MdeModulePkg/NonDiscoverablePciDeviceDxe: add missing validation

UEFI SCT crashed and failed in NonDiscoverablePciDeviceDxe becase
required checks were not performed. Perform parameters validation in
NonDiscoverablePciDeviceDxe.

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Vladimir Olovyannikov <vladimir.olovyannikov@broadcom.com>
Reviewed-by: Ard Biesheuvel <ard.biesheuvel at linaro.org>

diff --git a/MdeModulePkg/Bus/Pci/NonDiscoverablePciDeviceDxe/NonDiscoverablePciDeviceIo.c b/MdeModulePkg/Bus/Pci/NonDiscoverablePciDeviceDxe/NonDiscoverablePciDeviceIo.c
index 58cb5d8b1fc5464ca3d71a30914c1c18358ef0f3..f0d3472ea57bb0f7f6cf98914d4ec4215a77df1c 100644 (file)
--- a/MdeModulePkg/Bus/Pci/NonDiscoverablePciDeviceDxe/NonDiscoverablePciDeviceIo.c
+++ b/MdeModulePkg/Bus/Pci/NonDiscoverablePciDeviceDxe/NonDiscoverablePciDeviceIo.c
@@ -52,6 +52,10 @@ GetBarResource (
 \r
   BarIndex -= (UINT8)Dev->BarOffset;\r
 \r
+  if (BarIndex >= Dev->BarCount) {\r
+    return EFI_UNSUPPORTED;\r
+  }\r
+\r
   for (Desc = Dev->Device->Resources;\r
        Desc->Desc != ACPI_END_TAG_DESCRIPTOR;\r
        Desc = (VOID *)((UINT8 *)Desc + Desc->Len + 3)) {\r
@@ -597,6 +601,19 @@ CoherentPciIoMap (
   EFI_STATUS                            Status;\r
   NON_DISCOVERABLE_PCI_DEVICE_MAP_INFO  *MapInfo;\r
 \r
+  if (Operation != EfiPciIoOperationBusMasterRead &&\r
+      Operation != EfiPciIoOperationBusMasterWrite &&\r
+      Operation != EfiPciIoOperationBusMasterCommonBuffer) {\r
+    return EFI_INVALID_PARAMETER;\r
+  }\r
+\r
+  if (HostAddress   == NULL ||\r
+      NumberOfBytes == NULL ||\r
+      DeviceAddress == NULL ||\r
+      Mapping       == NULL) {\r
+    return EFI_INVALID_PARAMETER;\r
+  }\r
+\r
   //\r
   // If HostAddress exceeds 4 GB, and this device does not support 64-bit DMA\r
   // addressing, we need to allocate a bounce buffer and copy over the data.\r
@@ -720,6 +737,11 @@ CoherentPciIoAllocateBuffer (
     return EFI_UNSUPPORTED;\r
   }\r
 \r
+  if ((MemoryType != EfiBootServicesData) &&\r
+      (MemoryType != EfiRuntimeServicesData)) {\r
+    return EFI_INVALID_PARAMETER;\r
+  }\r
+\r
   //\r
   // Allocate below 4 GB if the dual address cycle attribute has not\r
   // been set. If the system has no memory available below 4 GB, there\r
@@ -877,6 +899,10 @@ NonCoherentPciIoAllocateBuffer (
   NON_DISCOVERABLE_DEVICE_UNCACHED_ALLOCATION *Alloc;\r
   VOID                                        *AllocAddress;\r
 \r
+  if (HostAddress == NULL) {\r
+    return EFI_INVALID_PARAMETER;\r
+  }\r
+\r
   Dev = NON_DISCOVERABLE_PCI_DEVICE_FROM_PCI_IO(This);\r
 \r
   Status = CoherentPciIoAllocateBuffer (This, Type, MemoryType, Pages,\r
@@ -995,6 +1021,19 @@ NonCoherentPciIoMap (
   EFI_GCD_MEMORY_SPACE_DESCRIPTOR       GcdDescriptor;\r
   BOOLEAN                               Bounce;\r
 \r
+  if (HostAddress   == NULL ||\r
+      NumberOfBytes == NULL ||\r
+      DeviceAddress == NULL ||\r
+      Mapping       == NULL) {\r
+    return EFI_INVALID_PARAMETER;\r
+  }\r
+\r
+  if (Operation != EfiPciIoOperationBusMasterRead &&\r
+      Operation != EfiPciIoOperationBusMasterWrite &&\r
+      Operation != EfiPciIoOperationBusMasterCommonBuffer) {\r
+    return EFI_INVALID_PARAMETER;\r
+  }\r
+\r
   MapInfo = AllocatePool (sizeof *MapInfo);\r
   if (MapInfo == NULL) {\r
     return EFI_OUT_OF_RESOURCES;\r
@@ -1232,8 +1271,17 @@ PciIoAttributes (
   NON_DISCOVERABLE_PCI_DEVICE   *Dev;\r
   BOOLEAN                       Enable;\r
 \r
+  #define DEV_SUPPORTED_ATTRIBUTES \\r
+    (EFI_PCI_DEVICE_ENABLE | EFI_PCI_IO_ATTRIBUTE_DUAL_ADDRESS_CYCLE)\r
+\r
   Dev = NON_DISCOVERABLE_PCI_DEVICE_FROM_PCI_IO(This);\r
 \r
+  if (Attributes) {\r
+      if ((Attributes & (~(DEV_SUPPORTED_ATTRIBUTES))) != 0) {\r
+        return EFI_UNSUPPORTED;\r
+      }\r
+    }\r
+\r
   Enable = FALSE;\r
   switch (Operation) {\r
   case EfiPciIoAttributeOperationGet:\r
@@ -1247,7 +1295,7 @@ PciIoAttributes (
     if (Result == NULL) {\r
       return EFI_INVALID_PARAMETER;\r
     }\r
-    *Result = EFI_PCI_DEVICE_ENABLE | EFI_PCI_IO_ATTRIBUTE_DUAL_ADDRESS_CYCLE;\r
+    *Result = DEV_SUPPORTED_ATTRIBUTES;\r
     break;\r
 \r
   case EfiPciIoAttributeOperationEnable:\r