| Age | Commit message (Collapse) | Author |
|---|
|
The only call site of gzwrite() is cmd/unzip.c do_gzwrite(), where
the 'len' parameter passed to gzwrite(..., len, ...) function is of
type unsigned long. This usage is correct, the 'len' parameter is
an unsigned integer, and the gzwrite() function currently supports
input data 'len' of up to 4 GiB - 1 .
The function signature of gzwrite() function in both include/gzip.h
and lib/gunzip.c does however list 'len' as signed integer, which
is not correct, and ultimatelly limits the implementation to only
2 GiB input data 'len' .
Fix this, update gzwrite() function parameter 'len' data type to
size_t consistently in include/gzip.h and lib/gunzip.c .
Furthermore, update gzwrite() function 'szwritebuf' parameter in
lib/gunzip.c from 'unsigned long' to 'size_t' to be synchronized
with include/gzip.h . Rewrite the other parameters to size_t and
off_t and propagate the change too.
Since the gzwrite() function currently surely only supports input
data size of 4 GiB - 1, add input data size check. The limitation
comes from the current use of zlib z_stream .avail_in parameter,
to which the gzwrite() function sets the entire input data size,
and which is of unsigned int type, which cannot accept any number
beyond 4 GiB - 1. This limitation will be removed in future commit.
Reported-by: Yuya Hamamachi <[email protected]>
Signed-off-by: Marek Vasut <[email protected]>
|
|
Currently, when decompressing a gzip-compressed image during bootm, a
generic error such as "inflate() returned -5" is shown when the buffer is
too small. However, it is not immediately clear that this is caused by
CONFIG_SYS_BOOTM_LEN being too small.
This patch improves error handling by:
- Detecting Z_BUF_ERROR (-5) returned from the inflate() call
- Suggesting the user to increase CONFIG_SYS_BOOTM_LEN when applicable
- Preserving the original return code from zunzip() instead of overwriting
it with -1
By providing clearer hints when decompression fails due to insufficient
buffer size, this change helps users diagnose and fix boot failures more
easily.
Signed-off-by: Aristo Chen <[email protected]>
Reviewed-by: Tom Rini <[email protected]>
Reviewed-by: Mattijs Korpershoek <[email protected]>
|
|
Mark the gunzip code as needed by relocation. This is used to decompress
the next-phase image.
Signed-off-by: Simon Glass <[email protected]>
|
|
After some header file cleanups to add missing include files, remove
common.h from all files in the lib directory. This primarily means just
dropping the line but in a few cases we need to add in other header
files now.
Reviewed-by: Simon Glass <[email protected]>
Signed-off-by: Tom Rini <[email protected]>
|
|
Globally replace all occurances of WATCHDOG_RESET() with schedule(),
which handles the HW_WATCHDOG functionality and the cyclic
infrastructure.
Signed-off-by: Stefan Roese <[email protected]>
Reviewed-by: Simon Glass <[email protected]>
Tested-by: Tom Rini <[email protected]> [am335x_evm, mx6cuboxi, rpi_3,dra7xx_evm, pine64_plus, am65x_evm, j721e_evm]
|
|
The gzip API uses the u64 type in it, which is not available in the host
build. This makes it impossible to include the header file.
We could make this type available, but it seems unnecessary. Limiting the
compression size to that of the 'unsigned long' type seems good enough. On
32-bit machines the limit then becomes 4GB, which likely exceeds available
RAM anyway, therefore it should be sufficient. On 64-bit machines this is
effectively u64 anyway.
Update the header file and implementation to use 'ulong' instead of 'u64'.
Add a definition of u32 for the cases that seem to need exactly that
length. This should be safe enough.
Signed-off-by: Simon Glass <[email protected]>
|
|
Move this uncommon header out of the common header.
Signed-off-by: Simon Glass <[email protected]>
|
|
Drop inclusion of crc.h in common.h and use the correct header directly
instead.
With this we can drop the conflicting definition in fw_env.h and rely on
the crc.h header, which is already included.
Signed-off-by: Simon Glass <[email protected]>
Reviewed-by: Tom Rini <[email protected]>
|
|
As part of the effort to remove things from common.h, create a new header
for the gzip functions. Move the function declarations to it and add
missing documentation.
Signed-off-by: Simon Glass <[email protected]>
Reviewed-by: Simon Goldschmidt <[email protected]>
|
|
When U-Boot started using SPDX tags we were among the early adopters and
there weren't a lot of other examples to borrow from. So we picked the
area of the file that usually had a full license text and replaced it
with an appropriate SPDX-License-Identifier: entry. Since then, the
Linux Kernel has adopted SPDX tags and they place it as the very first
line in a file (except where shebangs are used, then it's second line)
and with slightly different comment styles than us.
In part due to community overlap, in part due to better tag visibility
and in part for other minor reasons, switch over to that style.
This commit changes all instances where we have a single declared
license in the tag as both the before and after are identical in tag
contents. There's also a few places where I found we did not have a tag
and have introduced one.
Signed-off-by: Tom Rini <[email protected]>
|
|
Signed-off-by: Jean-Jacques Hiblot <[email protected]>
Reviewed-by: Tom Rini <[email protected]>
Reviewed-by: Simon Glass <[email protected]>
|
|
When using gzwrite to eMMC on an i.MX6Q board, the following warning
occurs repeatedly:
CACHE: Misaligned operation at range [4fd63318, 4fe63318]
This patch cache-aligns the memory allocation for the gzwrite writebuf,
therefore avoiding the misaligned dcache flush and the warning from
check_cache_range.
Signed-off-by: Clemens Gruber <[email protected]>
Reviewed-by: Eric Nelson <[email protected]>
Reviewed-by: Stefan Agner <[email protected]>
|
|
Call blk_dwrite to ensure that the block cache is notified
if enabled and remove build breakage when CONFIG_BLK is enabled.
Signed-off-by: Eric Nelson <[email protected]>
Reviewed-by: Stephen Warren <[email protected]>
|
|
Use 'struct' instead of a typdef. Also since 'struct block_dev_desc' is long
and causes 80-column violations, rename it to struct blk_desc.
Signed-off-by: Simon Glass <[email protected]>
Reviewed-by: Bin Meng <[email protected]>
Tested-by: Stephen Warren <[email protected]>
|
|
Current, the following passes:
./u-boot -d arch/sandbox/dts/test.dtb -c 'ut_image_decomp'
but the following fails:
./u-boot -d arch/sandbox/dts/test.dtb -c 'ut dm; ut_image_decomp'
This is because the gunzip code reads input data beyond the end of its
input buffer. In the first case above, this data just happens to be 0,
which just happens to trigger gzip to signal the error the decompression
unit test expects. In the second case above, the "ut dm" test has written
data to the accidentally-read memory, which causes the gzip code to take a
different path and so return a different value, which triggers the test
failure.
The cause of gunzip reading past its input buffer is the re-calculation of
s.avail_in in zunzip(), since it can underflow. Not only is the formula
non-sensical (it uses the delta between two output buffer pointers to
calculate available input buffer size), it also appears to be unnecessary,
since the gunzip code already maintains this value itself. This patch
removes this re-calculation to avoid the underflow and redundant work.
The loop exit condition is also adjusted so that if inflate() has consumed
the entire input buffer, without indicating returning Z_STREAM_END (i.e.
decompression complete without error), an error is raised. There is still
opportunity to simplify the code here by splitting up the loop exit
condition into separate tests. However, this patch makes the minimum
modifications required to solve the problem at hand, in order to keep the
Acked-by: Kees Cook <[email protected]>
diff simple.
I am not entirely convinced that the loop in zunzip() is necessary at all.
It could only be useful if inflate() can return Z_BUF_ERROR (which
typically means that it needs more data in the input buffer, or more space
in the output buffer), even though Z_FINISH is set /and/ the full input is
available in the input buffer /and/ there is enough space to store the
decompressed output in the output buffer. The comment in zlib.h after the
prototype of inflate() implies this is never the case. However, I assume
there must have been some reason for introducing this loop in the first
place, as part of commit "Fix gunzip to work for any gziped uImage size".
This patch is similar to the earlier b75650d84d4b "gzip: correctly
bounds-check output buffer", which corrected a similar issue for
s.avail_out.
Cc: Catalin Radu <[email protected]>
Cc: Kees Cook <[email protected]>
Fixes: f039ada5c109 ("Fix gunzip to work for any gziped uImage size")
Signed-off-by: Stephen Warren <[email protected]>
|
|
Only when we have CONFIG_CMD_UNZIP enabled do we have the 'gzwrite'
command. While this command should be separated from CONFIG_CMD_UNZIP
we should also only include the write portion of the gz code in that
case as well.
Signed-off-by: Tom Rini <[email protected]>
|
|
This will allow the implementation to make use of data in the block_dev
structure beyond the base device number. This will be useful so that eMMC
block devices can encompass the HW partition ID rather than treating this
out-of-band. Equally, the existence of the priv field is crying out for
this patch to exist.
Signed-off-by: Stephen Warren <[email protected]>
Reviewed-by: Tom Rini <[email protected]>
|
|
The console includes a global variable and several functions that are only
used by a small subset of U-Boot files. Before adding more functions, move
the definitions into their own header file.
Signed-off-by: Simon Glass <[email protected]>
|
|
Initial filesystem images are generally highly compressible.
Add a routine gzwrite that allows gzip-compressed images to be
written to block devices.
Signed-off-by: Eric Nelson <[email protected]>
Reviewed-by: Tom Rini <[email protected]>
|
|
This allows the caller to easily detect how much of the destination buffer
has been used.
Signed-off-by: Simon Glass <[email protected]>
|
|
The output buffer size must not be reset by the gzip decoder or there
is a risk of overflowing memory during decompression.
Signed-off-by: Kees Cook <[email protected]>
Acked-by: Simon Glass <[email protected]>
|
|
Signed-off-by: Wolfgang Denk <[email protected]>
[trini: Fixup common/cmd_io.c]
Signed-off-by: Tom Rini <[email protected]>
|
|
This allows us to add a proper zalloc() func (one that does a zeroing
alloc), and removes duplicate prototypes.
Signed-off-by: Mike Frysinger <[email protected]>
|
|
Signed-off-by: Catalin Radu <[email protected]>
|
|
As usually done in U-Boot, the watchdog_reset code is called via a
macro (WATCHDOG_RESET). In zlib.c this was done differently, by using
a function pointer which is initialized with WATCHDOG_RESET upon watchdog
usage or with NULL otherwise. This patch now uses the plain
WATCHDOG_RESET macros to call the function resulting in slightly smaller
U-Boot images and simpler code.
U-Boot code size reduction:
PowerPC board with watchdog support (lwmon5):
-> 80 bytes smaller image size
PowerPC board without watchdog support (sequoia):
-> 112 bytes smaller image size
Signed-off-by: Stefan Roese <[email protected]>
Cc: Detlev Zundel <[email protected]>
Cc: Wolfgang Denk <[email protected]>
Acked-by: Detlev Zundel <[email protected]>
|
|
Now that the other architecture-specific lib directories have been
moved out of the top-level directory there's not much reason to have the
'_generic' suffix on the common lib directory.
Signed-off-by: Peter Tyser <[email protected]>
|
