From mboxrd@z Thu Jan 1 00:00:00 1970 From: Tom Rini Date: Wed, 6 May 2020 12:04:47 -0400 Subject: [PATCH V2] mkimage: fit: Do not tail-pad fitImage with external data In-Reply-To: <04cb1a3b-ec71-9ce1-f0cd-9d4ddae57010@denx.de> References: <1073087038ce37a09715bcb5054c7931@walle.cc> <20200506134857.GE12564@bill-the-cat> <20200506142754.GH12564@bill-the-cat> <04369d83-daef-03c3-7a9e-7a6c83f9a5a3@denx.de> <20200506143724.GI12564@bill-the-cat> <04cb1a3b-ec71-9ce1-f0cd-9d4ddae57010@denx.de> Message-ID: <20200506160447.GO12564@bill-the-cat> List-Id: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: u-boot@lists.denx.de On Wed, May 06, 2020 at 05:52:45PM +0200, Marek Vasut wrote: > On 5/6/20 5:43 PM, Alex Kiernan wrote: > > On Wed, May 6, 2020 at 3:41 PM Marek Vasut wrote: > >> > >> On 5/6/20 4:37 PM, Tom Rini wrote: > >>> On Wed, May 06, 2020 at 04:33:37PM +0200, Marek Vasut wrote: > >>>> On 5/6/20 4:27 PM, Tom Rini wrote: > >>>>> On Wed, May 06, 2020 at 04:17:35PM +0200, Marek Vasut wrote: > >>>>>> On 5/6/20 3:48 PM, Tom Rini wrote: > >>>>>>> On Tue, May 05, 2020 at 11:17:19PM +0200, Michael Walle wrote: > >>>>>>>> Hi all, > >>>>>>>> > >>>>>>>> Am 2020-05-05 20:41, schrieb Simon Glass: > >>>>>>>>> Hi Tom, > >>>>>>>>> > >>>>>>>>> On Tue, 5 May 2020 at 11:50, Tom Rini wrote: > >>>>>>>>>> > >>>>>>>>>> On Tue, May 05, 2020 at 06:39:58PM +0200, Marek Vasut wrote: > >>>>>>>>>>> On 5/5/20 6:37 PM, Alex Kiernan wrote: > >>>>>>>>>>>> On Tue, May 5, 2020 at 2:28 PM Marek Vasut wrote: > >>>>>>>>>>>>> > >>>>>>>>>>>>> On 5/5/20 3:22 PM, Alex Kiernan wrote: > >>>>>>>>>>>>>> On Mon, May 4, 2020 at 12:28 PM Tom Rini wrote: > >>>>>>>>>>>>>>> > >>>>>>>>>>>>>>> On Fri, May 01, 2020 at 05:40:25PM +0200, Marek Vasut wrote: > >>>>>>>>>>>>>>> > >>>>>>>>>>>>>>>> There is no reason to tail-pad fitImage with external data to 4-bytes, > >>>>>>>>>>>>>>>> while fitImage without external data does not have any such padding and > >>>>>>>>>>>>>>>> is often unaligned. DT spec also does not mandate any such padding. > >>>>>>>>>>>>>>>> > >>>>>>>>>>>>>>>> Moreover, the tail-pad fills the last few bytes with uninitialized data, > >>>>>>>>>>>>>>>> which could lead to a potential information leak. > >>>>>>>>>>>>>>>> > >>>>>>>>>>>>>>>> $ echo -n xy > /tmp/data ; \ > >>>>>>>>>>>>>>>> ./tools/mkimage -E -f auto -d /tmp/data /tmp/fitImage ; \ > >>>>>>>>>>>>>>>> hexdump -vC /tmp/fitImage | tail -n 3 > >>>>>>>>>>>>>>>> > >>>>>>>>>>>>>>>> before: > >>>>>>>>>>>>>>>> 00000260 61 2d 6f 66 66 73 65 74 00 64 61 74 61 2d 73 69 |a-offset.data-si| > >>>>>>>>>>>>>>>> 00000270 7a 65 00 00 78 79 64 64 |ze..xydd| > >>>>>>>>>>>>>>>> ^^ ^^ ^^ > >>>>>>>>>>>>>>>> after: > >>>>>>>>>>>>>>>> 00000260 61 2d 6f 66 66 73 65 74 00 64 61 74 61 2d 73 69 |a-offset.data-si| > >>>>>>>>>>>>>>>> 00000270 7a 65 00 78 79 |ze.xy| > >>>>>>>>>>>>>>>> > >>>>>>>>>>>>>>>> Signed-off-by: Marek Vasut > >>>>>>>>>>>>>>>> Reviewed-by: Simon Glass > >>>>>>>>>>>>>>>> Cc: Heinrich Schuchardt > >>>>>>>>>>>>>>>> Cc: Tom Rini > >>>>>>>>>>>>>>> > >>>>>>>>>>>>>>> Applied to u-boot/master, thanks! > >>>>>>>>>>>>>>> > >>>>>>>>>>>>>> > >>>>>>>>>>>>>> This breaks booting on my board (am3352, eMMC boot, FIT u-boot, > >>>>>>>>>>>>>> CONFIG_SPL_LOAD_FIT). Not got any useful diagnostics - if I boot it > >>>>>>>>>>>>>> from eMMC I get nothing at all on the console, if I boot over ymodem > >>>>>>>>>>>>>> it stalls at 420k, before continuing to 460k. My guess is there's some > >>>>>>>>>>>>>> error going to the console at the 420k mark, but obviously it's lost > >>>>>>>>>>>>>> in the ymodem... I have two DTBs in the FIT image, 420k would about > >>>>>>>>>>>>>> align to the point between them. > >>>>>>>>>>>>> > >>>>>>>>>>>>> My bet would be on some padding / unaligned access problem that this > >>>>>>>>>>>>> patch uncovered. Can you take a look ? > >>>>>>>>>>>> > >>>>>>>>>>>> Seems plausible. With this change my external data starts at 0x483 and > >>>>>>>>>>>> everything after it is non-aligned: > >>>>>>>>>>> > >>>>>>>>>>> Should the beginning of external data be aligned ? > >>>>>>>>>> > >>>>>>>>>> If in U-Boot we revert e8c2d25845c72c7202a628a97d45e31beea40668 does > >>>>>>>>>> the > >>>>>>>>>> problem go away? If so, that's not a fix outright, it means we need > >>>>>>>>>> to > >>>>>>>>>> dig back in to the libfdt thread and find the "make this work without > >>>>>>>>>> killing performance everywhere all the time" option. > >>>>>>>>> > >>>>>>>>> If it is a device tree, it must be 32-bit aligned. > >>>>>>>> > >>>>>>>> This commit actually breaks my board too (which I was just about to send > >>>>>>>> upstream, but realized it was broken). > >>>>>>>> > >>>>>>>> Said board uses SPL and main U-Boot. SPL runs fine and main u-boot doesn't > >>>>>>>> output anything. The only difference which I found is that fit-dtb.blob is > >>>>>>>> 2 bytes shorter. And the content is shifted by one byte although > >>>>>>>> data-offset is the same. Strange. In the non-working case, the inner > >>>>>>>> FDT magic isn't 4 byte aligned. > >>>>>>>> > >>>>>>>> You can find the two fit-dtb.blobs here: > >>>>>>>> > >>>>>>>> https://walle.cc/u-boot/fit-dtb.blob.working > >>>>>>>> https://walle.cc/u-boot/fit-dtb.blob.non-working > >>>>>>>> > >>>>>>>> > >>>>>>>> Reverting e8c2d25845c72c7202a628a97d45e31beea40668 doesn't help (I might > >>>>>>>> reverted it the wrong way, there is actually a conflict). > >>>>>>>> > >>>>>>>> I'll dig deeper into that tomorrow, but maybe you have some pointers where > >>>>>>>> to look. > >>>>>>>> > >>>>>>>> For reference you can find the current patch here: > >>>>>>>> https://github.com/mwalle/u-boot/tree/sl28-upstream > >>>>>>> > >>>>>>> I think we have a few things to fix here. Marek's patch is breaking > >>>>>>> things and needs to be reverted. But it's showing a few underlying > >>>>>>> problems that need to be fixed too: > >>>>>>> - fit_extract_data() needs to use calloc() not malloc() so that we don't > >>>>>>> leak random data. > >>>>>>> - We need to 8-byte alignment on the external data. That's the > >>>>>>> requirement for Linux for device trees on both 32 and 64bit arm. > >>>>>>> Atish, does RISC-V require more than that? I don't see it in Linux's > >>>>>>> Documentation/riscv/boot-image-header.rst (and there's no booting.rst > >>>>>>> file like arm/arm64). > >>>>>> > >>>>>> Why 8-byte alignment ? The external data are copied into the target > >>>>>> location, so why do they need to be padded in any way? > >>>>> > >>>>> The start of the external data needs the alignment, to be clearer. > >>>> > >>>> Why ? > >>> > >>> Given that things which end up in external data have alignment > >>> requirements, we need to align and meet those requirements. And I noted > >>> why 8 above. > >> > >> If you end up with external data, then you need to move those blobs into > >> their target location anyway. That's what you specify in the load = <> > >> property in the .its . > >> > > > > Just reading common/spl/spl_fit.c, I think that'll try and parse in > > situ, rather than relocating it? > > And is that correct or is that the same problem as we have on arm64 with > fitImage and fdt_high=-1 ? I think it's the later. I'm not sure that it is. Can we easily/safely memmove the data to be aligned? Is that really a better option in this case than ensuring alignment within the file? -- Tom -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 659 bytes Desc: not available URL: