From nobody Tue Jan 14 10:06:27 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=fail; spf=none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) smtp.mailfrom=edk2-devel-bounces@lists.01.org Return-Path: Received: from ml01.01.org (ml01.01.org [198.145.21.10]) by mx.zohomail.com with SMTPS id 1513673868398674.7892795632051; Tue, 19 Dec 2017 00:57:48 -0800 (PST) Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id CCB19221C194A; Tue, 19 Dec 2017 00:52:58 -0800 (PST) Received: from mail-wr0-x244.google.com (mail-wr0-x244.google.com [IPv6:2a00:1450:400c:c0c::244]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id EF72B221C1936 for ; Tue, 19 Dec 2017 00:52:56 -0800 (PST) Received: by mail-wr0-x244.google.com with SMTP id s66so18014307wrc.9 for ; Tue, 19 Dec 2017 00:57:43 -0800 (PST) Received: from localhost.localdomain ([2a02:908:5a9:8400:5ec8:3210:9b68:c91c]) by smtp.gmail.com with ESMTPSA id d7sm18605866wrd.54.2017.12.19.00.57.40 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 19 Dec 2017 00:57:40 -0800 (PST) X-Original-To: edk2-devel@lists.01.org Received-SPF: none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) client-ip=198.145.21.10; envelope-from=edk2-devel-bounces@lists.01.org; helo=ml01.01.org; Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=2a00:1450:400c:c0c::244; helo=mail-wr0-x244.google.com; envelope-from=sigmaepsilon92@gmail.com; receiver=edk2-devel@lists.01.org DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id; bh=fVegnhKLdMSQ+VMYbJGrjKy/suTO5MXr7fDLCHtjPmI=; b=GrkVK4ZpjQe45M2xT2HpnO/NNBBHfYa2vvuObk5RSeSuSIYCJ8vcshHe4+CpFnSH85 W/p2vSooJXPU55jOdkD+dmTglfCv5Car+eldECgauteSnJDeRhKDYnknuQN/pv+txWIp f9TZ6xtqiBaexa7YEj+Pu6MWw6zRs3l9zV9/TCUO83QSGfa5BixHEnyFQby+wRHDiTZb i23Wr6+d+nKUlx/ZJ8Bxwxf7uG+fxXmsC57wdx0K+MuA9LwwYt98zaRYqN+ZmduVq8kV XVOkteQI8N9z+D5NIpc6yHZZhXRTR1bwY2+fOPUe/rg+r4DCcXLyKRnFcC7XD9zXitaV XViw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=fVegnhKLdMSQ+VMYbJGrjKy/suTO5MXr7fDLCHtjPmI=; b=di3VqzJz57K5PNv9EMw2k2VuyypfU5LXE6udnMjefwTSkm9f55XBcklAFK1TrWMaFS N3KFpmVv0aoVuqC5Mvwrfr3PRKVnAnyK6dV1uMM256ArYrg0Scn0Zx4unA+Uml9PwcmS buSE0P3mU3u5UZ64f7rQNrG+iCGOT+fNmDlToJuQCeqGsq40totmJOaObnlPx6EFIQ6q ACFFf0XF8zdkeiC4NANge1NlN/tXUgqaDK9942QTJR1CK5FxBcNLxNpOEQdOTp4o3uBk 7Rp08AgoGFkFI+/TS3mF4WurujMSVwSbmk5f++ERmoy3iNP2z6gBdG9vKMep75RNlZJu WCeQ== X-Gm-Message-State: AKGB3mKcDva+gzwYqXJF1ARfD0iUFaXY7atBzd7VWLjDY/VtmT91Oq32 YMpVTI0cWfvjJfDQWRGlwqYVThe2 X-Google-Smtp-Source: ACJfBoupPIifq7inGISQ+pk9sZ0/TPo8tByh93v4UplBrQVUwbFY+sjhIATZtwwrfTAeqOWaQ2ThSw== X-Received: by 10.223.166.235 with SMTP id t98mr4194170wrc.251.1513673861435; Tue, 19 Dec 2017 00:57:41 -0800 (PST) From: M1cha To: edk2-devel@lists.01.org Date: Tue, 19 Dec 2017 09:57:39 +0100 Message-Id: <20171219085739.11178-1-sigmaepsilon92@gmail.com> X-Mailer: git-send-email 2.15.1 Subject: [edk2] [PATCH] ArmPkg/ArmMmuLib ARM: fix page size granularity in initial MMU setting X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Leif Lindholm , Ard Biesheuvel MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZohoMail: RDKM_2 RSF_4 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" From what I can see this bug dates back to the commit from 2011 where support for this was added: 2cf4b60895f8a The first problem is that PopulateLevel2PageTable overflows the translation table buffer because it doesn't verify that the size actually fits within one level 2 page table. The second problem is that the loop in FillTranslationTable doesn't care about the PhysicalBase or the RemainLength and always substracts one section size from RemainLength. Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Michael Zimmermann --- ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibCore.c | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibCore.c b/ArmPkg/Library/= ArmMmuLib/Arm/ArmMmuLibCore.c index b02f6d7fc590..869c661b9964 100644 --- a/ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibCore.c +++ b/ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibCore.c @@ -202,6 +202,8 @@ PopulateLevel2PageTable ( PageEntry =3D ((UINT32 *)(TranslationTable) + ((PhysicalBase & TT_DESCRI= PTOR_PAGE_INDEX_MASK) >> TT_DESCRIPTOR_PAGE_BASE_SHIFT)); Pages =3D RemainLength / TT_DESCRIPTOR_PAGE_SIZE; =20 + ASSERT (Pages <=3D TRANSLATION_TABLE_PAGE_COUNT); + for (Index =3D 0; Index < Pages; Index++) { *PageEntry++ =3D TT_DESCRIPTOR_PAGE_BASE_ADDRESS(PhysicalBase) | = PageAttributes; PhysicalBase +=3D TT_DESCRIPTOR_PAGE_SIZE; @@ -273,6 +275,7 @@ FillTranslationTable ( // Case: Physical address aligned on the Section Size (1MB) && the= length is greater than the Section Size *SectionEntry++ =3D TT_DESCRIPTOR_SECTION_BASE_ADDRESS(PhysicalBas= e) | Attributes; PhysicalBase +=3D TT_DESCRIPTOR_SECTION_SIZE; + RemainLength -=3D TT_DESCRIPTOR_SECTION_SIZE; } else { // Case: Physical address aligned on the Section Size (1MB) && the= length does not fill a section PopulateLevel2PageTable (SectionEntry++, PhysicalBase, RemainLengt= h, MemoryRegion->Attributes); @@ -281,17 +284,20 @@ FillTranslationTable ( break; } } else { + UINT32 PageMapStart =3D PhysicalBase % TT_DESCRIPTOR_SECTION_SIZE; + UINT32 PageMapLength =3D MIN(RemainLength, TT_DESCRIPTOR_SECTION_SIZ= E) - PageMapStart; + // Case: Physical address NOT aligned on the Section Size (1MB) - PopulateLevel2PageTable (SectionEntry++, PhysicalBase, RemainLength,= MemoryRegion->Attributes); - // Aligned the address - PhysicalBase =3D (PhysicalBase + TT_DESCRIPTOR_SECTION_SIZE) & ~(TT_= DESCRIPTOR_SECTION_SIZE-1); + PopulateLevel2PageTable (SectionEntry++, PhysicalBase, PageMapLength= , MemoryRegion->Attributes); =20 // If it is the last entry if (RemainLength < TT_DESCRIPTOR_SECTION_SIZE) { break; } + + PhysicalBase +=3D PageMapLength; + RemainLength -=3D PageMapLength; } - RemainLength -=3D TT_DESCRIPTOR_SECTION_SIZE; } } =20 --=20 2.15.1 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel