loads: Block writes into LMB reserved areas of U-Boot

The loads srec loading may overwrite piece of U-Boot accidentally.
Prevent that by using LMB to detect whether upcoming write would
overwrite piece of reserved U-Boot code, and if that is the case,
abort the srec loading.

Signed-off-by: Marek Vasut <marek.vasut+renesas@gmail.com>
Cc: Simon Glass <sjg@chromium.org>
Cc: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>

diff --git a/cmd/load.c b/cmd/load.c
index 249ebd4..7e4a552 100644 (file)
--- a/cmd/load.c
+++ b/cmd/load.c
@@ -16,6 +16,7 @@
 #include <exports.h>
 #include <flash.h>
 #include <image.h>
+#include <lmb.h>
 #include <mapmem.h>
 #include <net.h>
 #include <s_record.h>
@@ -137,6 +138,7 @@ static int do_load_serial(struct cmd_tbl *cmdtp, int flag, int argc,
 
 static ulong load_serial(long offset)
 {
+       struct lmb lmb;
        char    record[SREC_MAXRECLEN + 1];     /* buffer for one S-Record      */
        char    binbuf[SREC_MAXBINLEN];         /* buffer for binary data       */
        int     binlen;                         /* no. of data bytes in S-Rec.  */
@@ -147,6 +149,9 @@ static ulong load_serial(long offset)
        ulong   start_addr = ~0;
        ulong   end_addr   =  0;
        int     line_count =  0;
+       long ret;
+
+       lmb_init_and_reserve(&lmb, gd->bd, (void *)gd->fdt_blob);
 
        while (read_record(record, SREC_MAXRECLEN + 1) >= 0) {
                type = srec_decode(record, &binlen, &addr, binbuf);
@@ -172,7 +177,14 @@ static ulong load_serial(long offset)
                    } else
 #endif
                    {
+                       ret = lmb_reserve(&lmb, store_addr, binlen);
+                       if (ret) {
+                               printf("\nCannot overwrite reserved area (%08lx..%08lx)\n",
+                                       store_addr, store_addr + binlen);
+                               return ret;
+                       }
                        memcpy((char *)(store_addr), binbuf, binlen);
+                       lmb_free(&lmb, store_addr, binlen);
                    }
                    if ((store_addr) < start_addr)
                        start_addr = store_addr;