Commit graph

80 commits

Author SHA1 Message Date
Simon Glass
b9274095c2 sandbox: Add a way to map a file into memory
It is useful to map a file into memory so that it can be accessed using
simple pointers. Add a function to support this.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-09-16 13:19:25 -04:00
Simon Glass
b4467fae06 sandbox: Add a way to find the size of a file
Add a function to return the size of a file. This is useful in situations
where we need to allocate memory for it before reading it.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
2021-09-16 13:19:25 -04:00
Simon Glass
130401e017 sandbox: Correct handling of --rm_memory
This option has no argument so we should not trip to skip one.

Fix it.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-09-16 13:19:25 -04:00
Heinrich Schuchardt
fd25ca3275 sandbox: don't set SA_NODEFER in signal handler
The sandbox can handle signals. Due to a damaged global data pointer
additional exceptions in the signal handler may occur leading to an endless
loop. In this case leave the handling of the secondary exception to the
operating system.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-07-21 10:27:35 -06:00
Simon Glass
f178bebf55 sandbox: Support executables for more phases
The SPL header has a function for obtaining the phase in capital letters,
e.g. 'SPL'. Add one for lower-case also, as used by sandbox.

Use this to generalise the sandbox logic for determining the filename of
the next sandbox executable. This can provide support for VPL.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-07-21 10:27:34 -06:00
Marek Behún
d1f81fd015 sandbox: use sections instead of symbols for getopt array boundaries
In style of linked lists, instead of declaring symbols for boundaries
of getopt options array in the linker script, declare corresponding
sections and retrieve the boundaries via static inline functions.

Without this clang's LTO produces binary without any getopt options,
because for some reason it thinks that array is empty (start and end
symbols are at the same address).

Signed-off-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-05-24 14:21:30 -04:00
Simon Glass
5d8c37910d sandbox: Only delete the executable if requested
At present sandbox removes its executable after failing to run it,
since there is no other way that it would get cleaned up.

However, this is actually only wanted if the image was created within
sandbox. For the case where the image was generated by the build system,
such as u-boot-spl, we don't want to delete it.

Handle the two code paths accordingly.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-03-27 15:04:31 +13:00
Simon Glass
b5e514a6ab sandbox: Drop debug message in os_spl_to_uboot()
This is not needed in normal operation. Drop it.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-03-22 19:23:28 +13:00
Simon Glass
01ad9f75c5 sandbox: Update os_find_u_boot() to find the .img file
At present this function can only locate the u-boot ELF file. For SPL it
is handy to be able to locate u-boot.img since this is what would normally
be loaded by SPL.

Add another argument to allow this to be selected.

While we are here, update the function to load SPL when running in TPL,
since that is the next stage.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-03-12 09:57:31 -05:00
Simon Glass
b308d9fd18 sandbox: Avoid using malloc() for system state
This state is not accessible to the running U-Boot but at present it is
allocated in the emulated SDRAM. This doesn't seem very useful. Adjust
it to allocate from the OS instead.

The RAM buffer is currently not freed, but should be, so add that into
state_uninit(). Update the comment for os_free() to indicate that NULL is
a valid parameter value.

Note that the strdup() in spl_board_load_image() is changed as well, since
strdup() allocates memory in the RAM buffer.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-03-02 15:53:37 -05:00
Simon Glass
14e46dfb17 sandbox: Add os_realloc()
We provide os_malloc() and os_free() but not os_realloc(). Add this,
following the usual semantics. Also update os_malloc() to behave correctly
when passed a zero size.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-03-02 15:53:37 -05:00
Heinrich Schuchardt
43db07507a sandbox: keep time offset when resetting
The UEFI Self Certification Test (SCT) checks the SetTime() service with
the following steps:

* set date
* reset
* check date matches

To be compliant the sandbox should keep the offset to the host RTC during
resets. The implementation uses the environment variable
UBOOT_SB_TIME_OFFSET to persist the offset.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-01-30 14:25:42 -07:00
Patrick Delaunay
10bb90fa30 sandbox: remove ram buffer file when U-Boot is loaded by SPL
Update management of "--rm_memory" sandbox's option and force
this option when U-Boot is loaded by SPL in os_spl_to_uboot()
and remove the ram file after reading in main() as described
in option help message: "Remove memory file after reading".

This patch avoids that the file "/tmp/u-boot.mem.XXXXXX" [created in
os_jump_to_file() when U-Boot is loaded by SPL] is never deleted
because state_uninit() is not called after U-Boot execution
(CtrlC or with running pytest for example).

This issue is reproduced by
> build-sandbox_spl/spl/u-boot-spl
  and CtrlC in U-Bot console

> make qcheck

One temp file is created after each SPL and U-Boot execution
(7 tims in qcheck after test_handoff.py, test_ofplatdata.py,
 test_spl.py execution).

Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-01-05 12:24:41 -07:00
Heinrich Schuchardt
b46f30a378 sandbox: add handler for exceptions
Add a handler for SIGILL, SIGBUS, SIGSEGV.

When an exception occurs print the program counter and the loaded
UEFI binaries and reset the system if CONFIG_SANDBOX_CRASH_RESET=y
or exit to the OS otherwise.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
2020-12-13 07:58:17 -07:00
Heinrich Schuchardt
329dccc067 sandbox: implement reset
Up to now the sandbox would shutdown upon a cold reset request. Instead it
should be reset.

In our coding we use static variables like LIST_HEAD(efi_obj_list). A reset
can occur at any time, e.g. via an UEFI binary calling the reset service.
The only safe way to return to an initial state is to relaunch the U-Boot
binary.

The reset implementation uses execv() to relaunch U-Boot.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
2020-11-05 09:11:30 -07:00
Heinrich Schuchardt
c0b19f25a1 sandbox: use O_CLOEXEC in os_open()
During a cold reset execv() is used to relaunch the U-Boot binary.
We must ensure that all files are closed in this case.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
2020-11-05 09:11:30 -07:00
Heinrich Schuchardt
6eec4b04a2 sandbox: eth-raw: do not close the console input
When the sandbox eth-raw device host_lo is removed this leads to closing
the console input.

Do not call close(0).

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
2020-11-05 09:11:30 -07:00
Rasmus Villemoes
2960107a22 sandbox: also restore terminal settings when killed by SIGINT
Hitting Ctrl-C is a documented way to exit the sandbox, but it is not
actually equivalent to the reset command. The latter, since it follows
normal process exit, takes care to reset terminal settings and
restoring the O_NONBLOCK behaviour of stdin (and, in a terminal, that
is usually the same file description as stdout and stderr, i.e. some
/dev/pts/NN).

Failure to restore (remove) O_NONBLOCK from stdout/stderr can cause
very surprising and hard to debug problems back in the terminal. For
example, I had "make -j8" consistently failing without much
information about just exactly what went wrong, but sometimes I did
get a "echo: write error". I was at first afraid my disk was getting
bad, but then a simple "dmesg" _also_ failed with write error - so it
was writing to the terminal that was buggered. And both "make -j8" and
dmesg in another terminal window worked just fine.

So install a SIGINT handler so that if the chosen terminal
mode (cooked or raw-with-sigs) means Ctrl-C sends a SIGINT, we will
still call os_fd_restore(), then reraise the signal and die as usual
from SIGINT.

Before:

$ grep flags /proc/$$/fdinfo/1
flags:  0102002
$ ./u-boot
# hit Ctrl-C
$ grep flags /proc/$$/fdinfo/1
flags:  0106002

After:

$ grep flags /proc/$$/fdinfo/1
flags:  0102002
$ ./u-boot
# hit Ctrl-C
$ grep flags /proc/$$/fdinfo/1
flags:  0102002

Signed-off-by: Rasmus Villemoes <rasmus.villemoes@prevas.dk>
Reviewed-by: Simon Glass <sjg@chromium.org>
2020-04-16 08:07:57 -06:00
Simon Glass
1c8c47ec80 sandbox: Ensure that long-options array is terminated
The last member of this array is supposed to be all zeroes according to
the getopt_long() man page. Fix the function to do this.

Signed-off-by: Simon Glass <sjg@chromium.org>
2020-02-05 19:33:46 -07:00
Simon Glass
89cdb0b583 sandbox: Drop os_realloc()
Due to recent changes this function is no-longer used. Drop it.

Signed-off-by: Simon Glass <sjg@chromium.org>
2020-02-05 19:33:46 -07:00
Simon Glass
0db1b4305a sandbox: Drop use of special os_malloc() where possible
Some sandbox files are not built with U-Boot headers, so with the renamed
malloc functions there is now no need to use the special os_... allocation
functions to access the system routines. Instead we can just call them
directly.

Update the affected files accordingly.

Signed-off-by: Simon Glass <sjg@chromium.org>
2020-02-05 19:33:46 -07:00
Heinrich Schuchardt
4ecb506434 sandbox: use correct type reading /proc/self/maps
Compiling arch/sandbox/cpu/os.c results in an error

../arch/sandbox/cpu/os.c: In function ‘os_find_text_base’:
../arch/sandbox/cpu/os.c:823:12: error: cast to pointer from
integer of different size [-Werror=int-to-pointer-cast]
  823 |     base = (void *)addr;
      |            ^
cc1: all warnings being treated as errors

The size of void* differs from that of unsigned long long on 32bit
systems.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
2019-11-14 07:09:34 -06:00
Simon Glass
4a6409b74c sandbox: Correct maths in allocation routines
Allocation routines were adjusted to ensure that the returned addresses
are a multiple of the page size, but the header code was not updated to
take account of this. These routines assume that the header size is the
same as the page size which is unlikely.

At present os_realloc() does not work correctly due to this bug. The only
user is the hostfs 'ls' command, and only if the directory contains a
unusually long filename, which likely explains why this bug was not
caught earlier.

Fix this by doing the calculations using the obtained page size.

Signed-off-by: Simon Glass <sjg@chromium.org>
2019-04-23 20:26:43 -06:00
Simon Glass
001d1885f0 sandbox: Improve debugging in initcall_run_list()
At present if one of the initcalls fails on sandbox the address printing
is not help, e.g.:

  initcall sequence 0000557678967c80 failed at call 00005576709dfe1f (err=-96)

This is because U-Boot gets relocated high into memory and the relocation
offset (gd->reloc_off) does not work correctly for sandbox.

Add support for finding the base address of the text region (at least on
Linux) and use that to set the relocation offset. This makes the output
better:

  initcall sequence 0000560775957c80 failed at call 0000000000048134 (err=-96)

Then you use can use grep to see which init call failed, e.g.:

   $ grep 0000000000048134 u-boot.map
   stdio_add_devices

Of course another option is to run it with a debugger such as gdb:

   $ gdb u-boot
   ...
   (gdb) br initcall.h:41
   Breakpoint 1 at 0x4db9d: initcall.h:41. (2 locations)

Note that two locations are reported, since this function is used in both
board_init_f() and board_init_r().

   (gdb) r
   Starting program: /tmp/b/sandbox/u-boot
   [Thread debugging using libthread_db enabled]
   Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".

   U-Boot 2018.09-00264-ge0c2ba9814-dirty (Sep 22 2018 - 12:21:46 -0600)

   DRAM:  128 MiB
   MMC:

Breakpoint 1, initcall_run_list (init_sequence=0x5555559619e0 <init_sequence_f>)
    at /scratch/sglass/cosarm/src/third_party/u-boot/files/include/initcall.h:41
41				printf("initcall sequence %p failed at call %p (err=%d)\n",
   (gdb) print *init_fnc_ptr
   $1 = (const init_fnc_t) 0x55555559c114 <stdio_add_devices>
   (gdb)

Signed-off-by: Simon Glass <sjg@chromium.org>
2019-04-23 20:26:43 -06:00
Simon Glass
6b5e420137 sandbox: Fix up the debug message for the image filename
This currently prints out the wrong filename. Fix it.

Signed-off-by: Simon Glass <sjg@chromium.org>
2018-12-05 06:01:34 -07:00
Simon Glass
b847c14243 sandbox: Use memmove() to move overlapping regions
The use of strcpy() to remove characters at the start of a string is safe
in U-Boot, since we know the implementation. But in os.c we are using the
C library's strcpy() function, where this behaviour is not permitted.

Update the code to use memmove() instead.

Reported-by: Coverity (CID: 173279)
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Alexander Graf <agraf@suse.de>
2018-11-29 09:30:05 -07:00
Simon Glass
27028f186d sandbox: Boot in U-Boot through the standard call
Most architectures use jump_to_image_no_args() to jump from SPL to U-Boot.
At present sandbox is special in that it jumps in its
spl_board_load_image() call. This is not strictly correct, and means that
sandbox misses out some parts of board_init_r(), just as calling
bloblist_finish(), for example.

Change spl_board_load_image() to just identify the filename to boot, and
implement jump_to_image_no_args() to actually jump to it.

Signed-off-by: Simon Glass <sjg@chromium.org>
2018-11-26 08:25:37 -05:00
Simon Glass
65f3b1f992 sandbox: Filter arguments when starting U-Boot
The current method of starting U-Boot from U-Boot adds arguments to pass
the memory file through, so that memory is preserved. This is fine for a
single call, but if we call from TPL -> SPL -> U-Boot the arguments build
up and we have several memory files in the argument list.

Adjust the implementation to filter out arguments that we want to replace
with new ones. Also print a useful error if the exec() call fails.

Signed-off-by: Simon Glass <sjg@chromium.org>
2018-11-26 08:25:37 -05:00
Simon Glass
fc1f58a4da sandbox: Use malloc() and free() from os layer
At present sandbox calls malloc() from various places in the OS layer and
this results in calls to U-Boot's malloc() implementation. It is better to
use the on in the OS layer, since it does not mix allocations with the
main U-Boot code.

Fix this by replacing calls with malloc() to os_malloc(), etc.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Joe Hershberger <joe.hershberger@ni.com>
2018-11-26 08:25:37 -05:00
Simon Glass
7b5ea14527 sandbox: Refactor code to create os_jump_to_file()
At present os_jump_to_image() jumps to a given image, and this is written
to a file. But it is useful to be able to jump to a file also.

To avoid duplicating code, split out the implementation of
os_jump_to_image() into a new function that jumps to a file.

Signed-off-by: Simon Glass <sjg@chromium.org>
2018-11-26 08:25:36 -05:00
Simon Glass
566bf3a869 sandbox: Add a function to read a host file
Add a way to read a file from the host filesystem. This can be useful for
reading test data, for example. Also fix up the writing function which was
not the right version, and drop the debugging lines.

Signed-off-by: Simon Glass <sjg@chromium.org>
2018-11-20 19:14:22 -07:00
Simon Glass
bd8b74551b sandbox: Try to start the RAM buffer at a particular address
Use a starting address of 256MB which should be available. This helps to
make sandbox RAM buffers pointers more recognisable.

Signed-off-by: Simon Glass <sjg@chromium.org>
2018-11-14 09:16:27 -08:00
Simon Glass
4af3e9ad8a sandbox: Restore blocking I/O on exit
At present sandbox sets non-blocking I/O as soon as any input is read
from the terminal. However it does not restore the previous state on
exit. Fix this and drop the old os_read_no_block() function.

This means that we always enable blocking I/O in sandbox (if input is a
terminal) whereas previously it would only happen on the first call to
tstc() or getc(). However, the difference is likely not important.

Signed-off-by: Simon Glass <sjg@chromium.org>
2018-10-09 04:40:27 -06:00
Simon Glass
69bc15d5ff sandbox: Support booting from TPL to SPL
At present we support booting from SPL to U-Boot proper. Add support for
the previous stage too, so sandbox can be started with TPL.

Signed-off-by: Simon Glass <sjg@chromium.org>
2018-10-09 04:40:26 -06:00
Simon Glass
056a5cea31 sandbox: Add a way to write data to the host filesystem
For debugging it is sometimes useful to write out data for inspection
using an external tool. Add a function which can write this data to a
given file.

Signed-off-by: Simon Glass <sjg@chromium.org>
2018-10-09 04:40:26 -06:00
Simon Glass
50b288aca3 sandbox: Support file truncation with os_open()
At present files are not truncated on writing. This is a useful feature.
Add support for this.

Signed-off-by: Simon Glass <sjg@chromium.org>
2018-10-09 04:40:26 -06:00
Simon Glass
9f8037ea9c sandbox: Unprotect DATA regions in bus tests
On my Ubuntu 18.04.1 machine two driver-model bus tests have started
failing recently. The problem appears to be that the DATA region of the
executable is protected. This does not seem correct, but perhaps there
is a reason.

To work around it, unprotect the regions in these tests before accessing
them.

Signed-off-by: Simon Glass <sjg@chromium.org>
2018-10-08 07:34:34 -06:00
Alexander Graf
6e6e4b2f73 sandbox: Allow to execute from RAM
With efi_loader, we may want to execute payloads from RAM. By default,
permissions on the RAM region don't allow us to execute from there though.

So let's change the default allocation scheme for RAM to also allow
execution from it. That way payloads that live in U-Boot RAM can be
directly executed.

Signed-off-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
2018-09-23 21:55:30 +02:00
Alexander Graf
3fcb714758 sandbox: Fix setjmp/longjmp
In sandbox, longjmp returns to itself in an endless loop because
os_longjmp() calls into longjmp() which is provided by U-Boot which
again calls os_longjmp().

Setjmp on the other hand must not return because otherwise the
return freees up stack elements that we need during longjmp().

The only straight forward fix that doesn't involve nasty hacks I
could find is to directly link against the system setjmp/longjmp
implementations. That means we just provide the compiler with
hints that the symbol will be available and actually fill them
out with versions from libc.

This approach should be reasonably platform agnostic

Signed-off-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
2018-09-23 21:55:30 +02:00
Simon Glass
fe938fb0df sandbox: Add support for calling abort()
This function is useful to signal that the application needs to exit
immediate. It can be caught with a debugger (e.g. gdb). Add a stub for it
so that it can be called from within sandbox when an internal error
occurs.

Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
2018-09-23 21:55:30 +02:00
Simon Glass
613185023f sandbox: Align RAM buffer to the machine page size
At present the sandbox RAM buffer is not aligned to any particular
address boundary. This makes the internal pointers somewhat random with
respect to the associated RAM buffer addresses.

Align the buffer to the page size of the machine to help with this. Note
that there is a header at the start of the allocated pointer. To avoid
returning a pointer which is not aligned to a page boundary, we waste
almost an entire page of memory for each allocation.

Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
2018-09-23 21:55:30 +02:00
Simon Glass
30eef21fa0 sandbox: Add a setjmp() implementation
Add an implementation of setjmp() and longjmp() which rely on the
underlying host C library. Since we cannot know how large the jump buffer
needs to be, pick something that should be suitable and check it at
runtime. At present we need access to the underlying struct as well.

Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
2018-06-03 15:27:21 +02:00
Tom Rini
83d290c56f SPDX: Convert all of our single license tags to Linux Kernel style
When U-Boot started using SPDX tags we were among the early adopters and
there weren't a lot of other examples to borrow from.  So we picked the
area of the file that usually had a full license text and replaced it
with an appropriate SPDX-License-Identifier: entry.  Since then, the
Linux Kernel has adopted SPDX tags and they place it as the very first
line in a file (except where shebangs are used, then it's second line)
and with slightly different comment styles than us.

In part due to community overlap, in part due to better tag visibility
and in part for other minor reasons, switch over to that style.

This commit changes all instances where we have a single declared
license in the tag as both the before and after are identical in tag
contents.  There's also a few places where I found we did not have a tag
and have introduced one.

Signed-off-by: Tom Rini <trini@konsulko.com>
2018-05-07 09:34:12 -04:00
Simon Glass
0b189b6ce1 Revert "sandbox: remove os_putc() and os_puts()"
While sandbox works OK without the special-case code, it does result in
console output being stored in the pre-console buffer while sandbox starts
up. If there is a crash or a problem then there is no indication of what
is going on.

For ease of debugging it seems better to revert this change.

This reverts commit 47b98ad0f6.

Signed-off-by: Simon Glass <sjg@chromium.org>
2017-12-07 15:17:00 -05:00
Heinrich Schuchardt
04d0da5157 sandbox: avoid memory leak in os_dirent_ls
Realloc does not free the old memory area if it fails.

Identified by cppcheck.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
2017-10-08 20:41:09 -06:00
Masahiro Yamada
47b98ad0f6 sandbox: remove os_putc() and os_puts()
They are unused since commit d8c6fb8ced ("sandbox: Drop special
case console code for sandbox").

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Acked-by: Simon Glass <sjg@chromium.org>
2017-07-28 12:02:47 -06:00
Tom Rini
e2bc87d41c sandbox: Fix comparison of unsigned enum expression warning
In os_dirent_get_typename() we are checking that type falls within the
known values of the enum os_dirent_t.  With clang-3.8 testing this value
as being >= 0 results in a warning as it will always be true.  This
assumes of course that we are only given valid data.  Given that we want
to sanity check the input, we change this to check that it falls within
the range of the first to the last entry in the given enum.

Cc: Simon Glass <sjg@chromium.org>
Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2017-06-08 20:21:59 -06:00
Stefan Brüns
2f159402d9 sandbox/fs: Set correct filetype for unknown filetype
The "hostfs ls" command prefixes each directory entry with either DIR,
LNK or "   " if it is a directory, symlink resp. regular file, or
"???" for any other or unknown type.
The latter only works if the type is set correctly, as the entry defaults
to OS_FILET_REG and e.g. socket files show up as regular files.

Signed-off-by: Stefan Brüns <stefan.bruens@rwth-aachen.de>
Acked-by: Simon Glass <sjg@chromium.org>
2016-10-11 10:17:08 -06:00
Stefan Brüns
bf635ed091 sandbox/fs: Use readdir instead of deprecated readdir_r
Using readdir_r limits the maximum file name length and may even be
unsafe, and is thus deprecated in since glibc 2.24.

Signed-off-by: Stefan Brüns <stefan.bruens@rwth-aachen.de>
Acked-by: Simon Glass <sjg@chromium.org>
2016-10-11 10:17:07 -06:00
Stefan Brüns
f189899c2f sandbox/fs: Use correct size path name buffer
The readdir linux manpage explicitly states (quoting POSIX.1) that
sizeof(d_name) is not correct for determining the required size, but to
always use strlen. Grow the buffer if needed.

Signed-off-by: Stefan Brüns <stefan.bruens@rwth-aachen.de>
Acked-by: Simon Glass <sjg@chromium.org>
2016-10-11 10:17:07 -06:00