From 16043d6742aedb2740d23628fead775748aa0ce0 Mon Sep 17 00:00:00 2001 From: Nico Huber Date: Thu, 23 Jan 2020 12:48:03 +0100 Subject: libpayload/corebootfb: Fix character buffer relocation The `chars` pointer references the heap which is part of the payload and relocated along with it. So calling phys_to_virt() on it was always wrong; and the virt_to_phys() at its initialization was a no-op anyway, when the console was brought up before relocation. While we are at it, add a null-pointer check. Change-Id: Ic03150f0bcd14a6ec6bf514dffe2b9153d5a6d2a Signed-off-by: Nico Huber Reviewed-on: https://review.coreboot.org/c/coreboot/+/38536 Tested-by: build bot (Jenkins) Reviewed-by: Angel Pons Reviewed-by: Julius Werner --- payloads/libpayload/drivers/video/corebootfb.c | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) (limited to 'payloads/libpayload/drivers/video') diff --git a/payloads/libpayload/drivers/video/corebootfb.c b/payloads/libpayload/drivers/video/corebootfb.c index b5ad1a511d..11397ba905 100644 --- a/payloads/libpayload/drivers/video/corebootfb.c +++ b/payloads/libpayload/drivers/video/corebootfb.c @@ -64,11 +64,11 @@ static const u32 vga_colors[] = { /* Addresses for the various components */ static unsigned long fbinfo; static unsigned long fbaddr; -static unsigned long chars; +static unsigned short *chars; #define FI ((struct cb_framebuffer *) phys_to_virt(fbinfo)) #define FB ((unsigned char *) phys_to_virt(fbaddr)) -#define CHARS ((unsigned short *) phys_to_virt(chars)) +#define CHARS (chars) static void corebootfb_scroll_up(void) { @@ -243,9 +243,10 @@ static int corebootfb_init(void) coreboot_video_console.columns = FI->x_resolution / font_width; coreboot_video_console.rows = FI->y_resolution / font_height; - /* See setting of fbinfo above. */ - chars = virt_to_phys(malloc(coreboot_video_console.rows * - coreboot_video_console.columns * 2)); + chars = malloc(coreboot_video_console.rows * + coreboot_video_console.columns * 2); + if (!chars) + return -1; // clear boot splash screen if there is one. corebootfb_clear(); -- cgit v1.2.3