From: "Michael Brown" <mcb30@ipxe.org>
To: devel@edk2.groups.io, kraxel@redhat.com, gaoliming@byosoft.com.cn
Cc: dougflick@microsoft.com, 'Ard Biesheuvel' <ardb@kernel.org>
Subject: Re: 回复: [edk2-devel] [PATCH v3 00/20] NetworkPkg: CVE-2023-45236 and CVE-2023-45237
Date: Thu, 30 May 2024 10:08:26 +0000 [thread overview]
Message-ID: <0102018fc8f8e7c3-2d45d61e-42bd-4b1a-9071-74ee563f303a-000000@eu-west-1.amazonses.com> (raw)
In-Reply-To: <yndv5xxelcgv5knjgwiiwjbxmc4mi4oev6hqkuzsqbyabfwazb@tcehor4i3ddw>
On 30/05/2024 10:31, Gerd Hoffmann wrote:
> On Thu, May 30, 2024 at 01:07:45PM GMT, gaoliming via groups.io wrote:
>> If ASSERT trigs the exception, could call stack show each caller?
>
> Turned out to be ipxe, apparently it has a exit-boot-services handler
> which triggers all this.
iPXE shouldn't be triggering any protocol installations in response to
ExitBootServices.
We used to make a good-faith effort to clean up gracefully by
uninstalling protocols. This ended up exposing so many bugs in EDK2 and
third-party UEFI code (where the uninstallation paths seem to almost
never be tested) that we eventually gave up. As of commit
https://github.com/ipxe/ipxe/commit/6769a7c3c, we now deliberately leak
resources once ExitBootServices has been triggered by skipping the
cleanup calls to UninstallMultipleProtocolInterfaces etc.
Do you have any more details of the behaviour that you're observing?
Thanks,
Michael
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#119386): https://edk2.groups.io/g/devel/message/119386
Mute This Topic: https://groups.io/mt/106383321/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-
next prev parent reply other threads:[~2024-05-30 10:08 UTC|newest]
Thread overview: 37+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-05-24 5:44 [edk2-devel] [PATCH v3 00/20] NetworkPkg: CVE-2023-45236 and CVE-2023-45237 Doug Flick via groups.io
2024-05-24 5:44 ` [edk2-devel] [PATCH v3 01/20] EmulatorPkg: : Add RngDxe to EmulatorPkg Doug Flick via groups.io
2024-05-24 5:44 ` [edk2-devel] [PATCH v3 02/20] EmulatorPkg: : Add Hash2DxeCrypto " Doug Flick via groups.io
2024-05-24 5:44 ` [edk2-devel] [PATCH v3 03/20] OvmfPkg:PlatformCI: Support virtio-rng-pci Doug Flick via groups.io
2024-05-24 5:44 ` [edk2-devel] [PATCH v3 04/20] OvmfPkg: : Add Hash2DxeCrypto to OvmfPkg Doug Flick via groups.io
2024-05-24 5:44 ` [edk2-devel] [PATCH v3 05/20] ArmVirtPkg:PlatformCI: Support virtio-rng-pci Doug Flick via groups.io
2024-05-24 5:44 ` [edk2-devel] [PATCH v3 06/20] ArmVirtPkg: : Add Hash2DxeCrypto to ArmVirtPkg Doug Flick via groups.io
2024-05-24 5:44 ` [edk2-devel] [PATCH v3 07/20] SecurityPkg: RngDxe: Remove incorrect limitation on GetRng Doug Flick via groups.io
2024-05-24 5:53 ` Yao, Jiewen
2024-05-24 5:45 ` [edk2-devel] [PATCH v3 08/20] NetworkPkg:: SECURITY PATCH CVE-2023-45237 Doug Flick via groups.io
2024-05-24 5:45 ` [edk2-devel] [PATCH v3 09/20] NetworkPkg: TcpDxe: SECURITY PATCH CVE-2023-45236 Doug Flick via groups.io
2024-05-24 5:45 ` [edk2-devel] [PATCH v3 10/20] MdePkg: : Add MockUefiBootServicesTableLib Doug Flick via groups.io
2024-05-24 5:45 ` [edk2-devel] [PATCH v3 11/20] MdePkg: : Adds Protocol for MockRng Doug Flick via groups.io
2024-05-24 5:45 ` [edk2-devel] [PATCH v3 12/20] MdePkg: Add MockHash2 Protocol for testing Doug Flick via groups.io
2024-05-24 5:45 ` [edk2-devel] [PATCH v3 13/20] NetworkPkg: Update the PxeBcDhcp6GoogleTest due to underlying changes Doug Flick via groups.io
2024-05-24 5:45 ` [edk2-devel] [PATCH v3 14/20] ArmPkg: Allow SMC/HVC monitor conduit to be specified at runtime Doug Flick via groups.io
2024-05-24 5:45 ` [edk2-devel] [PATCH v3 15/20] ArmVirtPkg: Move PcdMonitorConduitHvc Doug Flick via groups.io
2024-05-24 5:45 ` [edk2-devel] [PATCH v3 16/20] MdePkg/BaseRngLib AARCH64: Remove overzealous ASSERT() Doug Flick via groups.io
2024-05-24 6:47 ` 回复: " gaoliming via groups.io
2024-05-24 5:45 ` [edk2-devel] [PATCH v3 17/20] ArmVirtPkg/ArmVirtQemu: Permit the use of dynamic PCDs in PEI Doug Flick via groups.io
2024-05-24 5:45 ` [edk2-devel] [PATCH v3 18/20] ArmVirtPkg: Use dynamic PCD to set the SMCCC conduit Doug Flick via groups.io
2024-05-24 7:01 ` 回复: [edk2-devel] [PATCH v3 00/20] NetworkPkg: CVE-2023-45236 and CVE-2023-45237 gaoliming via groups.io
2024-05-24 7:07 ` Ard Biesheuvel
2024-05-24 9:12 ` 回复: " gaoliming via groups.io
2024-05-24 9:41 ` Ard Biesheuvel
2024-05-24 11:48 ` Gerd Hoffmann
2024-05-24 14:51 ` 回复: " gaoliming via groups.io
2024-05-24 16:50 ` [edk2-devel] " Doug Flick via groups.io
2024-05-25 4:33 ` 回复: " gaoliming via groups.io
[not found] ` <17D27450B424AC2B.30215@groups.io>
2024-05-24 16:00 ` gaoliming via groups.io
2024-05-29 13:09 ` Gerd Hoffmann
2024-05-30 5:07 ` 回复: " gaoliming via groups.io
2024-05-30 9:31 ` Gerd Hoffmann
2024-05-30 10:08 ` Michael Brown [this message]
2024-05-30 10:33 ` Gerd Hoffmann
2024-05-30 10:49 ` Michael Brown
2024-05-30 11:48 ` Gerd Hoffmann
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=0102018fc8f8e7c3-2d45d61e-42bd-4b1a-9071-74ee563f303a-000000@eu-west-1.amazonses.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox