31 Jan
2019
31 Jan
'19
11:04 a.m.
Hi Simon,
On Sat, 26 Jan 2019 at 14:13, Simon Goldschmidt simon.k.r.goldschmidt@gmail.com wrote:
This fixes the automatic lmb initialization and reservation for boards with more than one DRAM bank.
This fixes the CVE-2018-18439 and -18440 fixes that only allowed to load files into the firs DRAM bank from fs and via tftp.
Found-by: Heinrich Schuchardt xypron.glpk@gmx.de Signed-off-by: Simon Goldschmidt simon.k.r.goldschmidt@gmail.com
common/bootm.c | 4 ++-- fs/fs.c | 3 +-- include/lmb.h | 7 +++++-- lib/lmb.c | 37 ++++++++++++++++++++++++++++++++----- net/tftp.c | 3 +-- 5 files changed, 41 insertions(+), 13 deletions(-)
Reviewed-by: Simon Glass sjg@chromium.org
Do we need a test update to cover this?
- Simon