diff options
author | stefanct <stefanct@2b7e53f0-3cfb-0310-b3e9-8179ed1497e1> | 2013-09-23 15:32:25 +0000 |
---|---|---|
committer | stefanct <stefanct@2b7e53f0-3cfb-0310-b3e9-8179ed1497e1> | 2013-09-23 15:32:25 +0000 |
commit | 1694aaca589ae801eac0155d0552c328ccb51ded (patch) | |
tree | 7e1ce5783126c9ebe77be91b646022a872fb36d6 | |
parent | 92126a64473c8d659c2bbaa3fafe9d7951c9d42f (diff) | |
download | flashrom-0.9.7.tar.gz |
layout: Verify layout entries before building a new image using them.0.9.7
This fixes a SEGFAULT if a layout entry is included that addresses memory
outside the current chip's address range. flashrom will only abort if the
offending region(s) is/are included else it will just warn.
It will print warnings for regions with negative or zero-length address
ranges too, but it will only abort if they are included with -i/--image to reduce
the potential of regressions. This is different to the patch committed to
the development branch in r1751.
Also, abort for non-write operations if a layout file is given because
there is no layout support for non-write operations yet, and some reports
show that users expect it to work at least for -r/--read.
Signed-off-by: Stefan Tauner <stefan.tauner@student.tuwien.ac.at>
Acked-by: Carl-Daniel Hailfinger <c-d.hailfinger.devel.2006@gmx.net>
git-svn-id: https://code.coreboot.org/svn/flashrom/branches/0.9.7@1752 2b7e53f0-3cfb-0310-b3e9-8179ed1497e1
-rw-r--r-- | cli_classic.c | 6 | ||||
-rw-r--r-- | flash.h | 11 | ||||
-rw-r--r-- | flashrom.8 | 2 | ||||
-rw-r--r-- | flashrom.c | 11 | ||||
-rw-r--r-- | layout.c | 31 |
5 files changed, 53 insertions, 8 deletions
diff --git a/cli_classic.c b/cli_classic.c index 4c71d07..820a79a 100644 --- a/cli_classic.c +++ b/cli_classic.c @@ -372,6 +372,12 @@ int main(int argc, char *argv[]) ret = 1; goto out; } + if (layoutfile != NULL && !write_it) { + msg_gerr("Layout files are currently supported for write operations only.\n"); + ret = 1; + goto out; + } + if (process_include_args()) { ret = 1; goto out; @@ -45,6 +45,14 @@ typedef uintptr_t chipaddr; #define PRIxPTR_WIDTH ((int)(sizeof(uintptr_t)*2)) +/* Types and macros regarding the maximum flash space size supported by generic code. */ +typedef uint32_t chipoff_t; /* Able to store any addressable offset within a supported flash memory. */ +typedef uint32_t chipsize_t; /* Able to store the number of bytes of any supported flash memory. */ +#define FL_MAX_CHIPADDR_BITS (24) +#define FL_MAX_CHIPADDR ((chipoff_t)(1ULL<<FL_MAX_CHIPADDR_BITS)-1) +#define PRIxCHIPADDR "06"PRIx32 +#define PRIuCHIPSIZE PRIu32 + int register_shutdown(int (*function) (void *data), void *data); void *programmer_map_flash_region(const char *descr, uintptr_t phys_addr, size_t len); void programmer_unmap_flash_region(void *virt_addr, size_t len); @@ -319,7 +327,8 @@ __attribute__((format(printf, 2, 3))); int register_include_arg(char *name); int process_include_args(void); int read_romlayout(char *name); -int handle_romentries(const struct flashctx *flash, uint8_t *oldcontents, uint8_t *newcontents); +int normalize_romentries(const struct flashctx *flash); +int build_new_image(const struct flashctx *flash, uint8_t *oldcontents, uint8_t *newcontents); /* spi.c */ struct spi_command { @@ -106,7 +106,7 @@ size for the flash bus. Read ROM layout from .BR <file> . .sp -flashrom supports ROM layouts. This allows you to flash certain parts of +flashrom supports ROM layouts in write operations only. This allows you to flash certain parts of the flash chip only. A ROM layout file contains multiple lines with the following syntax: .sp @@ -1904,6 +1904,12 @@ int doit(struct flashctx *flash, int force, const char *filename, int read_it, goto out_nofree; } + if (normalize_romentries(flash)) { + msg_cerr("Requested regions can not be handled. Aborting.\n"); + ret = 1; + goto out_nofree; + } + /* Given the existence of read locks, we want to unlock for read, * erase and write. */ @@ -1983,9 +1989,8 @@ int doit(struct flashctx *flash, int force, const char *filename, int read_it, } msg_cinfo("done.\n"); - // This should be moved into each flash part's code to do it - // cleanly. This does the job. - handle_romentries(flash, oldcontents, newcontents); + /* Build a new image taking the given layout into account. */ + build_new_image(flash, oldcontents, newcontents); // //////////////////////////////////////////////////////////// @@ -30,8 +30,8 @@ static int romimages = 0; #define MAX_ROMLAYOUT 32 typedef struct { - unsigned int start; - unsigned int end; + chipoff_t start; + chipoff_t end; unsigned int included; char name[256]; } romlayout_t; @@ -217,7 +217,32 @@ romlayout_t *get_next_included_romentry(unsigned int start) return best_entry; } -int handle_romentries(const struct flashctx *flash, uint8_t *oldcontents, uint8_t *newcontents) +/* Validate and - if needed - normalize layout entries. */ +int normalize_romentries(const struct flashctx *flash) +{ + chipsize_t total_size = flash->chip->total_size * 1024; + int ret = 0; + + int i; + for (i = 0; i < romimages; i++) { + if (rom_entries[i].start >= total_size || rom_entries[i].end >= total_size) { + msg_gwarn("Warning: Address range of region \"%s\" exceeds the current chip's " + "address space.\n", rom_entries[i].name); + if (rom_entries[i].included) + ret = 1; + } + if (rom_entries[i].start > rom_entries[i].end) { + msg_gwarn("Warning: Size of the address range of region \"%s\" is not positive.\n", + rom_entries[i].name); + if (rom_entries[i].included) + ret = 1; + } + } + + return ret; +} + +int build_new_image(const struct flashctx *flash, uint8_t *oldcontents, uint8_t *newcontents) { unsigned int start = 0; romlayout_t *entry; |