mirror of
https://git.openwrt.org/openwrt/openwrt.git
synced 2024-06-13 10:49:13 +02:00
87b8f095af
With gcc10 the variables are placed more tightly to each other, which uncovers a long existing bug in the lantiq DMA code. It can be observed when using tftpboot with the filename parameter, which gets reset during the tftpboot execution. NetRxPackets[] points to cache line size aligned addresses. In ltq_eth_rx_packet_align() the address NetRxPackets[] points to is increased by LTQ_ETH_IP_ALIGN and the resulting not cache aligned address is used further on. While doing so, the length/size is never updated. The "not cache aligned address" + len/size for a cache aligned address is passed to invalidate_dcache_range(). Hence, invalidate_dcache_range() invalidates the next 32 bit as well, which flashes the BootFile variable as well. variable BootFile is at address: 0x83ffe12c NetRxPackets[] points to 0x83ffdb20 (len is 0x600) data points to: 0x83ffdb22 (len is 0x600) ltq_dma_dcache_inv: 0x83ffdb22 (for len 0x600) invalidate_dcache_range: 0x83ffdb20 to 0x83ffe120 (size: 32) invalidate_dcache_range: 0x83ffdb20 to 0x83ffdb40 (Bootfile: a.bin) ... invalidate_dcache_range: 0x83ffe100 to 0x83ffe120 (Bootfile: a.bin) invalidate_dcache_range: 0x83ffe120 to 0x83ffe140 (Bootfile: ) In ltq_dma_tx_map() and ltq_dma_rx_map() the start address passed to ltq_dma_dcache_wb_inv() is incorrect. By considering the offset, the start address passed to flush_dcache_range() is always aligned to 32, 64 or 128 bytes dependent on configured DMA burst size. Fixes: FS#4113 Signed-off-by: Mathias Kresin <dev@kresin.me> |
||
|---|---|---|
| .. | ||
| base-files | ||
| boot | ||
| devel | ||
| firmware | ||
| kernel | ||
| libs | ||
| network | ||
| system | ||
| utils | ||
| Makefile | ||