[SLOF] [PATCH v2 02/11] obp-tftp: Make sure to not overwrite paflof in memory

Thomas Huth thuth at redhat.com
Sat May 19 01:45:31 AEST 2018


The obp-tftp package is currently using an arbitrary large value
as maximal load size. If the downloaded file is big enough, we
can easily erase Paflof in memory this way. Let's make sure that
this can not happen by limiting the size to the amount of memory
below the Paflof binary (which is close to the end of the RAM)
in case of board-qemu, or the amount of memory between the minimum
RAM size and the load-base on board-js2x.

Signed-off-by: Thomas Huth <thuth at redhat.com>
---
 slof/fs/packages/obp-tftp.fs | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/slof/fs/packages/obp-tftp.fs b/slof/fs/packages/obp-tftp.fs
index 19c11e1..7236624 100644
--- a/slof/fs/packages/obp-tftp.fs
+++ b/slof/fs/packages/obp-tftp.fs
@@ -24,7 +24,13 @@ s" obp-tftp" device-name
     my-parent ihandle>phandle node>path encode-string
     s" bootpath" set-chosen
 
-    60000000                        ( addr maxlen )
+    \ Determine the maximum size that we can load:
+    dup paflof-start < IF
+        paflof-start
+    ELSE
+        MIN-RAM-SIZE
+    THEN                                  ( addr endaddr )
+    over -                                ( addr maxlen )
 
     \ Add OBP-TFTP Bootstring argument, e.g. "10.128.0.1,bootrom.bin,10.128.40.1"
     my-args
-- 
1.8.3.1



More information about the SLOF mailing list