EFI: fix potential memory overwrite due to mmap table

Some bios may have more mmap table entry than our current limitation
which is 128. This will lead to a memory overwrite, so add a check to
prevent this and enlarge the limitation to 256. This should fix most
bioses.

Tracked-On: #2435
Signed-off-by: Tw <wei.tan@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>

efi-stub/boot.c

@@ -75,7 +75,7 @@ EFI_STATUS construct_mbi(EFI_PHYSICAL_ADDRESS hv_hpa, struct multiboot_info *mbi
 	UINTN desc_size;
 	EFI_MEMORY_DESCRIPTOR *map_buf;
 	EFI_STATUS err = EFI_SUCCESS;
-	int32_t i, j;
+	int32_t i, j, mmap_entry_count;
 
 	/* We're just interested in the map's size for now */
 	map_size = 0;
@@ -111,10 +111,11 @@ again:
 		goto out;
 	}
 
+	mmap_entry_count = map_size / desc_size;
 	/*
 	 * Convert the EFI memory map to E820.
 	 */
-	for (i = 0, j = 0; i < map_size / desc_size; i++) {
+	for (i = 0, j = 0; i < mmap_entry_count && j < MBOOT_MMAP_NUMS - 1; i++) {
 		EFI_MEMORY_DESCRIPTOR *d;
 		uint32_t e820_type = 0;
 
@@ -165,6 +166,18 @@ again:
 		}
 	}
 
+	/*
+	 * if we haven't gone through all the mmap table entries,
+	 * there must be a memory overwrite if we continue,
+	 * so just abort anyway.
+	 */
+	if (i < mmap_entry_count) {
+		Print(L": bios provides %d mmap entries which is beyond limitation[%d]\n",
+				mmap_entry_count, MBOOT_MMAP_NUMS-1);
+		err = EFI_INVALID_PARAMETER;
+		goto out;
+	}
+
 	/* switch hv memory region(0x20000000 ~ 0x22000000) to
 	 * available RAM in e820 table
 	 */

efi-stub/boot.h

@@ -73,7 +73,7 @@ typedef void(*hv_func)(int32_t, struct multiboot_info*);
  * We allocate memory for the following struct together with hyperivosr itself
  * memory allocation during boot.
  */
-#define MBOOT_MMAP_NUMS        128
+#define MBOOT_MMAP_NUMS        256
 #define MBOOT_MMAP_SIZE (sizeof(struct multiboot_mmap) * MBOOT_MMAP_NUMS)
 #define MBOOT_INFO_SIZE (sizeof(struct multiboot_info))
 #define BOOT_CTX_SIZE  (sizeof(struct efi_context))