1 // SPDX-License-Identifier: GPL-2.0+
2 /*
3 * Copyright 2010-2011 Calxeda, Inc.
4 * Copyright (c) 2014, NVIDIA CORPORATION. All rights reserved.
5 */
6
7 #include <common.h>
8 #include <command.h>
9 #include <env.h>
10 #include <image.h>
11 #include <log.h>
12 #include <malloc.h>
13 #include <mapmem.h>
14 #include <lcd.h>
15 #include <net.h>
16 #include <fdt_support.h>
17 #include <linux/libfdt.h>
18 #include <linux/string.h>
19 #include <linux/ctype.h>
20 #include <errno.h>
21 #include <linux/list.h>
22
23 #include <splash.h>
24 #include <asm/io.h>
25
26 #include "menu.h"
27 #include "cli.h"
28
29 #include "pxe_utils.h"
30
31 #define MAX_TFTP_PATH_LEN 512
32
33 bool is_pxe;
34
35 /*
36 * Convert an ethaddr from the environment to the format used by pxelinux
37 * filenames based on mac addresses. Convert's ':' to '-', and adds "01-" to
38 * the beginning of the ethernet address to indicate a hardware type of
39 * Ethernet. Also converts uppercase hex characters into lowercase, to match
40 * pxelinux's behavior.
41 *
42 * Returns 1 for success, -ENOENT if 'ethaddr' is undefined in the
43 * environment, or some other value < 0 on error.
44 */
format_mac_pxe(char * outbuf,size_t outbuf_len)45 int format_mac_pxe(char *outbuf, size_t outbuf_len)
46 {
47 uchar ethaddr[6];
48
49 if (outbuf_len < 21) {
50 printf("outbuf is too small (%zd < 21)\n", outbuf_len);
51
52 return -EINVAL;
53 }
54
55 if (!eth_env_get_enetaddr_by_index("eth", eth_get_dev_index(), ethaddr))
56 return -ENOENT;
57
58 sprintf(outbuf, "01-%02x-%02x-%02x-%02x-%02x-%02x",
59 ethaddr[0], ethaddr[1], ethaddr[2],
60 ethaddr[3], ethaddr[4], ethaddr[5]);
61
62 return 1;
63 }
64
65 /*
66 * Returns the directory the file specified in the bootfile env variable is
67 * in. If bootfile isn't defined in the environment, return NULL, which should
68 * be interpreted as "don't prepend anything to paths".
69 */
get_bootfile_path(const char * file_path,char * bootfile_path,size_t bootfile_path_size)70 static int get_bootfile_path(const char *file_path, char *bootfile_path,
71 size_t bootfile_path_size)
72 {
73 char *bootfile, *last_slash;
74 size_t path_len = 0;
75
76 /* Only syslinux allows absolute paths */
77 if (file_path[0] == '/' && !is_pxe)
78 goto ret;
79
80 bootfile = from_env("bootfile");
81
82 if (!bootfile)
83 goto ret;
84
85 last_slash = strrchr(bootfile, '/');
86
87 if (!last_slash)
88 goto ret;
89
90 path_len = (last_slash - bootfile) + 1;
91
92 if (bootfile_path_size < path_len) {
93 printf("bootfile_path too small. (%zd < %zd)\n",
94 bootfile_path_size, path_len);
95
96 return -1;
97 }
98
99 strncpy(bootfile_path, bootfile, path_len);
100
101 ret:
102 bootfile_path[path_len] = '\0';
103
104 return 1;
105 }
106
107 int (*do_getfile)(struct cmd_tbl *cmdtp, const char *file_path,
108 char *file_addr);
109
110 /*
111 * As in pxelinux, paths to files referenced from files we retrieve are
112 * relative to the location of bootfile. get_relfile takes such a path and
113 * joins it with the bootfile path to get the full path to the target file. If
114 * the bootfile path is NULL, we use file_path as is.
115 *
116 * Returns 1 for success, or < 0 on error.
117 */
get_relfile(struct cmd_tbl * cmdtp,const char * file_path,unsigned long file_addr)118 static int get_relfile(struct cmd_tbl *cmdtp, const char *file_path,
119 unsigned long file_addr)
120 {
121 size_t path_len;
122 char relfile[MAX_TFTP_PATH_LEN + 1];
123 char addr_buf[18];
124 int err;
125
126 err = get_bootfile_path(file_path, relfile, sizeof(relfile));
127
128 if (err < 0)
129 return err;
130
131 path_len = strlen(file_path);
132 path_len += strlen(relfile);
133
134 if (path_len > MAX_TFTP_PATH_LEN) {
135 printf("Base path too long (%s%s)\n", relfile, file_path);
136
137 return -ENAMETOOLONG;
138 }
139
140 strcat(relfile, file_path);
141
142 printf("Retrieving file: %s\n", relfile);
143
144 sprintf(addr_buf, "%lx", file_addr);
145
146 return do_getfile(cmdtp, relfile, addr_buf);
147 }
148
149 /*
150 * Retrieve the file at 'file_path' to the locate given by 'file_addr'. If
151 * 'bootfile' was specified in the environment, the path to bootfile will be
152 * prepended to 'file_path' and the resulting path will be used.
153 *
154 * Returns 1 on success, or < 0 for error.
155 */
get_pxe_file(struct cmd_tbl * cmdtp,const char * file_path,unsigned long file_addr)156 int get_pxe_file(struct cmd_tbl *cmdtp, const char *file_path,
157 unsigned long file_addr)
158 {
159 unsigned long config_file_size;
160 char *tftp_filesize;
161 int err;
162 char *buf;
163
164 err = get_relfile(cmdtp, file_path, file_addr);
165
166 if (err < 0)
167 return err;
168
169 /*
170 * the file comes without a NUL byte at the end, so find out its size
171 * and add the NUL byte.
172 */
173 tftp_filesize = from_env("filesize");
174
175 if (!tftp_filesize)
176 return -ENOENT;
177
178 if (strict_strtoul(tftp_filesize, 16, &config_file_size) < 0)
179 return -EINVAL;
180
181 buf = map_sysmem(file_addr + config_file_size, 1);
182 *buf = '\0';
183 unmap_sysmem(buf);
184
185 return 1;
186 }
187
188 #define PXELINUX_DIR "pxelinux.cfg/"
189
190 /*
191 * Retrieves a file in the 'pxelinux.cfg' folder. Since this uses get_pxe_file
192 * to do the hard work, the location of the 'pxelinux.cfg' folder is generated
193 * from the bootfile path, as described above.
194 *
195 * Returns 1 on success or < 0 on error.
196 */
get_pxelinux_path(struct cmd_tbl * cmdtp,const char * file,unsigned long pxefile_addr_r)197 int get_pxelinux_path(struct cmd_tbl *cmdtp, const char *file,
198 unsigned long pxefile_addr_r)
199 {
200 size_t base_len = strlen(PXELINUX_DIR);
201 char path[MAX_TFTP_PATH_LEN + 1];
202
203 if (base_len + strlen(file) > MAX_TFTP_PATH_LEN) {
204 printf("path (%s%s) too long, skipping\n",
205 PXELINUX_DIR, file);
206 return -ENAMETOOLONG;
207 }
208
209 sprintf(path, PXELINUX_DIR "%s", file);
210
211 return get_pxe_file(cmdtp, path, pxefile_addr_r);
212 }
213
214 /*
215 * Wrapper to make it easier to store the file at file_path in the location
216 * specified by envaddr_name. file_path will be joined to the bootfile path,
217 * if any is specified.
218 *
219 * Returns 1 on success or < 0 on error.
220 */
get_relfile_envaddr(struct cmd_tbl * cmdtp,const char * file_path,const char * envaddr_name)221 static int get_relfile_envaddr(struct cmd_tbl *cmdtp, const char *file_path,
222 const char *envaddr_name)
223 {
224 unsigned long file_addr;
225 char *envaddr;
226
227 envaddr = from_env(envaddr_name);
228
229 if (!envaddr)
230 return -ENOENT;
231
232 if (strict_strtoul(envaddr, 16, &file_addr) < 0)
233 return -EINVAL;
234
235 return get_relfile(cmdtp, file_path, file_addr);
236 }
237
238 /*
239 * Allocates memory for and initializes a pxe_label. This uses malloc, so the
240 * result must be free()'d to reclaim the memory.
241 *
242 * Returns NULL if malloc fails.
243 */
label_create(void)244 static struct pxe_label *label_create(void)
245 {
246 struct pxe_label *label;
247
248 label = malloc(sizeof(struct pxe_label));
249
250 if (!label)
251 return NULL;
252
253 memset(label, 0, sizeof(struct pxe_label));
254
255 return label;
256 }
257
258 /*
259 * Free the memory used by a pxe_label, including that used by its name,
260 * kernel, append and initrd members, if they're non NULL.
261 *
262 * So - be sure to only use dynamically allocated memory for the members of
263 * the pxe_label struct, unless you want to clean it up first. These are
264 * currently only created by the pxe file parsing code.
265 */
label_destroy(struct pxe_label * label)266 static void label_destroy(struct pxe_label *label)
267 {
268 if (label->name)
269 free(label->name);
270
271 if (label->kernel)
272 free(label->kernel);
273
274 if (label->config)
275 free(label->config);
276
277 if (label->append)
278 free(label->append);
279
280 if (label->initrd)
281 free(label->initrd);
282
283 if (label->fdt)
284 free(label->fdt);
285
286 if (label->fdtdir)
287 free(label->fdtdir);
288
289 if (label->fdtoverlays)
290 free(label->fdtoverlays);
291
292 free(label);
293 }
294
295 /*
296 * Print a label and its string members if they're defined.
297 *
298 * This is passed as a callback to the menu code for displaying each
299 * menu entry.
300 */
label_print(void * data)301 static void label_print(void *data)
302 {
303 struct pxe_label *label = data;
304 const char *c = label->menu ? label->menu : label->name;
305
306 printf("%s:\t%s\n", label->num, c);
307 }
308
309 /*
310 * Boot a label that specified 'localboot'. This requires that the 'localcmd'
311 * environment variable is defined. Its contents will be executed as U-Boot
312 * command. If the label specified an 'append' line, its contents will be
313 * used to overwrite the contents of the 'bootargs' environment variable prior
314 * to running 'localcmd'.
315 *
316 * Returns 1 on success or < 0 on error.
317 */
label_localboot(struct pxe_label * label)318 static int label_localboot(struct pxe_label *label)
319 {
320 char *localcmd;
321
322 localcmd = from_env("localcmd");
323
324 if (!localcmd)
325 return -ENOENT;
326
327 if (label->append) {
328 char bootargs[CONFIG_SYS_CBSIZE];
329
330 cli_simple_process_macros(label->append, bootargs,
331 sizeof(bootargs));
332 env_set("bootargs", bootargs);
333 }
334
335 debug("running: %s\n", localcmd);
336
337 return run_command_list(localcmd, strlen(localcmd), 0);
338 }
339
340 /*
341 * Loads fdt overlays specified in 'fdtoverlays'.
342 */
343 #ifdef CONFIG_OF_LIBFDT_OVERLAY
label_boot_fdtoverlay(struct cmd_tbl * cmdtp,struct pxe_label * label)344 static void label_boot_fdtoverlay(struct cmd_tbl *cmdtp, struct pxe_label *label)
345 {
346 char *fdtoverlay = label->fdtoverlays;
347 struct fdt_header *working_fdt;
348 char *fdtoverlay_addr_env;
349 ulong fdtoverlay_addr;
350 ulong fdt_addr;
351 int err;
352
353 /* Get the main fdt and map it */
354 fdt_addr = simple_strtoul(env_get("fdt_addr_r"), NULL, 16);
355 working_fdt = map_sysmem(fdt_addr, 0);
356 err = fdt_check_header(working_fdt);
357 if (err)
358 return;
359
360 /* Get the specific overlay loading address */
361 fdtoverlay_addr_env = env_get("fdtoverlay_addr_r");
362 if (!fdtoverlay_addr_env) {
363 printf("Invalid fdtoverlay_addr_r for loading overlays\n");
364 return;
365 }
366
367 fdtoverlay_addr = simple_strtoul(fdtoverlay_addr_env, NULL, 16);
368
369 /* Cycle over the overlay files and apply them in order */
370 do {
371 struct fdt_header *blob;
372 char *overlayfile;
373 char *end;
374 int len;
375
376 /* Drop leading spaces */
377 while (*fdtoverlay == ' ')
378 ++fdtoverlay;
379
380 /* Copy a single filename if multiple provided */
381 end = strstr(fdtoverlay, " ");
382 if (end) {
383 len = (int)(end - fdtoverlay);
384 overlayfile = malloc(len + 1);
385 strncpy(overlayfile, fdtoverlay, len);
386 overlayfile[len] = '\0';
387 } else
388 overlayfile = fdtoverlay;
389
390 if (!strlen(overlayfile))
391 goto skip_overlay;
392
393 /* Load overlay file */
394 err = get_relfile_envaddr(cmdtp, overlayfile,
395 "fdtoverlay_addr_r");
396 if (err < 0) {
397 printf("Failed loading overlay %s\n", overlayfile);
398 goto skip_overlay;
399 }
400
401 /* Resize main fdt */
402 fdt_shrink_to_minimum(working_fdt, 8192);
403
404 blob = map_sysmem(fdtoverlay_addr, 0);
405 err = fdt_check_header(blob);
406 if (err) {
407 printf("Invalid overlay %s, skipping\n",
408 overlayfile);
409 goto skip_overlay;
410 }
411
412 err = fdt_overlay_apply_verbose(working_fdt, blob);
413 if (err) {
414 printf("Failed to apply overlay %s, skipping\n",
415 overlayfile);
416 goto skip_overlay;
417 }
418
419 skip_overlay:
420 if (end)
421 free(overlayfile);
422 } while ((fdtoverlay = strstr(fdtoverlay, " ")));
423 }
424 #endif
425
426 /*
427 * Boot according to the contents of a pxe_label.
428 *
429 * If we can't boot for any reason, we return. A successful boot never
430 * returns.
431 *
432 * The kernel will be stored in the location given by the 'kernel_addr_r'
433 * environment variable.
434 *
435 * If the label specifies an initrd file, it will be stored in the location
436 * given by the 'ramdisk_addr_r' environment variable.
437 *
438 * If the label specifies an 'append' line, its contents will overwrite that
439 * of the 'bootargs' environment variable.
440 */
label_boot(struct cmd_tbl * cmdtp,struct pxe_label * label)441 static int label_boot(struct cmd_tbl *cmdtp, struct pxe_label *label)
442 {
443 char *bootm_argv[] = { "bootm", NULL, NULL, NULL, NULL };
444 char initrd_str[28];
445 char mac_str[29] = "";
446 char ip_str[68] = "";
447 char *fit_addr = NULL;
448 int bootm_argc = 2;
449 int len = 0;
450 ulong kernel_addr;
451 void *buf;
452
453 label_print(label);
454
455 label->attempted = 1;
456
457 if (label->localboot) {
458 if (label->localboot_val >= 0)
459 label_localboot(label);
460 return 0;
461 }
462
463 if (!label->kernel) {
464 printf("No kernel given, skipping %s\n",
465 label->name);
466 return 1;
467 }
468
469 if (label->initrd) {
470 if (get_relfile_envaddr(cmdtp, label->initrd, "ramdisk_addr_r") < 0) {
471 printf("Skipping %s for failure retrieving initrd\n",
472 label->name);
473 return 1;
474 }
475
476 bootm_argv[2] = initrd_str;
477 strncpy(bootm_argv[2], env_get("ramdisk_addr_r"), 18);
478 strcat(bootm_argv[2], ":");
479 strncat(bootm_argv[2], env_get("filesize"), 9);
480 bootm_argc = 3;
481 }
482
483 if (get_relfile_envaddr(cmdtp, label->kernel, "kernel_addr_r") < 0) {
484 printf("Skipping %s for failure retrieving kernel\n",
485 label->name);
486 return 1;
487 }
488
489 if (label->ipappend & 0x1) {
490 sprintf(ip_str, " ip=%s:%s:%s:%s",
491 env_get("ipaddr"), env_get("serverip"),
492 env_get("gatewayip"), env_get("netmask"));
493 }
494
495 if (IS_ENABLED(CONFIG_CMD_NET)) {
496 if (label->ipappend & 0x2) {
497 int err;
498
499 strcpy(mac_str, " BOOTIF=");
500 err = format_mac_pxe(mac_str + 8, sizeof(mac_str) - 8);
501 if (err < 0)
502 mac_str[0] = '\0';
503 }
504 }
505
506 if ((label->ipappend & 0x3) || label->append) {
507 char bootargs[CONFIG_SYS_CBSIZE] = "";
508 char finalbootargs[CONFIG_SYS_CBSIZE];
509
510 if (strlen(label->append ?: "") +
511 strlen(ip_str) + strlen(mac_str) + 1 > sizeof(bootargs)) {
512 printf("bootarg overflow %zd+%zd+%zd+1 > %zd\n",
513 strlen(label->append ?: ""),
514 strlen(ip_str), strlen(mac_str),
515 sizeof(bootargs));
516 return 1;
517 }
518
519 if (label->append)
520 strncpy(bootargs, label->append, sizeof(bootargs));
521
522 strcat(bootargs, ip_str);
523 strcat(bootargs, mac_str);
524
525 cli_simple_process_macros(bootargs, finalbootargs,
526 sizeof(finalbootargs));
527 env_set("bootargs", finalbootargs);
528 printf("append: %s\n", finalbootargs);
529 }
530
531 bootm_argv[1] = env_get("kernel_addr_r");
532 /* for FIT, append the configuration identifier */
533 if (label->config) {
534 int len = strlen(bootm_argv[1]) + strlen(label->config) + 1;
535
536 fit_addr = malloc(len);
537 if (!fit_addr) {
538 printf("malloc fail (FIT address)\n");
539 return 1;
540 }
541 snprintf(fit_addr, len, "%s%s", bootm_argv[1], label->config);
542 bootm_argv[1] = fit_addr;
543 }
544
545 /*
546 * fdt usage is optional:
547 * It handles the following scenarios.
548 *
549 * Scenario 1: If fdt_addr_r specified and "fdt" or "fdtdir" label is
550 * defined in pxe file, retrieve fdt blob from server. Pass fdt_addr_r to
551 * bootm, and adjust argc appropriately.
552 *
553 * If retrieve fails and no exact fdt blob is specified in pxe file with
554 * "fdt" label, try Scenario 2.
555 *
556 * Scenario 2: If there is an fdt_addr specified, pass it along to
557 * bootm, and adjust argc appropriately.
558 *
559 * Scenario 3: fdt blob is not available.
560 */
561 bootm_argv[3] = env_get("fdt_addr_r");
562
563 /* if fdt label is defined then get fdt from server */
564 if (bootm_argv[3]) {
565 char *fdtfile = NULL;
566 char *fdtfilefree = NULL;
567
568 if (label->fdt) {
569 fdtfile = label->fdt;
570 } else if (label->fdtdir) {
571 char *f1, *f2, *f3, *f4, *slash;
572
573 f1 = env_get("fdtfile");
574 if (f1) {
575 f2 = "";
576 f3 = "";
577 f4 = "";
578 } else {
579 /*
580 * For complex cases where this code doesn't
581 * generate the correct filename, the board
582 * code should set $fdtfile during early boot,
583 * or the boot scripts should set $fdtfile
584 * before invoking "pxe" or "sysboot".
585 */
586 f1 = env_get("soc");
587 f2 = "-";
588 f3 = env_get("board");
589 f4 = ".dtb";
590 }
591
592 len = strlen(label->fdtdir);
593 if (!len)
594 slash = "./";
595 else if (label->fdtdir[len - 1] != '/')
596 slash = "/";
597 else
598 slash = "";
599
600 len = strlen(label->fdtdir) + strlen(slash) +
601 strlen(f1) + strlen(f2) + strlen(f3) +
602 strlen(f4) + 1;
603 fdtfilefree = malloc(len);
604 if (!fdtfilefree) {
605 printf("malloc fail (FDT filename)\n");
606 goto cleanup;
607 }
608
609 snprintf(fdtfilefree, len, "%s%s%s%s%s%s",
610 label->fdtdir, slash, f1, f2, f3, f4);
611 fdtfile = fdtfilefree;
612 }
613
614 if (fdtfile) {
615 int err = get_relfile_envaddr(cmdtp, fdtfile,
616 "fdt_addr_r");
617
618 free(fdtfilefree);
619 if (err < 0) {
620 bootm_argv[3] = NULL;
621
622 if (label->fdt) {
623 printf("Skipping %s for failure retrieving FDT\n",
624 label->name);
625 goto cleanup;
626 }
627 }
628
629 #ifdef CONFIG_OF_LIBFDT_OVERLAY
630 if (label->fdtoverlays)
631 label_boot_fdtoverlay(cmdtp, label);
632 #endif
633 } else {
634 bootm_argv[3] = NULL;
635 }
636 }
637
638 if (!bootm_argv[3])
639 bootm_argv[3] = env_get("fdt_addr");
640
641 if (bootm_argv[3]) {
642 if (!bootm_argv[2])
643 bootm_argv[2] = "-";
644 bootm_argc = 4;
645 }
646
647 kernel_addr = genimg_get_kernel_addr(bootm_argv[1]);
648 buf = map_sysmem(kernel_addr, 0);
649 /* Try bootm for legacy and FIT format image */
650 if (genimg_get_format(buf) != IMAGE_FORMAT_INVALID)
651 do_bootm(cmdtp, 0, bootm_argc, bootm_argv);
652 /* Try booting an AArch64 Linux kernel image */
653 else if (IS_ENABLED(CONFIG_CMD_BOOTI))
654 do_booti(cmdtp, 0, bootm_argc, bootm_argv);
655 /* Try booting a Image */
656 else if (IS_ENABLED(CONFIG_CMD_BOOTZ))
657 do_bootz(cmdtp, 0, bootm_argc, bootm_argv);
658 /* Try booting an x86_64 Linux kernel image */
659 else if (IS_ENABLED(CONFIG_CMD_ZBOOT))
660 do_zboot_parent(cmdtp, 0, bootm_argc, bootm_argv, NULL);
661
662 unmap_sysmem(buf);
663
664 cleanup:
665 if (fit_addr)
666 free(fit_addr);
667 return 1;
668 }
669
670 /*
671 * Tokens for the pxe file parser.
672 */
673 enum token_type {
674 T_EOL,
675 T_STRING,
676 T_EOF,
677 T_MENU,
678 T_TITLE,
679 T_TIMEOUT,
680 T_LABEL,
681 T_KERNEL,
682 T_LINUX,
683 T_APPEND,
684 T_INITRD,
685 T_LOCALBOOT,
686 T_DEFAULT,
687 T_PROMPT,
688 T_INCLUDE,
689 T_FDT,
690 T_FDTDIR,
691 T_FDTOVERLAYS,
692 T_ONTIMEOUT,
693 T_IPAPPEND,
694 T_BACKGROUND,
695 T_INVALID
696 };
697
698 /*
699 * A token - given by a value and a type.
700 */
701 struct token {
702 char *val;
703 enum token_type type;
704 };
705
706 /*
707 * Keywords recognized.
708 */
709 static const struct token keywords[] = {
710 {"menu", T_MENU},
711 {"title", T_TITLE},
712 {"timeout", T_TIMEOUT},
713 {"default", T_DEFAULT},
714 {"prompt", T_PROMPT},
715 {"label", T_LABEL},
716 {"kernel", T_KERNEL},
717 {"linux", T_LINUX},
718 {"localboot", T_LOCALBOOT},
719 {"append", T_APPEND},
720 {"initrd", T_INITRD},
721 {"include", T_INCLUDE},
722 {"devicetree", T_FDT},
723 {"fdt", T_FDT},
724 {"devicetreedir", T_FDTDIR},
725 {"fdtdir", T_FDTDIR},
726 {"fdtoverlays", T_FDTOVERLAYS},
727 {"ontimeout", T_ONTIMEOUT,},
728 {"ipappend", T_IPAPPEND,},
729 {"background", T_BACKGROUND,},
730 {NULL, T_INVALID}
731 };
732
733 /*
734 * Since pxe(linux) files don't have a token to identify the start of a
735 * literal, we have to keep track of when we're in a state where a literal is
736 * expected vs when we're in a state a keyword is expected.
737 */
738 enum lex_state {
739 L_NORMAL = 0,
740 L_KEYWORD,
741 L_SLITERAL
742 };
743
744 /*
745 * get_string retrieves a string from *p and stores it as a token in
746 * *t.
747 *
748 * get_string used for scanning both string literals and keywords.
749 *
750 * Characters from *p are copied into t-val until a character equal to
751 * delim is found, or a NUL byte is reached. If delim has the special value of
752 * ' ', any whitespace character will be used as a delimiter.
753 *
754 * If lower is unequal to 0, uppercase characters will be converted to
755 * lowercase in the result. This is useful to make keywords case
756 * insensitive.
757 *
758 * The location of *p is updated to point to the first character after the end
759 * of the token - the ending delimiter.
760 *
761 * On success, the new value of t->val is returned. Memory for t->val is
762 * allocated using malloc and must be free()'d to reclaim it. If insufficient
763 * memory is available, NULL is returned.
764 */
get_string(char ** p,struct token * t,char delim,int lower)765 static char *get_string(char **p, struct token *t, char delim, int lower)
766 {
767 char *b, *e;
768 size_t len, i;
769
770 /*
771 * b and e both start at the beginning of the input stream.
772 *
773 * e is incremented until we find the ending delimiter, or a NUL byte
774 * is reached. Then, we take e - b to find the length of the token.
775 */
776 b = *p;
777 e = *p;
778
779 while (*e) {
780 if ((delim == ' ' && isspace(*e)) || delim == *e)
781 break;
782 e++;
783 }
784
785 len = e - b;
786
787 /*
788 * Allocate memory to hold the string, and copy it in, converting
789 * characters to lowercase if lower is != 0.
790 */
791 t->val = malloc(len + 1);
792 if (!t->val)
793 return NULL;
794
795 for (i = 0; i < len; i++, b++) {
796 if (lower)
797 t->val[i] = tolower(*b);
798 else
799 t->val[i] = *b;
800 }
801
802 t->val[len] = '\0';
803
804 /*
805 * Update *p so the caller knows where to continue scanning.
806 */
807 *p = e;
808
809 t->type = T_STRING;
810
811 return t->val;
812 }
813
814 /*
815 * Populate a keyword token with a type and value.
816 */
get_keyword(struct token * t)817 static void get_keyword(struct token *t)
818 {
819 int i;
820
821 for (i = 0; keywords[i].val; i++) {
822 if (!strcmp(t->val, keywords[i].val)) {
823 t->type = keywords[i].type;
824 break;
825 }
826 }
827 }
828
829 /*
830 * Get the next token. We have to keep track of which state we're in to know
831 * if we're looking to get a string literal or a keyword.
832 *
833 * *p is updated to point at the first character after the current token.
834 */
get_token(char ** p,struct token * t,enum lex_state state)835 static void get_token(char **p, struct token *t, enum lex_state state)
836 {
837 char *c = *p;
838
839 t->type = T_INVALID;
840
841 /* eat non EOL whitespace */
842 while (isblank(*c))
843 c++;
844
845 /*
846 * eat comments. note that string literals can't begin with #, but
847 * can contain a # after their first character.
848 */
849 if (*c == '#') {
850 while (*c && *c != '\n')
851 c++;
852 }
853
854 if (*c == '\n') {
855 t->type = T_EOL;
856 c++;
857 } else if (*c == '\0') {
858 t->type = T_EOF;
859 c++;
860 } else if (state == L_SLITERAL) {
861 get_string(&c, t, '\n', 0);
862 } else if (state == L_KEYWORD) {
863 /*
864 * when we expect a keyword, we first get the next string
865 * token delimited by whitespace, and then check if it
866 * matches a keyword in our keyword list. if it does, it's
867 * converted to a keyword token of the appropriate type, and
868 * if not, it remains a string token.
869 */
870 get_string(&c, t, ' ', 1);
871 get_keyword(t);
872 }
873
874 *p = c;
875 }
876
877 /*
878 * Increment *c until we get to the end of the current line, or EOF.
879 */
eol_or_eof(char ** c)880 static void eol_or_eof(char **c)
881 {
882 while (**c && **c != '\n')
883 (*c)++;
884 }
885
886 /*
887 * All of these parse_* functions share some common behavior.
888 *
889 * They finish with *c pointing after the token they parse, and return 1 on
890 * success, or < 0 on error.
891 */
892
893 /*
894 * Parse a string literal and store a pointer it at *dst. String literals
895 * terminate at the end of the line.
896 */
parse_sliteral(char ** c,char ** dst)897 static int parse_sliteral(char **c, char **dst)
898 {
899 struct token t;
900 char *s = *c;
901
902 get_token(c, &t, L_SLITERAL);
903
904 if (t.type != T_STRING) {
905 printf("Expected string literal: %.*s\n", (int)(*c - s), s);
906 return -EINVAL;
907 }
908
909 *dst = t.val;
910
911 return 1;
912 }
913
914 /*
915 * Parse a base 10 (unsigned) integer and store it at *dst.
916 */
parse_integer(char ** c,int * dst)917 static int parse_integer(char **c, int *dst)
918 {
919 struct token t;
920 char *s = *c;
921
922 get_token(c, &t, L_SLITERAL);
923
924 if (t.type != T_STRING) {
925 printf("Expected string: %.*s\n", (int)(*c - s), s);
926 return -EINVAL;
927 }
928
929 *dst = simple_strtol(t.val, NULL, 10);
930
931 free(t.val);
932
933 return 1;
934 }
935
936 static int parse_pxefile_top(struct cmd_tbl *cmdtp, char *p, unsigned long base,
937 struct pxe_menu *cfg, int nest_level);
938
939 /*
940 * Parse an include statement, and retrieve and parse the file it mentions.
941 *
942 * base should point to a location where it's safe to store the file, and
943 * nest_level should indicate how many nested includes have occurred. For this
944 * include, nest_level has already been incremented and doesn't need to be
945 * incremented here.
946 */
handle_include(struct cmd_tbl * cmdtp,char ** c,unsigned long base,struct pxe_menu * cfg,int nest_level)947 static int handle_include(struct cmd_tbl *cmdtp, char **c, unsigned long base,
948 struct pxe_menu *cfg, int nest_level)
949 {
950 char *include_path;
951 char *s = *c;
952 int err;
953 char *buf;
954 int ret;
955
956 err = parse_sliteral(c, &include_path);
957
958 if (err < 0) {
959 printf("Expected include path: %.*s\n", (int)(*c - s), s);
960 return err;
961 }
962
963 err = get_pxe_file(cmdtp, include_path, base);
964
965 if (err < 0) {
966 printf("Couldn't retrieve %s\n", include_path);
967 return err;
968 }
969
970 buf = map_sysmem(base, 0);
971 ret = parse_pxefile_top(cmdtp, buf, base, cfg, nest_level);
972 unmap_sysmem(buf);
973
974 return ret;
975 }
976
977 /*
978 * Parse lines that begin with 'menu'.
979 *
980 * base and nest are provided to handle the 'menu include' case.
981 *
982 * base should point to a location where it's safe to store the included file.
983 *
984 * nest_level should be 1 when parsing the top level pxe file, 2 when parsing
985 * a file it includes, 3 when parsing a file included by that file, and so on.
986 */
parse_menu(struct cmd_tbl * cmdtp,char ** c,struct pxe_menu * cfg,unsigned long base,int nest_level)987 static int parse_menu(struct cmd_tbl *cmdtp, char **c, struct pxe_menu *cfg,
988 unsigned long base, int nest_level)
989 {
990 struct token t;
991 char *s = *c;
992 int err = 0;
993
994 get_token(c, &t, L_KEYWORD);
995
996 switch (t.type) {
997 case T_TITLE:
998 err = parse_sliteral(c, &cfg->title);
999
1000 break;
1001
1002 case T_INCLUDE:
1003 err = handle_include(cmdtp, c, base, cfg, nest_level + 1);
1004 break;
1005
1006 case T_BACKGROUND:
1007 err = parse_sliteral(c, &cfg->bmp);
1008 break;
1009
1010 default:
1011 printf("Ignoring malformed menu command: %.*s\n",
1012 (int)(*c - s), s);
1013 }
1014
1015 if (err < 0)
1016 return err;
1017
1018 eol_or_eof(c);
1019
1020 return 1;
1021 }
1022
1023 /*
1024 * Handles parsing a 'menu line' when we're parsing a label.
1025 */
parse_label_menu(char ** c,struct pxe_menu * cfg,struct pxe_label * label)1026 static int parse_label_menu(char **c, struct pxe_menu *cfg,
1027 struct pxe_label *label)
1028 {
1029 struct token t;
1030 char *s;
1031
1032 s = *c;
1033
1034 get_token(c, &t, L_KEYWORD);
1035
1036 switch (t.type) {
1037 case T_DEFAULT:
1038 if (!cfg->default_label)
1039 cfg->default_label = strdup(label->name);
1040
1041 if (!cfg->default_label)
1042 return -ENOMEM;
1043
1044 break;
1045 case T_LABEL:
1046 parse_sliteral(c, &label->menu);
1047 break;
1048 default:
1049 printf("Ignoring malformed menu command: %.*s\n",
1050 (int)(*c - s), s);
1051 }
1052
1053 eol_or_eof(c);
1054
1055 return 0;
1056 }
1057
1058 /*
1059 * Handles parsing a 'kernel' label.
1060 * expecting "filename" or "<fit_filename>#cfg"
1061 */
parse_label_kernel(char ** c,struct pxe_label * label)1062 static int parse_label_kernel(char **c, struct pxe_label *label)
1063 {
1064 char *s;
1065 int err;
1066
1067 err = parse_sliteral(c, &label->kernel);
1068 if (err < 0)
1069 return err;
1070
1071 s = strstr(label->kernel, "#");
1072 if (!s)
1073 return 1;
1074
1075 label->config = malloc(strlen(s) + 1);
1076 if (!label->config)
1077 return -ENOMEM;
1078
1079 strcpy(label->config, s);
1080 *s = 0;
1081
1082 return 1;
1083 }
1084
1085 /*
1086 * Parses a label and adds it to the list of labels for a menu.
1087 *
1088 * A label ends when we either get to the end of a file, or
1089 * get some input we otherwise don't have a handler defined
1090 * for.
1091 *
1092 */
parse_label(char ** c,struct pxe_menu * cfg)1093 static int parse_label(char **c, struct pxe_menu *cfg)
1094 {
1095 struct token t;
1096 int len;
1097 char *s = *c;
1098 struct pxe_label *label;
1099 int err;
1100
1101 label = label_create();
1102 if (!label)
1103 return -ENOMEM;
1104
1105 err = parse_sliteral(c, &label->name);
1106 if (err < 0) {
1107 printf("Expected label name: %.*s\n", (int)(*c - s), s);
1108 label_destroy(label);
1109 return -EINVAL;
1110 }
1111
1112 list_add_tail(&label->list, &cfg->labels);
1113
1114 while (1) {
1115 s = *c;
1116 get_token(c, &t, L_KEYWORD);
1117
1118 err = 0;
1119 switch (t.type) {
1120 case T_MENU:
1121 err = parse_label_menu(c, cfg, label);
1122 break;
1123
1124 case T_KERNEL:
1125 case T_LINUX:
1126 err = parse_label_kernel(c, label);
1127 break;
1128
1129 case T_APPEND:
1130 err = parse_sliteral(c, &label->append);
1131 if (label->initrd)
1132 break;
1133 s = strstr(label->append, "initrd=");
1134 if (!s)
1135 break;
1136 s += 7;
1137 len = (int)(strchr(s, ' ') - s);
1138 label->initrd = malloc(len + 1);
1139 strncpy(label->initrd, s, len);
1140 label->initrd[len] = '\0';
1141
1142 break;
1143
1144 case T_INITRD:
1145 if (!label->initrd)
1146 err = parse_sliteral(c, &label->initrd);
1147 break;
1148
1149 case T_FDT:
1150 if (!label->fdt)
1151 err = parse_sliteral(c, &label->fdt);
1152 break;
1153
1154 case T_FDTDIR:
1155 if (!label->fdtdir)
1156 err = parse_sliteral(c, &label->fdtdir);
1157 break;
1158
1159 case T_FDTOVERLAYS:
1160 if (!label->fdtoverlays)
1161 err = parse_sliteral(c, &label->fdtoverlays);
1162 break;
1163
1164 case T_LOCALBOOT:
1165 label->localboot = 1;
1166 err = parse_integer(c, &label->localboot_val);
1167 break;
1168
1169 case T_IPAPPEND:
1170 err = parse_integer(c, &label->ipappend);
1171 break;
1172
1173 case T_EOL:
1174 break;
1175
1176 default:
1177 /*
1178 * put the token back! we don't want it - it's the end
1179 * of a label and whatever token this is, it's
1180 * something for the menu level context to handle.
1181 */
1182 *c = s;
1183 return 1;
1184 }
1185
1186 if (err < 0)
1187 return err;
1188 }
1189 }
1190
1191 /*
1192 * This 16 comes from the limit pxelinux imposes on nested includes.
1193 *
1194 * There is no reason at all we couldn't do more, but some limit helps prevent
1195 * infinite (until crash occurs) recursion if a file tries to include itself.
1196 */
1197 #define MAX_NEST_LEVEL 16
1198
1199 /*
1200 * Entry point for parsing a menu file. nest_level indicates how many times
1201 * we've nested in includes. It will be 1 for the top level menu file.
1202 *
1203 * Returns 1 on success, < 0 on error.
1204 */
parse_pxefile_top(struct cmd_tbl * cmdtp,char * p,unsigned long base,struct pxe_menu * cfg,int nest_level)1205 static int parse_pxefile_top(struct cmd_tbl *cmdtp, char *p, unsigned long base,
1206 struct pxe_menu *cfg, int nest_level)
1207 {
1208 struct token t;
1209 char *s, *b, *label_name;
1210 int err;
1211
1212 b = p;
1213
1214 if (nest_level > MAX_NEST_LEVEL) {
1215 printf("Maximum nesting (%d) exceeded\n", MAX_NEST_LEVEL);
1216 return -EMLINK;
1217 }
1218
1219 while (1) {
1220 s = p;
1221
1222 get_token(&p, &t, L_KEYWORD);
1223
1224 err = 0;
1225 switch (t.type) {
1226 case T_MENU:
1227 cfg->prompt = 1;
1228 err = parse_menu(cmdtp, &p, cfg,
1229 base + ALIGN(strlen(b) + 1, 4),
1230 nest_level);
1231 break;
1232
1233 case T_TIMEOUT:
1234 err = parse_integer(&p, &cfg->timeout);
1235 break;
1236
1237 case T_LABEL:
1238 err = parse_label(&p, cfg);
1239 break;
1240
1241 case T_DEFAULT:
1242 case T_ONTIMEOUT:
1243 err = parse_sliteral(&p, &label_name);
1244
1245 if (label_name) {
1246 if (cfg->default_label)
1247 free(cfg->default_label);
1248
1249 cfg->default_label = label_name;
1250 }
1251
1252 break;
1253
1254 case T_INCLUDE:
1255 err = handle_include(cmdtp, &p,
1256 base + ALIGN(strlen(b), 4), cfg,
1257 nest_level + 1);
1258 break;
1259
1260 case T_PROMPT:
1261 eol_or_eof(&p);
1262 break;
1263
1264 case T_EOL:
1265 break;
1266
1267 case T_EOF:
1268 return 1;
1269
1270 default:
1271 printf("Ignoring unknown command: %.*s\n",
1272 (int)(p - s), s);
1273 eol_or_eof(&p);
1274 }
1275
1276 if (err < 0)
1277 return err;
1278 }
1279 }
1280
1281 /*
1282 * Free the memory used by a pxe_menu and its labels.
1283 */
destroy_pxe_menu(struct pxe_menu * cfg)1284 void destroy_pxe_menu(struct pxe_menu *cfg)
1285 {
1286 struct list_head *pos, *n;
1287 struct pxe_label *label;
1288
1289 if (cfg->title)
1290 free(cfg->title);
1291
1292 if (cfg->default_label)
1293 free(cfg->default_label);
1294
1295 list_for_each_safe(pos, n, &cfg->labels) {
1296 label = list_entry(pos, struct pxe_label, list);
1297
1298 label_destroy(label);
1299 }
1300
1301 free(cfg);
1302 }
1303
1304 /*
1305 * Entry point for parsing a pxe file. This is only used for the top level
1306 * file.
1307 *
1308 * Returns NULL if there is an error, otherwise, returns a pointer to a
1309 * pxe_menu struct populated with the results of parsing the pxe file (and any
1310 * files it includes). The resulting pxe_menu struct can be free()'d by using
1311 * the destroy_pxe_menu() function.
1312 */
parse_pxefile(struct cmd_tbl * cmdtp,unsigned long menucfg)1313 struct pxe_menu *parse_pxefile(struct cmd_tbl *cmdtp, unsigned long menucfg)
1314 {
1315 struct pxe_menu *cfg;
1316 char *buf;
1317 int r;
1318
1319 cfg = malloc(sizeof(struct pxe_menu));
1320
1321 if (!cfg)
1322 return NULL;
1323
1324 memset(cfg, 0, sizeof(struct pxe_menu));
1325
1326 INIT_LIST_HEAD(&cfg->labels);
1327
1328 buf = map_sysmem(menucfg, 0);
1329 r = parse_pxefile_top(cmdtp, buf, menucfg, cfg, 1);
1330 unmap_sysmem(buf);
1331
1332 if (r < 0) {
1333 destroy_pxe_menu(cfg);
1334 return NULL;
1335 }
1336
1337 return cfg;
1338 }
1339
1340 /*
1341 * Converts a pxe_menu struct into a menu struct for use with U-Boot's generic
1342 * menu code.
1343 */
pxe_menu_to_menu(struct pxe_menu * cfg)1344 static struct menu *pxe_menu_to_menu(struct pxe_menu *cfg)
1345 {
1346 struct pxe_label *label;
1347 struct list_head *pos;
1348 struct menu *m;
1349 int err;
1350 int i = 1;
1351 char *default_num = NULL;
1352
1353 /*
1354 * Create a menu and add items for all the labels.
1355 */
1356 m = menu_create(cfg->title, DIV_ROUND_UP(cfg->timeout, 10),
1357 cfg->prompt, NULL, label_print, NULL, NULL);
1358
1359 if (!m)
1360 return NULL;
1361
1362 list_for_each(pos, &cfg->labels) {
1363 label = list_entry(pos, struct pxe_label, list);
1364
1365 sprintf(label->num, "%d", i++);
1366 if (menu_item_add(m, label->num, label) != 1) {
1367 menu_destroy(m);
1368 return NULL;
1369 }
1370 if (cfg->default_label &&
1371 (strcmp(label->name, cfg->default_label) == 0))
1372 default_num = label->num;
1373 }
1374
1375 /*
1376 * After we've created items for each label in the menu, set the
1377 * menu's default label if one was specified.
1378 */
1379 if (default_num) {
1380 err = menu_default_set(m, default_num);
1381 if (err != 1) {
1382 if (err != -ENOENT) {
1383 menu_destroy(m);
1384 return NULL;
1385 }
1386
1387 printf("Missing default: %s\n", cfg->default_label);
1388 }
1389 }
1390
1391 return m;
1392 }
1393
1394 /*
1395 * Try to boot any labels we have yet to attempt to boot.
1396 */
boot_unattempted_labels(struct cmd_tbl * cmdtp,struct pxe_menu * cfg)1397 static void boot_unattempted_labels(struct cmd_tbl *cmdtp, struct pxe_menu *cfg)
1398 {
1399 struct list_head *pos;
1400 struct pxe_label *label;
1401
1402 list_for_each(pos, &cfg->labels) {
1403 label = list_entry(pos, struct pxe_label, list);
1404
1405 if (!label->attempted)
1406 label_boot(cmdtp, label);
1407 }
1408 }
1409
1410 /*
1411 * Boot the system as prescribed by a pxe_menu.
1412 *
1413 * Use the menu system to either get the user's choice or the default, based
1414 * on config or user input. If there is no default or user's choice,
1415 * attempted to boot labels in the order they were given in pxe files.
1416 * If the default or user's choice fails to boot, attempt to boot other
1417 * labels in the order they were given in pxe files.
1418 *
1419 * If this function returns, there weren't any labels that successfully
1420 * booted, or the user interrupted the menu selection via ctrl+c.
1421 */
handle_pxe_menu(struct cmd_tbl * cmdtp,struct pxe_menu * cfg)1422 void handle_pxe_menu(struct cmd_tbl *cmdtp, struct pxe_menu *cfg)
1423 {
1424 void *choice;
1425 struct menu *m;
1426 int err;
1427
1428 if (IS_ENABLED(CONFIG_CMD_BMP)) {
1429 /* display BMP if available */
1430 if (cfg->bmp) {
1431 if (get_relfile(cmdtp, cfg->bmp, image_load_addr)) {
1432 if (CONFIG_IS_ENABLED(CMD_CLS))
1433 run_command("cls", 0);
1434 bmp_display(image_load_addr,
1435 BMP_ALIGN_CENTER, BMP_ALIGN_CENTER);
1436 } else {
1437 printf("Skipping background bmp %s for failure\n",
1438 cfg->bmp);
1439 }
1440 }
1441 }
1442
1443 m = pxe_menu_to_menu(cfg);
1444 if (!m)
1445 return;
1446
1447 err = menu_get_choice(m, &choice);
1448
1449 menu_destroy(m);
1450
1451 /*
1452 * err == 1 means we got a choice back from menu_get_choice.
1453 *
1454 * err == -ENOENT if the menu was setup to select the default but no
1455 * default was set. in that case, we should continue trying to boot
1456 * labels that haven't been attempted yet.
1457 *
1458 * otherwise, the user interrupted or there was some other error and
1459 * we give up.
1460 */
1461
1462 if (err == 1) {
1463 err = label_boot(cmdtp, choice);
1464 if (!err)
1465 return;
1466 } else if (err != -ENOENT) {
1467 return;
1468 }
1469
1470 boot_unattempted_labels(cmdtp, cfg);
1471 }
1472