public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed
* [PATCH] UefiCpuPkg/MtrrLib: Fix bug that may incorrectly set <1MB attribute
@ 2017-10-19  2:48 Ruiyu Ni
  2017-10-19  5:50 ` Wu, Hao A
  0 siblings, 1 reply; 2+ messages in thread
From: Ruiyu Ni @ 2017-10-19  2:48 UTC (permalink / raw)
  To: edk2-devel; +Cc: Hao A Wu

MtrrLibSetBelow1MBMemoryAttribute() may be called multiple times.
It's possible that in a 2nd call, Modified[0] is set to TRUE in
1st call but ClearMasks[0] and OrMasks[0] is uninitialized in
2nd call. It causes FixedSettings->Mtrr[0] be set to random
data.

The patch fixes this issue by introducing a local Modified[]
array and only updates FixedSettings->Mtrr[] when LocalModified[i]
is TRUE.

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
---
 UefiCpuPkg/Library/MtrrLib/MtrrLib.c | 19 +++++++++++++++----
 1 file changed, 15 insertions(+), 4 deletions(-)

diff --git a/UefiCpuPkg/Library/MtrrLib/MtrrLib.c b/UefiCpuPkg/Library/MtrrLib/MtrrLib.c
index cb22558103..200becdd4a 100644
--- a/UefiCpuPkg/Library/MtrrLib/MtrrLib.c
+++ b/UefiCpuPkg/Library/MtrrLib/MtrrLib.c
@@ -2114,22 +2114,32 @@ MtrrLibSetBelow1MBMemoryAttribute (
   UINT64                    OrMask;
   UINT64                    ClearMasks[ARRAY_SIZE (mMtrrLibFixedMtrrTable)];
   UINT64                    OrMasks[ARRAY_SIZE (mMtrrLibFixedMtrrTable)];
+  BOOLEAN                   LocalModified[ARRAY_SIZE (mMtrrLibFixedMtrrTable)];
 
   ASSERT (BaseAddress < BASE_1MB);
 
+  SetMem (LocalModified, sizeof (LocalModified), FALSE);
+
+  //
+  // (Value & ~0 | 0) still equals to (Value)
+  //
+  SetMem64 (ClearMasks, sizeof (ClearMasks), 0);
+  SetMem64 (OrMasks, sizeof (OrMasks), 0);
+
   MsrIndex = (UINT32)-1;
   while ((BaseAddress < BASE_1MB) && (Length != 0)) {
     Status = MtrrLibProgramFixedMtrr (Type, &BaseAddress, &Length, &MsrIndex, &ClearMask, &OrMask);
     if (RETURN_ERROR (Status)) {
       return Status;
     }
-    ClearMasks[MsrIndex] = ClearMask;
-    OrMasks[MsrIndex]    = OrMask;
-    Modified[MsrIndex]   = TRUE;
+    ClearMasks[MsrIndex]    = ClearMask;
+    OrMasks[MsrIndex]       = OrMask;
+    Modified[MsrIndex]      = TRUE;
+    LocalModified[MsrIndex] = TRUE;
   }
 
   for (MsrIndex = 0; MsrIndex < ARRAY_SIZE (mMtrrLibFixedMtrrTable); MsrIndex++) {
-    if (Modified[MsrIndex]) {
+    if (LocalModified[MsrIndex]) {
       FixedSettings->Mtrr[MsrIndex] = (FixedSettings->Mtrr[MsrIndex] & ~ClearMasks[MsrIndex]) | OrMasks[MsrIndex];
     }
   }
@@ -2354,6 +2364,7 @@ MtrrSetMemoryAttributesInMtrrSettings (
   //
   // 3. Apply the below-1MB memory attribute settings.
   //
+  ZeroMem (WorkingFixedSettings.Mtrr, sizeof (WorkingFixedSettings.Mtrr));
   for (Index = 0; Index < RangeCount; Index++) {
     if (Ranges[Index].BaseAddress >= BASE_1MB) {
       continue;
-- 
2.12.2.windows.2



^ permalink raw reply related	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2017-10-19  5:46 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2017-10-19  2:48 [PATCH] UefiCpuPkg/MtrrLib: Fix bug that may incorrectly set <1MB attribute Ruiyu Ni
2017-10-19  5:50 ` Wu, Hao A

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox