From: Ard Biesheuvel <ard.biesheuvel@linaro.org>
To: peter.maydell@linaro.org, qemu-devel@nongnu.org
Cc: christoffer.dall@linaro.org, Ard Biesheuvel <ard.biesheuvel@linaro.org>
Subject: [Qemu-devel] [PATCH v2 2/4] hw/arm/boot: pass an address limit to and return size from load_dtb()
Date: Wed, 10 Sep 2014 12:59:48 +0200 [thread overview]
Message-ID: <1410346790-31743-3-git-send-email-ard.biesheuvel@linaro.org> (raw)
In-Reply-To: <1410346790-31743-1-git-send-email-ard.biesheuvel@linaro.org>
Add an address limit input parameter to load_dtb() so that we can
tell it how much memory the dtb is allowed to consume. If the dtb
doesn't fit, return 0, otherwise return the actual size of the
loaded dtb, or -1 on error.
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
---
hw/arm/boot.c | 16 +++++++++++++---
1 file changed, 13 insertions(+), 3 deletions(-)
diff --git a/hw/arm/boot.c b/hw/arm/boot.c
index 50eca931e1a4..014fab347b09 100644
--- a/hw/arm/boot.c
+++ b/hw/arm/boot.c
@@ -312,7 +312,8 @@ static void set_kernel_args_old(const struct arm_boot_info *info)
}
}
-static int load_dtb(hwaddr addr, const struct arm_boot_info *binfo)
+static int load_dtb(hwaddr addr, const struct arm_boot_info *binfo,
+ hwaddr addr_limit)
{
void *fdt = NULL;
int size, rc;
@@ -341,6 +342,15 @@ static int load_dtb(hwaddr addr, const struct arm_boot_info *binfo)
}
}
+ if (addr_limit > addr && size > (addr_limit - addr)) {
+ /* We have been given a non-zero address limit and we have exceeded
+ * it. Whether this is constitues a failure is up to the caller to
+ * decide, so just return 0 as size, i.e., no error.
+ */
+ g_free(fdt);
+ return 0;
+ }
+
acells = qemu_fdt_getprop_cell(fdt, "/", "#address-cells");
scells = qemu_fdt_getprop_cell(fdt, "/", "#size-cells");
if (acells == 0 || scells == 0) {
@@ -403,7 +413,7 @@ static int load_dtb(hwaddr addr, const struct arm_boot_info *binfo)
g_free(fdt);
- return 0;
+ return size;
fail:
g_free(fdt);
@@ -572,7 +582,7 @@ void arm_load_kernel(ARMCPU *cpu, struct arm_boot_info *info)
*/
hwaddr dtb_start = QEMU_ALIGN_UP(info->initrd_start + initrd_size,
4096);
- if (load_dtb(dtb_start, info)) {
+ if (load_dtb(dtb_start, info, 0) < 0) {
exit(1);
}
fixupcontext[FIXUP_ARGPTR] = dtb_start;
--
1.8.3.2
next prev parent reply other threads:[~2014-09-10 11:00 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-09-10 10:59 [Qemu-devel] [PATCH v2 0/4] ARM: load_dtb() changes for -bios and ELF images Ard Biesheuvel
2014-09-10 10:59 ` [Qemu-devel] [PATCH v2 1/4] hw/arm/boot: load DTB as a ROM image Ard Biesheuvel
2014-09-10 10:59 ` Ard Biesheuvel [this message]
2014-09-11 11:05 ` [Qemu-devel] [PATCH v2 2/4] hw/arm/boot: pass an address limit to and return size from load_dtb() Peter Maydell
2014-09-10 10:59 ` [Qemu-devel] [PATCH v2 3/4] hw/arm/boot: load device tree to base of DRAM if no -kernel option was passed Ard Biesheuvel
2014-09-10 10:59 ` [Qemu-devel] [PATCH v2 4/4] hw/arm/boot: enable DTB support when booting ELF images Ard Biesheuvel
2014-09-10 11:21 ` Peter Maydell
2014-09-10 11:28 ` Ard Biesheuvel
2014-09-10 11:35 ` Peter Maydell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1410346790-31743-3-git-send-email-ard.biesheuvel@linaro.org \
--to=ard.biesheuvel@linaro.org \
--cc=christoffer.dall@linaro.org \
--cc=peter.maydell@linaro.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).