On Thu 09 Apr 01:22 PDT 2020, Peng Fan wrote:
> Since we no need memset if memsz is larger than filesz, we could
> use filesz for the da to va translation when memsz translation fail.
>
To me this implies that the firmware has a segment that's larger than
the memory that it's going to run in. I think even if we're not writing
to the entire memsz, asking da_to_va for the entire memsz provides a
valuable sanity check.
Regards,
Bjorn
> Signed-off-by: Peng Fan <peng.fan@xxxxxxx>
> ---
> drivers/remoteproc/remoteproc_elf_loader.c | 12 ++++++++++--
> 1 file changed, 10 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/remoteproc/remoteproc_elf_loader.c b/drivers/remoteproc/remoteproc_elf_loader.c
> index cc50fe70d50c..74d425a4b34c 100644
> --- a/drivers/remoteproc/remoteproc_elf_loader.c
> +++ b/drivers/remoteproc/remoteproc_elf_loader.c
> @@ -229,8 +229,16 @@ int rproc_elf_load_segments(struct rproc *rproc, const struct firmware *fw)
> if (!ptr) {
> dev_err(dev, "bad phdr da 0x%llx mem 0x%llx\n", da,
> memsz);
> - ret = -EINVAL;
> - break;
> +
> + ptr = rproc_da_to_va(rproc, da, filesz);
> + if (!ptr) {
> + dev_err(dev,
> + "bad phdr da 0x%llx mem 0x%llx\n",
> + da, filesz);
> + ret = -EINVAL;
> + break;
> + }
> +
> }
>
> /* put the segment where the remote processor expects it */
> --
> 2.16.4
>
