fix(gicv3/multichip): fix overflow caused by left shift

When spi_id_max is 5119, the expression `(spi_id_max - 4096U + 1U >> 5)`
evaluates to 32 leading to undefined behavior when using it to left
shift 1. Fix this undefined behavior.

Reported-by coverity scan:
https://lists.trustedfirmware.org/archives/list/tf-a@lists.trustedfirmware.org/thread/RMB4U7COL6IONZWEGF2FWXOQ6FPDIT4U/

```
    large_shift: In expression 1 << (spi_id_max - 4096U + 1U >> 5), left
    shifting by more than 31 bits has undefined behavior. The shift
    amount, spi_id_max - 4096U + 1U >> 5, is as much as 32.
```

Signed-off-by: Vijayenthiran Subramaniam <vijayenthiran.subramaniam@arm.com>
Change-Id: I5e77a78b81a6d0367875e7ea432a82b6ba0e587c

diff --git a/drivers/arm/gic/v3/gic600_multichip_private.h b/drivers/arm/gic/v3/gic600_multichip_private.h
index c7b15c1a6de9d0bb444e217c9888b13513b637b9..414bd5b8496c183a4d509bad1ad1c23fb60925ab 100644 (file)
--- a/drivers/arm/gic/v3/gic600_multichip_private.h
+++ b/drivers/arm/gic/v3/gic600_multichip_private.h
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2019, ARM Limited. All rights reserved.
+ * Copyright (c) 2019-2022, ARM Limited. All rights reserved.
  *
  * SPDX-License-Identifier: BSD-3-Clause
  */
@@ -74,7 +74,8 @@
  * Multichip data assertion macros
  */
 /* Set bits from 0 to ((spi_id_max + 1) / 32) */
-#define SPI_BLOCKS_TILL_MAX(spi_id_max)        ((1 << (((spi_id_max) + 1) >> 5)) - 1)
+#define SPI_BLOCKS_TILL_MAX(spi_id_max) \
+                       ((1ULL << (((spi_id_max) + 1) >> 5)) - 1)
 /* Set bits from 0 to (spi_id_min / 32) */
 #define SPI_BLOCKS_TILL_MIN(spi_id_min)        ((1 << ((spi_id_min) >> 5)) - 1)
 /* Set bits from (spi_id_min / 32) to ((spi_id_max + 1) / 32) */