diff options
author | Himanshu Chauhan <hchauhan@ventanamicro.com> | 2023-01-09 08:20:41 +0300 |
---|---|---|
committer | Anup Patel <anup@brainfault.org> | 2023-01-09 15:34:25 +0300 |
commit | 3e2f573e707e78c7e00a977b28ce917ff051e69d (patch) | |
tree | a96863b9fa7772be4a33c11ea37fba58336cf04e /lib/utils | |
parent | 20646e0184e23cacfeb951060d33881453d14772 (diff) | |
download | opensbi-3e2f573e707e78c7e00a977b28ce917ff051e69d.tar.xz |
lib: utils: Disallow non-root domains from adding M-mode regions
The M-mode regions can only be added to the root domain. The non-root
domains shouldn't be able to add them from FDT.
Signed-off-by: Himanshu Chauhan <hchauhan@ventanamicro.com>
Reviewed-by: Anup Patel <anup@brainfault.org>
Tested-by: Anup Patel <anup@brainfault.org>
Diffstat (limited to 'lib/utils')
-rw-r--r-- | lib/utils/fdt/fdt_domain.c | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/lib/utils/fdt/fdt_domain.c b/lib/utils/fdt/fdt_domain.c index 45612ef..2b51a8e 100644 --- a/lib/utils/fdt/fdt_domain.c +++ b/lib/utils/fdt/fdt_domain.c @@ -239,6 +239,20 @@ static int __fdt_parse_region(void *fdt, int domain_offset, u32 *region_count = opaque; struct sbi_domain_memregion *region; + /* + * Non-root domains cannot add a region with only M-mode + * access permissions. M-mode regions can only be part of + * root domain. + * + * SU permission bits can't be all zeroes and M-mode permission + * bits must be all set. + */ + if (!((region_access & SBI_DOMAIN_MEMREGION_SU_ACCESS_MASK) + & SBI_DOMAIN_MEMREGION_SU_RWX) + && ((region_access & SBI_DOMAIN_MEMREGION_M_ACCESS_MASK) + & SBI_DOMAIN_MEMREGION_M_RWX)) + return SBI_EINVAL; + /* Find next region of the domain */ if (FDT_DOMAIN_REGION_MAX_COUNT <= *region_count) return SBI_EINVAL; |