On 6 September 2018 at 20:55, Vladimir Olovyannikov
<vladimir.olovyanni...@broadcom.com> wrote:
> UEFI SCT crashed and failed in NonDiscoverablePciDeviceDxe becase
> required checks were not performed. Perform parameters validation in
> NonDiscoverablePciDeviceDxe.
>
> Contributed-under: TianoCore Contribution Agreement 1.1
> Signed-off-by: Vladimir Olovyannikov <vladimir.olovyanni...@broadcom.com>
Reviewed-by: Ard Biesheuvel <ard.biesheu...@linaro.org>
> ---
> .../NonDiscoverablePciDeviceIo.c | 50 ++++++++++++++++++-
> 1 file changed, 49 insertions(+), 1 deletion(-)
>
> diff --git
> a/MdeModulePkg/Bus/Pci/NonDiscoverablePciDeviceDxe/NonDiscoverablePciDeviceIo.c
>
> b/MdeModulePkg/Bus/Pci/NonDiscoverablePciDeviceDxe/NonDiscoverablePciDeviceIo.c
> index 0e42ae4bf6ec..07118d59fd68 100644
> ---
> a/MdeModulePkg/Bus/Pci/NonDiscoverablePciDeviceDxe/NonDiscoverablePciDeviceIo.c
> +++
> b/MdeModulePkg/Bus/Pci/NonDiscoverablePciDeviceDxe/NonDiscoverablePciDeviceIo.c
> @@ -52,6 +52,10 @@ GetBarResource (
>
> BarIndex -= (UINT8)Dev->BarOffset;
>
> + if (BarIndex >= Dev->BarCount) {
> + return EFI_UNSUPPORTED;
> + }
> +
> for (Desc = Dev->Device->Resources;
> Desc->Desc != ACPI_END_TAG_DESCRIPTOR;
> Desc = (VOID *)((UINT8 *)Desc + Desc->Len + 3)) {
> @@ -597,6 +601,19 @@ CoherentPciIoMap (
> EFI_STATUS Status;
> NON_DISCOVERABLE_PCI_DEVICE_MAP_INFO *MapInfo;
>
> + if (Operation != EfiPciIoOperationBusMasterRead &&
> + Operation != EfiPciIoOperationBusMasterWrite &&
> + Operation != EfiPciIoOperationBusMasterCommonBuffer) {
> + return EFI_INVALID_PARAMETER;
> + }
> +
> + if (HostAddress == NULL ||
> + NumberOfBytes == NULL ||
> + DeviceAddress == NULL ||
> + Mapping == NULL) {
> + return EFI_INVALID_PARAMETER;
> + }
> +
> //
> // If HostAddress exceeds 4 GB, and this device does not support 64-bit DMA
> // addressing, we need to allocate a bounce buffer and copy over the data.
> @@ -720,6 +737,11 @@ CoherentPciIoAllocateBuffer (
> return EFI_UNSUPPORTED;
> }
>
> + if ((MemoryType != EfiBootServicesData) &&
> + (MemoryType != EfiRuntimeServicesData)) {
> + return EFI_INVALID_PARAMETER;
> + }
> +
> //
> // Allocate below 4 GB if the dual address cycle attribute has not
> // been set. If the system has no memory available below 4 GB, there
> @@ -877,6 +899,10 @@ NonCoherentPciIoAllocateBuffer (
> NON_DISCOVERABLE_DEVICE_UNCACHED_ALLOCATION *Alloc;
> VOID *AllocAddress;
>
> + if (HostAddress == NULL) {
> + return EFI_INVALID_PARAMETER;
> + }
> +
> Dev = NON_DISCOVERABLE_PCI_DEVICE_FROM_PCI_IO(This);
>
> Status = CoherentPciIoAllocateBuffer (This, Type, MemoryType, Pages,
> @@ -995,6 +1021,19 @@ NonCoherentPciIoMap (
> EFI_GCD_MEMORY_SPACE_DESCRIPTOR GcdDescriptor;
> BOOLEAN Bounce;
>
> + if (HostAddress == NULL ||
> + NumberOfBytes == NULL ||
> + DeviceAddress == NULL ||
> + Mapping == NULL) {
> + return EFI_INVALID_PARAMETER;
> + }
> +
> + if (Operation != EfiPciIoOperationBusMasterRead &&
> + Operation != EfiPciIoOperationBusMasterWrite &&
> + Operation != EfiPciIoOperationBusMasterCommonBuffer) {
> + return EFI_INVALID_PARAMETER;
> + }
> +
> MapInfo = AllocatePool (sizeof *MapInfo);
> if (MapInfo == NULL) {
> return EFI_OUT_OF_RESOURCES;
> @@ -1228,8 +1267,17 @@ PciIoAttributes (
> NON_DISCOVERABLE_PCI_DEVICE *Dev;
> BOOLEAN Enable;
>
> + #define DEV_SUPPORTED_ATTRIBUTES \
> + (EFI_PCI_DEVICE_ENABLE | EFI_PCI_IO_ATTRIBUTE_DUAL_ADDRESS_CYCLE)
> +
> Dev = NON_DISCOVERABLE_PCI_DEVICE_FROM_PCI_IO(This);
>
> + if (Attributes) {
> + if ((Attributes & (~(DEV_SUPPORTED_ATTRIBUTES))) != 0) {
> + return EFI_UNSUPPORTED;
> + }
> + }
> +
> Enable = FALSE;
> switch (Operation) {
> case EfiPciIoAttributeOperationGet:
> @@ -1243,7 +1291,7 @@ PciIoAttributes (
> if (Result == NULL) {
> return EFI_INVALID_PARAMETER;
> }
> - *Result = EFI_PCI_DEVICE_ENABLE |
> EFI_PCI_IO_ATTRIBUTE_DUAL_ADDRESS_CYCLE;
> + *Result = DEV_SUPPORTED_ATTRIBUTES;
> break;
>
> case EfiPciIoAttributeOperationEnable:
> --
> 2.18.0
>
_______________________________________________
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel
