Merge "platform: msm_shared: a/b support, add APIs to support a/b partitions."
diff --git a/app/aboot/aboot.c b/app/aboot/aboot.c
index be347ce..e566751 100755
--- a/app/aboot/aboot.c
+++ b/app/aboot/aboot.c
@@ -1200,13 +1200,14 @@
page_mask = page_size - 1;
}
- /* ensure commandline is terminated */
- hdr->cmdline[BOOT_ARGS_SIZE-1] = 0;
-
kernel_actual = ROUND_TO_PAGE(hdr->kernel_size, page_mask);
ramdisk_actual = ROUND_TO_PAGE(hdr->ramdisk_size, page_mask);
image_addr = (unsigned char *)target_get_scratch_address();
+ memcpy(image_addr, (void *)buf, page_size);
+
+ /* ensure commandline is terminated */
+ hdr->cmdline[BOOT_ARGS_SIZE-1] = 0;
#if DEVICE_TREE
#ifndef OSVERSION_IN_BOOTIMAGE
@@ -1255,9 +1256,9 @@
dprintf(CRITICAL, "booimage size is greater than DDR can hold\n");
return -1;
}
-
- /* Read image without signature */
- if (mmc_read(ptn + offset, (void *)image_addr, imagesize_actual))
+ offset = page_size;
+ /* Read image without signature and header*/
+ if (mmc_read(ptn + offset, (void *)(image_addr + offset), imagesize_actual - page_size))
{
dprintf(CRITICAL, "ERROR: Cannot read boot image\n");
return -1;
@@ -1597,8 +1598,8 @@
return -1;
}
- /* ensure commandline is terminated */
- hdr->cmdline[BOOT_ARGS_SIZE-1] = 0;
+ image_addr = (unsigned char *)target_get_scratch_address();
+ memcpy(image_addr, (void *)buf, page_size);
/*
* Update the kernel/ramdisk/tags address if the boot image header
@@ -1615,6 +1616,9 @@
kernel_actual = ROUND_TO_PAGE(hdr->kernel_size, page_mask);
ramdisk_actual = ROUND_TO_PAGE(hdr->ramdisk_size, page_mask);
+ /* ensure commandline is terminated */
+ hdr->cmdline[BOOT_ARGS_SIZE-1] = 0;
+
/* Check if the addresses in the header are valid. */
if (check_aboot_addr_range_overlap(hdr->kernel_addr, kernel_actual) ||
check_aboot_addr_range_overlap(hdr->ramdisk_addr, ramdisk_actual))
@@ -1639,8 +1643,6 @@
/* Authenticate Kernel */
if(target_use_signed_kernel() && (!device.is_unlocked))
{
- image_addr = (unsigned char *)target_get_scratch_address();
- offset = 0;
#if DEVICE_TREE
dt_actual = ROUND_TO_PAGE(dt_size, page_mask);
@@ -1680,8 +1682,9 @@
dprintf(CRITICAL, "bootimage size is greater than DDR can hold\n");
return -1;
}
- /* Read image without signature */
- if (flash_read(ptn, offset, (void *)image_addr, imagesize_actual))
+ offset = page_size;
+ /* Read image without signature and header*/
+ if (flash_read(ptn, offset, (void *)(image_addr + offset), imagesize_actual - page_size))
{
dprintf(CRITICAL, "ERROR: Cannot read boot image\n");
return -1;
@@ -2390,6 +2393,7 @@
uint32_t image_actual;
uint32_t dt_actual = 0;
uint32_t sig_actual = 0;
+ uint32_t sig_size = 0;
struct boot_img_hdr *hdr = NULL;
struct kernel64_hdr *kptr = NULL;
char *ptr = ((char*) data);
@@ -2444,17 +2448,23 @@
image_actual = ADD_OF(image_actual, ramdisk_actual);
image_actual = ADD_OF(image_actual, dt_actual);
+ /* Checking to prevent oob access in read_der_message_length */
+ if (image_actual > sz) {
+ fastboot_fail("bootimage header fields are invalid");
+ goto boot_failed;
+ }
+ sig_size = sz - image_actual;
+
if (target_use_signed_kernel() && (!device.is_unlocked)) {
/* Calculate the signature length from boot image */
sig_actual = read_der_message_length(
- (unsigned char*)(data + image_actual),sz);
+ (unsigned char*)(data + image_actual), sig_size);
image_actual = ADD_OF(image_actual, sig_actual);
- }
- /* sz should have atleast raw boot image */
- if (image_actual > sz) {
- fastboot_fail("bootimage: incomplete or not signed");
- goto boot_failed;
+ if (image_actual > sz) {
+ fastboot_fail("bootimage header fields are invalid");
+ goto boot_failed;
+ }
}
// Initialize boot state before trying to verify boot.img
@@ -2739,14 +2749,6 @@
cmd_erase_nand(arg, data, sz);
}
-static uint32_t aboot_get_secret_key()
-{
- /* 0 is invalid secret key, update this implementation to return
- * device specific unique secret key
- */
- return 0;
-}
-
void cmd_flash_mmc_img(const char *arg, void *data, unsigned sz)
{
unsigned long long ptn = 0;
@@ -3340,6 +3342,8 @@
struct ptable *ptable;
unsigned extra = 0;
uint64_t partition_size = 0;
+ unsigned bytes_to_round_page = 0;
+ unsigned rounded_size = 0;
if((uintptr_t)data > (UINT_MAX - sz)) {
fastboot_fail("Cannot flash: image header corrupt");
@@ -3376,9 +3380,22 @@
|| !strcmp(ptn->name, "modem"))
extra = 1;
else {
- if (sz % page_size) {
- fastboot_fail("Buffer size is not aligned to page_size");
- return;
+ rounded_size = ROUNDUP(sz, page_size);
+ bytes_to_round_page = rounded_size - sz;
+ if (bytes_to_round_page) {
+ if (((uintptr_t)data + sz ) > (UINT_MAX - bytes_to_round_page)) {
+ fastboot_fail("Integer overflow detected");
+ return;
+ }
+ if (((uintptr_t)data + sz + bytes_to_round_page) >
+ ((uintptr_t)target_get_scratch_address() + target_get_max_flash_size())) {
+ fastboot_fail("Buffer size is not aligned to page_size");
+ return;
+ }
+ else {
+ memset(data + sz, 0, bytes_to_round_page);
+ sz = rounded_size;
+ }
}
}
@@ -3541,20 +3558,24 @@
static int aboot_frp_unlock(char *pname, void *data, unsigned sz)
{
- int ret = 1;
- uint32_t secret_key;
- char seckey_buffer[MAX_RSP_SIZE];
+ int ret=1;
+ bool authentication_success=false;
- secret_key = aboot_get_secret_key();
- if (secret_key)
+ /*
+ Authentication method not implemented.
+
+ OEM to implement, authentication system which on successful validataion,
+ calls write_allow_oem_unlock() with is_allow_unlock.
+ */
+#if 0
+ authentication_success = oem_specific_auth_mthd();
+#endif
+
+ if (authentication_success)
{
- snprintf((char *) seckey_buffer, MAX_RSP_SIZE, "%x", secret_key);
- if (!memcmp((void *)data, (void *)seckey_buffer, sz))
- {
- is_allow_unlock = true;
- write_allow_oem_unlock(is_allow_unlock);
- ret = 0;
- }
+ is_allow_unlock = true;
+ write_allow_oem_unlock(is_allow_unlock);
+ ret = 0;
}
return ret;
}
@@ -3671,6 +3692,17 @@
}
uint8_t *base = (uint8_t *) fb_display->base;
+ uint32_t fb_size = ROUNDUP(fb_display->width *
+ fb_display->height *
+ (fb_display->bpp / 8), 4096);
+ uint32_t splash_size = ((((header->width * header->height *
+ fb_display->bpp/8) + 511) >> 9) << 9);
+
+ if (splash_size > fb_size) {
+ dprintf(CRITICAL, "ERROR: Splash image size invalid\n");
+ return -1;
+ }
+
if (flash_read(ptn + LOGO_IMG_HEADER_SIZE, 0,
(uint32_t *)base,
((((header->width * header->height * fb_display->bpp/8) + 511) >> 9) << 9))) {
@@ -3744,6 +3776,15 @@
|| (header->height != fb_display->height))
fbcon_clear();
+ uint32_t fb_size = ROUNDUP(fb_display->width *
+ fb_display->height *
+ (fb_display->bpp / 8), 4096);
+
+ if (readsize > fb_size) {
+ dprintf(CRITICAL, "ERROR: Splash image size invalid\n");
+ return -1;
+ }
+
if (mmc_read(ptn + blocksize, (uint32_t *)(base + blocksize), readsize)) {
dprintf(CRITICAL, "ERROR: Cannot read splash image from partition\n");
return -1;
diff --git a/makefile b/makefile
index b6c1ddb..cc0f10f 100644
--- a/makefile
+++ b/makefile
@@ -67,7 +67,9 @@
ifeq ($(APPEND_CMDLINE),1)
CFLAGS += -D_APPEND_CMDLINE=1
endif
-
+ifeq ($(ENABLE_HARD_FPU),1)
+ CFLAGS += -mfloat-abi=hard -mfpu=neon
+endif
# setup toolchain prefix
TOOLCHAIN_PREFIX ?= arm-eabi-
CFLAGS += -fstack-protector-all
diff --git a/platform/msm_shared/partition_parser.c b/platform/msm_shared/partition_parser.c
index c7e91a1..1c3cc72 100644
--- a/platform/msm_shared/partition_parser.c
+++ b/platform/msm_shared/partition_parser.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2011-2016, The Linux Foundation. All rights reserved.
+/* Copyright (c) 2011-2017, The Linux Foundation. All rights reserved.
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are
@@ -1174,8 +1174,9 @@
if (!flashing_gpt) {
partition_0 = GET_LLWORD_FROM_BYTE(&buffer[PARTITION_ENTRIES_OFFSET]);
/*start LBA should always be 2 in primary GPT*/
- if(partition_0 != 0x2) {
+ if(partition_0 != 0x2 && !parse_secondary_gpt) {
dprintf(CRITICAL, "Starting LBA mismatch\n");
+ ret = 1;
goto fail;
}
diff --git a/target/msm8909/oem_panel.c b/target/msm8909/oem_panel.c
index 6e12a6c..4909008 100644
--- a/target/msm8909/oem_panel.c
+++ b/target/msm8909/oem_panel.c
@@ -59,6 +59,9 @@
QRD_SKUT = 0x0A,
};
+enum {
+ BG_WTP = 0x0F,
+};
/*---------------------------------------------------------------------------*/
/* static panel selection variable */
/*---------------------------------------------------------------------------*/
@@ -452,7 +455,14 @@
case HW_PLATFORM_SURF:
case HW_PLATFORM_MTP:
case HW_PLATFORM_RCM:
- panel_id = HX8394D_720P_VIDEO_PANEL;
+ switch (platform_subtype) {
+ case BG_WTP:
+ panel_id = AUO_CX_QVGA_CMD_PANEL;
+ break;
+ default:
+ panel_id = HX8394D_720P_VIDEO_PANEL;
+ break;
+ }
break;
case HW_PLATFORM_QRD:
switch (platform_subtype) {