]> git.proxmox.com Git - mirror_edk2.git/blob - ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Madt/MadtParser.c
projects / mirror_edk2.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
ShellPkg: acpiview: MADT: Prevent buffer overruns
[mirror_edk2.git] / ShellPkg / Library / UefiShellAcpiViewCommandLib / Parsers / Madt / MadtParser.c
1 /** @file
2 MADT table parser
3
4 Copyright (c) 2016 - 2019, ARM Limited. All rights reserved.
5 SPDX-License-Identifier: BSD-2-Clause-Patent
6
7 @par Reference(s):
8 - ACPI 6.3 Specification - January 2019
9 - Arm Generic Interrupt Controller Architecture Specification,
10 GIC architecture version 3 and version 4, issue E
11 - Arm Server Base System Architecture 5.0
12 **/
13
14 #include <IndustryStandard/Acpi.h>
15 #include <Library/UefiLib.h>
16 #include "AcpiParser.h"
17 #include "AcpiTableParser.h"
18 #include "MadtParser.h"
19
20 // Local Variables
21 STATIC CONST UINT8* MadtInterruptControllerType;
22 STATIC CONST UINT8* MadtInterruptControllerLength;
23 STATIC ACPI_DESCRIPTION_HEADER_INFO AcpiHdrInfo;
24
25 /**
26 This function validates the System Vector Base in the GICD.
27
28 @param [in] Ptr Pointer to the start of the field data.
29 @param [in] Context Pointer to context specific information e.g. this
30 could be a pointer to the ACPI table header.
31 **/
32 STATIC
33 VOID
34 EFIAPI
35 ValidateGICDSystemVectorBase (
36 IN UINT8* Ptr,
37 IN VOID* Context
38 )
39 {
40 if (*(UINT32*)Ptr != 0) {
41 IncrementErrorCount ();
42 Print (
43 L"\nERROR: System Vector Base must be zero."
44 );
45 }
46 }
47
48 /**
49 This function validates the SPE Overflow Interrupt in the GICC.
50
51 @param [in] Ptr Pointer to the start of the field data.
52 @param [in] Context Pointer to context specific information e.g. this
53 could be a pointer to the ACPI table header.
54 **/
55 STATIC
56 VOID
57 EFIAPI
58 ValidateSpeOverflowInterrupt (
59 IN UINT8* Ptr,
60 IN VOID* Context
61 )
62 {
63 UINT16 SpeOverflowInterrupt;
64
65 SpeOverflowInterrupt = *(UINT16*)Ptr;
66
67 // SPE not supported by this processor
68 if (SpeOverflowInterrupt == 0) {
69 return;
70 }
71
72 if ((SpeOverflowInterrupt < ARM_PPI_ID_MIN) ||
73 ((SpeOverflowInterrupt > ARM_PPI_ID_MAX) &&
74 (SpeOverflowInterrupt < ARM_PPI_ID_EXTENDED_MIN)) ||
75 (SpeOverflowInterrupt > ARM_PPI_ID_EXTENDED_MAX)) {
76 IncrementErrorCount ();
77 Print (
78 L"\nERROR: SPE Overflow Interrupt ID of %d is not in the allowed PPI ID "
79 L"ranges of %d-%d or %d-%d (for GICv3.1 or later).",
80 SpeOverflowInterrupt,
81 ARM_PPI_ID_MIN,
82 ARM_PPI_ID_MAX,
83 ARM_PPI_ID_EXTENDED_MIN,
84 ARM_PPI_ID_EXTENDED_MAX
85 );
86 } else if (SpeOverflowInterrupt != ARM_PPI_ID_PMBIRQ) {
87 IncrementWarningCount();
88 Print (
89 L"\nWARNING: SPE Overflow Interrupt ID of %d is not compliant with SBSA "
90 L"Level 3 PPI ID assignment: %d.",
91 SpeOverflowInterrupt,
92 ARM_PPI_ID_PMBIRQ
93 );
94 }
95 }
96
97 /**
98 An ACPI_PARSER array describing the GICC Interrupt Controller Structure.
99 **/
100 STATIC CONST ACPI_PARSER GicCParser[] = {
101 {L"Type", 1, 0, L"0x%x", NULL, NULL, NULL, NULL},
102 {L"Length", 1, 1, L"%d", NULL, NULL, NULL, NULL},
103 {L"Reserved", 2, 2, L"0x%x", NULL, NULL, NULL, NULL},
104
105 {L"CPU Interface Number", 4, 4, L"0x%x", NULL, NULL, NULL, NULL},
106 {L"ACPI Processor UID", 4, 8, L"0x%x", NULL, NULL, NULL, NULL},
107 {L"Flags", 4, 12, L"0x%x", NULL, NULL, NULL, NULL},
108 {L"Parking Protocol Version", 4, 16, L"0x%x", NULL, NULL, NULL, NULL},
109
110 {L"Performance Interrupt GSIV", 4, 20, L"0x%x", NULL, NULL, NULL, NULL},
111 {L"Parked Address", 8, 24, L"0x%lx", NULL, NULL, NULL, NULL},
112 {L"Physical Base Address", 8, 32, L"0x%lx", NULL, NULL, NULL, NULL},
113 {L"GICV", 8, 40, L"0x%lx", NULL, NULL, NULL, NULL},
114 {L"GICH", 8, 48, L"0x%lx", NULL, NULL, NULL, NULL},
115 {L"VGIC Maintenance interrupt", 4, 56, L"0x%x", NULL, NULL, NULL, NULL},
116 {L"GICR Base Address", 8, 60, L"0x%lx", NULL, NULL, NULL, NULL},
117 {L"MPIDR", 8, 68, L"0x%lx", NULL, NULL, NULL, NULL},
118 {L"Processor Power Efficiency Class", 1, 76, L"0x%x", NULL, NULL, NULL,
119 NULL},
120 {L"Reserved", 1, 77, L"0x%x", NULL, NULL, NULL, NULL},
121 {L"SPE overflow Interrupt", 2, 78, L"0x%x", NULL, NULL,
122 ValidateSpeOverflowInterrupt, NULL}
123 };
124
125 /**
126 An ACPI_PARSER array describing the GICD Interrupt Controller Structure.
127 **/
128 STATIC CONST ACPI_PARSER GicDParser[] = {
129 {L"Type", 1, 0, L"0x%x", NULL, NULL, NULL, NULL},
130 {L"Length", 1, 1, L"%d", NULL, NULL, NULL, NULL},
131 {L"Reserved", 2, 2, L"0x%x", NULL, NULL, NULL, NULL},
132
133 {L"GIC ID", 4, 4, L"0x%x", NULL, NULL, NULL, NULL},
134 {L"Physical Base Address", 8, 8, L"0x%lx", NULL, NULL, NULL, NULL},
135 {L"System Vector Base", 4, 16, L"0x%x", NULL, NULL,
136 ValidateGICDSystemVectorBase, NULL},
137 {L"GIC Version", 1, 20, L"%d", NULL, NULL, NULL, NULL},
138 {L"Reserved", 3, 21, L"%x %x %x", Dump3Chars, NULL, NULL, NULL}
139 };
140
141 /**
142 An ACPI_PARSER array describing the MSI Frame Interrupt Controller Structure.
143 **/
144 STATIC CONST ACPI_PARSER GicMSIFrameParser[] = {
145 {L"Type", 1, 0, L"0x%x", NULL, NULL, NULL, NULL},
146 {L"Length", 1, 1, L"%d", NULL, NULL, NULL, NULL},
147 {L"Reserved", 2, 2, L"0x%x", NULL, NULL, NULL, NULL},
148
149 {L"MSI Frame ID", 4, 4, L"0x%x", NULL, NULL, NULL, NULL},
150 {L"Physical Base Address", 8, 8, L"0x%lx", NULL, NULL, NULL, NULL},
151 {L"Flags", 4, 16, L"0x%x", NULL, NULL, NULL, NULL},
152
153 {L"SPI Count", 2, 20, L"%d", NULL, NULL, NULL, NULL},
154 {L"SPI Base", 2, 22, L"0x%x", NULL, NULL, NULL, NULL}
155 };
156
157 /**
158 An ACPI_PARSER array describing the GICR Interrupt Controller Structure.
159 **/
160 STATIC CONST ACPI_PARSER GicRParser[] = {
161 {L"Type", 1, 0, L"0x%x", NULL, NULL, NULL, NULL},
162 {L"Length", 1, 1, L"%d", NULL, NULL, NULL, NULL},
163 {L"Reserved", 2, 2, L"0x%x", NULL, NULL, NULL, NULL},
164
165 {L"Discovery Range Base Address", 8, 4, L"0x%lx", NULL, NULL, NULL,
166 NULL},
167 {L"Discovery Range Length", 4, 12, L"0x%x", NULL, NULL, NULL, NULL}
168 };
169
170 /**
171 An ACPI_PARSER array describing the GIC ITS Interrupt Controller Structure.
172 **/
173 STATIC CONST ACPI_PARSER GicITSParser[] = {
174 {L"Type", 1, 0, L"0x%x", NULL, NULL, NULL, NULL},
175 {L"Length", 1, 1, L"%d", NULL, NULL, NULL, NULL},
176 {L"Reserved", 2, 2, L"0x%x", NULL, NULL, NULL, NULL},
177
178 {L"GIC ITS ID", 4, 4, L"0x%x", NULL, NULL, NULL, NULL},
179 {L"Physical Base Address", 8, 8, L"0x%lx", NULL, NULL, NULL, NULL},
180 {L"Reserved", 4, 16, L"0x%x", NULL, NULL, NULL, NULL}
181 };
182
183 /**
184 An ACPI_PARSER array describing the ACPI MADT Table.
185 **/
186 STATIC CONST ACPI_PARSER MadtParser[] = {
187 PARSE_ACPI_HEADER (&AcpiHdrInfo),
188 {L"Local Interrupt Controller Address", 4, 36, L"0x%x", NULL, NULL, NULL,
189 NULL},
190 {L"Flags", 4, 40, L"0x%x", NULL, NULL, NULL, NULL}
191 };
192
193 /**
194 An ACPI_PARSER array describing the MADT Interrupt Controller Structure Header Structure.
195 **/
196 STATIC CONST ACPI_PARSER MadtInterruptControllerHeaderParser[] = {
197 {NULL, 1, 0, NULL, NULL, (VOID**)&MadtInterruptControllerType, NULL, NULL},
198 {L"Length", 1, 1, NULL, NULL, (VOID**)&MadtInterruptControllerLength, NULL,
199 NULL},
200 {L"Reserved", 2, 2, NULL, NULL, NULL, NULL, NULL}
201 };
202
203 /**
204 This function parses the ACPI MADT table.
205 When trace is enabled this function parses the MADT table and
206 traces the ACPI table fields.
207
208 This function currently parses the following Interrupt Controller
209 Structures:
210 - GICC
211 - GICD
212 - GIC MSI Frame
213 - GICR
214 - GIC ITS
215
216 This function also performs validation of the ACPI table fields.
217
218 @param [in] Trace If TRUE, trace the ACPI fields.
219 @param [in] Ptr Pointer to the start of the buffer.
220 @param [in] AcpiTableLength Length of the ACPI table.
221 @param [in] AcpiTableRevision Revision of the ACPI table.
222 **/
223 VOID
224 EFIAPI
225 ParseAcpiMadt (
226 IN BOOLEAN Trace,
227 IN UINT8* Ptr,
228 IN UINT32 AcpiTableLength,
229 IN UINT8 AcpiTableRevision
230 )
231 {
232 UINT32 Offset;
233 UINT8* InterruptContollerPtr;
234 UINT32 GICDCount;
235
236 GICDCount = 0;
237
238 if (!Trace) {
239 return;
240 }
241
242 Offset = ParseAcpi (
243 TRUE,
244 0,
245 "MADT",
246 Ptr,
247 AcpiTableLength,
248 PARSER_PARAMS (MadtParser)
249 );
250 InterruptContollerPtr = Ptr + Offset;
251
252 while (Offset < AcpiTableLength) {
253 // Parse Interrupt Controller Structure to obtain Length.
254 ParseAcpi (
255 FALSE,
256 0,
257 NULL,
258 InterruptContollerPtr,
259 AcpiTableLength - Offset,
260 PARSER_PARAMS (MadtInterruptControllerHeaderParser)
261 );
262
263 // Make sure forward progress is made.
264 if (*MadtInterruptControllerLength < 2) {
265 IncrementErrorCount ();
266 Print (
267 L"ERROR: Structure length is too small: " \
268 L"MadtInterruptControllerLength = %d. " \
269 L"MadtInterruptControllerType = %d. MADT parsing aborted.\n",
270 *MadtInterruptControllerLength,
271 *MadtInterruptControllerType
272 );
273 return;
274 }
275
276 // Make sure the MADT structure lies inside the table
277 if ((Offset + *MadtInterruptControllerLength) > AcpiTableLength) {
278 IncrementErrorCount ();
279 Print (
280 L"ERROR: Invalid MADT structure length. " \
281 L"MadtInterruptControllerLength = %d. " \
282 L"RemainingTableBufferLength = %d. MADT parsing aborted.\n",
283 *MadtInterruptControllerLength,
284 AcpiTableLength - Offset
285 );
286 return;
287 }
288
289 switch (*MadtInterruptControllerType) {
290 case EFI_ACPI_6_3_GIC: {
291 ParseAcpi (
292 TRUE,
293 2,
294 "GICC",
295 InterruptContollerPtr,
296 *MadtInterruptControllerLength,
297 PARSER_PARAMS (GicCParser)
298 );
299 break;
300 }
301
302 case EFI_ACPI_6_3_GICD: {
303 if (++GICDCount > 1) {
304 IncrementErrorCount ();
305 Print (
306 L"ERROR: Only one GICD must be present,"
307 L" GICDCount = %d\n",
308 GICDCount
309 );
310 }
311 ParseAcpi (
312 TRUE,
313 2,
314 "GICD",
315 InterruptContollerPtr,
316 *MadtInterruptControllerLength,
317 PARSER_PARAMS (GicDParser)
318 );
319 break;
320 }
321
322 case EFI_ACPI_6_3_GIC_MSI_FRAME: {
323 ParseAcpi (
324 TRUE,
325 2,
326 "GIC MSI Frame",
327 InterruptContollerPtr,
328 *MadtInterruptControllerLength,
329 PARSER_PARAMS (GicMSIFrameParser)
330 );
331 break;
332 }
333
334 case EFI_ACPI_6_3_GICR: {
335 ParseAcpi (
336 TRUE,
337 2,
338 "GICR",
339 InterruptContollerPtr,
340 *MadtInterruptControllerLength,
341 PARSER_PARAMS (GicRParser)
342 );
343 break;
344 }
345
346 case EFI_ACPI_6_3_GIC_ITS: {
347 ParseAcpi (
348 TRUE,
349 2,
350 "GIC ITS",
351 InterruptContollerPtr,
352 *MadtInterruptControllerLength,
353 PARSER_PARAMS (GicITSParser)
354 );
355 break;
356 }
357
358 default: {
359 IncrementErrorCount ();
360 Print (
361 L"ERROR: Unknown Interrupt Controller Structure,"
362 L" Type = %d, Length = %d\n",
363 *MadtInterruptControllerType,
364 *MadtInterruptControllerLength
365 );
366 }
367 } // switch
368
369 InterruptContollerPtr += *MadtInterruptControllerLength;
370 Offset += *MadtInterruptControllerLength;
371 } // while
372 }
EFI Development Kit II mirror for PVE