sysadmin/ipxe
1
0
Fork 0
mirror of https://github.com/ipxe/ipxe synced 2025-12-17 01:52:08 +03:00
Code Issues Packages Projects Releases Wiki Activity

[image] Make image data read-only to most consumers

Browse Source 
Almost all image consumers do not need to modify the content of the
image.  Now that the image data is a pointer type (rather than the
opaque userptr_t type), we can rely on the compiler to enforce this at
build time.

Change the .data field to be a const pointer, so that the compiler can
verify that image consumers do not modify the image content.  Provide
a transparent .rwdata field for consumers who have a legitimate (and
now explicit) reason to modify the image content.

We do not attempt to impose any runtime restriction on checking
whether or not an image is writable.  The only existing instances of
genuinely read-only images are the various unit test images, and it is
acceptable for defective test cases to result in a segfault rather
than a runtime error.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
This commit is contained in:
Michael Brown
2025-04-30 14:14:51 +01:00
parent cd803ff2e2
commit 05ad7833c5
15 changed files with 45 additions and 73 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
src/arch/x86/image/initrd.c
View File

@@ -63,10 +63,9 @@ static physaddr_t initrd_squash_high ( physaddr_t top ) {
/* Find the highest image not yet in its final position */
highest = NULL;
for_each_image ( initrd ) {
data = initrd->data;
if ( ( virt_to_phys ( data ) < current ) &&
if ( ( virt_to_phys ( initrd->data ) < current ) &&
( ( highest == NULL ) ||
( virt_to_phys ( data ) >
( virt_to_phys ( initrd->data ) >
virt_to_phys ( highest->data ) ) ) ) {
highest = initrd;
}
@@ -144,9 +143,9 @@ static void initrd_swap ( struct image *low, struct image *high,
/* Swap fragments */
memcpy ( free, ( high->data + len ), frag_len );
memmove ( ( low->data + new_len ), ( low->data + len ),
memmove ( ( low->rwdata + new_len ), ( low->data + len ),
low->len );
memcpy ( ( low->data + len ), free, frag_len );
memcpy ( ( low->rwdata + len ), free, frag_len );
len = new_len;
}
@@ -165,8 +164,8 @@ static void initrd_swap ( struct image *low, struct image *high,
static int initrd_swap_any ( void *free, size_t free_len ) {
struct image *low;
struct image *high;
const void *adjacent;
size_t padded_len;
void *adjacent;
/* Find any pair of initrds that can be swapped */
for_each_image ( low ) {

2
src/arch/x86/image/sdi.c
View File

@@ -51,7 +51,7 @@ FEATURE ( FEATURE_IMAGE, "SDI", DHCP_EB_FEATURE_SDI, 1 );
* @ret rc Return status code
*/
static int sdi_exec ( struct image *image ) {
struct sdi_header *sdi;
const struct sdi_header *sdi;
uint32_t sdiptr;
/* Sanity check */