Add support to get layout from fmap (e.g. coreboot rom)

Flashmap, or simply fmap, is a binary data format for describing
region offsets, sizes, and certain attributes and is widely used by
coreboot. This patch adds support for the fmap data format version 1.1
and adds --fmap and --fmap-file arguments.

Using --fmap will make flashrom to search the ROM content for fmap
data. Using --fmap-file will make flashrom search a supplied file
for fmap data.

An example of how to update the COREBOOT region of a ROM:
flashrom -p programmer --fmap -w coreboot.rom -i COREBOOT
flashrom -p programmer --fmap-file coreboot.rom -w coreboot.rom -i COREBOOT

The fmap functions are mostly copied from cbfstool.

Currently it is made mutually exclusive with other layout options until
we are more clever about this input.

Change-Id: I0e7fad38ed79a84d41358e1f175c36d255786c12
Signed-off-by: Arthur Heymans <arthur@aheymans.xyz>
Signed-off-by: David Hendricks <dhendricks@fb.com>
Reviewed-on: https://review.coreboot.org/23203
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Tested-by: David Hendricks <david.hendricks@gmail.com>
Reviewed-by: Werner Zeh <werner.zeh@siemens.com>
Reviewed-by: Nico Huber <nico.h@gmx.de>
diff --git a/fmap.c b/fmap.c
new file mode 100644
index 0000000..d44b7fa
--- /dev/null
+++ b/fmap.c
@@ -0,0 +1,333 @@
+/*
+ * Copyright 2015, Google Inc.
+ * Copyright 2018-present, Facebook Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are
+ * met:
+ *
+ *    * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *    * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following disclaimer
+ * in the documentation and/or other materials provided with the
+ * distribution.
+ *    * Neither the name of Google Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived from
+ * this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ * Alternatively, this software may be distributed under the terms of the
+ * GNU General Public License ("GPL") version 2 as published by the Free
+ * Software Foundation.
+ */
+
+#include <ctype.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/types.h>
+#include "flash.h"
+#include "fmap.h"
+
+static size_t fmap_size(const struct fmap *fmap)
+{
+	return sizeof(*fmap) + (fmap->nareas * sizeof(struct fmap_area));
+}
+
+static int is_valid_fmap(const struct fmap *fmap)
+{
+	if (memcmp(fmap, FMAP_SIGNATURE, strlen(FMAP_SIGNATURE)) != 0)
+		return 0;
+	/* strings containing the magic tend to fail here */
+	if (fmap->ver_major > FMAP_VER_MAJOR)
+		return 0;
+	if (fmap->ver_minor > FMAP_VER_MINOR)
+		return 0;
+	/* a basic consistency check: flash address space size should be larger
+	 * than the size of the fmap data structure */
+	if (fmap->size < fmap_size(fmap))
+		return 0;
+
+	/* fmap-alikes along binary data tend to fail on having a valid,
+	 * null-terminated string in the name field.*/
+	int i;
+	for (i = 0; i < FMAP_STRLEN; i++) {
+		if (fmap->name[i] == 0)
+			break;
+		if (!isgraph(fmap->name[i]))
+			return 0;
+		if (i == FMAP_STRLEN - 1) {
+			/* name is specified to be null terminated single-word string
+			 * without spaces. We did not break in the 0 test, we know it
+			 * is a printable spaceless string but we're seeing FMAP_STRLEN
+			 * symbols, which is one too many.
+			 */
+			 return 0;
+		}
+	}
+	return 1;
+
+}
+
+/**
+ * @brief Do a brute-force linear search for fmap in provided buffer
+ *
+ * @param[in] buffer The buffer to search
+ * @param[in] len Length (in bytes) to search
+ *
+ * @return offset in buffer where fmap is found if successful
+ *         -1 to indicate that fmap was not found
+ *         -2 to indicate fmap is truncated or exceeds buffer + len
+ */
+static off_t fmap_lsearch(const uint8_t *buf, size_t len)
+{
+	off_t offset;
+	bool fmap_found = 0;
+
+	for (offset = 0; offset <= len - sizeof(struct fmap); offset++) {
+		if (is_valid_fmap((struct fmap *)&buf[offset])) {
+			fmap_found = 1;
+			break;
+		}
+	}
+
+	if (!fmap_found)
+		return -1;
+
+	if (offset + fmap_size((struct fmap *)&buf[offset]) > len) {
+		msg_gerr("fmap size exceeds buffer boundary.\n");
+		return -2;
+	}
+
+	return offset;
+}
+
+/**
+ * @brief Read fmap from provided buffer and copy it to fmap_out
+ *
+ * @param[out] fmap_out Double-pointer to location to store fmap contents.
+ *                      Caller must free allocated fmap contents.
+ * @param[in] buf Buffer to search
+ * @param[in] len Length (in bytes) to search
+ *
+ * @return 0 if successful
+ *         1 to indicate error
+ *         2 to indicate fmap is not found
+ */
+int fmap_read_from_buffer(struct fmap **fmap_out, const uint8_t *const buf, size_t len)
+{
+	off_t offset = fmap_lsearch(buf, len);
+	if (offset < 0) {
+		msg_gdbg("Unable to find fmap in provided buffer.\n");
+		return 2;
+	} else {
+		msg_gdbg("Found fmap at offset 0x%06zx\n", (size_t)offset);
+	}
+
+	const struct fmap *fmap = (const struct fmap *)(buf + offset);
+	*fmap_out = malloc(fmap_size(fmap));
+	if (*fmap_out == NULL) {
+		msg_gerr("Out of memory.\n");
+		return 1;
+	}
+
+	memcpy(*fmap_out, fmap, fmap_size(fmap));
+	return 0;
+}
+
+static int fmap_lsearch_rom(struct fmap **fmap_out,
+		struct flashctx *const flashctx, size_t rom_offset, size_t len)
+{
+	int ret = -1;
+	uint8_t *buf;
+
+	if (prepare_flash_access(flashctx, true, false, false, false))
+		goto _finalize_ret;
+
+	/* likely more memory than we need, but it simplifies handling and
+	 * printing offsets to keep them uniform with what's on the ROM */
+	buf = malloc(rom_offset + len);
+	if (!buf) {
+		msg_gerr("Out of memory.\n");
+		goto _finalize_ret;
+	}
+
+	ret = flashctx->chip->read(flashctx, buf + rom_offset, rom_offset, len);
+	if (ret) {
+		msg_pdbg("Cannot read ROM contents.\n");
+		goto _free_ret;
+	}
+
+	ret = fmap_read_from_buffer(fmap_out, buf + rom_offset, len);
+_free_ret:
+	free(buf);
+_finalize_ret:
+	finalize_flash_access(flashctx);
+	return ret;
+}
+
+static int fmap_bsearch_rom(struct fmap **fmap_out, struct flashctx *const flashctx,
+		size_t rom_offset, size_t len, int min_stride)
+{
+	size_t stride, fmap_len = 0;
+	int ret = 1, fmap_found = 0, check_offset_0 = 1;
+	struct fmap *fmap;
+	const unsigned int chip_size = flashctx->chip->total_size * 1024;
+	const int sig_len = strlen(FMAP_SIGNATURE);
+
+	if (rom_offset + len > flashctx->chip->total_size * 1024)
+		return 1;
+
+	if (len < sizeof(*fmap))
+		return 1;
+
+	if (prepare_flash_access(flashctx, true, false, false, false))
+		return 1;
+
+	fmap = malloc(sizeof(struct fmap));
+	if (!fmap) {
+		msg_gerr("Out of memory.\n");
+		goto _free_ret;
+	}
+
+	/*
+	 * For efficient operation, we start with the largest stride possible
+	 * and then decrease the stride on each iteration. Also, check for a
+	 * remainder when modding the offset with the previous stride. This
+	 * makes it so that each offset is only checked once.
+	 *
+	 * Zero (rom_offset == 0) is a special case and is handled using a
+	 * variable to track whether or not we've checked it.
+	 */
+	size_t offset;
+	for (stride = chip_size / 2; stride >= min_stride; stride /= 2) {
+		if (stride > len)
+			continue;
+
+		for (offset = rom_offset;
+		     offset <= rom_offset + len - sizeof(struct fmap);
+		     offset += stride) {
+			if ((offset % (stride * 2) == 0) && (offset != 0))
+				continue;
+			if (offset == 0 && !check_offset_0)
+				continue;
+			check_offset_0 = 0;
+
+			/* Read errors are considered non-fatal since we may
+			 * encounter locked regions and want to continue. */
+			if (flashctx->chip->read(flashctx, (uint8_t *)fmap, offset, sig_len)) {
+				/*
+				 * Print in verbose mode only to avoid excessive
+				 * messages for benign errors. Subsequent error
+				 * prints should be done as usual.
+				 */
+				msg_cdbg("Cannot read %d bytes at offset %zu\n", sig_len, offset);
+				continue;
+			}
+
+			if (memcmp(fmap, FMAP_SIGNATURE, sig_len) != 0)
+				continue;
+
+			if (flashctx->chip->read(flashctx, (uint8_t *)fmap + sig_len,
+						offset + sig_len, sizeof(*fmap) - sig_len)) {
+				msg_cerr("Cannot read %zu bytes at offset %06zx\n",
+						sizeof(*fmap) + sig_len, offset + sig_len);
+				continue;
+			}
+
+			if (is_valid_fmap(fmap)) {
+				msg_gdbg("fmap found at offset 0x%06zx\n", offset);
+				fmap_found = 1;
+				break;
+			} else {
+				msg_gerr("fmap signature found at %zu but header is invalid.\n", offset);
+				ret = 2;
+			}
+		}
+
+		if (fmap_found)
+			break;
+	}
+
+	if (!fmap_found)
+		goto _free_ret;
+
+	fmap_len = fmap_size(fmap);
+	struct fmap *tmp = fmap;
+	fmap = realloc(fmap, fmap_len);
+	if (!fmap) {
+		msg_gerr("Failed to realloc.\n");
+		free(tmp);
+		goto _free_ret;
+	}
+
+	if (flashctx->chip->read(flashctx, (uint8_t *)fmap + sizeof(*fmap),
+				offset + sizeof(*fmap), fmap_len - sizeof(*fmap))) {
+		msg_cerr("Cannot read %zu bytes at offset %06zx\n",
+				fmap_len - sizeof(*fmap), offset + sizeof(*fmap));
+		/* Treat read failure to be fatal since this
+		 * should be a valid, usable fmap. */
+		ret = 2;
+		goto _free_ret;
+	}
+
+	*fmap_out = fmap;
+	ret = 0;
+_free_ret:
+	if (ret)
+		free(fmap);
+	finalize_flash_access(flashctx);
+	return ret;
+}
+
+/**
+ * @brief Read fmap from ROM
+ *
+ * @param[out] fmap_out Double-pointer to location to store fmap contents.
+ *                      Caller must free allocated fmap contents.
+ * @param[in] flashctx Flash context
+ * @param[in] rom_offset Offset in ROM to begin search
+ * @param[in] len Length to search relative to rom_offset
+ *
+ * @return 0 on success,
+ *         2 if the fmap couldn't be read,
+ *         1 on any other error.
+ */
+int fmap_read_from_rom(struct fmap **fmap_out,
+	struct flashctx *const flashctx, size_t rom_offset, size_t len)
+{
+	int ret;
+
+	if (!flashctx || !flashctx->chip)
+		return 1;
+
+	/*
+	 * Binary search is used at first to see if we can find an fmap quickly
+	 * in a usual location (often at a power-of-2 offset). However, once we
+	 * reach a small enough stride the transaction overhead will reverse the
+	 * speed benefit of using bsearch at which point we need to use brute-
+	 * force instead.
+	 *
+	 * TODO: Since flashrom is often used with high-latency external
+	 * programmers we should not be overly aggressive with bsearch.
+	 */
+	ret = fmap_bsearch_rom(fmap_out, flashctx, rom_offset, len, 256);
+	if (ret) {
+		msg_gdbg("Binary search failed, trying linear search...\n");
+		ret = fmap_lsearch_rom(fmap_out, flashctx, rom_offset, len);
+	}
+
+	return ret;
+}