On 6 September 2015 at 10:15, Heyi Guo <[email protected]> wrote: > The bug can be triggered when alignment of Base is larger than Length > by 2 level of page granularity, e.g. > > Base is 0x4000_0000, Length is 0x1000 > > The original code will change 2MB page level and we will get a > negative remaining length. > > Contributed-under: TianoCore Contribution Agreement 1.0 > Signed-off-by: Heyi Guo <[email protected]> > Cc: Leif Lindholm <[email protected]> > Cc: Ard Biesheuvel <[email protected]> > --- > ArmPkg/Library/ArmLib/AArch64/AArch64Mmu.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) >
Reviewed-by: Ard Biesheuvel <[email protected]> > diff --git a/ArmPkg/Library/ArmLib/AArch64/AArch64Mmu.c > b/ArmPkg/Library/ArmLib/AArch64/AArch64Mmu.c > index 4db4bbe..e7b095c 100644 > --- a/ArmPkg/Library/ArmLib/AArch64/AArch64Mmu.c > +++ b/ArmPkg/Library/ArmLib/AArch64/AArch64Mmu.c > @@ -314,7 +314,7 @@ GetBlockEntryListFromAddress ( > // If the required size is smaller than the current block size then we > need to go to the page below. > // The PageLevel was calculated on the Base Address alignment but did not > take in account the alignment > // of the allocation size > - if (*BlockEntrySize < TT_BLOCK_ENTRY_SIZE_AT_LEVEL (PageLevel)) { > + while (*BlockEntrySize < TT_BLOCK_ENTRY_SIZE_AT_LEVEL (PageLevel)) { > // It does not fit so we need to go a page level above > PageLevel++; > } > -- > 2.5.0 > _______________________________________________ edk2-devel mailing list [email protected] https://lists.01.org/mailman/listinfo/edk2-devel
