From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from us-smtp-1.mimecast.com (us-smtp-1.mimecast.com [207.211.31.120]) by mx.groups.io with SMTP id smtpd.web11.15820.1594228400489765919 for ; Wed, 08 Jul 2020 10:13:20 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=XFUtxabQ; spf=pass (domain: redhat.com, ip: 207.211.31.120, mailfrom: lersek@redhat.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1594228399; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=nJKA2kym4lVV/DTYA+Rmcdpkvi5pmraUCR5T8R7Idgk=; b=XFUtxabQkPUgg6u4BXl/Eqg9oJi2tuy2cf4ciw2Iek+Ou6GX0EU5HIsX0xLjMcDWZpFTkP YaFBxCPS927zcgA0WKuwr7bxUArCYrrxqVa8Ily4t7Mf6cLjqcW09PrCPGygAJxnhsiSFB fQHc96WDRARqIan2hRdhTI07qUK1YXw= Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-219-LiWh8x14OVaHA0GewnWL6g-1; Wed, 08 Jul 2020 13:13:06 -0400 X-MC-Unique: LiWh8x14OVaHA0GewnWL6g-1 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 01862800401; Wed, 8 Jul 2020 17:13:05 +0000 (UTC) Received: from lacos-laptop-7.usersys.redhat.com (ovpn-112-73.ams2.redhat.com [10.36.112.73]) by smtp.corp.redhat.com (Postfix) with ESMTP id CC5AA100239A; Wed, 8 Jul 2020 17:13:02 +0000 (UTC) Subject: Re: [edk2-devel] [PATCH v4 2/9] MdeModulePkg/PeiCore: Enable T-RAM evacuation in PeiCore (CVE-2019-11098) To: devel@edk2.groups.io, guomin.jiang@intel.com Cc: Michael Kubacki , Jian J Wang , Hao A Wu , Dandan Bi , Liming Gao , Debkumar De , Harry Han , Catharine West References: <20200708081059.691-1-guomin.jiang@intel.com> <20200708081059.691-3-guomin.jiang@intel.com> From: "Laszlo Ersek" Message-ID: <0558be59-abf9-5ad4-5439-f55b41758ef7@redhat.com> Date: Wed, 8 Jul 2020 19:13:01 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0 Thunderbird/52.9.1 MIME-Version: 1.0 In-Reply-To: <20200708081059.691-3-guomin.jiang@intel.com> X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=lersek@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Language: en-US Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit Hi Guomin, On 07/08/20 10:10, Guomin Jiang wrote: [...] > 7. Add PcdMigrateTemporaryRamFirmwareVolumes to control if enable the > feature or not. when the PCD disable, the EvacuateTempRam() will > never be called. > > The function control flow as below: > PeiCore() > DumpPpiList() > EvacuateTempRam() > ConvertPeiCorePpiPointers() > ConvertPpiPointersFv() > MigratePeimsInFv() > MigratePeim() > PeiGetPe32Data() > LoadAndRelocatePeCoffImageInPlace() > MigrateSecModulesInFv() > ConvertPpiPointersFv() > ConvertStatusCodeCallbacks() > ConvertFvHob() > RemoveFvHobsInTemporaryMemory() > DumpPpiList() [...] > diff --git a/MdeModulePkg/Core/Pei/PeiMain/PeiMain.c b/MdeModulePkg/Core/Pei/PeiMain/PeiMain.c > index cca57c4c0686..7be6e9f3b06c 100644 > --- a/MdeModulePkg/Core/Pei/PeiMain/PeiMain.c > +++ b/MdeModulePkg/Core/Pei/PeiMain/PeiMain.c > @@ -176,6 +176,7 @@ PeiCore ( > EFI_HOB_HANDOFF_INFO_TABLE *HandoffInformationTable; > EFI_PEI_TEMPORARY_RAM_DONE_PPI *TemporaryRamDonePpi; > UINTN Index; > + BOOLEAN Shadow; > > // > // Retrieve context passed into PEI Core > @@ -418,6 +419,27 @@ PeiCore ( > ProcessPpiListFromSec ((CONST EFI_PEI_SERVICES **) &PrivateData.Ps, PpiList); > } > } else { > + if (PcdGetBool (PcdMigrateTemporaryRamFirmwareVolumes)) { > + if (PrivateData.HobList.HandoffInformationTable->BootMode == BOOT_ON_S3_RESUME) { > + Shadow = PcdGetBool (PcdShadowPeimOnS3Boot); > + } else { > + Shadow = PcdGetBool (PcdShadowPeimOnBoot); > + } > + } > + > + if (Shadow) { > + DEBUG ((DEBUG_VERBOSE, "PPI lists before temporary RAM evacuation:\n")); > + DumpPpiList (&PrivateData); > + > + // > + // Migrate installed content from Temporary RAM to Permanent RAM > + // > + EvacuateTempRam (&PrivateData, SecCoreData); > + > + DEBUG ((DEBUG_VERBOSE, "PPI lists after temporary RAM evacuation:\n")); > + DumpPpiList (&PrivateData); > + } > + > // > // Try to locate Temporary RAM Done Ppi. > // [...] this is almost good, from my perspective, but you forgot to initialize Shadow to FALSE. That's a problem because, if PcdMigrateTemporaryRamFirmwareVolumes is FALSE, then Shadow is never assigned (it will have an indeterminate value). In my review here: https://edk2.groups.io/g/devel/message/62029 I inculded Shadow = FALSE; too. Please include this assignment either at the top of the function, or just before you fetch "PcdMigrateTemporaryRamFirmwareVolumes". Thanks! Laszlo