diff options
author | Martin Schwidefsky <schwidefsky@de.ibm.com> | 2011-02-17 07:13:57 -0500 |
---|---|---|
committer | Martin Schwidefsky <sky@mschwide.boeblingen.de.ibm.com> | 2011-02-17 07:13:59 -0500 |
commit | a8c8d7c683419d059e302373afc6998244f5f60f (patch) | |
tree | 6c194395808bd1021a6f2ff3808e054e0c3f6b7f /arch/s390/boot/compressed/misc.c | |
parent | 03e3b5a0f18c53560de1984fbbfca146d31da2a5 (diff) |
[S390] correct ipl parameter block safe guard
The 'output' variable is passed from decompress_kernel to
check_ipl_parmblock before it is initialized. That disables the
safe guard against the overwrite of the ipl parameter block.
Fix this by passing the correct value to check_ipl_parmblock.
Reported-by: David Binderman <dcb314@hotmail.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
Diffstat (limited to 'arch/s390/boot/compressed/misc.c')
-rw-r--r-- | arch/s390/boot/compressed/misc.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/arch/s390/boot/compressed/misc.c b/arch/s390/boot/compressed/misc.c index 0851eb1e919e..2751b3a8a66f 100644 --- a/arch/s390/boot/compressed/misc.c +++ b/arch/s390/boot/compressed/misc.c | |||
@@ -133,11 +133,12 @@ unsigned long decompress_kernel(void) | |||
133 | unsigned long output_addr; | 133 | unsigned long output_addr; |
134 | unsigned char *output; | 134 | unsigned char *output; |
135 | 135 | ||
136 | check_ipl_parmblock((void *) 0, (unsigned long) output + SZ__bss_start); | 136 | output_addr = ((unsigned long) &_end + HEAP_SIZE + 4095UL) & -4096UL; |
137 | check_ipl_parmblock((void *) 0, output_addr + SZ__bss_start); | ||
137 | memset(&_bss, 0, &_ebss - &_bss); | 138 | memset(&_bss, 0, &_ebss - &_bss); |
138 | free_mem_ptr = (unsigned long)&_end; | 139 | free_mem_ptr = (unsigned long)&_end; |
139 | free_mem_end_ptr = free_mem_ptr + HEAP_SIZE; | 140 | free_mem_end_ptr = free_mem_ptr + HEAP_SIZE; |
140 | output = (unsigned char *) ((free_mem_end_ptr + 4095UL) & -4096UL); | 141 | output = (unsigned char *) output_addr; |
141 | 142 | ||
142 | #ifdef CONFIG_BLK_DEV_INITRD | 143 | #ifdef CONFIG_BLK_DEV_INITRD |
143 | /* | 144 | /* |