On Mon, 27 Oct 2008, Atsushi Nemoto wrote:
> On Mon, 27 Oct 2008 14:39:32 +0100 (CET), Geert Uytterhoeven <Geert.Uytterhoeven@xxxxxxxxxxx> wrote:
> > Subject: [PATCH] txx9: Make firmware parameter passing more robust
> >
> > When booting Linux on a txx9 board with VxWorks boot loader, it crashes in
> > prom_getenv(), as VxWorks doesn't pass firmware parameters in a0-a3 (in my
> > case, the actual leftover values in these registers were 0x80002000,
> > 0x80001fe0, 0x2000, and 0x20).
> >
> > Make the parsing of argc, argv, and envp a bit more robust by checking if argc
> > is a number below CKSEG0, and argv/envp point to CKSEG0.
> >
> > Signed-off-by: Geert Uytterhoeven <Geert.Uytterhoeven@xxxxxxxxxxx>
>
> Look OK for me, except for coding style :)
Sorry, how could I have missed that...
> If TAB was used for indent,
> Acked-by: Atsushi Nemoto <anemo@xxxxxxxxxxxxx>
Thx!
Subject: [PATCH] txx9: Make firmware parameter passing more robust
When booting Linux on a txx9 board with VxWorks boot loader, it crashes in
prom_getenv(), as VxWorks doesn't pass firmware parameters in a0-a3 (in my
case, the actual leftover values in these registers were 0x80002000,
0x80001fe0, 0x2000, and 0x20).
Make the parsing of argc, argv, and envp a bit more robust by checking if argc
is a number below CKSEG0, and argv/envp point to CKSEG0.
Signed-off-by: Geert Uytterhoeven <Geert.Uytterhoeven@xxxxxxxxxxx>
Acked-by: Atsushi Nemoto <anemo@xxxxxxxxxxxxx>
---
arch/mips/txx9/generic/setup.c | 22 ++++++++++++++++++----
1 file changed, 18 insertions(+), 4 deletions(-)
--- a/arch/mips/txx9/generic/setup.c
+++ b/arch/mips/txx9/generic/setup.c
@@ -156,11 +156,23 @@ static struct txx9_board_vec *__init fin
static void __init prom_init_cmdline(void)
{
- int argc = (int)fw_arg0;
- int *argv32 = (int *)fw_arg1;
+ int argc;
+ int *argv32;
int i; /* Always ignore the "-c" at argv[0] */
char builtin[CL_SIZE];
+ if (fw_arg0 >= CKSEG0 || fw_arg1 < CKSEG0) {
+ /*
+ * argc is not a valid number, or argv32 is not a valid
+ * pointer
+ */
+ argc = 0;
+ argv32 = NULL;
+ } else {
+ argc = (int)fw_arg0;
+ argv32 = (int *)fw_arg1;
+ }
+
/* ignore all built-in args if any f/w args given */
/*
* But if built-in strings was started with '+', append them
@@ -414,10 +426,12 @@ char * __init prom_getcmdline(void)
const char *__init prom_getenv(const char *name)
{
- const s32 *str = (const s32 *)fw_arg2;
+ const s32 *str;
- if (!str)
+ if (fw_arg2 < CKSEG0)
return NULL;
+
+ str = (const s32 *)fw_arg2;
/* YAMON style ("name", "value" pairs) */
while (str[0] && str[1]) {
if (!strcmp((const char *)(unsigned long)str[0], name))
With kind regards,
Geert Uytterhoeven
Software Architect
Sony Techsoft Centre Europe
The Corporate Village · Da Vincilaan 7-D1 · B-1935 Zaventem · Belgium
Phone: +32 (0)2 700 8453
Fax: +32 (0)2 700 8622
E-mail: Geert.Uytterhoeven@xxxxxxxxxxx
Internet: http://www.sony-europe.com/
A division of Sony Europe (Belgium) N.V.
VAT BE 0413.825.160 · RPR Brussels
Fortis · BIC GEBABEBB · IBAN BE41293037680010
