Commit edb64bca authored by Eugeniy Paltsev's avatar Eugeniy Paltsev Committed by Vineet Gupta

ARC: u-boot args: check that magic number is correct

In case of devboards we really often disable bootloader and load
Linux image in memory via JTAG. Even if kernel tries to verify
uboot_tag and uboot_arg there is sill a chance that we treat some
garbage in registers as valid u-boot arguments in JTAG case.
E.g. it is enough to have '1' in r0 to treat any value in r2 as
a boot command line.

So check that magic number passed from u-boot is correct and drop
u-boot arguments otherwise. That helps to reduce the possibility
of using garbage as u-boot arguments in JTAG case.

We can safely check U-boot magic value (0x0) in linux passed via
r1 register as U-boot pass it from the beginning. So there is no
backward-compatibility issues.
Signed-off-by: default avatarEugeniy Paltsev <Eugeniy.Paltsev@synopsys.com>
Signed-off-by: default avatarVineet Gupta <vgupta@synopsys.com>
parent fbe025c3
...@@ -111,6 +111,7 @@ ENTRY(stext) ...@@ -111,6 +111,7 @@ ENTRY(stext)
; r2 = pointer to uboot provided cmdline or external DTB in mem ; r2 = pointer to uboot provided cmdline or external DTB in mem
; These are handled later in handle_uboot_args() ; These are handled later in handle_uboot_args()
st r0, [@uboot_tag] st r0, [@uboot_tag]
st r1, [@uboot_magic]
st r2, [@uboot_arg] st r2, [@uboot_arg]
; setup "current" tsk and optionally cache it in dedicated r25 ; setup "current" tsk and optionally cache it in dedicated r25
......
...@@ -36,6 +36,7 @@ unsigned int intr_to_DE_cnt; ...@@ -36,6 +36,7 @@ unsigned int intr_to_DE_cnt;
/* Part of U-boot ABI: see head.S */ /* Part of U-boot ABI: see head.S */
int __initdata uboot_tag; int __initdata uboot_tag;
int __initdata uboot_magic;
char __initdata *uboot_arg; char __initdata *uboot_arg;
const struct machine_desc *machine_desc; const struct machine_desc *machine_desc;
...@@ -504,6 +505,8 @@ static inline bool uboot_arg_invalid(unsigned long addr) ...@@ -504,6 +505,8 @@ static inline bool uboot_arg_invalid(unsigned long addr)
#define UBOOT_TAG_NONE 0 #define UBOOT_TAG_NONE 0
#define UBOOT_TAG_CMDLINE 1 #define UBOOT_TAG_CMDLINE 1
#define UBOOT_TAG_DTB 2 #define UBOOT_TAG_DTB 2
/* We always pass 0 as magic from U-boot */
#define UBOOT_MAGIC_VALUE 0
void __init handle_uboot_args(void) void __init handle_uboot_args(void)
{ {
...@@ -518,6 +521,11 @@ void __init handle_uboot_args(void) ...@@ -518,6 +521,11 @@ void __init handle_uboot_args(void)
goto ignore_uboot_args; goto ignore_uboot_args;
} }
if (uboot_magic != UBOOT_MAGIC_VALUE) {
pr_warn(IGNORE_ARGS "non zero uboot magic\n");
goto ignore_uboot_args;
}
if (uboot_tag != UBOOT_TAG_NONE && if (uboot_tag != UBOOT_TAG_NONE &&
uboot_arg_invalid((unsigned long)uboot_arg)) { uboot_arg_invalid((unsigned long)uboot_arg)) {
pr_warn(IGNORE_ARGS "invalid uboot arg: '%px'\n", uboot_arg); pr_warn(IGNORE_ARGS "invalid uboot arg: '%px'\n", uboot_arg);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment