fdt: Check for overlapping data and FDT
If the FDT overlaps with the data region of the image, or with the stack, it can become corrupted before relocation. Add a check for this, behind a debug flag, as it can be very confusing and time-consuming to debug. Signed-off-by: Simon Glass <sjg@chromium.org>
This commit is contained in:
23
lib/fdtdec.c
23
lib/fdtdec.c
@@ -1231,6 +1231,29 @@ static void *fdt_find_separate(void)
|
|||||||
#else
|
#else
|
||||||
/* FDT is at end of image */
|
/* FDT is at end of image */
|
||||||
fdt_blob = (ulong *)&_end;
|
fdt_blob = (ulong *)&_end;
|
||||||
|
|
||||||
|
if (_DEBUG && !fdtdec_prepare_fdt(fdt_blob)) {
|
||||||
|
int stack_ptr;
|
||||||
|
const void *top = fdt_blob + fdt_totalsize(fdt_blob);
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Perform a sanity check on the memory layout. If this fails,
|
||||||
|
* it indicates that the device tree is positioned above the
|
||||||
|
* global data pointer or the stack pointer. This should not
|
||||||
|
* happen.
|
||||||
|
*
|
||||||
|
* If this fails, check that SYS_INIT_SP_ADDR has enough space
|
||||||
|
* below it for SYS_MALLOC_F_LEN and global_data, as well as the
|
||||||
|
* stack, without overwriting the device tree or U-Boot itself.
|
||||||
|
* Since the device tree is sitting at _end (the start of the
|
||||||
|
* BSS region), we need the top of the device tree to be below
|
||||||
|
* any memory allocated by board_init_f_alloc_reserve().
|
||||||
|
*/
|
||||||
|
if (top > (void *)gd || top > (void *)&stack_ptr) {
|
||||||
|
printf("FDT %p gd %p\n", fdt_blob, gd);
|
||||||
|
panic("FDT overlap");
|
||||||
|
}
|
||||||
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
return fdt_blob;
|
return fdt_blob;
|
||||||
|
Reference in New Issue
Block a user