UefiCpuPkg/Library/MtrrLib/MtrrLib.c | 19 +++++++++++++++---- 1 file changed, 15 insertions(+), 4 deletions(-)
MtrrLibSetBelow1MBMemoryAttribute() may be called multiple times.
It's possible that in a 2nd call, Modified[0] is set to TRUE in
1st call but ClearMasks[0] and OrMasks[0] is uninitialized in
2nd call. It causes FixedSettings->Mtrr[0] be set to random
data.
The patch fixes this issue by introducing a local Modified[]
array and only updates FixedSettings->Mtrr[] when LocalModified[i]
is TRUE.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
---
UefiCpuPkg/Library/MtrrLib/MtrrLib.c | 19 +++++++++++++++----
1 file changed, 15 insertions(+), 4 deletions(-)
diff --git a/UefiCpuPkg/Library/MtrrLib/MtrrLib.c b/UefiCpuPkg/Library/MtrrLib/MtrrLib.c
index cb22558103..200becdd4a 100644
--- a/UefiCpuPkg/Library/MtrrLib/MtrrLib.c
+++ b/UefiCpuPkg/Library/MtrrLib/MtrrLib.c
@@ -2114,22 +2114,32 @@ MtrrLibSetBelow1MBMemoryAttribute (
UINT64 OrMask;
UINT64 ClearMasks[ARRAY_SIZE (mMtrrLibFixedMtrrTable)];
UINT64 OrMasks[ARRAY_SIZE (mMtrrLibFixedMtrrTable)];
+ BOOLEAN LocalModified[ARRAY_SIZE (mMtrrLibFixedMtrrTable)];
ASSERT (BaseAddress < BASE_1MB);
+ SetMem (LocalModified, sizeof (LocalModified), FALSE);
+
+ //
+ // (Value & ~0 | 0) still equals to (Value)
+ //
+ SetMem64 (ClearMasks, sizeof (ClearMasks), 0);
+ SetMem64 (OrMasks, sizeof (OrMasks), 0);
+
MsrIndex = (UINT32)-1;
while ((BaseAddress < BASE_1MB) && (Length != 0)) {
Status = MtrrLibProgramFixedMtrr (Type, &BaseAddress, &Length, &MsrIndex, &ClearMask, &OrMask);
if (RETURN_ERROR (Status)) {
return Status;
}
- ClearMasks[MsrIndex] = ClearMask;
- OrMasks[MsrIndex] = OrMask;
- Modified[MsrIndex] = TRUE;
+ ClearMasks[MsrIndex] = ClearMask;
+ OrMasks[MsrIndex] = OrMask;
+ Modified[MsrIndex] = TRUE;
+ LocalModified[MsrIndex] = TRUE;
}
for (MsrIndex = 0; MsrIndex < ARRAY_SIZE (mMtrrLibFixedMtrrTable); MsrIndex++) {
- if (Modified[MsrIndex]) {
+ if (LocalModified[MsrIndex]) {
FixedSettings->Mtrr[MsrIndex] = (FixedSettings->Mtrr[MsrIndex] & ~ClearMasks[MsrIndex]) | OrMasks[MsrIndex];
}
}
@@ -2354,6 +2364,7 @@ MtrrSetMemoryAttributesInMtrrSettings (
//
// 3. Apply the below-1MB memory attribute settings.
//
+ ZeroMem (WorkingFixedSettings.Mtrr, sizeof (WorkingFixedSettings.Mtrr));
for (Index = 0; Index < RangeCount; Index++) {
if (Ranges[Index].BaseAddress >= BASE_1MB) {
continue;
--
2.12.2.windows.2
_______________________________________________
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel
Reviewed-by: Hao Wu <hao.a.wu@intel.com>
Best Regards,
Hao Wu
> -----Original Message-----
> From: Ni, Ruiyu
> Sent: Thursday, October 19, 2017 10:49 AM
> To: edk2-devel@lists.01.org
> Cc: Wu, Hao A
> Subject: [PATCH] UefiCpuPkg/MtrrLib: Fix bug that may incorrectly set <1MB
> attribute
>
> MtrrLibSetBelow1MBMemoryAttribute() may be called multiple times.
> It's possible that in a 2nd call, Modified[0] is set to TRUE in
> 1st call but ClearMasks[0] and OrMasks[0] is uninitialized in
> 2nd call. It causes FixedSettings->Mtrr[0] be set to random
> data.
>
> The patch fixes this issue by introducing a local Modified[]
> array and only updates FixedSettings->Mtrr[] when LocalModified[i]
> is TRUE.
>
> Contributed-under: TianoCore Contribution Agreement 1.1
> Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
> Cc: Hao A Wu <hao.a.wu@intel.com>
> ---
> UefiCpuPkg/Library/MtrrLib/MtrrLib.c | 19 +++++++++++++++----
> 1 file changed, 15 insertions(+), 4 deletions(-)
>
> diff --git a/UefiCpuPkg/Library/MtrrLib/MtrrLib.c
> b/UefiCpuPkg/Library/MtrrLib/MtrrLib.c
> index cb22558103..200becdd4a 100644
> --- a/UefiCpuPkg/Library/MtrrLib/MtrrLib.c
> +++ b/UefiCpuPkg/Library/MtrrLib/MtrrLib.c
> @@ -2114,22 +2114,32 @@ MtrrLibSetBelow1MBMemoryAttribute (
> UINT64 OrMask;
> UINT64 ClearMasks[ARRAY_SIZE (mMtrrLibFixedMtrrTable)];
> UINT64 OrMasks[ARRAY_SIZE (mMtrrLibFixedMtrrTable)];
> + BOOLEAN LocalModified[ARRAY_SIZE (mMtrrLibFixedMtrrTable)];
>
> ASSERT (BaseAddress < BASE_1MB);
>
> + SetMem (LocalModified, sizeof (LocalModified), FALSE);
> +
> + //
> + // (Value & ~0 | 0) still equals to (Value)
> + //
> + SetMem64 (ClearMasks, sizeof (ClearMasks), 0);
> + SetMem64 (OrMasks, sizeof (OrMasks), 0);
> +
> MsrIndex = (UINT32)-1;
> while ((BaseAddress < BASE_1MB) && (Length != 0)) {
> Status = MtrrLibProgramFixedMtrr (Type, &BaseAddress, &Length,
> &MsrIndex, &ClearMask, &OrMask);
> if (RETURN_ERROR (Status)) {
> return Status;
> }
> - ClearMasks[MsrIndex] = ClearMask;
> - OrMasks[MsrIndex] = OrMask;
> - Modified[MsrIndex] = TRUE;
> + ClearMasks[MsrIndex] = ClearMask;
> + OrMasks[MsrIndex] = OrMask;
> + Modified[MsrIndex] = TRUE;
> + LocalModified[MsrIndex] = TRUE;
> }
>
> for (MsrIndex = 0; MsrIndex < ARRAY_SIZE (mMtrrLibFixedMtrrTable);
> MsrIndex++) {
> - if (Modified[MsrIndex]) {
> + if (LocalModified[MsrIndex]) {
> FixedSettings->Mtrr[MsrIndex] = (FixedSettings->Mtrr[MsrIndex] &
> ~ClearMasks[MsrIndex]) | OrMasks[MsrIndex];
> }
> }
> @@ -2354,6 +2364,7 @@ MtrrSetMemoryAttributesInMtrrSettings (
> //
> // 3. Apply the below-1MB memory attribute settings.
> //
> + ZeroMem (WorkingFixedSettings.Mtrr, sizeof (WorkingFixedSettings.Mtrr));
> for (Index = 0; Index < RangeCount; Index++) {
> if (Ranges[Index].BaseAddress >= BASE_1MB) {
> continue;
> --
> 2.12.2.windows.2
_______________________________________________
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel
© 2016 - 2025 Red Hat, Inc.