UefiCpuPkg/MtrrLib: Fix MtrrDebugPrintAllMtrrsWorker to avoid hang

ARRAY_SIZE(Mtrrs->Variables.Mtrr) was used in MtrrDebugPrintAllMtrrsWorker() to parse the MTRR registers. Instead, the actual variable MTRR count should be used. Otherwise, the uninitialized random data in MtrrSetting may cause MtrrLibSetMemoryType() hang. Steven Shi found this bug in QEMU when using Q35 chip. Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com> Reviewed-by: Steven Shi <steven.shi@intel.com> Cc: Laszlo Ersek <lersek@redhat.com>
2017-10-17 09:46:27 +08:00 · 2017-10-17 09:46:27 +08:00 · 1c29d03869
parent e2ac374f85
commit 1c29d03869
1 changed files with 6 additions and 3 deletions
--- a/UefiCpuPkg/Library/MtrrLib/MtrrLib.c
+++ b/UefiCpuPkg/Library/MtrrLib/MtrrLib.c
@ -2776,6 +2776,7 @@ MtrrDebugPrintAllMtrrsWorker (
    UINTN             RangeCount;
    UINT64            MtrrValidBitsMask;
    UINT64            MtrrValidAddressMask;
+    UINT32            VariableMtrrCount;
    MTRR_MEMORY_RANGE Ranges[
      ARRAY_SIZE (mMtrrLibFixedMtrrTable) * sizeof (UINT64) + 2 * ARRAY_SIZE (Mtrrs->Variables.Mtrr) + 1
      ];
@ -2785,6 +2786,8 @@ MtrrDebugPrintAllMtrrsWorker (
      return;
    }

+    VariableMtrrCount = GetVariableMtrrCountWorker ();
+
    if (MtrrSetting != NULL) {
      Mtrrs = MtrrSetting;
    } else {
@ -2802,7 +2805,7 @@ MtrrDebugPrintAllMtrrsWorker (
      DEBUG((DEBUG_CACHE, "Fixed MTRR[%02d]   : %016lx\n", Index, Mtrrs->Fixed.Mtrr[Index]));
    }

-    for (Index = 0; Index < ARRAY_SIZE (Mtrrs->Variables.Mtrr); Index++) {
+    for (Index = 0; Index < VariableMtrrCount; Index++) {
      if (((MSR_IA32_MTRR_PHYSMASK_REGISTER *)&Mtrrs->Variables.Mtrr[Index].Mask)->Bits.V == 0) {
        //
        // If mask is not valid, then do not display range
@ -2829,11 +2832,11 @@ MtrrDebugPrintAllMtrrsWorker (
    RangeCount = 1;

    MtrrLibGetRawVariableRanges (
-      &Mtrrs->Variables, ARRAY_SIZE (Mtrrs->Variables.Mtrr),
+      &Mtrrs->Variables, VariableMtrrCount,
      MtrrValidBitsMask, MtrrValidAddressMask, RawVariableRanges
      );
    MtrrLibApplyVariableMtrrs (
-      RawVariableRanges, ARRAY_SIZE (RawVariableRanges),
+      RawVariableRanges, VariableMtrrCount,
      Ranges, ARRAY_SIZE (Ranges), &RangeCount
      );