arm: mx6: fix NFC clock get/set routines for i.MX6QP,i.MX6UL

[karo-tx-uboot.git] / common / autoboot.c

diff --git a/common/autoboot.c b/common/autoboot.c
index 30102a47a8aefecf85ccd38984e054541bbe669a..c367076257971b943e2d0c872fda448602316930 100644 (file)
--- a/common/autoboot.c
+++ b/common/autoboot.c
@@ -6,11 +6,13 @@
  */
 
 #include <common.h>
+#include <autoboot.h>
 #include <bootretry.h>
 #include <cli.h>
 #include <fdtdec.h>
 #include <menu.h>
 #include <post.h>
+#include <u-boot/sha256.h>
 
 DECLARE_GLOBAL_DATA_PTR;
 
@@ -25,15 +27,81 @@ DECLARE_GLOBAL_DATA_PTR;
 /* Stored value of bootdelay, used by autoboot_command() */
 static int stored_bootdelay;
 
-/***************************************************************************
- * Watch for 'delay' seconds for autoboot stop or autoboot delay string.
- * returns: 0 -  no key string, allow autoboot 1 - got key string, abort
+#if defined(CONFIG_AUTOBOOT_KEYED)
+#if defined(CONFIG_AUTOBOOT_STOP_STR_SHA256)
+
+/*
+ * Use a "constant-length" time compare function for this
+ * hash compare:
+ *
+ * https://crackstation.net/hashing-security.htm
  */
-# if defined(CONFIG_AUTOBOOT_KEYED)
-static int abortboot_keyed(int bootdelay)
+static int slow_equals(u8 *a, u8 *b, int len)
+{
+       int diff = 0;
+       int i;
+
+       for (i = 0; i < len; i++)
+               diff |= a[i] ^ b[i];
+
+       return diff == 0;
+}
+
+static int passwd_abort(uint64_t etime)
+{
+       const char *sha_env_str = getenv("bootstopkeysha256");
+       u8 sha_env[SHA256_SUM_LEN];
+       u8 sha[SHA256_SUM_LEN];
+       char presskey[MAX_DELAY_STOP_STR];
+       const char *algo_name = "sha256";
+       u_int presskey_len = 0;
+       int abort = 0;
+       int size;
+       int ret;
+
+       if (sha_env_str == NULL)
+               sha_env_str = CONFIG_AUTOBOOT_STOP_STR_SHA256;
+
+       /*
+        * Generate the binary value from the environment hash value
+        * so that we can compare this value with the computed hash
+        * from the user input
+        */
+       ret = hash_parse_string(algo_name, sha_env_str, sha_env);
+       if (ret) {
+               printf("Hash %s not supported!\n", algo_name);
+               return 0;
+       }
+
+       /*
+        * We don't know how long the stop-string is, so we need to
+        * generate the sha256 hash upon each input character and
+        * compare the value with the one saved in the environment
+        */
+       do {
+               if (tstc()) {
+                       /* Check for input string overflow */
+                       if (presskey_len >= MAX_DELAY_STOP_STR)
+                               return 0;
+
+                       presskey[presskey_len++] = getc();
+
+                       /* Calculate sha256 upon each new char */
+                       hash_block(algo_name, (const void *)presskey,
+                                  presskey_len, sha, &size);
+
+                       /* And check if sha matches saved value in env */
+                       if (slow_equals(sha, sha_env, SHA256_SUM_LEN))
+                               abort = 1;
+               }
+       } while (!abort && get_ticks() <= etime);
+
+       return abort;
+}
+#else
+static int passwd_abort(uint64_t etime)
 {
        int abort = 0;
-       uint64_t etime = endtick(bootdelay);
        struct {
                char *str;
                u_int len;
@@ -41,9 +109,7 @@ static int abortboot_keyed(int bootdelay)
        }
        delaykey[] = {
                { .str = getenv("bootdelaykey"),  .retry = 1 },
-               { .str = getenv("bootdelaykey2"), .retry = 1 },
                { .str = getenv("bootstopkey"),   .retry = 0 },
-               { .str = getenv("bootstopkey2"),  .retry = 0 },
        };
 
        char presskey[MAX_DELAY_STOP_STR];
@@ -51,30 +117,13 @@ static int abortboot_keyed(int bootdelay)
        u_int presskey_max = 0;
        u_int i;
 
-#ifndef CONFIG_ZERO_BOOTDELAY_CHECK
-       if (bootdelay == 0)
-               return 0;
-#endif
-
-#  ifdef CONFIG_AUTOBOOT_PROMPT
-       printf(CONFIG_AUTOBOOT_PROMPT);
-#  endif
-
 #  ifdef CONFIG_AUTOBOOT_DELAY_STR
        if (delaykey[0].str == NULL)
                delaykey[0].str = CONFIG_AUTOBOOT_DELAY_STR;
 #  endif
-#  ifdef CONFIG_AUTOBOOT_DELAY_STR2
-       if (delaykey[1].str == NULL)
-               delaykey[1].str = CONFIG_AUTOBOOT_DELAY_STR2;
-#  endif
 #  ifdef CONFIG_AUTOBOOT_STOP_STR
-       if (delaykey[2].str == NULL)
-               delaykey[2].str = CONFIG_AUTOBOOT_STOP_STR;
-#  endif
-#  ifdef CONFIG_AUTOBOOT_STOP_STR2
-       if (delaykey[3].str == NULL)
-               delaykey[3].str = CONFIG_AUTOBOOT_STOP_STR2;
+       if (delaykey[1].str == NULL)
+               delaykey[1].str = CONFIG_AUTOBOOT_STOP_STR;
 #  endif
 
        for (i = 0; i < sizeof(delaykey) / sizeof(delaykey[0]); i++) {
@@ -124,6 +173,33 @@ static int abortboot_keyed(int bootdelay)
                }
        } while (!abort && get_ticks() <= etime);
 
+       return abort;
+}
+#endif
+
+/***************************************************************************
+ * Watch for 'delay' seconds for autoboot stop or autoboot delay string.
+ * returns: 0 -  no key string, allow autoboot 1 - got key string, abort
+ */
+static int abortboot_keyed(int bootdelay)
+{
+       int abort;
+       uint64_t etime = endtick(bootdelay);
+
+#ifndef CONFIG_ZERO_BOOTDELAY_CHECK
+       if (bootdelay == 0)
+               return 0;
+#endif
+
+#  ifdef CONFIG_AUTOBOOT_PROMPT
+       /*
+        * CONFIG_AUTOBOOT_PROMPT includes the %d for all boards.
+        * To print the bootdelay value upon bootup.
+        */
+       printf(CONFIG_AUTOBOOT_PROMPT, bootdelay);
+#  endif
+
+       abort = passwd_abort(etime);
        if (!abort)
                debug_bootkeys("key timeout\n");