From nobody Tue Feb 10 04:15:27 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zoho.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=linaro.org ARC-Seal: i=1; a=rsa-sha256; t=1558018215; cv=none; d=zoho.com; s=zohoarc; b=HeOrWASaZnLTQtD6Rpb4npzEEKYFPQ/tBEcOb1zucq5S9PZLKNZLbx0gxn+Q2dpmrW/Jwqzf6OvqeE0i0xoNAoXhBWCh4qoMmmn8SyRQnBaqULt9UernrrxUw7K8fy/F6b8Sti4M8yPIRmFHMl6BeDdikVnxuECXfk6U5EadwCI= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1558018215; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=DgMhkLiABo0DJwU8oJ8YkfjP+Hk6v1roeqysC4eg468=; b=HK+CiPxlUFRbZVYK+XqAB8iXk+1Pd+J5pBQgo/ZXa1/Mn3Yl1Hn8p522cPcEUnyq+igpY2hG0ZC6uAVJrgO+pBk7pV6na+4JAHrWr+0X1bOVTt2VdvVGYzMfr1WDjVSBR9p21Pvo6nC77coIj+PfKJxX1cucmJuBx3P09J3GwXE= ARC-Authentication-Results: i=1; mx.zoho.com; dkim=fail; spf=pass (zoho.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1558018215975758.5045204241134; Thu, 16 May 2019 07:50:15 -0700 (PDT) Received: from localhost ([127.0.0.1]:59435 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1hRHhq-0003oK-Qj for importer@patchew.org; Thu, 16 May 2019 10:50:02 -0400 Received: from eggs.gnu.org ([209.51.188.92]:58903) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1hRHfZ-0002au-7a for qemu-devel@nongnu.org; Thu, 16 May 2019 10:47:42 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1hRHfY-0008H6-5g for qemu-devel@nongnu.org; Thu, 16 May 2019 10:47:41 -0400 Received: from mail-wm1-x343.google.com ([2a00:1450:4864:20::343]:39957) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1hRHfX-0008Eh-86 for qemu-devel@nongnu.org; Thu, 16 May 2019 10:47:39 -0400 Received: by mail-wm1-x343.google.com with SMTP id h11so3752880wmb.5 for ; Thu, 16 May 2019 07:47:39 -0700 (PDT) Received: from orth.archaic.org.uk (orth.archaic.org.uk. [81.2.115.148]) by smtp.gmail.com with ESMTPSA id o8sm7629018wra.4.2019.05.16.07.47.37 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 16 May 2019 07:47:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=DgMhkLiABo0DJwU8oJ8YkfjP+Hk6v1roeqysC4eg468=; b=SE+aDuN2LJ0lQpMoo3ZRFMPWP9p0Weq1dhOnfcYXLJ79rrxDtptgaDDry/xFsWUZqh eGBHZgrufeHGBGg8ZUruLfPOXSDTXPrDhA/iVRTm8gxN0vi+xvpPSnGtb+IdR3vvaOrg kxpGfZ3OvKEGOtcR352oxR76OHjU0B7Dpa1G/3CoLDW7Hbt4gxTXQbJfA0hivygq8P8s V0wEpSfveD1o3Z0yFyXJMoN6mK5UMIXdThhvM6YMXaKIJMAwk0uymPQ2KBL/H0kYXwyW +vGrU604TknDsnj9O+9Az3DG7WIxZ2meQfG/feuGmmQdTF+FOr7LSMyDpQm6YQCkRFP+ bn9A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=DgMhkLiABo0DJwU8oJ8YkfjP+Hk6v1roeqysC4eg468=; b=Kl6B5BcOlSIcjmipkYClOiAF/Wbl21VOWoJJI8F0nzSdrqMeLIZ9unVA2ZboSqshSb T5XnYv39+xjas5kNxKsvNfFZR5WEwuRhqrkGG504V9BZjKwl+1I6T7C4UXfjlz1ruqwn 937soYjLW+qebIw1YgyNXPezwD6I38Z7H42qEBNRAc7qVDd60uZlrICjjHR+1m7qYOrK eMopwC0fg7VkvvdFVGPQOVFxHXNStF25lYvn/cVWjaz3gJonToqjSyI64TzP5tBmMuXZ Oh/yKhLNCj7Mfkt4NxzqF04D2QSg13FYCONufzxKY76QYPfBLgA0L9vGb87NME/D8BzD qoqA== X-Gm-Message-State: APjAAAVh3Os9AX6Eype/jXKaT4bEawoHO33p5LZIycnye3OnAS2t/h9z ZTRVBHREFmpgTgYSrN5/ljrDgg== X-Google-Smtp-Source: APXvYqwJboeSmaXVCkOQA0uw97JcB1A7k6HHKmAOMOaI4Qh9zlskErpjyUIWYYIVZ9RjZjJjIf3Ogg== X-Received: by 2002:a1c:63d5:: with SMTP id x204mr11618190wmb.3.1558018058135; Thu, 16 May 2019 07:47:38 -0700 (PDT) From: Peter Maydell To: qemu-arm@nongnu.org, qemu-devel@nongnu.org Date: Thu, 16 May 2019 15:47:31 +0100 Message-Id: <20190516144733.32399-3-peter.maydell@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190516144733.32399-1-peter.maydell@linaro.org> References: <20190516144733.32399-1-peter.maydell@linaro.org> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2a00:1450:4864:20::343 Subject: [Qemu-devel] [PATCH v2 2/4] hw/arm/boot: Diagnose layouts that put initrd or DTB off the end of RAM X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Mark Rutland , Richard Henderson Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) Content-Type: text/plain; charset="utf-8" We calculate the locations in memory where we want to put the initrd and the DTB based on the size of the kernel, since they come after it. Add some explicit checks that these aren't off the end of RAM entirely. (At the moment the way we calculate the initrd_start means that it can't ever be off the end of RAM, but that will change with the next commit.) Signed-off-by: Peter Maydell Reviewed-by: Alex Benn=C3=A9e --- hw/arm/boot.c | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/hw/arm/boot.c b/hw/arm/boot.c index 0bb9a7d5b5c..935be3b92a5 100644 --- a/hw/arm/boot.c +++ b/hw/arm/boot.c @@ -1055,11 +1055,25 @@ static void arm_setup_direct_kernel_boot(ARMCPU *cp= u, error_report("could not load kernel '%s'", info->kernel_filename); exit(1); } + + if (kernel_size > info->ram_size) { + error_report("kernel '%s' is too large to fit in RAM " + "(kernel size %d, RAM size %" PRId64 ")", + info->kernel_filename, kernel_size, info->ram_size); + exit(1); + } + info->entry =3D entry; if (is_linux) { uint32_t fixupcontext[FIXUP_MAX]; =20 if (info->initrd_filename) { + + if (info->initrd_start >=3D ram_end) { + error_report("not enough space after kernel to load initrd= "); + exit(1); + } + initrd_size =3D load_ramdisk_as(info->initrd_filename, info->initrd_start, ram_end - info->initrd_start, as= ); @@ -1075,6 +1089,11 @@ static void arm_setup_direct_kernel_boot(ARMCPU *cpu, info->initrd_filename); exit(1); } + if (info->initrd_start + initrd_size > info->ram_size) { + error_report("could not load initrd '%s': " + "too big to fit into RAM after the kernel", + info->initrd_filename); + } } else { initrd_size =3D 0; } @@ -1110,6 +1129,10 @@ static void arm_setup_direct_kernel_boot(ARMCPU *cpu, /* Place the DTB after the initrd in memory with alignment. */ info->dtb_start =3D QEMU_ALIGN_UP(info->initrd_start + initrd_= size, align); + if (info->dtb_start >=3D ram_end) { + error_report("Not enough space for DTB after kernel/initrd= "); + exit(1); + } fixupcontext[FIXUP_ARGPTR_LO] =3D info->dtb_start; fixupcontext[FIXUP_ARGPTR_HI] =3D info->dtb_start >> 32; } else { --=20 2.20.1