diff options
author | Simon Goldschmidt | 2019-01-14 22:38:19 +0100 |
---|---|---|
committer | Tom Rini | 2019-01-16 16:37:05 -0500 |
commit | aa3c609e2be5a837e7b81e308d47f55b67666bd6 (patch) | |
tree | 4e1e3090b5ec43ed88cc2790c080b2a790679d78 /include | |
parent | 4cc8af8037ebabd674d0a6bed202b0c711dc7699 (diff) |
fs: prevent overwriting reserved memory
This fixes CVE-2018-18440 ("insufficient boundary checks in filesystem
image load") by using lmb to check the load size of a file against
reserved memory addresses.
Signed-off-by: Simon Goldschmidt <simon.k.r.goldschmidt@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Diffstat (limited to 'include')
-rw-r--r-- | include/lmb.h | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/include/lmb.h b/include/lmb.h index 7d7e2a78dc0..62da85e716e 100644 --- a/include/lmb.h +++ b/include/lmb.h @@ -31,6 +31,8 @@ struct lmb { extern struct lmb lmb; extern void lmb_init(struct lmb *lmb); +extern void lmb_init_and_reserve(struct lmb *lmb, phys_addr_t base, + phys_size_t size, void *fdt_blob); extern long lmb_add(struct lmb *lmb, phys_addr_t base, phys_size_t size); extern long lmb_reserve(struct lmb *lmb, phys_addr_t base, phys_size_t size); extern phys_addr_t lmb_alloc(struct lmb *lmb, phys_size_t size, ulong align); |