[U-Boot] [PATCH V3 4/6] bootcount: Configure length limit for I2C bootcount

Fabien Lahoudere fabien.lahoudere at collabora.com
Wed Oct 17 08:33:29 UTC 2018 

From: Denis Zalevskiy <denis.zalevskiy at ge.com>

Bootcount driver should verify size against the maximum available space.
New configuration parameter adds this capability and keeps backward
compatibility by providing default value.

Signed-off-by: Denis Zalevskiy <denis.zalevskiy at ge.com>
Signed-off-by: Fabien Lahoudere <fabien.lahoudere at collabora.com>
---
 drivers/bootcount/Kconfig         |  6 ++++++
 drivers/bootcount/bootcount_i2c.c | 10 ++++++----
 2 files changed, 12 insertions(+), 4 deletions(-)

diff --git a/drivers/bootcount/Kconfig b/drivers/bootcount/Kconfig
index f67f518..3eccd5b 100644
--- a/drivers/bootcount/Kconfig
+++ b/drivers/bootcount/Kconfig
@@ -140,4 +140,10 @@ config SYS_BOOTCOUNT_I2C_ADDR
 	depends on BOOTCOUNT_I2C
 	help
 	  I2C address of the device used to store bootcounter
+
+config BOOTCOUNT_I2C_LEN
+	int "Maximum length of bootcounter in bytes"
+	default 2
+	depends on BOOTCOUNT_I2C
+
 endif
diff --git a/drivers/bootcount/bootcount_i2c.c b/drivers/bootcount/bootcount_i2c.c
index a1fc219..73c920a 100644
--- a/drivers/bootcount/bootcount_i2c.c
+++ b/drivers/bootcount/bootcount_i2c.c
@@ -54,14 +54,15 @@ void bootcount_store(ulong a)
 	if (prev_i2c_bus < 0)
 		return;
 
-	unsigned char buf[3];
+	unsigned char buf[2];
 	int ret;
 
+	BUILD_BUG_ON(sizeof(buf) > CONFIG_BOOTCOUNT_I2C_LEN);
 	buf[0] = BC_MAGIC;
 	buf[1] = (a & 0xff);
 	ret = i2c_write(CONFIG_SYS_BOOTCOUNT_I2C_ADDR,
 			CONFIG_SYS_BOOTCOUNT_ADDR,
-			CONFIG_BOOTCOUNT_ALEN, buf, 2);
+			CONFIG_BOOTCOUNT_ALEN, buf, sizeof(buf));
 	if (ret != 0)
 		puts("Error writing bootcount\n");
 
@@ -77,12 +78,13 @@ ulong bootcount_load(void)
 	if (prev_i2c_bus < 0)
 		return count;
 
-	unsigned char buf[3];
+	unsigned char buf[2];
 	int ret;
 
+	BUILD_BUG_ON(sizeof(buf) > CONFIG_BOOTCOUNT_I2C_LEN);
 	ret = i2c_read(CONFIG_SYS_BOOTCOUNT_I2C_ADDR,
 		       CONFIG_SYS_BOOTCOUNT_ADDR,
-		       CONFIG_BOOTCOUNT_ALEN, buf, 2);
+		       CONFIG_BOOTCOUNT_ALEN, buf, sizeof(buf));
 	if (ret != 0) {
 		puts("Error loading bootcount\n");
 		goto out;
-- 
1.8.3.1

More information about the U-Boot mailing list