[coreboot] [PATCH] fix cbfs_header location
Thomas Jourdan
tjourdan at neuf.fr
Wed Aug 12 23:45:22 CEST 2009
Hi guys
I think I found a bug in CBFS. It's about the cbfs master header
location. Under certains circumstances, it can be overwritten by a file,
hence corrupting the rom.
I added some debug output to explain the problem. First I create a dummy
bootblock and the rom :
dd if=/dev/zero of=bootblock bs=16k count=4
cbfstool rom create 262144 65536 bootblock 16
-----
create_rom: create cbfs_header at offset 0x2ffd0
create_rom: write cbfs master header address 0xfffeffd0
-----
cbfstool rom print
rom: 256 kB, bootblocksize 65536, romsize 262144, offset 0x0
Alignment: 16 bytes
Name Offset Type Size
0x0 free 196536
Finally create and add tfhe file :
dd if=/dev/zero of=dummy bs=196536 count=1
cbfstool rom add dummy dummy 256
-----
rom_alloc: Found free file at offset 0x0 headersize 0x28 size 0x2ffb8
rom_alloc: nextoffset 0x2ffe0
rom_alloc: truncoffset 0x2ffe0
-----
cbfstool rom print
(cbfstool) E: This does not appear to be a valid ROM
(cbfstool) E: Problem while reading the ROM
As you can see, nextoffset is 0x10 byte after the cbfs_header. The file
I added overwrote it.
I attached a patch to fix this.
Signed-off-by: Thomas Jourdan <thomas.jourdan at gmail.com>
Regards,
Thomas
-------------- next part --------------
A non-text attachment was scrubbed...
Name: cbfs_header.patch
Type: text/x-patch
Size: 964 bytes
Desc: not available
URL: <http://www.coreboot.org/pipermail/coreboot/attachments/20090812/40bb6ca4/attachment.patch>
More information about the coreboot
mailing list