[J-u-boot.git] / common / cli.c

/*
 * (C) Copyright 2000
 * Wolfgang Denk, DENX Software Engineering, [email protected].
 *
 * Add to readline cmdline-editing by
 * (C) Copyright 2005
 * JinHua Luo, GuangDong Linux Center, <[email protected]>
 *
 * SPDX-License-Identifier:	GPL-2.0+
 */

#include <common.h>
#include <cli.h>
#include <cli_hush.h>
#include <console.h>
#include <fdtdec.h>
#include <malloc.h>

DECLARE_GLOBAL_DATA_PTR;

/*
 * Run a command using the selected parser.
 *
 * @param cmd	Command to run
 * @param flag	Execution flags (CMD_FLAG_...)
 * @return 0 on success, or != 0 on error.
 */
int run_command(const char *cmd, int flag)
{
#ifndef CONFIG_SYS_HUSH_PARSER
	/*
	 * cli_run_command can return 0 or 1 for success, so clean up
	 * its result.
	 */
	if (cli_simple_run_command(cmd, flag) == -1)
		return 1;

	return 0;
#else
	int hush_flags = FLAG_PARSE_SEMICOLON | FLAG_EXIT_FROM_LOOP;

	if (flag & CMD_FLAG_ENV)
		hush_flags |= FLAG_CONT_ON_NEWLINE;
	return parse_string_outer(cmd, hush_flags);
#endif
}

/*
 * Run a command using the selected parser, and check if it is repeatable.
 *
 * @param cmd	Command to run
 * @param flag	Execution flags (CMD_FLAG_...)
 * @return 0 (not repeatable) or 1 (repeatable) on success, -1 on error.
 */
int run_command_repeatable(const char *cmd, int flag)
{
#ifndef CONFIG_SYS_HUSH_PARSER
	return cli_simple_run_command(cmd, flag);
#else
	/*
	 * parse_string_outer() returns 1 for failure, so clean up
	 * its result.
	 */
	if (parse_string_outer(cmd,
			       FLAG_PARSE_SEMICOLON | FLAG_EXIT_FROM_LOOP))
		return -1;

	return 0;
#endif
}

int run_command_list(const char *cmd, int len, int flag)
{
	int need_buff = 1;
	char *buff = (char *)cmd;	/* cast away const */
	int rcode = 0;

	if (len == -1) {
		len = strlen(cmd);
#ifdef CONFIG_SYS_HUSH_PARSER
		/* hush will never change our string */
		need_buff = 0;
#else
		/* the built-in parser will change our string if it sees \n */
		need_buff = strchr(cmd, '\n') != NULL;
#endif
	}
	if (need_buff) {
		buff = malloc(len + 1);
		if (!buff)
			return 1;
		memcpy(buff, cmd, len);
		buff[len] = '\0';
	}
#ifdef CONFIG_SYS_HUSH_PARSER
	rcode = parse_string_outer(buff, FLAG_PARSE_SEMICOLON);
#else
	/*
	 * This function will overwrite any \n it sees with a \0, which
	 * is why it can't work with a const char *. Here we are making
	 * using of internal knowledge of this function, to avoid always
	 * doing a malloc() which is actually required only in a case that
	 * is pretty rare.
	 */
	rcode = cli_simple_run_command_list(buff, flag);
	if (need_buff)
		free(buff);
#endif

	return rcode;
}

/****************************************************************************/

#if defined(CONFIG_CMD_RUN)
int do_run(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[])
{
	int i;

	if (argc < 2)
		return CMD_RET_USAGE;

	for (i = 1; i < argc; ++i) {
		char *arg;

		arg = getenv(argv[i]);
		if (arg == NULL) {
			printf("## Error: \"%s\" not defined\n", argv[i]);
			return 1;
		}

		if (run_command(arg, flag | CMD_FLAG_ENV) != 0)
			return 1;
	}
	return 0;
}
#endif

#if CONFIG_IS_ENABLED(OF_CONTROL)
bool cli_process_fdt(const char **cmdp)
{
	/* Allow the fdt to override the boot command */
	char *env = fdtdec_get_config_string(gd->fdt_blob, "bootcmd");
	if (env)
		*cmdp = env;
	/*
	 * If the bootsecure option was chosen, use secure_boot_cmd().
	 * Always use 'env' in this case, since bootsecure requres that the
	 * bootcmd was specified in the FDT too.
	 */
	return fdtdec_get_config_int(gd->fdt_blob, "bootsecure", 0) != 0;
}

/*
 * Runs the given boot command securely.  Specifically:
 * - Doesn't run the command with the shell (run_command or parse_string_outer),
 *   since that's a lot of code surface that an attacker might exploit.
 *   Because of this, we don't do any argument parsing--the secure boot command
 *   has to be a full-fledged u-boot command.
 * - Doesn't check for keypresses before booting, since that could be a
 *   security hole; also disables Ctrl-C.
 * - Doesn't allow the command to return.
 *
 * Upon any failures, this function will drop into an infinite loop after
 * printing the error message to console.
 */
void cli_secure_boot_cmd(const char *cmd)
{
	cmd_tbl_t *cmdtp;
	int rc;

	if (!cmd) {
		printf("## Error: Secure boot command not specified\n");
		goto err;
	}

	/* Disable Ctrl-C just in case some command is used that checks it. */
	disable_ctrlc(1);

	/* Find the command directly. */
	cmdtp = find_cmd(cmd);
	if (!cmdtp) {
		printf("## Error: \"%s\" not defined\n", cmd);
		goto err;
	}

	/* Run the command, forcing no flags and faking argc and argv. */
	rc = (cmdtp->cmd)(cmdtp, 0, 1, (char **)&cmd);

	/* Shouldn't ever return from boot command. */
	printf("## Error: \"%s\" returned (code %d)\n", cmd, rc);

err:
	/*
	 * Not a whole lot to do here.  Rebooting won't help much, since we'll
	 * just end up right back here.  Just loop.
	 */
	hang();
}
#endif /* CONFIG_IS_ENABLED(OF_CONTROL) */

void cli_loop(void)
{
#ifdef CONFIG_SYS_HUSH_PARSER
	parse_file_outer();
	/* This point is never reached */
	for (;;);
#else
	cli_simple_loop();
#endif /*CONFIG_SYS_HUSH_PARSER*/
}

void cli_init(void)
{
#ifdef CONFIG_SYS_HUSH_PARSER
	u_boot_hush_start();
#endif

#if defined(CONFIG_HUSH_INIT_VAR)
	hush_init_var();
#endif
}
Commit	Line	Data
30354978 SG	1	/*
	2	* (C) Copyright 2000
	3	* Wolfgang Denk, DENX Software Engineering, [email protected].
	4	*
	5	* Add to readline cmdline-editing by
	6	* (C) Copyright 2005
	7	* JinHua Luo, GuangDong Linux Center, <[email protected]>
	8	*
	9	* SPDX-License-Identifier: GPL-2.0+
	10	*/
	11
	12	#include <common.h>
	13	#include <cli.h>
	14	#include <cli_hush.h>
24b852a7	15	#include <console.h>
affb2156	16	#include <fdtdec.h>
30354978 SG	17	#include <malloc.h>
30354978 SG	18
affb2156 SG	19	DECLARE_GLOBAL_DATA_PTR;
affb2156 SG	20
30354978 SG	21	/*
	22	* Run a command using the selected parser.
	23	*
	24	* @param cmd Command to run
	25	* @param flag Execution flags (CMD_FLAG_...)
	26	* @return 0 on success, or != 0 on error.
	27	*/
	28	int run_command(const char *cmd, int flag)
	29	{
	30	#ifndef CONFIG_SYS_HUSH_PARSER
	31	/*
	32	* cli_run_command can return 0 or 1 for success, so clean up
	33	* its result.
	34	*/
	35	if (cli_simple_run_command(cmd, flag) == -1)
	36	return 1;
	37
	38	return 0;
	39	#else
87b6398b SG	40	int hush_flags = FLAG_PARSE_SEMICOLON \| FLAG_EXIT_FROM_LOOP;
	41
	42	if (flag & CMD_FLAG_ENV)
	43	hush_flags \|= FLAG_CONT_ON_NEWLINE;
	44	return parse_string_outer(cmd, hush_flags);
30354978 SG	45	#endif
	46	}
	47
1d43bfd2 TB	48	/*
	49	* Run a command using the selected parser, and check if it is repeatable.
	50	*
	51	* @param cmd Command to run
	52	* @param flag Execution flags (CMD_FLAG_...)
	53	* @return 0 (not repeatable) or 1 (repeatable) on success, -1 on error.
	54	*/
	55	int run_command_repeatable(const char *cmd, int flag)
	56	{
	57	#ifndef CONFIG_SYS_HUSH_PARSER
	58	return cli_simple_run_command(cmd, flag);
	59	#else
	60	/*
	61	* parse_string_outer() returns 1 for failure, so clean up
	62	* its result.
	63	*/
	64	if (parse_string_outer(cmd,
	65	FLAG_PARSE_SEMICOLON \| FLAG_EXIT_FROM_LOOP))
	66	return -1;
	67
	68	return 0;
	69	#endif
	70	}
	71
30354978 SG	72	int run_command_list(const char *cmd, int len, int flag)
	73	{
	74	int need_buff = 1;
	75	char buff = (char )cmd; /* cast away const */
	76	int rcode = 0;
	77
	78	if (len == -1) {
	79	len = strlen(cmd);
	80	#ifdef CONFIG_SYS_HUSH_PARSER
	81	/* hush will never change our string */
	82	need_buff = 0;
	83	#else
	84	/* the built-in parser will change our string if it sees \n */
	85	need_buff = strchr(cmd, '\n') != NULL;
	86	#endif
	87	}
	88	if (need_buff) {
	89	buff = malloc(len + 1);
	90	if (!buff)
	91	return 1;
	92	memcpy(buff, cmd, len);
	93	buff[len] = '\0';
	94	}
	95	#ifdef CONFIG_SYS_HUSH_PARSER
	96	rcode = parse_string_outer(buff, FLAG_PARSE_SEMICOLON);
	97	#else
	98	/*
	99	* This function will overwrite any \n it sees with a \0, which
	100	* is why it can't work with a const char *. Here we are making
	101	* using of internal knowledge of this function, to avoid always
	102	* doing a malloc() which is actually required only in a case that
	103	* is pretty rare.
	104	*/
	105	rcode = cli_simple_run_command_list(buff, flag);
	106	if (need_buff)
	107	free(buff);
	108	#endif
	109
	110	return rcode;
	111	}
	112
	113	/****************************************************************************/
	114
	115	#if defined(CONFIG_CMD_RUN)
	116	int do_run(cmd_tbl_t cmdtp, int flag, int argc, char const argv[])
	117	{
	118	int i;
	119
	120	if (argc < 2)
	121	return CMD_RET_USAGE;
	122
	123	for (i = 1; i < argc; ++i) {
	124	char *arg;
	125
	126	arg = getenv(argv[i]);
	127	if (arg == NULL) {
	128	printf("## Error: \"%s\" not defined\n", argv[i]);
	129	return 1;
	130	}
	131
87b6398b	132	if (run_command(arg, flag \| CMD_FLAG_ENV) != 0)
30354978 SG	133	return 1;
	134	}
	135	return 0;
	136	}
	137	#endif
c1bb2cd0	138
0f925822	139	#if CONFIG_IS_ENABLED(OF_CONTROL)
affb2156 SG	140	bool cli_process_fdt(const char **cmdp)
	141	{
	142	/* Allow the fdt to override the boot command */
	143	char *env = fdtdec_get_config_string(gd->fdt_blob, "bootcmd");
	144	if (env)
	145	*cmdp = env;
	146	/*
	147	* If the bootsecure option was chosen, use secure_boot_cmd().
	148	* Always use 'env' in this case, since bootsecure requres that the
	149	* bootcmd was specified in the FDT too.
	150	*/
	151	return fdtdec_get_config_int(gd->fdt_blob, "bootsecure", 0) != 0;
	152	}
	153
	154	/*
	155	* Runs the given boot command securely. Specifically:
	156	* - Doesn't run the command with the shell (run_command or parse_string_outer),
	157	* since that's a lot of code surface that an attacker might exploit.
	158	* Because of this, we don't do any argument parsing--the secure boot command
	159	* has to be a full-fledged u-boot command.
	160	* - Doesn't check for keypresses before booting, since that could be a
	161	* security hole; also disables Ctrl-C.
	162	* - Doesn't allow the command to return.
	163	*
	164	* Upon any failures, this function will drop into an infinite loop after
	165	* printing the error message to console.
	166	*/
	167	void cli_secure_boot_cmd(const char *cmd)
	168	{
	169	cmd_tbl_t *cmdtp;
	170	int rc;
	171
	172	if (!cmd) {
	173	printf("## Error: Secure boot command not specified\n");
	174	goto err;
	175	}
	176
	177	/* Disable Ctrl-C just in case some command is used that checks it. */
	178	disable_ctrlc(1);
	179
	180	/* Find the command directly. */
	181	cmdtp = find_cmd(cmd);
	182	if (!cmdtp) {
	183	printf("## Error: \"%s\" not defined\n", cmd);
	184	goto err;
	185	}
	186
	187	/* Run the command, forcing no flags and faking argc and argv. */
	188	rc = (cmdtp->cmd)(cmdtp, 0, 1, (char **)&cmd);
	189
	190	/* Shouldn't ever return from boot command. */
	191	printf("## Error: \"%s\" returned (code %d)\n", cmd, rc);
	192
	193	err:
	194	/*
	195	* Not a whole lot to do here. Rebooting won't help much, since we'll
	196	* just end up right back here. Just loop.
	197	*/
	198	hang();
	199	}
0f925822	200	#endif /* CONFIG_IS_ENABLED(OF_CONTROL) */
affb2156	201
c1bb2cd0 SG	202	void cli_loop(void)
	203	{
	204	#ifdef CONFIG_SYS_HUSH_PARSER
	205	parse_file_outer();
	206	/* This point is never reached */
	207	for (;;);
	208	#else
	209	cli_simple_loop();
	210	#endif /CONFIG_SYS_HUSH_PARSER/
	211	}
	212
	213	void cli_init(void)
	214	{
	215	#ifdef CONFIG_SYS_HUSH_PARSER
	216	u_boot_hush_start();
	217	#endif
	218
	219	#if defined(CONFIG_HUSH_INIT_VAR)
	220	hush_init_var();
	221	#endif
	222	}