[U-Boot] [PATCH 1/5] Add bmp_layout module for accessing BMP header data
Albert ARIBAUD
albert.u.boot at aribaud.net
Mon Feb 4 22:26:28 CET 2013
Hi Wolfgang,
On Mon, 04 Feb 2013 20:26:18 +0100, Wolfgang Denk <wd at denx.de> wrote:
> Dear Nikita Kiryanov,
>
> In message <1359977979-28585-2-git-send-email-nikita at compulab.co.il> you wrote:
> > Currently code that displays BMP files does two things:
> > * assume that any address is a valid load address for a BMP
> > * access in-memory BMP header fields directly
> >
> > Since some BMP header fields are 32 bit wide, this has a potential
> > for causing data aborts when these fields are placed in unaligned
> > addresses.
> >
> > Create an API for safely accessing BMP header data, and compile it with
> > $(PLATFORM_NO_UNALIGNED) to give it the ability to emulate unaligned memory
> > accesses.
>
> Frankly, I think this is overkill. U-Boot is a bootloader, and it is
> supposed to be lean and eficient. We don't have all levels of safety
> systems and protective devices as in, for example, an aircraft. You
> are supposed to know what you are doing, and if you ignore the rules,
> you will quickly see the results yourself.
>
> There is plenty of other areas where correct opration requires certain
> alignments, and none of these are enforced by U-Boot. And actually I
> think this is not only acceptable, but good as is.
>
> "UNIX was not designed to stop you from doing stupid things, because
> that would also stop you from doing clever things." - Doug Gwyn
>
>
> You talk about BMP header - but we also have alignment requirements
> for image headers, well, even for a plain "md" or "mw" command. And
> none of these provide any protection against accidsential (or
> intentional) access to unaligned addresses.
>
> My recommendation is: just don;t do it, then.
The point about md not checking alignment is indeed valid: one should
know that a md.l requires a 4-byte-aligned address or it will abort.
OTOH, a cautious user may think that to ensure proper alignment, a BMP
should be loaded on a 4-byte boundary, but IIUC that it precisely what
will cause the load to fail, due to the sole 4-byte field of the BMP
header being misaligned by two bytes.
So if we leave BMP loading as it is now, the load address will need to
be 16-bit-but-not-32-bit-aligned, which is complicated enough to
require documentation.
Or, the BMP struct could be prepended with two bytes so that the
load address alignment requirement becomes a simple 4-byte boundary,
which most users are... bound... to choose naturally.
But ISTR the idea of prepending two bytes was already discussed and for
some reason it could not work. Jeroen?
> Best regards,
>
> Wolfgang Denk
Amicalement,
--
Albert.
More information about the U-Boot
mailing list