diff options
author | Julius Werner <jwerner@chromium.org> | 2019-05-03 17:58:07 -0700 |
---|---|---|
committer | Patrick Georgi <pgeorgi@google.com> | 2019-06-04 11:22:47 +0000 |
commit | 73eaec81689662cf5c1cd6ac5de1152e19b0c14d (patch) | |
tree | e58a86d7c98c6e673cf6f09babbc2af794bdaa62 /src/lib | |
parent | 9636a106d43453976addb39253cf70bc65ea1224 (diff) |
device_tree: Add version checks
This patch adds a few more sanity checks to the FDT header parsing to
make sure that our code can support the version that is passed in.
This patch was adapted from depthcharge's http://crosreview.com/1536384
Change-Id: I06c112f540213c8db7c2455c2e8a4e8e4f337b78
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/32862
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Diffstat (limited to 'src/lib')
-rw-r--r-- | src/lib/device_tree.c | 18 | ||||
-rw-r--r-- | src/lib/fit.c | 8 |
2 files changed, 21 insertions, 5 deletions
diff --git a/src/lib/device_tree.c b/src/lib/device_tree.c index bb40eee231..7a3128efcf 100644 --- a/src/lib/device_tree.c +++ b/src/lib/device_tree.c @@ -220,6 +220,24 @@ struct device_tree *fdt_unflatten(const void *blob) const struct fdt_header *header = (const struct fdt_header *)blob; tree->header = header; + uint32_t magic = be32toh(header->magic); + uint32_t version = be32toh(header->version); + uint32_t last_comp_version = be32toh(header->last_comp_version); + + if (magic != FDT_HEADER_MAGIC) { + printk(BIOS_DEBUG, "Invalid device tree magic %#.8x!\n", magic); + return NULL; + } + if (last_comp_version > FDT_SUPPORTED_VERSION) { + printk(BIOS_DEBUG, "Unsupported device tree version %u(>=%u)\n", + version, last_comp_version); + return NULL; + } + if (version > FDT_SUPPORTED_VERSION) + printk(BIOS_DEBUG, + "NOTE: FDT version %u too new, should add support!\n", + version); + uint32_t struct_offset = be32toh(header->structure_offset); uint32_t strings_offset = be32toh(header->strings_offset); uint32_t reserve_offset = be32toh(header->reserve_map_offset); diff --git a/src/lib/fit.c b/src/lib/fit.c index d15641db9a..c98ba2f802 100644 --- a/src/lib/fit.c +++ b/src/lib/fit.c @@ -423,19 +423,17 @@ static void fit_update_compat(const void *fdt_blob, struct fit_config_node *fit_load(void *fit) { - struct fdt_header *header = (struct fdt_header *)fit; struct fit_image_node *image; struct fit_config_node *config; struct compat_string_entry *compat_node; printk(BIOS_DEBUG, "FIT: Loading FIT from %p\n", fit); - if (be32toh(header->magic) != FDT_HEADER_MAGIC) { - printk(BIOS_ERR, "FIT: Bad header magic value 0x%08x.\n", - be32toh(header->magic)); + struct device_tree *tree = fdt_unflatten(fit); + if (!tree) { + printk(BIOS_ERR, "ERROR: Failed to unflatten FIT image!\n"); return NULL; } - struct device_tree *tree = fdt_unflatten(fit); const char *default_config_name = NULL; struct fit_config_node *default_config = NULL; |