Re: [edk2] [PATCH] MdeModulePkg/NonDiscoverable: fix memory override bug
Thanks, Heyi 在 11/8/2017 12:53 PM, Zeng, Star 写道: Just pushed at 710d9e69fae6753a1a826aa18dd37bcadd3e0c3e. Thanks, Star -Original Message- From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of Heyi Guo Sent: Tuesday, November 7, 2017 5:33 PM To: Ard Biesheuvel <ard.biesheu...@linaro.org> Cc: Ni, Ruiyu <ruiyu...@intel.com>; edk2-devel@lists.01.org; Dong, Eric <eric.d...@intel.com>; Zeng, Star <star.z...@intel.com>; linaro-uefi <linaro-u...@lists.linaro.org> Subject: Re: [edk2] [PATCH] MdeModulePkg/NonDiscoverable: fix memory override bug Hi Ray, We had Ard's R-B already; could you help to commit it? Thanks and regards, Heyi 在 10/30/2017 4:14 PM, Ard Biesheuvel 写道: On 30 October 2017 at 05:47, Heyi Guo <heyi@linaro.org> wrote: For PciIoPciRead interface, memory prior to Buffer would be written with zeros if Offset was larger than sizeof (Dev->ConfigSpace), which would cause serious system exception. So we add a pre-check branch to avoid memory override. Cc: Star Zeng <star.z...@intel.com> Cc: Eric Dong <eric.d...@intel.com> Cc: Ard Biesheuvel <ard.biesheu...@linaro.org> Cc: Ruiyu Ni <ruiyu...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Heyi Guo <heyi@linaro.org> Reviewed-by: Ard Biesheuvel <ard.biesheu...@linaro.org> --- .../Bus/Pci/NonDiscoverablePciDeviceDxe/NonDiscoverablePciDeviceIo.c | 5 + 1 file changed, 5 insertions(+) diff --git a/MdeModulePkg/Bus/Pci/NonDiscoverablePciDeviceDxe/NonDiscoverablePci DeviceIo.c b/MdeModulePkg/Bus/Pci/NonDiscoverablePciDeviceDxe/NonDiscoverablePci DeviceIo.c index c836ad6..0e42ae4 100644 --- a/MdeModulePkg/Bus/Pci/NonDiscoverablePciDeviceDxe/NonDiscoverablePci DeviceIo.c +++ b/MdeModulePkg/Bus/Pci/NonDiscoverablePciDeviceDxe/NonDiscoverabl +++ ePciDeviceIo.c @@ -465,6 +465,11 @@ PciIoPciRead ( Address = (UINT8 *)>ConfigSpace + Offset; Length = Count << ((UINTN)Width & 0x3); + if (Offset >= sizeof (Dev->ConfigSpace)) { +ZeroMem (Buffer, Length); +return EFI_SUCCESS; + } + if (Offset + Length > sizeof (Dev->ConfigSpace)) { // // Read all zeroes for config space accesses beyond the first -- 1.9.1 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
Re: [edk2] [PATCH] MdeModulePkg/NonDiscoverable: fix memory override bug
Just pushed at 710d9e69fae6753a1a826aa18dd37bcadd3e0c3e. Thanks, Star -Original Message- From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of Heyi Guo Sent: Tuesday, November 7, 2017 5:33 PM To: Ard Biesheuvel <ard.biesheu...@linaro.org> Cc: Ni, Ruiyu <ruiyu...@intel.com>; edk2-devel@lists.01.org; Dong, Eric <eric.d...@intel.com>; Zeng, Star <star.z...@intel.com>; linaro-uefi <linaro-u...@lists.linaro.org> Subject: Re: [edk2] [PATCH] MdeModulePkg/NonDiscoverable: fix memory override bug Hi Ray, We had Ard's R-B already; could you help to commit it? Thanks and regards, Heyi 在 10/30/2017 4:14 PM, Ard Biesheuvel 写道: > On 30 October 2017 at 05:47, Heyi Guo <heyi@linaro.org> wrote: >> For PciIoPciRead interface, memory prior to Buffer would be written >> with zeros if Offset was larger than sizeof (Dev->ConfigSpace), which >> would cause serious system exception. >> >> So we add a pre-check branch to avoid memory override. >> >> Cc: Star Zeng <star.z...@intel.com> >> Cc: Eric Dong <eric.d...@intel.com> >> Cc: Ard Biesheuvel <ard.biesheu...@linaro.org> >> Cc: Ruiyu Ni <ruiyu...@intel.com> >> Contributed-under: TianoCore Contribution Agreement 1.1 >> Signed-off-by: Heyi Guo <heyi@linaro.org> > Reviewed-by: Ard Biesheuvel <ard.biesheu...@linaro.org> > >> --- >> .../Bus/Pci/NonDiscoverablePciDeviceDxe/NonDiscoverablePciDeviceIo.c | 5 >> + >> 1 file changed, 5 insertions(+) >> >> diff --git >> a/MdeModulePkg/Bus/Pci/NonDiscoverablePciDeviceDxe/NonDiscoverablePci >> DeviceIo.c >> b/MdeModulePkg/Bus/Pci/NonDiscoverablePciDeviceDxe/NonDiscoverablePci >> DeviceIo.c >> index c836ad6..0e42ae4 100644 >> --- >> a/MdeModulePkg/Bus/Pci/NonDiscoverablePciDeviceDxe/NonDiscoverablePci >> DeviceIo.c >> +++ b/MdeModulePkg/Bus/Pci/NonDiscoverablePciDeviceDxe/NonDiscoverabl >> +++ ePciDeviceIo.c >> @@ -465,6 +465,11 @@ PciIoPciRead ( >> Address = (UINT8 *)>ConfigSpace + Offset; >> Length = Count << ((UINTN)Width & 0x3); >> >> + if (Offset >= sizeof (Dev->ConfigSpace)) { >> +ZeroMem (Buffer, Length); >> +return EFI_SUCCESS; >> + } >> + >> if (Offset + Length > sizeof (Dev->ConfigSpace)) { >> // >> // Read all zeroes for config space accesses beyond the first >> -- >> 1.9.1 >> ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
Re: [edk2] [PATCH] MdeModulePkg/NonDiscoverable: fix memory override bug
Hi Ray, We had Ard's R-B already; could you help to commit it? Thanks and regards, Heyi 在 10/30/2017 4:14 PM, Ard Biesheuvel 写道: On 30 October 2017 at 05:47, Heyi Guowrote: For PciIoPciRead interface, memory prior to Buffer would be written with zeros if Offset was larger than sizeof (Dev->ConfigSpace), which would cause serious system exception. So we add a pre-check branch to avoid memory override. Cc: Star Zeng Cc: Eric Dong Cc: Ard Biesheuvel Cc: Ruiyu Ni Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Heyi Guo Reviewed-by: Ard Biesheuvel --- .../Bus/Pci/NonDiscoverablePciDeviceDxe/NonDiscoverablePciDeviceIo.c | 5 + 1 file changed, 5 insertions(+) diff --git a/MdeModulePkg/Bus/Pci/NonDiscoverablePciDeviceDxe/NonDiscoverablePciDeviceIo.c b/MdeModulePkg/Bus/Pci/NonDiscoverablePciDeviceDxe/NonDiscoverablePciDeviceIo.c index c836ad6..0e42ae4 100644 --- a/MdeModulePkg/Bus/Pci/NonDiscoverablePciDeviceDxe/NonDiscoverablePciDeviceIo.c +++ b/MdeModulePkg/Bus/Pci/NonDiscoverablePciDeviceDxe/NonDiscoverablePciDeviceIo.c @@ -465,6 +465,11 @@ PciIoPciRead ( Address = (UINT8 *)>ConfigSpace + Offset; Length = Count << ((UINTN)Width & 0x3); + if (Offset >= sizeof (Dev->ConfigSpace)) { +ZeroMem (Buffer, Length); +return EFI_SUCCESS; + } + if (Offset + Length > sizeof (Dev->ConfigSpace)) { // // Read all zeroes for config space accesses beyond the first -- 1.9.1 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
Re: [edk2] [PATCH] MdeModulePkg/NonDiscoverable: fix memory override bug
Hi Ray, It seems Ard already provided his R-B :) Thanks. Heyi On 10/30/2017 06:23 PM, Ni, Ruiyu wrote: I will wait for Ard's feedback. It's an ARM specific module. Thanks/Ray -Original Message- From: Zeng, Star Sent: Monday, October 30, 2017 6:07 PM To: Ni, Ruiyu <ruiyu...@intel.com>; Heyi Guo <heyi@linaro.org>; linaro- u...@lists.linaro.org; edk2-devel@lists.01.org Cc: Dong, Eric <eric.d...@intel.com>; Ard Biesheuvel <ard.biesheu...@linaro.org>; Zeng, Star <star.z...@intel.com> Subject: RE: [edk2][PATCH] MdeModulePkg/NonDiscoverable: fix memory override bug Ray, Please help take a review to this patch. Thanks, Star -Original Message- From: Heyi Guo [mailto:heyi@linaro.org] Sent: Monday, October 30, 2017 1:48 PM To: linaro-u...@lists.linaro.org; edk2-devel@lists.01.org Cc: Heyi Guo <heyi@linaro.org>; Zeng, Star <star.z...@intel.com>; Dong, Eric <eric.d...@intel.com>; Ard Biesheuvel <ard.biesheu...@linaro.org>; Ni, Ruiyu <ruiyu...@intel.com> Subject: [edk2][PATCH] MdeModulePkg/NonDiscoverable: fix memory override bug For PciIoPciRead interface, memory prior to Buffer would be written with zeros if Offset was larger than sizeof (Dev->ConfigSpace), which would cause serious system exception. So we add a pre-check branch to avoid memory override. Cc: Star Zeng <star.z...@intel.com> Cc: Eric Dong <eric.d...@intel.com> Cc: Ard Biesheuvel <ard.biesheu...@linaro.org> Cc: Ruiyu Ni <ruiyu...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Heyi Guo <heyi@linaro.org> --- .../Bus/Pci/NonDiscoverablePciDeviceDxe/NonDiscoverablePciDeviceIo.c | 5 + 1 file changed, 5 insertions(+) diff --git a/MdeModulePkg/Bus/Pci/NonDiscoverablePciDeviceDxe/NonDiscoverable PciDeviceIo.c b/MdeModulePkg/Bus/Pci/NonDiscoverablePciDeviceDxe/NonDiscoverable PciDeviceIo.c index c836ad6..0e42ae4 100644 --- a/MdeModulePkg/Bus/Pci/NonDiscoverablePciDeviceDxe/NonDiscoverable PciDeviceIo.c +++ b/MdeModulePkg/Bus/Pci/NonDiscoverablePciDeviceDxe/NonDiscoverable Pc +++ iDeviceIo.c @@ -465,6 +465,11 @@ PciIoPciRead ( Address = (UINT8 *)>ConfigSpace + Offset; Length = Count << ((UINTN)Width & 0x3); + if (Offset >= sizeof (Dev->ConfigSpace)) { +ZeroMem (Buffer, Length); +return EFI_SUCCESS; + } + if (Offset + Length > sizeof (Dev->ConfigSpace)) { // // Read all zeroes for config space accesses beyond the first -- 1.9.1 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
Re: [edk2] [PATCH] MdeModulePkg/NonDiscoverable: fix memory override bug
I will wait for Ard's feedback. It's an ARM specific module. Thanks/Ray > -Original Message- > From: Zeng, Star > Sent: Monday, October 30, 2017 6:07 PM > To: Ni, Ruiyu <ruiyu...@intel.com>; Heyi Guo <heyi@linaro.org>; linaro- > u...@lists.linaro.org; edk2-devel@lists.01.org > Cc: Dong, Eric <eric.d...@intel.com>; Ard Biesheuvel > <ard.biesheu...@linaro.org>; Zeng, Star <star.z...@intel.com> > Subject: RE: [edk2][PATCH] MdeModulePkg/NonDiscoverable: fix memory > override bug > > Ray, > Please help take a review to this patch. > > > Thanks, > Star > -Original Message- > From: Heyi Guo [mailto:heyi@linaro.org] > Sent: Monday, October 30, 2017 1:48 PM > To: linaro-u...@lists.linaro.org; edk2-devel@lists.01.org > Cc: Heyi Guo <heyi@linaro.org>; Zeng, Star <star.z...@intel.com>; > Dong, Eric <eric.d...@intel.com>; Ard Biesheuvel > <ard.biesheu...@linaro.org>; Ni, Ruiyu <ruiyu...@intel.com> > Subject: [edk2][PATCH] MdeModulePkg/NonDiscoverable: fix memory > override bug > > For PciIoPciRead interface, memory prior to Buffer would be written with > zeros if Offset was larger than sizeof (Dev->ConfigSpace), which would cause > serious system exception. > > So we add a pre-check branch to avoid memory override. > > Cc: Star Zeng <star.z...@intel.com> > Cc: Eric Dong <eric.d...@intel.com> > Cc: Ard Biesheuvel <ard.biesheu...@linaro.org> > Cc: Ruiyu Ni <ruiyu...@intel.com> > Contributed-under: TianoCore Contribution Agreement 1.1 > Signed-off-by: Heyi Guo <heyi@linaro.org> > --- > .../Bus/Pci/NonDiscoverablePciDeviceDxe/NonDiscoverablePciDeviceIo.c | 5 > + > 1 file changed, 5 insertions(+) > > diff --git > a/MdeModulePkg/Bus/Pci/NonDiscoverablePciDeviceDxe/NonDiscoverable > PciDeviceIo.c > b/MdeModulePkg/Bus/Pci/NonDiscoverablePciDeviceDxe/NonDiscoverable > PciDeviceIo.c > index c836ad6..0e42ae4 100644 > --- > a/MdeModulePkg/Bus/Pci/NonDiscoverablePciDeviceDxe/NonDiscoverable > PciDeviceIo.c > +++ > b/MdeModulePkg/Bus/Pci/NonDiscoverablePciDeviceDxe/NonDiscoverable > Pc > +++ iDeviceIo.c > @@ -465,6 +465,11 @@ PciIoPciRead ( >Address = (UINT8 *)>ConfigSpace + Offset; >Length = Count << ((UINTN)Width & 0x3); > > + if (Offset >= sizeof (Dev->ConfigSpace)) { > +ZeroMem (Buffer, Length); > +return EFI_SUCCESS; > + } > + >if (Offset + Length > sizeof (Dev->ConfigSpace)) { > // > // Read all zeroes for config space accesses beyond the first > -- > 1.9.1 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
Re: [edk2] [PATCH] MdeModulePkg/NonDiscoverable: fix memory override bug
Ray, Please help take a review to this patch. Thanks, Star -Original Message- From: Heyi Guo [mailto:heyi@linaro.org] Sent: Monday, October 30, 2017 1:48 PM To: linaro-u...@lists.linaro.org; edk2-devel@lists.01.org Cc: Heyi Guo <heyi@linaro.org>; Zeng, Star <star.z...@intel.com>; Dong, Eric <eric.d...@intel.com>; Ard Biesheuvel <ard.biesheu...@linaro.org>; Ni, Ruiyu <ruiyu...@intel.com> Subject: [edk2][PATCH] MdeModulePkg/NonDiscoverable: fix memory override bug For PciIoPciRead interface, memory prior to Buffer would be written with zeros if Offset was larger than sizeof (Dev->ConfigSpace), which would cause serious system exception. So we add a pre-check branch to avoid memory override. Cc: Star Zeng <star.z...@intel.com> Cc: Eric Dong <eric.d...@intel.com> Cc: Ard Biesheuvel <ard.biesheu...@linaro.org> Cc: Ruiyu Ni <ruiyu...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Heyi Guo <heyi@linaro.org> --- .../Bus/Pci/NonDiscoverablePciDeviceDxe/NonDiscoverablePciDeviceIo.c | 5 + 1 file changed, 5 insertions(+) diff --git a/MdeModulePkg/Bus/Pci/NonDiscoverablePciDeviceDxe/NonDiscoverablePciDeviceIo.c b/MdeModulePkg/Bus/Pci/NonDiscoverablePciDeviceDxe/NonDiscoverablePciDeviceIo.c index c836ad6..0e42ae4 100644 --- a/MdeModulePkg/Bus/Pci/NonDiscoverablePciDeviceDxe/NonDiscoverablePciDeviceIo.c +++ b/MdeModulePkg/Bus/Pci/NonDiscoverablePciDeviceDxe/NonDiscoverablePc +++ iDeviceIo.c @@ -465,6 +465,11 @@ PciIoPciRead ( Address = (UINT8 *)>ConfigSpace + Offset; Length = Count << ((UINTN)Width & 0x3); + if (Offset >= sizeof (Dev->ConfigSpace)) { +ZeroMem (Buffer, Length); +return EFI_SUCCESS; + } + if (Offset + Length > sizeof (Dev->ConfigSpace)) { // // Read all zeroes for config space accesses beyond the first -- 1.9.1 ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
Re: [edk2] [PATCH] MdeModulePkg/NonDiscoverable: fix memory override bug
On 30 October 2017 at 05:47, Heyi Guowrote: > For PciIoPciRead interface, memory prior to Buffer would be written > with zeros if Offset was larger than sizeof (Dev->ConfigSpace), which > would cause serious system exception. > > So we add a pre-check branch to avoid memory override. > > Cc: Star Zeng > Cc: Eric Dong > Cc: Ard Biesheuvel > Cc: Ruiyu Ni > Contributed-under: TianoCore Contribution Agreement 1.1 > Signed-off-by: Heyi Guo Reviewed-by: Ard Biesheuvel > --- > .../Bus/Pci/NonDiscoverablePciDeviceDxe/NonDiscoverablePciDeviceIo.c | 5 > + > 1 file changed, 5 insertions(+) > > diff --git > a/MdeModulePkg/Bus/Pci/NonDiscoverablePciDeviceDxe/NonDiscoverablePciDeviceIo.c > > b/MdeModulePkg/Bus/Pci/NonDiscoverablePciDeviceDxe/NonDiscoverablePciDeviceIo.c > index c836ad6..0e42ae4 100644 > --- > a/MdeModulePkg/Bus/Pci/NonDiscoverablePciDeviceDxe/NonDiscoverablePciDeviceIo.c > +++ > b/MdeModulePkg/Bus/Pci/NonDiscoverablePciDeviceDxe/NonDiscoverablePciDeviceIo.c > @@ -465,6 +465,11 @@ PciIoPciRead ( >Address = (UINT8 *)>ConfigSpace + Offset; >Length = Count << ((UINTN)Width & 0x3); > > + if (Offset >= sizeof (Dev->ConfigSpace)) { > +ZeroMem (Buffer, Length); > +return EFI_SUCCESS; > + } > + >if (Offset + Length > sizeof (Dev->ConfigSpace)) { > // > // Read all zeroes for config space accesses beyond the first > -- > 1.9.1 > ___ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel