From nobody Fri Mar 29 10:49:21 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+80509+1787277+3901457@groups.io; arc=fail (BodyHash is different from the expected one) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1631309679477161.69164645755063; Fri, 10 Sep 2021 14:34:39 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id ABOoYY1788612xxWJS3BBgCh; Fri, 10 Sep 2021 14:34:39 -0700 X-Received: from NAM12-DM6-obe.outbound.protection.outlook.com (NAM12-DM6-obe.outbound.protection.outlook.com [40.107.243.89]) by mx.groups.io with SMTP id smtpd.web12.149.1631309678054552421 for ; Fri, 10 Sep 2021 14:34:38 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=TeO+VQdOapEnZrngEBRzC7Q4mKvxroGfR5BSvJtVuisYzFZcgb4Y7fXPjPgn0HHeimWOehP1xGaBrM4CaI0XM5G+kvPWj1Temt2LEOBlAnJ2/AfAG7yX1WrjuOse78xfINO4vXMWdn+2T/TEqI/XqoFAwCSfE2Euqvlv799rqxYJbggW3iuJFSbeY54EWLsXoWqLIMiovmck4o6lr2iPAlRBgN/L2FbEZx/ir9kJbor26nZwBJbWmzSEe8dhVwCOQh/UewtwM8vvJvMJo6hwS1wLfUbhkg5/dnfY5bAmj4T+SKUHr6TYo8g6AWNv5OGl0QaHRfjVgMcpmQcu+d3u4Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=uv7j8ZINRWRlseSBFQ5cJXOx+nuzmHQwXdnTXrtHVQA=; b=G6RLDYcvOK+OT5+ne34IDaLj8PwxVfAKVCAAhzu8CkesDXZ5KBLsGm5Y3SQYj9eWVtviHWhzUXi8GKMZmShqeu3AH3OrUh+QY3ZE4ZsLa+KjpYyVmsjZOppjk0Hs5pV7VP/ZipgpybrXHtjDjKtltkkmnN0pSH1isXkRxFy8FSb9T5VZJcaYWFbWp9ZHytT8fTYH4tnGaQCX/OAtOu3fPZoHTaflP33R6TcKsHckoRttgWdDRKFUUwjMRlXDievFu3Y3XYCG8aR5NTOM/G4EmDLqiZNEjn4+9rFLqDDC8zvE7dkNpC9AszQ4PRzCatB05KwmLuSOXZJrxDNRam1Org== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 216.228.112.34) smtp.rcpttodomain=edk2.groups.io smtp.mailfrom=nvidia.com; dmarc=pass (p=quarantine sp=none pct=100) action=none header.from=nvidia.com; dkim=none (message not signed); arc=none X-Received: from DS7PR03CA0289.namprd03.prod.outlook.com (2603:10b6:5:3ad::24) by SA0PR12MB4511.namprd12.prod.outlook.com (2603:10b6:806:95::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4500.14; Fri, 10 Sep 2021 21:34:36 +0000 X-Received: from DM6NAM11FT005.eop-nam11.prod.protection.outlook.com (2603:10b6:5:3ad:cafe::7c) by DS7PR03CA0289.outlook.office365.com (2603:10b6:5:3ad::24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4500.16 via Frontend Transport; Fri, 10 Sep 2021 21:34:36 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 216.228.112.34) smtp.mailfrom=nvidia.com; edk2.groups.io; dkim=none (message not signed) header.d=none;edk2.groups.io; dmarc=pass action=none header.from=nvidia.com; Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+80509+1787277+3901457@groups.io; helo=mail02.groups.io; Received-SPF: Pass (protection.outlook.com: domain of nvidia.com designates 216.228.112.34 as permitted sender) receiver=protection.outlook.com; client-ip=216.228.112.34; helo=mail.nvidia.com; X-Received: from mail.nvidia.com (216.228.112.34) by DM6NAM11FT005.mail.protection.outlook.com (10.13.172.238) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.4500.14 via Frontend Transport; Fri, 10 Sep 2021 21:34:36 +0000 X-Received: from HQMAIL105.nvidia.com (172.20.187.12) by HQMAIL107.nvidia.com (172.20.187.13) with Microsoft SMTP Server (TLS) id 15.0.1497.18; Fri, 10 Sep 2021 21:34:35 +0000 X-Received: from HQMAIL111.nvidia.com (172.20.187.18) by HQMAIL105.nvidia.com (172.20.187.12) with Microsoft SMTP Server (TLS) id 15.0.1497.18; Fri, 10 Sep 2021 21:34:35 +0000 X-Received: from localhost.localdomain (172.20.187.6) by mail.nvidia.com (172.20.187.18) with Microsoft SMTP Server id 15.0.1497.18 via Frontend Transport; Fri, 10 Sep 2021 21:34:35 +0000 From: "Bob Morgan via groups.io" To: CC: Bob Morgan , Jiewen Yao , "Jian J Wang" , Xiaoyu Lu , Guomin Jiang Subject: [edk2-devel] [PATCH v2] CryptoPkg/BaseCryptLib: Eliminate extra buffer copy in Pkcs7Verify() Date: Fri, 10 Sep 2021 15:34:14 -0600 Message-ID: <5bfd69a9e8b78847c5dd55fe3be0d5f629486649.1631309581.git.bobm@nvidia.com> X-NVConfidentiality: public MIME-Version: 1.0 X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: a6de87b4-4fec-404f-b9dd-08d974a2c99c X-MS-TrafficTypeDiagnostic: SA0PR12MB4511: X-Microsoft-Antispam-PRVS: X-MS-Exchange-Transport-Forked: True X-MS-Oob-TLC-OOBClassifiers: OLM:6790; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam-Message-Info: sEkbwA/PI4r2b0RcaPkxgXy1vKTWgoIow6oxOJtLwvoS3O1LpmYMjS/gRANKVWwmSkFieizPil7UCCWIgdf8xOT6ZA07yDhaHoYk68ymPTgBa79hEH+qcQYRJb+GuCdu83KGd5j1R5pwdQtoLCV9DlmgZuXjXz9vYxSEw6nOhQL9dWc6TNLpH/3N2F/LUIk/Q+nv5cVfWES6iTKrPK2GfMmjEvKUEIcJ01WUGImkyMDfHbVZJsgUkplGbiL8jyWT6lq6WXBoTmWa86gBO1gOvO9QtHU+31JfizWm4SyLY0C74k7r9qf96LQPqI3wNtI9T2V8ioyPC7gV0vAvtJE4he2zsKif5SBk68Vt1BDP644+oUMIWcJBon3RJ1AyXhIKktJXbwmjmg9WIOHcvqSanSZzbXy0XMRLK+ppf7K9sESfiZlx2FN9N9m5mohp+5qrZk5SqctRZKQ46Jt47sWDJlC7hP0eSgdfHeMPQfRO2Dn2RvpWZbTSORNPOgcJTmeEEiG/jVcX8DOXDGayNSixmqyC8CK+n/iM6CGRZ/oAG9apQVRSO8B7x0fqzuPwtrfjlGshcLOyXAMknC5Ho4YuFsWOa+bDVvaqL+nPEj3oZ22uBUBkFkEwyDj+vHFSgdIVB1CaYXJ1SpVFopNk9eoGpTJUzEe3fWzhx/ye5T/IpOQdchByOP9VCJ5NsVrIYJNrKA9wY4zQUpnckEkyqRafUHKS34vCBf6YMp9gokkTAjAVx6cDKBWJg1ss/F0cM50N/gROgrV4BKR0IJJyRINW2VLViGxKQ4CY96tud0t4aPE= X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 10 Sep 2021 21:34:36.4632 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: a6de87b4-4fec-404f-b9dd-08d974a2c99c X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=43083d15-7273-40c1-b7db-39efd9ccc17a;Ip=[216.228.112.34];Helo=[mail.nvidia.com] X-MS-Exchange-CrossTenant-AuthSource: DM6NAM11FT005.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA0PR12MB4511 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,bobm@nvidia.com X-Gm-Message-State: gtqrhL5CYKfZXHQ6H0Rc2SXIx1787277AA= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1631309679; bh=5N+eXH5JOdvgVv8/wuuTG5ryR/U5gPHufl+ow0FzDpg=; h=CC:Content-Type:Date:From:Reply-To:Subject:To; b=eGypePL+V18zMNte1Unr/gZMzKEgeKrLPSkPykb1VGvfxGXMpEOCEOfFDsI29xHK4og Oi+h7/DCp9dAwj7haliw4n4wrmjc+nmSdvlGPbFqMqhZfdFSg8kzCt9XKmffOdottQ2/h GYzUqrH26+q8+tAI25UU6ZrSmsqr0894mA8= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1631309680330100002 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3617 Create a read-only openSSL BIO wrapper for the existing input buffer passed to Pkcs7Verify() instead of copying the buffer into an empty writable BIO which causes memory allocations within openSSL. Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang Signed-off-by: Bob Morgan Reviewed-by: Jiewen Yao --- CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyCommon.c | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyCommon.c b/C= ryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyCommon.c index d99597d181..8eda98f7b2 100644 --- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyCommon.c +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyCommon.c @@ -864,15 +864,11 @@ Pkcs7Verify ( // For generic PKCS#7 handling, InData may be NULL if the content is pre= sent // in PKCS#7 structure. So ignore NULL checking here. // - DataBio =3D BIO_new (BIO_s_mem ()); + DataBio =3D BIO_new_mem_buf (InData, (int) DataLength); if (DataBio =3D=3D NULL) { goto _Exit; } =20 - if (BIO_write (DataBio, InData, (int) DataLength) <=3D 0) { - goto _Exit; - } - // // Allow partial certificate chains, terminated by a non-self-signed but // still trusted intermediate certificate. Also disable time checks. --=20 2.17.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#80509): https://edk2.groups.io/g/devel/message/80509 Mute This Topic: https://groups.io/mt/85520871/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-