소스 검색

Redefine bzimage_exec_context::mem_limit to be the highest permissible

byte, rather than the number of permissible bytes (i.e. subtract one
from the value under the previous definition to get the value under
the new definition).

This avoids integer overflow on 64-bit kernels, where
bzhdr.initrd_addr_max may be 0xffffffffffffffff; under the old
behaviour we set mem_limit equal to initrd_addr_max+1, which meant it
ended up as zero.  Kernel loads would fail with ENOBUFS.
tags/v0.9.3
Michael Brown 17 년 전
부모
커밋
56550e400e
1개의 변경된 파일4개의 추가작업 그리고 3개의 파일을 삭제
  1. 4
    3
      src/arch/i386/image/bzimage.c

+ 4
- 3
src/arch/i386/image/bzimage.c 파일 보기

@@ -141,6 +141,7 @@ static int bzimage_parse_cmdline ( struct image *image,
141 141
 			       "terminator '%c'\n", image, *mem );
142 142
 			break;
143 143
 		}
144
+		exec_ctx->mem_limit -= 1;
144 145
 	}
145 146
 
146 147
 	return 0;
@@ -266,7 +267,7 @@ static int bzimage_load_initrds ( struct image *image,
266 267
 			return -ENOBUFS;
267 268
 		}
268 269
 		/* Check that we are within the kernel's range */
269
-		if ( ( address + total_len ) > exec_ctx->mem_limit )
270
+		if ( ( address + total_len - 1 ) > exec_ctx->mem_limit )
270 271
 			continue;
271 272
 		/* Prepare and verify segment */
272 273
 		if ( ( rc = prep_segment ( phys_to_user ( address ), 0,
@@ -315,9 +316,9 @@ static int bzimage_exec ( struct image *image ) {
315 316
 		( bzhdr.heap_end_ptr + 0x200 );
316 317
 	exec_ctx.vid_mode = bzhdr.vid_mode;
317 318
 	if ( bzhdr.version >= 0x0203 ) {
318
-		exec_ctx.mem_limit = ( bzhdr.initrd_addr_max + 1 );
319
+		exec_ctx.mem_limit = bzhdr.initrd_addr_max;
319 320
 	} else {
320
-		exec_ctx.mem_limit = ( BZI_INITRD_MAX + 1 );
321
+		exec_ctx.mem_limit = BZI_INITRD_MAX;
321 322
 	}
322 323
 
323 324
 	/* Parse command line for bootloader parameters */

Loading…
취소
저장