libpayload/libc/time: Fix possible overflow in multiplication
The value from raw_read_cntfrq_el0() could be large enough to cause overflow when multiplied by USECS_PER_SEC. To prevent this, both USECS_PER_SEC and hz can be reduced by dividing them by their GCD. This patch also modifies the return type of `timer_hz()` from `uint64_t` to `uint32_t`, assuming that in practice the timestamp counter should never be that fast. BUG=b:307790895 TEST=boot to kernel and check the timestamps from `cbmem` Change-Id: Ia55532490651fcf47128b83a8554751f050bcc89 Signed-off-by: Yidi Lin <yidilin@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/78888 Reviewed-by: Julius Werner <jwerner@chromium.org> Reviewed-by: Yu-Ping Wu <yupingso@google.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
This commit is contained in:
parent
e91785dfd8
commit
eabdd0252a
5 changed files with 16 additions and 9 deletions
|
@ -32,7 +32,7 @@
|
|||
#include <arch/lib_helpers.h>
|
||||
#include <libpayload.h>
|
||||
|
||||
uint64_t timer_hz(void)
|
||||
uint32_t timer_hz(void)
|
||||
{
|
||||
return raw_read_cntfrq_el0();
|
||||
}
|
||||
|
|
|
@ -33,7 +33,7 @@
|
|||
#include <assert.h>
|
||||
#include <libpayload.h>
|
||||
|
||||
uint64_t timer_hz(void)
|
||||
uint32_t timer_hz(void)
|
||||
{
|
||||
/* libc/time.c currently requires all timers to be at least 1MHz. */
|
||||
assert(CONFIG_LP_TIMER_GENERIC_HZ >= 1000000);
|
||||
|
|
|
@ -33,10 +33,12 @@
|
|||
|
||||
#include <libpayload.h>
|
||||
#include <arch/rdtsc.h>
|
||||
#include <assert.h>
|
||||
|
||||
uint64_t timer_hz(void)
|
||||
uint32_t timer_hz(void)
|
||||
{
|
||||
return (uint64_t)lib_sysinfo.cpu_khz * 1000;
|
||||
assert(UINT32_MAX / 1000 >= lib_sysinfo.cpu_khz);
|
||||
return lib_sysinfo.cpu_khz * 1000;
|
||||
}
|
||||
|
||||
uint64_t timer_raw_value(void)
|
||||
|
|
|
@ -519,7 +519,7 @@ void lib_sysinfo_get_memranges(struct memrange **ranges,
|
|||
|
||||
/* Timer functions. */
|
||||
/* Defined by each architecture. */
|
||||
uint64_t timer_hz(void);
|
||||
uint32_t timer_hz(void);
|
||||
uint64_t timer_raw_value(void);
|
||||
uint64_t timer_us(uint64_t base);
|
||||
/* Generic. */
|
||||
|
|
|
@ -38,6 +38,7 @@
|
|||
#if CONFIG(LP_ARCH_X86) && CONFIG(LP_NVRAM)
|
||||
#include <arch/rdtsc.h>
|
||||
#endif
|
||||
#include <commonlib/bsd/gcd.h>
|
||||
#include <inttypes.h>
|
||||
|
||||
extern u32 cpu_khz;
|
||||
|
@ -170,17 +171,21 @@ void arch_ndelay(uint64_t ns)
|
|||
|
||||
u64 timer_us(u64 base)
|
||||
{
|
||||
static u64 hz;
|
||||
static u32 hz, mult = USECS_PER_SEC;
|
||||
u32 div;
|
||||
|
||||
// Only check timer_hz once. Assume it doesn't change.
|
||||
if (hz == 0) {
|
||||
hz = timer_hz();
|
||||
if (hz < 1000000) {
|
||||
printf("Timer frequency %" PRIu64 " is too low, "
|
||||
if (hz < mult) {
|
||||
printf("Timer frequency %" PRIu32 " is too low, "
|
||||
"must be at least 1MHz.\n", hz);
|
||||
halt();
|
||||
}
|
||||
div = gcd32(hz, mult);
|
||||
hz /= div;
|
||||
mult /= div;
|
||||
}
|
||||
|
||||
return (1000000 * timer_raw_value()) / hz - base;
|
||||
return (mult * timer_raw_value()) / hz - base;
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue