TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / hafnium / hafnium.git / 45abeebfd2b4ebceaa403d3a929997527aa9c641^! / . / src / manifest.c
commit45abeebfd2b4ebceaa403d3a929997527aa9c641[log] [tgz]
authorKarl Meakin <karl.meakin@arm.com>Fri Aug 02 16:55:44 2024 +0100
committerKarl Meakin <karl.meakin@arm.com>Wed Oct 09 17:37:13 2024 +0100
tree5f9ae7bba22098449314bb054da0f7a0391eb40a
parent6053297ef775b739c3472b7a7d5dfbf3e6e755c0 [diff] [blame]
feat: report error if too many UUIDs in manifest

Previously, the FF-A manifest parser would silently ignore any UUIDs
after `PARTITION_MAX_UUIDS`. Return an error instead.

Change-Id: I2c277ca52b940c31e27d5bbc613901f60909bca1
Signed-off-by: Karl Meakin <karl.meakin@arm.com>

diff --git a/src/manifest.c b/src/manifest.c
index c0586dc..9de1935 100644
--- a/src/manifest.c
+++ b/src/manifest.c

@@ -430,7 +430,7 @@
 {
 	uint16_t j;
 
-	for (j = 0; j < PARTITION_MAX_UUIDS && uint32list_has_next(uuid); j++) {
+	for (j = 0; uint32list_has_next(uuid); j++) {
 		TRY(parse_uuid(uuid, &out[j]));
 
 		if (ffa_uuid_is_null(&out[j])) {
@@ -438,6 +438,10 @@
 		}
 		dlog_verbose("  UUID %#x-%x-%x-%x\n", out[j].uuid[0],
 			     out[j].uuid[1], out[j].uuid[2], out[j].uuid[3]);
+
+		if (j >= PARTITION_MAX_UUIDS) {
+			return MANIFEST_ERROR_TOO_MANY_UUIDS;
+		}
 	}
 
 	*len = j;
@@ -1735,6 +1739,9 @@
 		       "default largest value";
 	case MANIFEST_ERROR_UUID_ALL_ZEROS:
 		return "UUID should not be NIL";
+	case MANIFEST_ERROR_TOO_MANY_UUIDS:
+		return "Manifest specifies more UUIDs than Hafnium has "
+		       "statically allocated space for";
 	case MANIFEST_ERROR_MISSING_SMMU_ID:
 		return "SMMU ID must be specified for the given Stream IDs";
 	case MANIFEST_ERROR_MISMATCH_DMA_ACCESS_PERMISSIONS: