[LinuxBIOS] patch: extending LAR, and removing elf from linuxbios (it is not needed)
Stefan Reinauer
stepan at coresystems.de
Tue Aug 28 11:29:16 CEST 2007
* ron minnich <rminnich at gmail.com> [070828 06:16]:
> ===================================================================
> --- lib/lar.c (revision 480)
> +++ lib/lar.c (working copy)
> @@ -42,9 +49,31 @@
>
> for (walk = archive->start;
> (walk - 1) < (char *)(archive->start + archive->len - 1 ); walk += 16) {
> - if (strcmp(walk, MAGIC) != 0)
> + /* I am leaving this code in here because it is so dangerous. MAGIC is
> + * #define'd to a string. That string lives in data space. All of the 1M linuxbios
> + * image is a LAR file. Therefore, this search can walk ALL of linuxbios.
> + * IF the MAGIC string (in code space) just happens to be 16-byte aligned,
> + * Then the strcmp will succeed, and you will match a non-LAR entry,
> + * and you are screwed. can this happen? YES!
> + * LAR: Attempting to open 'fallback/initram'.
> + * LAR: Start 0xfff00000 len 0x100000
> + * LAR: current filename is normal/payload
> + * LAR: current filename is normal/option_table
> + * LAR: current filename is normal/stage2
> + * LAR: current filename is normal/initram
> + * LAR: current filename is R: it matches %s @ %p
> + * That garbage is there because the pointer is in the middle of a bunch
> + * of non-null-terminated junk. The fix is easy, as you can see.
I think the fix could be even simpler. Instead, if the first header is found,
the second header should be searched _after_ the end of the first file
in the LAR archive. Going through all of the ROM including the data
itself is plain stupid. I remember we did not do this in the beginning,
but we broke it since then.
> + if (walk[0] != 'L')
> continue;
>
> + if (strcmp(&walk[1], MAGIC) != 0)
> + continue;
> + printf(" -e pre-parse the payload ELF into LAR segments. Recommended\n\n");
> + {"parseelf", 1, 0, 'p'},
> - while ((opt = getopt_long(argc, argv, "acC:xls:b:vVh?",
--parseelf will not work like that.
> +/* NOTE -- This and the linuxbios lar.h are NOT IN SYNC. Be careful. */
What do you mean, by "not in sync"?
--
coresystems GmbH • Brahmsstr. 16 • D-79104 Freiburg i. Br.
Tel.: +49 761 7668825 • Fax: +49 761 7664613
Email: info at coresystems.de • http://www.coresystems.de/
Registergericht: Amtsgericht Freiburg • HRB 7656
Geschäftsführer: Stefan Reinauer • Ust-IdNr.: DE245674866
More information about the coreboot
mailing list