MdeModulePkg/NonDiscoverablePciDeviceDxe: add missing validation

UEFI SCT crashed and failed in NonDiscoverablePciDeviceDxe becase
required checks were not performed. Perform parameters validation in
NonDiscoverablePciDeviceDxe.

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Vladimir Olovyannikov <vladimir.olovyannikov@broadcom.com>
Reviewed-by: Ard Biesheuvel <ard.biesheuvel at linaro.org>

1 files changed, 49 insertions, 1 deletions

diff --git a/MdeModulePkg/Bus/Pci/NonDiscoverablePciDeviceDxe/NonDiscoverablePciDeviceIo.c b/MdeModulePkg/Bus/Pci/NonDiscoverablePciDeviceDxe/NonDiscoverablePciDeviceIo.c
index 58cb5d8..f0d3472 100644
--- a/MdeModulePkg/Bus/Pci/NonDiscoverablePciDeviceDxe/NonDiscoverablePciDeviceIo.c
+++ b/MdeModulePkg/Bus/Pci/NonDiscoverablePciDeviceDxe/NonDiscoverablePciDeviceIo.c
@@ -52,6 +52,10 @@ GetBarResource (
 

   BarIndex -= (UINT8)Dev->BarOffset;

 

+  if (BarIndex >= Dev->BarCount) {

+    return EFI_UNSUPPORTED;

+  }

+

   for (Desc = Dev->Device->Resources;

        Desc->Desc != ACPI_END_TAG_DESCRIPTOR;

        Desc = (VOID *)((UINT8 *)Desc + Desc->Len + 3)) {

@@ -597,6 +601,19 @@ CoherentPciIoMap (
   EFI_STATUS                            Status;

   NON_DISCOVERABLE_PCI_DEVICE_MAP_INFO  *MapInfo;

 

+  if (Operation != EfiPciIoOperationBusMasterRead &&

+      Operation != EfiPciIoOperationBusMasterWrite &&

+      Operation != EfiPciIoOperationBusMasterCommonBuffer) {

+    return EFI_INVALID_PARAMETER;

+  }

+

+  if (HostAddress   == NULL ||

+      NumberOfBytes == NULL ||

+      DeviceAddress == NULL ||

+      Mapping       == NULL) {

+    return EFI_INVALID_PARAMETER;

+  }

+

   //

   // If HostAddress exceeds 4 GB, and this device does not support 64-bit DMA

   // addressing, we need to allocate a bounce buffer and copy over the data.

@@ -720,6 +737,11 @@ CoherentPciIoAllocateBuffer (
     return EFI_UNSUPPORTED;

   }

 

+  if ((MemoryType != EfiBootServicesData) &&

+      (MemoryType != EfiRuntimeServicesData)) {

+    return EFI_INVALID_PARAMETER;

+  }

+

   //

   // Allocate below 4 GB if the dual address cycle attribute has not

   // been set. If the system has no memory available below 4 GB, there

@@ -877,6 +899,10 @@ NonCoherentPciIoAllocateBuffer (
   NON_DISCOVERABLE_DEVICE_UNCACHED_ALLOCATION *Alloc;

   VOID                                        *AllocAddress;

 

+  if (HostAddress == NULL) {

+    return EFI_INVALID_PARAMETER;

+  }

+

   Dev = NON_DISCOVERABLE_PCI_DEVICE_FROM_PCI_IO(This);

 

   Status = CoherentPciIoAllocateBuffer (This, Type, MemoryType, Pages,

@@ -995,6 +1021,19 @@ NonCoherentPciIoMap (
   EFI_GCD_MEMORY_SPACE_DESCRIPTOR       GcdDescriptor;

   BOOLEAN                               Bounce;

 

+  if (HostAddress   == NULL ||

+      NumberOfBytes == NULL ||

+      DeviceAddress == NULL ||

+      Mapping       == NULL) {

+    return EFI_INVALID_PARAMETER;

+  }

+

+  if (Operation != EfiPciIoOperationBusMasterRead &&

+      Operation != EfiPciIoOperationBusMasterWrite &&

+      Operation != EfiPciIoOperationBusMasterCommonBuffer) {

+    return EFI_INVALID_PARAMETER;

+  }

+

   MapInfo = AllocatePool (sizeof *MapInfo);

   if (MapInfo == NULL) {

     return EFI_OUT_OF_RESOURCES;

@@ -1232,8 +1271,17 @@ PciIoAttributes (
   NON_DISCOVERABLE_PCI_DEVICE   *Dev;

   BOOLEAN                       Enable;

 

+  #define DEV_SUPPORTED_ATTRIBUTES \

+    (EFI_PCI_DEVICE_ENABLE | EFI_PCI_IO_ATTRIBUTE_DUAL_ADDRESS_CYCLE)

+

   Dev = NON_DISCOVERABLE_PCI_DEVICE_FROM_PCI_IO(This);

 

+  if (Attributes) {

+      if ((Attributes & (~(DEV_SUPPORTED_ATTRIBUTES))) != 0) {

+        return EFI_UNSUPPORTED;

+      }

+    }

+

   Enable = FALSE;

   switch (Operation) {

   case EfiPciIoAttributeOperationGet:

@@ -1247,7 +1295,7 @@ PciIoAttributes (
     if (Result == NULL) {

       return EFI_INVALID_PARAMETER;

     }

-    *Result = EFI_PCI_DEVICE_ENABLE | EFI_PCI_IO_ATTRIBUTE_DUAL_ADDRESS_CYCLE;

+    *Result = DEV_SUPPORTED_ATTRIBUTES;

     break;

 

   case EfiPciIoAttributeOperationEnable: