mail archive of the barebox mailing list
 help / color / mirror / Atom feed
* [PATCH 0/2 v2] defaultenv-2: add login support
@ 2013-09-15 11:28 Jean-Christophe PLAGNIOL-VILLARD
  2013-09-15 11:30 ` [PATCH 1/4] login: add globalvar timeout support Jean-Christophe PLAGNIOL-VILLARD
  0 siblings, 1 reply; 10+ messages in thread
From: Jean-Christophe PLAGNIOL-VILLARD @ 2013-09-15 11:28 UTC (permalink / raw)
  To: barebox

HI,

	this will allow to request password when try to interrupt barebox auto
	boot

	This will also allow to set a default password if none in the env
	and if no /env/bin/init is present request a login

Jean-Christophe PLAGNIOL-VILLARD (4):
      login: add globalvar timeout support
      login: disable input console if password wrong
      login/passwd: add default password support
      defaultenv-2: add login support

 commands/login.c           | 32 +++++++++++++++++++++++++++++++-
 commands/passwd.c          |  8 ++++----
 common/Kconfig             |  5 +++++
 common/Makefile            | 18 ++++++++++++++++++
 common/console.c           |  6 ++++++
 common/console_common.c    | 45 +++++++++++++++++++++++++++++++++++++++++++++
 common/console_simple.c    |  9 ++++++++-
 common/password.c          | 94 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++-------------
 common/startup.c           |  2 ++
 defaultenv-2/base/bin/init | 16 ++++++++++++++++
 include/console.h          |  3 +++
 include/password.h         | 22 +++++++++++++++++-----
 12 files changed, 236 insertions(+), 24 deletions(-)

Best Regards,
J.

_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox

_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox

^ permalink raw reply	[flat|nested] 10+ messages in thread

* [PATCH 1/4] login: add globalvar timeout support
  2013-09-15 11:28 [PATCH 0/2 v2] defaultenv-2: add login support Jean-Christophe PLAGNIOL-VILLARD
@ 2013-09-15 11:30 ` Jean-Christophe PLAGNIOL-VILLARD
  2013-09-15 11:30   ` [PATCH 2/4] login: disable input console if password wrong Jean-Christophe PLAGNIOL-VILLARD
                     ` (3 more replies)
  0 siblings, 4 replies; 10+ messages in thread
From: Jean-Christophe PLAGNIOL-VILLARD @ 2013-09-15 11:30 UTC (permalink / raw)
  To: barebox

Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
---
 commands/login.c | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)

diff --git a/commands/login.c b/commands/login.c
index fb6bb35..f5429bc 100644
--- a/commands/login.c
+++ b/commands/login.c
@@ -20,6 +20,10 @@
 #include <complete.h>
 #include <password.h>
 #include <getopt.h>
+#include <environment.h>
+#include <globalvar.h>
+#include <magicvar.h>
+#include <init.h>
 
 #define PASSWD_MAX_LENGTH	(128 + 1)
 
@@ -31,6 +35,16 @@
 #define LOGIN_MODE HIDE
 #endif
 
+static void login_getenv_int(const char *name, int *i)
+{
+	const char* str = getenv(name);
+
+	if (!str)
+		return;
+
+	*i = simple_strtoul(str, NULL, 10);
+}
+
 static int do_login(int argc, char *argv[])
 {
 	unsigned char passwd[PASSWD_MAX_LENGTH];
@@ -38,6 +52,8 @@ static int do_login(int argc, char *argv[])
 	int timeout = 0;
 	char *timeout_cmd = "boot";
 
+	login_getenv_int("global.login.timeout", &timeout);
+
 	if (!is_passwd_enable()) {
 		puts("login: password not set\n");
 		return 0;
@@ -80,3 +96,13 @@ BAREBOX_CMD_START(login)
 	BAREBOX_CMD_HELP(cmd_login_help)
 	BAREBOX_CMD_COMPLETE(empty_complete)
 BAREBOX_CMD_END
+
+static int login_global_init(void)
+{
+	globalvar_add_simple("login.timeout");
+
+	return 0;
+}
+late_initcall(login_global_init);
+
+BAREBOX_MAGICVAR_NAMED(global_login_timeout, global.login.timeout, "timeout to type the password");
-- 
1.8.4.rc1


_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox

^ permalink raw reply	[flat|nested] 10+ messages in thread

* [PATCH 2/4] login: disable input console if password wrong
  2013-09-15 11:30 ` [PATCH 1/4] login: add globalvar timeout support Jean-Christophe PLAGNIOL-VILLARD
@ 2013-09-15 11:30   ` Jean-Christophe PLAGNIOL-VILLARD
  2013-09-16  8:33     ` Sascha Hauer
  2013-09-15 11:30   ` [PATCH 3/4] login/passwd: add default password support Jean-Christophe PLAGNIOL-VILLARD
                     ` (2 subsequent siblings)
  3 siblings, 1 reply; 10+ messages in thread
From: Jean-Christophe PLAGNIOL-VILLARD @ 2013-09-15 11:30 UTC (permalink / raw)
  To: barebox

so we guarantee that barebox is secured again user interaction

Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
---
 commands/login.c        |  6 +++++-
 common/console.c        |  6 ++++++
 common/console_common.c | 45 +++++++++++++++++++++++++++++++++++++++++++++
 common/console_simple.c |  9 ++++++++-
 common/startup.c        |  2 ++
 include/console.h       |  3 +++
 6 files changed, 69 insertions(+), 2 deletions(-)

diff --git a/commands/login.c b/commands/login.c
index f5429bc..cc11afb 100644
--- a/commands/login.c
+++ b/commands/login.c
@@ -24,6 +24,7 @@
 #include <globalvar.h>
 #include <magicvar.h>
 #include <init.h>
+#include <console.h>
 
 #define PASSWD_MAX_LENGTH	(128 + 1)
 
@@ -54,6 +55,7 @@ static int do_login(int argc, char *argv[])
 
 	login_getenv_int("global.login.timeout", &timeout);
 
+	console_allow_input(true);
 	if (!is_passwd_enable()) {
 		puts("login: password not set\n");
 		return 0;
@@ -74,8 +76,10 @@ static int do_login(int argc, char *argv[])
 		puts("Password: ");
 		passwd_len = password(passwd, PASSWD_MAX_LENGTH, LOGIN_MODE, timeout);
 
-		if (passwd_len < 0)
+		if (passwd_len < 0) {
+			console_allow_input(false);
 			run_command(timeout_cmd, 0);
+		}
 
 		if (check_passwd(passwd, passwd_len))
 			return 0;
diff --git a/common/console.c b/common/console.c
index 6ca94e2..4931829 100644
--- a/common/console.c
+++ b/common/console.c
@@ -236,6 +236,9 @@ int getc(void)
 	unsigned char ch;
 	uint64_t start;
 
+	if (unlikely(!console_is_input_allow()))
+		return -EPERM;
+
 	/*
 	 * For 100us we read the characters from the serial driver
 	 * into a kfifo. This helps us not to lose characters
@@ -270,6 +273,9 @@ EXPORT_SYMBOL(fgetc);
 
 int tstc(void)
 {
+	if (unlikely(!console_is_input_allow()))
+		return 0;
+
 	return kfifo_len(console_input_fifo) || tstc_raw();
 }
 EXPORT_SYMBOL(tstc);
diff --git a/common/console_common.c b/common/console_common.c
index d139d1a..f8046b1 100644
--- a/common/console_common.c
+++ b/common/console_common.c
@@ -21,9 +21,54 @@
 #include <common.h>
 #include <fs.h>
 #include <errno.h>
+#include <console.h>
+#include <init.h>
+#include <environment.h>
+#include <globalvar.h>
+#include <magicvar.h>
+#include <password.h>
 
 #ifndef CONFIG_CONSOLE_NONE
 
+static bool console_input_allow = false;
+
+static int console_input_allow_set(struct device_d *dev, struct param_d *p, const char *val)
+{
+	int ret = dev_param_set_generic(dev, p, val);
+
+	if (val && simple_strtoul(val, NULL, 10))
+		console_input_allow = true;
+	else
+		console_input_allow = false;
+
+	return ret;
+}
+
+static int console_global_init(void)
+{
+	globalvar_add("console.input_allow", console_input_allow_set, NULL, 0);
+
+	if (IS_ENABLED(CONFIG_CMD_LOGIN) && is_passwd_enable())
+		setenv("global.console.input_allow", "0");
+	else
+		setenv("global.console.input_allow", "1");
+
+	return 0;
+}
+late_initcall(console_global_init);
+
+BAREBOX_MAGICVAR_NAMED(global_console_input_allow, global.console.input_allow, "console input allowed");
+
+bool console_is_input_allow(void)
+{
+	return console_input_allow;
+}
+
+void console_allow_input(bool val)
+{
+	console_input_allow = val;
+}
+
 int printf(const char *fmt, ...)
 {
 	va_list args;
diff --git a/common/console_simple.c b/common/console_simple.c
index 101064b..bf6491d 100644
--- a/common/console_simple.c
+++ b/common/console_simple.c
@@ -3,6 +3,7 @@
 #include <fs.h>
 #include <errno.h>
 #include <debug_ll.h>
+#include <console.h>
 
 LIST_HEAD(console_list);
 EXPORT_SYMBOL(console_list);
@@ -40,6 +41,9 @@ EXPORT_SYMBOL(console_putc);
 
 int tstc(void)
 {
+	if (unlikely(!console_is_input_allow()))
+		return 0;
+
 	if (!console)
 		return 0;
 
@@ -48,7 +52,10 @@ int tstc(void)
 EXPORT_SYMBOL(tstc);
 
 int getc(void)
-{
+
+	if (unlikely(!console_is_input_allow()))
+		return -EPERM;
+
 	if (!console)
 		return -EINVAL;
 	return console->getc(console);
diff --git a/common/startup.c b/common/startup.c
index 9b33a92..0a36c07 100644
--- a/common/startup.c
+++ b/common/startup.c
@@ -138,6 +138,8 @@ void __noreturn start_barebox(void)
 			run_command("source /env/bin/init", 0);
 		} else {
 			pr_err("/env/bin/init not found\n");
+			if (IS_ENABLED(CONFIG_CMD_LOGIN))
+				while(run_command("login -t 0", 0));
 		}
 	}
 
diff --git a/include/console.h b/include/console.h
index 72cf99f..e94c5ae 100644
--- a/include/console.h
+++ b/include/console.h
@@ -54,4 +54,7 @@ extern struct list_head console_list;
 
 #define CFG_PBSIZE (CONFIG_CBSIZE+sizeof(CONFIG_PROMPT)+16)
 
+bool console_is_input_allow(void);
+void console_allow_input(bool val);
+
 #endif
-- 
1.8.4.rc1


_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox

^ permalink raw reply	[flat|nested] 10+ messages in thread

* [PATCH 3/4] login/passwd: add default password support
  2013-09-15 11:30 ` [PATCH 1/4] login: add globalvar timeout support Jean-Christophe PLAGNIOL-VILLARD
  2013-09-15 11:30   ` [PATCH 2/4] login: disable input console if password wrong Jean-Christophe PLAGNIOL-VILLARD
@ 2013-09-15 11:30   ` Jean-Christophe PLAGNIOL-VILLARD
  2013-09-15 11:30   ` [PATCH 4/4] defaultenv-2: add login support Jean-Christophe PLAGNIOL-VILLARD
  2013-09-16  8:02   ` [PATCH 1/4] login: add globalvar timeout support Sascha Hauer
  3 siblings, 0 replies; 10+ messages in thread
From: Jean-Christophe PLAGNIOL-VILLARD @ 2013-09-15 11:30 UTC (permalink / raw)
  To: barebox

even if the env is broken you will have a password

Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
---
 commands/passwd.c  |  8 ++---
 common/Kconfig     |  5 +++
 common/Makefile    | 18 +++++++++++
 common/password.c  | 94 ++++++++++++++++++++++++++++++++++++++++++++++--------
 include/password.h | 22 ++++++++++---
 5 files changed, 125 insertions(+), 22 deletions(-)

diff --git a/commands/passwd.c b/commands/passwd.c
index baccfa6..368c401 100644
--- a/commands/passwd.c
+++ b/commands/passwd.c
@@ -63,7 +63,7 @@ static int do_passwd(int argc, char *argv[])
 			goto err;
 	}
 
-	ret = set_passwd(passwd1, passwd1_len);
+	ret = set_env_passwd(passwd1, passwd1_len);
 
 	if (ret < 0) {
 		puts("Sorry, passwords write failed\n");
@@ -78,15 +78,15 @@ err:
 	return 1;
 
 disable:
-	passwd_disable();
+	passwd_env_disable();
 	puts("passwd: password disabled\n");
 	return ret;
 }
 
 static const __maybe_unused char cmd_passwd_help[] =
 "Usage: passwd\n"
-"passwd allow you to specify a password\n"
-"to disable it put an empty password\n"
+"passwd allow you to specify a password in the env\n"
+"to disable it put an empty password will still use the default password if set\n"
 ;
 
 BAREBOX_CMD_START(passwd)
diff --git a/common/Kconfig b/common/Kconfig
index dd70578..5d92284 100644
--- a/common/Kconfig
+++ b/common/Kconfig
@@ -385,6 +385,11 @@ config PASSWORD
 	help
 	  allow you to have password protection framework
 
+config PASSWORD_DEFAULT
+	string
+	prompt "Password default"
+	depends on PASSWORD
+
 if PASSWORD
 
 choice
diff --git a/common/Makefile b/common/Makefile
index 64eacc3..f8e2dee 100644
--- a/common/Makefile
+++ b/common/Makefile
@@ -114,6 +114,24 @@ cmd_env_h = cat $< | (cd $(obj) && $(objtree)/scripts/bin2c default_environment)
 $(obj)/barebox_default_env.h: $(obj)/barebox_default_env$(barebox_default_env_comp) FORCE
 	$(call if_changed,env_h)
 
+quiet_cmd_pwd_h = PWDH    $@
+ifneq ($(CONFIG_PASSWORD_DEFAULT),"")
+PASSWD_FILE := $(shell cd $(srctree); find $(CONFIG_PASSWORD_DEFAULT) -type f)
+cmd_pwd_h = echo -n "const char default_passwd[] = \"" > $@; \
+	cat $< | tr -d '\n' >> $@; \
+	echo "\";" >> $@
+
+include/generated/passwd.h: $(PASSWD_FILE)
+	$(call if_changed,pwd_h)
+else
+cmd_pwd_h = echo "const char default_passwd[] = \"\";" > $@
+
+include/generated/passwd.h: FORCE
+	$(call if_changed,pwd_h)
+endif
+
+$(obj)/password.o: include/generated/passwd.h
+
 # dependencies on generated files need to be listed explicitly
 $(obj)/version.o: include/generated/compile.h
 
diff --git a/common/password.c b/common/password.c
index d157a11..9c1e54a 100644
--- a/common/password.c
+++ b/common/password.c
@@ -25,6 +25,7 @@
 #include <malloc.h>
 #include <xfuncs.h>
 #include <clock.h>
+#include <generated/passwd.h>
 
 #if defined(CONFIG_PASSWD_SUM_MD5)
 #define PASSWD_SUM "md5"
@@ -97,7 +98,13 @@ int password(unsigned char *passwd, size_t length, int flags, int timeout)
 }
 EXPORT_SYMBOL(password);
 
-int is_passwd_enable(void)
+int is_passwd_default_enable(void)
+{
+	return strlen(default_passwd) > 0;
+}
+EXPORT_SYMBOL(is_passwd_default_enable);
+
+int is_passwd_env_enable(void)
 {
 	int fd;
 
@@ -110,13 +117,13 @@ int is_passwd_enable(void)
 
 	return 1;
 }
-EXPORT_SYMBOL(is_passwd_enable);
+EXPORT_SYMBOL(is_passwd_env_enable);
 
-int passwd_disable(void)
+int passwd_env_disable(void)
 {
 	return unlink(PASSWD_FILE);
 }
-EXPORT_SYMBOL(passwd_disable);
+EXPORT_SYMBOL(passwd_env_disable);
 
 static unsigned char to_digit(unsigned char c)
 {
@@ -140,6 +147,43 @@ static unsigned char to_hexa(unsigned char c)
 
 int read_passwd(unsigned char *sum, size_t length)
 {
+	if (is_passwd_env_enable())
+		return read_env_passwd(sum, length);
+	else if (is_passwd_default_enable())
+		return read_default_passwd(sum, length);
+	else
+		return -EINVAL;
+}
+
+int read_default_passwd(unsigned char *sum, size_t length)
+{
+	int i = 0;
+	int len = strlen(default_passwd);
+	unsigned char *buf = (unsigned char *)default_passwd;
+	unsigned char c;
+
+	if (!sum || length < 1)
+		return -EINVAL;
+
+	for (i = 0; i < len && length > 0; i++) {
+		c = buf[i];
+		i++;
+
+		*sum = to_digit(c) << 4;
+
+		c = buf[i];
+
+		*sum |= to_digit(c);
+		sum++;
+		length--;
+	}
+
+	return 0;
+}
+EXPORT_SYMBOL(read_default_passwd);
+
+int read_env_passwd(unsigned char *sum, size_t length)
+{
 	int fd;
 	int ret = 0;
 	unsigned char c;
@@ -178,9 +222,9 @@ exit:
 
 	return ret;
 }
-EXPORT_SYMBOL(read_passwd);
+EXPORT_SYMBOL(read_env_passwd);
 
-int write_passwd(unsigned char *sum, size_t length)
+int write_env_passwd(unsigned char *sum, size_t length)
 {
 	int fd;
 	unsigned char c;
@@ -227,9 +271,9 @@ exit:
 
 	return ret;
 }
-EXPORT_SYMBOL(write_passwd);
+EXPORT_SYMBOL(write_env_passwd);
 
-int check_passwd(unsigned char* passwd, size_t length)
+static int __check_passwd(unsigned char* passwd, size_t length, int std)
 {
 	struct digest *d;
 	unsigned char *passwd1_sum;
@@ -256,7 +300,10 @@ int check_passwd(unsigned char* passwd, size_t length)
 
 	d->final(d, passwd1_sum);
 
-	ret = read_passwd(passwd2_sum, d->length);
+	if (std)
+		ret = read_env_passwd(passwd2_sum, d->length);
+	else
+		ret = read_default_passwd(passwd2_sum, d->length);
 
 	if (ret < 0)
 		goto err2;
@@ -271,9 +318,30 @@ err1:
 
 	return ret;
 }
-EXPORT_SYMBOL(check_passwd);
 
-int set_passwd(unsigned char* passwd, size_t length)
+int check_default_passwd(unsigned char* passwd, size_t length)
+{
+	return __check_passwd(passwd, length, 0);
+}
+EXPORT_SYMBOL(check_default_passwd);
+
+int check_env_passwd(unsigned char* passwd, size_t length)
+{
+	return __check_passwd(passwd, length, 1);
+}
+EXPORT_SYMBOL(check_env_passwd);
+
+int check_passwd(unsigned char* passwd, size_t length)
+{
+	if (is_passwd_env_enable())
+		return check_env_passwd(passwd, length);
+	else if (is_passwd_default_enable())
+		return check_default_passwd(passwd, length);
+	else
+		return -EINVAL;
+}
+
+int set_env_passwd(unsigned char* passwd, size_t length)
 {
 	struct digest *d;
 	unsigned char *passwd_sum;
@@ -292,10 +360,10 @@ int set_passwd(unsigned char* passwd, size_t length)
 
 	d->final(d, passwd_sum);
 
-	ret = write_passwd(passwd_sum, d->length);
+	ret = write_env_passwd(passwd_sum, d->length);
 
 	free(passwd_sum);
 
 	return ret;
 }
-EXPORT_SYMBOL(set_passwd);
+EXPORT_SYMBOL(set_env_passwd);
diff --git a/include/password.h b/include/password.h
index df03cd7..0dd1054 100644
--- a/include/password.h
+++ b/include/password.h
@@ -28,11 +28,23 @@
 int password(unsigned char *passwd, size_t length, int flags, int timeout);
 
 int read_passwd(unsigned char *sum, size_t length);
-int write_passwd(unsigned char *sum, size_t length);
-
-int is_passwd_enable(void);
-int passwd_disable(void);
 int check_passwd(unsigned char* passwd, size_t length);
-int set_passwd(unsigned char* passwd, size_t length);
+
+int read_env_passwd(unsigned char *sum, size_t length);
+int write_env_passwd(unsigned char *sum, size_t length);
+
+int read_default_passwd(unsigned char *sum, size_t length);
+int is_passwd_default_enable(void);
+int check_default_passwd(unsigned char* passwd, size_t length);
+
+int is_passwd_env_enable(void);
+int passwd_env_disable(void);
+int check_env_passwd(unsigned char* passwd, size_t length);
+int set_env_passwd(unsigned char* passwd, size_t length);
+
+static inline int is_passwd_enable(void)
+{
+	return is_passwd_default_enable() || is_passwd_env_enable();
+}
 
 #endif /* __PASSWORD_H__ */
-- 
1.8.4.rc1


_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox

^ permalink raw reply	[flat|nested] 10+ messages in thread

* [PATCH 4/4] defaultenv-2: add login support
  2013-09-15 11:30 ` [PATCH 1/4] login: add globalvar timeout support Jean-Christophe PLAGNIOL-VILLARD
  2013-09-15 11:30   ` [PATCH 2/4] login: disable input console if password wrong Jean-Christophe PLAGNIOL-VILLARD
  2013-09-15 11:30   ` [PATCH 3/4] login/passwd: add default password support Jean-Christophe PLAGNIOL-VILLARD
@ 2013-09-15 11:30   ` Jean-Christophe PLAGNIOL-VILLARD
  2013-09-16  8:02   ` [PATCH 1/4] login: add globalvar timeout support Sascha Hauer
  3 siblings, 0 replies; 10+ messages in thread
From: Jean-Christophe PLAGNIOL-VILLARD @ 2013-09-15 11:30 UTC (permalink / raw)
  To: barebox

request password to login is a timeout is specified and /env/etc/passwd
present

ensure we have not console access execpt when allowed

Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
---
 defaultenv-2/base/bin/init | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/defaultenv-2/base/bin/init b/defaultenv-2/base/bin/init
index ca02ba6..4b132bc 100644
--- a/defaultenv-2/base/bin/init
+++ b/defaultenv-2/base/bin/init
@@ -16,14 +16,22 @@ global editcmd=sedit
 [ -e /env/config-board ] && /env/config-board
 /env/config
 
+# request password to login is a timeout is specified and /env/etc/passwd present
+[ -n ${global.login.timeout} ] && login_cmd=login
+# allow the input if not
+[ -n ${global.console.input_allow} ] && global.console.input_allow=1
+
 # allow to stop the boot before execute the /env/init/*
 # but without waiting
 timeout -s -a -v key 0
 
 if [ "${key}" = "q" ]; then
+	${login_cmd}
 	exit
 fi
 
+[ -n ${global.login.timeout} ] && global.console.input_allow=0
+
 for i in /env/init/*; do
 	. $i
 done
@@ -34,10 +42,15 @@ else
 	echo -e -n "\nHit any key to stop autoboot: "
 fi
 
+[ -n ${global.login.timeout} ] && global.console.input_allow=1
+
 timeout -a $global.autoboot_timeout -v key
 autoboot="$?"
 
+[ -n ${global.login.timeout} ] && global.console.input_allow=0
+
 if [ "${key}" = "q" ]; then
+	${login_cmd}
 	exit
 fi
 
@@ -46,9 +59,12 @@ if [ "$autoboot" = 0 ]; then
 fi
 
 if [ -e /env/menu ]; then
+	${login_cmd}
 	if [ "${key}" != "m" ]; then
 		echo -e "\ntype exit to get to the menu"
 		sh
 	fi
 	/env/menu/mainmenu
 fi
+
+${login_cmd}
-- 
1.8.4.rc1


_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox

^ permalink raw reply	[flat|nested] 10+ messages in thread

* Re: [PATCH 1/4] login: add globalvar timeout support
  2013-09-15 11:30 ` [PATCH 1/4] login: add globalvar timeout support Jean-Christophe PLAGNIOL-VILLARD
                     ` (2 preceding siblings ...)
  2013-09-15 11:30   ` [PATCH 4/4] defaultenv-2: add login support Jean-Christophe PLAGNIOL-VILLARD
@ 2013-09-16  8:02   ` Sascha Hauer
  2013-09-16 14:39     ` Jean-Christophe PLAGNIOL-VILLARD
  3 siblings, 1 reply; 10+ messages in thread
From: Sascha Hauer @ 2013-09-16  8:02 UTC (permalink / raw)
  To: Jean-Christophe PLAGNIOL-VILLARD; +Cc: barebox

On Sun, Sep 15, 2013 at 01:30:51PM +0200, Jean-Christophe PLAGNIOL-VILLARD wrote:
> Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
> ---
>  commands/login.c | 26 ++++++++++++++++++++++++++
>  1 file changed, 26 insertions(+)
> 
> diff --git a/commands/login.c b/commands/login.c
> index fb6bb35..f5429bc 100644
> --- a/commands/login.c
> +++ b/commands/login.c
> @@ -20,6 +20,10 @@
>  #include <complete.h>
>  #include <password.h>
>  #include <getopt.h>
> +#include <environment.h>
> +#include <globalvar.h>
> +#include <magicvar.h>
> +#include <init.h>
>  
>  #define PASSWD_MAX_LENGTH	(128 + 1)
>  
> @@ -31,6 +35,16 @@
>  #define LOGIN_MODE HIDE
>  #endif
>  
> +static void login_getenv_int(const char *name, int *i)
> +{
> +	const char* str = getenv(name);
> +
> +	if (!str)
> +		return;
> +
> +	*i = simple_strtoul(str, NULL, 10);
> +}

We already have getenv_ull. Should we use it here?

> +
>  static int do_login(int argc, char *argv[])
>  {
>  	unsigned char passwd[PASSWD_MAX_LENGTH];
> @@ -38,6 +52,8 @@ static int do_login(int argc, char *argv[])
>  	int timeout = 0;
>  	char *timeout_cmd = "boot";
>  
> +	login_getenv_int("global.login.timeout", &timeout);
> +
>  	if (!is_passwd_enable()) {
>  		puts("login: password not set\n");
>  		return 0;
> @@ -80,3 +96,13 @@ BAREBOX_CMD_START(login)
>  	BAREBOX_CMD_HELP(cmd_login_help)
>  	BAREBOX_CMD_COMPLETE(empty_complete)
>  BAREBOX_CMD_END
> +
> +static int login_global_init(void)
> +{
> +	globalvar_add_simple("login.timeout");

globalvar_add_simple now takes an initial value, like this:

int globalvar_add_simple(const char *name, const char *value)

Sascha

-- 
Pengutronix e.K.                           |                             |
Industrial Linux Solutions                 | http://www.pengutronix.de/  |
Peiner Str. 6-8, 31137 Hildesheim, Germany | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |

_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox

^ permalink raw reply	[flat|nested] 10+ messages in thread

* Re: [PATCH 2/4] login: disable input console if password wrong
  2013-09-15 11:30   ` [PATCH 2/4] login: disable input console if password wrong Jean-Christophe PLAGNIOL-VILLARD
@ 2013-09-16  8:33     ` Sascha Hauer
  2013-09-16 14:37       ` Jean-Christophe PLAGNIOL-VILLARD
  0 siblings, 1 reply; 10+ messages in thread
From: Sascha Hauer @ 2013-09-16  8:33 UTC (permalink / raw)
  To: Jean-Christophe PLAGNIOL-VILLARD; +Cc: barebox

On Sun, Sep 15, 2013 at 01:30:52PM +0200, Jean-Christophe PLAGNIOL-VILLARD wrote:
> so we guarantee that barebox is secured again user interaction
> 
> +static bool console_input_allow = false;
> +
> +static int console_input_allow_set(struct device_d *dev, struct param_d *p, const char *val)
> +{
> +	int ret = dev_param_set_generic(dev, p, val);
> +
> +	if (val && simple_strtoul(val, NULL, 10))
> +		console_input_allow = true;
> +	else
> +		console_input_allow = false;
> +
> +	return ret;
> +}
> +
> +static int console_global_init(void)
> +{
> +	globalvar_add("console.input_allow", console_input_allow_set, NULL, 0);
> +
> +	if (IS_ENABLED(CONFIG_CMD_LOGIN) && is_passwd_enable())
> +		setenv("global.console.input_allow", "0");
> +	else
> +		setenv("global.console.input_allow", "1");
> +
> +	return 0;
> +}
> +late_initcall(console_global_init);

With the attached patch applied the above would go down to:

static int console_input_allow;

static int console_global_init(void)
{
	dev_add_param_bool(&global_device, "console.input_allow",
		NULL, NULL, &console_input_allow, NULL);
	return 0;
}
late_initcall(console_global_init);

8<----------------------------------------------------------------------

From ae4a37fce8637280751fa75a58ea658b61c3a190 Mon Sep 17 00:00:00 2001
From: Sascha Hauer <s.hauer@pengutronix.de>
Date: Mon, 16 Sep 2013 10:17:26 +0200
Subject: [PATCH] globalvar: Make global_device global

This makes global_device accessible globally so that global variables
of a certain type can be added with dev_add_param_*

Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
---
 common/globalvar.c  | 2 +-
 include/globalvar.h | 3 +++
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/common/globalvar.c b/common/globalvar.c
index edb66dd..6ef4a6a 100644
--- a/common/globalvar.c
+++ b/common/globalvar.c
@@ -6,7 +6,7 @@
 #include <magicvar.h>
 #include <generated/utsrelease.h>
 
-static struct device_d global_device = {
+struct device_d global_device = {
 	.name = "global",
 	.id = DEVICE_ID_SINGLE,
 };
diff --git a/include/globalvar.h b/include/globalvar.h
index c2a13b3..a9d01d4 100644
--- a/include/globalvar.h
+++ b/include/globalvar.h
@@ -2,6 +2,9 @@
 #define __GLOBALVAR_H
 
 #include <param.h>
+#include <driver.h>
+
+extern struct device_d global_device;
 
 #ifdef CONFIG_GLOBALVAR
 int globalvar_add_simple(const char *name, const char *value);
-- 
1.8.4.rc3

-- 
Pengutronix e.K.                           |                             |
Industrial Linux Solutions                 | http://www.pengutronix.de/  |
Peiner Str. 6-8, 31137 Hildesheim, Germany | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |

_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox

^ permalink raw reply	[flat|nested] 10+ messages in thread

* Re: [PATCH 2/4] login: disable input console if password wrong
  2013-09-16  8:33     ` Sascha Hauer
@ 2013-09-16 14:37       ` Jean-Christophe PLAGNIOL-VILLARD
  2013-09-16 15:15         ` Sascha Hauer
  0 siblings, 1 reply; 10+ messages in thread
From: Jean-Christophe PLAGNIOL-VILLARD @ 2013-09-16 14:37 UTC (permalink / raw)
  To: Sascha Hauer; +Cc: barebox

On 10:33 Mon 16 Sep     , Sascha Hauer wrote:
> On Sun, Sep 15, 2013 at 01:30:52PM +0200, Jean-Christophe PLAGNIOL-VILLARD wrote:
> > so we guarantee that barebox is secured again user interaction
> > 
> > +static bool console_input_allow = false;
> > +
> > +static int console_input_allow_set(struct device_d *dev, struct param_d *p, const char *val)
> > +{
> > +	int ret = dev_param_set_generic(dev, p, val);
> > +
> > +	if (val && simple_strtoul(val, NULL, 10))
> > +		console_input_allow = true;
> > +	else
> > +		console_input_allow = false;
> > +
> > +	return ret;
> > +}
> > +
> > +static int console_global_init(void)
> > +{
> > +	globalvar_add("console.input_allow", console_input_allow_set, NULL, 0);
> > +
> > +	if (IS_ENABLED(CONFIG_CMD_LOGIN) && is_passwd_enable())
> > +		setenv("global.console.input_allow", "0");
> > +	else
> > +		setenv("global.console.input_allow", "1");
> > +
> > +	return 0;
> > +}
> > +late_initcall(console_global_init);
> 
> With the attached patch applied the above would go down to:
> 
> static int console_input_allow;
> 
> static int console_global_init(void)
> {
> 	dev_add_param_bool(&global_device, "console.input_allow",
> 		NULL, NULL, &console_input_allow, NULL);

I'm not a fan to export the global_device but I like the dev_addxxx

as if we decide to allocate it we need to fix up a lot of code :(

Best Regards,
J.
> 	return 0;
> }
> late_initcall(console_global_init);
> 
> 8<----------------------------------------------------------------------
> 
> From ae4a37fce8637280751fa75a58ea658b61c3a190 Mon Sep 17 00:00:00 2001
> From: Sascha Hauer <s.hauer@pengutronix.de>
> Date: Mon, 16 Sep 2013 10:17:26 +0200
> Subject: [PATCH] globalvar: Make global_device global
> 
> This makes global_device accessible globally so that global variables
> of a certain type can be added with dev_add_param_*
> 
> Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
> ---
>  common/globalvar.c  | 2 +-
>  include/globalvar.h | 3 +++
>  2 files changed, 4 insertions(+), 1 deletion(-)
> 
> diff --git a/common/globalvar.c b/common/globalvar.c
> index edb66dd..6ef4a6a 100644
> --- a/common/globalvar.c
> +++ b/common/globalvar.c
> @@ -6,7 +6,7 @@
>  #include <magicvar.h>
>  #include <generated/utsrelease.h>
>  
> -static struct device_d global_device = {
> +struct device_d global_device = {
>  	.name = "global",
>  	.id = DEVICE_ID_SINGLE,
>  };
> diff --git a/include/globalvar.h b/include/globalvar.h
> index c2a13b3..a9d01d4 100644
> --- a/include/globalvar.h
> +++ b/include/globalvar.h
> @@ -2,6 +2,9 @@
>  #define __GLOBALVAR_H
>  
>  #include <param.h>
> +#include <driver.h>
> +
> +extern struct device_d global_device;
>  
>  #ifdef CONFIG_GLOBALVAR
>  int globalvar_add_simple(const char *name, const char *value);
> -- 
> 1.8.4.rc3
> 
> -- 
> Pengutronix e.K.                           |                             |
> Industrial Linux Solutions                 | http://www.pengutronix.de/  |
> Peiner Str. 6-8, 31137 Hildesheim, Germany | Phone: +49-5121-206917-0    |
> Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |

_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox

^ permalink raw reply	[flat|nested] 10+ messages in thread

* Re: [PATCH 1/4] login: add globalvar timeout support
  2013-09-16  8:02   ` [PATCH 1/4] login: add globalvar timeout support Sascha Hauer
@ 2013-09-16 14:39     ` Jean-Christophe PLAGNIOL-VILLARD
  0 siblings, 0 replies; 10+ messages in thread
From: Jean-Christophe PLAGNIOL-VILLARD @ 2013-09-16 14:39 UTC (permalink / raw)
  To: Sascha Hauer; +Cc: barebox

On 10:02 Mon 16 Sep     , Sascha Hauer wrote:
> On Sun, Sep 15, 2013 at 01:30:51PM +0200, Jean-Christophe PLAGNIOL-VILLARD wrote:
> > Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
> > ---
> >  commands/login.c | 26 ++++++++++++++++++++++++++
> >  1 file changed, 26 insertions(+)
> > 
> > diff --git a/commands/login.c b/commands/login.c
> > index fb6bb35..f5429bc 100644
> > --- a/commands/login.c
> > +++ b/commands/login.c
> > @@ -20,6 +20,10 @@
> >  #include <complete.h>
> >  #include <password.h>
> >  #include <getopt.h>
> > +#include <environment.h>
> > +#include <globalvar.h>
> > +#include <magicvar.h>
> > +#include <init.h>
> >  
> >  #define PASSWD_MAX_LENGTH	(128 + 1)
> >  
> > @@ -31,6 +35,16 @@
> >  #define LOGIN_MODE HIDE
> >  #endif
> >  
> > +static void login_getenv_int(const char *name, int *i)
> > +{
> > +	const char* str = getenv(name);
> > +
> > +	if (!str)
> > +		return;
> > +
> > +	*i = simple_strtoul(str, NULL, 10);
> > +}
> 
> We already have getenv_ull. Should we use it here?

if I switch to dev_add_param_int no
> 
> > +
> >  static int do_login(int argc, char *argv[])
> >  {
> >  	unsigned char passwd[PASSWD_MAX_LENGTH];
> > @@ -38,6 +52,8 @@ static int do_login(int argc, char *argv[])
> >  	int timeout = 0;
> >  	char *timeout_cmd = "boot";
> >  
> > +	login_getenv_int("global.login.timeout", &timeout);
> > +
> >  	if (!is_passwd_enable()) {
> >  		puts("login: password not set\n");
> >  		return 0;
> > @@ -80,3 +96,13 @@ BAREBOX_CMD_START(login)
> >  	BAREBOX_CMD_HELP(cmd_login_help)
> >  	BAREBOX_CMD_COMPLETE(empty_complete)
> >  BAREBOX_CMD_END
> > +
> > +static int login_global_init(void)
> > +{
> > +	globalvar_add_simple("login.timeout");
> 
> globalvar_add_simple now takes an initial value, like this:
> 
> int globalvar_add_simple(const char *name, const char *value)

ok did not see the change

Best Regards,
J.
> 
> Sascha
> 
> -- 
> Pengutronix e.K.                           |                             |
> Industrial Linux Solutions                 | http://www.pengutronix.de/  |
> Peiner Str. 6-8, 31137 Hildesheim, Germany | Phone: +49-5121-206917-0    |
> Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |

_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox

^ permalink raw reply	[flat|nested] 10+ messages in thread

* Re: [PATCH 2/4] login: disable input console if password wrong
  2013-09-16 14:37       ` Jean-Christophe PLAGNIOL-VILLARD
@ 2013-09-16 15:15         ` Sascha Hauer
  0 siblings, 0 replies; 10+ messages in thread
From: Sascha Hauer @ 2013-09-16 15:15 UTC (permalink / raw)
  To: Jean-Christophe PLAGNIOL-VILLARD; +Cc: barebox

On Mon, Sep 16, 2013 at 04:37:33PM +0200, Jean-Christophe PLAGNIOL-VILLARD wrote:
> On 10:33 Mon 16 Sep     , Sascha Hauer wrote:
> > On Sun, Sep 15, 2013 at 01:30:52PM +0200, Jean-Christophe PLAGNIOL-VILLARD wrote:
> > > so we guarantee that barebox is secured again user interaction
> > > 
> > > +static bool console_input_allow = false;
> > > +
> > > +static int console_input_allow_set(struct device_d *dev, struct param_d *p, const char *val)
> > > +{
> > > +	int ret = dev_param_set_generic(dev, p, val);
> > > +
> > > +	if (val && simple_strtoul(val, NULL, 10))
> > > +		console_input_allow = true;
> > > +	else
> > > +		console_input_allow = false;
> > > +
> > > +	return ret;
> > > +}
> > > +
> > > +static int console_global_init(void)
> > > +{
> > > +	globalvar_add("console.input_allow", console_input_allow_set, NULL, 0);
> > > +
> > > +	if (IS_ENABLED(CONFIG_CMD_LOGIN) && is_passwd_enable())
> > > +		setenv("global.console.input_allow", "0");
> > > +	else
> > > +		setenv("global.console.input_allow", "1");
> > > +
> > > +	return 0;
> > > +}
> > > +late_initcall(console_global_init);
> > 
> > With the attached patch applied the above would go down to:
> > 
> > static int console_input_allow;
> > 
> > static int console_global_init(void)
> > {
> > 	dev_add_param_bool(&global_device, "console.input_allow",
> > 		NULL, NULL, &console_input_allow, NULL);
> 
> I'm not a fan to export the global_device but I like the dev_addxxx

I'm not a fan of this also. The alternative would be to:

static inline struct param_d *global_add_param_bool(const char *name,
		int (*set)(struct param_d *p, void *priv),
		int (*get)(struct param_d *p, void *priv),
		int *value, void *priv)
{
	return dev_add_param_bool(&global_device, name, get, set,
			value, priv;
}

(We would still export global_device but could convert the above to non
static inline functions later should we have to).

Sascha

-- 
Pengutronix e.K.                           |                             |
Industrial Linux Solutions                 | http://www.pengutronix.de/  |
Peiner Str. 6-8, 31137 Hildesheim, Germany | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |

_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox

^ permalink raw reply	[flat|nested] 10+ messages in thread

end of thread, other threads:[~2013-09-16 15:16 UTC | newest]

Thread overview: 10+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2013-09-15 11:28 [PATCH 0/2 v2] defaultenv-2: add login support Jean-Christophe PLAGNIOL-VILLARD
2013-09-15 11:30 ` [PATCH 1/4] login: add globalvar timeout support Jean-Christophe PLAGNIOL-VILLARD
2013-09-15 11:30   ` [PATCH 2/4] login: disable input console if password wrong Jean-Christophe PLAGNIOL-VILLARD
2013-09-16  8:33     ` Sascha Hauer
2013-09-16 14:37       ` Jean-Christophe PLAGNIOL-VILLARD
2013-09-16 15:15         ` Sascha Hauer
2013-09-15 11:30   ` [PATCH 3/4] login/passwd: add default password support Jean-Christophe PLAGNIOL-VILLARD
2013-09-15 11:30   ` [PATCH 4/4] defaultenv-2: add login support Jean-Christophe PLAGNIOL-VILLARD
2013-09-16  8:02   ` [PATCH 1/4] login: add globalvar timeout support Sascha Hauer
2013-09-16 14:39     ` Jean-Christophe PLAGNIOL-VILLARD

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox