From patchwork Thu Sep 11 16:45:13 2014
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Ard Biesheuvel <ard.biesheuvel@linaro.org>
X-Patchwork-Id: 37270
Return-Path: <patchwork-forward+bncBDYNJBOFRECBBJ5EY6QAKGQEHPXCIBA@linaro.org>
X-Original-To: linaro@patches.linaro.org
Delivered-To: linaro@patches.linaro.org
Received: from mail-oi0-f71.google.com (mail-oi0-f71.google.com
 [209.85.218.71])
 by ip-10-151-82-157.ec2.internal (Postfix) with ESMTPS id BE6B620454
 for <linaro@patches.linaro.org>; Thu, 11 Sep 2014 16:47:35 +0000 (UTC)
Received: by mail-oi0-f71.google.com with SMTP id e131sf39125200oig.2
 for <linaro@patches.linaro.org>; Thu, 11 Sep 2014 09:47:35 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20130820;
 h=x-gm-message-state:mime-version:delivered-to:from:to:date
 :message-id:in-reply-to:references:cc:subject:precedence:list-id
 :list-unsubscribe:list-archive:list-post:list-help:list-subscribe
 :errors-to:sender:x-original-sender
 :x-original-authentication-results:mailing-list;
 bh=O9TAPVgJIwjJca7szQnAolVLVCV2wRiW5MzxihjlU20=;
 b=KioB0+5mGdU3CS/JRFDuFECYHCWDstLt08LsSwc1fMnTXcmW+SJrA/lFlP98E49sZE
 V+EfIkrS7sfvlRncwjojY6Bqk7MH6F6aiKcukWjCWj3AmlNn3DtEZz3SpM09zjc3nZwt
 uXNAQlf9l1mFnt4uMKKECU4Le8KqFm6vcqrQfVu7g5E14TcvETkjhATqUg5x9Loo5wZI
 m1StXMhq8fxHDo+fGqmmpj5aOXF8Aq5ZDo65WwdhTzTXeJxiifjwX26Dxzi3iRPjSnBs
 z/ohWpoUtOO9C2z1nDhNSqXZujEMw3bjMWvyPr9LmrN4Gk3X+afbQjPyQoRlzbyIzQmv
 ++IA==
X-Gm-Message-State: ALoCoQkrBBhbBDPouCGYYCRA5JG16YSUj0854JaX/EmKV8rUO7w4TDOXsIFWNKY+DH5s3nEXtwGU
X-Received: by 10.43.64.202 with SMTP id xj10mr1569851icb.0.1410454055292;
 Thu, 11 Sep 2014 09:47:35 -0700 (PDT)
MIME-Version: 1.0
X-BeenThere: patchwork-forward@linaro.org
Received: by 10.140.25.176 with SMTP id 45ls247026qgt.86.gmail; Thu, 11 Sep
 2014 09:47:35 -0700 (PDT)
X-Received: by 10.53.2.10 with SMTP id bk10mr1505492vdd.48.1410454055185;
 Thu, 11 Sep 2014 09:47:35 -0700 (PDT)
Received: from mail-vc0-f176.google.com (mail-vc0-f176.google.com
 [209.85.220.176])
 by mx.google.com with ESMTPS id ee2si783581vdb.40.2014.09.11.09.47.35
 for <patchwork-forward@linaro.org>
 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128);
 Thu, 11 Sep 2014 09:47:35 -0700 (PDT)
Received-SPF: pass (google.com: domain of
 patch+caf_=patchwork-forward=linaro.org@linaro.org designates
 209.85.220.176 as permitted sender) client-ip=209.85.220.176; 
Received: by mail-vc0-f176.google.com with SMTP id la4so4340381vcb.7
 for <patchwork-forward@linaro.org>;
 Thu, 11 Sep 2014 09:47:35 -0700 (PDT)
X-Received: by 10.52.163.52 with SMTP id yf20mr1494806vdb.40.1410454055086; 
 Thu, 11 Sep 2014 09:47:35 -0700 (PDT)
X-Forwarded-To: patchwork-forward@linaro.org
X-Forwarded-For: patch@linaro.org patchwork-forward@linaro.org
Delivered-To: patch@linaro.org
Received: by 10.221.45.67 with SMTP id uj3csp620913vcb;
 Thu, 11 Sep 2014 09:47:34 -0700 (PDT)
X-Received: by 10.224.131.7 with SMTP id v7mr9661qas.5.1410454054534;
 Thu, 11 Sep 2014 09:47:34 -0700 (PDT)
Received: from lists.gnu.org (lists.gnu.org. [208.118.235.17])
 by mx.google.com with ESMTPS id b7si1868656qan.20.2014.09.11.09.47.32
 for <patch@linaro.org> (version=TLSv1 cipher=RC4-SHA bits=128/128);
 Thu, 11 Sep 2014 09:47:33 -0700 (PDT)
Received-SPF: pass (google.com: domain of
 qemu-devel-bounces+patch=linaro.org@nongnu.org designates
 208.118.235.17 as permitted sender) client-ip=208.118.235.17; 
Received: from localhost ([::1]:40072 helo=lists.gnu.org)
 by lists.gnu.org with esmtp (Exim 4.71)
 (envelope-from <qemu-devel-bounces+patch=linaro.org@nongnu.org>)
 id 1XS7Wu-00020f-0s
 for patch@linaro.org; Thu, 11 Sep 2014 12:47:32 -0400
Received: from eggs.gnu.org ([2001:4830:134:3::10]:36250)
 by lists.gnu.org with esmtp (Exim 4.71)
 (envelope-from <ard.biesheuvel@linaro.org>) id 1XS7V1-00086N-4r
 for qemu-devel@nongnu.org; Thu, 11 Sep 2014 12:45:41 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <ard.biesheuvel@linaro.org>) id 1XS7Uv-0004CD-0V
 for qemu-devel@nongnu.org; Thu, 11 Sep 2014 12:45:34 -0400
Received: from mail-we0-f170.google.com ([74.125.82.170]:51469)
 by eggs.gnu.org with esmtp (Exim 4.71)
 (envelope-from <ard.biesheuvel@linaro.org>) id 1XS7Uu-0004C2-Dg
 for qemu-devel@nongnu.org; Thu, 11 Sep 2014 12:45:28 -0400
Received: by mail-we0-f170.google.com with SMTP id u57so7203934wes.29
 for <qemu-devel@nongnu.org>; Thu, 11 Sep 2014 09:45:25 -0700 (PDT)
X-Received: by 10.180.188.65 with SMTP id fy1mr3953319wic.21.1410453922338; 
 Thu, 11 Sep 2014 09:45:22 -0700 (PDT)
Received: from ards-macbook-pro.local (cag06-7-83-153-85-71.fbx.proxad.net.
 [83.153.85.71]) by mx.google.com with ESMTPSA id
 ll20sm2078442wic.14.2014.09.11.09.45.21 for <multiple recipients>
 (version=TLSv1.1 cipher=ECDHE-RSA-RC4-SHA bits=128/128);
 Thu, 11 Sep 2014 09:45:21 -0700 (PDT)
From: Ard Biesheuvel <ard.biesheuvel@linaro.org>
To: peter.maydell@linaro.org,
	qemu-devel@nongnu.org
Date: Thu, 11 Sep 2014 18:45:13 +0200
Message-Id: <1410453915-9344-3-git-send-email-ard.biesheuvel@linaro.org>
X-Mailer: git-send-email 1.8.3.2
In-Reply-To: <1410453915-9344-1-git-send-email-ard.biesheuvel@linaro.org>
References: <1410453915-9344-1-git-send-email-ard.biesheuvel@linaro.org>
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
 [fuzzy]
X-Received-From: 74.125.82.170
Cc: christoffer.dall@linaro.org, Ard Biesheuvel <ard.biesheuvel@linaro.org>
Subject: [Qemu-devel] [PATCH v3 2/4] hw/arm/boot: pass an address limit to
 and return size from load_dtb()
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: <patchwork-forward.linaro.org>
List-Unsubscribe: <mailto:googlegroups-manage+836684582541+unsubscribe@googlegroups.com>, 
 <http://groups.google.com/a/linaro.org/group/patchwork-forward/subscribe>
List-Archive: <http://groups.google.com/a/linaro.org/group/patchwork-forward/>
List-Post: <http://groups.google.com/a/linaro.org/group/patchwork-forward/post>, 
 <mailto:patchwork-forward@linaro.org>
List-Help: <http://support.google.com/a/linaro.org/bin/topic.py?topic=25838>, 
 <mailto:patchwork-forward+help@linaro.org>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org
Sender: qemu-devel-bounces+patch=linaro.org@nongnu.org
X-Removed-Original-Auth: Dkim didn't pass.
X-Original-Sender: ard.biesheuvel@linaro.org
X-Original-Authentication-Results: mx.google.com; spf=pass (google.com:
 domain of
 patch+caf_=patchwork-forward=linaro.org@linaro.org designates
 209.85.220.176 as permitted sender)
 smtp.mail=patch+caf_=patchwork-forward=linaro.org@linaro.org
Mailing-list: list patchwork-forward@linaro.org;
 contact patchwork-forward+owners@linaro.org
X-Google-Group-Id: 836684582541

Add an address limit input parameter to load_dtb() so that we can
tell load_dtb() how much memory the dtb is allowed to consume. If
the dtb doesn't fit, return 0, otherwise return the actual size of
the loaded dtb.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
---
 hw/arm/boot.c | 34 +++++++++++++++++++++++++++++++---
 1 file changed, 31 insertions(+), 3 deletions(-)

diff --git a/hw/arm/boot.c b/hw/arm/boot.c
index 50eca931e1a4..2083aeb95d80 100644
--- a/hw/arm/boot.c
+++ b/hw/arm/boot.c
@@ -312,7 +312,26 @@ static void set_kernel_args_old(const struct arm_boot_info *info)
     }
 }
 
-static int load_dtb(hwaddr addr, const struct arm_boot_info *binfo)
+/**
+ * load_dtb() - load a device tree binary image into memory
+ * @addr:       the address to load the image at
+ * @binfo:      struct describing the boot environment
+ * @addr_limit: upper limit of the available memory area at @addr
+ *
+ * Load a device tree supplied by the machine or by the user  with the
+ * '-dtb' command line option, and put it at offset @addr in target
+ * memory.
+ *
+ * If @addr_limit contains a meaningful value (i.e., it is strictly greater
+ * than @addr), the device tree is only loaded if its size does not exceed
+ * the limit.
+ *
+ * Returns: the size of the device tree image on success,
+ *          0 if the image size exceeds the limit,
+ *          -1 on errors.
+ */
+static int load_dtb(hwaddr addr, const struct arm_boot_info *binfo,
+                    hwaddr addr_limit)
 {
     void *fdt = NULL;
     int size, rc;
@@ -341,6 +360,15 @@ static int load_dtb(hwaddr addr, const struct arm_boot_info *binfo)
         }
     }
 
+    if (addr_limit > addr && size > (addr_limit - addr)) {
+        /* Installing the device tree blob at addr would exceed addr_limit.
+         * Whether this constitutes failure is up to the caller to decide,
+         * so just return 0 as size, i.e., no error.
+         */
+        g_free(fdt);
+        return 0;
+    }
+
     acells = qemu_fdt_getprop_cell(fdt, "/", "#address-cells");
     scells = qemu_fdt_getprop_cell(fdt, "/", "#size-cells");
     if (acells == 0 || scells == 0) {
@@ -403,7 +431,7 @@ static int load_dtb(hwaddr addr, const struct arm_boot_info *binfo)
 
     g_free(fdt);
 
-    return 0;
+    return size;
 
 fail:
     g_free(fdt);
@@ -572,7 +600,7 @@ void arm_load_kernel(ARMCPU *cpu, struct arm_boot_info *info)
              */
             hwaddr dtb_start = QEMU_ALIGN_UP(info->initrd_start + initrd_size,
                                              4096);
-            if (load_dtb(dtb_start, info)) {
+            if (load_dtb(dtb_start, info, 0) < 0) {
                 exit(1);
             }
             fixupcontext[FIXUP_ARGPTR] = dtb_start;