spl: nor: Don't allocate header on stack

spl_image_info.name contains a reference to legacy_img_hdr. If we allocate
the latter on the stack, it will be clobbered after we return. This was
addressed for NAND back in 06377c5a1fc ("spl: spl_legacy: Fix NAND boot on
OMAP3 BeagleBoard"), but that commit didn't fix NOR.

Signed-off-by: Sean Anderson <seanga2@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Michael Trimarchi <michael@amarulasolutions.com>

diff --git a/common/spl/spl_nor.c b/common/spl/spl_nor.c
index 79d4f1d7aa87a42785515971d5273b1f62d5d8ce..c141a9ae62947751d3348026ca84bc87a84fda4c 100644 (file)
--- a/common/spl/spl_nor.c
+++ b/common/spl/spl_nor.c
@@ -26,7 +26,7 @@ unsigned long __weak spl_nor_get_uboot_base(void)
 static int spl_nor_load_image(struct spl_image_info *spl_image,
                              struct spl_boot_device *bootdev)
 {
-       __maybe_unused const struct legacy_img_hdr *header;
+       struct legacy_img_hdr *header;
        __maybe_unused struct spl_load_info load;
 
        /*
@@ -41,7 +41,7 @@ static int spl_nor_load_image(struct spl_image_info *spl_image,
                 * Load Linux from its location in NOR flash to its defined
                 * location in SDRAM
                 */
-               header = (const struct legacy_img_hdr *)CONFIG_SYS_OS_BASE;
+               header = (void *)CONFIG_SYS_OS_BASE;
 #ifdef CONFIG_SPL_LOAD_FIT
                if (image_get_magic(header) == FDT_MAGIC) {
                        int ret;
@@ -91,8 +91,8 @@ static int spl_nor_load_image(struct spl_image_info *spl_image,
         * Load real U-Boot from its location in NOR flash to its
         * defined location in SDRAM
         */
-#ifdef CONFIG_SPL_LOAD_FIT
        header = (const struct legacy_img_hdr *)spl_nor_get_uboot_base();
+#ifdef CONFIG_SPL_LOAD_FIT
        if (image_get_magic(header) == FDT_MAGIC) {
                debug("Found FIT format U-Boot\n");
                load.bl_len = 1;
@@ -111,14 +111,11 @@ static int spl_nor_load_image(struct spl_image_info *spl_image,
 
        /* Legacy image handling */
        if (IS_ENABLED(CONFIG_SPL_LEGACY_IMAGE_FORMAT)) {
-               struct legacy_img_hdr hdr;
-
                load.bl_len = 1;
                load.read = spl_nor_load_read;
-               spl_nor_load_read(&load, spl_nor_get_uboot_base(), sizeof(hdr), &hdr);
                return spl_load_legacy_img(spl_image, bootdev, &load,
                                           spl_nor_get_uboot_base(),
-                                          &hdr);
+                                          header);
        }
 
        return -EINVAL;