colin/u-boot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

spl: nor: Don't allocate header on stack

Browse Source 
spl_image_info.name contains a reference to legacy_img_hdr. If we allocate
the latter on the stack, it will be clobbered after we return. This was
addressed for NAND back in 06377c5a1f ("spl: spl_legacy: Fix NAND boot on
OMAP3 BeagleBoard"), but that commit didn't fix NOR.

Signed-off-by: Sean Anderson <seanga2@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Michael Trimarchi <michael@amarulasolutions.com>
This commit is contained in:
Sean Anderson
2023-10-14 16:47:38 -04:00
committed by Tom Rini
parent 301ae61842
commit 6cc2182c84
1 changed files with 4 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
common/spl/spl_nor.c
View File

@@ -26,7 +26,7 @@ unsigned long __weak spl_nor_get_uboot_base(void)
static int spl_nor_load_image(struct spl_image_info *spl_image, static int spl_nor_load_image(struct spl_image_info *spl_image,
struct spl_boot_device *bootdev) struct spl_boot_device *bootdev)
{ {
__maybe_unused const struct legacy_img_hdr *header; struct legacy_img_hdr *header;
__maybe_unused struct spl_load_info load; __maybe_unused struct spl_load_info load;
/* /*
@@ -41,7 +41,7 @@ static int spl_nor_load_image(struct spl_image_info *spl_image,
* Load Linux from its location in NOR flash to its defined * Load Linux from its location in NOR flash to its defined
* location in SDRAM * location in SDRAM
*/ */
header = (const struct legacy_img_hdr *)CONFIG_SYS_OS_BASE; header = (void *)CONFIG_SYS_OS_BASE;
#ifdef CONFIG_SPL_LOAD_FIT #ifdef CONFIG_SPL_LOAD_FIT
if (image_get_magic(header) == FDT_MAGIC) { if (image_get_magic(header) == FDT_MAGIC) {
int ret; int ret;
@@ -91,8 +91,8 @@ static int spl_nor_load_image(struct spl_image_info *spl_image,
* Load real U-Boot from its location in NOR flash to its * Load real U-Boot from its location in NOR flash to its
* defined location in SDRAM * defined location in SDRAM
*/ */
#ifdef CONFIG_SPL_LOAD_FIT
header = (const struct legacy_img_hdr *)spl_nor_get_uboot_base(); header = (const struct legacy_img_hdr *)spl_nor_get_uboot_base();
#ifdef CONFIG_SPL_LOAD_FIT
if (image_get_magic(header) == FDT_MAGIC) { if (image_get_magic(header) == FDT_MAGIC) {
debug("Found FIT format U-Boot\n"); debug("Found FIT format U-Boot\n");
load.bl_len = 1; load.bl_len = 1;
@@ -111,14 +111,11 @@ static int spl_nor_load_image(struct spl_image_info *spl_image,
/* Legacy image handling */ /* Legacy image handling */
if (IS_ENABLED(CONFIG_SPL_LEGACY_IMAGE_FORMAT)) { if (IS_ENABLED(CONFIG_SPL_LEGACY_IMAGE_FORMAT)) {
struct legacy_img_hdr hdr;
load.bl_len = 1; load.bl_len = 1;
load.read = spl_nor_load_read; load.read = spl_nor_load_read;
spl_nor_load_read(&load, spl_nor_get_uboot_base(), sizeof(hdr), &hdr);
return spl_load_legacy_img(spl_image, bootdev, &load, return spl_load_legacy_img(spl_image, bootdev, &load,
spl_nor_get_uboot_base(), spl_nor_get_uboot_base(),
&hdr); header);
} }
return -EINVAL; return -EINVAL;