[U-Boot] [PATCH 3/3] cbfs: add support for cbfs header components
Simon Glass
sjg at chromium.org
Sun Apr 1 14:19:28 UTC 2018
Hi,
On 22 February 2018 at 08:15, Alexander Graf <agraf at suse.de> wrote:
>
>
> On 15.02.18 07:40, Andre Heider wrote:
>> This fixes walking the cbfs file list because the bound checks do not
>> apply to header components.
>>
>> Output of coreboot's cbfstool:
>> Name Offset Type Size Comp
>> cbfs master header 0x0 cbfs header 32 none
>> fallback/romstage 0x80 stage 21344 none
>> fallback/ramstage 0x5440 stage 36848 none
>> config 0xe480 raw 310 none
>> revision 0xe600 raw 575 none
>> fallback/bl31 0xe880 payload 15931 none
>> fallback/payload 0x12700 payload 205449 none
>> (empty) 0x44a00 null 111768 none
>> header pointer 0x5fec0 cbfs header 4 none
>>
>> Output of u-boot's cbfsls:
>> size type name
>> ------------------------------------------
>> 32 cbfs header cbfs master header
>> 21344 stage fallback/romstage
>> 36848 stage fallback/ramstage
>> 310 raw config
>> 575 raw revision
>> 15931 payload fallback/bl31
>> 205449 payload fallback/payload
>> 111768 null (empty)
>> 4 cbfs header header pointer
>
> I don't see a before/after comparison? What output exactly did get fixed?
>
> I don't quite understand what case exactly this fixes. The bounds check
> seems to try to find out whether the header is within the master header
> range, right?
>
> So doesn't this just mean we're reading beyond the expected fs size?
I don't understand this one either.
Andre please take a look and update your commit message.
Regards,
Simon
More information about the U-Boot
mailing list