[coreboot] r909 - coreboot-v3/arch/x86/geodelx
svn at coreboot.org
svn at coreboot.org
Wed Oct 8 18:12:32 CEST 2008
Author: hailfinger
Date: 2008-10-08 18:12:32 +0200 (Wed, 08 Oct 2008)
New Revision: 909
Modified:
coreboot-v3/arch/x86/geodelx/stage0.S
Log:
Fix v3 GeodeLX stack and global variable pointer corruption.
We had a jump instead of a call to stage1_main in geodelx/stage0.S. That
means all accesses to bist and init_detected were off by 8 bytes and
collided with accesses to the global variable pointer.
Found during my cleanup runs.
This bug had the following effects:
1.) If gcc had decided to reload bist from stack after initializing the
global variable pointer, bist would have been nonzero, an indicator for
processor failure.
2.) If gcc had decided to use the stack location of bist as a scratch
register (and it probably is free to do so as long as the contents are
restored before returning), it would have clobbered the global variable
pointer, leading to NULL pointer dereferences.
3.) Any accesses to init_detected would have resulted in accessing 4
bytes above the top of stack (0x87ffc-0x87fff), something the rest of
the code deliberately avoids.
Signed-off-by: Carl-Daniel Hailfinger <c-d.hailfinger.devel.2006 at gmx.net>
Acked-by: Ronald G. Minnich <rminnich at gmail.com>
Modified: coreboot-v3/arch/x86/geodelx/stage0.S
===================================================================
--- coreboot-v3/arch/x86/geodelx/stage0.S 2008-10-08 16:07:29 UTC (rev 908)
+++ coreboot-v3/arch/x86/geodelx/stage0.S 2008-10-08 16:12:32 UTC (rev 909)
@@ -271,7 +271,7 @@
pushl $0
/* First parameter: bist */
pushl %eax
- jmp stage1_main
+ call stage1_main
/* We will not go back. */
#include "../stage0_common.S"
More information about the coreboot
mailing list