From: John Rigby Date: Wed, 13 Oct 2010 19:57:31 +0000 (-0600) Subject: common/image.c fix length calculation in boot_relocate_fdt X-Git-Tag: v2010.12-rc1~72^2~34 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=758b39979d8a70b91f70d6684119156032841c4a;p=oweals%2Fu-boot.git common/image.c fix length calculation in boot_relocate_fdt boot_relocate_fdt is called on platforms with CONFIG_SYS_BOOTMAPSZ defined to relocate the device tree blob to be inside the boot map area between bootmap_base and bootmap_base+CONFIG_SYS_BOOTMAPSZ. For the case where the blob needs to be relocated, space is allocated inside the bootmap by calling lmb_alloc_base with size passed in plus some padding: of_len = *of_size + CONFIG_SYS_FDT_PAD; For the case where the blob is already inside the bounds of the boot map area, lmb_reserve is called to reserve the the space where the blob is already residing. The calculation for this case is currently: of_len = (CONFIG_SYS_BOOTMAPSZ + bootmap_base) - (ulong)fdt_blob; This is wrong because it reserves all the space in the boot map area from the blob to the end ignoring completely the actual size. The worst case is where the blob is at the beginning and the entire boot map area get reserved. Fix this by changing the length calculation to this: of_len = *of_size + CONFIG_SYS_FDT_PAD; This bug has likely never manifested itself because bootm has never been called with the fdt blob already in the bootmap area. In my testing on an OMAP3 beagle board I initially worked around the bug by simply moving the initial location of the fdt blob. I have tested with the new calculation with the fdt blob both inside and outside the boot map area. Signed-off-by: John Rigby --- diff --git a/common/image.c b/common/image.c index 3a2f25e5af..f59904d3aa 100644 --- a/common/image.c +++ b/common/image.c @@ -1252,7 +1252,7 @@ int boot_relocate_fdt (struct lmb *lmb, ulong bootmap_base, *of_size = of_len; } else { *of_flat_tree = fdt_blob; - of_len = (CONFIG_SYS_BOOTMAPSZ + bootmap_base) - (ulong)fdt_blob; + of_len = *of_size + CONFIG_SYS_FDT_PAD; lmb_reserve(lmb, (ulong)fdt_blob, of_len); fdt_set_totalsize(*of_flat_tree, of_len);