This is the mail archive of the
ecos-patches@sourceware.org
mailing list for the eCos project.
Re: Check for illegal address range in io/flash
- From: "Øyvind Harboe" <oyvind dot harboe at zylin dot com>
- To: "Andrew Lunn" <andrew at lunn dot ch>
- Cc: ecos-patches at ecos dot sourceware dot org
- Date: Tue, 11 Dec 2007 10:49:27 +0100
- Subject: Re: Check for illegal address range in io/flash
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:sender:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; bh=w5rjexiyAPGyOQ66/2a7DOekSZdkaW+sDTqQNeCAYc0=; b=heN+g2YHBTEyE6wtv23/5VayiFDFrbJFwHw+eL2/IdoGQ6yT5T/aT5Lirzil1O56Mk92JefgNDrdyHB+MxJy149ruCOhxzaJLUxP3HDlH9ZzyHxFC2eGK3tnI2wm28S6ioy4h9IoxVc6ZD1slFTqgg5AEtPkxhsef9OMdsi31CU=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:sender:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; b=IQ93vTytiTlWvvYQnB368xxDr/jaV9SEnvPht12cX5nTS4R4VGL4kCpMLp6e7mmbfTWMk4ScJKEYim9HnqP+aSChqgG8sEGPOKvx2KsCsq4ppiq9Sgqpqf1G1u8WUVNcmVWVfCZ2nVGSQwNgr2pgSJZChnsPiIizi/TjwXrqOG8=
- References: <c09652430712110102x684bcd2apd276cb0ff287caac@mail.gmail.com> <20071211094252.GD30586@lunn.ch>
On Dec 11, 2007 10:42 AM, Andrew Lunn <andrew@lunn.ch> wrote:
> On Tue, Dec 11, 2007 at 10:02:32AM +0100, ?yvind Harboe wrote:
> > io/flash has a broken address range check for flash_erase(). There is no address
> > range check for flash_program_buf().
> >
> > This patch adds address range check & returns error if the address is invalid.
> >
> > Alternatively, address range checks could be left to higher level code and the
> > broken flash_erase() addreess range check can be removed.
> >
> > Or alternatively, I'm about to get egg all over my face and hopefully someone
> > will take pity and tell me what's really happening here. :-)
>
> Well, i would expect the lower levels to fail. This could happen in a
> number of ways. Your MMU could throw an exception, since you are
> accessing addresses that do not exist. Or the flash operation would
> fail, generally with a timeout.
>
> It seems to me the lower levels are very likely to give you some
> indication you did something stupid. So why bloat the middle level
> with an extra check? Maybe an ASSERT makes sense so not to bloat
> production images?
I mainly want the busted check in flash_erase() to be removed.
ASSERT's are probably fine.
>
> Now presumably, you have a platform that did not tell you and you
> wrote past the end of the flash? Is your MMU correctly configured?
> Does a timeout return an error code?
I'm using eCos flash support as drivers for a JTAG debugger. :-)
I have a small jump table which I link w/libtarget.a and voila! a JTAG
flash driver.
Perhaps flash.c could grow a new function flash_check_address_range() that upper
levels can use? Of course the flash_info structure is available to applications
so implementing such a function is not a problem.
Again: I mainly want the busted check in flash_erase() to be deleted.
>
> Andrew
>
--
Øyvind Harboe
http://www.zylin.com - eCos ARM & FPGA developer kit