[PATCH 1/1] lib: sbi_scratch: zero out scratch memory on all harts

[Heinrich Schuchardt]

In sbi_scratch_init() we determine the last hart. The index of the last
hart cannot exceed SBI_HARTMASK_MAX_BITS - 1. We should not initialize
last_hartid_having_scratch to a higher number to avoid buffer overflows
when using this value before calling sbi_scratch_init().

When allocating scratch memory in sbi_scratch_alloc_offset() we zero out
the allocated memory for all harts except for the last one. We should not
skip the last hart.

Signed-off-by: Heinrich Schuchardt <xypron.glpk at gmx.de>
---
 lib/sbi/sbi_scratch.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lib/sbi/sbi_scratch.c b/lib/sbi/sbi_scratch.c
index 7cf5b43..87b34c6 100644
--- a/lib/sbi/sbi_scratch.c
+++ b/lib/sbi/sbi_scratch.c
@@ -14,7 +14,7 @@
 #include <sbi/sbi_scratch.h>
 #include <sbi/sbi_string.h>

-u32 last_hartid_having_scratch = SBI_HARTMASK_MAX_BITS;
+u32 last_hartid_having_scratch = SBI_HARTMASK_MAX_BITS - 1;
 struct sbi_scratch *hartid_to_scratch_table[SBI_HARTMASK_MAX_BITS] = { 0 };

 static spinlock_t extra_lock = SPIN_LOCK_INITIALIZER;
@@ -74,7 +74,7 @@ done:
 	spin_unlock(&extra_lock);

 	if (ret) {
-		for (i = 0; i < sbi_scratch_last_hartid(); i++) {
+		for (i = 0; i <= sbi_scratch_last_hartid(); i++) {
 			rscratch = sbi_hartid_to_scratch(i);
 			if (!rscratch)
 				continue;
--
2.30.2