All of lore.kernel.org
 help / color / mirror / Atom feed
From: Andrew Scull <ascull@google.com>
To: u-boot@lists.denx.de
Cc: sjg@chromium.org, bmeng.cn@gmail.com, trini@konsulko.com,
	 Andrew Scull <ascull@google.com>
Subject: [PATCH v3 09/18] pci: Check region ranges are addressable
Date: Thu, 21 Apr 2022 16:11:07 +0000	[thread overview]
Message-ID: <20220421161116.1202023-10-ascull@google.com> (raw)
In-Reply-To: <20220421161116.1202023-1-ascull@google.com>

When parsing the `ranges` DT node, check that both extremes of the
regions are addressable without overflow. This assumption can then be
safely made when processing the regions.

Signed-off-by: Andrew Scull <ascull@google.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
---
 drivers/pci/pci-uclass.c | 17 ++++++++++++++++-
 1 file changed, 16 insertions(+), 1 deletion(-)

diff --git a/drivers/pci/pci-uclass.c b/drivers/pci/pci-uclass.c
index 8bbeb62f2e..0424cd339e 100644
--- a/drivers/pci/pci-uclass.c
+++ b/drivers/pci/pci-uclass.c
@@ -1013,7 +1013,22 @@ static void decode_regions(struct pci_controller *hose, ofnode parent_node,
 
 		if (!IS_ENABLED(CONFIG_SYS_PCI_64BIT) &&
 		    type == PCI_REGION_MEM && upper_32_bits(pci_addr)) {
-			debug(" - beyond the 32-bit boundary, ignoring\n");
+			debug(" - pci_addr beyond the 32-bit boundary, ignoring\n");
+			continue;
+		}
+
+		if (!IS_ENABLED(CONFIG_PHYS_64BIT) && upper_32_bits(addr)) {
+			debug(" - addr beyond the 32-bit boundary, ignoring\n");
+			continue;
+		}
+
+		if (~((pci_addr_t)0) - pci_addr < size) {
+			debug(" - PCI range exceeds max address, ignoring\n");
+			continue;
+		}
+
+		if (~((phys_addr_t)0) - addr < size) {
+			debug(" - phys range exceeds max address, ignoring\n");
 			continue;
 		}
 
-- 
2.36.0.rc2.479.g8af0fa9b8e-goog


  parent reply	other threads:[~2022-04-21 16:13 UTC|newest]

Thread overview: 25+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-04-21 16:10 [PATCH v3 00/18] virtio: pci: Add and fix consistency checks Andrew Scull
2022-04-21 16:10 ` [PATCH v3 01/18] virtio: pci: Allow exclusion of legacy driver Andrew Scull
2022-05-03 23:10   ` Tom Rini
2022-04-21 16:11 ` [PATCH v3 02/18] virtio: pci: Fix discovery of device config length Andrew Scull
2022-04-21 16:11 ` [PATCH v3 03/18] virtio: pci: Bounds check device config access Andrew Scull
2022-04-21 16:11 ` [PATCH v3 04/18] virtio: pci: Bounds check notification writes Andrew Scull
2022-04-21 16:11 ` [PATCH v3 05/18] virtio: pci: Check virtio common config size Andrew Scull
2022-04-21 16:11 ` [PATCH v3 06/18] virtio: pci: Check virtio capability is in bounds Andrew Scull
2022-04-21 16:11 ` [PATCH v3 07/18] virtio: pci: Read entire capability into memory Andrew Scull
2022-04-21 16:11 ` [PATCH v3 08/18] pci: Fix use of flags in dm_pci_map_bar() Andrew Scull
2022-04-22  6:37   ` Bin Meng
2022-04-21 16:11 ` Andrew Scull [this message]
2022-04-21 16:11 ` [PATCH v3 10/18] pci: Range check address conversions Andrew Scull
2022-04-21 16:11 ` [PATCH v3 11/18] test: pci: Test PCI address conversion functions Andrew Scull
2022-04-22  6:50   ` Bin Meng
2022-04-21 16:11 ` [PATCH v3 12/18] pci: Map bars with offset and length Andrew Scull
2022-04-22  6:52   ` Bin Meng
2022-04-21 16:11 ` [PATCH v3 13/18] pci: Match region flags using a mask Andrew Scull
2022-04-21 16:11 ` [PATCH v3 14/18] pci: Update dm_pci_bus_to_virt() parameters Andrew Scull
2022-04-22  7:38   ` Bin Meng
2022-04-21 16:11 ` [PATCH v3 15/18] pci: Add mask parameter to dm_pci_map_bar() Andrew Scull
2022-04-22  7:39   ` Bin Meng
2022-04-21 16:11 ` [PATCH v3 16/18] virtio: pci: Check virtio configs are mapped Andrew Scull
2022-04-21 16:11 ` [PATCH v3 17/18] virtio: pci: Make use of dm_pci_map_bar() Andrew Scull
2022-04-21 16:11 ` [PATCH v3 18/18] pci: Add config for Enhanced Allocation Andrew Scull

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20220421161116.1202023-10-ascull@google.com \
    --to=ascull@google.com \
    --cc=bmeng.cn@gmail.com \
    --cc=sjg@chromium.org \
    --cc=trini@konsulko.com \
    --cc=u-boot@lists.denx.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.