[PATCH] fastboot: add UUU command UCmd and ACmd support
Heiko Schocher
hs at denx.de
Wed Jan 27 11:11:23 CET 2021
Hello Roman,
Am 27.01.21 um 10:34 schrieb Roman Stratiienko:
> Hello Heiko,
>
> Looks like these commands will provide full access to any u-boot
> commands, including working with memory.
> It can be used to read/set any registers/data which is not in the
> trust zone, thus opening a huge backdoor.
>
> This command could be useful for debug/CI purposes, but do you really
> want this in release builds?
Hmm.. indeed.
I set the default to no not to yes, so you need
to enable it, and add a comment in Kconfig.
Thanks!
bye,
Heiko
>
> Best regards,
> Roman
>
> пн, 11 янв. 2021 г. в 12:19, Heiko Schocher <hs at denx.de>:
>>
>> add support for the UUU commands ACmd and UCmd.
>>
>> Enable them through the Kconfig option
>> CONFIG_FASTBOOT_UUU_SUPPORT
>>
>> base was commit in NXP kernel
>> 9b149c2a2882: ("MLK-18591-3 android: Add FSL android fastboot support")
>>
>> and ported it to current mainline. Tested this patch
>> on imx6ul based board.
>>
>> Signed-off-by: Heiko Schocher <hs at denx.de>
>> ---
>> azure build:
>> https://dev.azure.com/hs0298/hs/_build/results?buildId=57&view=results
>>
>> version uuu tool used for tests:
>> commit 3870fb781b35: ("fastboot: default to logical-block-size 4096")
>>
>> doc/android/fastboot-protocol.rst | 5 +++
>> doc/android/fastboot.rst | 2 +
>> drivers/fastboot/Kconfig | 7 ++++
>> drivers/fastboot/fb_command.c | 62 +++++++++++++++++++++++++++++++
>> drivers/usb/gadget/f_fastboot.c | 17 +++++++++
>> include/fastboot.h | 7 ++++
>> 6 files changed, 100 insertions(+)
>>
>> diff --git a/doc/android/fastboot-protocol.rst b/doc/android/fastboot-protocol.rst
>> index e723659e49c..e8cbd7f24ea 100644
>> --- a/doc/android/fastboot-protocol.rst
>> +++ b/doc/android/fastboot-protocol.rst
>> @@ -144,6 +144,11 @@ Command Reference
>>
>> "powerdown" Power off the device.
>>
>> + "ucmd" execute any bootloader command and wait until it
>> + finishs.
>> +
>> + "acmd" execute any bootloader command, do not wait.
>> +
>> Client Variables
>> ----------------
>>
>> diff --git a/doc/android/fastboot.rst b/doc/android/fastboot.rst
>> index 2877c3cbaaa..b58d1b5b31a 100644
>> --- a/doc/android/fastboot.rst
>> +++ b/doc/android/fastboot.rst
>> @@ -19,6 +19,8 @@ The current implementation supports the following standard commands:
>> - ``reboot``
>> - ``reboot-bootloader``
>> - ``set_active`` (only a stub implementation which always succeeds)
>> +- ``ucmd`` (if enabled)
>> +- ``acmd`` (if enabled)
>>
>> The following OEM commands are supported (if enabled):
>>
>> diff --git a/drivers/fastboot/Kconfig b/drivers/fastboot/Kconfig
>> index 4352ba67a71..b1f8cd74a15 100644
>> --- a/drivers/fastboot/Kconfig
>> +++ b/drivers/fastboot/Kconfig
>> @@ -72,6 +72,13 @@ config FASTBOOT_FLASH
>> the downloaded image to a non-volatile storage device. Define
>> this to enable the "fastboot flash" command.
>>
>> +config FASTBOOT_UUU_SUPPORT
>> + bool "Enable FASTBOOT i.MX UUU special command"
>> + default y if ARCH_MX7 || ARCH_MX6 || ARCH_IMX8 || ARCH_IMX8M || ARCH_MX7ULP
>> + select FSL_FASTBOOT
>> + help
>> + The fastboot protocol includes "UCmd" command and "ACmd" command
>> +
>> choice
>> prompt "Flash provider for FASTBOOT"
>> depends on FASTBOOT_FLASH
>> diff --git a/drivers/fastboot/fb_command.c b/drivers/fastboot/fb_command.c
>> index d3c578672dc..31a47e46386 100644
>> --- a/drivers/fastboot/fb_command.c
>> +++ b/drivers/fastboot/fb_command.c
>> @@ -43,6 +43,11 @@ static void reboot_recovery(char *, char *);
>> static void oem_format(char *, char *);
>> #endif
>>
>> +#if CONFIG_IS_ENABLED(FASTBOOT_UUU_SUPPORT)
>> +static void run_ucmd(char *, char *);
>> +static void run_acmd(char *, char *);
>> +#endif
>> +
>> static const struct {
>> const char *command;
>> void (*dispatch)(char *cmd_parameter, char *response);
>> @@ -99,6 +104,16 @@ static const struct {
>> .dispatch = oem_format,
>> },
>> #endif
>> +#if CONFIG_IS_ENABLED(FASTBOOT_UUU_SUPPORT)
>> + [FASTBOOT_COMMAND_UCMD] = {
>> + .command = "UCmd",
>> + .dispatch = run_ucmd,
>> + },
>> + [FASTBOOT_COMMAND_ACMD] = {
>> + .command = "ACmd",
>> + .dispatch = run_acmd,
>> + },
>> +#endif
>> };
>>
>> /**
>> @@ -309,6 +324,53 @@ static void erase(char *cmd_parameter, char *response)
>> }
>> #endif
>>
>> +#if CONFIG_IS_ENABLED(FASTBOOT_UUU_SUPPORT)
>> +/**
>> + * run_ucmd() - Execute the UCmd command
>> + *
>> + * @cmd_parameter: Pointer to command parameter
>> + * @response: Pointer to fastboot response buffer
>> + */
>> +static void run_ucmd(char *cmd_parameter, char *response)
>> +{
>> + if (!cmd_parameter) {
>> + pr_err("missing slot suffix\n");
>> + fastboot_fail("missing command", response);
>> + return;
>> + }
>> +
>> + if (run_command(cmd_parameter, 0))
>> + fastboot_fail("", response);
>> + else
>> + fastboot_okay(NULL, response);
>> +}
>> +
>> +static char g_a_cmd_buff[64];
>> +
>> +void fastboot_acmd_complete(void)
>> +{
>> + run_command(g_a_cmd_buff, 0);
>> +}
>> +
>> +/**
>> + * run_acmd() - Execute the ACmd command
>> + *
>> + * @cmd_parameter: Pointer to command parameter
>> + * @response: Pointer to fastboot response buffer
>> + */
>> +static void run_acmd(char *cmd_parameter, char *response)
>> +{
>> + if (!cmd_parameter) {
>> + pr_err("missing slot suffix\n");
>> + fastboot_fail("missing command", response);
>> + return;
>> + }
>> +
>> + strcpy(g_a_cmd_buff, cmd_parameter);
>> + fastboot_okay(NULL, response);
>> +}
>> +#endif
>> +
>> /**
>> * reboot_bootloader() - Sets reboot bootloader flag.
>> *
>> diff --git a/drivers/usb/gadget/f_fastboot.c b/drivers/usb/gadget/f_fastboot.c
>> index d1d087e12b2..bf52d2505f4 100644
>> --- a/drivers/usb/gadget/f_fastboot.c
>> +++ b/drivers/usb/gadget/f_fastboot.c
>> @@ -419,6 +419,18 @@ static void do_bootm_on_complete(struct usb_ep *ep, struct usb_request *req)
>> do_exit_on_complete(ep, req);
>> }
>>
>> +#if CONFIG_IS_ENABLED(FASTBOOT_UUU_SUPPORT)
>> +static void do_acmd_complete(struct usb_ep *ep, struct usb_request *req)
>> +{
>> + /* When usb dequeue complete will be called
>> + * Need status value before call run_command.
>> + * otherwise, host can't get last message.
>> + */
>> + if (req->status == 0)
>> + fastboot_acmd_complete();
>> +}
>> +#endif
>> +
>> static void rx_handler_command(struct usb_ep *ep, struct usb_request *req)
>> {
>> char *cmdbuf = req->buf;
>> @@ -457,6 +469,11 @@ static void rx_handler_command(struct usb_ep *ep, struct usb_request *req)
>> case FASTBOOT_COMMAND_REBOOT_RECOVERY:
>> fastboot_func->in_req->complete = compl_do_reset;
>> break;
>> +#if CONFIG_IS_ENABLED(FASTBOOT_UUU_SUPPORT)
>> + case FASTBOOT_COMMAND_ACMD:
>> + fastboot_func->in_req->complete = do_acmd_complete;
>> + break;
>> +#endif
>> }
>> }
>>
>> diff --git a/include/fastboot.h b/include/fastboot.h
>> index 8e9ee80907d..ef8cd842bb3 100644
>> --- a/include/fastboot.h
>> +++ b/include/fastboot.h
>> @@ -38,6 +38,10 @@ enum {
>> #if CONFIG_IS_ENABLED(FASTBOOT_CMD_OEM_FORMAT)
>> FASTBOOT_COMMAND_OEM_FORMAT,
>> #endif
>> +#if CONFIG_IS_ENABLED(FASTBOOT_UUU_SUPPORT)
>> + FASTBOOT_COMMAND_ACMD,
>> + FASTBOOT_COMMAND_UCMD,
>> +#endif
>>
>> FASTBOOT_COMMAND_COUNT
>> };
>> @@ -172,4 +176,7 @@ void fastboot_data_download(const void *fastboot_data,
>> */
>> void fastboot_data_complete(char *response);
>>
>> +#if CONFIG_IS_ENABLED(FASTBOOT_UUU_SUPPORT)
>> +void fastboot_acmd_complete(void);
>> +#endif
>> #endif /* _FASTBOOT_H_ */
>> --
>> 2.25.4
>>
--
DENX Software Engineering GmbH, Managing Director: Wolfgang Denk
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany
Phone: +49-8142-66989-52 Fax: +49-8142-66989-80 Email: hs at denx.de
More information about the U-Boot
mailing list