From nobody Fri Dec 19 15:59:40 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+101387+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+101387+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1679290485; cv=none; d=zohomail.com; s=zohoarc; b=jJvTdVNICRqWoD1PAZuu18rD4UdCE+1Gmg/wgjH88gKMK0/azQzTHHH8e9gIe3XZtX0O4io3rd6hbcj9/lqWZLpQZ1BpT9LXiSi6I6KGExUb5xI2WXcCfAy6MljZKShVmXeQPi4jWBouAWnB3/LaWgQo6S+H6BGLlpfCTrYcP6Y= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1679290485; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=INU1gfCsjiolttfT/sLxAL+ymm2XpePE5UAMaEhK+3o=; b=FyYN1mLMugn6ZYPVtH7avri02c2ZBq1JVuQJEuEQf6g62sVRy97eYDN+Bx1SzU3Y4RGo0Cd3mS5Sjnx8LojoJpYlk+iYjoWEmtEu2bJ8xrdovfRCYnxA83WsThiJDtOYLonmq70+6UujmfkZAH0hwBqLMa7epkmfqoJHZ54TR68= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+101387+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1679290485112731.9837283771371; Sun, 19 Mar 2023 22:34:45 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id LvG4YY1788612xGWA1jqbxN7; Sun, 19 Mar 2023 22:34:44 -0700 X-Received: from mga06.intel.com (mga06.intel.com [134.134.136.31]) by mx.groups.io with SMTP id smtpd.web11.7471.1679290475232002420 for ; Sun, 19 Mar 2023 22:34:44 -0700 X-IronPort-AV: E=McAfee;i="6600,9927,10654"; a="401155570" X-IronPort-AV: E=Sophos;i="5.98,274,1673942400"; d="scan'208";a="401155570" X-Received: from fmsmga003.fm.intel.com ([10.253.24.29]) by orsmga104.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 19 Mar 2023 22:34:43 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10654"; a="770059463" X-IronPort-AV: E=Sophos;i="5.98,274,1673942400"; d="scan'208";a="770059463" X-Received: from shwdeopenlab702.ccr.corp.intel.com ([10.239.55.92]) by fmsmga003-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 19 Mar 2023 22:34:42 -0700 From: "duntan" To: devel@edk2.groups.io Cc: Eric Dong , Ray Ni , Rahul Kumar , Gerd Hoffmann Subject: [edk2-devel] [Patch V3 07/18] UefiCpuPkg/CpuPageTableLib:Add check for Mask and Attr Date: Mon, 20 Mar 2023 13:33:18 +0800 Message-Id: <20230320053329.410-8-dun.tan@intel.com> In-Reply-To: <20230320053329.410-1-dun.tan@intel.com> References: <20230320053329.410-1-dun.tan@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,dun.tan@intel.com X-Gm-Message-State: Tref5od5Dhp6OB9LRXlWRy0rx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1679290484; bh=8tfKAW9bUBXWbqahMkv3FI1srdxo82ppDGSf6QlKOHo=; h=Cc:Date:From:Reply-To:Subject:To; b=lpHejuJBQxRnY3o23alUZ+0XnEFaK1DQ16qEOVx+ZP12LfRNIcYSS6ho8KYr4VjAzsa TSGvtXJcvGwFO54XRFnvxAN/pQNBPL/B6/gax00fCEUVl3bnGasvQRGcf5aQ7hv4/AJFx uJDsffGIAhDgQYzQpHDMQSjSAm6b6S/fUqg= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1679290486490100013 Content-Type: text/plain; charset="utf-8" For different usage, check if the combination for Mask and Attr is valid when creating or updating page table. 1.For non-present range 1.1Mask.Present is 0 but some other attributes is provided. This case is invalid. 1.2Mask.Present is 1 and Attr.Present is 0. In this case,all other attributes should not be provided. 1.3Mask.Present is 1 and Attr.Present is 1. In this case,all attributes should be provided to intialize the attribute. 2.For present range 2.1Mask.Present is 1 and Attr.Present is 0.In this case, all other attributes should not be provided. All other usage for present range is permitted. In the mentioned cases, 1.2 and 2.1 can be merged into 1 check. Signed-off-by: Dun Tan Cc: Eric Dong Cc: Ray Ni Cc: Rahul Kumar Cc: Gerd Hoffmann --- UefiCpuPkg/Include/Library/CpuPageTableLib.h | 2 +- UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableMap.c | 79 ++++++++++++++++= +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++-- 2 files changed, 78 insertions(+), 3 deletions(-) diff --git a/UefiCpuPkg/Include/Library/CpuPageTableLib.h b/UefiCpuPkg/Incl= ude/Library/CpuPageTableLib.h index 5f44ece548..6bda15b5bc 100644 --- a/UefiCpuPkg/Include/Library/CpuPageTableLib.h +++ b/UefiCpuPkg/Include/Library/CpuPageTableLib.h @@ -76,7 +76,7 @@ typedef enum { @param[in] Mask The mask used for attribute. The correspo= nding field in Attribute is ignored if that in Mask is 0. =20 @retval RETURN_UNSUPPORTED PagingMode is not supported. - @retval RETURN_INVALID_PARAMETER PageTable, BufferSize, Attribute or Ma= sk is NULL. + @retval RETURN_INVALID_PARAMETER PageTable, BufferSize, Attribute or Ma= sk is NULL or the combination of Attribute and Mask is invalid. @retval RETURN_INVALID_PARAMETER *BufferSize is not multiple of 4KB. @retval RETURN_BUFFER_TOO_SMALL The buffer is too small for page table= creation/updating. BufferSize is updated to indicate the = expected buffer size. diff --git a/UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableMap.c b/UefiCpu= Pkg/Library/CpuPageTableLib/CpuPageTableMap.c index 1fc696f572..925dd90f23 100644 --- a/UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableMap.c +++ b/UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableMap.c @@ -215,6 +215,43 @@ PageTableLibSetPnle ( Pnle->Bits.CacheDisabled =3D 0; } =20 +/** + Check if the combination for Attribute and Mask is valid for non-present= entry. + 1.Mask.Present is 0 but some other attributes is provided. This case sho= uld be invalid. + 2.Map non-present range to present. In this case, all attributes should = be provided. + + @param[in] Attribute The attribute of the linear address range. + @param[in] Mask The mask used for attribute to check. + + @retval RETURN_INVALID_PARAMETER The combination for Attribute and Ma= sk is invalid. + @retval RETURN_SUCCESS The combination for Attribute and Ma= sk is valid. +**/ +RETURN_STATUS +IsAttributesAndMaskValidForNonPresentEntry ( + IN IA32_MAP_ATTRIBUTE *Attribute, + IN IA32_MAP_ATTRIBUTE *Mask + ) +{ + if ((Mask->Bits.Present =3D=3D 1) && (Attribute->Bits.Present =3D=3D 1))= { + // + // Creating new page table or remapping non-present range to present. + // + if ((Mask->Bits.ReadWrite =3D=3D 0) || (Mask->Bits.UserSupervisor =3D= =3D 0) || (Mask->Bits.WriteThrough =3D=3D 0) || (Mask->Bits.CacheDisabled = =3D=3D 0) || + (Mask->Bits.Accessed =3D=3D 0) || (Mask->Bits.Dirty =3D=3D 0) || (= Mask->Bits.Pat =3D=3D 0) || (Mask->Bits.Global =3D=3D 0) || + (Mask->Bits.PageTableBaseAddress =3D=3D 0) || (Mask->Bits.Protecti= onKey =3D=3D 0) || (Mask->Bits.Nx =3D=3D 0)) + { + return RETURN_INVALID_PARAMETER; + } + } else if ((Mask->Bits.Present =3D=3D 0) && (Mask->Uint64 > 1)) { + // + // Only change other attributes for non-present range is not permitted. + // + return RETURN_INVALID_PARAMETER; + } + + return RETURN_SUCCESS; +} + /** Update page table to map [LinearAddress, LinearAddress + Length) with sp= ecified attribute in the specified level. =20 @@ -237,6 +274,7 @@ PageTableLibSetPnle ( when a new physical base address is se= t. @param[in] Mask The mask used for attribute. The corre= sponding field in Attribute is ignored if that in Mask is 0. =20 + @retval RETURN_INVALID_PARAMETER The combination of Attribute and Mask = for non-present entry is invalid. @retval RETURN_SUCCESS PageTable is created/updated successfu= lly. **/ RETURN_STATUS @@ -260,6 +298,7 @@ PageTableLibMapInLevel ( UINTN Index; IA32_PAGING_ENTRY *PagingEntry; UINTN PagingEntryIndex; + UINTN PagingEntryIndexEnd; IA32_PAGING_ENTRY *CurrentPagingEntry; UINT64 RegionLength; UINT64 SubLength; @@ -303,6 +342,14 @@ PageTableLibMapInLevel ( // =20 if (ParentPagingEntry->Pce.Present =3D=3D 0) { + // + // [LinearAddress, LinearAddress + Length] contains non-present range. + // + Status =3D IsAttributesAndMaskValidForNonPresentEntry (Attribute, Mask= ); + if (RETURN_ERROR (Status)) { + return Status; + } + // // The parent entry is CR3 or PML5E/PML4E/PDPTE/PDE. // It does NOT point to an existing page directory. @@ -372,6 +419,27 @@ PageTableLibMapInLevel ( ParentPagingEntry->Uint64 =3D ((UINTN)(VOID *)PagingEntry) | (Parent= PagingEntry->Uint64 & (~IA32_PE_BASE_ADDRESS_MASK_40)); } } else { + // + // If (LinearAddress + Length - 1) is not in the same ParentPagingEntr= y with (LinearAddress + Offset), then the remaining child PagingEntry + // starting from PagingEntryIndex of ParentPagingEntry is all covered = by [LinearAddress + Offset, LinearAddress + Length - 1]. + // + PagingEntryIndexEnd =3D (BitFieldRead64 (LinearAddress + Length - 1, B= itStart + 9, 63) !=3D BitFieldRead64 (LinearAddress + Offset, BitStart + 9,= 63)) ? 511 : + (UINTN)BitFieldRead64 (LinearAddress + Length - = 1, BitStart, BitStart + 9 - 1); + PagingEntry =3D (IA32_PAGING_ENTRY *)(UINTN)IA32_PNLE_PAGE_TABLE_BASE_= ADDRESS (&ParentPagingEntry->Pnle); + for (Index =3D PagingEntryIndex; Index <=3D PagingEntryIndexEnd; Index= ++) { + if (PagingEntry[Index].Pce.Present =3D=3D 0) { + // + // [LinearAddress, LinearAddress + Length] contains non-present ra= nge. + // + Status =3D IsAttributesAndMaskValidForNonPresentEntry (Attribute, = Mask); + if (RETURN_ERROR (Status)) { + return Status; + } + + break; + } + } + // // It's a non-leaf entry // @@ -419,7 +487,6 @@ PageTableLibMapInLevel ( // Update child entries to use restrictive attribute inherited fro= m parent. // e.g.: Set PDE[0-255].ReadWrite =3D 0 // - PagingEntry =3D (IA32_PAGING_ENTRY *)(UINTN)IA32_PNLE_PAGE_TABLE_B= ASE_ADDRESS (&ParentPagingEntry->Pnle); for (Index =3D 0; Index < 512; Index++) { if (PagingEntry[Index].Pce.Present =3D=3D 0) { continue; @@ -547,7 +614,7 @@ PageTableLibMapInLevel ( @param[in] Mask The mask used for attribute. The correspo= nding field in Attribute is ignored if that in Mask is 0. =20 @retval RETURN_UNSUPPORTED PagingMode is not supported. - @retval RETURN_INVALID_PARAMETER PageTable, BufferSize, Attribute or Ma= sk is NULL. + @retval RETURN_INVALID_PARAMETER PageTable, BufferSize, Attribute or Ma= sk is NULL or the combination of Attribute and Mask is invalid. @retval RETURN_INVALID_PARAMETER *BufferSize is not multiple of 4KB. @retval RETURN_BUFFER_TOO_SMALL The buffer is too small for page table= creation/updating. BufferSize is updated to indicate the = expected buffer size. @@ -609,6 +676,14 @@ PageTableMap ( return RETURN_INVALID_PARAMETER; } =20 + // + // If to map [LinearAddress, LinearAddress + Length] as non-present, + // all attributes except Present should not be provided. + // + if ((Attribute->Bits.Present =3D=3D 0) && (Mask->Bits.Present =3D=3D 1) = && (Mask->Uint64 > 1)) { + return RETURN_INVALID_PARAMETER; + } + MaxLeafLevel =3D (IA32_PAGE_LEVEL)(UINT8)PagingMode; MaxLevel =3D (IA32_PAGE_LEVEL)(UINT8)(PagingMode >> 8); MaxLinearAddress =3D LShiftU64 (1, 12 + MaxLevel * 9); --=20 2.31.1.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#101387): https://edk2.groups.io/g/devel/message/101387 Mute This Topic: https://groups.io/mt/97725704/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-