diff options
author | Heinrich Schuchardt <heinrich.schuchardt@canonical.com> | 2023-06-25 11:54:23 +0200 |
---|---|---|
committer | Simon Glass <sjg@chromium.org> | 2023-07-12 07:57:20 -0600 |
commit | fd8e2ef6e41afda342a75bccb4748d1f925c0d76 (patch) | |
tree | 970abd791b05739ebd36f31ad93b508fb4c9c9e8 | |
parent | 5a801ad450303f028213c5da12017db5d3668cbc (diff) | |
download | u-boot-fd8e2ef6e41afda342a75bccb4748d1f925c0d76.zip u-boot-fd8e2ef6e41afda342a75bccb4748d1f925c0d76.tar.gz u-boot-fd8e2ef6e41afda342a75bccb4748d1f925c0d76.tar.bz2 |
cmd: fix loads, saves on sandbox
The loads and saves commands crash on the sandbox due to illegal memory
access.
For command line arguments the sandbox uses a virtual address space which
does not equal the addresses of the memory allocated with memmap(). Add the
missing address translations for the loads and saves commands.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
-rw-r--r-- | cmd/load.c | 16 |
1 files changed, 12 insertions, 4 deletions
@@ -181,13 +181,17 @@ static ulong load_serial(long offset) } else #endif { + void *dst; + ret = lmb_reserve(&lmb, store_addr, binlen); if (ret) { printf("\nCannot overwrite reserved area (%08lx..%08lx)\n", store_addr, store_addr + binlen); return ret; } - memcpy((char *)(store_addr), binbuf, binlen); + dst = map_sysmem(store_addr, binlen); + memcpy(dst, binbuf, binlen); + unmap_sysmem(dst); lmb_free(&lmb, store_addr, binlen); } if ((store_addr) < start_addr) @@ -350,15 +354,19 @@ static int save_serial(ulong address, ulong count) if(write_record(SREC3_START)) /* write the header */ return (-1); do { - if(count) { /* collect hex data in the buffer */ - c = *(volatile uchar*)(address + reclen); /* get one byte */ - checksum += c; /* accumulate checksum */ + volatile uchar *src; + + src = map_sysmem(address, count); + if (count) { /* collect hex data in the buffer */ + c = src[reclen]; /* get one byte */ + checksum += c; /* accumulate checksum */ data[2*reclen] = hex[(c>>4)&0x0f]; data[2*reclen+1] = hex[c & 0x0f]; data[2*reclen+2] = '\0'; ++reclen; --count; } + unmap_sysmem((void *)src); if(reclen == SREC_BYTES_PER_RECORD || count == 0) { /* enough data collected for one record: dump it */ if(reclen) { /* build & write a data record: */ |