genode/repos/os/include
Martin Stein 1336b0a751 mmio: upper-bounds checks
The classes Genode::Mmio, Genode::Register_set, Genode::Attached_mmio, and
Platform::Device::Mmio now receive a template parameter 'size_t SIZE'. In each
type that derives from one of these classes, it is now statically checked that
the range of each Genode::Register::Register- and
Genode::Register_set::Register_array-deriving sub-type is within [0..SIZE).

That said, SIZE is the minimum size of the memory region provided to the above
mentioned Mmio classes in order to avoid page faults or memory corruption when
accessing the registers and register arrays declared inside.

Note, that the range end of a register array is not the end of the last item
but the end of integer access that is used for accessing the last bit in the
last item.

The constructors of Genode::Mmio, Genode::Attached_mmio, and
Platform::Device::Mmio now receive an argument 'Byte_range_ptr range' that is
expected to be the range of the backing memory region. In each type that derives
from on of these classes, it is now dynamically checked that 'range.num_bytes
>= SIZE', thereby implementing the above mention protection against page faults
and memory corruption.

The rest of the commit adapts the code throughout the Genode Labs repositories
regarding the changes. Note that for that code inside Core, the commits mostly
uses a simplified approach by constructing MMIO objects with range
[base..base+SIZE) and not with a mapping- or specification-related range size.
This should be fixed in the future.

Furthermore, there are types that derive from an MMIO class but don't declare
any registers or register arrays (especially with Platform::Device::Mmio). In
this case SIZE is set to 0. This way, the parameters must be actively corrected
by someone who later wants to add registers or register arrays, plus the places
can be easily found by grep'ing for Mmio<0>.

Fix #4081
2024-02-26 08:59:07 +01:00
..
audio_in_session os: define CAP_QUOTA as constexpr (C++20) 2023-05-30 12:03:29 +02:00
audio_out_session os: define CAP_QUOTA as constexpr (C++20) 2023-05-30 12:03:29 +02:00
blit os: avoid implicit conversions 2021-12-17 15:04:45 +01:00
block Remove unneeded session_size check 2022-08-10 13:32:57 +02:00
block_session os: define CAP_QUOTA as constexpr (C++20) 2023-05-30 12:03:29 +02:00
capture_session os: define CAP_QUOTA as constexpr (C++20) 2023-05-30 12:03:29 +02:00
decorator list_model.h: rename 'apply_first' to 'with_first' 2023-11-28 14:24:24 +01:00
event_session os: define CAP_QUOTA as constexpr (C++20) 2023-05-30 12:03:29 +02:00
file_system file_system/util.h: remove packet-stream helpers 2022-02-15 10:11:10 +01:00
file_system_session os: define CAP_QUOTA as constexpr (C++20) 2023-05-30 12:03:29 +02:00
framebuffer_session os: make nitpicker compatible to C++20 2023-05-30 12:03:29 +02:00
genode_c_api genode_c_api/event: add wheel events 2023-09-29 12:15:06 +02:00
gpio os: avoid implicit conversions 2021-12-17 15:04:45 +01:00
gpio_session os: define CAP_QUOTA as constexpr (C++20) 2023-05-30 12:03:29 +02:00
gpu gpu/intel: GEN12+ 2022-11-17 08:00:36 +01:00
gpu_session os: define CAP_QUOTA as constexpr (C++20) 2023-05-30 12:03:29 +02:00
gui_session os: make nitpicker compatible to C++20 2023-05-30 12:03:29 +02:00
i2c_session os: define CAP_QUOTA as constexpr (C++20) 2023-05-30 12:03:29 +02:00
init Adaptation to init refactoring 2017-03-24 16:19:56 +01:00
input input/event.h: axis ids LX, LY, LT, RX, RY, and RT 2024-02-26 08:31:03 +01:00
input_session os: make nitpicker compatible to C++20 2023-05-30 12:03:29 +02:00
ldso Adjust file headers to refer to the AGPLv3 2017-02-28 12:59:29 +01:00
loader_session os: define CAP_QUOTA as constexpr (C++20) 2023-05-30 12:03:29 +02:00
mixer os: avoid using deprecated APIs 2019-01-30 13:49:54 +01:00
monitor monitor: add more debugging features 2023-08-23 13:46:37 +02:00
net os/include/net: add support for the DNS protocol 2023-11-28 14:24:23 +01:00
nic Remove unused Nic::Root implementation (nic/root.h) 2022-05-25 12:19:31 +02:00
nic_session os: replace enum by static constexpr (C++20) 2023-05-30 12:03:29 +02:00
nitpicker_gfx os: Don't use char as array subscript. 2022-02-15 10:23:58 +01:00
os mmio: upper-bounds checks 2024-02-26 08:59:07 +01:00
packet_stream_rx os: remove blocking semantics from packet stream 2022-02-15 10:10:03 +01:00
packet_stream_tx os: remove blocking semantics from packet stream 2022-02-15 10:10:03 +01:00
pci mmio: upper-bounds checks 2024-02-26 08:59:07 +01:00
pin_control_session os: define CAP_QUOTA as constexpr (C++20) 2023-05-30 12:03:29 +02:00
pin_state_session os: define CAP_QUOTA as constexpr (C++20) 2023-05-30 12:03:29 +02:00
platform_session mmio: upper-bounds checks 2024-02-26 08:59:07 +01:00
pointer os: avoid garbage warnings in app/painter 2019-01-07 12:25:45 +01:00
ram_fs vfs: remove 'file_size' from read/write interfaces 2023-02-27 08:22:49 +01:00
report_rom Remove unneeded session_size check 2022-08-10 13:32:57 +02:00
report_session os: define CAP_QUOTA as constexpr (C++20) 2023-05-30 12:03:29 +02:00
rtc_session os: define CAP_QUOTA as constexpr (C++20) 2023-05-30 12:03:29 +02:00
sandbox monitor: apply affinity to monitored children 2023-09-29 12:17:45 +02:00
smbios os: avoid implicit conversions 2021-12-17 15:04:45 +01:00
spec os: limit backtrace to stack of current thread 2024-02-26 08:31:02 +01:00
terminal os: avoid implicit conversions 2021-12-17 15:04:45 +01:00
terminal_session os: define CAP_QUOTA as constexpr (C++20) 2023-05-30 12:03:29 +02:00
trace trace_buffer: fix check for empty buffer 2023-04-17 14:48:30 +02:00
uart_session Remove format strings from connection types 2023-03-13 14:32:37 +01:00
uplink_session os: define CAP_QUOTA as constexpr (C++20) 2023-05-30 12:03:29 +02:00
usb usb_session: align USB packet allocation correctly 2022-11-17 08:00:35 +01:00
usb_session os: define CAP_QUOTA as constexpr (C++20) 2023-05-30 12:03:29 +02:00
util monitor: add more debugging features 2023-08-23 13:46:37 +02:00
vfs vfs: fix dangling allocation in dir_file_system 2023-05-30 12:03:26 +02:00
virtio mmio: upper-bounds checks 2024-02-26 08:59:07 +01:00