From 05ac4484c19b39db1a452cb47c401c7855d8a2a7 Mon Sep 17 00:00:00 2001
From: Balaji Gontumukkala <balaji.gontumukkala@arm.com>
Date: Fri, 17 Jan 2025 13:56:53 +0000
Subject: [PATCH] Handle unsupported SCMI message

 - In the SCMI handler table, unsupported messages are indicated by leaving the
   corresponding function pointer unassigned. However, there is no validation
   check on entry which leads to potential null pointer dereference while handling
   message.
 - This change explicitly initializes the handler table and validates
   entry in runtime to determine whether a given message is supported

Signed-off-by: Balaji Gontumukkala <balaji.gontumukkala@arm.com>
---
 test_pool/base/test_b010.c         | 33 +++++++++++++++++-------
 test_pool/system_power/test_s007.c | 41 ++++++++++++++++++++++--------
 2 files changed, 54 insertions(+), 20 deletions(-)

diff --git a/test_pool/base/test_b010.c b/test_pool/base/test_b010.c
index 24ef24e..0db4f49 100644
--- a/test_pool/base/test_b010.c
+++ b/test_pool/base/test_b010.c
@@ -1,5 +1,5 @@
 /** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2020, 2025, Arm Limited or its affiliates. All rights reserved.
  * SPDX-License-Identifier : Apache-2.0
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
@@ -23,7 +23,7 @@
 
 uint32_t base_query_notify_error_support(void)
 {
-    int32_t  status;
+    int32_t  status, optional_protocol_query_status;
     uint32_t rsp_msg_hdr;
     uint32_t cmd_msg_hdr;
     size_t   param_count;
@@ -39,28 +39,43 @@ uint32_t base_query_notify_error_support(void)
 
     VAL_INIT_TEST_PARAM(param_count, rsp_msg_hdr, return_value_count, status);
     message_id = BASE_NOTIFY_ERRORS;
-    param_count++;
+    param_count = 1;
     cmd_msg_hdr = val_msg_hdr_create(PROTOCOL_BASE, BASE_PROTOCOL_MESSAGE_ATTRIBUTES, COMMAND_MSG);
     val_send_message(cmd_msg_hdr, param_count, &message_id, &rsp_msg_hdr, &status,
                      &return_value_count, return_values);
 
-    if (status == SCMI_NOT_FOUND) {
+    if (!((val_compare_status(status, SCMI_SUCCESS) == VAL_STATUS_PASS) ||
+        (val_compare_status(status, SCMI_NOT_FOUND) == VAL_STATUS_PASS))) {
         val_print(VAL_PRINT_ERR, "\n       BASE_NOTIFY_ERRORS not supported            ");
-        return VAL_STATUS_SKIP;
+        return VAL_STATUS_FAIL;
     }
 
-    /* BASE NOTIFY ERRORS with invalid notify_enable should return status INVALID PARAMETERS */
+    optional_protocol_query_status = status;
+
+    /*
+     * if query status is SCMI_SUCCESS:
+     *  Invalid notify_enable should return INVALID PARAMETERS
+     *
+     * if query status is SCMI_NOT_FOUND:
+     *  Invalid notify_enable should return SCMI_PROTOCOL_ERROR due to incorrect payload size.
+     *  Otherwise, setting param_count to zero would return SCMI_NOT_SUPPORTED.
+     */
     val_print(VAL_PRINT_TEST, "\n     [Check 2] Query notify error with invalid notify_enable");
 
     VAL_INIT_TEST_PARAM(param_count, rsp_msg_hdr, return_value_count, status);
     notify_enable = INVALID_NOTIFY_ENABLE; /* Invalid notify enable value */
-    param_count++;
+    param_count = 1;
     cmd_msg_hdr = val_msg_hdr_create(PROTOCOL_BASE, BASE_NOTIFY_ERRORS, COMMAND_MSG);
     val_send_message(cmd_msg_hdr, param_count, &notify_enable, &rsp_msg_hdr, &status,
                      &return_value_count, return_values);
 
-    if (val_compare_status(status, SCMI_INVALID_PARAMETERS) != VAL_STATUS_PASS)
-        return VAL_STATUS_FAIL;
+    if (val_compare_status(optional_protocol_query_status, SCMI_SUCCESS) == VAL_STATUS_PASS) {
+        if (val_compare_status(status, SCMI_INVALID_PARAMETERS) != VAL_STATUS_PASS)
+            return VAL_STATUS_FAIL;
+    } else {
+        if (val_compare_status(status, SCMI_PROTOCOL_ERROR) != VAL_STATUS_PASS)
+            return VAL_STATUS_FAIL;
+    }
 
     if (val_compare_msg_hdr(cmd_msg_hdr, rsp_msg_hdr) != VAL_STATUS_PASS)
         return VAL_STATUS_FAIL;
diff --git a/test_pool/system_power/test_s007.c b/test_pool/system_power/test_s007.c
index 2afe74a..c6a86c9 100644
--- a/test_pool/system_power/test_s007.c
+++ b/test_pool/system_power/test_s007.c
@@ -1,5 +1,5 @@
 /** @file
- * Copyright (c) 2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2020, 2025, Arm Limited or its affiliates. All rights reserved.
  * SPDX-License-Identifier : Apache-2.0
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
@@ -23,7 +23,7 @@
 
 uint32_t system_power_state_notify_invalid_parameters(void)
 {
-    int32_t  status;
+    int32_t  status, optional_protocol_query_status;
     uint32_t rsp_msg_hdr;
     uint32_t cmd_msg_hdr;
     size_t   param_count;
@@ -40,29 +40,48 @@ uint32_t system_power_state_notify_invalid_parameters(void)
 
     VAL_INIT_TEST_PARAM(param_count, rsp_msg_hdr, return_value_count, status);
     message_id = SYSTEM_POWER_STATE_NOTIFY;
-    param_count++;
+    param_count = 1;
     cmd_msg_hdr = val_msg_hdr_create(PROTOCOL_SYSTEM_POWER,
                                      SYSTEM_POWER_PROTOCOL_MESSAGE_ATTRIBUTES, COMMAND_MSG);
     val_send_message(cmd_msg_hdr, param_count, &message_id, &rsp_msg_hdr, &status,
                      &return_value_count, return_values);
 
-    if (val_compare_status(status, SCMI_NOT_SUPPORTED) == VAL_STATUS_PASS) {
+    if (!((val_compare_status(status, SCMI_SUCCESS) == VAL_STATUS_PASS) ||
+        (val_compare_status(status, SCMI_NOT_FOUND) == VAL_STATUS_PASS) ||
+        (val_compare_status(status, SCMI_NOT_SUPPORTED) == VAL_STATUS_PASS))) {
         val_print(VAL_PRINT_ERR, "\n       SYSTEM POWER STATE NOTIFY not supported     ");
-        return VAL_STATUS_SKIP;
+        return VAL_STATUS_FAIL;
     }
 
-    val_print(VAL_PRINT_TEST, "\n     [Check 2] Set power state notify invalid notify_enable");
+    optional_protocol_query_status = status;
 
+    /*
+     * if previous query status is SCMI_SUCCESS, SCP should return SCMI_INVALID_PARAMETERS.
+     * if previous query status is SCMI_NOT_FOUND, SCP should return SCMI_PROTOCOL_ERROR.
+	 * if previous query status is SCMI_NOT_SUPPORTED, SCP should return SCMI_PROTOCOL_ERROR.
+	 * (SCP should return SCMI_NOT_SUPPORTED if we set payload size to zero.)
+     */
+    val_print(VAL_PRINT_TEST, "\n     [Check 2] Set power state notify invalid notify_enable");
     VAL_INIT_TEST_PARAM(param_count, rsp_msg_hdr, return_value_count, status);
     parameters = INVALID_NOTIFY_EN_VAL;
-    param_count++;
+    param_count = 1;
     cmd_msg_hdr = val_msg_hdr_create(PROTOCOL_SYSTEM_POWER,
-                                     SYSTEM_POWER_STATE_NOTIFY, COMMAND_MSG);
+                                    SYSTEM_POWER_STATE_NOTIFY, COMMAND_MSG);
     val_send_message(cmd_msg_hdr, param_count, &parameters, &rsp_msg_hdr, &status,
-                     &return_value_count, return_values);
+                    &return_value_count, return_values);
 
-    if (val_compare_status(status, SCMI_INVALID_PARAMETERS) != VAL_STATUS_PASS)
-        return VAL_STATUS_FAIL;
+    if (val_compare_status(optional_protocol_query_status, SCMI_SUCCESS) == VAL_STATUS_PASS) {
+        if (val_compare_status(status, SCMI_INVALID_PARAMETERS) != VAL_STATUS_PASS)
+            return VAL_STATUS_FAIL;
+    } else if (val_compare_status(
+        optional_protocol_query_status, SCMI_NOT_SUPPORTED) == VAL_STATUS_PASS
+    ) {
+        if (val_compare_status(status, SCMI_PROTOCOL_ERROR) != VAL_STATUS_PASS)
+            return VAL_STATUS_FAIL;
+    } else {
+        if (val_compare_status(status, SCMI_PROTOCOL_ERROR) != VAL_STATUS_PASS)
+            return VAL_STATUS_FAIL;
+    }
 
     if (val_compare_msg_hdr(cmd_msg_hdr, rsp_msg_hdr) != VAL_STATUS_PASS)
         return VAL_STATUS_FAIL;
-- 
GitLab