| Message ID | 20250314105703.277315-1-ilias.apalodimas@linaro.org |
|---|---|
| State | New |
| Headers | show |
| Series | lmb: change the return code on lmb_alloc_addr() | expand |
On Friday, March 14th, 2025 at 3:57 AM, Ilias Apalodimas <ilias.apalodimas@linaro.org> wrote: > > > Ben reports a failure to boot the kernel on hardware that starts its > physical memory from 0x0. > The reason is that lmb_alloc_addr(), which is supposed to reserve a > specific address, takes the address as the first argument, but then also > returns the address for success or failure and treats 0 as a failure. > > Since we already know the address change the prototype to return an int. > > Reported-by: Ben Schneider ben@bens.haus > > Signed-off-by: Ilias Apalodimas ilias.apalodimas@linaro.org > > --- > fs/fs.c | 2 +- > include/lmb.h | 6 ++--- > lib/efi_loader/efi_memory.c | 3 +-- > lib/lmb.c | 6 ++--- > test/lib/lmb.c | 53 +++++++++++++++++++------------------ > 5 files changed, 35 insertions(+), 35 deletions(-) > > diff --git a/fs/fs.c b/fs/fs.c > index 99ddcc5e37be..1ed7c0f2d2c7 100644 > --- a/fs/fs.c > +++ b/fs/fs.c > @@ -554,7 +554,7 @@ static int fs_read_lmb_check(const char filename, ulong addr, loff_t offset, > > lmb_dump_all(); > > - if (lmb_alloc_addr(addr, read_len, LMB_NONE) == addr) > + if (!lmb_alloc_addr(addr, read_len, LMB_NONE)) > return 0; > > log_err("* Reading file would overwrite reserved memory \n"); > diff --git a/include/lmb.h b/include/lmb.h > index 09297a4f530a..0d316c64c0a3 100644 > --- a/include/lmb.h > +++ b/include/lmb.h > @@ -135,9 +135,9 @@ phys_addr_t lmb_alloc_base(phys_size_t size, ulong align, phys_addr_t max_addr, > * parameter. The base parameter is used to specify the base address > * of the requested region. > * > - * Return: Base address on success, 0 on error. > + * Return: 0 on success -1 on error > / > -phys_addr_t lmb_alloc_addr(phys_addr_t base, phys_size_t size, u32 flags); > +int lmb_alloc_addr(phys_addr_t base, phys_size_t size, u32 flags); > > / > * lmb_is_reserved_flags() - Test if address is in reserved region with flag > @@ -175,7 +175,7 @@ void lmb_pop(struct lmb store); > > static inline int lmb_read_check(phys_addr_t addr, phys_size_t len) > { > - return lmb_alloc_addr(addr, len, LMB_NONE) == addr ? 0 : -1; > + return lmb_alloc_addr(addr, len, LMB_NONE); > } > > / > diff --git a/lib/efi_loader/efi_memory.c b/lib/efi_loader/efi_memory.c > index 6d00b1862505..c39b53922bb4 100644 > --- a/lib/efi_loader/efi_memory.c > +++ b/lib/efi_loader/efi_memory.c > @@ -491,8 +491,7 @@ efi_status_t efi_allocate_pages(enum efi_allocate_type type, > return EFI_NOT_FOUND; > > addr = map_to_sysmem((void *)(uintptr_t)*memory); > - addr = (u64)lmb_alloc_addr(addr, len, flags); > - if (!addr) > + if (lmb_alloc_addr(addr, len, flags)) > return EFI_NOT_FOUND; > break; > default: > diff --git a/lib/lmb.c b/lib/lmb.c > index 93fc1bea07cd..61bb13dc4e24 100644 > --- a/lib/lmb.c > +++ b/lib/lmb.c > @@ -714,7 +714,7 @@ phys_addr_t lmb_alloc_base(phys_size_t size, ulong align, phys_addr_t max_addr, > return alloc; > } > > -phys_addr_t lmb_alloc_addr(phys_addr_t base, phys_size_t size, u32 flags) > +int lmb_alloc_addr(phys_addr_t base, phys_size_t size, u32 flags) > { > long rgn; > struct lmb_region lmb_memory = lmb.available_mem.data; > @@ -731,11 +731,11 @@ phys_addr_t lmb_alloc_addr(phys_addr_t base, phys_size_t size, u32 flags) > base + size - 1, 1)) { > / ok, reserve the memory / > if (!lmb_reserve(base, size, flags)) > - return base; > + return 0; > } > } > > - return 0; > + return -1; > } > > / Return number of bytes from a given address that are free */ > diff --git a/test/lib/lmb.c b/test/lib/lmb.c > index fcb5f1af532a..01b1c7fdedd0 100644 > --- a/test/lib/lmb.c > +++ b/test/lib/lmb.c > @@ -531,21 +531,21 @@ static int test_alloc_addr(struct unit_test_state uts, const phys_addr_t ram) > > / Try to allocate a page twice */ > b = lmb_alloc_addr(alloc_addr_a, 0x1000, LMB_NONE); > - ut_asserteq(b, alloc_addr_a); > - b = lmb_alloc_addr(alloc_addr_a, 0x1000, LMB_NOOVERWRITE); > ut_asserteq(b, 0); > + b = lmb_alloc_addr(alloc_addr_a, 0x1000, LMB_NOOVERWRITE); > + ut_asserteq(b, -1); > b = lmb_alloc_addr(alloc_addr_a, 0x1000, LMB_NONE); > - ut_asserteq(b, alloc_addr_a); > + ut_asserteq(b, 0); > b = lmb_alloc_addr(alloc_addr_a, 0x2000, LMB_NONE); > - ut_asserteq(b, alloc_addr_a); > + ut_asserteq(b, 0); > ret = lmb_free(alloc_addr_a, 0x2000); > ut_asserteq(ret, 0); > b = lmb_alloc_addr(alloc_addr_a, 0x1000, LMB_NOOVERWRITE); > - ut_asserteq(b, alloc_addr_a); > - b = lmb_alloc_addr(alloc_addr_a, 0x1000, LMB_NONE); > ut_asserteq(b, 0); > + b = lmb_alloc_addr(alloc_addr_a, 0x1000, LMB_NONE); > + ut_asserteq(b, -1); > b = lmb_alloc_addr(alloc_addr_a, 0x1000, LMB_NOOVERWRITE); > - ut_asserteq(b, 0); > + ut_asserteq(b, -1); > ret = lmb_free(alloc_addr_a, 0x1000); > ut_asserteq(ret, 0); > > @@ -561,22 +561,22 @@ static int test_alloc_addr(struct unit_test_state uts, const phys_addr_t ram) > > / allocate blocks */ > a = lmb_alloc_addr(ram, alloc_addr_a - ram, LMB_NONE); > - ut_asserteq(a, ram); > + ut_asserteq(a, 0); > ASSERT_LMB(mem_lst, used_lst, ram, ram_size, 3, ram, 0x8010000, > alloc_addr_b, 0x10000, alloc_addr_c, 0x10000); > b = lmb_alloc_addr(alloc_addr_a + 0x10000, > alloc_addr_b - alloc_addr_a - 0x10000, LMB_NONE); > - ut_asserteq(b, alloc_addr_a + 0x10000); > + ut_asserteq(b, 0); > ASSERT_LMB(mem_lst, used_lst, ram, ram_size, 2, ram, 0x10010000, > alloc_addr_c, 0x10000, 0, 0); > c = lmb_alloc_addr(alloc_addr_b + 0x10000, > alloc_addr_c - alloc_addr_b - 0x10000, LMB_NONE); > - ut_asserteq(c, alloc_addr_b + 0x10000); > + ut_asserteq(c, 0); > ASSERT_LMB(mem_lst, used_lst, ram, ram_size, 1, ram, 0x18010000, > 0, 0, 0, 0); > d = lmb_alloc_addr(alloc_addr_c + 0x10000, > ram_end - alloc_addr_c - 0x10000, LMB_NONE); > - ut_asserteq(d, alloc_addr_c + 0x10000); > + ut_asserteq(d, 0); > ASSERT_LMB(mem_lst, used_lst, ram, ram_size, 1, ram, ram_size, > 0, 0, 0, 0); > > @@ -586,57 +586,58 @@ static int test_alloc_addr(struct unit_test_state uts, const phys_addr_t ram) > ASSERT_LMB(mem_lst, used_lst, ram, ram_size, 1, ram, ram_size, > 0, 0, 0, 0); > > - ret = lmb_free(d, ram_end - alloc_addr_c - 0x10000); > + / free thge allocation from d / > + ret = lmb_free(alloc_addr_c + 0x10000, ram_end - alloc_addr_c - 0x10000); > ut_asserteq(ret, 0); > > / allocate at 3 points in free range / > > d = lmb_alloc_addr(ram_end - 4, 4, LMB_NONE); > - ut_asserteq(d, ram_end - 4); > + ut_asserteq(d, 0); > ASSERT_LMB(mem_lst, used_lst, ram, ram_size, 2, ram, 0x18010000, > - d, 4, 0, 0); > - ret = lmb_free(d, 4); > + ram_end - 4, 4, 0, 0); > + ret = lmb_free(ram_end - 4, 4); > ut_asserteq(ret, 0); > ASSERT_LMB(mem_lst, used_lst, ram, ram_size, 1, ram, 0x18010000, > 0, 0, 0, 0); > > d = lmb_alloc_addr(ram_end - 128, 4, LMB_NONE); > - ut_asserteq(d, ram_end - 128); > + ut_asserteq(d, 0); > ASSERT_LMB(mem_lst, used_lst, ram, ram_size, 2, ram, 0x18010000, > - d, 4, 0, 0); > - ret = lmb_free(d, 4); > + ram_end - 128, 4, 0, 0); > + ret = lmb_free(ram_end - 128, 4); > ut_asserteq(ret, 0); > ASSERT_LMB(mem_lst, used_lst, ram, ram_size, 1, ram, 0x18010000, > 0, 0, 0, 0); > > d = lmb_alloc_addr(alloc_addr_c + 0x10000, 4, LMB_NONE); > - ut_asserteq(d, alloc_addr_c + 0x10000); > + ut_asserteq(d, 0); > ASSERT_LMB(mem_lst, used_lst, ram, ram_size, 1, ram, 0x18010004, > 0, 0, 0, 0); > - ret = lmb_free(d, 4); > + ret = lmb_free(alloc_addr_c + 0x10000, 4); > ut_asserteq(ret, 0); > ASSERT_LMB(mem_lst, used_lst, ram, ram_size, 1, ram, 0x18010000, > 0, 0, 0, 0); > > - / allocate at the bottom / > - ret = lmb_free(a, alloc_addr_a - ram); > + / allocate at the bottom a was assigned to ram at the top / > + ret = lmb_free(ram, alloc_addr_a - ram); > ut_asserteq(ret, 0); > ASSERT_LMB(mem_lst, used_lst, ram, ram_size, 1, ram + 0x8000000, > 0x10010000, 0, 0, 0, 0); > > d = lmb_alloc_addr(ram, 4, LMB_NONE); > - ut_asserteq(d, ram); > - ASSERT_LMB(mem_lst, used_lst, ram, ram_size, 2, d, 4, > + ut_asserteq(d, 0); > + ASSERT_LMB(mem_lst, used_lst, ram, ram_size, 2, ram, 4, > ram + 0x8000000, 0x10010000, 0, 0); > > / check that allocating outside memory fails */ > if (ram_end != 0) { > ret = lmb_alloc_addr(ram_end, 1, LMB_NONE); > - ut_asserteq(ret, 0); > + ut_asserteq(ret, -1); > } > if (ram != 0) { > ret = lmb_alloc_addr(ram - 1, 1, LMB_NONE); > - ut_asserteq(ret, 0); > + ut_asserteq(ret, -1); > } > > lmb_pop(&store); > -- > 2.47.2 Tested-by: Ben Schneider <ben@bens.haus>
[...] > > ret = lmb_alloc_addr(ram - 1, 1, LMB_NONE); > > - ut_asserteq(ret, 0); > > + ut_asserteq(ret, -1); > > } > > > > lmb_pop(&store); > > -- > > 2.47.2 > > Tested-by: Ben Schneider <ben@bens.haus> Thanks Ben. Especially for the testing and the whole debugging saga /Ilias
diff --git a/fs/fs.c b/fs/fs.c index 99ddcc5e37be..1ed7c0f2d2c7 100644 --- a/fs/fs.c +++ b/fs/fs.c @@ -554,7 +554,7 @@ static int fs_read_lmb_check(const char *filename, ulong addr, loff_t offset, lmb_dump_all(); - if (lmb_alloc_addr(addr, read_len, LMB_NONE) == addr) + if (!lmb_alloc_addr(addr, read_len, LMB_NONE)) return 0; log_err("** Reading file would overwrite reserved memory **\n"); diff --git a/include/lmb.h b/include/lmb.h index 09297a4f530a..0d316c64c0a3 100644 --- a/include/lmb.h +++ b/include/lmb.h @@ -135,9 +135,9 @@ phys_addr_t lmb_alloc_base(phys_size_t size, ulong align, phys_addr_t max_addr, * parameter. The base parameter is used to specify the base address * of the requested region. * - * Return: Base address on success, 0 on error. + * Return: 0 on success -1 on error */ -phys_addr_t lmb_alloc_addr(phys_addr_t base, phys_size_t size, u32 flags); +int lmb_alloc_addr(phys_addr_t base, phys_size_t size, u32 flags); /** * lmb_is_reserved_flags() - Test if address is in reserved region with flag @@ -175,7 +175,7 @@ void lmb_pop(struct lmb *store); static inline int lmb_read_check(phys_addr_t addr, phys_size_t len) { - return lmb_alloc_addr(addr, len, LMB_NONE) == addr ? 0 : -1; + return lmb_alloc_addr(addr, len, LMB_NONE); } /** diff --git a/lib/efi_loader/efi_memory.c b/lib/efi_loader/efi_memory.c index 6d00b1862505..c39b53922bb4 100644 --- a/lib/efi_loader/efi_memory.c +++ b/lib/efi_loader/efi_memory.c @@ -491,8 +491,7 @@ efi_status_t efi_allocate_pages(enum efi_allocate_type type, return EFI_NOT_FOUND; addr = map_to_sysmem((void *)(uintptr_t)*memory); - addr = (u64)lmb_alloc_addr(addr, len, flags); - if (!addr) + if (lmb_alloc_addr(addr, len, flags)) return EFI_NOT_FOUND; break; default: diff --git a/lib/lmb.c b/lib/lmb.c index 93fc1bea07cd..61bb13dc4e24 100644 --- a/lib/lmb.c +++ b/lib/lmb.c @@ -714,7 +714,7 @@ phys_addr_t lmb_alloc_base(phys_size_t size, ulong align, phys_addr_t max_addr, return alloc; } -phys_addr_t lmb_alloc_addr(phys_addr_t base, phys_size_t size, u32 flags) +int lmb_alloc_addr(phys_addr_t base, phys_size_t size, u32 flags) { long rgn; struct lmb_region *lmb_memory = lmb.available_mem.data; @@ -731,11 +731,11 @@ phys_addr_t lmb_alloc_addr(phys_addr_t base, phys_size_t size, u32 flags) base + size - 1, 1)) { /* ok, reserve the memory */ if (!lmb_reserve(base, size, flags)) - return base; + return 0; } } - return 0; + return -1; } /* Return number of bytes from a given address that are free */ diff --git a/test/lib/lmb.c b/test/lib/lmb.c index fcb5f1af532a..01b1c7fdedd0 100644 --- a/test/lib/lmb.c +++ b/test/lib/lmb.c @@ -531,21 +531,21 @@ static int test_alloc_addr(struct unit_test_state *uts, const phys_addr_t ram) /* Try to allocate a page twice */ b = lmb_alloc_addr(alloc_addr_a, 0x1000, LMB_NONE); - ut_asserteq(b, alloc_addr_a); - b = lmb_alloc_addr(alloc_addr_a, 0x1000, LMB_NOOVERWRITE); ut_asserteq(b, 0); + b = lmb_alloc_addr(alloc_addr_a, 0x1000, LMB_NOOVERWRITE); + ut_asserteq(b, -1); b = lmb_alloc_addr(alloc_addr_a, 0x1000, LMB_NONE); - ut_asserteq(b, alloc_addr_a); + ut_asserteq(b, 0); b = lmb_alloc_addr(alloc_addr_a, 0x2000, LMB_NONE); - ut_asserteq(b, alloc_addr_a); + ut_asserteq(b, 0); ret = lmb_free(alloc_addr_a, 0x2000); ut_asserteq(ret, 0); b = lmb_alloc_addr(alloc_addr_a, 0x1000, LMB_NOOVERWRITE); - ut_asserteq(b, alloc_addr_a); - b = lmb_alloc_addr(alloc_addr_a, 0x1000, LMB_NONE); ut_asserteq(b, 0); + b = lmb_alloc_addr(alloc_addr_a, 0x1000, LMB_NONE); + ut_asserteq(b, -1); b = lmb_alloc_addr(alloc_addr_a, 0x1000, LMB_NOOVERWRITE); - ut_asserteq(b, 0); + ut_asserteq(b, -1); ret = lmb_free(alloc_addr_a, 0x1000); ut_asserteq(ret, 0); @@ -561,22 +561,22 @@ static int test_alloc_addr(struct unit_test_state *uts, const phys_addr_t ram) /* allocate blocks */ a = lmb_alloc_addr(ram, alloc_addr_a - ram, LMB_NONE); - ut_asserteq(a, ram); + ut_asserteq(a, 0); ASSERT_LMB(mem_lst, used_lst, ram, ram_size, 3, ram, 0x8010000, alloc_addr_b, 0x10000, alloc_addr_c, 0x10000); b = lmb_alloc_addr(alloc_addr_a + 0x10000, alloc_addr_b - alloc_addr_a - 0x10000, LMB_NONE); - ut_asserteq(b, alloc_addr_a + 0x10000); + ut_asserteq(b, 0); ASSERT_LMB(mem_lst, used_lst, ram, ram_size, 2, ram, 0x10010000, alloc_addr_c, 0x10000, 0, 0); c = lmb_alloc_addr(alloc_addr_b + 0x10000, alloc_addr_c - alloc_addr_b - 0x10000, LMB_NONE); - ut_asserteq(c, alloc_addr_b + 0x10000); + ut_asserteq(c, 0); ASSERT_LMB(mem_lst, used_lst, ram, ram_size, 1, ram, 0x18010000, 0, 0, 0, 0); d = lmb_alloc_addr(alloc_addr_c + 0x10000, ram_end - alloc_addr_c - 0x10000, LMB_NONE); - ut_asserteq(d, alloc_addr_c + 0x10000); + ut_asserteq(d, 0); ASSERT_LMB(mem_lst, used_lst, ram, ram_size, 1, ram, ram_size, 0, 0, 0, 0); @@ -586,57 +586,58 @@ static int test_alloc_addr(struct unit_test_state *uts, const phys_addr_t ram) ASSERT_LMB(mem_lst, used_lst, ram, ram_size, 1, ram, ram_size, 0, 0, 0, 0); - ret = lmb_free(d, ram_end - alloc_addr_c - 0x10000); + /* free thge allocation from d */ + ret = lmb_free(alloc_addr_c + 0x10000, ram_end - alloc_addr_c - 0x10000); ut_asserteq(ret, 0); /* allocate at 3 points in free range */ d = lmb_alloc_addr(ram_end - 4, 4, LMB_NONE); - ut_asserteq(d, ram_end - 4); + ut_asserteq(d, 0); ASSERT_LMB(mem_lst, used_lst, ram, ram_size, 2, ram, 0x18010000, - d, 4, 0, 0); - ret = lmb_free(d, 4); + ram_end - 4, 4, 0, 0); + ret = lmb_free(ram_end - 4, 4); ut_asserteq(ret, 0); ASSERT_LMB(mem_lst, used_lst, ram, ram_size, 1, ram, 0x18010000, 0, 0, 0, 0); d = lmb_alloc_addr(ram_end - 128, 4, LMB_NONE); - ut_asserteq(d, ram_end - 128); + ut_asserteq(d, 0); ASSERT_LMB(mem_lst, used_lst, ram, ram_size, 2, ram, 0x18010000, - d, 4, 0, 0); - ret = lmb_free(d, 4); + ram_end - 128, 4, 0, 0); + ret = lmb_free(ram_end - 128, 4); ut_asserteq(ret, 0); ASSERT_LMB(mem_lst, used_lst, ram, ram_size, 1, ram, 0x18010000, 0, 0, 0, 0); d = lmb_alloc_addr(alloc_addr_c + 0x10000, 4, LMB_NONE); - ut_asserteq(d, alloc_addr_c + 0x10000); + ut_asserteq(d, 0); ASSERT_LMB(mem_lst, used_lst, ram, ram_size, 1, ram, 0x18010004, 0, 0, 0, 0); - ret = lmb_free(d, 4); + ret = lmb_free(alloc_addr_c + 0x10000, 4); ut_asserteq(ret, 0); ASSERT_LMB(mem_lst, used_lst, ram, ram_size, 1, ram, 0x18010000, 0, 0, 0, 0); - /* allocate at the bottom */ - ret = lmb_free(a, alloc_addr_a - ram); + /* allocate at the bottom a was assigned to ram at the top */ + ret = lmb_free(ram, alloc_addr_a - ram); ut_asserteq(ret, 0); ASSERT_LMB(mem_lst, used_lst, ram, ram_size, 1, ram + 0x8000000, 0x10010000, 0, 0, 0, 0); d = lmb_alloc_addr(ram, 4, LMB_NONE); - ut_asserteq(d, ram); - ASSERT_LMB(mem_lst, used_lst, ram, ram_size, 2, d, 4, + ut_asserteq(d, 0); + ASSERT_LMB(mem_lst, used_lst, ram, ram_size, 2, ram, 4, ram + 0x8000000, 0x10010000, 0, 0); /* check that allocating outside memory fails */ if (ram_end != 0) { ret = lmb_alloc_addr(ram_end, 1, LMB_NONE); - ut_asserteq(ret, 0); + ut_asserteq(ret, -1); } if (ram != 0) { ret = lmb_alloc_addr(ram - 1, 1, LMB_NONE); - ut_asserteq(ret, 0); + ut_asserteq(ret, -1); } lmb_pop(&store);
Ben reports a failure to boot the kernel on hardware that starts its physical memory from 0x0. The reason is that lmb_alloc_addr(), which is supposed to reserve a specific address, takes the address as the first argument, but then also returns the address for success or failure and treats 0 as a failure. Since we already know the address change the prototype to return an int. Reported-by: Ben Schneider <ben@bens.haus> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> --- fs/fs.c | 2 +- include/lmb.h | 6 ++--- lib/efi_loader/efi_memory.c | 3 +-- lib/lmb.c | 6 ++--- test/lib/lmb.c | 53 +++++++++++++++++++------------------ 5 files changed, 35 insertions(+), 35 deletions(-)