libpayload: Fix reading x86 CBFS images from RAM

Three issues:
 1. the hardcoded dereferenced pointer at 0xfffffffc
 2. "RAM media" has no idea about ROM relative addresses
 3. off-by-one in RAM media: it's legal to request 4 bytes from 0xfffffffc

Change-Id: I671ac12d412c71dc8e8e6114f2ea13f58dd99c1d
Signed-off-by: Patrick Georgi <patrick@georgi-clan.de>
Reviewed-on: http://review.coreboot.org/2624
Tested-by: build bot (Jenkins)
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Hung-Te Lin <hungte@chromium.org>

payloads/libpayload/libcbfs/cbfs.c

@@ -65,8 +65,14 @@
 #if defined(CONFIG_CBFS_HEADER_ROM_OFFSET) && (CONFIG_CBFS_HEADER_ROM_OFFSET)
 # define CBFS_HEADER_ROM_ADDRESS (CONFIG_CBFS_HEADER_ROM_OFFSET)
 #else
-// Indirect address: only works on 32bit top-aligned systems.
-# define CBFS_HEADER_ROM_ADDRESS (*(uint32_t*)0xfffffffc)
+/* ugly hack: this assumes that "media" exists
+              in the scope where the macro is used. */
+static uint32_t fetch_x86_header(struct cbfs_media *media)
+{
+	uint32_t *header_ptr = media->map(media, 0xfffffffc, 4);
+	return *header_ptr;
+}
+# define CBFS_HEADER_ROM_ADDRESS fetch_x86_header(media)
 #endif
 
 #include "cbfs_core.c"