diff options
| author | Sean Anderson | 2023-10-14 16:47:38 -0400 |
|---|---|---|
| committer | Tom Rini | 2023-10-17 20:50:52 -0400 |
| commit | 6cc2182c84a94d7d765b392e4801cc3e11f404ca (patch) | |
| tree | 1d4e349c0b51fd9bc895ce7f5e8f1439bd27d1cc | |
| parent | 301ae618424f48daba766cb0164a752623f8dbec (diff) | |
spl: nor: Don't allocate header on stack
spl_image_info.name contains a reference to legacy_img_hdr. If we allocate
the latter on the stack, it will be clobbered after we return. This was
addressed for NAND back in 06377c5a1fc ("spl: spl_legacy: Fix NAND boot on
OMAP3 BeagleBoard"), but that commit didn't fix NOR.
Signed-off-by: Sean Anderson <seanga2@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Michael Trimarchi <michael@amarulasolutions.com>
| -rw-r--r-- | common/spl/spl_nor.c | 11 |
1 files changed, 4 insertions, 7 deletions
diff --git a/common/spl/spl_nor.c b/common/spl/spl_nor.c index 79d4f1d7aa8..c141a9ae629 100644 --- a/common/spl/spl_nor.c +++ b/common/spl/spl_nor.c @@ -26,7 +26,7 @@ unsigned long __weak spl_nor_get_uboot_base(void) static int spl_nor_load_image(struct spl_image_info *spl_image, struct spl_boot_device *bootdev) { - __maybe_unused const struct legacy_img_hdr *header; + struct legacy_img_hdr *header; __maybe_unused struct spl_load_info load; /* @@ -41,7 +41,7 @@ static int spl_nor_load_image(struct spl_image_info *spl_image, * Load Linux from its location in NOR flash to its defined * location in SDRAM */ - header = (const struct legacy_img_hdr *)CONFIG_SYS_OS_BASE; + header = (void *)CONFIG_SYS_OS_BASE; #ifdef CONFIG_SPL_LOAD_FIT if (image_get_magic(header) == FDT_MAGIC) { int ret; @@ -91,8 +91,8 @@ static int spl_nor_load_image(struct spl_image_info *spl_image, * Load real U-Boot from its location in NOR flash to its * defined location in SDRAM */ -#ifdef CONFIG_SPL_LOAD_FIT header = (const struct legacy_img_hdr *)spl_nor_get_uboot_base(); +#ifdef CONFIG_SPL_LOAD_FIT if (image_get_magic(header) == FDT_MAGIC) { debug("Found FIT format U-Boot\n"); load.bl_len = 1; @@ -111,14 +111,11 @@ static int spl_nor_load_image(struct spl_image_info *spl_image, /* Legacy image handling */ if (IS_ENABLED(CONFIG_SPL_LEGACY_IMAGE_FORMAT)) { - struct legacy_img_hdr hdr; - load.bl_len = 1; load.read = spl_nor_load_read; - spl_nor_load_read(&load, spl_nor_get_uboot_base(), sizeof(hdr), &hdr); return spl_load_legacy_img(spl_image, bootdev, &load, spl_nor_get_uboot_base(), - &hdr); + header); } return -EINVAL; |