X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=common%2Fcli.c;h=075ae9dc4aec5971b327651c7b8117211adb04e1;hb=49891df661acf164460ba3ada60fccfc5a53ea71;hp=9cf7ba1bd7948444e0415407152f6d5ab415407f;hpb=30354978ff470470c15caea2566b61b5792ad277;p=u-boot diff --git a/common/cli.c b/common/cli.c index 9cf7ba1bd7..075ae9dc4a 100644 --- a/common/cli.c +++ b/common/cli.c @@ -12,8 +12,11 @@ #include #include #include +#include #include +DECLARE_GLOBAL_DATA_PTR; + /* * Run a command using the selected parser. * @@ -33,8 +36,35 @@ int run_command(const char *cmd, int flag) return 0; #else - return parse_string_outer(cmd, - FLAG_PARSE_SEMICOLON | FLAG_EXIT_FROM_LOOP); + int hush_flags = FLAG_PARSE_SEMICOLON | FLAG_EXIT_FROM_LOOP; + + if (flag & CMD_FLAG_ENV) + hush_flags |= FLAG_CONT_ON_NEWLINE; + return parse_string_outer(cmd, hush_flags); +#endif +} + +/* + * Run a command using the selected parser, and check if it is repeatable. + * + * @param cmd Command to run + * @param flag Execution flags (CMD_FLAG_...) + * @return 0 (not repeatable) or 1 (repeatable) on success, -1 on error. + */ +int run_command_repeatable(const char *cmd, int flag) +{ +#ifndef CONFIG_SYS_HUSH_PARSER + return cli_simple_run_command(cmd, flag); +#else + /* + * parse_string_outer() returns 1 for failure, so clean up + * its result. + */ + if (parse_string_outer(cmd, + FLAG_PARSE_SEMICOLON | FLAG_EXIT_FROM_LOOP)) + return -1; + + return 0; #endif } @@ -98,9 +128,94 @@ int do_run(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]) return 1; } - if (run_command(arg, flag) != 0) + if (run_command(arg, flag | CMD_FLAG_ENV) != 0) return 1; } return 0; } #endif + +#ifdef CONFIG_OF_CONTROL +bool cli_process_fdt(const char **cmdp) +{ + /* Allow the fdt to override the boot command */ + char *env = fdtdec_get_config_string(gd->fdt_blob, "bootcmd"); + if (env) + *cmdp = env; + /* + * If the bootsecure option was chosen, use secure_boot_cmd(). + * Always use 'env' in this case, since bootsecure requres that the + * bootcmd was specified in the FDT too. + */ + return fdtdec_get_config_int(gd->fdt_blob, "bootsecure", 0) != 0; +} + +/* + * Runs the given boot command securely. Specifically: + * - Doesn't run the command with the shell (run_command or parse_string_outer), + * since that's a lot of code surface that an attacker might exploit. + * Because of this, we don't do any argument parsing--the secure boot command + * has to be a full-fledged u-boot command. + * - Doesn't check for keypresses before booting, since that could be a + * security hole; also disables Ctrl-C. + * - Doesn't allow the command to return. + * + * Upon any failures, this function will drop into an infinite loop after + * printing the error message to console. + */ +void cli_secure_boot_cmd(const char *cmd) +{ + cmd_tbl_t *cmdtp; + int rc; + + if (!cmd) { + printf("## Error: Secure boot command not specified\n"); + goto err; + } + + /* Disable Ctrl-C just in case some command is used that checks it. */ + disable_ctrlc(1); + + /* Find the command directly. */ + cmdtp = find_cmd(cmd); + if (!cmdtp) { + printf("## Error: \"%s\" not defined\n", cmd); + goto err; + } + + /* Run the command, forcing no flags and faking argc and argv. */ + rc = (cmdtp->cmd)(cmdtp, 0, 1, (char **)&cmd); + + /* Shouldn't ever return from boot command. */ + printf("## Error: \"%s\" returned (code %d)\n", cmd, rc); + +err: + /* + * Not a whole lot to do here. Rebooting won't help much, since we'll + * just end up right back here. Just loop. + */ + hang(); +} +#endif /* CONFIG_OF_CONTROL */ + +void cli_loop(void) +{ +#ifdef CONFIG_SYS_HUSH_PARSER + parse_file_outer(); + /* This point is never reached */ + for (;;); +#else + cli_simple_loop(); +#endif /*CONFIG_SYS_HUSH_PARSER*/ +} + +void cli_init(void) +{ +#ifdef CONFIG_SYS_HUSH_PARSER + u_boot_hush_start(); +#endif + +#if defined(CONFIG_HUSH_INIT_VAR) + hush_init_var(); +#endif +}