common/memsize.c: Fix get_effective_memsize() to check for overflow

Ensure that top of RAM can be represented by phys_size_t type. If RAM is
too large or RAM base address is too upper then limit RAM size to prevent
address space overflow.

Signed-off-by: Pali Rohár <pali@kernel.org>

diff --git a/common/memsize.c b/common/memsize.c
index 31884acca0df8c118edfef93e826cc92be84fa56..3c80ad2c8346b1c158aae499722b1bbda7462fa9 100644 (file)
--- a/common/memsize.c
+++ b/common/memsize.c
@@ -94,11 +94,23 @@ long get_ram_size(long *base, long maxsize)
 
 phys_size_t __weak get_effective_memsize(void)
 {
+       phys_size_t ram_size = gd->ram_size;
+
+       /*
+        * Check for overflow and limit ram size to some representable value.
+        * It is required that ram_base + ram_size must be representable by
+        * phys_size_t type and must be aligned by direct access, therefore
+        * calculate it from last 4kB sector which should work as alignment
+        * on any platform.
+        */
+       if (gd->ram_base + ram_size < gd->ram_base)
+               ram_size = ((phys_size_t)~0xfffULL) - gd->ram_base;
+
 #ifndef CONFIG_MAX_MEM_MAPPED
-       return gd->ram_size;
+       return ram_size;
 #else
        /* limit stack to what we can reasonable map */
-       return ((gd->ram_size > CONFIG_MAX_MEM_MAPPED) ?
-               CONFIG_MAX_MEM_MAPPED : gd->ram_size);
+       return ((ram_size > CONFIG_MAX_MEM_MAPPED) ?
+               CONFIG_MAX_MEM_MAPPED : ram_size);
 #endif
 }