[PATCH 38/42] state: Allow to load without authentification

Sascha Hauer s.hauer at pengutronix.de
Fri Mar 31 00:03:42 PDT 2017


Sometimes it's useful to be able to load a state even when it
can't be authentificated. Add an option for this.

Signed-off-by: Sascha Hauer <s.hauer at pengutronix.de>
---
 commands/state.c                  | 16 ++++++++++++----
 common/state/backend_format_dtb.c |  4 ++--
 common/state/backend_format_raw.c |  6 +++---
 common/state/backend_storage.c    |  6 ++++--
 common/state/state.c              | 14 ++++++++++++--
 common/state/state.h              |  9 +++++++--
 include/state.h                   |  1 +
 7 files changed, 41 insertions(+), 15 deletions(-)

diff --git a/commands/state.c b/commands/state.c
index aded6e71e2..c57a906ff0 100644
--- a/commands/state.c
+++ b/commands/state.c
@@ -23,8 +23,9 @@ static int do_state(int argc, char *argv[])
 	struct state *state = NULL;
 	int do_save = 0, do_load = 0;
 	const char *statename = "state";
+	int no_auth = 0;
 
-	while ((opt = getopt(argc, argv, "sl")) > 0) {
+	while ((opt = getopt(argc, argv, "sln")) > 0) {
 		switch (opt) {
 		case 's':
 			do_save = 1;
@@ -32,6 +33,9 @@ static int do_state(int argc, char *argv[])
 		case 'l':
 			do_load = 1;
 			break;
+		case 'n':
+			no_auth = 1;
+			break;
 		default:
 			return COMMAND_ERROR_USAGE;
 		}
@@ -51,10 +55,14 @@ static int do_state(int argc, char *argv[])
 		return -ENOENT;
 	}
 
-	if (do_load)
-		ret = state_load(state);
-	else if (do_save)
+	if (do_load) {
+		if (no_auth)
+			ret = state_load_no_auth(state);
+		else
+			ret = state_load(state);
+	} else if (do_save) {
 		ret = state_save(state);
+	}
 
 	return ret;
 }
diff --git a/common/state/backend_format_dtb.c b/common/state/backend_format_dtb.c
index d7b01729bc..55fa1fc597 100644
--- a/common/state/backend_format_dtb.c
+++ b/common/state/backend_format_dtb.c
@@ -40,7 +40,7 @@ static inline struct state_backend_format_dtb *get_format_dtb(struct
 
 static int state_backend_format_dtb_verify(struct state_backend_format *format,
 					   uint32_t magic, const void * buf,
-					   ssize_t *lenp)
+					   ssize_t *lenp, enum state_flags flags)
 {
 	struct state_backend_format_dtb *fdtb = get_format_dtb(format);
 	struct device_node *root;
@@ -81,7 +81,7 @@ static int state_backend_format_dtb_unpack(struct state_backend_format *format,
 	int ret;
 
 	if (!fdtb->root) {
-		state_backend_format_dtb_verify(format, 0, buf, &len);
+		state_backend_format_dtb_verify(format, 0, buf, &len, 0);
 	}
 
 	ret = state_from_node(state, fdtb->root, 0);
diff --git a/common/state/backend_format_raw.c b/common/state/backend_format_raw.c
index 43a5523152..232856a209 100644
--- a/common/state/backend_format_raw.c
+++ b/common/state/backend_format_raw.c
@@ -96,7 +96,7 @@ static int backend_raw_digest_init(struct state_backend_format_raw *raw)
 
 static int backend_format_raw_verify(struct state_backend_format *format,
 				     uint32_t magic, const void * buf,
-				     ssize_t *lenp)
+				     ssize_t *lenp, enum state_flags flags)
 {
 	uint32_t crc;
 	struct backend_raw_header *header;
@@ -127,7 +127,7 @@ static int backend_format_raw_verify(struct state_backend_format *format,
 		return -EINVAL;
 	}
 
-	if (backend_raw->algo) {
+	if (backend_raw->algo && !(flags & STATE_FLAG_NO_AUTHENTIFICATION)) {
 		ret = backend_raw_digest_init(backend_raw);
 		if (ret)
 			return ret;
@@ -153,7 +153,7 @@ static int backend_format_raw_verify(struct state_backend_format *format,
 
 	*lenp = header->data_len + sizeof(*header);
 
-	if (backend_raw->algo) {
+	if (backend_raw->algo && !(flags & STATE_FLAG_NO_AUTHENTIFICATION)) {
 		const void *hmac = data + header->data_len;
 
 		/* hmac over header and data */
diff --git a/common/state/backend_storage.c b/common/state/backend_storage.c
index a5688aa424..9ed6ad79ac 100644
--- a/common/state/backend_storage.c
+++ b/common/state/backend_storage.c
@@ -127,6 +127,7 @@ refresh:
  * @param magic state magic value
  * @param buf The newly allocated data area will be stored in this pointer
  * @param len The resulting length of the buffer
+ * @param flags flags controlling how to load state
  * @return 0 on success, -errno otherwise. buf and len will be set to valid
  * values on success.
  *
@@ -137,7 +138,8 @@ refresh:
  */
 int state_storage_read(struct state_backend_storage *storage,
 		       struct state_backend_format *format,
-		       uint32_t magic, void **buf, ssize_t *len)
+		       uint32_t magic, void **buf, ssize_t *len,
+		       enum state_flags flags)
 {
 	struct state_backend_storage_bucket *bucket, *bucket_used = NULL;
 	int ret;
@@ -157,7 +159,7 @@ int state_storage_read(struct state_backend_storage *storage,
 		 * Verify the buffer crcs. The buffer length is passed in the len argument,
 		 * .verify overwrites it with the length actually used.
 		 */
-		ret = format->verify(format, magic, bucket->buf, &bucket->len);
+		ret = format->verify(format, magic, bucket->buf, &bucket->len, flags);
 		if (!ret && !bucket_used)
 			bucket_used = bucket;
 	}
diff --git a/common/state/state.c b/common/state/state.c
index 476e3ee08e..1232ff3207 100644
--- a/common/state/state.c
+++ b/common/state/state.c
@@ -78,14 +78,14 @@ out:
  * we read is checked for integrity by the formatter. After that we unpack the
  * data into our state.
  */
-int state_load(struct state *state)
+static int state_do_load(struct state *state, enum state_flags flags)
 {
 	void *buf;
 	ssize_t len;
 	int ret;
 
 	ret = state_storage_read(&state->storage, state->format,
-				 state->magic, &buf, &len);
+				 state->magic, &buf, &len, flags);
 	if (ret) {
 		dev_err(&state->dev, "Failed to read state with format %s, %d\n",
 			state->format->name, ret);
@@ -106,6 +106,16 @@ out:
 	return ret;
 }
 
+int state_load(struct state *state)
+{
+	return state_do_load(state, 0);
+}
+
+int state_load_no_auth(struct state *state)
+{
+	return state_do_load(state, STATE_FLAG_NO_AUTHENTIFICATION);
+}
+
 static int state_format_init(struct state *state, const char *backend_format,
 			     struct device_node *node, const char *state_name)
 {
diff --git a/common/state/state.h b/common/state/state.h
index a2737abeb6..5e240c4773 100644
--- a/common/state/state.h
+++ b/common/state/state.h
@@ -5,6 +5,10 @@
 struct state;
 struct mtd_info_user;
 
+enum state_flags {
+	STATE_FLAG_NO_AUTHENTIFICATION = (1 << 0),
+};
+
 /**
  * state_backend_storage_bucket - This class describes a single backend storage
  * object copy
@@ -53,7 +57,7 @@ struct state_backend_storage_bucket {
  */
 struct state_backend_format {
 	int (*verify) (struct state_backend_format * format, uint32_t magic,
-		       const void * buf, ssize_t *lenp);
+		       const void * buf, ssize_t *lenp, enum state_flags flags);
 	int (*pack) (struct state_backend_format * format, struct state * state,
 		     void ** buf, ssize_t * len);
 	int (*unpack) (struct state_backend_format * format,
@@ -223,7 +227,8 @@ int state_storage_write(struct state_backend_storage *storage,
 			const void * buf, ssize_t len);
 int state_storage_read(struct state_backend_storage *storage,
 		       struct state_backend_format *format,
-		       uint32_t magic, void **buf, ssize_t *len);
+		       uint32_t magic, void **buf, ssize_t *len,
+		       enum state_flags flags);
 
 static inline struct state_uint32 *to_state_uint32(struct state_variable *s)
 {
diff --git a/include/state.h b/include/state.h
index bc9a574093..63164f92e5 100644
--- a/include/state.h
+++ b/include/state.h
@@ -18,6 +18,7 @@ struct state *state_by_name(const char *name);
 struct state *state_by_node(const struct device_node *node);
 int state_get_name(const struct state *state, char const **name);
 
+int state_load_no_auth(struct state *state);
 int state_load(struct state *state);
 int state_save(struct state *state);
 void state_info(void);
-- 
2.11.0




More information about the barebox mailing list