Re: [edk2] [PATCH] UefiCpuPkg/Microcode.c: Add verification before calculate CheckSum32
Pushed @ 219e560c20034843ac9917146c60db99bd01b6f4. > -Original Message- > From: Gao, Liming > Sent: Wednesday, March 6, 2019 1:38 PM > To: Ni, Ray ; edk2-devel@lists.01.org > Cc: Dong, Eric ; Chen, Chen A > > Subject: RE: [edk2] [PATCH] UefiCpuPkg/Microcode.c: Add verification > before calculate CheckSum32 > > This is a bug. I agree to add it into Q1 stable tag. > > Thanks > Liming > > -Original Message- > > From: Ni, Ray > > Sent: Tuesday, March 5, 2019 9:35 PM > > To: edk2-devel@lists.01.org; Gao, Liming > > Cc: Dong, Eric ; Ni, Ray ; > > Chen, Chen A > > Subject: RE: [edk2] [PATCH] UefiCpuPkg/Microcode.c: Add verification > > before calculate CheckSum32 > > > > Liming, > > Do I need any approval from you side before pushing the commit? > > > > Thanks, > > Ray > > > > > -Original Message- > > > From: edk2-devel On Behalf Of Ni, > > > Ray > > > Sent: Wednesday, March 6, 2019 10:15 AM > > > To: Chen, Chen A ; edk2-devel@lists.01.org > > > Cc: Dong, Eric > > > Subject: Re: [edk2] [PATCH] UefiCpuPkg/Microcode.c: Add verification > > > before calculate CheckSum32 > > > > > > Reviewed-by: Ray Ni > > > > > > > -Original Message----- > > > > From: edk2-devel On Behalf Of > > > > Chen A Chen > > > > Sent: Tuesday, March 5, 2019 8:21 AM > > > > To: edk2-devel@lists.01.org > > > > Cc: Dong, Eric > > > > Subject: [edk2] [PATCH] UefiCpuPkg/Microcode.c: Add verification > > > > before calculate CheckSum32 > > > > > > > > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1020 > > > > > > > > Should make sure the TotalSize of Microcode is aligned with 4 > > > > bytes before calling CalculateSum32 function. > > > > > > > > Contributed-under: TianoCore Contribution Agreement 1.1 > > > > Signed-off-by: Chen A Chen > > > > Cc: Ray Ni > > > > Cc: Eric Dong > > > > --- > > > > UefiCpuPkg/Library/MpInitLib/Microcode.c | 31 > > > -- > > > > - > > > > 1 file changed, 20 insertions(+), 11 deletions(-) > > > > > > > > diff --git a/UefiCpuPkg/Library/MpInitLib/Microcode.c > > > > b/UefiCpuPkg/Library/MpInitLib/Microcode.c > > > > index 5f9ae22794..643a6f94f4 100644 > > > > --- a/UefiCpuPkg/Library/MpInitLib/Microcode.c > > > > +++ b/UefiCpuPkg/Library/MpInitLib/Microcode.c > > > > @@ -166,20 +166,29 @@ MicrocodeDetect ( > > > > // > > > > CorrectMicrocode = FALSE; > > > > > > > > -// > > > > -// Save an in-complete CheckSum32 from CheckSum Part1 for > common > > > > parts. > > > > -// > > > > if (MicrocodeEntryPoint->DataSize == 0) { > > > > - InCompleteCheckSum32 = CalculateSum32 ( > > > > - (UINT32 *) MicrocodeEntryPoint, > > > > - sizeof (CPU_MICROCODE_HEADER) + 2000 > > > > - ); > > > > + TotalSize = sizeof (CPU_MICROCODE_HEADER) + 2000; > > > > } else { > > > > - InCompleteCheckSum32 = CalculateSum32 ( > > > > - (UINT32 *) MicrocodeEntryPoint, > > > > - sizeof (CPU_MICROCODE_HEADER) + > > > MicrocodeEntryPoint- > > > > >DataSize > > > > - ); > > > > + TotalSize = sizeof (CPU_MICROCODE_HEADER) + > > > > + MicrocodeEntryPoint- > > > > >DataSize; > > > > } > > > > + > > > > +/// > > > > +/// Check overflow and whether TotalSize is aligned with 4 bytes. > > > > +/// > > > > +if ( ((UINTN)MicrocodeEntryPoint + TotalSize) > MicrocodeEnd || > > > > + (TotalSize & 0x3) != 0 > > > > + ) { > > > > + MicrocodeEntryPoint = (CPU_MICROCODE_HEADER *) (((UINTN) > > > > MicrocodeEntryPoint) + SIZE_1KB); > > > > + continue; > > > > +} > > > > + > > > > +// > > > > +// Save an in-complete CheckSum32 from CheckSum Part1 for > > > > + common > > > > parts. > > > > +// > > > > +InCompleteCheckSum32 = CalculateSum32 ( > > > > + (UINT32 *) MicrocodeEntryPoint, > > > > + TotalSize > > > > + ); > > > > InCompleteCheckSum32 -= MicrocodeEntryPoint- > > > > >ProcessorSignature.Uint32; > > > > InCompleteCheckSum32 -= MicrocodeEntryPoint->ProcessorFlags; > > > > InCompleteCheckSum32 -= MicrocodeEntryPoint->Checksum; > > > > -- > > > > 2.16.2.windows.1 > > > > > > > > ___ > > > > edk2-devel mailing list > > > > edk2-devel@lists.01.org > > > > https://lists.01.org/mailman/listinfo/edk2-devel > > > ___ > > > edk2-devel mailing list > > > edk2-devel@lists.01.org > > > https://lists.01.org/mailman/listinfo/edk2-devel ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
Re: [edk2] [PATCH] UefiCpuPkg/Microcode.c: Add verification before calculate CheckSum32
This is a bug. I agree to add it into Q1 stable tag. Thanks Liming > -Original Message- > From: Ni, Ray > Sent: Tuesday, March 5, 2019 9:35 PM > To: edk2-devel@lists.01.org; Gao, Liming > Cc: Dong, Eric ; Ni, Ray ; Chen, Chen > A > Subject: RE: [edk2] [PATCH] UefiCpuPkg/Microcode.c: Add verification before > calculate CheckSum32 > > Liming, > Do I need any approval from you side before pushing the commit? > > Thanks, > Ray > > > -Original Message- > > From: edk2-devel On Behalf Of Ni, Ray > > Sent: Wednesday, March 6, 2019 10:15 AM > > To: Chen, Chen A ; edk2-devel@lists.01.org > > Cc: Dong, Eric > > Subject: Re: [edk2] [PATCH] UefiCpuPkg/Microcode.c: Add verification > > before calculate CheckSum32 > > > > Reviewed-by: Ray Ni > > > > > -Original Message- > > > From: edk2-devel On Behalf Of Chen A > > > Chen > > > Sent: Tuesday, March 5, 2019 8:21 AM > > > To: edk2-devel@lists.01.org > > > Cc: Dong, Eric > > > Subject: [edk2] [PATCH] UefiCpuPkg/Microcode.c: Add verification > > > before calculate CheckSum32 > > > > > > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1020 > > > > > > Should make sure the TotalSize of Microcode is aligned with 4 bytes > > > before calling CalculateSum32 function. > > > > > > Contributed-under: TianoCore Contribution Agreement 1.1 > > > Signed-off-by: Chen A Chen > > > Cc: Ray Ni > > > Cc: Eric Dong > > > --- > > > UefiCpuPkg/Library/MpInitLib/Microcode.c | 31 > > -- > > > - > > > 1 file changed, 20 insertions(+), 11 deletions(-) > > > > > > diff --git a/UefiCpuPkg/Library/MpInitLib/Microcode.c > > > b/UefiCpuPkg/Library/MpInitLib/Microcode.c > > > index 5f9ae22794..643a6f94f4 100644 > > > --- a/UefiCpuPkg/Library/MpInitLib/Microcode.c > > > +++ b/UefiCpuPkg/Library/MpInitLib/Microcode.c > > > @@ -166,20 +166,29 @@ MicrocodeDetect ( > > > // > > > CorrectMicrocode = FALSE; > > > > > > -// > > > -// Save an in-complete CheckSum32 from CheckSum Part1 for common > > > parts. > > > -// > > > if (MicrocodeEntryPoint->DataSize == 0) { > > > - InCompleteCheckSum32 = CalculateSum32 ( > > > - (UINT32 *) MicrocodeEntryPoint, > > > - sizeof (CPU_MICROCODE_HEADER) + 2000 > > > - ); > > > + TotalSize = sizeof (CPU_MICROCODE_HEADER) + 2000; > > > } else { > > > - InCompleteCheckSum32 = CalculateSum32 ( > > > - (UINT32 *) MicrocodeEntryPoint, > > > - sizeof (CPU_MICROCODE_HEADER) + > > MicrocodeEntryPoint- > > > >DataSize > > > - ); > > > + TotalSize = sizeof (CPU_MICROCODE_HEADER) + > > > + MicrocodeEntryPoint- > > > >DataSize; > > > } > > > + > > > +/// > > > +/// Check overflow and whether TotalSize is aligned with 4 bytes. > > > +/// > > > +if ( ((UINTN)MicrocodeEntryPoint + TotalSize) > MicrocodeEnd || > > > + (TotalSize & 0x3) != 0 > > > + ) { > > > + MicrocodeEntryPoint = (CPU_MICROCODE_HEADER *) (((UINTN) > > > MicrocodeEntryPoint) + SIZE_1KB); > > > + continue; > > > +} > > > + > > > +// > > > +// Save an in-complete CheckSum32 from CheckSum Part1 for common > > > parts. > > > +// > > > +InCompleteCheckSum32 = CalculateSum32 ( > > > + (UINT32 *) MicrocodeEntryPoint, > > > + TotalSize > > > + ); > > > InCompleteCheckSum32 -= MicrocodeEntryPoint- > > > >ProcessorSignature.Uint32; > > > InCompleteCheckSum32 -= MicrocodeEntryPoint->ProcessorFlags; > > > InCompleteCheckSum32 -= MicrocodeEntryPoint->Checksum; > > > -- > > > 2.16.2.windows.1 > > > > > > ___ > > > edk2-devel mailing list > > > edk2-devel@lists.01.org > > > https://lists.01.org/mailman/listinfo/edk2-devel > > ___ > > edk2-devel mailing list > > edk2-devel@lists.01.org > > https://lists.01.org/mailman/listinfo/edk2-devel ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
Re: [edk2] [PATCH] UefiCpuPkg/Microcode.c: Add verification before calculate CheckSum32
Liming, Do I need any approval from you side before pushing the commit? Thanks, Ray > -Original Message- > From: edk2-devel On Behalf Of Ni, Ray > Sent: Wednesday, March 6, 2019 10:15 AM > To: Chen, Chen A ; edk2-devel@lists.01.org > Cc: Dong, Eric > Subject: Re: [edk2] [PATCH] UefiCpuPkg/Microcode.c: Add verification > before calculate CheckSum32 > > Reviewed-by: Ray Ni > > > -Original Message- > > From: edk2-devel On Behalf Of Chen A > > Chen > > Sent: Tuesday, March 5, 2019 8:21 AM > > To: edk2-devel@lists.01.org > > Cc: Dong, Eric > > Subject: [edk2] [PATCH] UefiCpuPkg/Microcode.c: Add verification > > before calculate CheckSum32 > > > > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1020 > > > > Should make sure the TotalSize of Microcode is aligned with 4 bytes > > before calling CalculateSum32 function. > > > > Contributed-under: TianoCore Contribution Agreement 1.1 > > Signed-off-by: Chen A Chen > > Cc: Ray Ni > > Cc: Eric Dong > > --- > > UefiCpuPkg/Library/MpInitLib/Microcode.c | 31 > -- > > - > > 1 file changed, 20 insertions(+), 11 deletions(-) > > > > diff --git a/UefiCpuPkg/Library/MpInitLib/Microcode.c > > b/UefiCpuPkg/Library/MpInitLib/Microcode.c > > index 5f9ae22794..643a6f94f4 100644 > > --- a/UefiCpuPkg/Library/MpInitLib/Microcode.c > > +++ b/UefiCpuPkg/Library/MpInitLib/Microcode.c > > @@ -166,20 +166,29 @@ MicrocodeDetect ( > > // > > CorrectMicrocode = FALSE; > > > > -// > > -// Save an in-complete CheckSum32 from CheckSum Part1 for common > > parts. > > -// > > if (MicrocodeEntryPoint->DataSize == 0) { > > - InCompleteCheckSum32 = CalculateSum32 ( > > - (UINT32 *) MicrocodeEntryPoint, > > - sizeof (CPU_MICROCODE_HEADER) + 2000 > > - ); > > + TotalSize = sizeof (CPU_MICROCODE_HEADER) + 2000; > > } else { > > - InCompleteCheckSum32 = CalculateSum32 ( > > - (UINT32 *) MicrocodeEntryPoint, > > - sizeof (CPU_MICROCODE_HEADER) + > MicrocodeEntryPoint- > > >DataSize > > - ); > > + TotalSize = sizeof (CPU_MICROCODE_HEADER) + > > + MicrocodeEntryPoint- > > >DataSize; > > } > > + > > +/// > > +/// Check overflow and whether TotalSize is aligned with 4 bytes. > > +/// > > +if ( ((UINTN)MicrocodeEntryPoint + TotalSize) > MicrocodeEnd || > > + (TotalSize & 0x3) != 0 > > + ) { > > + MicrocodeEntryPoint = (CPU_MICROCODE_HEADER *) (((UINTN) > > MicrocodeEntryPoint) + SIZE_1KB); > > + continue; > > +} > > + > > +// > > +// Save an in-complete CheckSum32 from CheckSum Part1 for common > > parts. > > +// > > +InCompleteCheckSum32 = CalculateSum32 ( > > + (UINT32 *) MicrocodeEntryPoint, > > + TotalSize > > + ); > > InCompleteCheckSum32 -= MicrocodeEntryPoint- > > >ProcessorSignature.Uint32; > > InCompleteCheckSum32 -= MicrocodeEntryPoint->ProcessorFlags; > > InCompleteCheckSum32 -= MicrocodeEntryPoint->Checksum; > > -- > > 2.16.2.windows.1 > > > > ___ > > edk2-devel mailing list > > edk2-devel@lists.01.org > > https://lists.01.org/mailman/listinfo/edk2-devel > ___ > edk2-devel mailing list > edk2-devel@lists.01.org > https://lists.01.org/mailman/listinfo/edk2-devel ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
Re: [edk2] [PATCH] UefiCpuPkg/Microcode.c: Add verification before calculate CheckSum32
Reviewed-by: Ray Ni > -Original Message- > From: edk2-devel On Behalf Of Chen A > Chen > Sent: Tuesday, March 5, 2019 8:21 AM > To: edk2-devel@lists.01.org > Cc: Dong, Eric > Subject: [edk2] [PATCH] UefiCpuPkg/Microcode.c: Add verification before > calculate CheckSum32 > > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1020 > > Should make sure the TotalSize of Microcode is aligned with 4 bytes > before calling CalculateSum32 function. > > Contributed-under: TianoCore Contribution Agreement 1.1 > Signed-off-by: Chen A Chen > Cc: Ray Ni > Cc: Eric Dong > --- > UefiCpuPkg/Library/MpInitLib/Microcode.c | 31 -- > - > 1 file changed, 20 insertions(+), 11 deletions(-) > > diff --git a/UefiCpuPkg/Library/MpInitLib/Microcode.c > b/UefiCpuPkg/Library/MpInitLib/Microcode.c > index 5f9ae22794..643a6f94f4 100644 > --- a/UefiCpuPkg/Library/MpInitLib/Microcode.c > +++ b/UefiCpuPkg/Library/MpInitLib/Microcode.c > @@ -166,20 +166,29 @@ MicrocodeDetect ( > // > CorrectMicrocode = FALSE; > > -// > -// Save an in-complete CheckSum32 from CheckSum Part1 for common > parts. > -// > if (MicrocodeEntryPoint->DataSize == 0) { > - InCompleteCheckSum32 = CalculateSum32 ( > - (UINT32 *) MicrocodeEntryPoint, > - sizeof (CPU_MICROCODE_HEADER) + 2000 > - ); > + TotalSize = sizeof (CPU_MICROCODE_HEADER) + 2000; > } else { > - InCompleteCheckSum32 = CalculateSum32 ( > - (UINT32 *) MicrocodeEntryPoint, > - sizeof (CPU_MICROCODE_HEADER) + > MicrocodeEntryPoint- > >DataSize > - ); > + TotalSize = sizeof (CPU_MICROCODE_HEADER) + MicrocodeEntryPoint- > >DataSize; > } > + > +/// > +/// Check overflow and whether TotalSize is aligned with 4 bytes. > +/// > +if ( ((UINTN)MicrocodeEntryPoint + TotalSize) > MicrocodeEnd || > + (TotalSize & 0x3) != 0 > + ) { > + MicrocodeEntryPoint = (CPU_MICROCODE_HEADER *) (((UINTN) > MicrocodeEntryPoint) + SIZE_1KB); > + continue; > +} > + > +// > +// Save an in-complete CheckSum32 from CheckSum Part1 for common > parts. > +// > +InCompleteCheckSum32 = CalculateSum32 ( > + (UINT32 *) MicrocodeEntryPoint, > + TotalSize > + ); > InCompleteCheckSum32 -= MicrocodeEntryPoint- > >ProcessorSignature.Uint32; > InCompleteCheckSum32 -= MicrocodeEntryPoint->ProcessorFlags; > InCompleteCheckSum32 -= MicrocodeEntryPoint->Checksum; > -- > 2.16.2.windows.1 > > ___ > edk2-devel mailing list > edk2-devel@lists.01.org > https://lists.01.org/mailman/listinfo/edk2-devel ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
[edk2] [PATCH] UefiCpuPkg/Microcode.c: Add verification before calculate CheckSum32
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1020 Should make sure the TotalSize of Microcode is aligned with 4 bytes before calling CalculateSum32 function. Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Chen A Chen Cc: Ray Ni Cc: Eric Dong --- UefiCpuPkg/Library/MpInitLib/Microcode.c | 31 --- 1 file changed, 20 insertions(+), 11 deletions(-) diff --git a/UefiCpuPkg/Library/MpInitLib/Microcode.c b/UefiCpuPkg/Library/MpInitLib/Microcode.c index 5f9ae22794..643a6f94f4 100644 --- a/UefiCpuPkg/Library/MpInitLib/Microcode.c +++ b/UefiCpuPkg/Library/MpInitLib/Microcode.c @@ -166,20 +166,29 @@ MicrocodeDetect ( // CorrectMicrocode = FALSE; -// -// Save an in-complete CheckSum32 from CheckSum Part1 for common parts. -// if (MicrocodeEntryPoint->DataSize == 0) { - InCompleteCheckSum32 = CalculateSum32 ( - (UINT32 *) MicrocodeEntryPoint, - sizeof (CPU_MICROCODE_HEADER) + 2000 - ); + TotalSize = sizeof (CPU_MICROCODE_HEADER) + 2000; } else { - InCompleteCheckSum32 = CalculateSum32 ( - (UINT32 *) MicrocodeEntryPoint, - sizeof (CPU_MICROCODE_HEADER) + MicrocodeEntryPoint->DataSize - ); + TotalSize = sizeof (CPU_MICROCODE_HEADER) + MicrocodeEntryPoint->DataSize; } + +/// +/// Check overflow and whether TotalSize is aligned with 4 bytes. +/// +if ( ((UINTN)MicrocodeEntryPoint + TotalSize) > MicrocodeEnd || + (TotalSize & 0x3) != 0 + ) { + MicrocodeEntryPoint = (CPU_MICROCODE_HEADER *) (((UINTN) MicrocodeEntryPoint) + SIZE_1KB); + continue; +} + +// +// Save an in-complete CheckSum32 from CheckSum Part1 for common parts. +// +InCompleteCheckSum32 = CalculateSum32 ( + (UINT32 *) MicrocodeEntryPoint, + TotalSize + ); InCompleteCheckSum32 -= MicrocodeEntryPoint->ProcessorSignature.Uint32; InCompleteCheckSum32 -= MicrocodeEntryPoint->ProcessorFlags; InCompleteCheckSum32 -= MicrocodeEntryPoint->Checksum; -- 2.16.2.windows.1 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel