lib: sbi_scratch: zero out scratch memory on all harts

In sbi_scratch_init() we determine the last hart. The index of the last
hart cannot exceed SBI_HARTMASK_MAX_BITS - 1. We should not initialize
last_hartid_having_scratch to a higher number to avoid buffer overflows
when using this value before calling sbi_scratch_init().

When allocating scratch memory in sbi_scratch_alloc_offset() we zero out
the allocated memory for all harts except for the last one. We should not
skip the last hart.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Anup Patel <anup.patel@wdc.com>

diff --git a/lib/sbi/sbi_scratch.c b/lib/sbi/sbi_scratch.c
index 7cf5b43..87b34c6 100644 (file)
--- a/lib/sbi/sbi_scratch.c
+++ b/lib/sbi/sbi_scratch.c
@@ -14,7 +14,7 @@
 #include <sbi/sbi_scratch.h>
 #include <sbi/sbi_string.h>
 
-u32 last_hartid_having_scratch = SBI_HARTMASK_MAX_BITS;
+u32 last_hartid_having_scratch = SBI_HARTMASK_MAX_BITS - 1;
 struct sbi_scratch *hartid_to_scratch_table[SBI_HARTMASK_MAX_BITS] = { 0 };
 
 static spinlock_t extra_lock = SPIN_LOCK_INITIALIZER;
@@ -74,7 +74,7 @@ done:
        spin_unlock(&extra_lock);
 
        if (ret) {
-               for (i = 0; i < sbi_scratch_last_hartid(); i++) {
+               for (i = 0; i <= sbi_scratch_last_hartid(); i++) {
                        rscratch = sbi_hartid_to_scratch(i);
                        if (!rscratch)
                                continue;