ARC: u-boot args: check that magic number is correct

In case of devboards we really often disable bootloader and load
Linux image in memory via JTAG. Even if kernel tries to verify
uboot_tag and uboot_arg there is sill a chance that we treat some
garbage in registers as valid u-boot arguments in JTAG case.
E.g. it is enough to have '1' in r0 to treat any value in r2 as
a boot command line.

So check that magic number passed from u-boot is correct and drop
u-boot arguments otherwise. That helps to reduce the possibility
of using garbage as u-boot arguments in JTAG case.

We can safely check U-boot magic value (0x0) in linux passed via
r1 register as U-boot pass it from the beginning. So there is no
backward-compatibility issues.

Signed-off-by: Eugeniy Paltsev <Eugeniy.Paltsev@synopsys.com>
Signed-off-by: Vineet Gupta <vgupta@synopsys.com>

diff --git a/arch/arc/kernel/head.S b/arch/arc/kernel/head.S
index 36774348d23b77dea3398d487a703d569a7d8317..8f6e0447dd1702b571b23a3f561f8ed032ae6abf 100644 (file)
--- a/arch/arc/kernel/head.S
+++ b/arch/arc/kernel/head.S
@@ -111,6 +111,7 @@ ENTRY(stext)
        ;    r2 = pointer to uboot provided cmdline or external DTB in mem
        ; These are handled later in handle_uboot_args()
        st      r0, [@uboot_tag]
+       st      r1, [@uboot_magic]
        st      r2, [@uboot_arg]
 
        ; setup "current" tsk and optionally cache it in dedicated r25

diff --git a/arch/arc/kernel/setup.c b/arch/arc/kernel/setup.c
index 2266e4ee41429027efd0f3467d2c97737844853b..ec2fd231ecd9935b41e5c3bd923bdec5a06dc929 100644 (file)
--- a/arch/arc/kernel/setup.c
+++ b/arch/arc/kernel/setup.c
@@ -36,6 +36,7 @@ unsigned int intr_to_DE_cnt;
 
 /* Part of U-boot ABI: see head.S */
 int __initdata uboot_tag;
+int __initdata uboot_magic;
 char __initdata *uboot_arg;
 
 const struct machine_desc *machine_desc;
@@ -504,6 +505,8 @@ static inline bool uboot_arg_invalid(unsigned long addr)
 #define UBOOT_TAG_NONE         0
 #define UBOOT_TAG_CMDLINE      1
 #define UBOOT_TAG_DTB          2
+/* We always pass 0 as magic from U-boot */
+#define UBOOT_MAGIC_VALUE      0
 
 void __init handle_uboot_args(void)
 {
@@ -518,6 +521,11 @@ void __init handle_uboot_args(void)
                goto ignore_uboot_args;
        }
 
+       if (uboot_magic != UBOOT_MAGIC_VALUE) {
+               pr_warn(IGNORE_ARGS "non zero uboot magic\n");
+               goto ignore_uboot_args;
+       }
+
        if (uboot_tag != UBOOT_TAG_NONE &&
             uboot_arg_invalid((unsigned long)uboot_arg)) {
                pr_warn(IGNORE_ARGS "invalid uboot arg: '%px'\n", uboot_arg);