From nobody Tue Feb 10 08:28:06 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+100687+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+100687+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1677837837; cv=none; d=zohomail.com; s=zohoarc; b=dGTVqI8VtGvpq4t4lDFzXt0GC0+5KmrRjUmZaEjMks4nWvUC4Dm8NctQp9d7N7ylw2kMS9jeU7BK08uMz0SvA1MEnDC/4fxRxFwUg9bq3EUOfTkG24Tk8I1mr+c6GdRsaQdOt99T8oJcfvLlGMOzhx+5kLOLMFeQoHay+WNrV9A= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1677837837; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=QXSRsT3Ve617g8nj8P1qsZlb1j/nAq+A41mB+WwjiBU=; b=Z1nwCyuo7khbpey5HcJ2vVNuA5T2sjxXKaEXJX/Wt2+Ym+4T2fY9TVBe8sZJpLOCbCbM4O9yOdPALsxaPc0VIU255L/j0XAOTc7PfBZ0BN4Lmx35vGUtZJZTqzGmsxNRSPGTh87PngaiiY1vEpKZZVGLW3BkjnBVpP1Udxk5FWM= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+100687+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1677837837452964.1873092559813; Fri, 3 Mar 2023 02:03:57 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id NUgPYY1788612xHjLxrDEuy0; Fri, 03 Mar 2023 02:03:57 -0800 X-Received: from mga18.intel.com (mga18.intel.com [134.134.136.126]) by mx.groups.io with SMTP id smtpd.web10.19850.1677837828807486048 for ; Fri, 03 Mar 2023 02:03:56 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10637"; a="318831707" X-IronPort-AV: E=Sophos;i="5.98,230,1673942400"; d="scan'208";a="318831707" X-Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by orsmga106.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 03 Mar 2023 02:03:55 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6500,9779,10637"; a="818421017" X-IronPort-AV: E=Sophos;i="5.98,230,1673942400"; d="scan'208";a="818421017" X-Received: from shwdeopenlab702.ccr.corp.intel.com ([10.239.55.92]) by fmsmga001-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 03 Mar 2023 02:03:54 -0800 From: "duntan" To: devel@edk2.groups.io Cc: Eric Dong , Ray Ni , Rahul Kumar , Gerd Hoffmann Subject: [edk2-devel] [PATCH 3/6] UefiCpuPkg/CpuPageTebleLib: Check input Mask in PageTableMap Date: Fri, 3 Mar 2023 18:03:33 +0800 Message-Id: <20230303100336.2138-4-dun.tan@intel.com> In-Reply-To: <20230303100336.2138-1-dun.tan@intel.com> References: <20230303100336.2138-1-dun.tan@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,dun.tan@intel.com X-Gm-Message-State: JgemA9Or4McXw2QDGfCqjcjpx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1677837837; bh=x8XLAiHTwzkoD9Ip/QDPXtSrkZn+R2n9O2YF7IlN+1E=; h=Cc:Date:From:Reply-To:Subject:To; b=vTrFhLqYxwB55cdJStAU4hN1+1eXgLfV8b3dgCUlUl+a8NizcXD1GLUnrEiJEr9fE+1 RYtXORDmIZPOVg74TtuhpvLGUnP3WLjlVjm5KPZWUjprNc2JGtnthumnOIjrDPovtMwRY bxZktia+SPKaoNyahv+5XCO91PTxwIuj4mY= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1677837838484100009 Content-Type: text/plain; charset="utf-8" When creating new page table or mapping not-present range in existing page table, we need to make sure all the non-reserved fields of input Mask are not 0. Signed-off-by: Dun Tan Cc: Eric Dong Cc: Ray Ni Cc: Rahul Kumar Cc: Gerd Hoffmann --- UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableMap.c | 50 ++++++++++++++++= +++++++++++++++++++++++++++++++++- 1 file changed, 49 insertions(+), 1 deletion(-) diff --git a/UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableMap.c b/UefiCpu= Pkg/Library/CpuPageTableLib/CpuPageTableMap.c index d2f35aa375..21fdfb53c1 100644 --- a/UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableMap.c +++ b/UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableMap.c @@ -214,6 +214,28 @@ PageTableLibSetPnle ( Pnle->Bits.CacheDisabled =3D 0; } =20 +/** + Check if any Non-Reserved field of Mask is 0. When creating new page tab= le or mapping not-present + range, we need to make sure all the non-reserved fields of input Mask ar= e not 0. + + @param[in] Mask The mask used for attribute to check. +**/ +RETURN_STATUS +CheckMaskNonReservedBit ( + IN IA32_MAP_ATTRIBUTE *Mask + ) +{ + if ((Mask->Bits.Present =3D=3D 0) || (Mask->Bits.ReadWrite =3D=3D 0) || = (Mask->Bits.UserSupervisor =3D=3D 0) || + (Mask->Bits.WriteThrough =3D=3D 0) || (Mask->Bits.CacheDisabled =3D= =3D 0) || (Mask->Bits.Accessed =3D=3D 0) || + (Mask->Bits.Dirty =3D=3D 0) || (Mask->Bits.Pat =3D=3D 0) || (Mask->B= its.Global =3D=3D 0) || + (Mask->Bits.PageTableBaseAddress =3D=3D 0) || (Mask->Bits.Protection= Key =3D=3D 0) || (Mask->Bits.Nx =3D=3D 0)) + { + return RETURN_INVALID_PARAMETER; + } + + return RETURN_SUCCESS; +} + /** Update page table to map [LinearAddress, LinearAddress + Length) with sp= ecified attribute in the specified level. =20 @@ -259,6 +281,7 @@ PageTableLibMapInLevel ( UINTN Index; IA32_PAGING_ENTRY *PagingEntry; UINTN PagingEntryIndex; + UINTN PagingEntryIndexLimit; IA32_PAGING_ENTRY *CurrentPagingEntry; UINT64 RegionLength; UINT64 SubLength; @@ -302,6 +325,15 @@ PageTableLibMapInLevel ( // =20 if (ParentPagingEntry->Pce.Present =3D=3D 0) { + // + // [LinearAddress, LinearAddress + Length] contains not-present range,= we need to + // make sure all the non-reserved fields of Mask are not 0. + // + Status =3D CheckMaskNonReservedBit (Mask); + if (RETURN_ERROR (Status)) { + return Status; + } + // // The parent entry is CR3 or PML5E/PML4E/PDPTE/PDE. // It does NOT point to an existing page directory. @@ -371,6 +403,23 @@ PageTableLibMapInLevel ( } } } else { + PagingEntry =3D (IA32_PAGING_ENTRY *)(UINTN)IA32_PNLE_PAGE_T= ABLE_BASE_ADDRESS (&ParentPagingEntry->Pnle); + PagingEntryIndexLimit =3D (UINTN)BitFieldRead64 (LinearAddress + Lengt= h - 1, BitStart, BitStart + 9 - 1); + for (Index =3D PagingEntryIndex; Index <=3D PagingEntryIndexLimit; Ind= ex++) { + if (PagingEntry[Index].Pce.Present =3D=3D 0) { + // + // [LinearAddress, LinearAddress + Length] contains not-present ra= nge, we need to + // make sure all the non-reserved fields of Mask are not 0. + // + Status =3D CheckMaskNonReservedBit (Mask); + if (RETURN_ERROR (Status)) { + return Status; + } + + break; + } + } + // // It's a non-leaf entry // @@ -418,7 +467,6 @@ PageTableLibMapInLevel ( // Update child entries to use restrictive attribute inherited fro= m parent. // e.g.: Set PDE[0-255].ReadWrite =3D 0 // - PagingEntry =3D (IA32_PAGING_ENTRY *)(UINTN)IA32_PNLE_PAGE_TABLE_B= ASE_ADDRESS (&ParentPagingEntry->Pnle); for (Index =3D 0; Index < 512; Index++) { if (PagingEntry[Index].Pce.Present =3D=3D 0) { continue; --=20 2.31.1.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#100687): https://edk2.groups.io/g/devel/message/100687 Mute This Topic: https://groups.io/mt/97358972/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-