[PATCH] arm: Increase zImage length after getting the tag

[PATCH] arm: Increase zImage length after getting the tag

[Łukasz Stelmach]

Increase the size of the zImage after seeking for the tag to avoid
reading past the end of the supplied buffer should there be not tag
in the zImage.

Fixes: f57f0bf8975d24fe1e7c4936fdfb5c3b123ab75f
Signed-off-by: Łukasz Stelmach <l.stelmach@samsung.com>
Cc: Russell King <rmk@armlinux.org.uk>
---
 kexec/arch/arm/kexec-zImage-arm.c | 15 ++++++++-------
 1 file changed, 8 insertions(+), 7 deletions(-)

diff --git a/kexec/arch/arm/kexec-zImage-arm.c b/kexec/arch/arm/kexec-zImage-arm.c
index ff609e2..925a9be 100644
--- a/kexec/arch/arm/kexec-zImage-arm.c
+++ b/kexec/arch/arm/kexec-zImage-arm.c
@@ -543,6 +543,14 @@ int zImage_arm_load(int argc, char **argv, const char *buf, off_t len,
 	 */
 	kernel_mem_size = len + 4;
 
+	/*
+	 * Check for a kernel size extension, and set or validate the
+	 * image size.  This is the total space needed to avoid the
+	 * boot kernel BSS, so other data (such as initrd) does not get
+	 * overwritten.
+	 */
+	tag = find_extension_tag(buf, len, ZIMAGE_TAG_KRNL_SIZE);
+
 	/*
 	 * The zImage length does not include its stack (4k) or its
 	 * malloc space (64k).  Include this.
@@ -551,13 +559,6 @@ int zImage_arm_load(int argc, char **argv, const char *buf, off_t len,
 
 	dbgprintf("zImage requires 0x%08llx bytes\n", (unsigned long long)len);
 
-	/*
-	 * Check for a kernel size extension, and set or validate the
-	 * image size.  This is the total space needed to avoid the
-	 * boot kernel BSS, so other data (such as initrd) does not get
-	 * overwritten.
-	 */
-	tag = find_extension_tag(buf, len, ZIMAGE_TAG_KRNL_SIZE);
 	if (tag) {
 		uint32_t *p = (void *)buf + le32_to_cpu(tag->u.krnl_size.size_ptr);
 		uint32_t edata_size = le32_to_cpu(get_unaligned(p));
-- 
2.26.2


_______________________________________________
kexec mailing list
kexec@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/kexec

Re: [PATCH] arm: Increase zImage length after getting the tag

[Simon Horman]

On Tue, Jun 02, 2020 at 12:40:34PM +0200, Łukasz Stelmach wrote:
> Increase the size of the zImage after seeking for the tag to avoid
> reading past the end of the supplied buffer should there be not tag
> in the zImage.
> 
> Fixes: f57f0bf8975d24fe1e7c4936fdfb5c3b123ab75f
> Signed-off-by: Łukasz Stelmach <l.stelmach@samsung.com>
> Cc: Russell King <rmk@armlinux.org.uk>

Thanks Łukasz,

applied.

_______________________________________________
kexec mailing list
kexec@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/kexec

Re: [PATCH] arm: Increase zImage length after getting the tag

[Russell King]

On Sat, Jun 06, 2020 at 03:23:19PM +0200, Simon Horman wrote:
> On Tue, Jun 02, 2020 at 12:40:34PM +0200, Łukasz Stelmach wrote:
> > Increase the size of the zImage after seeking for the tag to avoid
> > reading past the end of the supplied buffer should there be not tag
> > in the zImage.
> > 
> > Fixes: f57f0bf8975d24fe1e7c4936fdfb5c3b123ab75f
> > Signed-off-by: Łukasz Stelmach <l.stelmach@samsung.com>
> > Cc: Russell King <rmk@armlinux.org.uk>
> 
> Thanks Łukasz,

Sorry, I've not seen the patch, so it hasn't been reviewed.  This is the
first I'm aware of its existence.

-- 
Russell King

_______________________________________________
kexec mailing list
kexec@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/kexec

Re: [PATCH] arm: Increase zImage length after getting the tag

[Russell King]

On Sat, Jun 06, 2020 at 03:40:31PM +0100, Russell King wrote:
> On Sat, Jun 06, 2020 at 03:23:19PM +0200, Simon Horman wrote:
> > On Tue, Jun 02, 2020 at 12:40:34PM +0200, Łukasz Stelmach wrote:
> > > Increase the size of the zImage after seeking for the tag to avoid
> > > reading past the end of the supplied buffer should there be not tag
> > > in the zImage.
> > > 
> > > Fixes: f57f0bf8975d24fe1e7c4936fdfb5c3b123ab75f
> > > Signed-off-by: Łukasz Stelmach <l.stelmach@samsung.com>
> > > Cc: Russell King <rmk@armlinux.org.uk>
> > 
> > Thanks Łukasz,
> 
> Sorry, I've not seen the patch, so it hasn't been reviewed.  This is the
> first I'm aware of its existence.

Found it - it's fine.

-- 
Russell King

_______________________________________________
kexec mailing list
kexec@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/kexec