From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=192.55.52.93; helo=mga11.intel.com; envelope-from=ruiyu.ni@intel.com; receiver=edk2-devel@lists.01.org Received: from mga11.intel.com (mga11.intel.com [192.55.52.93]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 51A5E21E7821E for ; Wed, 18 Oct 2017 19:45:14 -0700 (PDT) Received: from fmsmga006.fm.intel.com ([10.253.24.20]) by fmsmga102.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 18 Oct 2017 19:48:52 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.43,399,1503385200"; d="scan'208";a="164811352" Received: from ray-dev.ccr.corp.intel.com ([10.239.9.7]) by fmsmga006.fm.intel.com with ESMTP; 18 Oct 2017 19:48:51 -0700 From: Ruiyu Ni To: edk2-devel@lists.01.org Cc: Hao A Wu Date: Thu, 19 Oct 2017 10:48:49 +0800 Message-Id: <20171019024849.346408-1-ruiyu.ni@intel.com> X-Mailer: git-send-email 2.12.2.windows.2 Subject: [PATCH] UefiCpuPkg/MtrrLib: Fix bug that may incorrectly set <1MB attribute X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 19 Oct 2017 02:45:15 -0000 MtrrLibSetBelow1MBMemoryAttribute() may be called multiple times. It's possible that in a 2nd call, Modified[0] is set to TRUE in 1st call but ClearMasks[0] and OrMasks[0] is uninitialized in 2nd call. It causes FixedSettings->Mtrr[0] be set to random data. The patch fixes this issue by introducing a local Modified[] array and only updates FixedSettings->Mtrr[] when LocalModified[i] is TRUE. Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Ruiyu Ni Cc: Hao A Wu --- UefiCpuPkg/Library/MtrrLib/MtrrLib.c | 19 +++++++++++++++---- 1 file changed, 15 insertions(+), 4 deletions(-) diff --git a/UefiCpuPkg/Library/MtrrLib/MtrrLib.c b/UefiCpuPkg/Library/MtrrLib/MtrrLib.c index cb22558103..200becdd4a 100644 --- a/UefiCpuPkg/Library/MtrrLib/MtrrLib.c +++ b/UefiCpuPkg/Library/MtrrLib/MtrrLib.c @@ -2114,22 +2114,32 @@ MtrrLibSetBelow1MBMemoryAttribute ( UINT64 OrMask; UINT64 ClearMasks[ARRAY_SIZE (mMtrrLibFixedMtrrTable)]; UINT64 OrMasks[ARRAY_SIZE (mMtrrLibFixedMtrrTable)]; + BOOLEAN LocalModified[ARRAY_SIZE (mMtrrLibFixedMtrrTable)]; ASSERT (BaseAddress < BASE_1MB); + SetMem (LocalModified, sizeof (LocalModified), FALSE); + + // + // (Value & ~0 | 0) still equals to (Value) + // + SetMem64 (ClearMasks, sizeof (ClearMasks), 0); + SetMem64 (OrMasks, sizeof (OrMasks), 0); + MsrIndex = (UINT32)-1; while ((BaseAddress < BASE_1MB) && (Length != 0)) { Status = MtrrLibProgramFixedMtrr (Type, &BaseAddress, &Length, &MsrIndex, &ClearMask, &OrMask); if (RETURN_ERROR (Status)) { return Status; } - ClearMasks[MsrIndex] = ClearMask; - OrMasks[MsrIndex] = OrMask; - Modified[MsrIndex] = TRUE; + ClearMasks[MsrIndex] = ClearMask; + OrMasks[MsrIndex] = OrMask; + Modified[MsrIndex] = TRUE; + LocalModified[MsrIndex] = TRUE; } for (MsrIndex = 0; MsrIndex < ARRAY_SIZE (mMtrrLibFixedMtrrTable); MsrIndex++) { - if (Modified[MsrIndex]) { + if (LocalModified[MsrIndex]) { FixedSettings->Mtrr[MsrIndex] = (FixedSettings->Mtrr[MsrIndex] & ~ClearMasks[MsrIndex]) | OrMasks[MsrIndex]; } } @@ -2354,6 +2364,7 @@ MtrrSetMemoryAttributesInMtrrSettings ( // // 3. Apply the below-1MB memory attribute settings. // + ZeroMem (WorkingFixedSettings.Mtrr, sizeof (WorkingFixedSettings.Mtrr)); for (Index = 0; Index < RangeCount; Index++) { if (Ranges[Index].BaseAddress >= BASE_1MB) { continue; -- 2.12.2.windows.2