From nobody Wed May 15 00:59:31 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+110993+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+110993+1787277+3901457@groups.io ARC-Seal: i=1; a=rsa-sha256; t=1699551560; cv=none; d=zohomail.com; s=zohoarc; b=KiGnFBeOC6dToxC+aVjHQ9oVIhxPzD0qwGqR03tr8z33lfsraTKK9y+ZNLXJAcJnIFJCqXc3XJtWHzLS5N0kNSBU394u7iNpy7JUkA8OQziN6+f45zpkof45E0COqk6DK0M7DthUiZbykAoKCReTRhmOnt1j9jrZd/rIfZia84I= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1699551560; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:Reply-To:References:Sender:Subject:Subject:To:To:Message-Id; bh=lYTKm1CuEDd+AE/K9UIuCzu/bVODxuyKL8qq88P0jY8=; b=gaa0A6AvBOAGhel9OxzzfYaigggegt/jnWr4chzuCCgJbx7Le+vGCPnNa3lNOPCQwrq0mvTg5mgF+ebsqYxLzNuw/PEQZv7iLsJKpeI/08EeqhPwtNotyBY04uhFdHfqBIAhR+ZxH1e93iaPyQYMAkD9odQhTduEfOw+JyfV9MQ= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+110993+1787277+3901457@groups.io Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1699551560320242.20320882336068; Thu, 9 Nov 2023 09:39:20 -0800 (PST) Return-Path: DKIM-Signature: a=rsa-sha256; bh=bmzioMjQTy442V/adCFvpIHoUTGi7l0Vrao3ZOjSWcg=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20140610; t=1699551559; v=1; b=u4ep90fSYjGtXcIMDB+ra7z5CFBeIzBd3PreM02mdsGfHjfiPL9zmBR8F5G90qpSPgHyRiH5 7c4SJ9QMKUwkAIGzjsgNpWV/mHKJZd4LCDTPHYpWuIo5ak88jR4/diKVaY5rpV0fECxUxufdNcY zYV7mOto5t/RgjwIs35bjgT4= X-Received: by 127.0.0.2 with SMTP id bjFXYY1788612xgIYOAO9QZR; Thu, 09 Nov 2023 09:39:19 -0800 X-Received: from mail-io1-f48.google.com (mail-io1-f48.google.com [209.85.166.48]) by mx.groups.io with SMTP id smtpd.web11.206.1699551559178419138 for ; Thu, 09 Nov 2023 09:39:19 -0800 X-Received: by mail-io1-f48.google.com with SMTP id ca18e2360f4ac-7a6acc8e222so42234139f.0 for ; Thu, 09 Nov 2023 09:39:18 -0800 (PST) X-Gm-Message-State: Zxn6jejvNCV4rFlALbs1SI18x1787277AA= X-Google-Smtp-Source: AGHT+IHrT11r8muITuSVcN4ii+BXPDQO3IVyLSixniBAag0R/Uv9t2JW/I83qLrzggEmPwXrfnmQ3w== X-Received: by 2002:a6b:7f01:0:b0:792:70c2:9db1 with SMTP id l1-20020a6b7f01000000b0079270c29db1mr2288633ioq.1.1699551558047; Thu, 09 Nov 2023 09:39:18 -0800 (PST) X-Received: from user-Latitude-5420.dc1.ventanamicro.com ([2401:4900:1f24:28fe:87c2:d0fc:f722:4f0d]) by smtp.gmail.com with ESMTPSA id ei14-20020a05663829ae00b0045c1fcf2ef7sm3876355jab.37.2023.11.09.09.39.15 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 09 Nov 2023 09:39:17 -0800 (PST) From: "Ranbir Singh" To: devel@edk2.groups.io, rsingh@ventanamicro.com Cc: Ray Ni , Veeresh Sangolli Subject: [edk2-devel] [PATCH v3 1/2] MdeModulePkg/Bus/Pci/PciHostBridgeDxe: Fix OVERRUN Coverity issues Date: Thu, 9 Nov 2023 23:09:06 +0530 Message-Id: <20231109173908.364630-2-rsingh@ventanamicro.com> In-Reply-To: <20231109173908.364630-1-rsingh@ventanamicro.com> References: <20231109173908.364630-1-rsingh@ventanamicro.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,rsingh@ventanamicro.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1699551561096100001 Content-Type: text/plain; charset="utf-8" From: Ranbir Singh The function NotifyPhase has a check ASSERT (Index < TypeMax); but this comes into play only in DEBUG mode. In Release mode, there is no handling if the Index value is within array limits or not. If for whatever reasons, the Index does not get re-assigned to Index2 at line 937, then it remains at TypeMax as assigned earlier at line 929. This poses array overrun risk at lines 942 and 943. It is better to deploy a safety check on Index limit before accessing array elements. REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4212 Cc: Ray Ni Co-authored-by: Veeresh Sangolli Signed-off-by: Ranbir Singh Signed-off-by: Ranbir Singh Reviewed-by: Laszlo Ersek --- MdeModulePkg/Bus/Pci/PciHostBridgeDxe/PciHostBridge.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/MdeModulePkg/Bus/Pci/PciHostBridgeDxe/PciHostBridge.c b/MdeMod= ulePkg/Bus/Pci/PciHostBridgeDxe/PciHostBridge.c index d573e532bac8..c2c143068cd2 100644 --- a/MdeModulePkg/Bus/Pci/PciHostBridgeDxe/PciHostBridge.c +++ b/MdeModulePkg/Bus/Pci/PciHostBridgeDxe/PciHostBridge.c @@ -939,6 +939,11 @@ NotifyPhase ( } =20 ASSERT (Index < TypeMax); + + if (Index =3D=3D TypeMax) { + CpuDeadLoop (); + } + ResNodeHandled[Index] =3D TRUE; Alignment =3D RootBridge->ResAllocNode[Index].Alig= nment; BitsOfAlignment =3D LowBitSet64 (Alignment + 1); --=20 2.34.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#110993): https://edk2.groups.io/g/devel/message/110993 Mute This Topic: https://groups.io/mt/102490513/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Wed May 15 00:59:31 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+110994+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+110994+1787277+3901457@groups.io ARC-Seal: i=1; a=rsa-sha256; t=1699551562; cv=none; d=zohomail.com; s=zohoarc; b=YMSUawNFIHTnn+uWii0FVRSF2XerZP8JzZMatYT0mnJgDU6k53cj39t8o4zs6zfXfASDa57YEgq8ZRIPtnBGpRDNBIHFkdOSiuv7ZpM9J0ripQfJHNrjPMnvYBm/QNxIr2Z/8lCdLxpHsOgcyL1DwAwtTWmb9AmO1gj5ScXDvZQ= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1699551562; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:Reply-To:References:Sender:Subject:Subject:To:To:Message-Id; bh=FNchpXuXBPssYC38Ye29ri1LR/QyvRX/zyW97kaL4/U=; b=YSzMF1K1fyQ3Nds/J+wFiTH1HiqMbU16lXc73C2cSxRFgEHNbTv7YY1PO90LCXM/hR+OPUaKtbQ9S7USXT/GMnmAL/Wcxsgi/kKshn4nolgeIN5VtMYMSdZMGGKfoGnie7RSJ9MNb16wpYl1+GJSeKheamYcje8B0QJsg44/qkA= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+110994+1787277+3901457@groups.io Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1699551562244871.8988423135382; Thu, 9 Nov 2023 09:39:22 -0800 (PST) Return-Path: DKIM-Signature: a=rsa-sha256; bh=HFC08yWS+hkAMO6gSWIFVj7QafRY6mBe5WFF4F66N08=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20140610; t=1699551561; v=1; b=GaAsJC6JSEtzHOdYyBG9H0pzMuh57NVXAspuoL32KB1zU0Z9zigFOwFt2nYqEwkT7s8kP3cr n87fFMYbGRJXdjBrDGI9ToTIhEnOq9QiphB3chgOo0zRwiDfpcfgcbbYwEh97nPpe1g6G24wfEy AfVTI0crTHHYAir1M5RjN5ww= X-Received: by 127.0.0.2 with SMTP id OgPkYY1788612xhlmqQpLZHb; Thu, 09 Nov 2023 09:39:21 -0800 X-Received: from mail-il1-f176.google.com (mail-il1-f176.google.com [209.85.166.176]) by mx.groups.io with SMTP id smtpd.web11.207.1699551561343834131 for ; Thu, 09 Nov 2023 09:39:21 -0800 X-Received: by mail-il1-f176.google.com with SMTP id e9e14a558f8ab-359c1f42680so4173845ab.2 for ; Thu, 09 Nov 2023 09:39:21 -0800 (PST) X-Gm-Message-State: TNlpNGPGVuZovMzotkFUN6Tpx1787277AA= X-Google-Smtp-Source: AGHT+IECx5KhpX6nkbrraSV1gy8gP+VNf3gGcRx5NNt6nsGDSAjD5lGHcOJ1Og47BAiknKuOcY7TYw== X-Received: by 2002:a05:6e02:20c3:b0:357:a640:3235 with SMTP id 3-20020a056e0220c300b00357a6403235mr7271388ilq.29.1699551560312; Thu, 09 Nov 2023 09:39:20 -0800 (PST) X-Received: from user-Latitude-5420.dc1.ventanamicro.com ([2401:4900:1f24:28fe:87c2:d0fc:f722:4f0d]) by smtp.gmail.com with ESMTPSA id ei14-20020a05663829ae00b0045c1fcf2ef7sm3876355jab.37.2023.11.09.09.39.18 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 09 Nov 2023 09:39:20 -0800 (PST) From: "Ranbir Singh" To: devel@edk2.groups.io, rsingh@ventanamicro.com Cc: Ray Ni Subject: [edk2-devel] [PATCH v3 2/2] MdeModulePkg/Bus/Pci/PciHostBridgeDxe: Fix MISSING_BREAK Coverity issue Date: Thu, 9 Nov 2023 23:09:07 +0530 Message-Id: <20231109173908.364630-3-rsingh@ventanamicro.com> In-Reply-To: <20231109173908.364630-1-rsingh@ventanamicro.com> References: <20231109173908.364630-1-rsingh@ventanamicro.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,rsingh@ventanamicro.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1699551563143100005 Content-Type: text/plain; charset="utf-8" From: Ranbir Singh The function SubmitResources has a switch-case code in which the case ACPI_ADDRESS_SPACE_TYPE_MEM: which falls through to case ACPI_ADDRESS_SPACE_TYPE_IO: to include additional common check. While this may be intentional, it may not be evident to any general code reader/developer or static analyis tool why there is no break in between. SubmitResources function is supposed to handle only Mem or IO resources. So, update the ResType parameter check reflecting that and re-model the switch-case code in contention using just one if condition to further handle other parameter checks specific to ACPI_ADDRESS_SPACE_TYPE_MEM. This leads to mostly indentation level code changes. Few ASSERT's later present are henceforth not required. REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4212 Cc: Ray Ni Signed-off-by: Ranbir Singh Reviewed-by: Laszlo Ersek --- MdeModulePkg/Bus/Pci/PciHostBridgeDxe/PciHostBridge.c | 60 +++++++++------= ----- 1 file changed, 26 insertions(+), 34 deletions(-) diff --git a/MdeModulePkg/Bus/Pci/PciHostBridgeDxe/PciHostBridge.c b/MdeMod= ulePkg/Bus/Pci/PciHostBridgeDxe/PciHostBridge.c index c2c143068cd2..ed0aa455bfd4 100644 --- a/MdeModulePkg/Bus/Pci/PciHostBridgeDxe/PciHostBridge.c +++ b/MdeModulePkg/Bus/Pci/PciHostBridgeDxe/PciHostBridge.c @@ -1453,7 +1453,7 @@ SetBusNumbers ( Submits the I/O and memory resource requirements for the specified PCI R= oot Bridge. =20 @param This The EFI_PCI_HOST_BRIDGE_RESOURCE_ALLOCATION_ PR= OTOCOL instance. - @param RootBridgeHandle The PCI Root Bridge whose I/O and memory resour= ce requirements. + @param RootBridgeHandle The PCI Root Bridge whose I/O and memory resour= ce requirements are being submitted. @param Configuration The pointer to the PCI I/O and PCI memory resou= rce descriptor. =20 @@ -1496,7 +1496,7 @@ SubmitResources ( // descriptors are ignored and the function returns EFI_INVALID_PARA= METER. // for (Descriptor =3D (EFI_ACPI_ADDRESS_SPACE_DESCRIPTOR *)Configurati= on; Descriptor->Desc =3D=3D ACPI_ADDRESS_SPACE_DESCRIPTOR; Descriptor++) { - if (Descriptor->ResType > ACPI_ADDRESS_SPACE_TYPE_BUS) { + if ((Descriptor->ResType !=3D ACPI_ADDRESS_SPACE_TYPE_MEM) && (Des= criptor->ResType !=3D ACPI_ADDRESS_SPACE_TYPE_IO)) { return EFI_INVALID_PARAMETER; } =20 @@ -1509,40 +1509,34 @@ SubmitResources ( (Descriptor->SpecificFlag & EFI_ACPI_MEMORY_RESOURCE_SPECIFIC_FL= AG_CACHEABLE_PREFETCHABLE) !=3D 0 ? L" (Prefetchable)" : L"" )); DEBUG ((DEBUG_INFO, " Length/Alignment =3D 0x%lx / 0x%lx\n", = Descriptor->AddrLen, Descriptor->AddrRangeMax)); - switch (Descriptor->ResType) { - case ACPI_ADDRESS_SPACE_TYPE_MEM: - if ((Descriptor->AddrSpaceGranularity !=3D 32) && (Descriptor-= >AddrSpaceGranularity !=3D 64)) { - return EFI_INVALID_PARAMETER; - } =20 - if ((Descriptor->AddrSpaceGranularity =3D=3D 32) && (Descripto= r->AddrLen >=3D SIZE_4GB)) { - return EFI_INVALID_PARAMETER; - } + if (Descriptor->ResType =3D=3D ACPI_ADDRESS_SPACE_TYPE_MEM) { + if ((Descriptor->AddrSpaceGranularity !=3D 32) && (Descriptor->A= ddrSpaceGranularity !=3D 64)) { + return EFI_INVALID_PARAMETER; + } =20 - // - // If the PCI root bridge does not support separate windows fo= r nonprefetchable and - // prefetchable memory, then the PCI bus driver needs to inclu= de requests for - // prefetchable memory in the nonprefetchable memory pool. - // - if (((RootBridge->AllocationAttributes & EFI_PCI_HOST_BRIDGE_C= OMBINE_MEM_PMEM) !=3D 0) && - ((Descriptor->SpecificFlag & EFI_ACPI_MEMORY_RESOURCE_SPEC= IFIC_FLAG_CACHEABLE_PREFETCHABLE) !=3D 0) - ) - { - return EFI_INVALID_PARAMETER; - } + if ((Descriptor->AddrSpaceGranularity =3D=3D 32) && (Descriptor-= >AddrLen >=3D SIZE_4GB)) { + return EFI_INVALID_PARAMETER; + } =20 - case ACPI_ADDRESS_SPACE_TYPE_IO: - // - // Check aligment, it should be of the form 2^n-1 - // - if (GetPowerOfTwo64 (Descriptor->AddrRangeMax + 1) !=3D (Descr= iptor->AddrRangeMax + 1)) { - return EFI_INVALID_PARAMETER; - } + // + // If the PCI root bridge does not support separate windows for = nonprefetchable and + // prefetchable memory, then the PCI bus driver needs to include= requests for + // prefetchable memory in the nonprefetchable memory pool. + // + if (((RootBridge->AllocationAttributes & EFI_PCI_HOST_BRIDGE_COM= BINE_MEM_PMEM) !=3D 0) && + ((Descriptor->SpecificFlag & EFI_ACPI_MEMORY_RESOURCE_SPECIF= IC_FLAG_CACHEABLE_PREFETCHABLE) !=3D 0) + ) + { + return EFI_INVALID_PARAMETER; + } + } =20 - break; - default: - ASSERT (FALSE); - break; + // + // Check aligment, it should be of the form 2^n-1 + // + if (GetPowerOfTwo64 (Descriptor->AddrRangeMax + 1) !=3D (Descripto= r->AddrRangeMax + 1)) { + return EFI_INVALID_PARAMETER; } } =20 @@ -1559,7 +1553,6 @@ SubmitResources ( Type =3D TypeMem32; } } else { - ASSERT (Descriptor->AddrSpaceGranularity =3D=3D 64); if ((Descriptor->SpecificFlag & EFI_ACPI_MEMORY_RESOURCE_SPECI= FIC_FLAG_CACHEABLE_PREFETCHABLE) !=3D 0) { Type =3D TypePMem64; } else { @@ -1567,7 +1560,6 @@ SubmitResources ( } } } else { - ASSERT (Descriptor->ResType =3D=3D ACPI_ADDRESS_SPACE_TYPE_IO); Type =3D TypeIo; } =20 --=20 2.34.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#110994): https://edk2.groups.io/g/devel/message/110994 Mute This Topic: https://groups.io/mt/102490514/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-