1
2
3
4
5
6
7
8
9
10
11
12
13
14#include <linux/vmalloc.h>
15#include <linux/slab.h>
16#include <linux/uaccess.h>
17
18#include "hysdn_defs.h"
19#include "hysdn_pof.h"
20
21
22
23
24#define POF_READ_FILE_HEAD 0
25#define POF_READ_TAG_HEAD 1
26#define POF_READ_TAG_DATA 2
27
28
29
30
31
32struct boot_data {
33 unsigned short Cryptor;
34 unsigned short Nrecs;
35 unsigned char pof_state;
36 unsigned char is_crypted;
37 int BufSize;
38 int last_error;
39 unsigned short pof_recid;
40 unsigned long pof_reclen;
41 unsigned long pof_recoffset;
42 union {
43 unsigned char BootBuf[BOOT_BUF_SIZE];
44 tPofRecHdr PofRecHdr;
45 tPofFileHdr PofFileHdr;
46 tPofTimeStamp PofTime;
47 } buf;
48};
49
50
51
52
53
54
55
56static void
57StartDecryption(struct boot_data *boot)
58{
59 boot->Cryptor = CRYPT_STARTTERM;
60}
61
62
63
64
65
66
67
68
69static void
70DecryptBuf(struct boot_data *boot, int cnt)
71{
72 unsigned char *bufp = boot->buf.BootBuf;
73
74 while (cnt--) {
75 boot->Cryptor = (boot->Cryptor >> 1) ^ ((boot->Cryptor & 1U) ? CRYPT_FEEDTERM : 0);
76 *bufp++ ^= (unsigned char)boot->Cryptor;
77 }
78}
79
80
81
82
83
84static int
85pof_handle_data(hysdn_card *card, int datlen)
86{
87 struct boot_data *boot = card->boot;
88 long l;
89 unsigned char *imgp;
90 int img_len;
91
92
93 switch (boot->pof_recid) {
94
95 case TAG_TIMESTMP:
96 if (card->debug_flags & LOG_POF_RECORD)
97 hysdn_addlog(card, "POF created %s", boot->buf.PofTime.DateTimeText);
98 break;
99
100 case TAG_CBOOTDTA:
101 DecryptBuf(boot, datlen);
102 case TAG_BOOTDTA:
103 if (card->debug_flags & LOG_POF_RECORD)
104 hysdn_addlog(card, "POF got %s len=%d offs=0x%lx",
105 (boot->pof_recid == TAG_CBOOTDTA) ? "CBOOTDATA" : "BOOTDTA",
106 datlen, boot->pof_recoffset);
107
108 if (boot->pof_reclen != POF_BOOT_LOADER_TOTAL_SIZE) {
109 boot->last_error = EPOF_BAD_IMG_SIZE;
110 return (boot->last_error);
111 }
112 imgp = boot->buf.BootBuf;
113 img_len = datlen;
114
115 l = POF_BOOT_LOADER_OFF_IN_PAGE -
116 (boot->pof_recoffset & (POF_BOOT_LOADER_PAGE_SIZE - 1));
117 if (l > 0) {
118
119 imgp += l;
120 img_len -= l;
121 }
122
123
124
125
126
127
128
129 if (img_len > 0) {
130
131 if ((boot->last_error =
132 card->writebootimg(card, imgp,
133 (boot->pof_recoffset > POF_BOOT_LOADER_PAGE_SIZE) ? 2 : 0)) < 0)
134 return (boot->last_error);
135 }
136 break;
137
138 case TAG_CABSDATA:
139 DecryptBuf(boot, datlen);
140 case TAG_ABSDATA:
141 if (card->debug_flags & LOG_POF_RECORD)
142 hysdn_addlog(card, "POF got %s len=%d offs=0x%lx",
143 (boot->pof_recid == TAG_CABSDATA) ? "CABSDATA" : "ABSDATA",
144 datlen, boot->pof_recoffset);
145
146 if ((boot->last_error = card->writebootseq(card, boot->buf.BootBuf, datlen)) < 0)
147 return (boot->last_error);
148
149 if (boot->pof_recoffset + datlen >= boot->pof_reclen)
150 return (card->waitpofready(card));
151
152 break;
153
154 default:
155 if (card->debug_flags & LOG_POF_RECORD)
156 hysdn_addlog(card, "POF got data(id=0x%lx) len=%d offs=0x%lx", boot->pof_recid,
157 datlen, boot->pof_recoffset);
158
159 break;
160 }
161
162 return (0);
163}
164
165
166
167
168
169
170
171
172
173int
174pof_write_buffer(hysdn_card *card, int datlen)
175{
176 struct boot_data *boot = card->boot;
177
178 if (!boot)
179 return (-EFAULT);
180 if (boot->last_error < 0)
181 return (boot->last_error);
182
183 if (card->debug_flags & LOG_POF_WRITE)
184 hysdn_addlog(card, "POF write: got %d bytes ", datlen);
185
186 switch (boot->pof_state) {
187 case POF_READ_FILE_HEAD:
188 if (card->debug_flags & LOG_POF_WRITE)
189 hysdn_addlog(card, "POF write: checking file header");
190
191 if (datlen != sizeof(tPofFileHdr)) {
192 boot->last_error = -EPOF_INTERNAL;
193 break;
194 }
195 if (boot->buf.PofFileHdr.Magic != TAGFILEMAGIC) {
196 boot->last_error = -EPOF_BAD_MAGIC;
197 break;
198 }
199
200 boot->Nrecs = (unsigned short)(boot->buf.PofFileHdr.N_PofRecs);
201 boot->pof_state = POF_READ_TAG_HEAD;
202 boot->last_error = sizeof(tPofRecHdr);
203 break;
204
205 case POF_READ_TAG_HEAD:
206 if (card->debug_flags & LOG_POF_WRITE)
207 hysdn_addlog(card, "POF write: checking tag header");
208
209 if (datlen != sizeof(tPofRecHdr)) {
210 boot->last_error = -EPOF_INTERNAL;
211 break;
212 }
213 boot->pof_recid = boot->buf.PofRecHdr.PofRecId;
214 boot->pof_reclen = boot->buf.PofRecHdr.PofRecDataLen;
215 boot->pof_recoffset = 0;
216
217 if (card->debug_flags & LOG_POF_RECORD)
218 hysdn_addlog(card, "POF: got record id=0x%lx length=%ld ",
219 boot->pof_recid, boot->pof_reclen);
220
221 boot->pof_state = POF_READ_TAG_DATA;
222 if (boot->pof_reclen < BOOT_BUF_SIZE)
223 boot->last_error = boot->pof_reclen;
224 else
225 boot->last_error = BOOT_BUF_SIZE;
226
227 if (!boot->last_error) {
228 boot->pof_state = POF_READ_TAG_HEAD;
229 boot->last_error = sizeof(tPofRecHdr);
230 }
231 break;
232
233 case POF_READ_TAG_DATA:
234 if (card->debug_flags & LOG_POF_WRITE)
235 hysdn_addlog(card, "POF write: getting tag data");
236
237 if (datlen != boot->last_error) {
238 boot->last_error = -EPOF_INTERNAL;
239 break;
240 }
241 if ((boot->last_error = pof_handle_data(card, datlen)) < 0)
242 return (boot->last_error);
243 boot->pof_recoffset += datlen;
244 if (boot->pof_recoffset >= boot->pof_reclen) {
245 boot->pof_state = POF_READ_TAG_HEAD;
246 boot->last_error = sizeof(tPofRecHdr);
247 } else {
248 if (boot->pof_reclen - boot->pof_recoffset < BOOT_BUF_SIZE)
249 boot->last_error = boot->pof_reclen - boot->pof_recoffset;
250 else
251 boot->last_error = BOOT_BUF_SIZE;
252 }
253 break;
254
255 default:
256 boot->last_error = -EPOF_INTERNAL;
257 break;
258 }
259
260 return (boot->last_error);
261}
262
263
264
265
266
267
268
269
270int
271pof_write_open(hysdn_card *card, unsigned char **bufp)
272{
273 struct boot_data *boot;
274
275 if (card->boot) {
276 if (card->debug_flags & LOG_POF_OPEN)
277 hysdn_addlog(card, "POF open: already opened for boot");
278 return (-ERR_ALREADY_BOOT);
279 }
280
281 if (!(boot = kzalloc(sizeof(struct boot_data), GFP_KERNEL))) {
282 if (card->debug_flags & LOG_MEM_ERR)
283 hysdn_addlog(card, "POF open: unable to allocate mem");
284 return (-EFAULT);
285 }
286 card->boot = boot;
287 card->state = CARD_STATE_BOOTING;
288
289 card->stopcard(card);
290 if (card->testram(card)) {
291 if (card->debug_flags & LOG_POF_OPEN)
292 hysdn_addlog(card, "POF open: DPRAM test failure");
293 boot->last_error = -ERR_BOARD_DPRAM;
294 card->state = CARD_STATE_BOOTERR;
295 return (boot->last_error);
296 }
297 boot->BufSize = 0;
298 boot->pof_state = POF_READ_FILE_HEAD;
299 StartDecryption(boot);
300
301 if (card->debug_flags & LOG_POF_OPEN)
302 hysdn_addlog(card, "POF open: success");
303
304 *bufp = boot->buf.BootBuf;
305 return (sizeof(tPofFileHdr));
306}
307
308
309
310
311
312int
313pof_write_close(hysdn_card *card)
314{
315 struct boot_data *boot = card->boot;
316
317 if (!boot)
318 return (-EFAULT);
319
320 card->boot = NULL;
321 kfree(boot);
322
323 if (card->state == CARD_STATE_RUN)
324 card->set_errlog_state(card, 1);
325
326 if (card->debug_flags & LOG_POF_OPEN)
327 hysdn_addlog(card, "POF close: success");
328
329 return (0);
330}
331
332
333
334
335
336int
337EvalSysrTokData(hysdn_card *card, unsigned char *cp, int len)
338{
339 u_char *p;
340 u_char crc;
341
342 if (card->debug_flags & LOG_POF_RECORD)
343 hysdn_addlog(card, "SysReady Token data length %d", len);
344
345 if (len < 2) {
346 hysdn_addlog(card, "SysReady Token Data to short");
347 return (1);
348 }
349 for (p = cp, crc = 0; p < (cp + len - 2); p++)
350 if ((crc & 0x80))
351 crc = (((u_char) (crc << 1)) + 1) + *p;
352 else
353 crc = ((u_char) (crc << 1)) + *p;
354 crc = ~crc;
355 if (crc != *(cp + len - 1)) {
356 hysdn_addlog(card, "SysReady Token Data invalid CRC");
357 return (1);
358 }
359 len--;
360 while (len > 0) {
361
362 if (*cp == SYSR_TOK_END)
363 return (0);
364
365 if (len < (*(cp + 1) + 2)) {
366 hysdn_addlog(card, "token 0x%x invalid length %d", *cp, *(cp + 1));
367 return (1);
368 }
369 switch (*cp) {
370 case SYSR_TOK_B_CHAN:
371 if (*(cp + 1) != 1)
372 return (1);
373 card->bchans = *(cp + 2);
374 break;
375
376 case SYSR_TOK_FAX_CHAN:
377 if (*(cp + 1) != 1)
378 return (1);
379 card->faxchans = *(cp + 2);
380 break;
381
382 case SYSR_TOK_MAC_ADDR:
383 if (*(cp + 1) != 6)
384 return (1);
385 memcpy(card->mac_addr, cp + 2, 6);
386 break;
387
388 default:
389 hysdn_addlog(card, "unknown token 0x%02x length %d", *cp, *(cp + 1));
390 break;
391 }
392 len -= (*(cp + 1) + 2);
393 cp += (*(cp + 1) + 2);
394 }
395
396 hysdn_addlog(card, "no end token found");
397 return (1);
398}
399