feat(sedlockctl): tool can now be used to unlock and set mbrdone

Author: bluecmd

cmd/sedlockctl/main.go

@@ -27,7 +27,12 @@ func main() {
 	flag.Parse()
 
 	if flag.NArg() == 0 {
-		fmt.Printf("Usage: %s [-flags ..] device\n", os.Args[0])
+		fmt.Printf("Usage: %s [-flags ..] device [verb...]\n", os.Args[0])
+		fmt.Printf("\nVerbs:\n")
+		fmt.Printf("  list               List all ranges (default)\n")
+		fmt.Printf("  unlock-all         Unlocks all ranges completely\n")
+		fmt.Printf("  lock-all           Lock all ranges completely\n")
+		fmt.Printf("  mbr-done on|off    Sets the MBRDone property (hide/show Shadow MBR)\n")
 		return
 	}
 	d, err := drive.Open(flag.Arg(0))
@@ -95,6 +100,37 @@ func main() {
 	}
 	defer l.Close()
 
+	args := flag.Args()[1:]
+	verb := "list"
+	if len(args) > 0 {
+		verb = args[0]
+	}
+	switch verb {
+	case "list":
+		list(l)
+	case "unlock-all":
+		unlockAll(l)
+	case "lock-all":
+		lockAll(l)
+	case "mbr-done":
+		if len(args) < 2 {
+			log.Fatalf("Missing argument to mbr-done verb")
+		}
+		var v bool
+		if args[1] == "on" {
+			v = true
+		} else if args[1] == "off" {
+			v = false
+		} else {
+			log.Fatalf("Argument %q is not 'on' or 'off'", args[1])
+		}
+		setMBRDone(l, v)
+	default:
+		log.Fatalf("Unknown verb %q", verb)
+	}
+}
+
+func list(l *locking.LockingSP) {
 	if len(l.Ranges) == 0 {
 		log.Fatalf("No available locking ranges as this user\n")
 	}
@@ -113,6 +149,40 @@ func main() {
 				strr += " [read locked]"
 			}
 		}
+		if r == l.GlobalRange {
+			strr += " [global]"
+		}
+		if r.Name != nil {
+			strr += fmt.Sprintf(" [name=%q]", *r.Name)
+		}
 		fmt.Printf("Range %3d: %s\n", i, strr)
 	}
 }
+
+func unlockAll(l *locking.LockingSP) {
+	for i, r := range l.Ranges {
+		if err := r.UnlockRead(); err != nil {
+			log.Printf("Read unlock range %d failed: %v", i, err)
+		}
+		if err := r.UnlockWrite(); err != nil {
+			log.Printf("Write unlock range %d failed: %v", i, err)
+		}
+	}
+}
+
+func lockAll(l *locking.LockingSP) {
+	for i, r := range l.Ranges {
+		if err := r.LockRead(); err != nil {
+			log.Printf("Read lock range %d failed: %v", i, err)
+		}
+		if err := r.LockWrite(); err != nil {
+			log.Printf("Write lock range %d failed: %v", i, err)
+		}
+	}
+}
+
+func setMBRDone(l *locking.LockingSP, v bool) {
+	if err := l.SetMBRDone(v); err != nil {
+		log.Fatalf("SetMBRDone failed: %v", err)
+	}
+}

pkg/core/table/locking.go

@@ -15,13 +15,20 @@ var (
 	Locking_LockingTable            = TableUID{0x00, 0x00, 0x08, 0x02, 0x00, 0x00, 0x00, 0x00}
 	LockingInfoObj           RowUID = [8]byte{0x00, 0x00, 0x08, 0x01, 0x00, 0x00, 0x00, 0x01}
 	EnterpriseLockingInfoObj RowUID = [8]byte{0x00, 0x00, 0x08, 0x01, 0x00, 0x00, 0x00, 0x00}
+	MBRControlObj            RowUID = [8]byte{0x00, 0x00, 0x08, 0x03, 0x00, 0x00, 0x00, 0x01}
 )
 
 type EncryptSupport uint
 type KeysAvailableConds uint
 
 type ResetType uint
 
+const (
+	ResetPowerOff ResetType = 0
+	ResetHardware ResetType = 1
+	ResetHotPlug  ResetType = 2
+)
+
 type LockingInfoRow struct {
 	UID                  RowUID
 	Name                 *string
@@ -252,3 +259,83 @@ func Locking_Get(s *core.Session, row RowUID) (*LockingRow, error) {
 	}
 	return &lr, nil
 }
+
+func Locking_Set(s *core.Session, row *LockingRow) error {
+	mc := NewSetCall(s, row.UID)
+
+	if row.Name != nil {
+		mc.StartOptionalParameter(1, "Name")
+		mc.Bytes([]byte(*row.Name))
+		mc.EndOptionalParameter()
+	}
+
+	// TODO: Add these columns
+	//mc.StartOptionalParameter(3, "RangeStart")
+	//mc.StartOptionalParameter(4, "RangeLength")
+	//mc.StartOptionalParameter(5, "ReadLockEnabled")
+	//mc.StartOptionalParameter(6, "WriteLockEnabled")
+
+	if row.ReadLockEnabled != nil {
+		mc.StartOptionalParameter(5, "ReadLockEnabled")
+		mc.Bool(*row.ReadLockEnabled)
+		mc.EndOptionalParameter()
+	}
+	if row.WriteLockEnabled != nil {
+		mc.StartOptionalParameter(6, "WriteLockEnabled")
+		mc.Bool(*row.WriteLockEnabled)
+		mc.EndOptionalParameter()
+	}
+	if row.ReadLocked != nil {
+		mc.StartOptionalParameter(7, "ReadLocked")
+		mc.Bool(*row.ReadLocked)
+		mc.EndOptionalParameter()
+	}
+
+	if row.WriteLocked != nil {
+		mc.StartOptionalParameter(8, "WriteLocked")
+		mc.Bool(*row.WriteLocked)
+		mc.EndOptionalParameter()
+	}
+
+	// TODO: Add these columns
+	//mc.StartOptionalParameter(8, "WriteLocked")
+	//mc.StartOptionalParameter(9, "LockOnReset")
+	//mc.StartOptionalParameter(10, "ActiveKey")
+
+	FinishSetCall(s, mc)
+	_, err := s.ExecuteMethod(mc)
+	return err
+}
+
+type MBRControl struct {
+	Enable         *bool
+	Done           *bool
+	MBRDoneOnReset *[]ResetType
+}
+
+func MBRControl_Set(s *core.Session, row *MBRControl) error {
+	mc := NewSetCall(s, MBRControlObj)
+
+	if row.Enable != nil {
+		mc.StartOptionalParameter(1, "Enable")
+		mc.Bool(*row.Enable)
+		mc.EndOptionalParameter()
+	}
+	if row.Done != nil {
+		mc.StartOptionalParameter(2, "Done")
+		mc.Bool(*row.Done)
+		mc.EndOptionalParameter()
+	}
+	if row.MBRDoneOnReset != nil {
+		mc.StartOptionalParameter(3, "MBRDoneOnReset")
+		mc.StartList()
+		for _, x := range *row.MBRDoneOnReset {
+			mc.UInt(uint(x))
+		}
+		mc.EndList()
+		mc.EndOptionalParameter()
+	}
+	FinishSetCall(s, mc)
+	_, err := s.ExecuteMethod(mc)
+	return err
+}

pkg/core/table/table.go

@@ -27,8 +27,10 @@ var (
 	Table_ColumnUID uint = 0
 
 	MethodIDEnterpriseGet          core.MethodID = [8]byte{0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x06}
+	MethodIDEnterpriseSet          core.MethodID = [8]byte{0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x07}
 	MethodIDGetACL                 core.MethodID = [8]byte{0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x0D}
 	MethodIDGet                    core.MethodID = [8]byte{0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x16}
+	MethodIDSet                    core.MethodID = [8]byte{0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x17}
 	MethodIDNext                   core.MethodID = [8]byte{0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x08}
 	MethodIDAuthenticate           core.MethodID = [8]byte{0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x1C}
 	MethodIDEnterpriseAuthenticate core.MethodID = [8]byte{0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x0C}
@@ -196,3 +198,34 @@ func parseRowValues(rv stream.List) (map[string]interface{}, error) {
 	}
 	return res, nil
 }
+
+func NewSetCall(s *core.Session, row RowUID) *core.MethodCall {
+	setUID := core.MethodID{}
+	if s.ProtocolLevel == core.ProtocolLevelEnterprise {
+		copy(setUID[:], MethodIDEnterpriseSet[:])
+	} else {
+		copy(setUID[:], MethodIDSet[:])
+	}
+	mc := s.NewMethodCall(core.InvokingID(row), setUID)
+	if s.ProtocolLevel == core.ProtocolLevelEnterprise {
+		// The two first arguments in ESET are required, and RowValues has an extra list
+		mc.StartList()
+		mc.EndList()
+		mc.StartList()
+		mc.StartList()
+	} else {
+		mc.StartOptionalParameter(1, "Values")
+		mc.StartList()
+	}
+	return mc
+}
+
+func FinishSetCall(s *core.Session, mc *core.MethodCall) {
+	if s.ProtocolLevel == core.ProtocolLevelEnterprise {
+		mc.EndList()
+		mc.EndList()
+	} else {
+		mc.EndList()
+		mc.EndOptionalParameter()
+	}
+}

pkg/locking/locking.go

@@ -31,8 +31,9 @@ type LockingSP struct {
 	Ranges      []*Range // Ranges[0] == GlobalRange
 
 	// These are always false on SSC Enterprise
-	MBREnabled bool
-	MBRDone    bool
+	MBREnabled     bool
+	MBRDone        bool
+	MBRDoneOnReset []table.ResetType
 }
 
 func (l *LockingSP) Close() error {
@@ -122,8 +123,12 @@ func NewSession(cs *core.ControlSession, lmeta *LockingSPMeta, auth LockingSPAut
 
 	l := &LockingSP{Session: s}
 
+	// TODO: These can be read from the LockingSP instead, it would be cleaner
+	// to not have to drag D0 in the SPMeta.
 	l.MBRDone = lmeta.D0.Locking.MBRDone
 	l.MBREnabled = lmeta.D0.Locking.MBREnabled
+	// TODO: Set MBRDoneOnReset to real value
+	l.MBRDoneOnReset = []table.ResetType{table.ResetPowerOff}
 
 	if err := fillRanges(s, l); err != nil {
 		return nil, err
@@ -272,3 +277,8 @@ func initializeOpalFamily(s *core.Session, d0 *core.Level0Discovery, ic *initial
 	// TODO: lockdown
 	return nil
 }
+
+func (l *LockingSP) SetMBRDone(v bool) error {
+	mbr := &table.MBRControl{Done: &v}
+	return table.MBRControl_Set(l.Session, mbr)
+}