ipl3: add fatal error in case a ELF segment does not fit RDRAM

rasky · rasky · commit 4778344ba080 · 2025-02-18T23:13:23.000+01:00
diff --git a/boot/loader.c b/boot/loader.c
@@ -159,6 +159,15 @@ static const char MSG_ELF_OFFSET_NOT_ALIGNED[] = {
     _('A'), _('L'), _('I'), _('G'), _('N'), _('E'), _('D'), 0
 };
 
+// "ELF SEGMENT TOO LARGE"
+__attribute__((aligned(1)))
+static const char MSG_ELF_SEGMENT_TOO_LARGE[] = {
+    _('E'), _('L'), _('F'), _(' '),
+    _('S'), _('E'), _('G'), _('M'), _('E'), _('N'), _('T'), _(' '),
+    _('T'), _('O'), _('O'), _(' '),
+    _('L'), _('A'), _('R'), _('G'), _('E'), 0
+};
+
 #undef _
 
 __attribute__((noreturn))
@@ -251,6 +260,7 @@ void stage2(void)
 
     // Store the ELF offset in the boot flags
     *(uint32_t*)0xA400000C = elf_header << 8;
+    uint32_t ramsize = *(uint32_t*)0xA4000000;
 
     // Check if the ELF is 32/64 bit, and if it's big/little endian
     uint32_t elf_type = io_read32(elf_header + 0x4);
@@ -282,6 +292,7 @@ void stage2(void)
         uint32_t vaddr = phdr[elf64 ? 5 : 2];
         uint32_t paddr = phdr[elf64 ? 7 : 3];
         uint32_t size = phdr[elf64 ? 9 : 4];
+        uint32_t memsize = phdr[elf64 ? 11 : 5];
         uint32_t flags = phdr[elf64 ? 1 : 6];
 
         if (phdr[0] == PT_N64_DECOMP) {
@@ -300,6 +311,8 @@ void stage2(void)
 
         if (!size) continue;
 
+        debugf("Segment ", i, phdr[0], offset, vaddr, paddr, size, memsize, flags);
+
         // Make sure we can do PI DMA
         if ((vaddr % 8) != 0) {
             debugf("ELF: vaddr is not 8-byte aligned in segment");
@@ -309,8 +322,10 @@ void stage2(void)
             debugf("ELF: file offset is not 2-byte aligned in segment");
             fatal(MSG_ELF_OFFSET_NOT_ALIGNED);
         }
-
-        debugf("Segment ", i, phdr[0], offset, vaddr, size, flags);
+        if ((flags & PF_N64_COMPRESSED ? paddr : vaddr) + memsize > 0x80000000 + ramsize) {
+            debugf("ELF: segment does not fit in RDRAM");
+            fatal(MSG_ELF_SEGMENT_TOO_LARGE);
+        }
 
         // Load the segment into RDRAM. Notice that we don't need to clear
         // extra size at the end of the segment (as specified by phdr[5])
