On Oct 2, 2006, at 12:23 AM, Amos Waterland wrote:

 > We are improperly feeding the entire boot parameter string to Xen's
 > generic command line parser.  This can have unexpected results when
 > one of the dom0 parameters, such as console=X, has meaning to the
 > Xen parser.  First reported by Maria Butrico.

On Oct 2, 2006, at 6:36 AM, Maria Butrico wrote:

 > A long overdue comment about the size of the buffer buff and the
 > size of the buffer bootargs also 256 bytes in boot_of.c.

Amos, Maria good catch.

Amos, the concept of "--" as a separation string is really a boot_of.c
concept not really a Xen one.  For example, if we ever get the GRUB
bootloader to work, it will be unnecessary to pack them all in one
string.

Will this patch work for you?

diff -r 77373497916f xen/arch/powerpc/boot_of.c
--- a/xen/arch/powerpc/boot_of.c        Sun Oct 01 20:40:44 2006 -0400
+++ b/xen/arch/powerpc/boot_of.c        Mon Oct 02 08:04:11 2006 -0400
@@ -40,11 +40,12 @@ static ulong of_vec;
 static ulong of_vec;
 static ulong of_msr;
 static int of_out;
-static char bootargs[256];
 
 #define COMMAND_LINE_SIZE 512
 static char builtin_cmdline[COMMAND_LINE_SIZE]
     __attribute__((section("__builtin_cmdline"))) = CMDLINE;
+
+static char bootargs[COMMAND_LINE_SIZE];
 
 extern struct ns16550_defaults ns16550;
 
@@ -465,8 +466,13 @@ static void boot_of_bootargs(multiboot_i
     int rc;
 
     rc = of_getprop(bof_chosen, "bootargs", &bootargs, sizeof (bootargs));
+    if (rc > sizeof (bootargs))
+        of_panic("bootargs[] not big enough for /chosen/bootargs\n");
+
     if (rc == OF_FAILURE || bootargs[0] == '\0') {
-        strlcpy(bootargs, builtin_cmdline, sizeof(bootargs));
+        if (sizeof(bootargs) < sizeof(builtin_cmdline))
+            of_panic("bootargs[] not big enough for builtin_cmdline\n");
+        strcpy(bootargs, builtin_cmdline);
     }
 
     mbi->flags |= MBI_CMDLINE;
@@ -1023,6 +1029,8 @@ static void * __init boot_of_module(ulon
               mods[mod].mod_start, mods[mod].mod_end);
     p = strstr((char *)(ulong)mbi->cmdline, sepr);
     if (p != NULL) {
+        /* terminate the Xen portion */
+        *(char *)p = '\0';
         p += sizeof (sepr) - 1;
         mods[mod].string = (u32)(ulong)p;
         of_printf("%s: dom0 mod string: %s\n", __func__, p);

_______________________________________________
Xen-ppc-devel mailing list
Xen-ppc-devel@lists.xensource.com
http://lists.xensource.com/xen-ppc-devel

Reply via email to