jcs.org / u-boot
"Das U-Boot" Source Tree
0
fork

Configure Feed

Select the types of activity you want to include in your feed.

Merge patch series "common/spl fixes"

This series from Mikhail Kshevetskiy <mikhail.kshevetskiy@iopsys.eu>
fixes some regressions related to handling of FIT images with broken
contents that was introduced in this merge window.

Link: https://lore.kernel.org/r/20250610095632.1085431-1-mikhail.kshevetskiy@iopsys.eu

Tom Rini 721eecd9 592b42ae

+46 -7
+46 -7
common/spl/spl_fit.c
··· 86 86 87 87 str = name; 88 88 for (i = 0; i < index; i++) { 89 - str = strchr(str, '\0') + 1; 90 - if (!str || (str - name >= len)) { 89 + str = memchr(str, '\0', name + len - str); 90 + if (!str) { 91 91 found = false; 92 92 break; 93 93 } 94 + str++; 94 95 } 95 96 96 97 if (!found && CONFIG_IS_ENABLED(SYSINFO) && !sysinfo_get(&sysinfo)) { ··· 199 200 * the image gets loaded to the address pointed to by the 200 201 * load_addr member in this struct, if load_addr is not 0 201 202 * 202 - * Return: 0 on success, -EPERM if this image is not the correct phase 203 + * Return: 0 on success, -EBADSLT if this image is not the correct phase 203 204 * (for CONFIG_BOOTMETH_VBE_SIMPLE_FW), or another negative error number on 204 205 * other error. 205 206 */ ··· 235 236 return ret; 236 237 } else { 237 238 log_debug("- phase mismatch, skipping this image\n"); 238 - return -EPERM; 239 + return -EBADSLT; 239 240 } 240 241 } 241 242 ··· 474 475 image_info.load_addr = (ulong)tmpbuffer; 475 476 ret = load_simple_fit(info, offset, ctx, node, 476 477 &image_info); 477 - if (ret == -EPERM) 478 + if (ret == -EBADSLT) 478 479 continue; 479 480 else if (ret < 0) 480 481 break; ··· 702 703 */ 703 704 size = get_aligned_image_size(info, size, 0); 704 705 buf = board_spl_fit_buffer_addr(size, size, 1); 706 + if (!buf) { 707 + /* 708 + * We assume that none of the board will ever use 0x0 as a 709 + * valid load address. Theoretically some board could use it, 710 + * but this is extremely unlikely. 711 + */ 712 + return -EIO; 713 + } 705 714 706 715 count = info->read(info, offset, size, buf); 716 + if (!count) { 717 + /* 718 + * FIT could not be read. This means we should free the 719 + * memory allocated by board_spl_fit_buffer_addr(). 720 + * Unfortunately, we don't know what memory allocation 721 + * mechanism was used: 722 + * - For the SPL_SYS_MALLOC_SIMPLE case nothing could 723 + * be done. The memory just could not be freed. 724 + * - For statically allocated memory buffer we can try 725 + * to reuse previously allocated memory (example: 726 + * board_spl_fit_buffer_addr() function from the 727 + * file test/image/spl_load.c). 728 + * - For normall malloc() -- memory leak can't be easily 729 + * avoided. To somehow reduce memory consumption the 730 + * next calls of board_spl_fit_buffer_addr() could 731 + * reallocate previously allocated buffer and use 732 + * them again. This is somethat similar to the approach 733 + * used for statically allocated buffer. 734 + * 735 + * Please note: 736 + * - FIT images with data placed outside of the FIT 737 + * structure will cause small memory leak (several 738 + * kilobytes), 739 + * - FIT images with data placed inside to the FIT 740 + * structure may cause huge memory leak (up to 741 + * several megabytes). Do NOT use such images! 742 + */ 743 + return -EIO; 744 + } 745 + 707 746 ctx->fit = buf; 708 747 debug("fit read offset %lx, size=%lu, dst=%p, count=%lu\n", 709 748 offset, size, buf, count); 710 749 711 - return (count == 0) ? -EIO : 0; 750 + return 0; 712 751 } 713 752 714 753 static int spl_simple_fit_parse(struct spl_fit_info *ctx) ··· 834 873 835 874 image_info.load_addr = 0; 836 875 ret = load_simple_fit(info, offset, &ctx, node, &image_info); 837 - if (ret < 0 && ret != -EPERM) { 876 + if (ret < 0 && ret != -EBADSLT) { 838 877 printf("%s: can't load image loadables index %d (ret = %d)\n", 839 878 __func__, index, ret); 840 879 return ret;