From patchwork Mon Oct 21 09:06:20 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Freihofer, Adrian" X-Patchwork-Id: 1180399 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=googlegroups.com (client-ip=2a00:1450:4864:20::43c; helo=mail-wr1-x43c.google.com; envelope-from=swupdate+bncbaabbgxkwxwqkgqe3ipxpda@googlegroups.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=siemens.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=googlegroups.com header.i=@googlegroups.com header.b="s4BQgCX9"; dkim-atps=neutral Received: from mail-wr1-x43c.google.com (mail-wr1-x43c.google.com [IPv6:2a00:1450:4864:20::43c]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 46xW3M5RPqz9sNw for ; Mon, 21 Oct 2019 20:06:38 +1100 (AEDT) Received: by mail-wr1-x43c.google.com with SMTP id 7sf6945112wrl.2 for ; Mon, 21 Oct 2019 02:06:38 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1571648794; cv=pass; d=google.com; s=arc-20160816; b=h8qrPSYuHYj5HQv5uweITDP0mhJLZVLG+oOp3eRhlgMV+4cTP7tOquVzW6pOe6y/Gj nIdgCAgfBcxST1zhYre24e4SfDMBABA85DZfdANkLn6u96YWmrw6AyUbgn84wm6OOqyv b6YDtZNouqX0budFvZxdqL3oT/gsVmGtv2VMGM9peJXTXMlSyW0RTqZ5jbm3HvvDy6AY zCoi2ohFWNaPK5QeeUHNwOfEtYHWrMAmy6mgvF1mTtTPo64ScQwC4j5RCHn9Qm0SE127 z01Q5p8WXHGR3ImifvvOgFEp+X7BSMWLV0w93ZKYdIQXA48o4P8RA9JSbRZx2a0/riwm DU2g== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:message-id:date:subject:cc:to:from :mime-version:sender:dkim-signature; bh=Yy9dV93fNPrMJUMMdEpm/MVhHGAK/aS9vrs30Clm1t4=; b=ANabWA826NzHaB03Taah1Wk1JdxjDP6YUiO0DDH+0b1UX6vcmSjGGzdr83+X1vE+mW 89pn4nYq798tGWsLkfYt5FgqWHPi++3AnJfYlT60RcoPiHd+19rhfJZbVz76DuRF5fz1 8fRody3GRZqB52klOKezAZCgJn9x2xqRzcl9XUmrEVZUlDqXc9rUB35h5tuZt/TQXzv0 E2SZjOlNtL0RubDfvwO7rHe9LYZRqmA2cC9JEnr0oo9Ur/ECZfopnD3vkcTT85pzRXho kFis6XbgoTz5LstIdXMW3B1vScw/+OP4O3eijPi5n3hVtQrRZE+4pl70bodvYHaplbMz 5PCw== ARC-Authentication-Results: i=2; gmr-mx.google.com; spf=pass (google.com: domain of adrian.freihofer@siemens.com designates 192.35.17.28 as permitted sender) smtp.mailfrom=adrian.freihofer@siemens.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=siemens.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20161025; h=sender:mime-version:from:to:cc:subject:date:message-id :x-original-sender:x-original-authentication-results:precedence :mailing-list:list-id:list-post:list-help:list-archive :list-subscribe:list-unsubscribe; bh=Yy9dV93fNPrMJUMMdEpm/MVhHGAK/aS9vrs30Clm1t4=; b=s4BQgCX9JCjLl5XuAjw8VOGwZ5R+RmFDPupjeB/BNoXwgHZ41B09g78Muzge+CvqNY p3LMer2+tVMO5jRG6YA8oL/ReUJOFmy1UdeRl1Bmhf5s5VCLXT4ktgqXHVfp1iUmj2li 1Eo4Ct6n8o92W3vA6/eC/nAfxiz9kTIouR1Eii3lN+hu+FM4UJxpsY1xTRj7BvpfRKmA CxqMc3zJiR8TN4sdcAM9YXpEQa0rZ3sVjQQ1KsEKjDrilQo/W6EoxtVgifzgEsKn5R4d D/20VEQ05BzDLJ2yEsawNW6uJ1gw7UVXCuoVaiwpk5ocTZP3iCnmXUG9GWzs0u/tkegj kcZQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=sender:x-gm-message-state:mime-version:from:to:cc:subject:date :message-id:x-original-sender:x-original-authentication-results :precedence:mailing-list:list-id:x-spam-checked-in-group:list-post :list-help:list-archive:list-subscribe:list-unsubscribe; bh=Yy9dV93fNPrMJUMMdEpm/MVhHGAK/aS9vrs30Clm1t4=; b=M2M4IcgNnAk5zJNUo2ekF53c0juMbVyZaM5nMU3oNy7Yn6fRbD8w7RH4Drq7+c/BZK J1/XddVQd5+XX3adEWLE9DgCGMdulQwCRVe9ruBXxYoA0XAHWItXgaqZWl4gtCm5hUn3 yiG9tZk6y64D7HB/Zht1AXsaitKELMyLb76ttkktOOX0q5riZLnNLZFxA5lDYCQEO8IS D5NGnz9nTIlnE7ev6LcOduG7BYnWI0Dq5zvaT9BiEbBmuZCkOAZcnTpRytSla0BHPm22 8kh2EHYajrLg7T96+0xo3XyJB3G2KjgfhzDd6zmiIBxorieXK50CQY0ZjmLU4AKvWvZ4 pk/w== Sender: swupdate@googlegroups.com X-Gm-Message-State: APjAAAXJCqcxFR+3xIE+83HosSLF86Hn4XwG7CdYwy/1xBtXueuuS9tR 9xRMeUBXc8YVo5O7Qh/+lGY= X-Google-Smtp-Source: APXvYqwWxLN3VdNirQhkRuJdtsJzt3TdngkvZzSO5pxE9hJklx7GwQr8aNv2N2wErpRiQoqthC2HGQ== X-Received: by 2002:a5d:4902:: with SMTP id x2mr14038880wrq.374.1571648794813; Mon, 21 Oct 2019 02:06:34 -0700 (PDT) MIME-Version: 1.0 X-BeenThere: swupdate@googlegroups.com Received: by 2002:adf:9d8c:: with SMTP id p12ls6545323wre.1.gmail; Mon, 21 Oct 2019 02:06:34 -0700 (PDT) X-Received: by 2002:a5d:6a02:: with SMTP id m2mr4040489wru.304.1571648794420; Mon, 21 Oct 2019 02:06:34 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1571648794; cv=none; d=google.com; s=arc-20160816; b=hg0AhUQAWnrJhTDHI4a/CaU7GjIRSu9WnDZ52dVzBLI1iDmVBiQ1Dki+Is7Ahqhldv YEI5yImYDf2EDranojUmxoW2j1534bHLg0MxsODIgs6i50jxyARflr/FdW/qbB15S2ih oCV+LK+QSrlt4eZ8Z17vhbSINb+Rx4PPQ/cnJjsFALf2AAfoel13MDbwxUj88i7Mz0Eg +38W5yKnHHmV5FCjNRDjVUr3Bf0t4wDuTjO/VcwZviy+6uVQgIAopSnmLXxfIaUMYPNE rkrrcMrfto/EBjYo+LK4FPh2i2kaQsGi1mEmLWuyHvfbpCoVBqDZ+y8DS4ghjt2CB/Tn hnqg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=message-id:date:subject:cc:to:from; bh=fRCgUZthUXA6SaszI6UToVBxFuMIM2F4Gdn6ZD2wg+c=; b=l/KcTLie/0mzHIG6t7ECk7rXshN4qty/zYPTVS1/cEasw6UG2S4eBSH8mNB8FICHbl nkLbALPsD1gaO+9EwBz70YRW5QiuiU2QEc8/5v7gBNUcF6dTjs4xfPVD1LekcGO8e1a8 9PqFosJ9x5g6OeXDR6l305wUcU4H/ORgsXViARRfMurfNn2cauYTFf2JsC04DTb/oSpp 52TnfyWQ6/jcke7JpMXCVc+XyXzLqJybwuxaH7UzuWLsINre4gRLhzXduLz/7MiSvJvY hZaBX+Tq4+A76LB9Yj/gdmW0TcJf2w7mTqK3VsBxPTune5jaAwUWULsYTlxn/Hf+iDj2 vJ9Q== ARC-Authentication-Results: i=1; gmr-mx.google.com; spf=pass (google.com: domain of adrian.freihofer@siemens.com designates 192.35.17.28 as permitted sender) smtp.mailfrom=adrian.freihofer@siemens.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=siemens.com Received: from goliath.siemens.de (goliath.siemens.de. [192.35.17.28]) by gmr-mx.google.com with ESMTPS id q73si37747wme.1.2019.10.21.02.06.34 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 21 Oct 2019 02:06:34 -0700 (PDT) Received-SPF: pass (google.com: domain of adrian.freihofer@siemens.com designates 192.35.17.28 as permitted sender) client-ip=192.35.17.28; Received: from mail1.siemens.de (mail1.siemens.de [139.23.33.14]) by goliath.siemens.de (8.15.2/8.15.2) with ESMTPS id x9L96XXu008494 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK) for ; Mon, 21 Oct 2019 11:06:34 +0200 Received: from dev.vm6.ccp.siemens.com (md1w1dqc.ad001.siemens.net [139.16.117.54]) by mail1.siemens.de (8.15.2/8.15.2) with ESMTP id x9L96WP0012134; Mon, 21 Oct 2019 11:06:32 +0200 Received: from dev.localdomain (localhost [127.0.0.1]) by dev.vm6.ccp.siemens.com (Postfix) with ESMTP id 70A922353A50; Mon, 21 Oct 2019 11:06:32 +0200 (CEST) From: Adrian Freihofer To: swupdate@googlegroups.com Cc: Adrian Freihofer Subject: [swupdate] [PATCH] raw_handler: handle ro block devices Date: Mon, 21 Oct 2019 11:06:20 +0200 Message-Id: <20191021090620.11787-1-adrian.freihofer@siemens.com> X-Mailer: git-send-email 2.11.0 X-Original-Sender: adrian.freihofer@siemens.com X-Original-Authentication-Results: gmr-mx.google.com; spf=pass (google.com: domain of adrian.freihofer@siemens.com designates 192.35.17.28 as permitted sender) smtp.mailfrom=adrian.freihofer@siemens.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=siemens.com Precedence: list Mailing-list: list swupdate@googlegroups.com; contact swupdate+owners@googlegroups.com List-ID: X-Spam-Checked-In-Group: swupdate@googlegroups.com X-Google-Group-Id: 605343134186 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , Some block devices support physical write protection. The kernel provides a standard interface to enable or disable protection in /sys/class/block/*/force_ro. This patch adds functionality to automatically detect these memory types. If read-only mode is enabled on the partition on which the image must be written, swupdate temporarily switches to read/write mode. Signed-off-by: Adrian Freihofer --- handlers/raw_handler.c | 92 ++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 92 insertions(+) diff --git a/handlers/raw_handler.c b/handlers/raw_handler.c index ba87191..a14a8d2 100644 --- a/handlers/raw_handler.c +++ b/handlers/raw_handler.c @@ -27,12 +27,99 @@ void raw_image_handler(void); void raw_file_handler(void); void raw_copyimage_handler(void); +/** + * Handle write protection for block devices + * + * Automatically remove write protection for block devices if: + * - The device name matches /dev/mmcblk[0-9]boot[0-9] + * - A corresponding ro flag e.g. /sys/class/block/mmcblk0boot0/force_ro is available + * - The ro flag can be opened writeable + */ +static int blkprotect(struct img_type *img, bool on) +{ + const char c_sys_path_1[] = "/sys/class/block/"; + const char c_sys_path_2[] = "/force_ro"; + const char c_dev_name_1[] = "mmcblk"; + const char c_dev_name_2[] = "boot"; + const char c_unprot_char = '0'; + const char c_prot_char = '1'; + const char *devfile = img->device; + int ret = 0; // 0 means OK nothing to do, 1 OK unprotected, negative means error + int ret_int = 0; + char *sysfs_path = NULL; + int fd_force_ro; + + if (strncmp("/dev/", img->device, 5) == 0) { + devfile = img->device + 5; + } else { + return ret; + } + + ret_int = strncmp(devfile, c_dev_name_1, sizeof(c_dev_name_1) - 1); + if (ret_int != 0) { + return ret; + } + + if (strncmp(devfile + sizeof(c_dev_name_1), c_dev_name_2, sizeof(c_dev_name_2) - 1) != 0) { + return ret; + } + + if (*(devfile + sizeof(c_dev_name_1) - 1) < '0' || + *(devfile + sizeof(c_dev_name_1) - 1) > '9') { + return ret; + } + + if (*(devfile + sizeof(c_dev_name_1) + sizeof(c_dev_name_2) - 1) < '0' || + *(devfile + sizeof(c_dev_name_1) + sizeof(c_dev_name_2) - 1) > '9') { + return ret; + } + + ret_int = asprintf(&sysfs_path, "%s%s%s", c_sys_path_1, devfile, c_sys_path_2); + if(ret_int < 0) { + ret = -ENOMEM; + goto blkprotect_out; + } + + if (access(sysfs_path, W_OK) == -1) { + goto blkprotect_out; + } + + // There is a ro flag, the device needs to be protected or unprotected + fd_force_ro = open(sysfs_path, O_RDWR); + if (fd_force_ro == -1) { + ret = -EBADF; + goto blkprotect_out; + } + + if(on == false) { + // Unprotect the device, if protected + char current_prot; + ssize_t n = read(fd_force_ro, ¤t_prot, 1); + if (n == 1 && (current_prot == c_prot_char)) { + write(fd_force_ro, &c_unprot_char, 1); + ret = 1; + } + } else { + write(fd_force_ro, &c_prot_char, 1); + } + close(fd_force_ro); + +blkprotect_out: + if(sysfs_path) + free(sysfs_path); + return ret; +} + static int install_raw_image(struct img_type *img, void __attribute__ ((__unused__)) *data) { int ret; int fdout; + int prot_stat = blkprotect(img, false); + if (prot_stat < 0) + return prot_stat; + fdout = open(img->device, O_RDWR); if (fdout < 0) { TRACE("Device %s cannot be opened: %s", @@ -45,6 +132,11 @@ static int install_raw_image(struct img_type *img, ret = copyimage(&fdout, img, NULL); #endif + if (prot_stat == 1) { + fsync(fdout); // flush before ro mode gets applied + blkprotect(img, true); // no error handling, keep ret from copyimage + } + close(fdout); return ret; }