diff options
author | Nico Huber <nico.h@gmx.de> | 2024-01-11 18:59:24 +0100 |
---|---|---|
committer | Felix Held <felix-coreboot@felixheld.de> | 2024-08-11 17:07:32 +0000 |
commit | af0d4bce65df277b56e495892dff1c712ed76ddd (patch) | |
tree | 73aef7f8fb6301f0af8e08e3f7f78823d0ebdfe6 /src/commonlib/include | |
parent | 0e9830884c118735ad0122c81156473d91f57cf1 (diff) |
region: Introduce region_create() functions
We introduce two new functions to create region objects. They allow us
to check for integer overflows (region_create_untrusted()) or assert
their absence (region_create()).
This fixes potential overflows in region_overlap() checks in SMI
handlers, where we would wrongfully report MMIO as *not* overlapping
SMRAM.
Also, two cases of strtol() in parse_region() (cbfstool), where the
results were implicitly converted to `size_t`, are replaced with the
unsigned strtoul().
FIT payload support is left out, as it doesn't use the region API
(only the struct).
Change-Id: I4ae3e6274c981c9ab4fb1263c2a72fa68ef1c32b
Ticket: https://ticket.coreboot.org/issues/522
Found-by: Vadim Zaliva <lord@digamma.ai>
Signed-off-by: Nico Huber <nico.h@gmx.de>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/79905
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Felix Held <felix-coreboot@felixheld.de>
Diffstat (limited to 'src/commonlib/include')
-rw-r--r-- | src/commonlib/include/commonlib/region.h | 24 |
1 files changed, 20 insertions, 4 deletions
diff --git a/src/commonlib/include/commonlib/region.h b/src/commonlib/include/commonlib/region.h index 25efcc8724..45a3b8d7b7 100644 --- a/src/commonlib/include/commonlib/region.h +++ b/src/commonlib/include/commonlib/region.h @@ -6,6 +6,7 @@ #include <sys/types.h> #include <stddef.h> #include <stdbool.h> +#include <commonlib/bsd/cb_err.h> #include <commonlib/bsd/helpers.h> #include <commonlib/mem_pool.h> @@ -94,10 +95,20 @@ struct region_device { }, \ } -/* Helper to dynamically initialize region device. */ -void region_device_init(struct region_device *rdev, - const struct region_device_ops *ops, size_t offset, - size_t size); +static inline struct region region_create(size_t offset, size_t size) +{ + assert(offset + size - 1 >= offset); + return (struct region){ .offset = offset, .size = size }; +} + +static inline enum cb_err region_create_untrusted( + struct region *r, unsigned long long offset, unsigned long long size) +{ + if (offset > SIZE_MAX || size > SIZE_MAX || (size_t)(offset + size - 1) < offset) + return CB_ERR_ARG; + *r = (struct region){ .offset = offset, .size = size }; + return CB_SUCCESS; +} /* Return 1 if child is subregion of parent, else 0. */ int region_is_subregion(const struct region *p, const struct region *c); @@ -123,6 +134,11 @@ static inline bool region_overlap(const struct region *r1, const struct region * (region_offset(r1) < region_end(r2)); } +/* Helper to dynamically initialize region device. */ +void region_device_init(struct region_device *rdev, + const struct region_device_ops *ops, size_t offset, + size_t size); + static inline const struct region *region_device_region( const struct region_device *rdev) { |