From nobody Tue Dec 24 00:35:43 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=fail; spf=none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) smtp.mailfrom=edk2-devel-bounces@lists.01.org Return-Path: Received: from ml01.01.org (ml01.01.org [198.145.21.10]) by mx.zohomail.com with SMTPS id 1514522475095525.0335590014059; Thu, 28 Dec 2017 20:41:15 -0800 (PST) Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id A6CA322280C47; Thu, 28 Dec 2017 20:36:16 -0800 (PST) Received: from mail.paulo.ac (mail.paulo.ac [34.238.86.106]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 269B422280C21 for ; Thu, 28 Dec 2017 20:36:15 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by mail.paulo.ac (Postfix) with ESMTP id F25F1C78911; Fri, 29 Dec 2017 04:41:11 +0000 (UTC) Received: from mail.paulo.ac ([127.0.0.1]) by localhost (mail.paulo.ac [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id x0COjER3X4iN; Fri, 29 Dec 2017 04:41:08 +0000 (UTC) Received: from thor.domain.name (unknown [177.97.125.159]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.paulo.ac (Postfix) with ESMTPSA id CF548C791AD; Fri, 29 Dec 2017 04:41:06 +0000 (UTC) X-Original-To: edk2-devel@lists.01.org Received-SPF: none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) client-ip=198.145.21.10; envelope-from=edk2-devel-bounces@lists.01.org; helo=ml01.01.org; Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=34.238.86.106; helo=mail.paulo.ac; envelope-from=paulo@paulo.ac; receiver=edk2-devel@lists.01.org X-Virus-Scanned: amavisd-new at paulo.ac X-Spam-Flag: NO X-Spam-Score: -1.099 X-Spam-Level: X-Spam-Status: No, score=-1.099 tagged_above=-999 required=6.31 tests=[ALL_TRUSTED=-1, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: mail.paulo.ac (amavisd-new); dkim=pass (1024-bit key) header.d=paulo.ac DKIM-Filter: OpenDKIM Filter v2.11.0 mail.paulo.ac CF548C791AD DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=paulo.ac; s=default; t=1514522468; bh=TTy1l4MbtMiSFpcHnKCfVbuCiL4P5b7nqeKDRQBZoXc=; h=From:To:Cc:Subject:Date:In-Reply-To:References:In-Reply-To: References:From; b=lxhW0B+q4QWKqScfpyun5ok0ZsllUydG8esB1kddmj4kBzlcjPxhrHkS/MRiwE2YO OYq6LQnhrZHuwTLw0Cgv2/1hyQFWwrUw1ZhJvwnInJO9HFiq3JmovdOyi/Z/nQVhFr lTony2G0Yht9VhAJhDdL5RK3kIVenK6E6H24yIEc= From: Paulo Alcantara To: edk2-devel@lists.01.org Date: Fri, 29 Dec 2017 02:39:37 -0200 Message-Id: <32f06077006939f71560970f6abcbbb2062ea5c3.1514517573.git.paulo@paulo.ac> X-Mailer: git-send-email 2.14.3 In-Reply-To: References: In-Reply-To: References: Subject: [edk2] [RFC v4 4/6] UefiCpuPkg/CpuExceptionHandlerLib: Add helper to valid memory addresses X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Laszlo Ersek , Eric Dong MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZohoMail: RDKM_2 RSF_4 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" Introduce IsLinearAddressValid() function that will be used for validating memory addresses that would get dereferenced during stack traces in IA32 and X64 CPU exceptions. Contributed-under: TianoCore Contribution Agreement 1.1 Cc: Eric Dong Cc: Laszlo Ersek Requested-by: Brian Johnson Requested-by: Jiewen Yao Signed-off-by: Paulo Alcantara --- UefiCpuPkg/Library/CpuExceptionHandlerLib/CpuExceptionCommon.c | 382 +++++= +++++++++++++++ UefiCpuPkg/Library/CpuExceptionHandlerLib/CpuExceptionCommon.h | 16 + 2 files changed, 398 insertions(+) diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/CpuExceptionCommon.c= b/UefiCpuPkg/Library/CpuExceptionHandlerLib/CpuExceptionCommon.c index 867c5c01d6..52b3eb1463 100644 --- a/UefiCpuPkg/Library/CpuExceptionHandlerLib/CpuExceptionCommon.c +++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/CpuExceptionCommon.c @@ -14,6 +14,9 @@ =20 #include "CpuExceptionCommon.h" =20 +#include +#include + // // Error code flag indicating whether or not an error code will be // pushed on the stack if an exception occurs. @@ -194,3 +197,382 @@ GetPdbFileName ( } } } + +/** + Check if a linear address is valid by walking the page tables in 4-level + paging mode. + + @param[in] Cr3 CR3 control register. + @param[in] MaxPhyAddrBits MAXPHYADDRBITS bits. + @param[in] LinearAddress Linear address to be checked. +**/ +STATIC +BOOLEAN +Do4LevelPagingModeCheck ( + IN UINTN Cr3, + IN UINT8 MaxPhyAddrBits, + IN UINTN LinearAddress + ) +{ + UINT64 PhysicalAddress; + UINT64 *Pml4TableEntry; + UINT64 *PageDirPtrTableEntry; + UINT64 *PageDirEntry; + UINT64 *PageTableEntry; + + // + // In 4-level paging mode, linear addresses are 48 bits wide + // + if ((UINT64)LinearAddress > (1ULL << 48) - 1) { + return FALSE; + } + + // + // Calculate physical address of PML4E + // + PhysicalAddress =3D (UINT64)Cr3 & (((1ULL << MaxPhyAddrBits) - 1) << 12); + PhysicalAddress |=3D (((UINT64)LinearAddress >> 39) & 0x1FF) << 3; + + ASSERT ((PhysicalAddress & (sizeof (*Pml4TableEntry) - 1)) =3D=3D 0); + + Pml4TableEntry =3D (UINT64 *)(UINTN)PhysicalAddress; + + // + // Check if a PDPTE is present + // + if ((*Pml4TableEntry & BIT0) =3D=3D 0) { + return FALSE; + } + + // + // Calculate physical address of PDPTE + // + PhysicalAddress =3D *Pml4TableEntry & (((1ULL << MaxPhyAddrBits) - 1) <<= 12); + PhysicalAddress |=3D (((UINT64)LinearAddress >> 30) & 0x1FF) << 3; + + ASSERT ((PhysicalAddress & (sizeof (*PageDirPtrTableEntry) - 1)) =3D=3D = 0); + + PageDirPtrTableEntry =3D (UINT64 *)(UINTN)PhysicalAddress; + + // + // Check whether a PDPTE or 1GiB page entry is present + // + if ((*PageDirPtrTableEntry & BIT0) =3D=3D 0) { + return FALSE; + } + + // + // Check if PDPTE maps an 1GiB page + // + if ((*PageDirPtrTableEntry & BIT7) !=3D 0) { + return TRUE; + } + + // + // Calculate physical address of PDE + // + PhysicalAddress =3D *PageDirPtrTableEntry & (((1ULL << MaxPhyAddrBits) -= 1) << + 12); + PhysicalAddress |=3D (((UINT64)LinearAddress >> 21) & 0x1FF) << 3; + + ASSERT ((PhysicalAddress & (sizeof (*PageDirEntry) - 1)) =3D=3D 0); + + PageDirEntry =3D (UINT64 *)(UINTN)PhysicalAddress; + + // + // Check whether a PDE or a 2MiB page entry is present + // + if ((*PageDirEntry & BIT0) =3D=3D 0) { + return FALSE; + } + + // + // Check if PDE maps a 2MiB page + // + if ((*PageDirEntry & BIT7) !=3D 0) { + return TRUE; + } + + // + // Calculate physical address of PTE + // + PhysicalAddress =3D *PageDirEntry & (((1ULL << MaxPhyAddrBits) - 1) << 1= 2); + PhysicalAddress |=3D (((UINT64)LinearAddress >> 12) & 0x1FF) << 3; + + ASSERT ((PhysicalAddress & (sizeof (*PageTableEntry) - 1)) =3D=3D 0); + + PageTableEntry =3D (UINT64 *)(UINTN)PhysicalAddress; + + // + // Check if PTE maps a 4KiB page + // + if ((*PageTableEntry & BIT0) =3D=3D 0) { + return FALSE; + } + + return TRUE; +} + +/** + Check if a linear address is valid by walking the page tables in 32-bit = paging + mode. + + @param[in] Cr3 CR3 control register. + @param[in] Cr4 CR4 control register. + @param[in] LinearAddress Linear address to be checked. +**/ +STATIC +BOOLEAN +Do32BitPagingModeCheck ( + IN UINTN Cr3, + IN UINTN Cr4, + IN UINTN LinearAddress + ) +{ + UINT64 PhysicalAddress; + UINT32 *PageDirEntry; + UINT32 *PageTableEntry; + + if (LinearAddress > MAX_UINT32) { + return FALSE; + } + + // + // Calculate physical address of PDE + // + PhysicalAddress =3D (UINT32)Cr3 & (((1ULL << 20) - 1) << 12); + PhysicalAddress |=3D (((UINT32)LinearAddress >> 22) & 0x3FF) << 2; + + ASSERT ((PhysicalAddress & (sizeof (*PageDirEntry) - 1)) =3D=3D 0); + + PageDirEntry =3D (UINT32 *)(UINTN)PhysicalAddress; + + // + // Check whether a PTE or a 4MiB page is present + // + if ((*PageDirEntry & BIT0) =3D=3D 0) { + return FALSE; + } + + // + // Check if PDE maps a 4MiB page + // + if ((Cr4 & BIT4) !=3D 0 && (*PageDirEntry & BIT7) !=3D 0) { + return TRUE; + } + + // + // Calculate physical address of PTE + // + PhysicalAddress =3D *PageDirEntry & (((1ULL << 20) - 1) << 12); + PhysicalAddress |=3D (((UINT32)LinearAddress >> 12) & 0x3FF) << 2; + + ASSERT ((PhysicalAddress & (sizeof (*PageTableEntry) - 1)) =3D=3D 0); + + PageTableEntry =3D (UINT32 *)(UINTN)PhysicalAddress; + + // + // Check if PTE maps a 4KiB page + // + if ((*PageTableEntry & BIT0) =3D=3D 0) { + return FALSE; + } + + return TRUE; +} + +/** + Check if a linear address is valid by walking the page tables in PAE pag= ing + mode. + + @param[in] Cr3 CR3 control register. + @param[in] MaxPhyAddrBits MAXPHYADDRBITS bits. + @param[in] LinearAddress Linear address to be checked. +**/ +STATIC +BOOLEAN +DoPAEPagingModeCheck ( + IN UINTN Cr3, + IN UINT8 MaxPhyAddrBits, + IN UINTN LinearAddress + ) +{ + UINT64 PhysicalAddress; + UINT64 *PageDirPtrTableEntry; + UINT64 *PageDirEntry; + UINT64 *PageTableEntry; + + if (LinearAddress > MAX_UINT32) { + return FALSE; + } + + // + // Calculate physical address of PDPTE + // + PhysicalAddress =3D (UINT32)Cr3 >> 5; + + // + // Select PDPTE register + // + PhysicalAddress +=3D + ((UINT32)LinearAddress >> 30) * sizeof (*PageDirPtrTableEntry); + + PageDirPtrTableEntry =3D (UINT64 *)(UINTN)PhysicalAddress; + + // + // Check if PDE is present + // + if ((*PageDirPtrTableEntry & BIT0) =3D=3D 0) { + return FALSE; + } + + PhysicalAddress =3D *PageDirPtrTableEntry & (((1ULL << MaxPhyAddrBits) -= 1) << + 12); + PhysicalAddress |=3D ((LinearAddress >> 21) & 0x1FF) << 3; + ASSERT ((PhysicalAddress & (sizeof (*PageDirEntry) - 1)) =3D=3D 0); + + PageDirEntry =3D (UINT64 *)(UINTN)PhysicalAddress; + + // + // Check whether a PTE or a 2MiB page is present + // + if ((*PageDirEntry & BIT0) =3D=3D 0) { + return FALSE; + } + + // + // Check if PDE maps a 2MiB page + // + if ((*PageDirEntry & BIT7) !=3D 0) { + return TRUE; + } + + // + // Calculate physical address of PTE + // + PhysicalAddress =3D *PageDirEntry & (((1ULL << MaxPhyAddrBits) - 1) << 1= 2); + PhysicalAddress |=3D ((LinearAddress >> 12) & 0x1FF) << 3; + ASSERT ((PhysicalAddress & (sizeof (*PageTableEntry) - 1)) =3D=3D 0); + + PageTableEntry =3D (UINT64 *)(UINTN)PhysicalAddress; + + // + // Check if PTE maps a 4KiB page + // + if ((*PageTableEntry & BIT0) =3D=3D 0) { + return FALSE; + } + + return TRUE; +} + +/** + Check if a linear address is valid. + + @param[in] Cr0 CR0 control register. + @param[in] Cr3 CR3 control register. + @param[in] Cr4 CR4 control register. + @param[in] LinearAddress Linear address to be checked. +**/ +BOOLEAN +IsLinearAddressValid ( + IN UINTN Cr0, + IN UINTN Cr3, + IN UINTN Cr4, + IN UINTN LinearAddress + ) +{ + UINT32 Eax; + UINT32 Edx; + UINT8 MaxPhyAddrBits; + MSR_IA32_EFER_REGISTER Msr; + BOOLEAN AddressValid; + + // + // Check for valid input parameters + // + if (Cr0 =3D=3D 0 || Cr4 =3D=3D 0 || LinearAddress =3D=3D 0) { + return FALSE; + } + + // + // Check if paging is disabled + // + if ((Cr0 & BIT31) =3D=3D 0) { + // + // If CR4.PAE bit is set, then the linear (or physical) address suppor= ts + // only up to 36 bits. + // + if (((Cr4 & BIT5) !=3D 0 && (UINT64)LinearAddress > 0xFFFFFFFFFULL) || + LinearAddress > 0xFFFFFFFF) { + return FALSE; + } + + return TRUE; + } + + // + // Paging can be enabled only if CR0.PE bit is set + // + if ((Cr0 & BIT0) =3D=3D 0) { + return FALSE; + } + + // + // CR3 register cannot be zero if paging is enabled + // + if (Cr3 =3D=3D 0) { + return FALSE; + } + + // + // Get MAXPHYADDR bits + // + AsmCpuid (0x80000000, &Eax, NULL, NULL, NULL); + if (Eax >=3D 0x80000008) { + AsmCpuid (0x80000008, &Eax, NULL, NULL, NULL); + MaxPhyAddrBits =3D (UINT8)Eax; + } else { + AsmCpuid (1, NULL, NULL, NULL, &Edx); + if ((Edx & BIT6) !=3D 0) { + MaxPhyAddrBits =3D 36; + } else { + MaxPhyAddrBits =3D 32; + } + } + + ASSERT (MaxPhyAddrBits > 0); + + AddressValid =3D FALSE; + + // + // check if CR4.PAE bit is not set + // + if ((Cr4 & BIT5) =3D=3D 0) { + // + // Check if linear address is valid in 32-bit paging mode + // + AddressValid =3D Do32BitPagingModeCheck (Cr3, Cr4, LinearAddress); + } else { + if (MaxPhyAddrBits > 52) { + return FALSE; + } + + Msr.Uint64 =3D AsmReadMsr64 (MSR_IA32_EFER); + + if (Msr.Bits.LME =3D=3D 0) { + // + // Check if linear address is valid in PAE paging mode + // + AddressValid =3D DoPAEPagingModeCheck (Cr3, MaxPhyAddrBits, LinearAd= dress); + } else { + // + // Check if linear address is valid in 4-level paging mode + // + AddressValid =3D Do4LevelPagingModeCheck (Cr3, MaxPhyAddrBits, + LinearAddress); + } + } + + return AddressValid; +} diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/CpuExceptionCommon.h= b/UefiCpuPkg/Library/CpuExceptionHandlerLib/CpuExceptionCommon.h index ec46c2d9d3..1b51034c25 100644 --- a/UefiCpuPkg/Library/CpuExceptionHandlerLib/CpuExceptionCommon.h +++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/CpuExceptionCommon.h @@ -330,5 +330,21 @@ GetPdbFileName ( OUT CHAR8 **PdbFileName ); =20 +/** + Check if a linear address is valid. + + @param[in] Cr0 CR0 control register. + @param[in] Cr3 CR3 control register. + @param[in] Cr4 CR4 control register. + @param[in] LinearAddress Linear address to be checked. +**/ +BOOLEAN +IsLinearAddressValid ( + IN UINTN Cr0, + IN UINTN Cr3, + IN UINTN Cr4, + IN UINTN LinearAddress + ); + #endif =20 --=20 2.14.3 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel