On Thu, Aug 12, 2021 at 03:28:31PM +0000, Pierre-Clément Tosi wrote:
> Avoid applying the "fix" introduced by commit 5557eec01cbf ("env: Fix
> invalid env handling in env_init()") to the environment "nowhere".
>
> This is necessary as that commit, by setting the return value of
> env_init() to -ENOENT if gd->env_valid is ENV_INVALID, forces that
> function to reset gd->env_valid to ENV_VALID. By doing so, it breaks the
> assumption (required by ENV_IS_NOWHERE) that gd->env_valid must be
> ENV_INVALID.
>
> This, in turn, results in env_relocate() calling env_load() (it should
> not), which itself, calls U_BOOT_ENV_LOCATION(nowhere).load() i.e.
> env_nowhere_load(). That function, being implemented under the
> assumption mentioned above, calls env_set_default(), which in turn,
> seeing that gd->env_valid is ENV_VALID (it should not), tries to
> dereference whatever lies in gd->env_addr (most likely garbage), leading
> to a faulty memory access.
>
> Note that other env_locations might be concerned by this bug but that
> this commit only intends to fix it for when ENV_IS_NOWHERE.
>
> Fixes: 5557eec01cbf ("env: Fix invalid env handling in env_init()")
> Signed-off-by: Pierre-Clément Tosi <pt...@google.com>Applied to u-boot/next, thanks! -- Tom
signature.asc
Description: PGP signature
