5 static long finddosfile(int, char*);
8 check(void *x, int len, uchar sum, char *msg)
10 if(nvcsum(x, len) == sum)
13 fprint(2, "%s\n", msg);
18 * get key info out of nvram. since there isn't room in the PC's nvram use
19 * a disk partition there.
27 "sparc", "#r/nvram", 1024+850, sizeof(Nvrsafe),
28 "pc", "#S/sdC0/nvram", 0, sizeof(Nvrsafe),
29 "pc", "#S/sdC0/9fat", -1, sizeof(Nvrsafe),
30 "pc", "#S/sdC1/nvram", 0, sizeof(Nvrsafe),
31 "pc", "#S/sdC1/9fat", -1, sizeof(Nvrsafe),
32 "pc", "#S/sdD0/nvram", 0, sizeof(Nvrsafe),
33 "pc", "#S/sdD0/9fat", -1, sizeof(Nvrsafe),
34 "pc", "#S/sdE0/nvram", 0, sizeof(Nvrsafe),
35 "pc", "#S/sdE0/9fat", -1, sizeof(Nvrsafe),
36 "pc", "#S/sdF0/nvram", 0, sizeof(Nvrsafe),
37 "pc", "#S/sdF0/9fat", -1, sizeof(Nvrsafe),
38 "pc", "#S/sd00/nvram", 0, sizeof(Nvrsafe),
39 "pc", "#S/sd00/9fat", -1, sizeof(Nvrsafe),
40 "pc", "#S/sd01/nvram", 0, sizeof(Nvrsafe),
41 "pc", "#S/sd01/9fat", -1, sizeof(Nvrsafe),
42 "pc", "#S/sd10/nvram", 0, sizeof(Nvrsafe),
43 "pc", "#S/sd10/9fat", -1, sizeof(Nvrsafe),
44 "pc", "#f/fd0disk", -1, 512, /* 512: #f requires whole sector reads */
45 "pc", "#f/fd1disk", -1, 512,
46 "mips", "#r/nvram", 1024+900, sizeof(Nvrsafe),
47 "power", "#F/flash/flash0", 0x440000, sizeof(Nvrsafe),
48 "power", "#F/flash/flash", 0x440000, sizeof(Nvrsafe),
49 "power", "#r/nvram", 4352, sizeof(Nvrsafe), /* OK for MTX-604e */
50 "power", "/nvram", 0, sizeof(Nvrsafe), /* OK for Ucu */
51 "arm", "#F/flash/flash0", 0x100000, sizeof(Nvrsafe),
52 "arm", "#F/flash/flash", 0x100000, sizeof(Nvrsafe),
53 "debug", "/tmp/nvram", 0, sizeof(Nvrsafe),
62 static char *nvrfile = nil, *cputype = nil;
64 /* returns with *locp filled in and locp->fd open, if possible */
66 findnvram(Nvrwhere *locp)
68 char *nvrlen, *nvroff, *v[2];
73 nvrfile = getenv("nvram");
75 cputype = getenv("cputype");
77 cputype = strdup("mips");
78 if(strcmp(cputype, "386")==0 || strcmp(cputype, "amd64")==0 || strcmp(cputype, "alpha")==0) {
80 cputype = strdup("pc");
86 if(nvrfile != nil && *nvrfile != '\0'){
87 /* accept device and device!file */
88 i = gettokens(nvrfile, v, nelem(v), "!");
94 fd = open(v[0], ORDWR|OCEXEC);
96 fd = open(v[0], OREAD|OCEXEC);
97 safelen = sizeof(Nvrsafe);
98 if(strstr(v[0], "/9fat") == nil)
100 nvrlen = getenv("nvrlen");
102 safelen = strtol(nvrlen, 0, 0);
103 nvroff = getenv("nvroff");
105 if(strcmp(nvroff, "dos") == 0)
108 safeoff = strtoll(nvroff, 0, 0);
109 if(safeoff < 0 && fd >= 0){
111 safeoff = finddosfile(fd, i == 2? v[1]: "plan9.nvr");
112 if(safeoff < 0){ /* didn't find plan9.nvr? */
120 for(i=0; i<nelem(nvtab); i++){
121 if(strcmp(cputype, nvtab[i].cputype) != 0)
123 if((fd = open(nvtab[i].file, ORDWR|OCEXEC)) < 0)
125 safeoff = nvtab[i].off;
126 safelen = nvtab[i].len;
128 safeoff = finddosfile(fd, "plan9.nvr");
129 if(safeoff < 0){ /* didn't find plan9.nvr? */
138 locp->safelen = safelen;
139 locp->safeoff = safeoff;
143 ask(char *prompt, char *buf, int len, int raw)
150 if((s = readcons(prompt, nil, raw)) == nil)
152 if((n = strlen(s)) >= len)
153 fprint(2, "%s longer than %d characters; try again\n", prompt, len-1);
166 * get key info out of nvram. since there isn't room in the PC's nvram use
167 * a disk partition there.
170 readnvram(Nvrsafe *safep, int flag)
173 char buf[512]; /* 512 for floppy i/o */
178 safe = (Nvrsafe*)buf;
179 memset(&loc, 0, sizeof loc);
182 loc.safelen = sizeof *safe;
183 else if (loc.safelen > sizeof buf)
184 loc.safelen = sizeof buf;
185 if (loc.safeoff < 0) {
186 fprint(2, "readnvram: couldn't find nvram\n");
187 if(!(flag&NVwritemem))
188 memset(safep, 0, sizeof(*safep));
191 * allow user to type the data for authentication,
192 * even if there's no nvram to store it in.
199 memset(safep, 0, sizeof(*safep));
201 || seek(loc.fd, loc.safeoff, 0) < 0
202 || read(loc.fd, buf, loc.safelen) != loc.safelen){
204 if(flag&(NVwrite|NVwriteonerr))
206 fprint(2, "can't open %s: %r\n", nvrfile);
207 else if (seek(loc.fd, loc.safeoff, 0) < 0)
208 fprint(2, "can't seek %s to %lld: %r\n",
209 nvrfile, loc.safeoff);
211 fprint(2, "can't read %d bytes from %s: %r\n",
212 loc.safelen, nvrfile);
213 /* start from scratch */
214 memset(safep, 0, sizeof(*safep));
217 *safep = *safe; /* overwrite arg with data read */
220 /* verify data read */
221 err |= check(safe->machkey, DESKEYLEN, safe->machsum,
222 "bad nvram des key");
223 err |= check(safe->authid, ANAMELEN, safe->authidsum,
224 "bad authentication id");
225 err |= check(safe->authdom, DOMLEN, safe->authdomsum,
226 "bad authentication domain");
228 err |= check(safe->config, CONFIGLEN, safe->configsum,
230 err |= check(safe->aesmachkey, AESKEYLEN, safe->aesmachsum,
231 "bad nvram aes key");
233 if(nvcsum(safe->config, CONFIGLEN) != safe->configsum)
234 memset(safe->config, 0, CONFIGLEN);
235 if(nvcsum(safe->aesmachkey, AESKEYLEN) != safe->aesmachsum)
236 memset(safe->aesmachkey, 0, AESKEYLEN);
239 if(safe->authid[0]==0 || safe->authdom[0]==0){
240 fprint(2, "empty nvram authid or authdom\n");
246 if((flag&(NVwrite|NVwritemem)) || (err && (flag&NVwriteonerr))){
247 if (!(flag&NVwritemem)) {
248 char pass[PASSWDLEN];
251 if(ask("authid", safe->authid, sizeof safe->authid, 0))
253 if(ask("authdom", safe->authdom, sizeof safe->authdom, 0))
255 if(ask("secstore key", safe->config, sizeof safe->config, 1))
257 if(ask("password", pass, sizeof pass, 1))
260 memset(pass, 0, sizeof pass);
261 memmove(safe->machkey, k.des, DESKEYLEN);
262 memmove(safe->aesmachkey, k.aes, AESKEYLEN);
263 memset(&k, 0, sizeof k);
266 safe->machsum = nvcsum(safe->machkey, DESKEYLEN);
267 // safe->authsum = nvcsum(safe->authkey, DESKEYLEN);
268 safe->configsum = nvcsum(safe->config, CONFIGLEN);
269 safe->authidsum = nvcsum(safe->authid, sizeof safe->authid);
270 safe->authdomsum = nvcsum(safe->authdom, sizeof safe->authdom);
271 safe->aesmachsum = nvcsum(safe->aesmachkey, AESKEYLEN);
273 *(Nvrsafe*)buf = *safe;
275 || seek(loc.fd, loc.safeoff, 0) < 0
276 || write(loc.fd, buf, loc.safelen) != loc.safelen){
277 fprint(2, "can't write key to nvram: %r\n");
288 typedef struct Dosboot Dosboot;
290 uchar magic[3]; /* really an xx86 JMP instruction */
311 #define GETSHORT(p) (((p)[1]<<8) | (p)[0])
312 #define GETLONG(p) ((GETSHORT((p)+2) << 16) | GETSHORT((p)))
314 typedef struct Dosdir Dosdir;
328 dosparse(char *from, char *to, int len)
332 memset(to, ' ', len);
341 if(c >= 'a' && c <= 'z')
342 *to++ = c + 'A' - 'a';
350 * return offset of first file block
352 * This is a very simplistic dos file system. It only
353 * works on floppies, only looks in the root, and only
354 * returns a pointer to the first block of a file.
356 * This exists for cpu servers that have no hard disk
357 * or nvram to store the key on.
359 * Please don't make this any smarter: it stays resident
360 * and I'ld prefer not to waste the space on something that
361 * runs only at boottime -- presotto.
364 finddosfile(int fd, char *file)
371 int nroot, sectsize, rootoff, rootsects, n;
373 /* dos'ize file name */
374 file = dosparse(file, name, 8);
375 dosparse(file, ext, 3);
377 /* read boot block, check for sanity */
378 b = (Dosboot*)secbuf;
379 if(read(fd, secbuf, sizeof(secbuf)) != sizeof(secbuf))
381 if(b->magic[0] != 0xEB || b->magic[1] != 0x3C || b->magic[2] != 0x90)
383 sectsize = GETSHORT(b->sectsize);
386 rootoff = (GETSHORT(b->nresrv) + b->nfats*GETSHORT(b->fatsize)) * sectsize;
387 if(seek(fd, rootoff, 0) < 0)
389 nroot = GETSHORT(b->rootsize);
390 rootsects = (nroot*sizeof(Dosdir)+sectsize-1)/sectsize;
391 if(rootsects <= 0 || rootsects > 64)
395 * read root. it is contiguous to make stuff like
398 root = malloc(rootsects*sectsize);
399 if(read(fd, root, rootsects*sectsize) != rootsects*sectsize)
402 for(dp = root; dp < &root[nroot]; dp++)
403 if(memcmp(name, dp->name, 8) == 0 && memcmp(ext, dp->ext, 3) == 0){
404 n = GETSHORT(dp->start);
413 * dp->start is in cluster units, not sectors. The first
414 * cluster is cluster 2 which starts immediately after the
417 return rootoff + rootsects*sectsize + (n-2)*sectsize*b->clustsize;
projects / plan9front.git / blob