[PATCH] ignore huge OF properties

Julie DeWandel jdewand at redhat.com
Thu Mar 18 07:32:14 EST 2004


Hi,

In addition to the patch you provided, it is also necessary to ensure
that the initrd image cannot be overwritten by calls into prom such as:

	pp->length = (int)(long) call_prom(RELOC("getprop"), 4, 1, node,
					   namep,valp, mem_end - mem_start);


Here, mem_end needs to have been carefully chosen so that it doesn't
start somewhere in the middle of the initrd image or past it. However,
mem_end is arbitrarily chosen by copy_device_node to be 8MB beyond the
starting mem_start value. In code I have been working with, mem_end has
landed well into the initrd memory image.

The attached patch corrects this problem for the 2.6 ameslab tree.
Please consider pushing it to ameslab, as I don't know how to do that.

Julie


Anton Blanchard wrote:

>Hi,
>
>Im just about to commit this patch. We have some versions of firmware
>out there that have huge OF properties. So huge that we end up overwriting
>our initrd.
>
>Place a 1MB limit and warn bitterly if its over this. Also fix a use
>of package-to-path where the variable was 64bytes but we would pass in
>a length of 255.
>
>Anton
>
>
>

--
Julie DeWandel <jdewand at redhat.com>
Red Hat, Inc.
Tel (978) 692-3113 x23251


-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: initrd_overwrite_fix
Url: http://ozlabs.org/pipermail/linuxppc64-dev/attachments/20040317/2c097333/attachment.txt 


More information about the Linuxppc64-dev mailing list