|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-devel] [PATCH V1 11/29] xen/dts: Check "reg" property length in process_multiboot_node
When the device tree compiler (dtc) can't find right #address-cells
and #size-cells, it will assume the encoding is 1 for each.
As multiboot node are inside the /chosen, dtc will asume the previous values
if the both property are not correct set.
During boot, Xen will browse the fdt and store the nearest #address-cells
and #size-cells value. If the size of "reg" is smaller, Xen can retrieve
wrong range.
Signed-off-by: Julien Grall <julien.grall@xxxxxxxxxx>
---
xen/common/device_tree.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/xen/common/device_tree.c b/xen/common/device_tree.c
index 9568250..7295f34 100644
--- a/xen/common/device_tree.c
+++ b/xen/common/device_tree.c
@@ -467,10 +467,14 @@ static void __init process_multiboot_node(const void
*fdt, int node,
mod = &early_info.modules.module[nr];
- prop = fdt_get_property(fdt, node, "reg", NULL);
+ prop = fdt_get_property(fdt, node, "reg", &len);
if ( !prop )
early_panic("node %s missing `reg' property\n", name);
+ if ( len < dt_cells_to_size(address_cells + size_cells) )
+ early_panic("fdt: node `%s': `reg` property length is too short\n",
+ name);
+
cell = (const u32 *)prop->data;
device_tree_get_reg(&cell, address_cells, size_cells,
&mod->start, &mod->size);
--
1.7.10.4
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |