From patchwork Wed Aug 17 05:32:49 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Oliver O'Halloran X-Patchwork-Id: 659902 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from lists.ozlabs.org (lists.ozlabs.org [103.22.144.68]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 3sDdF81bdtz9t0G for ; Wed, 17 Aug 2016 15:33:48 +1000 (AEST) Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b=t6T6YRNg; dkim-atps=neutral Received: from ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) by lists.ozlabs.org (Postfix) with ESMTP id 3sDdF80cnHzDr4p for ; Wed, 17 Aug 2016 15:33:48 +1000 (AEST) Authentication-Results: lists.ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b=t6T6YRNg; dkim-atps=neutral X-Original-To: skiboot@lists.ozlabs.org Delivered-To: skiboot@lists.ozlabs.org Received: from mail-pf0-x243.google.com (mail-pf0-x243.google.com [IPv6:2607:f8b0:400e:c00::243]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 3sDdDk0jK9zDr4t for ; Wed, 17 Aug 2016 15:33:26 +1000 (AEST) Authentication-Results: lists.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b=t6T6YRNg; dkim-atps=neutral Received: by mail-pf0-x243.google.com with SMTP id y134so6894424pfg.3 for ; Tue, 16 Aug 2016 22:33:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=ZhWTFKwuLFU71xvnoctv0YgGZqE78xXuiA+FW6/4fJk=; b=t6T6YRNgrPjsntLGhWMqOgiEFcWssd4UFDfgoOoNuRv/qRc5apQ+5zRb21yJyDnPE+ EqE0WhLyZGzFxXNZCbbPD4YOy6CR1urk/Tk7wMa+9JA0jDdI9dJZY8Pz1QN6+w5d6H4N OiQ/kGIYdkIK7AkGLOcjXrqxpk/FsHJur/3qJsVFfXG6IpzVcEDrDyvHTdhVk+di41eO oVwh8Of6FCesvRyPAHkmGMY8yY4hDbUlk+S4XOs5euNaIw05Q/4x9UCPihVmC3uizxTx igLGuvM9I9XL83z5MMDOTeIsBZtt6be/aMKpQhgAPeifiKyaDPWGGW3sjxExNlEn1izP 0RWw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=ZhWTFKwuLFU71xvnoctv0YgGZqE78xXuiA+FW6/4fJk=; b=NNoN/qtbNgINi1QO8Ke/ToMPQVCH+dV5lP6TEt+nq1+jhEuBITX0RVtmvkY+Pfp5JE xbE+VmqhOWSmTpWyDGSH1sLQzFLQ2e99ausq5s5naUn+fXWZ+8ca/KSr7MIjdvH3vIV5 1z6l6+LUKoggZLnnSDmjjn9BbMJOikau0q7GlgjX1wwij7Ss/FIeXrwm4T/8Cuo+TAuF SUX/iRiErDIEGPZJ0efH3Cd3TNdBsWSaeOz8Yur75N2vj6k16QpCBeMUiVYdQFLgTQlY ri+Kx6E6fVWW3MlJga+ZfKRL5g/cUrEmHb/ADSbuLMhXzmgxCab75mqb0bvhQ8zSjp95 2kwQ== X-Gm-Message-State: AEkoout48kh/4WN1xfyvyEwpCP+sX1530SU1WVvc1GiIuBm7emitAH10mbVB0ARM0dtkhA== X-Received: by 10.98.16.193 with SMTP id 62mr70935955pfq.132.1471412004460; Tue, 16 Aug 2016 22:33:24 -0700 (PDT) Received: from canetoad.ozlabs.ibm.com ([122.99.82.10]) by smtp.gmail.com with ESMTPSA id p75sm43376027pfa.71.2016.08.16.22.33.22 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 16 Aug 2016 22:33:24 -0700 (PDT) From: Oliver O'Halloran To: skiboot@lists.ozlabs.org Date: Wed, 17 Aug 2016 15:32:49 +1000 Message-Id: <1471411974-8179-3-git-send-email-oohall@gmail.com> X-Mailer: git-send-email 2.5.5 In-Reply-To: <1471411974-8179-1-git-send-email-oohall@gmail.com> References: <1471411974-8179-1-git-send-email-oohall@gmail.com> Subject: [Skiboot] [PATCH v2 2/7] nvram: ibm,skiboot NUL terminator check X-BeenThere: skiboot@lists.ozlabs.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: Mailing list for skiboot development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: skiboot-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org Sender: "Skiboot" NVRAM configuration strings are required to be NUL terminated and unused data bytes in the partition should be set to NUL. Badly behaved system software may not do this so same sanity checking is required. Ensuring that the final data byte in a partition is a NUL should be sufficient. Signed-off-by: Oliver O'Halloran --- core/nvram-format.c | 27 ++++++++++++++++++++++----- 1 file changed, 22 insertions(+), 5 deletions(-) diff --git a/core/nvram-format.c b/core/nvram-format.c index a81663ceb35f..5d15a60f05b5 100644 --- a/core/nvram-format.c +++ b/core/nvram-format.c @@ -28,6 +28,8 @@ struct chrp_nvram_hdr { char name[12]; }; +struct chrp_nvram_hdr *skiboot_part_hdr; + #define NVRAM_SIG_FW_PRIV 0x51 #define NVRAM_SIG_SYSTEM 0x70 #define NVRAM_SIG_FREE 0x7f @@ -115,7 +117,8 @@ int nvram_check(void *nvram_image, const uint32_t nvram_size) { unsigned int offset = 0; bool found_common = false; - bool found_skiboot = false; + + skiboot_part_hdr = NULL; while (offset + sizeof(struct chrp_nvram_hdr) < nvram_size) { struct chrp_nvram_hdr *h = nvram_image + offset; @@ -138,7 +141,7 @@ int nvram_check(void *nvram_image, const uint32_t nvram_size) if (h->sig == NVRAM_SIG_FW_PRIV && strcmp(h->name, NVRAM_NAME_FW_PRIV) == 0) - found_skiboot = true; + skiboot_part_hdr = h; offset += h->len << 4; if (offset > nvram_size) { @@ -151,10 +154,24 @@ int nvram_check(void *nvram_image, const uint32_t nvram_size) prerror("NVRAM: Common partition not found !\n"); goto failed; } - if (!found_skiboot) { - prerror("NVRAM: Skiboot private partition " - "not found !\n"); + + if (!skiboot_part_hdr) { + prerror("NVRAM: Skiboot private partition not found !\n"); goto failed; + } else { + /* + * The OF NVRAM format requires config strings to be NUL + * terminated and unused memory to be set to zero. Well behaved + * software should ensure this is done for us, but we should + * always check. + */ + const char *last_byte = (const char *) skiboot_part_hdr + + skiboot_part_hdr->len * 16 - 1; + + if (*last_byte != 0) { + prerror("NVRAM: Skiboot private partition is not NUL terminated"); + goto failed; + } } prlog(PR_INFO, "NVRAM: Layout appears sane\n");