE_4BA_ENTER_EAR7)) {
2218 int ret;
2219 if (spi_master_4ba(flash))
2220 ret = spi_enter_4ba(flash);
2221 else
2222 ret = spi_exit_4ba(flash);
2223 if (ret) {
2224 msg_cerr("Failed to set correct 4BA mode! Aborting.\n");
2225 return 1;
2226 }
2227 }
2228
2229 return 0;
2230 }
2231
finalize_flash_access(struct flashctx * const flash)2232 void finalize_flash_access(struct flashctx *const flash)
2233 {
2234 unmap_flash(flash);
2235 }
2236
2237 /**
2238 * @addtogroup flashrom-flash
2239 * @{
2240 */
2241
2242 /**
2243 * @brief Erase the specified ROM chip.
2244 *
2245 * If a layout is set in the given flash context, only included regions
2246 * will be erased.
2247 *
2248 * @param flashctx The context of the flash chip to erase.
2249 * @return 0 on success.
2250 */
flashrom_flash_erase(struct flashctx * const flashctx)2251 int flashrom_flash_erase(struct flashctx *const flashctx)
2252 {
2253 if (prepare_flash_access(flashctx, false, false, true, false))
2254 return 1;
2255
2256 const int ret = erase_by_layout(flashctx);
2257
2258 finalize_flash_access(flashctx);
2259
2260 return ret;
2261 }
2262
2263 /** @} */ /* end flashrom-flash */
2264
2265 /**
2266 * @defgroup flashrom-ops Operations
2267 * @{
2268 */
2269
2270 /**
2271 * @brief Read the current image from the specified ROM chip.
2272 *
2273 * If a layout is set in the specified flash context, only included regions
2274 * will be read.
2275 *
2276 * @param flashctx The context of the flash chip.
2277 * @param buffer Target buffer to write image to.
2278 * @param buffer_len Size of target buffer in bytes.
2279 * @return 0 on success,
2280 * 2 if buffer_len is too short for the flash chip's contents,
2281 * or 1 on any other failure.
2282 */
flashrom_image_read(struct flashctx * const flashctx,void * const buffer,const size_t buffer_len)2283 int flashrom_image_read(struct flashctx *const flashctx, void *const buffer, const size_t buffer_len)
2284 {
2285 const size_t flash_size = flashctx->chip->total_size * 1024;
2286
2287 if (flash_size > buffer_len)
2288 return 2;
2289
2290 if (prepare_flash_access(flashctx, true, false, false, false))
2291 return 1;
2292
2293 msg_cinfo("Reading flash... ");
2294
2295 int ret = 1;
2296 if (read_by_layout(flashctx, buffer)) {
2297 msg_cerr("Read operation failed!\n");
2298 msg_cinfo("FAILED.\n");
2299 goto _finalize_ret;
2300 }
2301 msg_cinfo("done.\n");
2302 ret = 0;
2303
2304 _finalize_ret:
2305 finalize_flash_access(flashctx);
2306 return ret;
2307 }
2308
combine_image_by_layout(const struct flashctx * const flashctx,uint8_t * const newcontents,const uint8_t * const oldcontents)2309 static void combine_image_by_layout(const struct flashctx *const flashctx,
2310 uint8_t *const newcontents, const uint8_t *const oldcontents)
2311 {
2312 const struct flashrom_layout *const layout = get_layout(flashctx);
2313 const struct romentry *included;
2314 chipoff_t start = 0;
2315
2316 while ((included = layout_next_included_region(layout, start))) {
2317 if (included->start > start) {
2318 /* copy everything up to the start of this included region */
2319 memcpy(newcontents + start, oldcontents + start, included->start - start);
2320 }
2321 /* skip this included region */
2322 start = included->end + 1;
2323 if (start == 0)
2324 return;
2325 }
2326
2327 /* copy the rest of the chip */
2328 const chipsize_t copy_len = flashctx->chip->total_size * 1024 - start;
2329 memcpy(newcontents + start, oldcontents + start, copy_len);
2330 }
2331
2332 /**
2333 * @brief Write the specified image to the ROM chip.
2334 *
2335 * If a layout is set in the specified flash context, only erase blocks
2336 * containing included regions will be touched.
2337 *
2338 * @param flashctx The context of the flash chip.
2339 * @param buffer Source buffer to read image from (may be altered for full verification).
2340 * @param buffer_len Size of source buffer in bytes.
2341 * @param refbuffer If given, assume flash chip contains same data as `refbuffer`.
2342 * @return 0 on success,
2343 * 4 if buffer_len doesn't match the size of the flash chip,
2344 * 3 if write was tried but nothing has changed,
2345 * 2 if write failed and flash contents changed,
2346 * or 1 on any other failure.
2347 */
flashrom_image_write(struct flashctx * const flashctx,void * const buffer,const size_t buffer_len,const void * const refbuffer)2348 int flashrom_image_write(struct flashctx *const flashctx, void *const buffer, const size_t buffer_len,
2349 const void *const refbuffer)
2350 {
2351 const size_t flash_size = flashctx->chip->total_size * 1024;
2352 const bool verify_all = flashctx->flags.verify_whole_chip;
2353 const bool verify = flashctx->flags.verify_after_write;
2354
2355 if (buffer_len != flash_size)
2356 return 4;
2357
2358 int ret = 1;
2359
2360 uint8_t *const newcontents = buffer;
2361 const uint8_t *const refcontents = refbuffer;
2362 uint8_t *const curcontents = malloc(flash_size);
2363 uint8_t *oldcontents = NULL;
2364 if (verify_all)
2365 oldcontents = malloc(flash_size);
2366 if (!curcontents || (verify_all && !oldcontents)) {
2367 msg_gerr("Out of memory!\n");
2368 goto _free_ret;
2369 }
2370
2371 #if CONFIG_INTERNAL == 1
2372 if (programmer == PROGRAMMER_INTERNAL && cb_check_image(newcontents, flash_size) < 0) {
2373 if (flashctx->flags.force_boardmismatch) {
2374 msg_pinfo("Proceeding anyway because user forced us to.\n");
2375 } else {
2376 msg_perr("Aborting. You can override this with "
2377 "-p internal:boardmismatch=force.\n");
2378 goto _free_ret;
2379 }
2380 }
2381 #endif
2382
2383 if (prepare_flash_access(flashctx, false, true, false, verify))
2384 goto _free_ret;
2385
2386 /* If given, assume flash chip contains same data as `refcontents`. */
2387 if (refcontents) {
2388 msg_cinfo("Assuming old flash chip contents as ref-file...\n");
2389 memcpy(curcontents, refcontents, flash_size);
2390 if (oldcontents)
2391 memcpy(oldcontents, refcontents, flash_size);
2392 } else {
2393 /*
2394 * Read the whole chip to be able to check whether regions need to be
2395 * erased and to give better diagnostics in case write fails.
2396 * The alternative is to read only the regions which are to be
2397 * preserved, but in that case we might perform unneeded erase which
2398 * takes time as well.
2399 */
2400 msg_cinfo("Reading old flash chip contents... ");
2401 if (verify_all) {
2402 if (flashctx->chip->read(flashctx, oldcontents, 0, flash_size)) {
2403 msg_cinfo("FAILED.\n");
2404 goto _finalize_ret;
2405 }
2406 memcpy(curcontents, oldcontents, flash_size);
2407 } else {
2408 if (read_by_layout(flashctx, curcontents)) {
2409 msg_cinfo("FAILED.\n");
2410 goto _finalize_ret;
2411 }
2412 }
2413 msg_cinfo("done.\n");
2414 }
2415
2416 if (write_by_layout(flashctx, curcontents, newcontents)) {
2417 msg_cerr("Uh oh. Erase/write failed. ");
2418 ret = 2;
2419 if (verify_all) {
2420 msg_cerr("Checking if anything has changed.\n");
2421 msg_cinfo("Reading current flash chip contents... ");
2422 if (!flashctx->chip->read(flashctx, curcontents, 0, flash_size)) {
2423 msg_cinfo("done.\n");
2424 if (!memcmp(oldcontents, curcontents, flash_size)) {
2425 nonfatal_help_message();
2426 goto _finalize_ret;
2427 }
2428 msg_cerr("Apparently at least some data has changed.\n");
2429 } else
2430 msg_cerr("Can't even read anymore!\n");
2431 emergency_help_message();
2432 goto _finalize_ret;
2433 } else {
2434 msg_cerr("\n");
2435 }
2436 emergency_help_message();
2437 goto _finalize_ret;
2438 }
2439
2440 /* Verify only if we actually changed something. */
2441 if (verify && !all_skipped) {
2442 const struct flashrom_layout *const layout_bak = flashctx->layout;
2443
2444 msg_cinfo("Verifying flash... ");
2445
2446 /* Work around chips which need some time to calm down. */
2447 programmer_delay(1000*1000);
2448
2449 if (verify_all) {
2450 combine_image_by_layout(flashctx, newcontents, oldcontents);
2451 flashctx->layout = NULL;
2452 }
2453 ret = verify_by_layout(flashctx, curcontents, newcontents);
2454 flashctx->layout = layout_bak;
2455 /* If we tried to write, and verification now fails, we
2456 might have an emergency situation. */
2457 if (ret)
2458 emergency_help_message();
2459 else
2460 msg_cinfo("VERIFIED.\n");
2461 } else {
2462 /* We didn't change anything. */
2463 ret = 0;
2464 }
2465
2466 _finalize_ret:
2467 finalize_flash_access(flashctx);
2468 _free_ret:
2469 free(oldcontents);
2470 free(curcontents);
2471 return ret;
2472 }
2473
2474 /**
2475 * @brief Verify the ROM chip's contents with the specified image.
2476 *
2477 * If a layout is set in the specified flash context, only included regions
2478 * will be verified.
2479 *
2480 * @param flashctx The context of the flash chip.
2481 * @param buffer Source buffer to verify with.
2482 * @param buffer_len Size of source buffer in bytes.
2483 * @return 0 on success,
2484 * 3 if the chip's contents don't match,
2485 * 2 if buffer_len doesn't match the size of the flash chip,
2486 * or 1 on any other failure.
2487 */
flashrom_image_verify(struct flashctx * const flashctx,const void * const buffer,const size_t buffer_len)2488 int flashrom_image_verify(struct flashctx *const flashctx, const void *const buffer, const size_t buffer_len)
2489 {
2490 const size_t flash_size = flashctx->chip->total_size * 1024;
2491
2492 if (buffer_len != flash_size)
2493 return 2;
2494
2495 const uint8_t *const newcontents = buffer;
2496 uint8_t *const curcontents = malloc(flash_size);
2497 if (!curcontents) {
2498 msg_gerr("Out of memory!\n");
2499 return 1;
2500 }
2501
2502 int ret = 1;
2503
2504 if (prepare_flash_access(flashctx, false, false, false, true))
2505 goto _free_ret;
2506
2507 msg_cinfo("Verifying flash... ");
2508 ret = verify_by_layout(flashctx, curcontents, newcontents);
2509 if (!ret)
2510 msg_cinfo("VERIFIED.\n");
2511
2512 finalize_flash_access(flashctx);
2513 _free_ret:
2514 free(curcontents);
2515 return ret;
2516 }
2517
2518 /** @} */ /* end flashrom-ops */
2519
do_read(struct flashctx * const flash,const char * const filename)2520 int do_read(struct flashctx *const flash, const char *const filename)
2521 {
2522 if (prepare_flash_access(flash, true, false, false, false))
2523 return 1;
2524
2525 const int ret = read_flash_to_file(flash, filename);
2526
2527 finalize_flash_access(flash);
2528
2529 return ret;
2530 }
2531
do_erase(struct flashctx * const flash)2532 int do_erase(struct flashctx *const flash)
2533 {
2534 const int ret = flashrom_flash_erase(flash);
2535
2536 /*
2537 * FIXME: Do we really want the scary warning if erase failed?
2538 * After all, after erase the chip is either blank or partially
2539 * blank or it has the old contents. A blank chip won't boot,
2540 * so if the user wanted erase and reboots afterwards, the user
2541 * knows very well that booting won't work.
2542 */
2543 if (ret)
2544 emergency_help_message();
2545
2546 return ret;
2547 }
2548
do_write(struct flashctx * const flash,const char * const filename,const char * const referencefile)2549 int do_write(struct flashctx *const flash, const char *const filename, const char *const referencefile)
2550 {
2551 const size_t flash_size = flash->chip->total_size * 1024;
2552 int ret = 1;
2553
2554 uint8_t *const newcontents = malloc(flash_size);
2555 uint8_t *const refcontents = referencefile ? malloc(flash_size) : NULL;
2556
2557 if (!newcontents || (referencefile && !refcontents)) {
2558 msg_gerr("Out of memory!\n");
2559 goto _free_ret;
2560 }
2561
2562 if (read_buf_from_file(newcontents, flash_size, filename))
2563 goto _free_ret;
2564
2565 if (referencefile) {
2566 if (read_buf_from_file(refcontents, flash_size, referencefile))
2567 goto _free_ret;
2568 }
2569
2570 ret = flashrom_image_write(flash, newcontents, flash_size, refcontents);
2571
2572 _free_ret:
2573 free(refcontents);
2574 free(newcontents);
2575 return ret;
2576 }
2577
do_verify(struct flashctx * const flash,const char * const filename)2578 int do_verify(struct flashctx *const flash, const char *const filename)
2579 {
2580 const size_t flash_size = flash->chip->total_size * 1024;
2581 int ret = 1;
2582
2583 uint8_t *const newcontents = malloc(flash_size);
2584 if (!newcontents) {
2585 msg_gerr("Out of memory!\n");
2586 goto _free_ret;
2587 }
2588
2589 if (read_buf_from_file(newcontents, flash_size, filename))
2590 goto _free_ret;
2591
2592 ret = flashrom_image_verify(flash, newcontents, flash_size);
2593
2594 _free_ret:
2595 free(newcontents);
2596 return ret;
2597 }
2598