selfboot: fix bug in valid_area()

valid_area will accept a region as valid for the payload if only a part
of coreboot fits in that region. This means if a payload reaches into a
neighboring RESERVED region, coreboot would not care and happily
overwrite that region, as long as the payload also writes to some RAM.

Change-Id: Ie263f83be18009b01a31c71e7285c998747d097f
Signed-off-by: Stefan Reinauer <reinauer@google.com>
Reviewed-on: http://review.coreboot.org/425
Tested-by: build bot (Jenkins)
Reviewed-by: Patrick Georgi <patrick@georgi-clan.de>

diff --git a/src/boot/selfboot.c b/src/boot/selfboot.c
index 573dd5ee5a3f745d4bc269e2e4c325439e2f7e94..ab0bf21c67816d430f231d539795b7e815cfbe55 100644 (file)
--- a/src/boot/selfboot.c
+++ b/src/boot/selfboot.c
@@ -140,10 +140,10 @@ static int valid_area(struct lb_memory *mem, unsigned long buffer,
                mtype = mem->map[i].type;
                mstart = unpack_lb64(mem->map[i].start);
                mend = mstart + unpack_lb64(mem->map[i].size);
-               if ((mtype == LB_MEM_RAM) && (start < mend) && (end > mstart)) {
+               if ((mtype == LB_MEM_RAM) && (start >= mstart) && (end < mend)) {
                        break;
                }
-               if ((mtype == LB_MEM_TABLE) && (start < mend) && (end > mstart)) {
+               if ((mtype == LB_MEM_TABLE) && (start >= mstart) && (end < mend)) {
                        printk(BIOS_ERR, "Payload is overwriting coreboot tables.\n");
                        break;
                }