Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP4:GA
ovmf.28657
ovmf-bsc1196741-MdeModulePkg-PiSmmCore-Cache-Co...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File ovmf-bsc1196741-MdeModulePkg-PiSmmCore-Cache-CommunicationBuffer-inf.patch of Package ovmf.28657
From eaae7b33b1cf6b9f21db1636f219c2b6a8d88afd Mon Sep 17 00:00:00 2001 From: Jeff Fan <jeff.fan@intel.com> Date: Fri, 18 Nov 2016 10:46:43 +0800 Subject: [PATCH] MdeModulePkg/PiSmmCore: Cache CommunicationBuffer info before using it gSmmCorePrivate->CommunicationBuffer and gSmmCorePrivate->BufferSize locate at runtime memory region. That means they could be modified by non-SMM code during runtime. We should cache them into SMM local variables before we verify them. After verification, we should use the cached ones directly instead of the ones in gSmmCorePrivate. Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Feng Tian <feng.tian@intel.com> Cc: Michael D Kinney <michael.d.kinney@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jeff Fan <jeff.fan@intel.com> --- MdeModulePkg/Core/PiSmmCore/PiSmmCore.c | 20 ++++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-) Index: ovmf-2015+git1462940744.321151f/MdeModulePkg/Core/PiSmmCore/PiSmmCore.c =================================================================== --- ovmf-2015+git1462940744.321151f.orig/MdeModulePkg/Core/PiSmmCore/PiSmmCore.c +++ ovmf-2015+git1462940744.321151f/MdeModulePkg/Core/PiSmmCore/PiSmmCore.c @@ -430,6 +430,8 @@ SmmEntryPoint ( EFI_SMM_COMMUNICATE_HEADER *CommunicateHeader; BOOLEAN InLegacyBoot; BOOLEAN IsOverlapped; + VOID *CommunicationBuffer; + UINTN BufferSize; PERF_START (NULL, "SMM", NULL, 0) ; @@ -461,17 +463,19 @@ SmmEntryPoint ( // Check to see if this is a Synchronous SMI sent through the SMM Communication // Protocol or an Asynchronous SMI // - if (gSmmCorePrivate->CommunicationBuffer != NULL) { + CommunicationBuffer = gSmmCorePrivate->CommunicationBuffer; + BufferSize = gSmmCorePrivate->BufferSize; + if (CommunicationBuffer != NULL) { // // Synchronous SMI for SMM Core or request from Communicate protocol // IsOverlapped = InternalIsBufferOverlapped ( - (UINT8 *) gSmmCorePrivate->CommunicationBuffer, - gSmmCorePrivate->BufferSize, + (UINT8 *) CommunicationBuffer, + BufferSize, (UINT8 *) gSmmCorePrivate, sizeof (*gSmmCorePrivate) ); - if (!SmmIsBufferOutsideSmmValid ((UINTN)gSmmCorePrivate->CommunicationBuffer, gSmmCorePrivate->BufferSize) || IsOverlapped) { + if (!SmmIsBufferOutsideSmmValid ((UINTN)CommunicationBuffer, BufferSize) || IsOverlapped) { // // If CommunicationBuffer is not in valid address scope, // or there is overlap between gSmmCorePrivate and CommunicationBuffer, @@ -480,19 +484,19 @@ SmmEntryPoint ( gSmmCorePrivate->CommunicationBuffer = NULL; gSmmCorePrivate->ReturnStatus = EFI_INVALID_PARAMETER; } else { - CommunicateHeader = (EFI_SMM_COMMUNICATE_HEADER *)gSmmCorePrivate->CommunicationBuffer; - gSmmCorePrivate->BufferSize -= OFFSET_OF (EFI_SMM_COMMUNICATE_HEADER, Data); + CommunicateHeader = (EFI_SMM_COMMUNICATE_HEADER *)CommunicationBuffer; + BufferSize -= OFFSET_OF (EFI_SMM_COMMUNICATE_HEADER, Data); Status = SmiManage ( &CommunicateHeader->HeaderGuid, NULL, CommunicateHeader->Data, - &gSmmCorePrivate->BufferSize + &BufferSize ); // // Update CommunicationBuffer, BufferSize and ReturnStatus // Communicate service finished, reset the pointer to CommBuffer to NULL // - gSmmCorePrivate->BufferSize += OFFSET_OF (EFI_SMM_COMMUNICATE_HEADER, Data); + gSmmCorePrivate->BufferSize = BufferSize + OFFSET_OF (EFI_SMM_COMMUNICATE_HEADER, Data); gSmmCorePrivate->CommunicationBuffer = NULL; gSmmCorePrivate->ReturnStatus = (Status == EFI_SUCCESS) ? EFI_SUCCESS : EFI_NOT_FOUND; }
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
