[PATCH] ignore huge OF properties

Julie DeWandel jdewand at redhat.com
Thu Mar 18 07:32:14 EST 2004


In addition to the patch you provided, it is also necessary to ensure
that the initrd image cannot be overwritten by calls into prom such as:

	pp->length = (int)(long) call_prom(RELOC("getprop"), 4, 1, node,
					   namep,valp, mem_end - mem_start);

Here, mem_end needs to have been carefully chosen so that it doesn't
start somewhere in the middle of the initrd image or past it. However,
mem_end is arbitrarily chosen by copy_device_node to be 8MB beyond the
starting mem_start value. In code I have been working with, mem_end has
landed well into the initrd memory image.

The attached patch corrects this problem for the 2.6 ameslab tree.
Please consider pushing it to ameslab, as I don't know how to do that.


Anton Blanchard wrote:

>Im just about to commit this patch. We have some versions of firmware
>out there that have huge OF properties. So huge that we end up overwriting
>our initrd.
>Place a 1MB limit and warn bitterly if its over this. Also fix a use
>of package-to-path where the variable was 64bytes but we would pass in
>a length of 255.

Julie DeWandel <jdewand at redhat.com>
Red Hat, Inc.
Tel (978) 692-3113 x23251

-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: initrd_overwrite_fix
Url: http://ozlabs.org/pipermail/linuxppc64-dev/attachments/20040317/2c097333/attachment.txt 

More information about the Linuxppc64-dev mailing list