[coreboot-gerrit] New patch to review for coreboot: 3dd3c3e cbfs: Enforce media->map() result checking, improve error messages
Aaron Durbin (adurbin@google.com)
gerrit at coreboot.org
Tue Apr 7 21:48:41 CEST 2015
Aaron Durbin (adurbin at google.com) just uploaded a new patch set to gerrit, which you can find at http://review.coreboot.org/9373
-gerrit
commit 3dd3c3e7f18b1b21db06d8570572f03ae2659699
Author: Julius Werner <jwerner at chromium.org>
Date: Fri Oct 10 14:11:11 2014 -0700
cbfs: Enforce media->map() result checking, improve error messages
If you try to boot a VBOOT2_VERIFY_FIRMWARE with less than 4K CBFS cache
right now, your system will try and fail to validate the FMAP signature
at (u8 *)0xFFFFFFFF and go into recovery mode. This patch avoids the
memcmp() to potentially invalid memory, and also adds an error message
to cbfs_simple_buffer_map() to make it explicit that we ran out of CBFS
cache space.
BUG=None
TEST=Booted on Veyron_Pinky with reduced CBFS cache, saw the message.
Original-Change-Id: Ic5773b4e0b36dc621513f58fc9bd29c17afbf1b7
Original-Signed-off-by: Julius Werner <jwerner at chromium.org>
Original-Reviewed-on: https://chromium-review.googlesource.com/222899
Original-Reviewed-by: Aaron Durbin <adurbin at chromium.org>
(cherry picked from commit 0ed3c0c2b63be0d32e8162faf892e41cef1f1f23)
Signed-off-by: Aaron Durbin <adurbin at chromium.org>
Change-Id: I20ccac83bff4a377caca6327d0e21032efff44c1
---
src/lib/cbfs.c | 5 ++++-
src/vendorcode/google/chromeos/fmap.c | 3 ++-
2 files changed, 6 insertions(+), 2 deletions(-)
diff --git a/src/lib/cbfs.c b/src/lib/cbfs.c
index fc6e887..84638da 100644
--- a/src/lib/cbfs.c
+++ b/src/lib/cbfs.c
@@ -175,8 +175,11 @@ void *cbfs_simple_buffer_map(struct cbfs_simple_buffer *buffer,
"allocated=%zd, size=%zd, last_allocate=%zd\n",
offset, count, buffer->allocated, buffer->size,
buffer->last_allocate);
- if (buffer->allocated + count > buffer->size)
+ if (buffer->allocated + count > buffer->size) {
+ ERROR("simple_buffer: no room to map %zd bytes from %#zx\n",
+ count, offset);
return CBFS_MEDIA_INVALID_MAP_ADDRESS;
+ }
if (media->read(media, address, offset, count) != count) {
ERROR("simple_buffer: fail to read %zd bytes from 0x%zx\n",
count, offset);
diff --git a/src/vendorcode/google/chromeos/fmap.c b/src/vendorcode/google/chromeos/fmap.c
index a8425c0..7c1f626 100644
--- a/src/vendorcode/google/chromeos/fmap.c
+++ b/src/vendorcode/google/chromeos/fmap.c
@@ -51,7 +51,8 @@ const struct fmap *fmap_find(void)
media->close(media);
#endif
- if (memcmp(fmap, FMAP_SIGNATURE, sizeof(FMAP_SIGNATURE)-1)) {
+ if (fmap == CBFS_MEDIA_INVALID_MAP_ADDRESS ||
+ memcmp(fmap, FMAP_SIGNATURE, sizeof(FMAP_SIGNATURE) - 1)) {
printk(BIOS_DEBUG, "No FMAP found at %p.\n", fmap);
return NULL;
}
More information about the coreboot-gerrit
mailing list