diff options
author | Nico Huber <nico.h@gmx.de> | 2024-01-11 18:59:24 +0100 |
---|---|---|
committer | Felix Held <felix-coreboot@felixheld.de> | 2024-08-11 17:07:32 +0000 |
commit | af0d4bce65df277b56e495892dff1c712ed76ddd (patch) | |
tree | 73aef7f8fb6301f0af8e08e3f7f78823d0ebdfe6 /src/include/cpu/x86/smm.h | |
parent | 0e9830884c118735ad0122c81156473d91f57cf1 (diff) |
region: Introduce region_create() functions
We introduce two new functions to create region objects. They allow us
to check for integer overflows (region_create_untrusted()) or assert
their absence (region_create()).
This fixes potential overflows in region_overlap() checks in SMI
handlers, where we would wrongfully report MMIO as *not* overlapping
SMRAM.
Also, two cases of strtol() in parse_region() (cbfstool), where the
results were implicitly converted to `size_t`, are replaced with the
unsigned strtoul().
FIT payload support is left out, as it doesn't use the region API
(only the struct).
Change-Id: I4ae3e6274c981c9ab4fb1263c2a72fa68ef1c32b
Ticket: https://ticket.coreboot.org/issues/522
Found-by: Vadim Zaliva <lord@digamma.ai>
Signed-off-by: Nico Huber <nico.h@gmx.de>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/79905
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Felix Held <felix-coreboot@felixheld.de>
Diffstat (limited to 'src/include/cpu/x86/smm.h')
-rw-r--r-- | src/include/cpu/x86/smm.h | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/src/include/cpu/x86/smm.h b/src/include/cpu/x86/smm.h index 44a1086e4f..b552d33b5a 100644 --- a/src/include/cpu/x86/smm.h +++ b/src/include/cpu/x86/smm.h @@ -142,7 +142,10 @@ bool smm_region_overlaps_handler(const struct region *r); /* Returns true if the memory pointed to overlaps with SMM reserved memory. */ static inline bool smm_points_to_smram(const void *ptr, const size_t len) { - const struct region r = {(uintptr_t)ptr, len}; + struct region r; + + if (region_create_untrusted(&r, (uintptr_t)ptr, len) != CB_SUCCESS) + return true; /* Play it safe and pretend it overlaps if we can't tell. */ return smm_region_overlaps_handler(&r); } |