Re: [edk2] [PATCH] UefiCpuPkg/Microcode.c: Add verification before calculate CheckSum32
Pushed @ 219e560c20034843ac9917146c60db99bd01b6f4.
> -Original Message-
> From: Gao, Liming
> Sent: Wednesday, March 6, 2019 1:38 PM
> To: Ni, Ray ; edk2-devel@lists.01.org
> Cc: Dong, Eric ; Chen, Chen A
>
> Subject: RE: [edk2] [PATCH] UefiCpuPkg/Microcode.c: Add verification
> before calculate CheckSum32
>
> This is a bug. I agree to add it into Q1 stable tag.
>
> Thanks
> Liming
> > -Original Message-
> > From: Ni, Ray
> > Sent: Tuesday, March 5, 2019 9:35 PM
> > To: edk2-devel@lists.01.org; Gao, Liming
> > Cc: Dong, Eric ; Ni, Ray ;
> > Chen, Chen A
> > Subject: RE: [edk2] [PATCH] UefiCpuPkg/Microcode.c: Add verification
> > before calculate CheckSum32
> >
> > Liming,
> > Do I need any approval from you side before pushing the commit?
> >
> > Thanks,
> > Ray
> >
> > > -Original Message-
> > > From: edk2-devel On Behalf Of Ni,
> > > Ray
> > > Sent: Wednesday, March 6, 2019 10:15 AM
> > > To: Chen, Chen A ; edk2-devel@lists.01.org
> > > Cc: Dong, Eric
> > > Subject: Re: [edk2] [PATCH] UefiCpuPkg/Microcode.c: Add verification
> > > before calculate CheckSum32
> > >
> > > Reviewed-by: Ray Ni
> > >
> > > > -Original Message-----
> > > > From: edk2-devel On Behalf Of
> > > > Chen A Chen
> > > > Sent: Tuesday, March 5, 2019 8:21 AM
> > > > To: edk2-devel@lists.01.org
> > > > Cc: Dong, Eric
> > > > Subject: [edk2] [PATCH] UefiCpuPkg/Microcode.c: Add verification
> > > > before calculate CheckSum32
> > > >
> > > > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1020
> > > >
> > > > Should make sure the TotalSize of Microcode is aligned with 4
> > > > bytes before calling CalculateSum32 function.
> > > >
> > > > Contributed-under: TianoCore Contribution Agreement 1.1
> > > > Signed-off-by: Chen A Chen
> > > > Cc: Ray Ni
> > > > Cc: Eric Dong
> > > > ---
> > > > UefiCpuPkg/Library/MpInitLib/Microcode.c | 31
> > > --
> > > > -
> > > > 1 file changed, 20 insertions(+), 11 deletions(-)
> > > >
> > > > diff --git a/UefiCpuPkg/Library/MpInitLib/Microcode.c
> > > > b/UefiCpuPkg/Library/MpInitLib/Microcode.c
> > > > index 5f9ae22794..643a6f94f4 100644
> > > > --- a/UefiCpuPkg/Library/MpInitLib/Microcode.c
> > > > +++ b/UefiCpuPkg/Library/MpInitLib/Microcode.c
> > > > @@ -166,20 +166,29 @@ MicrocodeDetect (
> > > > //
> > > > CorrectMicrocode = FALSE;
> > > >
> > > > -//
> > > > -// Save an in-complete CheckSum32 from CheckSum Part1 for
> common
> > > > parts.
> > > > -//
> > > > if (MicrocodeEntryPoint->DataSize == 0) {
> > > > - InCompleteCheckSum32 = CalculateSum32 (
> > > > - (UINT32 *) MicrocodeEntryPoint,
> > > > - sizeof (CPU_MICROCODE_HEADER) + 2000
> > > > - );
> > > > + TotalSize = sizeof (CPU_MICROCODE_HEADER) + 2000;
> > > > } else {
> > > > - InCompleteCheckSum32 = CalculateSum32 (
> > > > - (UINT32 *) MicrocodeEntryPoint,
> > > > - sizeof (CPU_MICROCODE_HEADER) +
> > > MicrocodeEntryPoint-
> > > > >DataSize
> > > > - );
> > > > + TotalSize = sizeof (CPU_MICROCODE_HEADER) +
> > > > + MicrocodeEntryPoint-
> > > > >DataSize;
> > > > }
> > > > +
> > > > +///
> > > > +/// Check overflow and whether TotalSize is aligned with 4 bytes.
> > > > +///
> > > > +if ( ((UINTN)MicrocodeEntryPoint + TotalSize) > MicrocodeEnd ||
> > > > + (TotalSize & 0x3) != 0
> > > > + ) {
> > > > + MicrocodeEntryPoint = (CPU_MICROCODE_HEADER *) (((UINTN)
> > > > MicrocodeEntryPoint) + SIZE_1KB);
> > > > + continue;
> > > > +}
> > > > +
> > > > +//
> > > > +// Save an in-complete CheckSum32 from CheckSum Part1 for
> > > > + common
> > > > parts.
> > > > +//
> > > > +InCompleteCheckSum32 = CalculateSum32 (
> > > > + (UINT32 *) MicrocodeEntryPoint,
> > > > + TotalSize
> > > > + );
> > > > InCompleteCheckSum32 -= MicrocodeEntryPoint-
> > > > >ProcessorSignature.Uint32;
> > > > InCompleteCheckSum32 -= MicrocodeEntryPoint->ProcessorFlags;
> > > > InCompleteCheckSum32 -= MicrocodeEntryPoint->Checksum;
> > > > --
> > > > 2.16.2.windows.1
> > > >
> > > > ___
> > > > edk2-devel mailing list
> > > > edk2-devel@lists.01.org
> > > > https://lists.01.org/mailman/listinfo/edk2-devel
> > > ___
> > > edk2-devel mailing list
> > > edk2-devel@lists.01.org
> > > https://lists.01.org/mailman/listinfo/edk2-devel
___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel
Re: [edk2] [PATCH] UefiCpuPkg/Microcode.c: Add verification before calculate CheckSum32
This is a bug. I agree to add it into Q1 stable tag.
Thanks
Liming
> -Original Message-
> From: Ni, Ray
> Sent: Tuesday, March 5, 2019 9:35 PM
> To: edk2-devel@lists.01.org; Gao, Liming
> Cc: Dong, Eric ; Ni, Ray ; Chen, Chen
> A
> Subject: RE: [edk2] [PATCH] UefiCpuPkg/Microcode.c: Add verification before
> calculate CheckSum32
>
> Liming,
> Do I need any approval from you side before pushing the commit?
>
> Thanks,
> Ray
>
> > -Original Message-
> > From: edk2-devel On Behalf Of Ni, Ray
> > Sent: Wednesday, March 6, 2019 10:15 AM
> > To: Chen, Chen A ; edk2-devel@lists.01.org
> > Cc: Dong, Eric
> > Subject: Re: [edk2] [PATCH] UefiCpuPkg/Microcode.c: Add verification
> > before calculate CheckSum32
> >
> > Reviewed-by: Ray Ni
> >
> > > -Original Message-
> > > From: edk2-devel On Behalf Of Chen A
> > > Chen
> > > Sent: Tuesday, March 5, 2019 8:21 AM
> > > To: edk2-devel@lists.01.org
> > > Cc: Dong, Eric
> > > Subject: [edk2] [PATCH] UefiCpuPkg/Microcode.c: Add verification
> > > before calculate CheckSum32
> > >
> > > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1020
> > >
> > > Should make sure the TotalSize of Microcode is aligned with 4 bytes
> > > before calling CalculateSum32 function.
> > >
> > > Contributed-under: TianoCore Contribution Agreement 1.1
> > > Signed-off-by: Chen A Chen
> > > Cc: Ray Ni
> > > Cc: Eric Dong
> > > ---
> > > UefiCpuPkg/Library/MpInitLib/Microcode.c | 31
> > --
> > > -
> > > 1 file changed, 20 insertions(+), 11 deletions(-)
> > >
> > > diff --git a/UefiCpuPkg/Library/MpInitLib/Microcode.c
> > > b/UefiCpuPkg/Library/MpInitLib/Microcode.c
> > > index 5f9ae22794..643a6f94f4 100644
> > > --- a/UefiCpuPkg/Library/MpInitLib/Microcode.c
> > > +++ b/UefiCpuPkg/Library/MpInitLib/Microcode.c
> > > @@ -166,20 +166,29 @@ MicrocodeDetect (
> > > //
> > > CorrectMicrocode = FALSE;
> > >
> > > -//
> > > -// Save an in-complete CheckSum32 from CheckSum Part1 for common
> > > parts.
> > > -//
> > > if (MicrocodeEntryPoint->DataSize == 0) {
> > > - InCompleteCheckSum32 = CalculateSum32 (
> > > - (UINT32 *) MicrocodeEntryPoint,
> > > - sizeof (CPU_MICROCODE_HEADER) + 2000
> > > - );
> > > + TotalSize = sizeof (CPU_MICROCODE_HEADER) + 2000;
> > > } else {
> > > - InCompleteCheckSum32 = CalculateSum32 (
> > > - (UINT32 *) MicrocodeEntryPoint,
> > > - sizeof (CPU_MICROCODE_HEADER) +
> > MicrocodeEntryPoint-
> > > >DataSize
> > > - );
> > > + TotalSize = sizeof (CPU_MICROCODE_HEADER) +
> > > + MicrocodeEntryPoint-
> > > >DataSize;
> > > }
> > > +
> > > +///
> > > +/// Check overflow and whether TotalSize is aligned with 4 bytes.
> > > +///
> > > +if ( ((UINTN)MicrocodeEntryPoint + TotalSize) > MicrocodeEnd ||
> > > + (TotalSize & 0x3) != 0
> > > + ) {
> > > + MicrocodeEntryPoint = (CPU_MICROCODE_HEADER *) (((UINTN)
> > > MicrocodeEntryPoint) + SIZE_1KB);
> > > + continue;
> > > +}
> > > +
> > > +//
> > > +// Save an in-complete CheckSum32 from CheckSum Part1 for common
> > > parts.
> > > +//
> > > +InCompleteCheckSum32 = CalculateSum32 (
> > > + (UINT32 *) MicrocodeEntryPoint,
> > > + TotalSize
> > > + );
> > > InCompleteCheckSum32 -= MicrocodeEntryPoint-
> > > >ProcessorSignature.Uint32;
> > > InCompleteCheckSum32 -= MicrocodeEntryPoint->ProcessorFlags;
> > > InCompleteCheckSum32 -= MicrocodeEntryPoint->Checksum;
> > > --
> > > 2.16.2.windows.1
> > >
> > > ___
> > > edk2-devel mailing list
> > > edk2-devel@lists.01.org
> > > https://lists.01.org/mailman/listinfo/edk2-devel
> > ___
> > edk2-devel mailing list
> > edk2-devel@lists.01.org
> > https://lists.01.org/mailman/listinfo/edk2-devel
___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel
Re: [edk2] [PATCH] UefiCpuPkg/Microcode.c: Add verification before calculate CheckSum32
Liming,
Do I need any approval from you side before pushing the commit?
Thanks,
Ray
> -Original Message-
> From: edk2-devel On Behalf Of Ni, Ray
> Sent: Wednesday, March 6, 2019 10:15 AM
> To: Chen, Chen A ; edk2-devel@lists.01.org
> Cc: Dong, Eric
> Subject: Re: [edk2] [PATCH] UefiCpuPkg/Microcode.c: Add verification
> before calculate CheckSum32
>
> Reviewed-by: Ray Ni
>
> > -Original Message-
> > From: edk2-devel On Behalf Of Chen A
> > Chen
> > Sent: Tuesday, March 5, 2019 8:21 AM
> > To: edk2-devel@lists.01.org
> > Cc: Dong, Eric
> > Subject: [edk2] [PATCH] UefiCpuPkg/Microcode.c: Add verification
> > before calculate CheckSum32
> >
> > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1020
> >
> > Should make sure the TotalSize of Microcode is aligned with 4 bytes
> > before calling CalculateSum32 function.
> >
> > Contributed-under: TianoCore Contribution Agreement 1.1
> > Signed-off-by: Chen A Chen
> > Cc: Ray Ni
> > Cc: Eric Dong
> > ---
> > UefiCpuPkg/Library/MpInitLib/Microcode.c | 31
> --
> > -
> > 1 file changed, 20 insertions(+), 11 deletions(-)
> >
> > diff --git a/UefiCpuPkg/Library/MpInitLib/Microcode.c
> > b/UefiCpuPkg/Library/MpInitLib/Microcode.c
> > index 5f9ae22794..643a6f94f4 100644
> > --- a/UefiCpuPkg/Library/MpInitLib/Microcode.c
> > +++ b/UefiCpuPkg/Library/MpInitLib/Microcode.c
> > @@ -166,20 +166,29 @@ MicrocodeDetect (
> > //
> > CorrectMicrocode = FALSE;
> >
> > -//
> > -// Save an in-complete CheckSum32 from CheckSum Part1 for common
> > parts.
> > -//
> > if (MicrocodeEntryPoint->DataSize == 0) {
> > - InCompleteCheckSum32 = CalculateSum32 (
> > - (UINT32 *) MicrocodeEntryPoint,
> > - sizeof (CPU_MICROCODE_HEADER) + 2000
> > - );
> > + TotalSize = sizeof (CPU_MICROCODE_HEADER) + 2000;
> > } else {
> > - InCompleteCheckSum32 = CalculateSum32 (
> > - (UINT32 *) MicrocodeEntryPoint,
> > - sizeof (CPU_MICROCODE_HEADER) +
> MicrocodeEntryPoint-
> > >DataSize
> > - );
> > + TotalSize = sizeof (CPU_MICROCODE_HEADER) +
> > + MicrocodeEntryPoint-
> > >DataSize;
> > }
> > +
> > +///
> > +/// Check overflow and whether TotalSize is aligned with 4 bytes.
> > +///
> > +if ( ((UINTN)MicrocodeEntryPoint + TotalSize) > MicrocodeEnd ||
> > + (TotalSize & 0x3) != 0
> > + ) {
> > + MicrocodeEntryPoint = (CPU_MICROCODE_HEADER *) (((UINTN)
> > MicrocodeEntryPoint) + SIZE_1KB);
> > + continue;
> > +}
> > +
> > +//
> > +// Save an in-complete CheckSum32 from CheckSum Part1 for common
> > parts.
> > +//
> > +InCompleteCheckSum32 = CalculateSum32 (
> > + (UINT32 *) MicrocodeEntryPoint,
> > + TotalSize
> > + );
> > InCompleteCheckSum32 -= MicrocodeEntryPoint-
> > >ProcessorSignature.Uint32;
> > InCompleteCheckSum32 -= MicrocodeEntryPoint->ProcessorFlags;
> > InCompleteCheckSum32 -= MicrocodeEntryPoint->Checksum;
> > --
> > 2.16.2.windows.1
> >
> > ___
> > edk2-devel mailing list
> > edk2-devel@lists.01.org
> > https://lists.01.org/mailman/listinfo/edk2-devel
> ___
> edk2-devel mailing list
> edk2-devel@lists.01.org
> https://lists.01.org/mailman/listinfo/edk2-devel
___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel
Re: [edk2] [PATCH] UefiCpuPkg/Microcode.c: Add verification before calculate CheckSum32
Reviewed-by: Ray Ni
> -Original Message-
> From: edk2-devel On Behalf Of Chen A
> Chen
> Sent: Tuesday, March 5, 2019 8:21 AM
> To: edk2-devel@lists.01.org
> Cc: Dong, Eric
> Subject: [edk2] [PATCH] UefiCpuPkg/Microcode.c: Add verification before
> calculate CheckSum32
>
> REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1020
>
> Should make sure the TotalSize of Microcode is aligned with 4 bytes
> before calling CalculateSum32 function.
>
> Contributed-under: TianoCore Contribution Agreement 1.1
> Signed-off-by: Chen A Chen
> Cc: Ray Ni
> Cc: Eric Dong
> ---
> UefiCpuPkg/Library/MpInitLib/Microcode.c | 31 --
> -
> 1 file changed, 20 insertions(+), 11 deletions(-)
>
> diff --git a/UefiCpuPkg/Library/MpInitLib/Microcode.c
> b/UefiCpuPkg/Library/MpInitLib/Microcode.c
> index 5f9ae22794..643a6f94f4 100644
> --- a/UefiCpuPkg/Library/MpInitLib/Microcode.c
> +++ b/UefiCpuPkg/Library/MpInitLib/Microcode.c
> @@ -166,20 +166,29 @@ MicrocodeDetect (
> //
> CorrectMicrocode = FALSE;
>
> -//
> -// Save an in-complete CheckSum32 from CheckSum Part1 for common
> parts.
> -//
> if (MicrocodeEntryPoint->DataSize == 0) {
> - InCompleteCheckSum32 = CalculateSum32 (
> - (UINT32 *) MicrocodeEntryPoint,
> - sizeof (CPU_MICROCODE_HEADER) + 2000
> - );
> + TotalSize = sizeof (CPU_MICROCODE_HEADER) + 2000;
> } else {
> - InCompleteCheckSum32 = CalculateSum32 (
> - (UINT32 *) MicrocodeEntryPoint,
> - sizeof (CPU_MICROCODE_HEADER) +
> MicrocodeEntryPoint-
> >DataSize
> - );
> + TotalSize = sizeof (CPU_MICROCODE_HEADER) + MicrocodeEntryPoint-
> >DataSize;
> }
> +
> +///
> +/// Check overflow and whether TotalSize is aligned with 4 bytes.
> +///
> +if ( ((UINTN)MicrocodeEntryPoint + TotalSize) > MicrocodeEnd ||
> + (TotalSize & 0x3) != 0
> + ) {
> + MicrocodeEntryPoint = (CPU_MICROCODE_HEADER *) (((UINTN)
> MicrocodeEntryPoint) + SIZE_1KB);
> + continue;
> +}
> +
> +//
> +// Save an in-complete CheckSum32 from CheckSum Part1 for common
> parts.
> +//
> +InCompleteCheckSum32 = CalculateSum32 (
> + (UINT32 *) MicrocodeEntryPoint,
> + TotalSize
> + );
> InCompleteCheckSum32 -= MicrocodeEntryPoint-
> >ProcessorSignature.Uint32;
> InCompleteCheckSum32 -= MicrocodeEntryPoint->ProcessorFlags;
> InCompleteCheckSum32 -= MicrocodeEntryPoint->Checksum;
> --
> 2.16.2.windows.1
>
> ___
> edk2-devel mailing list
> edk2-devel@lists.01.org
> https://lists.01.org/mailman/listinfo/edk2-devel
___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel
[edk2] [PATCH] UefiCpuPkg/Microcode.c: Add verification before calculate CheckSum32
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1020
Should make sure the TotalSize of Microcode is aligned with 4 bytes
before calling CalculateSum32 function.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Chen A Chen
Cc: Ray Ni
Cc: Eric Dong
---
UefiCpuPkg/Library/MpInitLib/Microcode.c | 31 ---
1 file changed, 20 insertions(+), 11 deletions(-)
diff --git a/UefiCpuPkg/Library/MpInitLib/Microcode.c
b/UefiCpuPkg/Library/MpInitLib/Microcode.c
index 5f9ae22794..643a6f94f4 100644
--- a/UefiCpuPkg/Library/MpInitLib/Microcode.c
+++ b/UefiCpuPkg/Library/MpInitLib/Microcode.c
@@ -166,20 +166,29 @@ MicrocodeDetect (
//
CorrectMicrocode = FALSE;
-//
-// Save an in-complete CheckSum32 from CheckSum Part1 for common parts.
-//
if (MicrocodeEntryPoint->DataSize == 0) {
- InCompleteCheckSum32 = CalculateSum32 (
- (UINT32 *) MicrocodeEntryPoint,
- sizeof (CPU_MICROCODE_HEADER) + 2000
- );
+ TotalSize = sizeof (CPU_MICROCODE_HEADER) + 2000;
} else {
- InCompleteCheckSum32 = CalculateSum32 (
- (UINT32 *) MicrocodeEntryPoint,
- sizeof (CPU_MICROCODE_HEADER) +
MicrocodeEntryPoint->DataSize
- );
+ TotalSize = sizeof (CPU_MICROCODE_HEADER) +
MicrocodeEntryPoint->DataSize;
}
+
+///
+/// Check overflow and whether TotalSize is aligned with 4 bytes.
+///
+if ( ((UINTN)MicrocodeEntryPoint + TotalSize) > MicrocodeEnd ||
+ (TotalSize & 0x3) != 0
+ ) {
+ MicrocodeEntryPoint = (CPU_MICROCODE_HEADER *) (((UINTN)
MicrocodeEntryPoint) + SIZE_1KB);
+ continue;
+}
+
+//
+// Save an in-complete CheckSum32 from CheckSum Part1 for common parts.
+//
+InCompleteCheckSum32 = CalculateSum32 (
+ (UINT32 *) MicrocodeEntryPoint,
+ TotalSize
+ );
InCompleteCheckSum32 -= MicrocodeEntryPoint->ProcessorSignature.Uint32;
InCompleteCheckSum32 -= MicrocodeEntryPoint->ProcessorFlags;
InCompleteCheckSum32 -= MicrocodeEntryPoint->Checksum;
--
2.16.2.windows.1
___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel
