Bug Summary

File:home/coreboot/node-root/workspace/coreboot_scanbuild/3rdparty/stm/Stm/StmPkg/Core/Runtime/PeSmmVmcallHandler.c
Warning:line 189, column 2
Value stored to 'PhysAddressParameterEnd' is never read

Annotated Source Code

Press '?' to see keyboard shortcuts

clang -cc1 -cc1 -triple x86_64-unknown-linux-gnu -analyze -disable-free -clear-ast-before-backend -disable-llvm-verifier -discard-value-names -main-file-name PeSmmVmcallHandler.c -analyzer-checker=core -analyzer-checker=apiModeling -analyzer-checker=unix -analyzer-checker=deadcode -analyzer-checker=security.insecureAPI.UncheckedReturn -analyzer-checker=security.insecureAPI.getpw -analyzer-checker=security.insecureAPI.gets -analyzer-checker=security.insecureAPI.mktemp -analyzer-checker=security.insecureAPI.mkstemp -analyzer-checker=security.insecureAPI.vfork -analyzer-checker=nullability.NullPassedToNonnull -analyzer-checker=nullability.NullReturnedFromNonnull -analyzer-output plist -w -setup-static-analyzer -mrelocation-model pic -pic-level 2 -fhalf-no-semantic-interposition -fno-jump-tables -mframe-pointer=none -fmath-errno -ffp-contract=on -fno-rounding-math -mconstructor-aliases -ffreestanding -target-cpu x86-64 -tune-cpu generic -debugger-tuning=gdb -fcoverage-compilation-dir=/home/coreboot/node-root/workspace/coreboot_scanbuild/3rdparty/stm/Stm/build/StmPkg/Core/Runtime -resource-dir /opt/xgcc/lib/clang/17 -include PcdData.h -D COREBOOT32 -D RELEASE -I /home/coreboot/node-root/workspace/coreboot_scanbuild/3rdparty/stm/Stm/StmPkg/Core -I /home/coreboot/node-root/workspace/coreboot_scanbuild/3rdparty/stm/Stm/StmPkg/EDKII/BaseTools/Source/C/Include/X64 -I /home/coreboot/node-root/workspace/coreboot_scanbuild/3rdparty/stm/Stm/StmPkg/EdkII/MdePkg/Include -I /home/coreboot/node-root/workspace/coreboot_scanbuild/3rdparty/stm/Stm/StmPkg/EdkII/MdePkg/Include/X64 -I /home/coreboot/node-root/workspace/coreboot_scanbuild/3rdparty/stm/Stm/StmPkg/Include -I /home/coreboot/node-root/workspace/coreboot_scanbuild/3rdparty/stm/Stm/StmPkg/Include/x64 -I /home/coreboot/node-root/workspace/coreboot_scanbuild/3rdparty/stm/Stm/StmPkg/Core/Runtime -I /home/coreboot/node-root/workspace/coreboot_scanbuild/3rdparty/stm/Stm/StmPkg/Core/Runtime/../Init -I /home/coreboot/node-root/workspace/coreboot_scanbuild/3rdparty/stm/Stm/StmPkg/Core/Runtime/. -internal-isystem /opt/xgcc/lib/clang/17/include -internal-isystem /usr/local/include -internal-isystem /usr/lib/gcc/x86_64-linux-gnu/13/../../../../x86_64-linux-gnu/include -internal-externc-isystem /usr/include/x86_64-linux-gnu -internal-externc-isystem /include -internal-externc-isystem /usr/include -source-date-epoch 1714465709 -Os -fdebug-compilation-dir=/home/coreboot/node-root/workspace/coreboot_scanbuild/3rdparty/stm/Stm/build/StmPkg/Core/Runtime -ferror-limit 19 -fgnuc-version=4.2.1 -vectorize-loops -vectorize-slp -analyzer-max-loop 10 -analyzer-output=plist-html -faddrsig -o /cb-build/coreboot_scanbuild.0/PURISM_LIBREM15_V4_STM-scanbuildtmp/2024-05-02-081243-2232343-1/report-_Xc_eG.plist -x c /home/coreboot/node-root/workspace/coreboot_scanbuild/3rdparty/stm/Stm/StmPkg/Core/Runtime/PeSmmVmcallHandler.c
1/** @file
2
3PE/SMM VMCALL Handler
4
5This program and the accompanying materials
6are licensed and made available under the terms and conditions of the BSD License
7which accompanies this distribution. The full text of the license may be found at
8http://opensource.org/licenses/bsd-license.php.
9
10THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
11WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
12
13**/
14
15#include "StmRuntime.h"
16#include "PeStm.h"
17#include "PeStmEpt.h"
18#include "VmcsOffsets.h"
19
20/**
21
22This function translate guest physical address to host address.
23found in SmmEptHandler.c
24
25@param EptPointer EPT pointer
26@param Addr Guest physical address
27@param EntryPtr EPT entry pointer
28NULL on output means Entry not found.
29
30@return Host physical address
31**/
32UINTN
33 TranslateEPTGuestToHost (
34 IN UINT64 EptPointer,
35 IN UINTN Addr,
36 OUT EPT_ENTRY **EntryPtr OPTIONAL
37 );
38
39
40extern VMCSFIELDOFFSET VmcsFieldOffsetTable[];
41extern void MapVmcs ();
42extern PE_VM_DATA PeVmData[4];
43
44/**
45
46This function is the STM_API_MAP_ADDRESS_RANGEVMCALL handler for SMM VM/PE.
47
48@param Index CPU index
49@param AddressParameter Addresss parameter
50
51@return VMCALL status
52
53**/
54STM_STATUS
55 PeSmmVmcallMapAddressRangeHandler (
56 IN UINT32 Index,
57 IN UINT64 AddressParameter
58 )
59{
60 STM_MAP_ADDRESS_RANGE_DESCRIPTOR *MapAddressRangeDescriptor;
61 STM_MAP_ADDRESS_RANGE_DESCRIPTOR LocalBuffer;
62 UINT32 VmType = mHostContextCommon.HostContextPerCpu[Index].GuestVmType;
63 UINTN PhysAddressParameter;
64 UINTN PhysAddressParameterEnd;
65 UINT64 GuestSmmEnd = PeVmData[VmType].UserModule.AddressSpaceStart + PeVmData[VmType].UserModule.AddressSpaceSize - 1;
66
67 // Make sure the parameter address is with the part of the guest that is within SMRAM
68
69 if((AddressParameter < PeVmData[VmType].UserModule.AddressSpaceStart)||
70 (AddressParameter > GuestSmmEnd) ||
71 ((AddressParameter + sizeof(STM_MAP_ADDRESS_RANGE_DESCRIPTOR)) > GuestSmmEnd))
72 {
73 DEBUG ((EFI_D_ERROR,do { if (DebugPrintEnabled ()) { DebugPrint (0x80000000, "%ld PeSmmVmcallMapAddressRangeHandler - Security Violation! - parameter block not in guest physical within SMRAM\n"
, Index); } } while (((BOOLEAN)(0==1)))
74 "%ld PeSmmVmcallMapAddressRangeHandler - Security Violation! - parameter block not in guest physical within SMRAM\n",do { if (DebugPrintEnabled ()) { DebugPrint (0x80000000, "%ld PeSmmVmcallMapAddressRangeHandler - Security Violation! - parameter block not in guest physical within SMRAM\n"
, Index); } } while (((BOOLEAN)(0==1)))
75 Index))do { if (DebugPrintEnabled ()) { DebugPrint (0x80000000, "%ld PeSmmVmcallMapAddressRangeHandler - Security Violation! - parameter block not in guest physical within SMRAM\n"
, Index); } } while (((BOOLEAN)(0==1)));
76 DEBUG ((EFI_D_ERROR,do { if (DebugPrintEnabled ()) { DebugPrint (0x80000000, "%ld PeSmmVmcallMapAddressRangeHandler - AddressParameter = 0x%016llx"
, Index, AddressParameter); } } while (((BOOLEAN)(0==1)))
77 "%ld PeSmmVmcallMapAddressRangeHandler - AddressParameter = 0x%016llx",do { if (DebugPrintEnabled ()) { DebugPrint (0x80000000, "%ld PeSmmVmcallMapAddressRangeHandler - AddressParameter = 0x%016llx"
, Index, AddressParameter); } } while (((BOOLEAN)(0==1)))
78 Index,do { if (DebugPrintEnabled ()) { DebugPrint (0x80000000, "%ld PeSmmVmcallMapAddressRangeHandler - AddressParameter = 0x%016llx"
, Index, AddressParameter); } } while (((BOOLEAN)(0==1)))
79 AddressParameter))do { if (DebugPrintEnabled ()) { DebugPrint (0x80000000, "%ld PeSmmVmcallMapAddressRangeHandler - AddressParameter = 0x%016llx"
, Index, AddressParameter); } } while (((BOOLEAN)(0==1)));
80 return ERROR_STM_SECURITY_VIOLATION0x80010001;
81 }
82
83 PhysAddressParameter = TranslateEPTGuestToHost(mGuestContextCommonSmm[VmType].EptPointer.Uint64, (UINTN)AddressParameter, 0L);
84 PhysAddressParameterEnd = TranslateEPTGuestToHost(mGuestContextCommonSmm[VmType].EptPointer.Uint64, (UINTN)AddressParameter + sizeof(STM_MAP_ADDRESS_RANGE_DESCRIPTOR), 0L);
85#if 0
86 DEBUG((EFI_D_INFO,do { if (DebugPrintEnabled ()) { DebugPrint (0x00000040, "%ld PeSmmVmcallMapAddressRangeHandler - STM_API_MAP_ADDRESS_RANGE started\n"
, Index); } } while (((BOOLEAN)(0==1)))
87 "%ld PeSmmVmcallMapAddressRangeHandler - STM_API_MAP_ADDRESS_RANGE started\n",do { if (DebugPrintEnabled ()) { DebugPrint (0x00000040, "%ld PeSmmVmcallMapAddressRangeHandler - STM_API_MAP_ADDRESS_RANGE started\n"
, Index); } } while (((BOOLEAN)(0==1)))
88 Index))do { if (DebugPrintEnabled ()) { DebugPrint (0x00000040, "%ld PeSmmVmcallMapAddressRangeHandler - STM_API_MAP_ADDRESS_RANGE started\n"
, Index); } } while (((BOOLEAN)(0==1)));
89#endif
90 if(((PhysAddressParameter == 0)||(PhysAddressParameterEnd == 0))||
91 ((PhysAddressParameter & ~0xFFF) != (PhysAddressParameterEnd & ~0XFFF)))
92 {
93 // TODO - need to address the potential of having a parameter block split across two pages
94 // currently the VM/PE is created as a single block...
95
96 DEBUG ((EFI_D_ERROR,do { if (DebugPrintEnabled ()) { DebugPrint (0x80000000, "%ld PeSmmVmcallMapAddressRangeHandler - Security Violation! - parameter block not in guest physical address space or split across two pages\n"
, Index); } } while (((BOOLEAN)(0==1)))
97 "%ld PeSmmVmcallMapAddressRangeHandler - Security Violation! - parameter block not in guest physical address space or split across two pages\n",do { if (DebugPrintEnabled ()) { DebugPrint (0x80000000, "%ld PeSmmVmcallMapAddressRangeHandler - Security Violation! - parameter block not in guest physical address space or split across two pages\n"
, Index); } } while (((BOOLEAN)(0==1)))
98 Index))do { if (DebugPrintEnabled ()) { DebugPrint (0x80000000, "%ld PeSmmVmcallMapAddressRangeHandler - Security Violation! - parameter block not in guest physical address space or split across two pages\n"
, Index); } } while (((BOOLEAN)(0==1)));
99 DEBUG ((EFI_D_ERROR,do { if (DebugPrintEnabled ()) { DebugPrint (0x80000000, "%ld PeSmmVmcallMapAddressRangeHandler - PhysAddressParameter = 0x%016llx, PhysAddressParameterEnd = 0x%016llx\n"
, Index, PhysAddressParameter, PhysAddressParameterEnd); } } while
(((BOOLEAN)(0==1)))
100 "%ld PeSmmVmcallMapAddressRangeHandler - PhysAddressParameter = 0x%016llx, PhysAddressParameterEnd = 0x%016llx\n",do { if (DebugPrintEnabled ()) { DebugPrint (0x80000000, "%ld PeSmmVmcallMapAddressRangeHandler - PhysAddressParameter = 0x%016llx, PhysAddressParameterEnd = 0x%016llx\n"
, Index, PhysAddressParameter, PhysAddressParameterEnd); } } while
(((BOOLEAN)(0==1)))
101 Index,do { if (DebugPrintEnabled ()) { DebugPrint (0x80000000, "%ld PeSmmVmcallMapAddressRangeHandler - PhysAddressParameter = 0x%016llx, PhysAddressParameterEnd = 0x%016llx\n"
, Index, PhysAddressParameter, PhysAddressParameterEnd); } } while
(((BOOLEAN)(0==1)))
102 PhysAddressParameter, PhysAddressParameterEnd))do { if (DebugPrintEnabled ()) { DebugPrint (0x80000000, "%ld PeSmmVmcallMapAddressRangeHandler - PhysAddressParameter = 0x%016llx, PhysAddressParameterEnd = 0x%016llx\n"
, Index, PhysAddressParameter, PhysAddressParameterEnd); } } while
(((BOOLEAN)(0==1)));
103 return ERROR_STM_SECURITY_VIOLATION0x80010001;
104 }
105
106 //
107 // Copy data to local, to prevent time of check VS time of use attack
108 //
109
110 CopyMem (&LocalBuffer, (VOIDvoid *)(UINTN)PhysAddressParameter, sizeof(LocalBuffer));
111 MapAddressRangeDescriptor = (STM_MAP_ADDRESS_RANGE_DESCRIPTOR *)&LocalBuffer;
112
113 DEBUG((EFI_D_INFO,do { if (DebugPrintEnabled ()) { DebugPrint (0x00000040, "%ld PeSmmVmcallMapAddressRangeHandler - MapAddressRange base: 0x%016llx Pages:0x%016llx\n"
, Index, MapAddressRangeDescriptor->PhysicalAddress, MapAddressRangeDescriptor
->PageCount); } } while (((BOOLEAN)(0==1)))
114 "%ld PeSmmVmcallMapAddressRangeHandler - MapAddressRange base: 0x%016llx Pages:0x%016llx\n",do { if (DebugPrintEnabled ()) { DebugPrint (0x00000040, "%ld PeSmmVmcallMapAddressRangeHandler - MapAddressRange base: 0x%016llx Pages:0x%016llx\n"
, Index, MapAddressRangeDescriptor->PhysicalAddress, MapAddressRangeDescriptor
->PageCount); } } while (((BOOLEAN)(0==1)))
115 Index,do { if (DebugPrintEnabled ()) { DebugPrint (0x00000040, "%ld PeSmmVmcallMapAddressRangeHandler - MapAddressRange base: 0x%016llx Pages:0x%016llx\n"
, Index, MapAddressRangeDescriptor->PhysicalAddress, MapAddressRangeDescriptor
->PageCount); } } while (((BOOLEAN)(0==1)))
116 MapAddressRangeDescriptor->PhysicalAddress,do { if (DebugPrintEnabled ()) { DebugPrint (0x00000040, "%ld PeSmmVmcallMapAddressRangeHandler - MapAddressRange base: 0x%016llx Pages:0x%016llx\n"
, Index, MapAddressRangeDescriptor->PhysicalAddress, MapAddressRangeDescriptor
->PageCount); } } while (((BOOLEAN)(0==1)))
117 MapAddressRangeDescriptor->PageCount))do { if (DebugPrintEnabled ()) { DebugPrint (0x00000040, "%ld PeSmmVmcallMapAddressRangeHandler - MapAddressRange base: 0x%016llx Pages:0x%016llx\n"
, Index, MapAddressRangeDescriptor->PhysicalAddress, MapAddressRangeDescriptor
->PageCount); } } while (((BOOLEAN)(0==1)));
118
119 if (!IsGuestAddressValid ((UINTN)MapAddressRangeDescriptor->PhysicalAddress,
120 STM_PAGES_TO_SIZE(MapAddressRangeDescriptor->PageCount)( (MapAddressRangeDescriptor->PageCount) << 12),
121 TRUE((BOOLEAN)(1==1))))
122 {
123 DEBUG ((EFI_D_ERROR,do { if (DebugPrintEnabled ()) { DebugPrint (0x80000000, "%ld PeSmmVmcallMapAddressRangeHandler [ Security Violation!\n"
, Index); } } while (((BOOLEAN)(0==1)))
124 "%ld PeSmmVmcallMapAddressRangeHandler [ Security Violation!\n",do { if (DebugPrintEnabled ()) { DebugPrint (0x80000000, "%ld PeSmmVmcallMapAddressRangeHandler [ Security Violation!\n"
, Index); } } while (((BOOLEAN)(0==1)))
125 Index))do { if (DebugPrintEnabled ()) { DebugPrint (0x80000000, "%ld PeSmmVmcallMapAddressRangeHandler [ Security Violation!\n"
, Index); } } while (((BOOLEAN)(0==1)));
126 return ERROR_STM_SECURITY_VIOLATION0x80010001;
127 }
128
129 if (MapAddressRangeDescriptor->PageCount == 0)
130 {
131 DEBUG((EFI_D_ERROR,do { if (DebugPrintEnabled ()) { DebugPrint (0x80000000, "%ld PeSmmVmcallMapAddressRangeHandler - Error - zero address range requested\n"
, Index); } } while (((BOOLEAN)(0==1)))
132 "%ld PeSmmVmcallMapAddressRangeHandler - Error - zero address range requested\n",do { if (DebugPrintEnabled ()) { DebugPrint (0x80000000, "%ld PeSmmVmcallMapAddressRangeHandler - Error - zero address range requested\n"
, Index); } } while (((BOOLEAN)(0==1)))
133 Index))do { if (DebugPrintEnabled ()) { DebugPrint (0x80000000, "%ld PeSmmVmcallMapAddressRangeHandler - Error - zero address range requested\n"
, Index); } } while (((BOOLEAN)(0==1)));
134 return ERROR_STM_PAGE_NOT_FOUND0x80010003;
135 }
136
137 if (((MapAddressRangeDescriptor->PatCacheType > UC0x07) &&
138 (MapAddressRangeDescriptor->PatCacheType != FOLLOW_MTRR0xFFFFFFFF)) ||
139 (MapAddressRangeDescriptor->PatCacheType == 2) ||
140 (MapAddressRangeDescriptor->PatCacheType == 3) )
141 {
142 DEBUG((EFI_D_ERROR,do { if (DebugPrintEnabled ()) { DebugPrint (0x80000000, "%ld PeSmmVmcallMapAddressRangeHandler - Error - STM cache type not supported\n"
, Index); } } while (((BOOLEAN)(0==1)))
143 "%ld PeSmmVmcallMapAddressRangeHandler - Error - STM cache type not supported\n",do { if (DebugPrintEnabled ()) { DebugPrint (0x80000000, "%ld PeSmmVmcallMapAddressRangeHandler - Error - STM cache type not supported\n"
, Index); } } while (((BOOLEAN)(0==1)))
144 Index))do { if (DebugPrintEnabled ()) { DebugPrint (0x80000000, "%ld PeSmmVmcallMapAddressRangeHandler - Error - STM cache type not supported\n"
, Index); } } while (((BOOLEAN)(0==1)));
145 return ERROR_STM_CACHE_TYPE_NOT_SUPPORTED0x80010002;
146 }
147
148 // for VM/PE we map guest physcal to host physical - BUG, this should be consolodated...
149
150 EPTSetPageAttributeRange(
151 mGuestContextCommonSmm[VmType].EptPointer.Uint64,
152 (UINTN) MapAddressRangeDescriptor->PhysicalAddress,
153 (UINTN) STM_PAGES_TO_SIZE(MapAddressRangeDescriptor->PageCount)( (MapAddressRangeDescriptor->PageCount) << 12),
154 (UINTN) MapAddressRangeDescriptor->PhysicalAddress,
155 TRUE((BOOLEAN)(1==1)), /* Read */
156 FALSE((BOOLEAN)(0==1)), /* Write */
157 FALSE((BOOLEAN)(0==1)), /* Execute */
158 EptPageAttributeSet,
159 -1);
160
161 return STM_SUCCESS0x00000000;
162}
163
164/* STM/PE get VMCS Map */
165
166
167STM_STATUS
168 PeSmmVmcallGetVmcsMap (
169 IN UINT32 Index,
170 IN UINT64 AddressParameter
171 )
172{
173 UINT32 VmType = mHostContextCommon.HostContextPerCpu[Index].GuestVmType;
174 UINTN PhysAddressParameter;
175 UINTN PhysAddressParameterEnd;
176 UINT32 count;
177 void * VTable;
178
179 // figure out how big the VmcsFieldOffsetTable id
180
181 for( count = 0;
182 VmcsFieldOffsetTable[count].FieldEncoding != 0xFFFF;
183 count++){}
184 count++; // count the last element
185
186 PhysAddressParameter = TranslateEPTGuestToHost(mGuestContextCommonSmm[VmType].EptPointer.Uint64,
187 (UINTN)AddressParameter,
188 0L);
189 PhysAddressParameterEnd = TranslateEPTGuestToHost(mGuestContextCommonSmm[VmType].EptPointer.Uint64,
Value stored to 'PhysAddressParameterEnd' is never read
190 (UINTN)AddressParameter + (sizeof(VMCSFIELDOFFSET) * count),
191 0L);
192
193 // EBX:ECX - STM_MAP_ADDRESS_RANGE_DESCRIPTOR
194 DEBUG ((EFI_D_INFO,do { if (DebugPrintEnabled ()) { DebugPrint (0x00000040, "%ld PE-STM_API_GET_VMCS_MAP: AddressParameter: 0x%016llx PhysAddressParameter: 0x%016llx\n"
, Index, AddressParameter, PhysAddressParameter); } } while (
((BOOLEAN)(0==1)))
195 "%ld PE-STM_API_GET_VMCS_MAP: AddressParameter: 0x%016llx PhysAddressParameter: 0x%016llx\n",do { if (DebugPrintEnabled ()) { DebugPrint (0x00000040, "%ld PE-STM_API_GET_VMCS_MAP: AddressParameter: 0x%016llx PhysAddressParameter: 0x%016llx\n"
, Index, AddressParameter, PhysAddressParameter); } } while (
((BOOLEAN)(0==1)))
196 Index,do { if (DebugPrintEnabled ()) { DebugPrint (0x00000040, "%ld PE-STM_API_GET_VMCS_MAP: AddressParameter: 0x%016llx PhysAddressParameter: 0x%016llx\n"
, Index, AddressParameter, PhysAddressParameter); } } while (
((BOOLEAN)(0==1)))
197 AddressParameter,do { if (DebugPrintEnabled ()) { DebugPrint (0x00000040, "%ld PE-STM_API_GET_VMCS_MAP: AddressParameter: 0x%016llx PhysAddressParameter: 0x%016llx\n"
, Index, AddressParameter, PhysAddressParameter); } } while (
((BOOLEAN)(0==1)))
198 PhysAddressParameter))do { if (DebugPrintEnabled ()) { DebugPrint (0x00000040, "%ld PE-STM_API_GET_VMCS_MAP: AddressParameter: 0x%016llx PhysAddressParameter: 0x%016llx\n"
, Index, AddressParameter, PhysAddressParameter); } } while (
((BOOLEAN)(0==1)));
199
200 // bug bug - need to make sure address is in part of the app that is in SMRAM..
201
202#ifdef FIXME
203 if(((PhysAddressParameter == 0)||(PhysAddressParameterEnd == 0))||
204 ((PhysAddressParameter & ~0xFFF) != (PhysAddressParameterEnd & ~0XFFF)))
205 {
206 // TODO - need to address the potential of having a parameter block split across tow oages
207 DEBUG ((EFI_D_ERROR,do { if (DebugPrintEnabled ()) { DebugPrint (0x80000000, "%ld Security Violation! - parameter block not in guest physical address space or split across two pages\n"
, Index); } } while (((BOOLEAN)(0==1)))
208 "%ld Security Violation! - parameter block not in guest physical address space or split across two pages\n",do { if (DebugPrintEnabled ()) { DebugPrint (0x80000000, "%ld Security Violation! - parameter block not in guest physical address space or split across two pages\n"
, Index); } } while (((BOOLEAN)(0==1)))
209 Index))do { if (DebugPrintEnabled ()) { DebugPrint (0x80000000, "%ld Security Violation! - parameter block not in guest physical address space or split across two pages\n"
, Index); } } while (((BOOLEAN)(0==1)));
210 DEBUG ((EFI_D_ERROR,do { if (DebugPrintEnabled ()) { DebugPrint (0x80000000, "%ld PhysAddressParameter = 0x%016llx, PhysAddressParameterEnd = 0x%016llx\n"
, Index, PhysAddressParameter, PhysAddressParameterEnd); } } while
(((BOOLEAN)(0==1)))
211 "%ld PhysAddressParameter = 0x%016llx, PhysAddressParameterEnd = 0x%016llx\n",do { if (DebugPrintEnabled ()) { DebugPrint (0x80000000, "%ld PhysAddressParameter = 0x%016llx, PhysAddressParameterEnd = 0x%016llx\n"
, Index, PhysAddressParameter, PhysAddressParameterEnd); } } while
(((BOOLEAN)(0==1)))
212 Index,do { if (DebugPrintEnabled ()) { DebugPrint (0x80000000, "%ld PhysAddressParameter = 0x%016llx, PhysAddressParameterEnd = 0x%016llx\n"
, Index, PhysAddressParameter, PhysAddressParameterEnd); } } while
(((BOOLEAN)(0==1)))
213 PhysAddressParameter,do { if (DebugPrintEnabled ()) { DebugPrint (0x80000000, "%ld PhysAddressParameter = 0x%016llx, PhysAddressParameterEnd = 0x%016llx\n"
, Index, PhysAddressParameter, PhysAddressParameterEnd); } } while
(((BOOLEAN)(0==1)))
214 PhysAddressParameterEnd))do { if (DebugPrintEnabled ()) { DebugPrint (0x80000000, "%ld PhysAddressParameter = 0x%016llx, PhysAddressParameterEnd = 0x%016llx\n"
, Index, PhysAddressParameter, PhysAddressParameterEnd); } } while
(((BOOLEAN)(0==1)));
215 return ERROR_STM_SECURITY_VIOLATION0x80010001;
216 }
217#endif
218
219
220 MapVmcs ();
221
222 //
223 // Copy data to local, to prevent time of check VS time of use attack
224 //
225
226 DEBUG((EFI_D_INFO,do { if (DebugPrintEnabled ()) { DebugPrint (0x00000040, "%ld Size of VMCSFIELDOFFSET buffer is 0x%lx\n"
, Index, (sizeof(VMCSFIELDOFFSET) * count)); } } while (((BOOLEAN
)(0==1)))
227 "%ld Size of VMCSFIELDOFFSET buffer is 0x%lx\n",do { if (DebugPrintEnabled ()) { DebugPrint (0x00000040, "%ld Size of VMCSFIELDOFFSET buffer is 0x%lx\n"
, Index, (sizeof(VMCSFIELDOFFSET) * count)); } } while (((BOOLEAN
)(0==1)))
228 Index,do { if (DebugPrintEnabled ()) { DebugPrint (0x00000040, "%ld Size of VMCSFIELDOFFSET buffer is 0x%lx\n"
, Index, (sizeof(VMCSFIELDOFFSET) * count)); } } while (((BOOLEAN
)(0==1)))
229 (sizeof(VMCSFIELDOFFSET) * count)))do { if (DebugPrintEnabled ()) { DebugPrint (0x00000040, "%ld Size of VMCSFIELDOFFSET buffer is 0x%lx\n"
, Index, (sizeof(VMCSFIELDOFFSET) * count)); } } while (((BOOLEAN
)(0==1)));
230
231 VTable = (void *) VmcsFieldOffsetTable;
232 CopyMem((VOIDvoid *)(UINTN)PhysAddressParameter, VTable , (sizeof(VMCSFIELDOFFSET) * count));
233
234 return STM_SUCCESS0x00000000;
235}
236
237/* VM/PE allowed vmcalls */
238
239STM_VMCALL_HANDLER_STRUCT mPeSmmVmcallHandler[] = {
240 {STM_API_MAP_ADDRESS_RANGE0x00000001, PeSmmVmcallMapAddressRangeHandler},
241 {STM_API_GET_VMCS_MAP0x00000005, PeSmmVmcallGetVmcsMap},
242};
243
244/* not defined yet for STM/PE VM/PE */
245/*
246{STM_API_UNMAP_ADDRESS_RANGE, },
247{STM_API_ADDRESS_LOOKUP, },
248{STM_API_RETURN_FROM_PROTECTION_EXCEPTION, },
249*/
250/**
251
252This function returns SMM VMCALL handler by FuncIndex.
253
254@param FuncIndex VmCall function index
255
256@return VMCALL Handler
257
258**/
259STM_VMCALL_HANDLER
260 GetPeSmmVmcallHandlerByIndex (
261 IN UINT32 FuncIndex
262 )
263{
264 UINTN Index;
265 for (Index = 0; Index < sizeof(mPeSmmVmcallHandler)/sizeof(mPeSmmVmcallHandler[0]); Index++)
266 {
267 if (mPeSmmVmcallHandler[Index].FuncIndex == FuncIndex)
268 {
269 return mPeSmmVmcallHandler[Index].StmVmcallHandler;
270 }
271 }
272 return NULL((void *) 0);
273}
274
275/**
276
277This function is VMCALL handler for SMM.
278
279@param Index CPU index
280
281**/
282VOIDvoid
283 PeSmmVmcallHandler (
284 IN UINT32 Index
285 )
286{
287 X86_REGISTER *Reg;
288 STM_STATUS Status;
289 STM_VMCALL_HANDLER StmVmcallHandler;
290 UINT64 AddressParameter;
291 UINT32 VmType;
292
293 //DEBUG((EFI_D_INFO, "%ld PeSmmVmcallHandler - start\n", Index));
294 VmType = mHostContextCommon.HostContextPerCpu[Index].GuestVmType;
295
296 Reg = &mGuestContextCommonSmm[VmType].GuestContextPerCpu[0].Register;
297
298 StmVmcallHandler = GetPeSmmVmcallHandlerByIndex (ReadUnaligned32 ((UINT32 *)&Reg->Rax));
299 if (StmVmcallHandler == NULL((void *) 0)) {
300 DEBUG ((EFI_D_ERROR, "%ld PeSmmVmcallHandler - GetPeSmmVmcallHandlerByIndex (no handler) - 0x%llx!\n",do { if (DebugPrintEnabled ()) { DebugPrint (0x80000000, "%ld PeSmmVmcallHandler - GetPeSmmVmcallHandlerByIndex (no handler) - 0x%llx!\n"
, Index, ReadUnaligned32 ((UINT32 *)&Reg->Rax)); } } while
(((BOOLEAN)(0==1)))
301 Index,do { if (DebugPrintEnabled ()) { DebugPrint (0x80000000, "%ld PeSmmVmcallHandler - GetPeSmmVmcallHandlerByIndex (no handler) - 0x%llx!\n"
, Index, ReadUnaligned32 ((UINT32 *)&Reg->Rax)); } } while
(((BOOLEAN)(0==1)))
302 ReadUnaligned32 ((UINT32 *)&Reg->Rax)))do { if (DebugPrintEnabled ()) { DebugPrint (0x80000000, "%ld PeSmmVmcallHandler - GetPeSmmVmcallHandlerByIndex (no handler) - 0x%llx!\n"
, Index, ReadUnaligned32 ((UINT32 *)&Reg->Rax)); } } while
(((BOOLEAN)(0==1)));
303 Status = ERROR_INVALID_API0x80038001;
304 } else {
305 AddressParameter = ReadUnaligned32 ((UINT32 *)&Reg->Rbx) + LShiftU64 (ReadUnaligned32 ((UINT32 *)&Reg->Rcx), 32);
306 Status = StmVmcallHandler (Index, AddressParameter);
307 }
308
309 WriteUnaligned32 ((UINT32 *)&Reg->Rax, Status);
310 if (Status == STM_SUCCESS0x00000000) {
311 VmWriteN (VMCS_N_GUEST_RFLAGS_INDEX0x6820, VmReadN(VMCS_N_GUEST_RFLAGS_INDEX0x6820) & ~RFLAGS_CF1u);
312 } else {
313 VmWriteN (VMCS_N_GUEST_RFLAGS_INDEX0x6820, VmReadN(VMCS_N_GUEST_RFLAGS_INDEX0x6820) | RFLAGS_CF1u);
314 }
315 VmWriteN (VMCS_N_GUEST_RIP_INDEX0x681E,
316 VmReadN (VMCS_N_GUEST_RIP_INDEX0x681E) + VmRead32 (VMCS_32_RO_VMEXIT_INSTRUCTION_LENGTH_INDEX0x440C));
317
318 return ;
319}