summaryrefslogtreecommitdiff
path: root/src/commonlib/include
diff options
context:
space:
mode:
authorNico Huber <nico.h@gmx.de>2024-01-11 18:59:24 +0100
committerFelix Held <felix-coreboot@felixheld.de>2024-08-11 17:07:32 +0000
commitaf0d4bce65df277b56e495892dff1c712ed76ddd (patch)
tree73aef7f8fb6301f0af8e08e3f7f78823d0ebdfe6 /src/commonlib/include
parent0e9830884c118735ad0122c81156473d91f57cf1 (diff)
region: Introduce region_create() functions
We introduce two new functions to create region objects. They allow us to check for integer overflows (region_create_untrusted()) or assert their absence (region_create()). This fixes potential overflows in region_overlap() checks in SMI handlers, where we would wrongfully report MMIO as *not* overlapping SMRAM. Also, two cases of strtol() in parse_region() (cbfstool), where the results were implicitly converted to `size_t`, are replaced with the unsigned strtoul(). FIT payload support is left out, as it doesn't use the region API (only the struct). Change-Id: I4ae3e6274c981c9ab4fb1263c2a72fa68ef1c32b Ticket: https://ticket.coreboot.org/issues/522 Found-by: Vadim Zaliva <lord@digamma.ai> Signed-off-by: Nico Huber <nico.h@gmx.de> Reviewed-on: https://review.coreboot.org/c/coreboot/+/79905 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Felix Held <felix-coreboot@felixheld.de>
Diffstat (limited to 'src/commonlib/include')
-rw-r--r--src/commonlib/include/commonlib/region.h24
1 files changed, 20 insertions, 4 deletions
diff --git a/src/commonlib/include/commonlib/region.h b/src/commonlib/include/commonlib/region.h
index 25efcc8724..45a3b8d7b7 100644
--- a/src/commonlib/include/commonlib/region.h
+++ b/src/commonlib/include/commonlib/region.h
@@ -6,6 +6,7 @@
#include <sys/types.h>
#include <stddef.h>
#include <stdbool.h>
+#include <commonlib/bsd/cb_err.h>
#include <commonlib/bsd/helpers.h>
#include <commonlib/mem_pool.h>
@@ -94,10 +95,20 @@ struct region_device {
}, \
}
-/* Helper to dynamically initialize region device. */
-void region_device_init(struct region_device *rdev,
- const struct region_device_ops *ops, size_t offset,
- size_t size);
+static inline struct region region_create(size_t offset, size_t size)
+{
+ assert(offset + size - 1 >= offset);
+ return (struct region){ .offset = offset, .size = size };
+}
+
+static inline enum cb_err region_create_untrusted(
+ struct region *r, unsigned long long offset, unsigned long long size)
+{
+ if (offset > SIZE_MAX || size > SIZE_MAX || (size_t)(offset + size - 1) < offset)
+ return CB_ERR_ARG;
+ *r = (struct region){ .offset = offset, .size = size };
+ return CB_SUCCESS;
+}
/* Return 1 if child is subregion of parent, else 0. */
int region_is_subregion(const struct region *p, const struct region *c);
@@ -123,6 +134,11 @@ static inline bool region_overlap(const struct region *r1, const struct region *
(region_offset(r1) < region_end(r2));
}
+/* Helper to dynamically initialize region device. */
+void region_device_init(struct region_device *rdev,
+ const struct region_device_ops *ops, size_t offset,
+ size_t size);
+
static inline const struct region *region_device_region(
const struct region_device *rdev)
{