diff options
author | Jacob Garber <jgarber1@ualberta.ca> | 2019-07-22 13:31:38 -0600 |
---|---|---|
committer | Patrick Georgi <pgeorgi@google.com> | 2019-07-29 06:08:21 +0000 |
commit | 767c4b28998aff563c36e2f2000e4768b68add8f (patch) | |
tree | 6bfec62675992f5ecda676cec182b294638ddf59 /src/include/fit.h | |
parent | 5592cfd5b3dc0478af5e9ddd65f8169214860575 (diff) |
soc/intel/baytrail: Prevent unintended sign extensions
Consider the following assignment:
u64 = s32
For positive values this is fine, but if the s32 is negative, it will be
sign-extended in the conversion to a very large unsigned integer. This
manifests itself in two ways in the following code:
First, gpu_pipe{a,b}_port_select are defined as int, and can have the
values 1 or 2. In the case when they have the value 2, the shift 2 << 30
will be a negative number, making it susceptible to the sign-extension
problem above. Change these variables to something more reasonable like
a uint8_t, which is unsigned.
Second, in any bit shift, any variable with width less than an int will
be implicitly promoted to an int before performing the bit shift.
For example, the variable gpu_pipea_power_on_delay is a uint16_t, and if its
highest bit is set, the shift gpu_pipea_power_on_delay << 16 will become
negative, again introducing the above problem. To prevent this, cast all
smaller variables to a u32 before the shift, which will prevent the
implicit promotions and sign extensions.
Change-Id: Ic5db6001504cefb501dee199590a0e961a15771b
Signed-off-by: Jacob Garber <jgarber1@ualberta.ca>
Found-by: Coverity CID 1229699, 1229700, 1229701, 1229702
Reviewed-on: https://review.coreboot.org/c/coreboot/+/34487
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-by: Alexander Couzens <lynxis@fe80.eu>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Diffstat (limited to 'src/include/fit.h')
0 files changed, 0 insertions, 0 deletions