fix(lib/s2tt): additional asserts in s2tt library
This patch adds additional asserts in s2tt library related
mostly to incomplete checks.
Signed-off-by: Javier Almansa Sobrino <javier.almansasobrino@arm.com>
Change-Id: Ib73d394ed96b53db79992b4955d5a8fe39f26bb2
diff --git a/lib/s2tt/src/s2tt.c b/lib/s2tt/src/s2tt.c
index 61e6d6a..e960a05 100644
--- a/lib/s2tt/src/s2tt.c
+++ b/lib/s2tt/src/s2tt.c
@@ -325,6 +325,12 @@
assert(map_addr < (1UL << ipa_bits));
assert(wi != NULL);
+ if (s2_ctx->enable_lpa2 == true) {
+ assert(ipa_bits <= S2TTE_OA_BITS_LPA2);
+ } else {
+ assert(ipa_bits <= S2TTE_OA_BITS);
+ }
+
g_root = s2_ctx->g_rtt;
/* Handle concatenated starting level (SL) tables */
@@ -333,7 +339,7 @@
unsigned int tt_num = (unsigned int)(sl_idx >> S2TTE_STRIDE);
struct granule *g_concat_root;
- assert(tt_num < S2TTE_MAX_CONCAT_TABLES);
+ assert(tt_num < s2_ctx->num_root_rtts);
g_concat_root = (struct granule *)((uintptr_t)g_root +
(tt_num * sizeof(struct granule)));
@@ -410,8 +416,7 @@
{
(void)s2_ctx;
- return (S2TTE_NS | S2TTE_INVALID_HIPAS_UNASSIGNED |
- S2TTE_INVALID_UNPROTECTED);
+ return (S2TTE_NS | S2TTE_INVALID_HIPAS_UNASSIGNED);
}
/*
@@ -424,9 +429,10 @@
{
assert(level >= S2TT_MIN_BLOCK_LEVEL);
assert(level <= S2TT_PAGE_LEVEL);
- assert(s2tte_ripas <= S2TTE_INVALID_RIPAS_DESTROYED);
- assert(s2tte_is_addr_lvl_aligned(s2_ctx, pa, level));
+ assert(EXTRACT(S2TTE_INVALID_RIPAS, s2tte_ripas)
+ <= EXTRACT(S2TTE_INVALID_RIPAS, S2TTE_INVALID_RIPAS_DESTROYED));
assert(s2_ctx != NULL);
+ assert(s2tte_is_addr_lvl_aligned(s2_ctx, pa, level));
unsigned long tte = pa_to_s2tte(pa, s2_ctx->enable_lpa2);
unsigned long s2tte_page, s2tte_block;
@@ -757,8 +763,11 @@
desc_type = s2tte & S2TT_DESC_TYPE_MASK;
/* Only pages at L3 and valid blocks at L2 and L1 allowed */
- if (((level == S2TT_PAGE_LEVEL) && (desc_type == S2TTE_L3_PAGE)) ||
- ((level >= S2TT_MIN_BLOCK_LEVEL) && (desc_type == S2TTE_L012_BLOCK))) {
+ if (level == S2TT_PAGE_LEVEL) {
+ return (desc_type == S2TTE_L3_PAGE);
+ }
+
+ if ((level >= S2TT_MIN_BLOCK_LEVEL) && (desc_type == S2TTE_L012_BLOCK)) {
return true;
}
@@ -1154,6 +1163,14 @@
unsigned long s2tt_ns_attrs;
unsigned int i;
+ if (s2_ctx->enable_lpa2 == true) {
+ assert(level >= S2TT_MIN_STARTING_LEVEL_LPA2);
+ } else {
+ assert(level >= S2TT_MIN_STARTING_LEVEL);
+ }
+
+ assert(level <= S2TT_PAGE_LEVEL);
+
if (!s2tte_is_x(s2_ctx, s2tte, level)) {
return false;
}
diff --git a/lib/s2tt/src/s2tt_pvt_defs.h b/lib/s2tt/src/s2tt_pvt_defs.h
index a1a6464..d2e3bb5 100644
--- a/lib/s2tt/src/s2tt_pvt_defs.h
+++ b/lib/s2tt/src/s2tt_pvt_defs.h
@@ -43,8 +43,8 @@
#define S2TTE_INVALID_HIPAS_WIDTH 3U
#define S2TTE_INVALID_HIPAS_MASK MASK(S2TTE_INVALID_HIPAS)
-#define S2TTE_INVALID_HIPAS_UNASSIGNED (INPLACE(S2TTE_INVALID_HIPAS, 0UL))
-#define S2TTE_INVALID_HIPAS_ASSIGNED (INPLACE(S2TTE_INVALID_HIPAS, 1UL))
+#define S2TTE_INVALID_HIPAS_UNASSIGNED (INPLACE(S2TTE_INVALID_HIPAS, RMI_UNASSIGNED))
+#define S2TTE_INVALID_HIPAS_ASSIGNED (INPLACE(S2TTE_INVALID_HIPAS, RMI_ASSIGNED))
#define S2TTE_INVALID_RIPAS_SHIFT 5
#define S2TTE_INVALID_RIPAS_WIDTH 2U
@@ -54,8 +54,6 @@
#define S2TTE_INVALID_RIPAS_RAM (INPLACE(S2TTE_INVALID_RIPAS, RMI_RAM))
#define S2TTE_INVALID_RIPAS_DESTROYED (INPLACE(S2TTE_INVALID_RIPAS, RMI_DESTROYED))
-#define S2TTE_INVALID_UNPROTECTED 0x0UL
-
#define S2TTE_NS (1UL << 55)
#define S2TTE_AF (1UL << 10)
#define S2TTE_XN (2UL << 53)