From nobody Tue Feb 10 12:58:09 2026 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) smtp.mailfrom=edk2-devel-bounces@lists.01.org Return-Path: Received: from ml01.01.org (ml01.01.org [198.145.21.10]) by mx.zohomail.com with SMTPS id 1512551888920223.04775351889555; Wed, 6 Dec 2017 01:18:08 -0800 (PST) Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id B8D812217CE39; Wed, 6 Dec 2017 01:13:34 -0800 (PST) Received: from mga01.intel.com (mga01.intel.com [192.55.52.88]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id F2E332217CE2F for ; Wed, 6 Dec 2017 01:13:32 -0800 (PST) Received: from fmsmga005.fm.intel.com ([10.253.24.32]) by fmsmga101.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 06 Dec 2017 01:18:04 -0800 Received: from shwdeopenpsi068.ccr.corp.intel.com ([10.239.158.46]) by fmsmga005.fm.intel.com with ESMTP; 06 Dec 2017 01:18:03 -0800 X-Original-To: edk2-devel@lists.01.org Received-SPF: none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) client-ip=198.145.21.10; envelope-from=edk2-devel-bounces@lists.01.org; helo=ml01.01.org; Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=192.55.52.88; helo=mga01.intel.com; envelope-from=star.zeng@intel.com; receiver=edk2-devel@lists.01.org X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.45,367,1508828400"; d="scan'208";a="184138488" From: Star Zeng To: edk2-devel@lists.01.org Date: Wed, 6 Dec 2017 17:17:59 +0800 Message-Id: <1512551879-14388-3-git-send-email-star.zeng@intel.com> X-Mailer: git-send-email 2.7.0.windows.1 In-Reply-To: <1512551879-14388-1-git-send-email-star.zeng@intel.com> References: <1512551879-14388-1-git-send-email-star.zeng@intel.com> Subject: [edk2] [PATCH 2/2] MdeModulePkg PiSmmIpl: Handle CommSize OPTIONAL case X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Jiewen Yao , Liming Gao , Star Zeng MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" X-ZohoMail: RSF_4 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" Handle CommSize OPTIONAL case for SmmCommunicate. And return EFI_ACCESS_DENIED when CommunicationBuffer is not valid for SMM to access. Cc: Jiewen Yao Cc: Liming Gao Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Star Zeng --- MdeModulePkg/Core/PiSmmCore/PiSmmCore.c | 2 +- MdeModulePkg/Core/PiSmmCore/PiSmmIpl.c | 61 +++++++++++++++++++++--------= ---- 2 files changed, 40 insertions(+), 23 deletions(-) diff --git a/MdeModulePkg/Core/PiSmmCore/PiSmmCore.c b/MdeModulePkg/Core/Pi= SmmCore/PiSmmCore.c index a7467aca2012..4c1e3e719524 100644 --- a/MdeModulePkg/Core/PiSmmCore/PiSmmCore.c +++ b/MdeModulePkg/Core/PiSmmCore/PiSmmCore.c @@ -544,7 +544,7 @@ SmmEntryPoint ( // return EFI_INVALID_PARAMETER // gSmmCorePrivate->CommunicationBuffer =3D NULL; - gSmmCorePrivate->ReturnStatus =3D EFI_INVALID_PARAMETER; + gSmmCorePrivate->ReturnStatus =3D EFI_ACCESS_DENIED; } else { CommunicateHeader =3D (EFI_SMM_COMMUNICATE_HEADER *)CommunicationB= uffer; BufferSize -=3D OFFSET_OF (EFI_SMM_COMMUNICATE_HEADER, Data); diff --git a/MdeModulePkg/Core/PiSmmCore/PiSmmIpl.c b/MdeModulePkg/Core/PiS= mmCore/PiSmmIpl.c index 2601275ab85f..31d2c9e45e1f 100644 --- a/MdeModulePkg/Core/PiSmmCore/PiSmmIpl.c +++ b/MdeModulePkg/Core/PiSmmCore/PiSmmIpl.c @@ -440,37 +440,55 @@ SmmBase2GetSmstLocation ( after SetVirtualAddressMap(). =20 @param[in] This The EFI_SMM_COMMUNICATION_PROTOCOL instan= ce. - @param[in, out] CommBuffer A pointer to the buffer to convey in= to SMRAM. - @param[in, out] CommSize The size of the data buffer being pa= ssed in.On exit, the size of data + @param[in, out] CommBuffer A pointer to the buffer to convey into SM= RAM. + @param[in, out] CommSize The size of the data buffer being passed = in. On exit, the size of data being returned. Zero if the handler does = not wish to reply with any data. + This parameter is optional and may be NUL= L. =20 @retval EFI_SUCCESS The message was successfully posted. @retval EFI_INVALID_PARAMETER The CommBuffer was NULL. + @retval EFI_BAD_BUFFER_SIZE The buffer is too large for the MM implem= entation. + If this error is returned, the MessageLen= gth field + in the CommBuffer header or the integer p= ointed by + CommSize, are updated to reflect the maxi= mum payload + size the implementation can accommodate. + @retval EFI_ACCESS_DENIED The CommunicateBuffer parameter or CommSi= ze parameter, + if not omitted, are in address range that= cannot be + accessed by the MM environment. + **/ EFI_STATUS EFIAPI SmmCommunicationCommunicate ( IN CONST EFI_SMM_COMMUNICATION_PROTOCOL *This, IN OUT VOID *CommBuffer, - IN OUT UINTN *CommSize + IN OUT UINTN *CommSize OPTIONAL ) { EFI_STATUS Status; EFI_SMM_COMMUNICATE_HEADER *CommunicateHeader; BOOLEAN OldInSmm; + UINTN TempCommSize; =20 // // Check parameters // - if ((CommBuffer =3D=3D NULL) || (CommSize =3D=3D NULL)) { + if (CommBuffer =3D=3D NULL) { return EFI_INVALID_PARAMETER; } =20 - // - // CommSize must hold HeaderGuid and MessageLength - // - if (*CommSize < OFFSET_OF (EFI_SMM_COMMUNICATE_HEADER, Data)) { - return EFI_INVALID_PARAMETER; + CommunicateHeader =3D (EFI_SMM_COMMUNICATE_HEADER *) CommBuffer; + + if (CommSize =3D=3D NULL) { + TempCommSize =3D OFFSET_OF (EFI_SMM_COMMUNICATE_HEADER, Data) + Commun= icateHeader->MessageLength; + } else { + TempCommSize =3D *CommSize; + // + // CommSize must hold HeaderGuid and MessageLength + // + if (TempCommSize < OFFSET_OF (EFI_SMM_COMMUNICATE_HEADER, Data)) { + return EFI_INVALID_PARAMETER; + } } =20 // @@ -481,7 +499,7 @@ SmmCommunicationCommunicate ( // Put arguments for Software SMI in gSmmCorePrivate // gSmmCorePrivate->CommunicationBuffer =3D CommBuffer; - gSmmCorePrivate->BufferSize =3D *CommSize; + gSmmCorePrivate->BufferSize =3D TempCommSize; =20 // // Generate Software SMI @@ -494,15 +512,17 @@ SmmCommunicationCommunicate ( // // Return status from software SMI=20 // - *CommSize =3D gSmmCorePrivate->BufferSize; + if (CommSize !=3D NULL) { + *CommSize =3D gSmmCorePrivate->BufferSize; + } return gSmmCorePrivate->ReturnStatus; } =20 // // If we are in SMM, then the execution mode must be physical, which mea= ns that // OS established virtual addresses can not be used. If SetVirtualAddre= ssMap() - // has been called, then a direct invocation of the Software SMI is not=20 - // not allowed so return EFI_INVALID_PARAMETER. + // has been called, then a direct invocation of the Software SMI is not = allowed, + // so return EFI_INVALID_PARAMETER. // if (EfiGoneVirtual()) { return EFI_INVALID_PARAMETER; @@ -524,20 +544,17 @@ SmmCommunicationCommunicate ( // // Before SetVirtualAddressMap(), we are in SMM or SMRAM is open and unl= ocked, call SmiManage() directly. // - CommunicateHeader =3D (EFI_SMM_COMMUNICATE_HEADER *)CommBuffer; - *CommSize -=3D OFFSET_OF (EFI_SMM_COMMUNICATE_HEADER, Data); + TempCommSize -=3D OFFSET_OF (EFI_SMM_COMMUNICATE_HEADER, Data); Status =3D gSmmCorePrivate->Smst->SmiManage ( &CommunicateHeader->HeaderGuid,=20 NULL,=20 CommunicateHeader->Data,=20 - CommSize + &TempCommSize ); - - // - // Update CommunicationBuffer, BufferSize and ReturnStatus - // Communicate service finished, reset the pointer to CommBuffer to NULL - // - *CommSize +=3D OFFSET_OF (EFI_SMM_COMMUNICATE_HEADER, Data); + TempCommSize +=3D OFFSET_OF (EFI_SMM_COMMUNICATE_HEADER, Data); + if (CommSize !=3D NULL) { + *CommSize =3D TempCommSize; + } =20 // // Restore original InSmm state --=20 2.7.0.windows.1 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel