From nobody Fri Mar 29 05:13:30 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zoho.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+43646+1787277+3901457@groups.io ARC-Seal: i=1; a=rsa-sha256; t=1562914455; cv=none; d=zoho.com; s=zohoarc; b=WivxRxpWUquCQKViAcNlAOretIdXMQw43ZwfORJylGBwwQUMmlnSb516iwN6+ohWnOnHQMeQjyABmBXcEUeBHk3x7a2yaGbaipGoviy7p/wClNGM+yxcHE2caBiX9xiXBGs6/FtfHpeRADdGacC3Fz3LTZCnLuNc/A1nsL8eeJQ= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1562914455; h=Content-Type:Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To:ARC-Authentication-Results; bh=3fuWeEa/vMF/wYa9sb30gDtg780w5a9zz+kdYGDAORk=; b=e6cSOYIiPv8Dq4uCaWxIQyfFaQ2yydYwLwHYPUuTtV/Zj44d/0be+GrwShRV7ep6ZXJ4IrCa3res+L65oUVb+3M8R1qJ14wVy2Xnvs2mT49UPXlkUyJntoUA5V3/UDZJW0Uad46e22XaMcSUeOYOEIFSXeHc60sZPcZq5Kz7+cs= ARC-Authentication-Results: i=1; mx.zoho.com; dkim=pass; spf=pass (zoho.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+43646+1787277+3901457@groups.io Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1562914455930710.9056241667889; Thu, 11 Jul 2019 23:54:15 -0700 (PDT) Return-Path: X-Received: from EUR04-VI1-obe.outbound.protection.outlook.com (EUR04-VI1-obe.outbound.protection.outlook.com [40.107.8.78]) by groups.io with SMTP; Thu, 11 Jul 2019 23:54:15 -0700 X-Received: from VI1PR0802CA0041.eurprd08.prod.outlook.com (2603:10a6:800:a9::27) by VI1PR0802MB2605.eurprd08.prod.outlook.com (2603:10a6:800:b0::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2052.19; Fri, 12 Jul 2019 06:54:11 +0000 X-Received: from DB5EUR03FT029.eop-EUR03.prod.protection.outlook.com (2a01:111:f400:7e0a::207) by VI1PR0802CA0041.outlook.office365.com (2603:10a6:800:a9::27) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.2073.10 via Frontend Transport; Fri, 12 Jul 2019 06:54:11 +0000 Received-SPF: pass (zoho.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+43646+1787277+3901457@groups.io; helo=web01.groups.io; Received-SPF: TempError (protection.outlook.com: error in processing during lookup of arm.com: DNS Timeout) X-Received: from nebula.arm.com (40.67.248.234) by DB5EUR03FT029.mail.protection.outlook.com (10.152.20.131) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256) id 15.20.2052.18 via Frontend Transport; Fri, 12 Jul 2019 06:54:10 +0000 X-Received: from AZ-NEU-EX03.Arm.com (10.251.24.31) by AZ-NEU-EX04.Arm.com (10.251.24.32) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1415.2; Fri, 12 Jul 2019 06:53:20 +0000 X-Received: from E119924.Arm.com (10.37.8.167) by mail.arm.com (10.251.24.31) with Microsoft SMTP Server id 15.1.1415.2 via Frontend Transport; Fri, 12 Jul 2019 06:53:19 +0000 From: "Krzysztof Koch" To: CC: , , , , , Subject: [edk2-devel] [PATCH v1 06/11] ShellPkg: acpiview: SRAT: Add error-checking in the parsing logic Date: Fri, 12 Jul 2019 07:52:38 +0100 Message-ID: <20190712065243.3812-7-krzysztof.koch@arm.com> In-Reply-To: <20190712065243.3812-1-krzysztof.koch@arm.com> References: <20190712065243.3812-1-krzysztof.koch@arm.com> MIME-Version: 1.0 X-EOPAttributedMessage: 0 X-MS-Office365-Filtering-HT: Tenant X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 5abbb643-a4fc-4e46-ac03-08d70695bdcc X-MS-TrafficTypeDiagnostic: VI1PR0802MB2605: X-MS-Exchange-PUrlCount: 1 X-Microsoft-Antispam-PRVS: NoDisclaimer: True X-MS-Oob-TLC-OOBClassifiers: OLM:4125; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam-Message-Info: kLHu5uG23wzB979VfqttVVQwZNA1zQzbLWN9Ipao1mg1VZJV8PqfdWuRS9DnECnxKQvmmdVOxRwm7v4zsxXJKrGJCXAVEz7NEl17pzqbK93EU4A+2yTd0yALIOgG1wh0h/ddyAEcQ4yNwIMg2WfgauHjIJHecSTH47UUDolnLg0csk0V9zz6jaVLdEuW/eoofbEpNxCkB2rd2RikD0uQfXwhtBLwFTX7kUb12aH2Sp7GOPcMfujgXwvUrBWcANLNIvpubnBE8DXa61qQQHmggHVFlJB766OSUN0T5tnH+V7qq1R+R9KYj6xM/kB6eD29Lx+CFEzd6Q9MWNJHFo6dnjbjMwNRG0inHmTTBNckSfTfC0zrZKWvfdiSOI3ssCVDdrajcya2M3pNMDjoiy2xd0RvCTkckxxK5k7t02CTuoU= X-OriginatorOrg: arm.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 12 Jul 2019 06:54:10.0295 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 5abbb643-a4fc-4e46-ac03-08d70695bdcc X-MS-Exchange-CrossTenant-Id: f34e5979-57d9-4aaa-ad4d-b122a662184d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=f34e5979-57d9-4aaa-ad4d-b122a662184d;Ip=[40.67.248.234];Helo=[nebula.arm.com] X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR0802MB2605 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,krzysztof.koch@arm.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1562914455; bh=mqMFKovAUp2UH4XuTmngFaShfPCbiakPujk6bHsLMk8=; h=CC:Content-Type:Date:From:Reply-To:Subject:To; b=YyuUDHOZ25EY1zPi0eSOohVKgwiljnmWRtiwmYVOekHMzKHfm+WYl5apQ5lpxmzXD8p lWyEaYrx9r0WYKTY8GUEnXqlWTx5W4YNDYSp+1buhNLR6RdlWsxYHsT3AlMUwsTRu/7z8 FKNnhFe4a7MHFiLRHxiZUvcIL4xO/c+4Gmk= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" 1. Check if the global pointers (in the scope of this ACPI table parser) have been successfully updated before they are later used to control the parsing logic. 2. Give forward progress guarantee when parsing the SRAT table. Report an error if a SRAT structure is too small to be valid. Without this check, there is a possibility for the parser to enter an ifninite loop. 3. Test against buffer overruns. 4. Remove redundant forward function declarations by repositioning blocks of code. 5. Allow silencing ACPI table content validation errors which do not cause table parsing to fail. Signed-off-by: Krzysztof Koch Reviewed-by: Alexei Fedorov --- Changes can be seen at: https://github.com/KrzysztofKoch1/edk2/commit/d46d6= 82d28654b1c6263be2f4fd961c35e80e5cb Notes: v1: - improve the logic in the SRAT parser [Krzysztof] ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Srat/SratParser.c | 1= 13 +++++++++++--------- 1 file changed, 63 insertions(+), 50 deletions(-) diff --git a/ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Srat/Srat= Parser.c b/ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Srat/SratPa= rser.c index 075ff2a141a82b522e8aaedb7ad79249aaf5eaac..a12aceb70d273a628387b724378= 19dc05ad7301e 100644 --- a/ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Srat/SratParser.c +++ b/ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Srat/SratParser.c @@ -1,7 +1,7 @@ /** @file SRAT table parser =20 - Copyright (c) 2016 - 2018, ARM Limited. All rights reserved. + Copyright (c) 2016 - 2019, ARM Limited. All rights reserved. SPDX-License-Identifier: BSD-2-Clause-Patent =20 @par Reference(s): @@ -13,6 +13,7 @@ #include #include "AcpiParser.h" #include "AcpiTableParser.h" +#include "AcpiView.h" =20 // Local Variables STATIC CONST UINT8* SratRAType; @@ -32,7 +33,13 @@ EFIAPI ValidateSratReserved ( IN UINT8* Ptr, IN VOID* Context - ); + ) +{ + if (*(UINT32*)Ptr !=3D 1) { + IncrementErrorCount (); + Print (L"\nERROR: Reserved should be 1 for backward compatibility.\n"); + } +} =20 /** This function traces the APIC Proximity Domain field. @@ -44,9 +51,16 @@ STATIC VOID EFIAPI DumpSratApicProximity ( - IN CONST CHAR16* Format, - IN UINT8* Ptr - ); + IN CONST CHAR16* Format, + IN UINT8* Ptr + ) +{ + UINT32 ProximityDomain; + + ProximityDomain =3D Ptr[0] | (Ptr[1] << 8) | (Ptr[2] << 16); + + Print (Format, ProximityDomain); +} =20 /** An ACPI_PARSER array describing the SRAT Table. @@ -139,47 +153,6 @@ STATIC CONST ACPI_PARSER SratX2ApciAffinityParser[] = =3D { {L"Reserved", 4, 20, L"0x%x", NULL, NULL, NULL, NULL} }; =20 -/** This function validates the Reserved field in the SRAT table header. - - @param [in] Ptr Pointer to the start of the field data. - @param [in] Context Pointer to context specific information e.g. this - could be a pointer to the ACPI table header. -**/ -STATIC -VOID -EFIAPI -ValidateSratReserved ( - IN UINT8* Ptr, - IN VOID* Context - ) -{ - if (*(UINT32*)Ptr !=3D 1) { - IncrementErrorCount (); - Print (L"\nERROR: Reserved should be 1 for backward compatibility.\n"); - } -} - -/** - This function traces the APIC Proximity Domain field. - - @param [in] Format Format string for tracing the data. - @param [in] Ptr Pointer to the start of the buffer. -**/ -STATIC -VOID -EFIAPI -DumpSratApicProximity ( - IN CONST CHAR16* Format, - IN UINT8* Ptr - ) -{ - UINT32 ProximityDomain; - - ProximityDomain =3D Ptr[0] | (Ptr[1] << 8) | (Ptr[2] << 16); - - Print (Format, ProximityDomain); -} - /** This function parses the ACPI SRAT table. When trace is enabled this function parses the SRAT table and @@ -234,6 +207,7 @@ ParseAcpiSrat ( AcpiTableLength, PARSER_PARAMS (SratParser) ); + ResourcePtr =3D Ptr + Offset; =20 while (Offset < AcpiTableLength) { @@ -242,10 +216,47 @@ ParseAcpiSrat ( 0, NULL, ResourcePtr, - 2, // The length is 1 byte at offset 1 + AcpiTableLength - Offset, PARSER_PARAMS (SratResourceAllocationParser) ); =20 + // Check if the values used to control the parsing logic have been + // successfully read. + if ((SratRAType =3D=3D NULL) || + (SratRALength =3D=3D NULL)) { + IncrementErrorCount (); + Print ( + L"ERROR: Insufficient remaining table buffer length to read the " \ + L"Static Resource Allocation structure header. Length =3D %d.\n", + AcpiTableLength - Offset + ); + return; + } + + // Make sure forward progress is made. + if (*SratRALength < 2) { + IncrementErrorCount (); + Print ( + L"ERROR: Structure length is too small: SratRALength =3D %d. " \ + L"SratRAType =3D %d. SRAT parsing aborted.\n", + *SratRALength, + *SratRAType + ); + return; + } + + // Make sure the SRAT structure lies inside the table + if ((Offset + *SratRALength) > AcpiTableLength) { + IncrementErrorCount (); + Print ( + L"ERROR: Invalid SRAT structure length. SratRALength =3D %d. " \ + L"RemainingTableBufferLength =3D %d. SRAT parsing aborted.\n", + *SratRALength, + AcpiTableLength - Offset + ); + return; + } + switch (*SratRAType) { case EFI_ACPI_6_2_GICC_AFFINITY: AsciiSPrint ( @@ -278,7 +289,7 @@ ParseAcpiSrat ( ResourcePtr, *SratRALength, PARSER_PARAMS (SratGicITSAffinityParser) - ); + ); break; =20 case EFI_ACPI_6_2_MEMORY_AFFINITY: @@ -333,8 +344,10 @@ ParseAcpiSrat ( break; =20 default: - IncrementErrorCount (); - Print (L"ERROR: Unknown SRAT Affinity type =3D 0x%x\n", *SratRATyp= e); + if (GetConsistencyChecking ()) { + IncrementErrorCount (); + Print (L"ERROR: Unknown SRAT Affinity type =3D 0x%x\n", *SratRAT= ype); + } break; } =20 -- 'Guid(CE165669-3EF3-493F-B85D-6190EE5B9759)' -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#43646): https://edk2.groups.io/g/devel/message/43646 Mute This Topic: https://groups.io/mt/32439509/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-