Respect the size of the real-mode boot header when zeroing and copying in the command line, to avoid stomping on the BIOS EBCA or risk BIOS SMM code stomping on the command line.
v2: Fix off-by-one bug in kernel_cmdline_strlen comparison Signed-off-by: Ed Swierk <eswi...@skyportsystems.com> --- tboot/common/linux.c | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/tboot/common/linux.c b/tboot/common/linux.c index e9bb12e..6eed6f3 100644 --- a/tboot/common/linux.c +++ b/tboot/common/linux.c @@ -303,14 +303,17 @@ bool expand_linux_image(const void *linux_image, size_t linux_size, /* copy cmdline */ const char *kernel_cmdline = get_cmdline(g_ldr_ctx); + const size_t kernel_cmdline_size = REAL_END_OFFSET - KERNEL_CMDLINE_OFFSET; + size_t kernel_cmdline_strlen = strlen(kernel_cmdline); + if (kernel_cmdline_strlen > kernel_cmdline_size - 1) + kernel_cmdline_strlen = kernel_cmdline_size - 1; + memset((void *)hdr->cmd_line_ptr, 0, kernel_cmdline_size); + memcpy((void *)hdr->cmd_line_ptr, kernel_cmdline, kernel_cmdline_strlen); - printk(TBOOT_INFO"Linux cmdline placed in header: "); - printk_long(kernel_cmdline); - printk(TBOOT_INFO"\n"); - - memset((void *)hdr->cmd_line_ptr,0,TBOOT_KERNEL_CMDLINE_SIZE); - - memcpy((void *)hdr->cmd_line_ptr, kernel_cmdline, strlen(kernel_cmdline)); + printk(TBOOT_INFO"Linux cmdline from 0x%lx to 0x%lx:\n", + (unsigned long)hdr->cmd_line_ptr, + (unsigned long)(hdr->cmd_line_ptr + kernel_cmdline_size)); + printk_long((void *)hdr->cmd_line_ptr); /* need to put boot_params in real mode area so it gets mapped */ boot_params = (boot_params_t *)(real_mode_base + real_mode_size); -- 1.9.1 ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot _______________________________________________ tboot-devel mailing list tboot-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/tboot-devel