From 33a4dfc703b43f0e8d4da76411ee3f5aee0c8033 Mon Sep 17 00:00:00 2001
From: Prasad Kummari <prasad.kummari@amd.com>
Date: Fri, 13 Sep 2024 13:02:52 +0530
Subject: [PATCH] cmd: sf: prevent overwriting the reserved memory

Added LMB API to prevent SF command from overwriting reserved
memory areas. The current SPI code does not use LMB APIs for
loading data into memory addresses. To resolve this, LMB APIs
were added to check the load address of an SF command and ensure it
does not overwrite reserved memory addresses. Similar checks are
used in TFTP, serial load, and boot code to prevent overwriting
reserved memory.

Signed-off-by: Prasad Kummari <prasad.kummari@amd.com>
Suggested-by: Sughosh Ganu <sughosh.ganu@linaro.org>
---
 cmd/sf.c      | 8 ++++++++
 include/lmb.h | 5 +++++
 2 files changed, 13 insertions(+)

diff --git a/cmd/sf.c b/cmd/sf.c
index f43a2e08b3..08e364e191 100644
--- a/cmd/sf.c
+++ b/cmd/sf.c
@@ -10,6 +10,7 @@
 #include <div64.h>
 #include <dm.h>
 #include <log.h>
+#include <lmb.h>
 #include <malloc.h>
 #include <mapmem.h>
 #include <spi.h>
@@ -317,6 +318,13 @@ static int do_spi_flash_read_write(int argc, char *const argv[])
 			strncmp(argv[0], "write", 5) == 0) {
 		int read;
 
+		if (CONFIG_IS_ENABLED(LMB)) {
+			if (lmb_read_check(addr, len)) {
+				printf("ERROR: trying to overwrite reserved memory...\n");
+				return CMD_RET_FAILURE;
+			}
+		}
+
 		read = strncmp(argv[0], "read", 4) == 0;
 		if (read)
 			ret = spi_flash_read(flash, offset, len, buf);
diff --git a/include/lmb.h b/include/lmb.h
index fc2daaa7bf..aee2f9fcda 100644
--- a/include/lmb.h
+++ b/include/lmb.h
@@ -111,6 +111,11 @@ struct lmb *lmb_get(void);
 int lmb_push(struct lmb *store);
 void lmb_pop(struct lmb *store);
 
+static inline int lmb_read_check(phys_addr_t addr, phys_size_t len)
+{
+	return lmb_alloc_addr(addr, len) == addr ? 0 : -1;
+}
+
 #endif /* __KERNEL__ */
 
 #endif /* _LINUX_LMB_H */
-- 
2.39.5