security.c
来自「U盘控制器USB97C223的固件代码,对2kPAGE NAND FLASH 有」· C语言 代码 · 共 212 行
C
212 行
/*============================================================================
____________________________________________________________________________
______________________________________________
SSSS M M CCCC Standard Microsystems Corporation
S MM MM SSSS C Austin Design Center
SSS M M M S C 11000 N. Mopac Expressway
S M M SSS C Stonelake Bldg. 6, Suite 500
SSSS M M S CCCC Austin, Texas 78759
SSSS ______________________________________________
____________________________________________________________________________
Copyright(C) 1999, Standard Microsystems Corporation
All Rights Reserved.
This program code listing is proprietary to SMSC and may not be copied,
distributed, or used without a license to do so. Such license may have
Limited or Restricted Rights. Please refer to the license for further
clarification.
____________________________________________________________________________
Notice: The program contained in this listing is a proprietary trade
secret of SMSC, Hauppauge, New York, and is copyrighted
under the United States Copyright Act of 1976 as an unpublished work,
pursuant to Section 104 and Section 408 of Title XVII of the United
States code. Unauthorized copying, adaption, distribution, use, or
display is prohibited by this law.
____________________________________________________________________________
Use, duplication, or disclosure by the Government is subject to
restrictions as set forth in subparagraph(c)(1)(ii) of the Rights
in Technical Data and Computer Software clause at DFARS 52.227-7013.
Contractor/Manufacturer is Standard Microsystems Corporation,
80 Arkay Drive, Hauppauge, New York, 1178-8847.
____________________________________________________________________________
____________________________________________________________________________
security.c - the device manager implementarion
____________________________________________________________________________
in this function, process all password-related cbs in one function to avoid accidentally
exposes functionality through export symbols
at end of function, we must somehow let caller know if we've dispatched the cb or not.
in addition, this code must be isr agnostic, and cannot be a dfa, since the cb may or may
not be a high-priority cb. (high priority cb's must process the security cb, but don't
actually make a dfa call to dispatch the cb, therefore we can't issue a dfa call here or
else we'll negate that optimization)
____________________________________________________________________________
Revision History
Date Who Comment
________ ___ _____________________________________________________________
10/07/02 cds initial version
10/10/02 cds only included sec_process_cb on k_opt_password builds
===========================================================================*/
#include "project.h"
#include "dev.h"
// DO NOT PUT THESE IN A HEADER FILE. THEY ARE INTERNAL TO THIS MODULE.
#define k_vendor_password_supported 0x00
#define k_vendor_is_locked 0x01
#define k_vendor_is_password_validated 0x02
#define k_vendor_change_password 0x03
#define k_vendor_verify_password 0x04
#define k_vendor_clear_password 0x5A
// this needs to be lun-specific
bit g_password_validated;
//---------------------------------------------------------------------
//---------------------------------------------------------------------
#define _sec_process_pwd_supported() \
{ \
trace0(0, sec, 0, "cb-vendor_password_supported"); \
_sec_result=k_command_passed; \
}
//---------------------------------------------------------------------
//---------------------------------------------------------------------
#define _sec_process_pwd_is_locked() \
{ \
uint8 firstbyte; \
firstbyte=nvstore_read(k_ix_password); \
if ((firstbyte!=0x00)&&(firstbyte!=0xFF)) \
{ \
_sec_result=k_command_passed; \
} \
trace1(0, sec, 0, "cb-vendor_is_locked, returned %d",_sec_result); \
}
//---------------------------------------------------------------------
//---------------------------------------------------------------------
#define _sec_process_pwd_is_validated() \
{ \
if (g_password_validated==k_yes) \
_sec_result=k_command_passed; \
trace1(0, sec, 0, "cb-vendor_is_password_validated, returned %d",_sec_result); \
}
//---------------------------------------------------------------------
//---------------------------------------------------------------------
#define _sec_process_pwd_change() \
{ \
trace0(0, sec, 0, "cb-vendor_change_password"); \
if (g_password_validated==k_yes) \
{ \
uint8 i; \
nvstore_write_enable(); \
for (i=0;i<k_sz_password;i++) \
nvstore_write(k_ix_password+i,g_bot_cbw.cdb[2+i]); \
nvstore_write_disable(); \
_sec_result=k_command_passed; \
}; \
}
//---------------------------------------------------------------------
//---------------------------------------------------------------------
#define _sec_process_pwd_verify() \
{ \
trace0(0, sec, 0, "cb-vendor_verify_password"); \
{ \
uint8 i; \
uint8 character; \
g_password_validated=k_yes; \
for (i=0;i<k_sz_password;i++) \
{ \
character=nvstore_read(k_ix_password+i); \
trace2(0, sec, 0, "comparing stored byte 0x%02X to received byte 0x%02X",character,g_bot_cbw.cdb[2+i]);\
if (character!=g_bot_cbw.cdb[2+i]) \
g_password_validated=k_no; \
} \
if (g_password_validated==k_yes) \
_sec_result=k_command_passed; \
} \
}
//---------------------------------------------------------------------
//---------------------------------------------------------------------
#define _sec_process_pwd_clear() \
{ \
trace0(0, sec, 0, "cb-vendor_clear_password"); \
{ \
uint8 i; \
nvstore_write_enable(); \
for (i=0;i<k_sz_password;i++) \
nvstore_write(k_ix_password+i,0x00); \
nvstore_write_disable(); \
g_password_validated=k_yes; \
_sec_result=k_command_passed; \
} \
}
//---------------------------------------------------------------------
//---------------------------------------------------------------------
#define _set_cbw_result(__val) (*(uint8 *)thread_rd_dfa_argp())=(__val)
static code uint8 _sec_pwd_clear_cdb[16]={0xcf,0x5a,0x53,0x4D,0x53,0x43,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};
static xdata t_result _sec_result;
#ifdef k_opt_password
#pragma NOAREGS
t_result sec_process_cb(void) reentrant
{
if (g_bot_cbw.cdb[0]!=k_protocol_vendor)
{
trace0(0, sec, 0, "sec_process_cb() - not a security opcode");
return k_ignored;
}
_sec_result=k_command_failed;
switch (g_bot_cbw.cdb[1]) //vendor command code
{
case k_vendor_password_supported:
_sec_process_pwd_supported() ;
break;
case k_vendor_is_locked:
_sec_process_pwd_is_locked();
break;
case k_vendor_is_password_validated:
_sec_process_pwd_is_validated();
break;
case k_vendor_change_password:
_sec_process_pwd_change();
break;
case k_vendor_verify_password:
_sec_process_pwd_verify();
break;
case k_vendor_clear_password:
// return ignored if the entire cdb doesn't match
if(memcmp(_sec_pwd_clear_cdb, &g_bot_cbw.cdb[0], 16))
return k_ignored;
_sec_process_pwd_clear();
break;
default:
trace0(0, password, 0, "sec_process_cb() - vendor command, vendor opcode unsupported");
return k_ignored ;
}
_set_cbw_result(_sec_result);
return k_success;
}
#pragma AREGS
#endif
// eof ----------------------------------------------------------------
⌨️ 快捷键说明
复制代码Ctrl + C
搜索代码Ctrl + F
全屏模式F11
增大字号Ctrl + =
减小字号Ctrl + -
显示快捷键?