kern: enforce maximum secure region size

This commit is contained in:
Michael Scire 2022-03-22 14:16:02 -07:00
parent de6d8d4ab4
commit 262a066c8c

View file

@ -23,6 +23,8 @@ namespace ams::kern::board::nintendo::nx {
constexpr size_t SecureAlignment = 128_KB; constexpr size_t SecureAlignment = 128_KB;
constexpr size_t SecureSizeMax = util::AlignDown(512_MB - 1, SecureAlignment);
/* Global variables for panic. */ /* Global variables for panic. */
constinit bool g_call_smc_on_panic; constinit bool g_call_smc_on_panic;
@ -191,6 +193,11 @@ namespace ams::kern::board::nintendo::nx {
} }
bool SetSecureRegion(KPhysicalAddress phys_addr, size_t size) { bool SetSecureRegion(KPhysicalAddress phys_addr, size_t size) {
/* Ensure size is valid. */
if (size > SecureSizeMax) {
return false;
}
/* Ensure address and size are aligned. */ /* Ensure address and size are aligned. */
if (!util::IsAligned(GetInteger(phys_addr), SecureAlignment)) { if (!util::IsAligned(GetInteger(phys_addr), SecureAlignment)) {
return false; return false;