| Message ID | 1526578856-30967-3-git-send-email-thuth@redhat.com |
|---|---|
| State | Superseded |
| Headers | show |
| Series | Support network booting with pxelinux.cfg files | expand |
On Thu, 17 May 2018 19:40:49 +0200 Thomas Huth <thuth@redhat.com> wrote: > The obp-tftp package is currently using an arbitrary large value > as maximal load size. If the downloaded file is big enough, we > can easily erase Paflof in memory this way. Let's make sure that > this can not happen by limiting the size to the amount of memory > below the Paflof binary (which is close to the end of the RAM). > > Signed-off-by: Thomas Huth <thuth@redhat.com> > --- > slof/fs/packages/obp-tftp.fs | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/slof/fs/packages/obp-tftp.fs b/slof/fs/packages/obp-tftp.fs > index 19c11e1..7be56ed 100644 > --- a/slof/fs/packages/obp-tftp.fs > +++ b/slof/fs/packages/obp-tftp.fs > @@ -24,7 +24,7 @@ s" obp-tftp" device-name > my-parent ihandle>phandle node>path encode-string > s" bootpath" set-chosen > > - 60000000 ( addr maxlen ) > + paflof-start over - ( addr maxlen ) > Default load-base is 0x4000 with qemu, but it is 0x10000000 for js2x. Are we sure that paflof-start > load-base for js2x ? > \ Add OBP-TFTP Bootstring argument, e.g. "10.128.0.1,bootrom.bin,10.128.40.1" > my-args
On 18.05.2018 16:37, Greg Kurz wrote: > On Thu, 17 May 2018 19:40:49 +0200 > Thomas Huth <thuth@redhat.com> wrote: > >> The obp-tftp package is currently using an arbitrary large value >> as maximal load size. If the downloaded file is big enough, we >> can easily erase Paflof in memory this way. Let's make sure that >> this can not happen by limiting the size to the amount of memory >> below the Paflof binary (which is close to the end of the RAM). >> >> Signed-off-by: Thomas Huth <thuth@redhat.com> >> --- >> slof/fs/packages/obp-tftp.fs | 2 +- >> 1 file changed, 1 insertion(+), 1 deletion(-) >> >> diff --git a/slof/fs/packages/obp-tftp.fs b/slof/fs/packages/obp-tftp.fs >> index 19c11e1..7be56ed 100644 >> --- a/slof/fs/packages/obp-tftp.fs >> +++ b/slof/fs/packages/obp-tftp.fs >> @@ -24,7 +24,7 @@ s" obp-tftp" device-name >> my-parent ihandle>phandle node>path encode-string >> s" bootpath" set-chosen >> >> - 60000000 ( addr maxlen ) >> + paflof-start over - ( addr maxlen ) >> > > Default load-base is 0x4000 with qemu, but it is 0x10000000 for js2x. > > Are we sure that paflof-start > load-base for js2x ? Oh, you've got a point here. If I get board-js2x/llfw/stage2.c and slof/OF.lds right, Paflof is loaded to 0x0E100100 there. So it seems like I've got to rework this, I guess something like this should do the job: ( addr ) dup paflof-start < IF paflof-start over - ELSE MIN-RAM-SIZE over - THEN Thomas
diff --git a/slof/fs/packages/obp-tftp.fs b/slof/fs/packages/obp-tftp.fs index 19c11e1..7be56ed 100644 --- a/slof/fs/packages/obp-tftp.fs +++ b/slof/fs/packages/obp-tftp.fs @@ -24,7 +24,7 @@ s" obp-tftp" device-name my-parent ihandle>phandle node>path encode-string s" bootpath" set-chosen - 60000000 ( addr maxlen ) + paflof-start over - ( addr maxlen ) \ Add OBP-TFTP Bootstring argument, e.g. "10.128.0.1,bootrom.bin,10.128.40.1" my-args
The obp-tftp package is currently using an arbitrary large value as maximal load size. If the downloaded file is big enough, we can easily erase Paflof in memory this way. Let's make sure that this can not happen by limiting the size to the amount of memory below the Paflof binary (which is close to the end of the RAM). Signed-off-by: Thomas Huth <thuth@redhat.com> --- slof/fs/packages/obp-tftp.fs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)