From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <ard.biesheuvel@linaro.org>
Received-SPF: Pass (sender SPF authorized) identity=mailfrom;
 client-ip=2a00:1450:4864:20::341; helo=mail-wm1-x341.google.com;
 envelope-from=ard.biesheuvel@linaro.org; receiver=edk2-devel@lists.01.org 
Received: from mail-wm1-x341.google.com (mail-wm1-x341.google.com
 [IPv6:2a00:1450:4864:20::341])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (No client certificate requested)
 by ml01.01.org (Postfix) with ESMTPS id 00EBD2117D76B
 for <edk2-devel@lists.01.org>; Fri, 30 Nov 2018 03:28:35 -0800 (PST)
Received: by mail-wm1-x341.google.com with SMTP id k198so5366373wmd.3
 for <edk2-devel@lists.01.org>; Fri, 30 Nov 2018 03:28:35 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google;
 h=from:to:cc:subject:date:message-id:in-reply-to:references
 :mime-version:content-transfer-encoding;
 bh=SoPA/xPSkYtoqdMYE6fW82fWunjWMgKB9dw55lI2VBs=;
 b=CFZuGmamOsQuAWK8u1kBwUANiHNXcOtJGOUDyeV73aKg0Ylo8hX0p+vgL3rGw3bkI7
 Fy6pdkBJ+/4HklRfSrqHaZcjrGP23v/MU2Qp1LASTffLD5QBKjXl0OCZQzMACOhIJ5Fh
 /XEks3Z/UYqb9+Lqf3GGzWb8oGL0RIqPhuEcY=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
 :references:mime-version:content-transfer-encoding;
 bh=SoPA/xPSkYtoqdMYE6fW82fWunjWMgKB9dw55lI2VBs=;
 b=JcHsm67fxKjDu4yX3AJvVkFa8WfKU/W80CuEM3oZgRCX3e0Rg3GrUx+7vYo1UQeYr+
 6ieRz6tSeW/MlXmgzS6rC6qg3efZjbiM9mqf/eAepqnTsxP+Aj/dvxRkK3pTuF3Niaq+
 AsQVxo0aJ8SEnvfh0/a27l6qY8FkBI6ptHILUcQDGxiqkCYHK0tS8rJtgxTjAukuEDYF
 EFXHnWwhzpenk2OWTetbNDVz7mzxANEwU9pUnGfYj7FWK8z23GIMIvs9k5dq7xSnlC+W
 o0+hVlS1vNSdvxBU7Sh507ZaR29t1iWEIM5B73xC7U0KRbgtWlFr0GGMeBBEbF4OWjr/
 chyg==
X-Gm-Message-State: AA+aEWbW77eWWCtw9llhLamEJTYB/MTU1nkOWhaKBlRfyo6otShpZt+v
 uToAN0XcHxUu1acbHSZbMrv0SBPuGOk=
X-Google-Smtp-Source: AFSGD/XSHj03uJXDJcddxgYlCqkyLhxaPRx1KXKy9LQwIOZDeSszCyXa2EQMhU/c23FQJr/P7R/ryQ==
X-Received: by 2002:a1c:7d54:: with SMTP id y81mr5397298wmc.78.1543577314164; 
 Fri, 30 Nov 2018 03:28:34 -0800 (PST)
Received: from harold.home ([2a01:cb1d:112:6f00:f070:d240:312e:9f99])
 by smtp.gmail.com with ESMTPSA id h16sm4340570wrs.60.2018.11.30.03.28.33
 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
 Fri, 30 Nov 2018 03:28:33 -0800 (PST)
From: Ard Biesheuvel <ard.biesheuvel@linaro.org>
To: edk2-devel@lists.01.org
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>,
 Leif Lindholm <leif.lindholm@linaro.org>, Laszlo Ersek <lersek@redhat.com>,
 Eric Auger <eric.auger@redhat.com>, Andrew Jones <drjones@redhat.com>,
 Philippe Mathieu-Daude <philmd@redhat.com>
Date: Fri, 30 Nov 2018 12:28:26 +0100
Message-Id: <20181130112829.12173-2-ard.biesheuvel@linaro.org>
X-Mailer: git-send-email 2.19.1
In-Reply-To: <20181130112829.12173-1-ard.biesheuvel@linaro.org>
References: <20181130112829.12173-1-ard.biesheuvel@linaro.org>
MIME-Version: 1.0
Subject: [PATCH v2 1/4] ArmPkg/ArmMmuLib ARM: handle unmapped section in GetMemoryRegion()
X-BeenThere: edk2-devel@lists.01.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: EDK II Development  <edk2-devel.lists.01.org>
List-Unsubscribe: <https://lists.01.org/mailman/options/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=unsubscribe>
List-Archive: <http://lists.01.org/pipermail/edk2-devel/>
List-Post: <mailto:edk2-devel@lists.01.org>
List-Help: <mailto:edk2-devel-request@lists.01.org?subject=help>
List-Subscribe: <https://lists.01.org/mailman/listinfo/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=subscribe>
X-List-Received-Date: Fri, 30 Nov 2018 11:28:36 -0000
Content-Transfer-Encoding: 8bit

GetMemoryRegion() is used to obtain the attributes of an existing
mapping, to permit permission attribute changes to be optimized
away if the attributes don't actually change.

The current ARM code assumes that a section mapping or a page mapping
exists for any region passed into GetMemoryRegion(), but the region
may be unmapped entirely, in which case the code will crash. So check
if a section mapping exists before dereferencing it.

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
---
 ArmPkg/Drivers/CpuDxe/Arm/Mmu.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/ArmPkg/Drivers/CpuDxe/Arm/Mmu.c b/ArmPkg/Drivers/CpuDxe/Arm/Mmu.c
index 12ca5b26673e..3b29d33d0a9c 100644
--- a/ArmPkg/Drivers/CpuDxe/Arm/Mmu.c
+++ b/ArmPkg/Drivers/CpuDxe/Arm/Mmu.c
@@ -457,6 +457,9 @@ GetMemoryRegion (
 
   // Get the section at the given index
   SectionDescriptor = FirstLevelTable[TableIndex];
+  if (!SectionDescriptor) {
+    return EFI_NOT_FOUND;
+  }
 
   // If 'BaseAddress' belongs to the section then round it to the section boundary
   if (((SectionDescriptor & TT_DESCRIPTOR_SECTION_TYPE_MASK) == TT_DESCRIPTOR_SECTION_TYPE_SECTION) ||
-- 
2.19.1