lib: utils/irqchip: plic: Ensure no out-of-bound access in context save/restore helpers

Currently the context save/restore helpers writes/reads the provided array using an index whose maximum value is determined by PLIC, which potentially may disagree with the caller to these helpers. Add a parameter to ask the caller to provide the size limit of the array to ensure no out-of-bound access happens. Signed-off-by: Bin Meng <bmeng@tinylab.org> Reviewed-by: Anup Patel <anup@brainfault.org>
author: Bin Meng <bmeng@tinylab.org> 2022-12-11 09:54:24 +0300
committer: Anup Patel <anup@brainfault.org> 2022-12-17 06:33:30 +0300
commit: 9a2eeb4aaeac9102a7db3676035d83394784c88b (patch)
tree: a1969ea5d42c251b3d17890e9e74fb537b7da09d
parent: fabbc006687a0fddeabb7a3effabb3a8e1c81c48 (diff)
download: opensbi-9a2eeb4aaeac9102a7db3676035d83394784c88b.tar.xz
5 files changed, 23 insertions, 14 deletions
diff --git a/include/sbi_utils/irqchip/fdt_irqchip_plic.h b/include/sbi_utils/irqchip/fdt_irqchip_plic.h
index d5b1c60..df645dd 100644
--- a/include/sbi_utils/irqchip/fdt_irqchip_plic.h
+++ b/include/sbi_utils/irqchip/fdt_irqchip_plic.h
@@ -23,9 +23,10 @@ void fdt_plic_priority_save(u8 *priority, u32 num);
  */
 void fdt_plic_priority_restore(const u8 *priority, u32 num);
 
-void fdt_plic_context_save(bool smode, u32 *enable, u32 *threshold);
+void fdt_plic_context_save(bool smode, u32 *enable, u32 *threshold, u32 num);
 
-void fdt_plic_context_restore(bool smode, const u32 *enable, u32 threshold);
+void fdt_plic_context_restore(bool smode, const u32 *enable, u32 threshold,
+			      u32 num);
 
 void thead_plic_restore(void);
 
diff --git a/include/sbi_utils/irqchip/plic.h b/include/sbi_utils/irqchip/plic.h
index 38704a1..112a714 100644
--- a/include/sbi_utils/irqchip/plic.h
+++ b/include/sbi_utils/irqchip/plic.h
@@ -24,10 +24,10 @@ void plic_priority_restore(const struct plic_data *plic, const u8 *priority,
 			   u32 num);
 
 void plic_context_save(const struct plic_data *plic, int context_id,
-		       u32 *enable, u32 *threshold);
+		       u32 *enable, u32 *threshold, u32 num);
 
 void plic_context_restore(const struct plic_data *plic, int context_id,
-			  const u32 *enable, u32 threshold);
+			  const u32 *enable, u32 threshold, u32 num);
 
 int plic_context_init(const struct plic_data *plic, int context_id,
 		      bool enable, u32 threshold);
diff --git a/lib/utils/irqchip/fdt_irqchip_plic.c b/lib/utils/irqchip/fdt_irqchip_plic.c
index 1c37512..1aadf91 100644
--- a/lib/utils/irqchip/fdt_irqchip_plic.c
+++ b/lib/utils/irqchip/fdt_irqchip_plic.c
@@ -38,22 +38,23 @@ void fdt_plic_priority_restore(const u8 *priority, u32 num)
 	plic_priority_restore(plic, priority, num);
 }
 
-void fdt_plic_context_save(bool smode, u32 *enable, u32 *threshold)
+void fdt_plic_context_save(bool smode, u32 *enable, u32 *threshold, u32 num)
 {
 	u32 hartid = current_hartid();
 
 	plic_context_save(plic_hartid2data[hartid],
 			  plic_hartid2context[hartid][smode],
-			  enable, threshold);
+			  enable, threshold, num);
 }
 
-void fdt_plic_context_restore(bool smode, const u32 *enable, u32 threshold)
+void fdt_plic_context_restore(bool smode, const u32 *enable, u32 threshold,
+			      u32 num)
 {
 	u32 hartid = current_hartid();
 
 	plic_context_restore(plic_hartid2data[hartid],
 			     plic_hartid2context[hartid][smode],
-			     enable, threshold);
+			     enable, threshold, num);
 }
 
 static int irqchip_plic_warm_init(void)
diff --git a/lib/utils/irqchip/plic.c b/lib/utils/irqchip/plic.c
index 0a1596c..d633514 100644
--- a/lib/utils/irqchip/plic.c
+++ b/lib/utils/irqchip/plic.c
@@ -92,22 +92,28 @@ static void plic_set_ie(const struct plic_data *plic, u32 cntxid,
 }
 
 void plic_context_save(const struct plic_data *plic, int context_id,
-		       u32 *enable, u32 *threshold)
+		       u32 *enable, u32 *threshold, u32 num)
 {
 	u32 ie_words = plic->num_src / 32 + 1;
 
-	for (u32 i = 0; i < ie_words; i++)
+	if (num > ie_words)
+		num = ie_words;
+
+	for (u32 i = 0; i < num; i++)
 		enable[i] = plic_get_ie(plic, context_id, i);
 
 	*threshold = plic_get_thresh(plic, context_id);
 }
 
 void plic_context_restore(const struct plic_data *plic, int context_id,
-			  const u32 *enable, u32 threshold)
+			  const u32 *enable, u32 threshold, u32 num)
 {
 	u32 ie_words = plic->num_src / 32 + 1;
 
-	for (u32 i = 0; i < ie_words; i++)
+	if (num > ie_words)
+		num = ie_words;
+
+	for (u32 i = 0; i < num; i++)
 		plic_set_ie(plic, context_id, i, enable[i]);
 
 	plic_set_thresh(plic, context_id, threshold);
diff --git a/platform/generic/allwinner/sun20i-d1.c b/platform/generic/allwinner/sun20i-d1.c
index 1f27575..1da9e5b 100644
--- a/platform/generic/allwinner/sun20i-d1.c
+++ b/platform/generic/allwinner/sun20i-d1.c
@@ -78,7 +78,7 @@ static u32 plic_threshold;
 
 static void sun20i_d1_plic_save(void)
 {
-	fdt_plic_context_save(true, plic_sie, &plic_threshold);
+	fdt_plic_context_save(true, plic_sie, &plic_threshold, PLIC_IE_WORDS);
 	fdt_plic_priority_save(plic_priority, PLIC_SOURCES);
 }
 
@@ -86,7 +86,8 @@ static void sun20i_d1_plic_restore(void)
 {
 	thead_plic_restore();
 	fdt_plic_priority_restore(plic_priority, PLIC_SOURCES);
-	fdt_plic_context_restore(true, plic_sie, plic_threshold);
+	fdt_plic_context_restore(true, plic_sie, plic_threshold,
+				 PLIC_IE_WORDS);
 }
 
 /*
author	Bin Meng <bmeng@tinylab.org>	2022-12-11 09:54:24 +0300
committer	Anup Patel <anup@brainfault.org>	2022-12-17 06:33:30 +0300
commit	9a2eeb4aaeac9102a7db3676035d83394784c88b (patch)
tree	a1969ea5d42c251b3d17890e9e74fb537b7da09d
parent	fabbc006687a0fddeabb7a3effabb3a8e1c81c48 (diff)
download	opensbi-9a2eeb4aaeac9102a7db3676035d83394784c88b.tar.xz