Move from memcpy to memcpy_s.
Change-Id: If7d53c6e54428f01f14528c3f281331d308af56a
diff --git a/inc/hf/arch/std.h b/inc/hf/arch/std.h
index 3f69ccc..f74374b 100644
--- a/inc/hf/arch/std.h
+++ b/inc/hf/arch/std.h
@@ -21,7 +21,6 @@
#define ARRAY_SIZE(a) (sizeof(a) / sizeof((a)[0]))
-void *memcpy(void *dst, const void *src, size_t n);
void *memmove(void *dst, const void *src, size_t n);
int memcmp(const void *a, const void *b, size_t n);
diff --git a/inc/hf/std.h b/inc/hf/std.h
index 73c7d1c..f502346 100644
--- a/inc/hf/std.h
+++ b/inc/hf/std.h
@@ -30,3 +30,4 @@
* have a constraint handler that panics.
*/
void memset_s(void *dest, rsize_t destsz, int ch, rsize_t count);
+void memcpy_s(void *dest, rsize_t destsz, const void *src, rsize_t count);
diff --git a/inc/vmapi/hf/spci.h b/inc/vmapi/hf/spci.h
index 8551808..523c4ae 100644
--- a/inc/vmapi/hf/spci.h
+++ b/inc/vmapi/hf/spci.h
@@ -84,10 +84,9 @@
* to reflect this (TBD).
*/
uint16_t reserved_1;
+
uint32_t length;
-
spci_vm_id_t target_vm_id;
-
spci_vm_id_t source_vm_id;
/*
diff --git a/src/api.c b/src/api.c
index ec98c22..a726404 100644
--- a/src/api.c
+++ b/src/api.c
@@ -809,7 +809,8 @@
/* Copy data. */
to_msg = to->mailbox.recv;
*to_msg = from_msg_replica;
- memcpy(to_msg->payload, from->mailbox.send->payload, size);
+ memcpy_s(to_msg->payload, SPCI_MSG_PAYLOAD_MAX,
+ from->mailbox.send->payload, size);
primary_ret.message.vm_id = to->id;
ret = SPCI_SUCCESS;
diff --git a/src/fdt_handler.c b/src/fdt_handler.c
index 0a0b294..8d701ee 100644
--- a/src/fdt_handler.c
+++ b/src/fdt_handler.c
@@ -35,7 +35,7 @@
case sizeof(uint32_t):
return be32toh(*(uint32_t *)data);
case sizeof(uint64_t):
- memcpy(t.a, data, sizeof(uint64_t));
+ memcpy_s(t.a, sizeof(t.a), data, sizeof(uint64_t));
return be64toh(t.v);
default:
return 0;
@@ -86,7 +86,7 @@
case sizeof(uint64_t):
t.v = be64toh(value);
- memcpy((void *)data, t.a, sizeof(uint64_t));
+ memcpy_s((void *)data, size, t.a, sizeof(uint64_t));
break;
default:
diff --git a/src/load.c b/src/load.c
index 7eea3dc..66b7034 100644
--- a/src/load.c
+++ b/src/load.c
@@ -49,7 +49,7 @@
return false;
}
- memcpy(ptr, from, size);
+ memcpy_s(ptr, size, from, size);
arch_mm_write_back_dcache(ptr, size);
mm_unmap(to, to_end, ppool);
@@ -261,8 +261,8 @@
static_assert(sizeof(mem_ranges_available) < 500,
"This will use too much stack, either make "
"MAX_MEM_RANGES smaller or change this.");
- memcpy(mem_ranges_available, params->mem_ranges,
- sizeof(mem_ranges_available));
+ memcpy_s(mem_ranges_available, sizeof(mem_ranges_available),
+ params->mem_ranges, sizeof(params->mem_ranges));
primary = vm_get(HF_PRIMARY_VM_ID);
diff --git a/src/std.c b/src/std.c
index 00d4704..b7ea2ce 100644
--- a/src/std.c
+++ b/src/std.c
@@ -20,6 +20,7 @@
/* Declare unsafe functions locally so they are not available globally. */
void *memset(void *s, int c, size_t n);
+void *memcpy(void *dst, const void *src, size_t n);
void memset_s(void *dest, rsize_t destsz, int ch, rsize_t count)
{
@@ -41,3 +42,39 @@
fail:
panic("memset_s failure");
}
+
+void memcpy_s(void *dest, rsize_t destsz, const void *src, rsize_t count)
+{
+ uintptr_t d = (uintptr_t)dest;
+ uintptr_t s = (uintptr_t)src;
+
+ if (dest == NULL || src == NULL) {
+ goto fail;
+ }
+
+ if (destsz > RSIZE_MAX || count > RSIZE_MAX) {
+ goto fail;
+ }
+
+ if (count > destsz) {
+ goto fail;
+ }
+
+ /* Destination overlaps the end of source. */
+ if (d > s && d < (s + count)) {
+ goto fail;
+ }
+
+ /* Source overlaps the end of destination. */
+ if (s > d && s < (d + destsz)) {
+ goto fail;
+ }
+
+ /* TODO: consider wrapping? */
+
+ memcpy(dest, src, count);
+ return;
+
+fail:
+ panic("memcpy_s failure");
+}
diff --git a/test/hftest/inc/hftest_impl.h b/test/hftest/inc/hftest_impl.h
index a86069c..d75b402 100644
--- a/test/hftest/inc/hftest_impl.h
+++ b/test/hftest/inc/hftest_impl.h
@@ -283,7 +283,8 @@
ASSERT_EQ(run_res.sleep.ns, HF_SLEEP_INDEFINITE); \
\
/* Send the selected service to run and let it be handled. */ \
- memcpy(send_buffer->payload, service, msg_length); \
+ memcpy_s(send_buffer->payload, SPCI_MSG_PAYLOAD_MAX, service, \
+ msg_length); \
spci_message_init(send_buffer, msg_length, vm_id, \
hf_vm_get_id()); \
\
diff --git a/test/vmapi/gicv3/busy_secondary.c b/test/vmapi/gicv3/busy_secondary.c
index 1a3cf52..62c6cc3 100644
--- a/test/vmapi/gicv3/busy_secondary.c
+++ b/test/vmapi/gicv3/busy_secondary.c
@@ -79,7 +79,8 @@
/* Let secondary start looping. */
dlog("Telling secondary to loop.\n");
- memcpy(send_buffer->payload, message, sizeof(message));
+ memcpy_s(send_buffer->payload, SPCI_MSG_PAYLOAD_MAX, message,
+ sizeof(message));
spci_message_init(send_buffer, 0, SERVICE_VM0,
recv_buffer->target_vm_id);
EXPECT_EQ(spci_msg_send(0), 0);
@@ -136,7 +137,8 @@
/* Let secondary start looping. */
dlog("Telling secondary to loop.\n");
- memcpy(send_buffer->payload, message, sizeof(message));
+ memcpy_s(send_buffer->payload, SPCI_MSG_PAYLOAD_MAX, message,
+ sizeof(message));
spci_message_init(send_buffer, 0, SERVICE_VM0,
recv_buffer->target_vm_id);
EXPECT_EQ(spci_msg_send(0), 0);
diff --git a/test/vmapi/gicv3/services/timer.c b/test/vmapi/gicv3/services/timer.c
index 871603d..0cc7341 100644
--- a/test/vmapi/gicv3/services/timer.c
+++ b/test/vmapi/gicv3/services/timer.c
@@ -46,7 +46,8 @@
}
buffer[8] = '0' + interrupt_id / 10;
buffer[9] = '0' + interrupt_id % 10;
- memcpy(SERVICE_SEND_BUFFER()->payload, buffer, size);
+ memcpy_s(SERVICE_SEND_BUFFER()->payload, SPCI_MSG_PAYLOAD_MAX, buffer,
+ size);
spci_message_init(SERVICE_SEND_BUFFER(), size, HF_PRIMARY_VM_ID,
SERVICE_RECV_BUFFER()->target_vm_id);
spci_msg_send(0);
diff --git a/test/vmapi/gicv3/timer_secondary.c b/test/vmapi/gicv3/timer_secondary.c
index bcd762a..3782b51 100644
--- a/test/vmapi/gicv3/timer_secondary.c
+++ b/test/vmapi/gicv3/timer_secondary.c
@@ -49,7 +49,8 @@
EXPECT_EQ(run_res.sleep.ns, HF_SLEEP_INDEFINITE);
/* Send the message for the secondary to set a timer. */
- memcpy(send_buffer->payload, message, sizeof(message));
+ memcpy_s(send_buffer->payload, SPCI_MSG_PAYLOAD_MAX, message,
+ sizeof(message));
spci_message_init(send_buffer, sizeof(message), SERVICE_VM0,
HF_PRIMARY_VM_ID);
EXPECT_EQ(spci_msg_send(0), 0);
@@ -107,7 +108,8 @@
EXPECT_EQ(run_res.sleep.ns, HF_SLEEP_INDEFINITE);
/* Send the message for the secondary to set a timer. */
- memcpy(send_buffer->payload, message, message_length);
+ memcpy_s(send_buffer->payload, SPCI_MSG_PAYLOAD_MAX, message,
+ message_length);
spci_message_init(send_buffer, message_length, SERVICE_VM0,
HF_PRIMARY_VM_ID);
EXPECT_EQ(spci_msg_send(0), 0);
@@ -245,7 +247,8 @@
EXPECT_EQ(run_res.sleep.ns, HF_SLEEP_INDEFINITE);
/* Send the message for the secondary to set a timer. */
- memcpy(send_buffer->payload, message, message_length);
+ memcpy_s(send_buffer->payload, SPCI_MSG_PAYLOAD_MAX, message,
+ message_length);
spci_message_init(send_buffer, message_length, SERVICE_VM0,
HF_PRIMARY_VM_ID);
EXPECT_EQ(spci_msg_send(0), 0);
diff --git a/test/vmapi/primary_with_secondaries/interrupts.c b/test/vmapi/primary_with_secondaries/interrupts.c
index 187304e..f5a8036 100644
--- a/test/vmapi/primary_with_secondaries/interrupts.c
+++ b/test/vmapi/primary_with_secondaries/interrupts.c
@@ -42,7 +42,8 @@
EXPECT_EQ(run_res.sleep.ns, HF_SLEEP_INDEFINITE);
/* Set the message, echo it and wait for a response. */
- memcpy(mb.send->payload, message, sizeof(message));
+ memcpy_s(mb.send->payload, SPCI_MSG_PAYLOAD_MAX, message,
+ sizeof(message));
spci_message_init(mb.send, sizeof(message), SERVICE_VM0,
HF_PRIMARY_VM_ID);
EXPECT_EQ(spci_msg_send(0), 0);
@@ -165,7 +166,8 @@
EXPECT_EQ(run_res.sleep.ns, HF_SLEEP_INDEFINITE);
/* Now send a message to the secondary. */
- memcpy(mb.send->payload, message, sizeof(message));
+ memcpy_s(mb.send->payload, SPCI_MSG_PAYLOAD_MAX, message,
+ sizeof(message));
spci_message_init(mb.send, sizeof(message), SERVICE_VM0,
HF_PRIMARY_VM_ID);
EXPECT_EQ(spci_msg_send(0), 0);
@@ -202,7 +204,8 @@
* Now send a message to the secondary to enable the interrupt ID, and
* expect the response from the interrupt we sent before.
*/
- memcpy(mb.send->payload, message, sizeof(message));
+ memcpy_s(mb.send->payload, SPCI_MSG_PAYLOAD_MAX, message,
+ sizeof(message));
spci_message_init(mb.send, sizeof(message), SERVICE_VM0,
HF_PRIMARY_VM_ID);
EXPECT_EQ(spci_msg_send(0), 0);
@@ -287,7 +290,8 @@
EXPECT_EQ(run_res.code, HF_VCPU_RUN_WAIT_FOR_MESSAGE);
EXPECT_EQ(run_res.sleep.ns, HF_SLEEP_INDEFINITE);
- memcpy(mb.send->payload, message, sizeof(message));
+ memcpy_s(mb.send->payload, SPCI_MSG_PAYLOAD_MAX, message,
+ sizeof(message));
spci_message_init(mb.send, sizeof(message), SERVICE_VM0,
HF_PRIMARY_VM_ID);
EXPECT_EQ(spci_msg_send(0), SPCI_SUCCESS);
diff --git a/test/vmapi/primary_with_secondaries/mailbox.c b/test/vmapi/primary_with_secondaries/mailbox.c
index 7a45dfa..ffb28ff 100644
--- a/test/vmapi/primary_with_secondaries/mailbox.c
+++ b/test/vmapi/primary_with_secondaries/mailbox.c
@@ -88,7 +88,8 @@
EXPECT_EQ(run_res.sleep.ns, HF_SLEEP_INDEFINITE);
/* Set the message, echo it and check it didn't change. */
- memcpy(mb.send->payload, message, sizeof(message));
+ memcpy_s(mb.send->payload, SPCI_MSG_PAYLOAD_MAX, message,
+ sizeof(message));
spci_message_init(mb.send, sizeof(message), SERVICE_VM0,
HF_PRIMARY_VM_ID);
EXPECT_EQ(spci_msg_send(0), 0);
@@ -119,7 +120,8 @@
/* Set the message, echo it and check it didn't change. */
next_permutation(message, sizeof(message) - 1);
- memcpy(mb.send->payload, message, sizeof(message));
+ memcpy_s(mb.send->payload, SPCI_MSG_PAYLOAD_MAX, message,
+ sizeof(message));
spci_message_init(mb.send, sizeof(message), SERVICE_VM0,
HF_PRIMARY_VM_ID);
EXPECT_EQ(spci_msg_send(0), 0);
@@ -160,7 +162,8 @@
uint32_t *chain = (uint32_t *)mb.send->payload;
*chain++ = htole32(SERVICE_VM1);
*chain++ = htole32(HF_PRIMARY_VM_ID);
- memcpy(chain, message, sizeof(message));
+ memcpy_s(chain, SPCI_MSG_PAYLOAD_MAX - (2 * sizeof(uint32_t)),
+ message, sizeof(message));
spci_message_init(mb.send,
sizeof(message) + (2 * sizeof(uint32_t)),
@@ -251,7 +254,8 @@
EXPECT_EQ(run_res.sleep.ns, HF_SLEEP_INDEFINITE);
/* Send a message to echo service, and get response back. */
- memcpy(mb.send->payload, message, sizeof(message));
+ memcpy_s(mb.send->payload, SPCI_MSG_PAYLOAD_MAX, message,
+ sizeof(message));
spci_message_init(mb.send, sizeof(message), SERVICE_VM0,
HF_PRIMARY_VM_ID);
EXPECT_EQ(spci_msg_send(0), 0);
@@ -267,7 +271,8 @@
/* Without clearing our mailbox, send message again. */
reverse(message, strlen(message));
- memcpy(mb.send->payload, message, sizeof(message));
+ memcpy_s(mb.send->payload, SPCI_MSG_PAYLOAD_MAX, message,
+ sizeof(message));
spci_message_init(mb.send, sizeof(message), SERVICE_VM0,
HF_PRIMARY_VM_ID);
@@ -315,7 +320,8 @@
EXPECT_EQ(run_res.sleep.ns, HF_SLEEP_INDEFINITE);
/* Send a message to echo service twice. The second should fail. */
- memcpy(mb.send->payload, message, sizeof(message));
+ memcpy_s(mb.send->payload, SPCI_MSG_PAYLOAD_MAX, message,
+ sizeof(message));
spci_message_init(mb.send, sizeof(message), SERVICE_VM0,
HF_PRIMARY_VM_ID);
EXPECT_EQ(spci_msg_send(0), SPCI_SUCCESS);
diff --git a/test/vmapi/primary_with_secondaries/memory_sharing.c b/test/vmapi/primary_with_secondaries/memory_sharing.c
index fc03a32..70dbc08 100644
--- a/test/vmapi/primary_with_secondaries/memory_sharing.c
+++ b/test/vmapi/primary_with_secondaries/memory_sharing.c
@@ -103,7 +103,7 @@
* API is still to be agreed on so the address is passed
* explicitly to test the mechanism.
*/
- memcpy(mb.send->payload, &ptr, sizeof(ptr));
+ memcpy_s(mb.send->payload, SPCI_MSG_PAYLOAD_MAX, &ptr, sizeof(ptr));
spci_message_init(mb.send, sizeof(ptr), SERVICE_VM0, HF_PRIMARY_VM_ID);
EXPECT_EQ(spci_msg_send(0), SPCI_SUCCESS);
@@ -146,7 +146,7 @@
* API is still to be agreed on so the address is passed
* explicitly to test the mechanism.
*/
- memcpy(mb.send->payload, &ptr, sizeof(ptr));
+ memcpy_s(mb.send->payload, SPCI_MSG_PAYLOAD_MAX, &ptr, sizeof(ptr));
spci_message_init(mb.send, sizeof(ptr), SERVICE_VM0, HF_PRIMARY_VM_ID);
EXPECT_EQ(spci_msg_send(0), SPCI_SUCCESS);
@@ -184,7 +184,7 @@
* API is still to be agreed on so the address is passed
* explicitly to test the mechanism.
*/
- memcpy(mb.send->payload, &ptr, sizeof(ptr));
+ memcpy_s(mb.send->payload, SPCI_MSG_PAYLOAD_MAX, &ptr, sizeof(ptr));
spci_message_init(mb.send, sizeof(ptr), SERVICE_VM0, HF_PRIMARY_VM_ID);
EXPECT_EQ(spci_msg_send(0), SPCI_SUCCESS);
@@ -222,7 +222,7 @@
* API is still to be agreed on so the address is passed
* explicitly to test the mechanism.
*/
- memcpy(mb.send->payload, &ptr, sizeof(ptr));
+ memcpy_s(mb.send->payload, SPCI_MSG_PAYLOAD_MAX, &ptr, sizeof(ptr));
spci_message_init(mb.send, sizeof(ptr), SERVICE_VM0, HF_PRIMARY_VM_ID);
EXPECT_EQ(spci_msg_send(0), SPCI_SUCCESS);
@@ -259,7 +259,7 @@
* API is still to be agreed on so the address is passed
* explicitly to test the mechanism.
*/
- memcpy(mb.send->payload, &ptr, sizeof(ptr));
+ memcpy_s(mb.send->payload, SPCI_MSG_PAYLOAD_MAX, &ptr, sizeof(ptr));
spci_message_init(mb.send, sizeof(ptr), SERVICE_VM0, HF_PRIMARY_VM_ID);
EXPECT_EQ(spci_msg_send(0), SPCI_SUCCESS);
@@ -299,7 +299,7 @@
* API is still to be agreed on so the address is passed
* explicitly to test the mechanism.
*/
- memcpy(mb.send->payload, &ptr, sizeof(ptr));
+ memcpy_s(mb.send->payload, SPCI_MSG_PAYLOAD_MAX, &ptr, sizeof(ptr));
spci_message_init(mb.send, sizeof(ptr), SERVICE_VM0, HF_PRIMARY_VM_ID);
EXPECT_EQ(spci_msg_send(0), SPCI_SUCCESS);
@@ -333,7 +333,7 @@
EXPECT_EQ(run_res.code, HF_VCPU_RUN_MESSAGE);
/* Check the memory was cleared. */
- memcpy(&ptr, mb.recv->payload, sizeof(ptr));
+ ptr = *(uint8_t **)mb.recv->payload;
for (int i = 0; i < PAGE_SIZE; ++i) {
ASSERT_EQ(ptr[i], 0);
}
@@ -359,7 +359,7 @@
EXPECT_EQ(run_res.code, HF_VCPU_RUN_MESSAGE);
/* Check the memory was cleared. */
- memcpy(&ptr, mb.recv->payload, sizeof(ptr));
+ ptr = *(uint8_t **)mb.recv->payload;
for (int i = 0; i < PAGE_SIZE; ++i) {
ASSERT_EQ(ptr[i], 0);
}
diff --git a/test/vmapi/primary_with_secondaries/run_race.c b/test/vmapi/primary_with_secondaries/run_race.c
index c41387d..2062de1 100644
--- a/test/vmapi/primary_with_secondaries/run_race.c
+++ b/test/vmapi/primary_with_secondaries/run_race.c
@@ -57,7 +57,7 @@
/* Copies the contents of the received boolean to the return value. */
if (mb->recv->length == sizeof(ok)) {
- memcpy(&ok, mb->recv->payload, sizeof(ok));
+ ok = *(bool *)mb->recv->payload;
}
hf_mailbox_clear();
diff --git a/test/vmapi/primary_with_secondaries/services/check_state.c b/test/vmapi/primary_with_secondaries/services/check_state.c
index 2379d9f..a1805f9 100644
--- a/test/vmapi/primary_with_secondaries/services/check_state.c
+++ b/test/vmapi/primary_with_secondaries/services/check_state.c
@@ -66,7 +66,8 @@
}
/* Send two replies, one for each physical CPU. */
- memcpy(SERVICE_SEND_BUFFER()->payload, &ok, sizeof(ok));
+ memcpy_s(SERVICE_SEND_BUFFER()->payload, SPCI_MSG_PAYLOAD_MAX, &ok,
+ sizeof(ok));
spci_message_init(SERVICE_SEND_BUFFER(), sizeof(ok), HF_PRIMARY_VM_ID,
hf_vm_get_id());
send_with_retry();
diff --git a/test/vmapi/primary_with_secondaries/services/echo.c b/test/vmapi/primary_with_secondaries/services/echo.c
index e72622c..04cb6a3 100644
--- a/test/vmapi/primary_with_secondaries/services/echo.c
+++ b/test/vmapi/primary_with_secondaries/services/echo.c
@@ -29,7 +29,8 @@
struct spci_message *send_buf = SERVICE_SEND_BUFFER();
struct spci_message *recv_buf = SERVICE_RECV_BUFFER();
- memcpy(send_buf->payload, recv_buf->payload, recv_buf->length);
+ memcpy_s(send_buf->payload, SPCI_MSG_PAYLOAD_MAX,
+ recv_buf->payload, recv_buf->length);
spci_message_init(SERVICE_SEND_BUFFER(), recv_buf->length,
recv_buf->source_vm_id,
recv_buf->target_vm_id);
diff --git a/test/vmapi/primary_with_secondaries/services/echo_with_notification.c b/test/vmapi/primary_with_secondaries/services/echo_with_notification.c
index f278851..03dcfd4 100644
--- a/test/vmapi/primary_with_secondaries/services/echo_with_notification.c
+++ b/test/vmapi/primary_with_secondaries/services/echo_with_notification.c
@@ -58,7 +58,8 @@
struct spci_message *send_buf = SERVICE_SEND_BUFFER();
struct spci_message *recv_buf = SERVICE_RECV_BUFFER();
- memcpy(send_buf->payload, recv_buf->payload, recv_buf->length);
+ memcpy_s(send_buf->payload, SPCI_MSG_PAYLOAD_MAX,
+ recv_buf->payload, recv_buf->length);
spci_message_init(send_buf, recv_buf->length,
recv_buf->source_vm_id,
recv_buf->target_vm_id);
diff --git a/test/vmapi/primary_with_secondaries/services/interruptible.c b/test/vmapi/primary_with_secondaries/services/interruptible.c
index 2053088..3df67eb 100644
--- a/test/vmapi/primary_with_secondaries/services/interruptible.c
+++ b/test/vmapi/primary_with_secondaries/services/interruptible.c
@@ -39,7 +39,8 @@
dlog("secondary IRQ %d from current\n", interrupt_id);
buffer[8] = '0' + interrupt_id / 10;
buffer[9] = '0' + interrupt_id % 10;
- memcpy(SERVICE_SEND_BUFFER()->payload, buffer, size);
+ memcpy_s(SERVICE_SEND_BUFFER()->payload, SPCI_MSG_PAYLOAD_MAX, buffer,
+ size);
spci_message_init(SERVICE_SEND_BUFFER(), size, HF_PRIMARY_VM_ID,
hf_vm_get_id());
spci_msg_send(0);
diff --git a/test/vmapi/primary_with_secondaries/services/interruptible_echo.c b/test/vmapi/primary_with_secondaries/services/interruptible_echo.c
index 5f79433..760998c 100644
--- a/test/vmapi/primary_with_secondaries/services/interruptible_echo.c
+++ b/test/vmapi/primary_with_secondaries/services/interruptible_echo.c
@@ -48,8 +48,8 @@
res = spci_msg_recv(SPCI_MSG_RECV_BLOCK);
}
- memcpy(message->payload, recv_message->payload,
- recv_message->length);
+ memcpy_s(message->payload, SPCI_MSG_PAYLOAD_MAX,
+ recv_message->payload, recv_message->length);
spci_message_init(message, recv_message->length,
HF_PRIMARY_VM_ID, SERVICE_VM0);
diff --git a/test/vmapi/primary_with_secondaries/services/memory.c b/test/vmapi/primary_with_secondaries/services/memory.c
index 5802429..0175577 100644
--- a/test/vmapi/primary_with_secondaries/services/memory.c
+++ b/test/vmapi/primary_with_secondaries/services/memory.c
@@ -33,7 +33,7 @@
/* Check the memory was cleared. */
struct spci_message *recv_buf = SERVICE_RECV_BUFFER();
- memcpy(&ptr, recv_buf->payload, sizeof(ptr));
+ ptr = *(uint8_t **)recv_buf->payload;
spci_message_init(SERVICE_SEND_BUFFER(), sizeof(ptr),
recv_buf->source_vm_id, hf_vm_get_id());
@@ -64,7 +64,7 @@
/* Check the memory was cleared. */
struct spci_message *recv_buf = SERVICE_RECV_BUFFER();
- memcpy(&ptr, recv_buf->payload, sizeof(ptr));
+ ptr = *(uint8_t **)recv_buf->payload;
spci_message_init(SERVICE_SEND_BUFFER(), sizeof(ptr),
recv_buf->source_vm_id, hf_vm_get_id());
@@ -102,7 +102,8 @@
* API is still to be agreed on so the address is passed
* explicitly to test the mechanism.
*/
- memcpy(SERVICE_SEND_BUFFER()->payload, &ptr, sizeof(ptr));
+ memcpy_s(SERVICE_SEND_BUFFER()->payload, SPCI_MSG_PAYLOAD_MAX, &ptr,
+ sizeof(ptr));
spci_message_init(SERVICE_SEND_BUFFER(), sizeof(ptr), HF_PRIMARY_VM_ID,
hf_vm_get_id());
EXPECT_EQ(spci_msg_send(0), 0);
@@ -125,7 +126,8 @@
* API is still to be agreed on so the address is passed
* explicitly to test the mechanism.
*/
- memcpy(SERVICE_SEND_BUFFER()->payload, &ptr, sizeof(ptr));
+ memcpy_s(SERVICE_SEND_BUFFER()->payload, SPCI_MSG_PAYLOAD_MAX, &ptr,
+ sizeof(ptr));
spci_message_init(SERVICE_SEND_BUFFER(), sizeof(ptr), HF_PRIMARY_VM_ID,
hf_vm_get_id());
EXPECT_EQ(spci_msg_send(0), 0);
diff --git a/test/vmapi/primary_with_secondaries/services/receive_block.c b/test/vmapi/primary_with_secondaries/services/receive_block.c
index b241b76..0b8a1b5 100644
--- a/test/vmapi/primary_with_secondaries/services/receive_block.c
+++ b/test/vmapi/primary_with_secondaries/services/receive_block.c
@@ -50,7 +50,8 @@
EXPECT_EQ(res, SPCI_INTERRUPTED);
}
- memcpy(SERVICE_SEND_BUFFER()->payload, message, sizeof(message));
+ memcpy_s(SERVICE_SEND_BUFFER()->payload, SPCI_MSG_PAYLOAD_MAX, message,
+ sizeof(message));
spci_message_init(SERVICE_SEND_BUFFER(), sizeof(message),
HF_PRIMARY_VM_ID, hf_vm_get_id());
diff --git a/test/vmapi/primary_with_secondaries/services/relay.c b/test/vmapi/primary_with_secondaries/services/relay.c
index 30ce25e..413fbbf 100644
--- a/test/vmapi/primary_with_secondaries/services/relay.c
+++ b/test/vmapi/primary_with_secondaries/services/relay.c
@@ -49,7 +49,8 @@
next_message_size = recv_buf->length - sizeof(uint32_t);
/* Send the message to the next stage. */
- memcpy(send_buf->payload, next_message, next_message_size);
+ memcpy_s(send_buf->payload, SPCI_MSG_PAYLOAD_MAX, next_message,
+ next_message_size);
spci_message_init(send_buf, next_message_size, next_vm_id,
hf_vm_get_id());
diff --git a/test/vmapi/primary_with_secondaries/services/wfi.c b/test/vmapi/primary_with_secondaries/services/wfi.c
index 6d3a05c..6935107 100644
--- a/test/vmapi/primary_with_secondaries/services/wfi.c
+++ b/test/vmapi/primary_with_secondaries/services/wfi.c
@@ -48,7 +48,8 @@
interrupt_wait();
}
- memcpy(SERVICE_SEND_BUFFER()->payload, message, sizeof(message));
+ memcpy_s(SERVICE_SEND_BUFFER()->payload, SPCI_MSG_PAYLOAD_MAX, message,
+ sizeof(message));
spci_message_init(SERVICE_SEND_BUFFER(), sizeof(message),
HF_PRIMARY_VM_ID, hf_vm_get_id());
diff --git a/test/vmapi/primary_with_secondaries/spci.c b/test/vmapi/primary_with_secondaries/spci.c
index 1e0c8a1..be442b8 100644
--- a/test/vmapi/primary_with_secondaries/spci.c
+++ b/test/vmapi/primary_with_secondaries/spci.c
@@ -39,7 +39,8 @@
SERVICE_SELECT(SERVICE_VM0, "spci_check", mb.send);
/* Set the payload, init the message header and send the message. */
- memcpy(mb.send->payload, message, sizeof(message));
+ memcpy_s(mb.send->payload, SPCI_MSG_PAYLOAD_MAX, message,
+ sizeof(message));
spci_message_init(mb.send, sizeof(message), SERVICE_VM0,
HF_PRIMARY_VM_ID);
EXPECT_EQ(spci_msg_send(0), 0);
@@ -59,7 +60,8 @@
SERVICE_SELECT(SERVICE_VM0, "spci_check", mb.send);
/* Set the payload, init the message header and send the message. */
- memcpy(mb.send->payload, message, sizeof(message));
+ memcpy_s(mb.send->payload, SPCI_MSG_PAYLOAD_MAX, message,
+ sizeof(message));
spci_message_init(mb.send, sizeof(message), SERVICE_VM0, SERVICE_VM1);
EXPECT_EQ(spci_msg_send(0), SPCI_INVALID_PARAMETERS);
}
@@ -74,7 +76,8 @@
SERVICE_SELECT(SERVICE_VM0, "spci_check", mb.send);
/* Set the payload, init the message header and send the message. */
- memcpy(mb.send->payload, message, sizeof(message));
+ memcpy_s(mb.send->payload, SPCI_MSG_PAYLOAD_MAX, message,
+ sizeof(message));
spci_message_init(mb.send, sizeof(message), -1, HF_PRIMARY_VM_ID);
EXPECT_EQ(spci_msg_send(0), SPCI_INVALID_PARAMETERS);
}
@@ -91,7 +94,8 @@
SERVICE_SELECT(SERVICE_VM0, "spci_length", mb.send);
/* Send the message and compare if truncated. */
- memcpy(mb.send->payload, message, sizeof(message));
+ memcpy_s(mb.send->payload, SPCI_MSG_PAYLOAD_MAX, message,
+ sizeof(message));
/* Hard code incorrect length. */
spci_message_init(mb.send, 16, SERVICE_VM0, HF_PRIMARY_VM_ID);
@@ -108,7 +112,8 @@
const char message[] = "fail to send";
struct mailbox_buffers mb = set_up_mailbox();
- memcpy(mb.send->payload, message, sizeof(message));
+ memcpy_s(mb.send->payload, SPCI_MSG_PAYLOAD_MAX, message,
+ sizeof(message));
/* Send a message that is larger than the mailbox supports (4KB). */
spci_message_init(mb.send, 4 * 1024, SERVICE_VM0, HF_PRIMARY_VM_ID);
EXPECT_EQ(spci_msg_send(0), SPCI_INVALID_PARAMETERS);