From: "Taylor Beebe" <taylor.d.beebe@gmail.com>
To: devel@edk2.groups.io
Cc: Jian J Wang <jian.j.wang@intel.com>,
Liming Gao <gaoliming@byosoft.com.cn>,
Dandan Bi <dandan.bi@intel.com>
Subject: [edk2-devel] [PATCH v5 11/16] MdeModulePkg: Fix MAT SplitTable() Logic
Date: Mon, 27 Nov 2023 10:18:09 -0800 [thread overview]
Message-ID: <20231127181818.411-12-taylor.d.beebe@gmail.com> (raw)
In-Reply-To: <20231127181818.411-1-taylor.d.beebe@gmail.com>
SplitTable() does not properly handle the case where there is
an odd number of code regions within a loaded image. When there are
an odd number of code regions, at least one image region descriptor
is overwritten with uninitialized memory which has caused crashes
in the right conditions.
This failure cases is documented extensively in the following bugzilla:
https://bugzilla.tianocore.org/show_bug.cgi?id=4492
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Dandan Bi <dandan.bi@intel.com>
Signed-off-by: Taylor Beebe <taylor.d.beebe@gmail.com>
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
---
MdeModulePkg/Library/ImagePropertiesRecordLib/ImagePropertiesRecordLib.c | 40 ++++++++++----------
1 file changed, 20 insertions(+), 20 deletions(-)
diff --git a/MdeModulePkg/Library/ImagePropertiesRecordLib/ImagePropertiesRecordLib.c b/MdeModulePkg/Library/ImagePropertiesRecordLib/ImagePropertiesRecordLib.c
index 9d4082280bf5..379eb0c6cccd 100644
--- a/MdeModulePkg/Library/ImagePropertiesRecordLib/ImagePropertiesRecordLib.c
+++ b/MdeModulePkg/Library/ImagePropertiesRecordLib/ImagePropertiesRecordLib.c
@@ -463,11 +463,12 @@ SplitTable (
{
INTN IndexOld;
INTN IndexNew;
+ INTN IndexNewStarting;
UINTN MaxSplitRecordCount;
UINTN RealSplitRecordCount;
- UINTN TotalSplitRecordCount;
+ UINTN TotalSkippedRecords;
- TotalSplitRecordCount = 0;
+ TotalSkippedRecords = 0;
//
// Let old record point to end of valid MemoryMap buffer.
//
@@ -475,7 +476,8 @@ SplitTable (
//
// Let new record point to end of full MemoryMap buffer.
//
- IndexNew = ((*MemoryMapSize) / DescriptorSize) - 1 + NumberOfAdditionalDescriptors;
+ IndexNew = ((*MemoryMapSize) / DescriptorSize) - 1 + NumberOfAdditionalDescriptors;
+ IndexNewStarting = IndexNew;
for ( ; IndexOld >= 0; IndexOld--) {
MaxSplitRecordCount = GetMaxSplitRecordCount ((EFI_MEMORY_DESCRIPTOR *)((UINT8 *)MemoryMap + IndexOld * DescriptorSize), ImageRecordList);
//
@@ -489,16 +491,14 @@ SplitTable (
DescriptorSize,
ImageRecordList
);
- //
- // Adjust IndexNew according to real split.
- //
- CopyMem (
- ((UINT8 *)MemoryMap + (IndexNew + MaxSplitRecordCount - RealSplitRecordCount) * DescriptorSize),
- ((UINT8 *)MemoryMap + IndexNew * DescriptorSize),
- RealSplitRecordCount * DescriptorSize
- );
- IndexNew = IndexNew + MaxSplitRecordCount - RealSplitRecordCount;
- TotalSplitRecordCount += RealSplitRecordCount;
+
+ // If we didn't utilize all the extra allocated descriptor slots, set the physical address of the unused slots
+ // to MAX_ADDRESS so they are moved to the bottom of the list when sorting.
+ for ( ; RealSplitRecordCount < MaxSplitRecordCount; RealSplitRecordCount++) {
+ ((EFI_MEMORY_DESCRIPTOR *)((UINT8 *)MemoryMap + ((IndexNew + RealSplitRecordCount + 1) * DescriptorSize)))->PhysicalStart = MAX_ADDRESS;
+ TotalSkippedRecords++;
+ }
+
IndexNew--;
}
@@ -507,16 +507,16 @@ SplitTable (
//
CopyMem (
MemoryMap,
- (UINT8 *)MemoryMap + (NumberOfAdditionalDescriptors - TotalSplitRecordCount) * DescriptorSize,
- (*MemoryMapSize) + TotalSplitRecordCount * DescriptorSize
+ (UINT8 *)MemoryMap + ((IndexNew + 1) * DescriptorSize),
+ (IndexNewStarting - IndexNew) * DescriptorSize
);
- *MemoryMapSize = (*MemoryMapSize) + DescriptorSize * TotalSplitRecordCount;
+ //
+ // Sort from low to high to filter out the MAX_ADDRESS records.
+ //
+ SortMemoryMap (MemoryMap, (IndexNewStarting - IndexNew) * DescriptorSize, DescriptorSize);
- //
- // Sort from low to high (Just in case)
- //
- SortMemoryMap (MemoryMap, *MemoryMapSize, DescriptorSize);
+ *MemoryMapSize = (IndexNewStarting - IndexNew - TotalSkippedRecords) * DescriptorSize;
return;
}
--
2.42.0.windows.2
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#111748): https://edk2.groups.io/g/devel/message/111748
Mute This Topic: https://groups.io/mt/102834918/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-
next prev parent reply other threads:[~2023-11-27 18:18 UTC|newest]
Thread overview: 33+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-11-27 18:17 [edk2-devel] [PATCH v5 00/16] Add ImagePropertiesRecordLib and Fix MAT Bugs Taylor Beebe
2023-11-27 18:17 ` [edk2-devel] [PATCH v5 01/16] MdeModulePkg: Add ImagePropertiesRecordLib Taylor Beebe
2023-11-27 18:18 ` [edk2-devel] [PATCH v5 02/16] ArmVirtPkg: Add ImagePropertiesRecordLib Instance Taylor Beebe
2023-11-27 18:18 ` [edk2-devel] [PATCH v5 03/16] EmulatorPkg: " Taylor Beebe
2023-11-27 18:18 ` [edk2-devel] [PATCH v5 04/16] OvmfPkg: " Taylor Beebe
2023-11-27 18:18 ` [edk2-devel] [PATCH v5 05/16] UefiPayloadPkg: " Taylor Beebe
2023-11-27 18:18 ` [edk2-devel] [PATCH v5 06/16] MdeModulePkg: Update MemoryAttributesTable.c to Reduce Global Variable Use Taylor Beebe
2023-11-27 18:18 ` [edk2-devel] [PATCH v5 07/16] MdeModulePkg: Move Some DXE MAT Logic to ImagePropertiesRecordLib Taylor Beebe
2023-11-27 18:18 ` [edk2-devel] [PATCH v5 08/16] MdeModulePkg: Add ImagePropertiesRecordLib Host-Based Unit Test Taylor Beebe
2023-11-27 18:18 ` [edk2-devel] [PATCH v5 09/16] MdeModulePkg: Fix MAT Descriptor Count Calculation Taylor Beebe
2023-11-27 18:18 ` [edk2-devel] [PATCH v5 10/16] MdeModulePkg: Fix MAT SplitRecord() Logic Taylor Beebe
2024-04-12 5:14 ` [edk2-devel] MdeModulePkg: Fix MAT SplitRecord() Logic introduce one bug and will cause SUT reset when boot to windows Huang, Yanbo
2024-04-12 15:09 ` Taylor Beebe
2024-04-14 14:35 ` Huang, Yanbo
2024-04-15 10:57 ` Dandan Bi
2024-04-16 1:17 ` Taylor Beebe
2024-04-17 2:32 ` Taylor Beebe
2024-04-17 14:04 ` Huang, Yanbo
2024-04-17 23:53 ` Taylor Beebe
2024-04-18 13:02 ` Dandan Bi
2024-04-18 13:17 ` Ard Biesheuvel
2024-04-18 13:56 ` Huang, Yanbo
2024-04-18 14:21 ` Oliver Smith-Denny
2024-04-19 6:43 ` Ni, Ray
2024-04-23 14:33 ` Oliver Smith-Denny
2023-11-27 18:18 ` Taylor Beebe [this message]
2023-11-27 18:18 ` [edk2-devel] [PATCH v5 12/16] MdeModulePkg: Add NULL checks and Return Status to ImagePropertiesRecordLib Taylor Beebe
2023-11-27 18:18 ` [edk2-devel] [PATCH v5 13/16] UefiCpuPkg: Use Attribute From SMM MemoryAttributesTable if Nonzero Taylor Beebe
2023-11-27 18:18 ` [edk2-devel] [PATCH v5 14/16] MdeModulePkg: Transition SMM MAT Logic to Use ImagePropertiesRecordLib Taylor Beebe
2023-11-27 18:18 ` [edk2-devel] [PATCH v5 15/16] MdeModulePkg: Add Logic to Create/Delete Image Properties Records Taylor Beebe
2023-11-27 18:18 ` [edk2-devel] [PATCH v5 16/16] MdeModulePkg: Update DumpImageRecord() in ImagePropertiesRecordLib Taylor Beebe
2023-11-27 18:40 ` [edk2-devel] [PATCH v5 00/16] Add ImagePropertiesRecordLib and Fix MAT Bugs Ard Biesheuvel
2023-11-28 10:22 ` Ni, Ray
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20231127181818.411-12-taylor.d.beebe@gmail.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox