public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed
* [PATCH v2 0/1] Refine casting expression result to bigger size
@ 2017-01-24  7:25 Hao Wu
  2017-01-24  7:25 ` [PATCH v2 1/1] MdePkg: " Hao Wu
  0 siblings, 1 reply; 7+ messages in thread
From: Hao Wu @ 2017-01-24  7:25 UTC (permalink / raw)
  To: edk2-devel
  Cc: Hao Wu, Michael Kinney, Liming Gao, Eric Dong, Laszlo Ersek,
	Ard Biesheuvel

Please note that this patch is maily for feedback collection and the patch
only covers MdePkg. We are working on patches for other packages.


V2:
Follow the below rules to refine codes:
1). When the expression will not overflow within the rank of "int", remove
the explicit type casts:
c = a + b;

2). When the expression is possible to overflow the range of unsigned int/
int:
c = (UINT64)a + b;

V1:
There are cases that the operands of an expression are all with rank less
than UINT64/INT64 and the result of the expression is casted to
UINT64/INT64 to fit the target size.

An example will be:
UINT32 a,b;
// a and b can be any unsigned int type with rank less than UINT64, like
// UINT8, UINT16, etc.
UINT64 c;
c = (UINT64) (a + b);

Some static code checkers may warn that the expression result might
overflow within the rank of int (integer promotions) and the result is
then cast to a bigger size.

For the consideration of generated binaries size, the commit will keep the
size of the operands as the size of int, and explitly add a type cast
before converting the result to UINT64/INT64.

1). When there is no operand with type UINTN
(UINTN)  (a + b) -> (UINTN)(UINT32)  (a + b) or
(UINT64) (a + b) -> (UINT64)(UINT32) (a + b)

2). Otherwise
(UINT64) (a + b) -> (UINT64)(UINTN)  (a + b)

Cc: Michael Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Eric Dong <eric.dong@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>

Hao Wu (1):
  MdePkg: Refine casting expression result to bigger size

 MdePkg/Library/BaseLib/String.c                              |  4 ++--
 MdePkg/Library/BasePeCoffLib/BasePeCoff.c                    | 12 +++++-------
 MdePkg/Library/BaseS3PciLib/S3PciLib.c                       |  4 ++--
 MdePkg/Library/SmmMemoryAllocationLib/MemoryAllocationLib.c  |  4 ++--
 MdePkg/Library/UefiMemoryAllocationLib/MemoryAllocationLib.c |  4 ++--
 5 files changed, 13 insertions(+), 15 deletions(-)

-- 
1.9.5.msysgit.0



^ permalink raw reply	[flat|nested] 7+ messages in thread

* [PATCH v2 1/1] MdePkg: Refine casting expression result to bigger size
  2017-01-24  7:25 [PATCH v2 0/1] Refine casting expression result to bigger size Hao Wu
@ 2017-01-24  7:25 ` Hao Wu
  2017-01-24  9:53   ` Laszlo Ersek
  0 siblings, 1 reply; 7+ messages in thread
From: Hao Wu @ 2017-01-24  7:25 UTC (permalink / raw)
  To: edk2-devel; +Cc: Hao Wu

There are cases that the operands of an expression are all with rank less
than UINT64/INT64 and the result of the expression is explicitly casted to
UINT64/INT64 to fit the target size.

An example will be:
UINT32 a,b;
// a and b can be any unsigned int type with rank less than UINT64, like
// UINT8, UINT16, etc.
UINT64 c;
c = (UINT64) (a + b);

Some static code checkers may warn that the expression result might
overflow within the rank of "int" (integer promotions) and the result is
then cast to a bigger size.

The commit refines codes by the following rules:
1). When the expression will not overflow within the rank of "int", remove
the explicit type casts:
c = a + b;

2). When the expression is possible to overflow the range of unsigned int/
int:
c = (UINT64)a + b;

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
---
 MdePkg/Library/BaseLib/String.c                              |  4 ++--
 MdePkg/Library/BasePeCoffLib/BasePeCoff.c                    | 12 +++++-------
 MdePkg/Library/BaseS3PciLib/S3PciLib.c                       |  4 ++--
 MdePkg/Library/SmmMemoryAllocationLib/MemoryAllocationLib.c  |  4 ++--
 MdePkg/Library/UefiMemoryAllocationLib/MemoryAllocationLib.c |  4 ++--
 5 files changed, 13 insertions(+), 15 deletions(-)

diff --git a/MdePkg/Library/BaseLib/String.c b/MdePkg/Library/BaseLib/String.c
index e84bf50..4151e0e 100644
--- a/MdePkg/Library/BaseLib/String.c
+++ b/MdePkg/Library/BaseLib/String.c
@@ -586,7 +586,7 @@ InternalHexCharToUintn (
     return Char - L'0';
   }
 
-  return (UINTN) (10 + InternalCharToUpper (Char) - L'A');
+  return (10 + InternalCharToUpper (Char) - L'A');
 }
 
 /**
@@ -1211,7 +1211,7 @@ InternalAsciiHexCharToUintn (
     return Char - '0';
   }
 
-  return (UINTN) (10 + InternalBaseLibAsciiToUpper (Char) - 'A');
+  return (10 + InternalBaseLibAsciiToUpper (Char) - 'A');
 }
 
 
diff --git a/MdePkg/Library/BasePeCoffLib/BasePeCoff.c b/MdePkg/Library/BasePeCoffLib/BasePeCoff.c
index 33cad23..8d1daba 100644
--- a/MdePkg/Library/BasePeCoffLib/BasePeCoff.c
+++ b/MdePkg/Library/BasePeCoffLib/BasePeCoff.c
@@ -15,7 +15,7 @@
   PeCoffLoaderGetPeHeader() routine will do basic check for PE/COFF header.
   PeCoffLoaderGetImageInfo() routine will do basic check for whole PE/COFF image.
 
-  Copyright (c) 2006 - 2014, Intel Corporation. All rights reserved.<BR>
+  Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.<BR>
   Portions copyright (c) 2008 - 2009, Apple Inc. All rights reserved.<BR>
   This program and the accompanying materials
   are licensed and made available under the terms and conditions of the BSD License
@@ -703,12 +703,10 @@ PeCoffLoaderGetImageInfo (
       //
       DebugDirectoryEntryFileOffset = 0;
 
-      SectionHeaderOffset = (UINTN)(
-                               ImageContext->PeCoffHeaderOffset +
-                               sizeof (UINT32) +
-                               sizeof (EFI_IMAGE_FILE_HEADER) +
-                               Hdr.Pe32->FileHeader.SizeOfOptionalHeader
-                               );
+      SectionHeaderOffset = ImageContext->PeCoffHeaderOffset +
+                            sizeof (UINT32) +
+                            sizeof (EFI_IMAGE_FILE_HEADER) +
+                            Hdr.Pe32->FileHeader.SizeOfOptionalHeader;
 
       for (Index = 0; Index < Hdr.Pe32->FileHeader.NumberOfSections; Index++) {
         //
diff --git a/MdePkg/Library/BaseS3PciLib/S3PciLib.c b/MdePkg/Library/BaseS3PciLib/S3PciLib.c
index e29f7fe..27342b0 100644
--- a/MdePkg/Library/BaseS3PciLib/S3PciLib.c
+++ b/MdePkg/Library/BaseS3PciLib/S3PciLib.c
@@ -3,7 +3,7 @@
   the PCI operations to be replayed during an S3 resume. This library class
   maps directly on top of the PciLib class. 
 
-  Copyright (c) 2006 - 2012, Intel Corporation. All rights reserved.<BR>
+  Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.<BR>
 
   This program and the accompanying materials
   are licensed and made available under the terms and conditions
@@ -25,7 +25,7 @@
 #include <Library/S3PciLib.h>
 
 #define PCILIB_TO_COMMON_ADDRESS(Address) \
-        ((UINT64) ((((UINTN) ((Address>>20) & 0xff)) << 24) + (((UINTN) ((Address>>15) & 0x1f)) << 16) + (((UINTN) ((Address>>12) & 0x07)) << 8) + ((UINTN) (Address & 0xfff ))))
+        ((((UINTN) ((Address>>20) & 0xff)) << 24) + (((UINTN) ((Address>>15) & 0x1f)) << 16) + (((UINTN) ((Address>>12) & 0x07)) << 8) + ((UINTN) (Address & 0xfff )))
 
 /**
   Saves a PCI configuration value to the boot script.
diff --git a/MdePkg/Library/SmmMemoryAllocationLib/MemoryAllocationLib.c b/MdePkg/Library/SmmMemoryAllocationLib/MemoryAllocationLib.c
index 937165a..592cced 100644
--- a/MdePkg/Library/SmmMemoryAllocationLib/MemoryAllocationLib.c
+++ b/MdePkg/Library/SmmMemoryAllocationLib/MemoryAllocationLib.c
@@ -12,7 +12,7 @@
   allocation for the Reserved memory types are not supported and will always 
   return NULL.
 
-  Copyright (c) 2006 - 2015, Intel Corporation. All rights reserved.<BR>
+  Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.<BR>
   This program and the accompanying materials                          
   are licensed and made available under the terms and conditions of the BSD License         
   which accompanies this distribution.  The full text of the license may be found at        
@@ -343,7 +343,7 @@ InternalAllocateAlignedPages (
       Status = gSmst->SmmFreePages (Memory, UnalignedPages);
       ASSERT_EFI_ERROR (Status);
     }
-    Memory         = (EFI_PHYSICAL_ADDRESS) (AlignedMemory + EFI_PAGES_TO_SIZE (Pages));
+    Memory         = AlignedMemory + EFI_PAGES_TO_SIZE (Pages);
     UnalignedPages = RealPages - Pages - UnalignedPages;
     if (UnalignedPages > 0) {
       //
diff --git a/MdePkg/Library/UefiMemoryAllocationLib/MemoryAllocationLib.c b/MdePkg/Library/UefiMemoryAllocationLib/MemoryAllocationLib.c
index 3da5e211..3bd3aef 100644
--- a/MdePkg/Library/UefiMemoryAllocationLib/MemoryAllocationLib.c
+++ b/MdePkg/Library/UefiMemoryAllocationLib/MemoryAllocationLib.c
@@ -2,7 +2,7 @@
   Support routines for memory allocation routines based 
   on boot services for Dxe phase drivers.
 
-  Copyright (c) 2006 - 2015, Intel Corporation. All rights reserved.<BR>
+  Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.<BR>
   This program and the accompanying materials                          
   are licensed and made available under the terms and conditions of the BSD License         
   which accompanies this distribution.  The full text of the license may be found at        
@@ -216,7 +216,7 @@ InternalAllocateAlignedPages (
       Status = gBS->FreePages (Memory, UnalignedPages);
       ASSERT_EFI_ERROR (Status);
     }
-    Memory         = (EFI_PHYSICAL_ADDRESS) (AlignedMemory + EFI_PAGES_TO_SIZE (Pages));
+    Memory         = AlignedMemory + EFI_PAGES_TO_SIZE (Pages);
     UnalignedPages = RealPages - Pages - UnalignedPages;
     if (UnalignedPages > 0) {
       //
-- 
1.9.5.msysgit.0



^ permalink raw reply related	[flat|nested] 7+ messages in thread

* Re: [PATCH v2 1/1] MdePkg: Refine casting expression result to bigger size
  2017-01-24  7:25 ` [PATCH v2 1/1] MdePkg: " Hao Wu
@ 2017-01-24  9:53   ` Laszlo Ersek
  2017-01-25  0:25     ` Wu, Hao A
  0 siblings, 1 reply; 7+ messages in thread
From: Laszlo Ersek @ 2017-01-24  9:53 UTC (permalink / raw)
  To: Hao Wu; +Cc: edk2-devel

On 01/24/17 08:25, Hao Wu wrote:
> There are cases that the operands of an expression are all with rank less
> than UINT64/INT64 and the result of the expression is explicitly casted to
> UINT64/INT64 to fit the target size.
> 
> An example will be:
> UINT32 a,b;
> // a and b can be any unsigned int type with rank less than UINT64, like
> // UINT8, UINT16, etc.
> UINT64 c;
> c = (UINT64) (a + b);
> 
> Some static code checkers may warn that the expression result might
> overflow within the rank of "int" (integer promotions) and the result is
> then cast to a bigger size.
> 
> The commit refines codes by the following rules:
> 1). When the expression will not overflow within the rank of "int", remove
> the explicit type casts:
> c = a + b;
> 
> 2). When the expression is possible to overflow the range of unsigned int/
> int:
> c = (UINT64)a + b;
> 
> Contributed-under: TianoCore Contribution Agreement 1.0
> Signed-off-by: Hao Wu <hao.a.wu@intel.com>
> ---
>  MdePkg/Library/BaseLib/String.c                              |  4 ++--
>  MdePkg/Library/BasePeCoffLib/BasePeCoff.c                    | 12 +++++-------
>  MdePkg/Library/BaseS3PciLib/S3PciLib.c                       |  4 ++--
>  MdePkg/Library/SmmMemoryAllocationLib/MemoryAllocationLib.c  |  4 ++--
>  MdePkg/Library/UefiMemoryAllocationLib/MemoryAllocationLib.c |  4 ++--
>  5 files changed, 13 insertions(+), 15 deletions(-)
> 
> diff --git a/MdePkg/Library/BaseLib/String.c b/MdePkg/Library/BaseLib/String.c
> index e84bf50..4151e0e 100644
> --- a/MdePkg/Library/BaseLib/String.c
> +++ b/MdePkg/Library/BaseLib/String.c
> @@ -586,7 +586,7 @@ InternalHexCharToUintn (
>      return Char - L'0';
>    }
>  
> -  return (UINTN) (10 + InternalCharToUpper (Char) - L'A');
> +  return (10 + InternalCharToUpper (Char) - L'A');
>  }
>  
>  /**
> @@ -1211,7 +1211,7 @@ InternalAsciiHexCharToUintn (
>      return Char - '0';
>    }
>  
> -  return (UINTN) (10 + InternalBaseLibAsciiToUpper (Char) - 'A');
> +  return (10 + InternalBaseLibAsciiToUpper (Char) - 'A');
>  }
>  
>  
> diff --git a/MdePkg/Library/BasePeCoffLib/BasePeCoff.c b/MdePkg/Library/BasePeCoffLib/BasePeCoff.c
> index 33cad23..8d1daba 100644
> --- a/MdePkg/Library/BasePeCoffLib/BasePeCoff.c
> +++ b/MdePkg/Library/BasePeCoffLib/BasePeCoff.c
> @@ -15,7 +15,7 @@
>    PeCoffLoaderGetPeHeader() routine will do basic check for PE/COFF header.
>    PeCoffLoaderGetImageInfo() routine will do basic check for whole PE/COFF image.
>  
> -  Copyright (c) 2006 - 2014, Intel Corporation. All rights reserved.<BR>
> +  Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.<BR>
>    Portions copyright (c) 2008 - 2009, Apple Inc. All rights reserved.<BR>
>    This program and the accompanying materials
>    are licensed and made available under the terms and conditions of the BSD License
> @@ -703,12 +703,10 @@ PeCoffLoaderGetImageInfo (
>        //
>        DebugDirectoryEntryFileOffset = 0;
>  
> -      SectionHeaderOffset = (UINTN)(
> -                               ImageContext->PeCoffHeaderOffset +
> -                               sizeof (UINT32) +
> -                               sizeof (EFI_IMAGE_FILE_HEADER) +
> -                               Hdr.Pe32->FileHeader.SizeOfOptionalHeader
> -                               );
> +      SectionHeaderOffset = ImageContext->PeCoffHeaderOffset +
> +                            sizeof (UINT32) +
> +                            sizeof (EFI_IMAGE_FILE_HEADER) +
> +                            Hdr.Pe32->FileHeader.SizeOfOptionalHeader;
>  
>        for (Index = 0; Index < Hdr.Pe32->FileHeader.NumberOfSections; Index++) {
>          //
> diff --git a/MdePkg/Library/BaseS3PciLib/S3PciLib.c b/MdePkg/Library/BaseS3PciLib/S3PciLib.c
> index e29f7fe..27342b0 100644
> --- a/MdePkg/Library/BaseS3PciLib/S3PciLib.c
> +++ b/MdePkg/Library/BaseS3PciLib/S3PciLib.c
> @@ -3,7 +3,7 @@
>    the PCI operations to be replayed during an S3 resume. This library class
>    maps directly on top of the PciLib class. 
>  
> -  Copyright (c) 2006 - 2012, Intel Corporation. All rights reserved.<BR>
> +  Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.<BR>
>  
>    This program and the accompanying materials
>    are licensed and made available under the terms and conditions
> @@ -25,7 +25,7 @@
>  #include <Library/S3PciLib.h>
>  
>  #define PCILIB_TO_COMMON_ADDRESS(Address) \
> -        ((UINT64) ((((UINTN) ((Address>>20) & 0xff)) << 24) + (((UINTN) ((Address>>15) & 0x1f)) << 16) + (((UINTN) ((Address>>12) & 0x07)) << 8) + ((UINTN) (Address & 0xfff ))))
> +        ((((UINTN) ((Address>>20) & 0xff)) << 24) + (((UINTN) ((Address>>15) & 0x1f)) << 16) + (((UINTN) ((Address>>12) & 0x07)) << 8) + ((UINTN) (Address & 0xfff )))
>  
>  /**
>    Saves a PCI configuration value to the boot script.

I think this change is potentially unsafe, without auditing all uses of
PCILIB_TO_COMMON_ADDRESS(). In a 32-bit build, the type of the result
will no longer be UINT64 but UINT32, and that can cause problems in
several contexts. For example:

- as an operand to the sizeof operator
- when it's being relied upon to cause conversion to UINT64, for example
another (UINT32) operand could be added to it
- when it is passed through a variable argument list

It might be safe, but there's no way to tell without auditing all the
call sites. So let me see...

Apparently this macro is only passed to S3BootScriptSavePciCfgWrite() as
second argument, within the same file, and that argument is covered by
the function prototype explicitly, with type UINT64. So the change
should be safe.

(I see the same macro definition and kind of invocation in
"QuarkPlatformPkg/Acpi/DxeSmm/AcpiSmm/AcpiSmmPlatform.c"; I didn't try
to audit that file.)

The rest looks okay too.

Reviewed-by: Laszlo Ersek <lersek@redhat.com>

(If you go ahead and submit a 30-part series that does this kind of
fixup all over the tree, please don't expect me to review it all -- I'm
okay reviewing OvmfPkg and ArmVirtPkg changes, but I can't take on the
rest. This kind of patch cannot be reviewed without consulting a really
wide context.)

Thanks
Laszlo


> diff --git a/MdePkg/Library/SmmMemoryAllocationLib/MemoryAllocationLib.c b/MdePkg/Library/SmmMemoryAllocationLib/MemoryAllocationLib.c
> index 937165a..592cced 100644
> --- a/MdePkg/Library/SmmMemoryAllocationLib/MemoryAllocationLib.c
> +++ b/MdePkg/Library/SmmMemoryAllocationLib/MemoryAllocationLib.c
> @@ -12,7 +12,7 @@
>    allocation for the Reserved memory types are not supported and will always 
>    return NULL.
>  
> -  Copyright (c) 2006 - 2015, Intel Corporation. All rights reserved.<BR>
> +  Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.<BR>
>    This program and the accompanying materials                          
>    are licensed and made available under the terms and conditions of the BSD License         
>    which accompanies this distribution.  The full text of the license may be found at        
> @@ -343,7 +343,7 @@ InternalAllocateAlignedPages (
>        Status = gSmst->SmmFreePages (Memory, UnalignedPages);
>        ASSERT_EFI_ERROR (Status);
>      }
> -    Memory         = (EFI_PHYSICAL_ADDRESS) (AlignedMemory + EFI_PAGES_TO_SIZE (Pages));
> +    Memory         = AlignedMemory + EFI_PAGES_TO_SIZE (Pages);
>      UnalignedPages = RealPages - Pages - UnalignedPages;
>      if (UnalignedPages > 0) {
>        //
> diff --git a/MdePkg/Library/UefiMemoryAllocationLib/MemoryAllocationLib.c b/MdePkg/Library/UefiMemoryAllocationLib/MemoryAllocationLib.c
> index 3da5e211..3bd3aef 100644
> --- a/MdePkg/Library/UefiMemoryAllocationLib/MemoryAllocationLib.c
> +++ b/MdePkg/Library/UefiMemoryAllocationLib/MemoryAllocationLib.c
> @@ -2,7 +2,7 @@
>    Support routines for memory allocation routines based 
>    on boot services for Dxe phase drivers.
>  
> -  Copyright (c) 2006 - 2015, Intel Corporation. All rights reserved.<BR>
> +  Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.<BR>
>    This program and the accompanying materials                          
>    are licensed and made available under the terms and conditions of the BSD License         
>    which accompanies this distribution.  The full text of the license may be found at        
> @@ -216,7 +216,7 @@ InternalAllocateAlignedPages (
>        Status = gBS->FreePages (Memory, UnalignedPages);
>        ASSERT_EFI_ERROR (Status);
>      }
> -    Memory         = (EFI_PHYSICAL_ADDRESS) (AlignedMemory + EFI_PAGES_TO_SIZE (Pages));
> +    Memory         = AlignedMemory + EFI_PAGES_TO_SIZE (Pages);
>      UnalignedPages = RealPages - Pages - UnalignedPages;
>      if (UnalignedPages > 0) {
>        //
> 



^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [PATCH v2 1/1] MdePkg: Refine casting expression result to bigger size
  2017-01-24  9:53   ` Laszlo Ersek
@ 2017-01-25  0:25     ` Wu, Hao A
  2017-01-25  5:57       ` Gao, Liming
  0 siblings, 1 reply; 7+ messages in thread
From: Wu, Hao A @ 2017-01-25  0:25 UTC (permalink / raw)
  To: Laszlo Ersek; +Cc: edk2-devel@ml01.01.org

> -----Original Message-----
> From: Laszlo Ersek [mailto:lersek@redhat.com]
> Sent: Tuesday, January 24, 2017 5:54 PM
> To: Wu, Hao A
> Cc: edk2-devel@ml01.01.org
> Subject: Re: [edk2] [PATCH v2 1/1] MdePkg: Refine casting expression result to
> bigger size
> 
> On 01/24/17 08:25, Hao Wu wrote:
> > There are cases that the operands of an expression are all with rank less
> > than UINT64/INT64 and the result of the expression is explicitly casted to
> > UINT64/INT64 to fit the target size.
> >
> > An example will be:
> > UINT32 a,b;
> > // a and b can be any unsigned int type with rank less than UINT64, like
> > // UINT8, UINT16, etc.
> > UINT64 c;
> > c = (UINT64) (a + b);
> >
> > Some static code checkers may warn that the expression result might
> > overflow within the rank of "int" (integer promotions) and the result is
> > then cast to a bigger size.
> >
> > The commit refines codes by the following rules:
> > 1). When the expression will not overflow within the rank of "int", remove
> > the explicit type casts:
> > c = a + b;
> >
> > 2). When the expression is possible to overflow the range of unsigned int/
> > int:
> > c = (UINT64)a + b;
> >
> > Contributed-under: TianoCore Contribution Agreement 1.0
> > Signed-off-by: Hao Wu <hao.a.wu@intel.com>
> > ---
> >  MdePkg/Library/BaseLib/String.c                              |  4 ++--
> >  MdePkg/Library/BasePeCoffLib/BasePeCoff.c                    | 12 +++++-------
> >  MdePkg/Library/BaseS3PciLib/S3PciLib.c                       |  4 ++--
> >  MdePkg/Library/SmmMemoryAllocationLib/MemoryAllocationLib.c  |  4 ++--
> >  MdePkg/Library/UefiMemoryAllocationLib/MemoryAllocationLib.c |  4 ++--
> >  5 files changed, 13 insertions(+), 15 deletions(-)
> >
> > diff --git a/MdePkg/Library/BaseLib/String.c
> b/MdePkg/Library/BaseLib/String.c
> > index e84bf50..4151e0e 100644
> > --- a/MdePkg/Library/BaseLib/String.c
> > +++ b/MdePkg/Library/BaseLib/String.c
> > @@ -586,7 +586,7 @@ InternalHexCharToUintn (
> >      return Char - L'0';
> >    }
> >
> > -  return (UINTN) (10 + InternalCharToUpper (Char) - L'A');
> > +  return (10 + InternalCharToUpper (Char) - L'A');
> >  }
> >
> >  /**
> > @@ -1211,7 +1211,7 @@ InternalAsciiHexCharToUintn (
> >      return Char - '0';
> >    }
> >
> > -  return (UINTN) (10 + InternalBaseLibAsciiToUpper (Char) - 'A');
> > +  return (10 + InternalBaseLibAsciiToUpper (Char) - 'A');
> >  }
> >
> >
> > diff --git a/MdePkg/Library/BasePeCoffLib/BasePeCoff.c
> b/MdePkg/Library/BasePeCoffLib/BasePeCoff.c
> > index 33cad23..8d1daba 100644
> > --- a/MdePkg/Library/BasePeCoffLib/BasePeCoff.c
> > +++ b/MdePkg/Library/BasePeCoffLib/BasePeCoff.c
> > @@ -15,7 +15,7 @@
> >    PeCoffLoaderGetPeHeader() routine will do basic check for PE/COFF header.
> >    PeCoffLoaderGetImageInfo() routine will do basic check for whole PE/COFF
> image.
> >
> > -  Copyright (c) 2006 - 2014, Intel Corporation. All rights reserved.<BR>
> > +  Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.<BR>
> >    Portions copyright (c) 2008 - 2009, Apple Inc. All rights reserved.<BR>
> >    This program and the accompanying materials
> >    are licensed and made available under the terms and conditions of the BSD
> License
> > @@ -703,12 +703,10 @@ PeCoffLoaderGetImageInfo (
> >        //
> >        DebugDirectoryEntryFileOffset = 0;
> >
> > -      SectionHeaderOffset = (UINTN)(
> > -                               ImageContext->PeCoffHeaderOffset +
> > -                               sizeof (UINT32) +
> > -                               sizeof (EFI_IMAGE_FILE_HEADER) +
> > -                               Hdr.Pe32->FileHeader.SizeOfOptionalHeader
> > -                               );
> > +      SectionHeaderOffset = ImageContext->PeCoffHeaderOffset +
> > +                            sizeof (UINT32) +
> > +                            sizeof (EFI_IMAGE_FILE_HEADER) +
> > +                            Hdr.Pe32->FileHeader.SizeOfOptionalHeader;
> >
> >        for (Index = 0; Index < Hdr.Pe32->FileHeader.NumberOfSections; Index++)
> {
> >          //
> > diff --git a/MdePkg/Library/BaseS3PciLib/S3PciLib.c
> b/MdePkg/Library/BaseS3PciLib/S3PciLib.c
> > index e29f7fe..27342b0 100644
> > --- a/MdePkg/Library/BaseS3PciLib/S3PciLib.c
> > +++ b/MdePkg/Library/BaseS3PciLib/S3PciLib.c
> > @@ -3,7 +3,7 @@
> >    the PCI operations to be replayed during an S3 resume. This library class
> >    maps directly on top of the PciLib class.
> >
> > -  Copyright (c) 2006 - 2012, Intel Corporation. All rights reserved.<BR>
> > +  Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.<BR>
> >
> >    This program and the accompanying materials
> >    are licensed and made available under the terms and conditions
> > @@ -25,7 +25,7 @@
> >  #include <Library/S3PciLib.h>
> >
> >  #define PCILIB_TO_COMMON_ADDRESS(Address) \
> > -        ((UINT64) ((((UINTN) ((Address>>20) & 0xff)) << 24) + (((UINTN)
> ((Address>>15) & 0x1f)) << 16) + (((UINTN) ((Address>>12) & 0x07)) << 8) +
> ((UINTN) (Address & 0xfff ))))
> > +        ((((UINTN) ((Address>>20) & 0xff)) << 24) + (((UINTN) ((Address>>15) &
> 0x1f)) << 16) + (((UINTN) ((Address>>12) & 0x07)) << 8) + ((UINTN) (Address &
> 0xfff )))
> >
> >  /**
> >    Saves a PCI configuration value to the boot script.
> 
> I think this change is potentially unsafe, without auditing all uses of
> PCILIB_TO_COMMON_ADDRESS(). In a 32-bit build, the type of the result
> will no longer be UINT64 but UINT32, and that can cause problems in
> several contexts. For example:
> 
> - as an operand to the sizeof operator
> - when it's being relied upon to cause conversion to UINT64, for example
> another (UINT32) operand could be added to it
> - when it is passed through a variable argument list
> 
> It might be safe, but there's no way to tell without auditing all the
> call sites. So let me see...
> 
> Apparently this macro is only passed to S3BootScriptSavePciCfgWrite() as
> second argument, within the same file, and that argument is covered by
> the function prototype explicitly, with type UINT64. So the change
> should be safe.
> 

Thanks for the checking. I did search the whole edk2 repository for the
reference of "PCILIB_TO_COMMON_ADDRESS" and it is only comsumed by the
function you mentioned.

> (I see the same macro definition and kind of invocation in
> "QuarkPlatformPkg/Acpi/DxeSmm/AcpiSmm/AcpiSmmPlatform.c"; I didn't try
> to audit that file.)
> 
> The rest looks okay too.
> 
> Reviewed-by: Laszlo Ersek <lersek@redhat.com>
> 

Many thanks for the feedbacks and the effort for reviewing the patch.

> (If you go ahead and submit a 30-part series that does this kind of
> fixup all over the tree, please don't expect me to review it all -- I'm
> okay reviewing OvmfPkg and ArmVirtPkg changes, but I can't take on the
> rest. This kind of patch cannot be reviewed without consulting a really
> wide context.)
> 

I am thinking if the package level patch contains too many changes, I
might break it into multiple module-level patches and include module
owners/experts to help reviewing them.

Best Regards,
Hao Wu

> Thanks
> Laszlo
> 
> 
> > diff --git
> a/MdePkg/Library/SmmMemoryAllocationLib/MemoryAllocationLib.c
> b/MdePkg/Library/SmmMemoryAllocationLib/MemoryAllocationLib.c
> > index 937165a..592cced 100644
> > --- a/MdePkg/Library/SmmMemoryAllocationLib/MemoryAllocationLib.c
> > +++ b/MdePkg/Library/SmmMemoryAllocationLib/MemoryAllocationLib.c
> > @@ -12,7 +12,7 @@
> >    allocation for the Reserved memory types are not supported and will
> always
> >    return NULL.
> >
> > -  Copyright (c) 2006 - 2015, Intel Corporation. All rights reserved.<BR>
> > +  Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.<BR>
> >    This program and the accompanying materials
> >    are licensed and made available under the terms and conditions of the BSD
> License
> >    which accompanies this distribution.  The full text of the license may be
> found at
> > @@ -343,7 +343,7 @@ InternalAllocateAlignedPages (
> >        Status = gSmst->SmmFreePages (Memory, UnalignedPages);
> >        ASSERT_EFI_ERROR (Status);
> >      }
> > -    Memory         = (EFI_PHYSICAL_ADDRESS) (AlignedMemory +
> EFI_PAGES_TO_SIZE (Pages));
> > +    Memory         = AlignedMemory + EFI_PAGES_TO_SIZE (Pages);
> >      UnalignedPages = RealPages - Pages - UnalignedPages;
> >      if (UnalignedPages > 0) {
> >        //
> > diff --git a/MdePkg/Library/UefiMemoryAllocationLib/MemoryAllocationLib.c
> b/MdePkg/Library/UefiMemoryAllocationLib/MemoryAllocationLib.c
> > index 3da5e211..3bd3aef 100644
> > --- a/MdePkg/Library/UefiMemoryAllocationLib/MemoryAllocationLib.c
> > +++ b/MdePkg/Library/UefiMemoryAllocationLib/MemoryAllocationLib.c
> > @@ -2,7 +2,7 @@
> >    Support routines for memory allocation routines based
> >    on boot services for Dxe phase drivers.
> >
> > -  Copyright (c) 2006 - 2015, Intel Corporation. All rights reserved.<BR>
> > +  Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.<BR>
> >    This program and the accompanying materials
> >    are licensed and made available under the terms and conditions of the BSD
> License
> >    which accompanies this distribution.  The full text of the license may be
> found at
> > @@ -216,7 +216,7 @@ InternalAllocateAlignedPages (
> >        Status = gBS->FreePages (Memory, UnalignedPages);
> >        ASSERT_EFI_ERROR (Status);
> >      }
> > -    Memory         = (EFI_PHYSICAL_ADDRESS) (AlignedMemory +
> EFI_PAGES_TO_SIZE (Pages));
> > +    Memory         = AlignedMemory + EFI_PAGES_TO_SIZE (Pages);
> >      UnalignedPages = RealPages - Pages - UnalignedPages;
> >      if (UnalignedPages > 0) {
> >        //
> >



^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [PATCH v2 1/1] MdePkg: Refine casting expression result to bigger size
  2017-01-25  0:25     ` Wu, Hao A
@ 2017-01-25  5:57       ` Gao, Liming
  2017-01-25  6:16         ` Wu, Hao A
  0 siblings, 1 reply; 7+ messages in thread
From: Gao, Liming @ 2017-01-25  5:57 UTC (permalink / raw)
  To: Wu, Hao A, Laszlo Ersek; +Cc: edk2-devel@ml01.01.org

Hao:
  For PCILIB_TO_COMMON_ADDRESS, we can't assume its usage in the consumer code. There may be some usage in other projects. So, I suggest to provide the safe fix. 

Thanks
Liming
>-----Original Message-----
>From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Wu,
>Hao A
>Sent: Wednesday, January 25, 2017 8:26 AM
>To: Laszlo Ersek <lersek@redhat.com>
>Cc: edk2-devel@ml01.01.org
>Subject: Re: [edk2] [PATCH v2 1/1] MdePkg: Refine casting expression result
>to bigger size
>
>> -----Original Message-----
>> From: Laszlo Ersek [mailto:lersek@redhat.com]
>> Sent: Tuesday, January 24, 2017 5:54 PM
>> To: Wu, Hao A
>> Cc: edk2-devel@ml01.01.org
>> Subject: Re: [edk2] [PATCH v2 1/1] MdePkg: Refine casting expression result
>to
>> bigger size
>>
>> On 01/24/17 08:25, Hao Wu wrote:
>> > There are cases that the operands of an expression are all with rank less
>> > than UINT64/INT64 and the result of the expression is explicitly casted to
>> > UINT64/INT64 to fit the target size.
>> >
>> > An example will be:
>> > UINT32 a,b;
>> > // a and b can be any unsigned int type with rank less than UINT64, like
>> > // UINT8, UINT16, etc.
>> > UINT64 c;
>> > c = (UINT64) (a + b);
>> >
>> > Some static code checkers may warn that the expression result might
>> > overflow within the rank of "int" (integer promotions) and the result is
>> > then cast to a bigger size.
>> >
>> > The commit refines codes by the following rules:
>> > 1). When the expression will not overflow within the rank of "int", remove
>> > the explicit type casts:
>> > c = a + b;
>> >
>> > 2). When the expression is possible to overflow the range of unsigned int/
>> > int:
>> > c = (UINT64)a + b;
>> >
>> > Contributed-under: TianoCore Contribution Agreement 1.0
>> > Signed-off-by: Hao Wu <hao.a.wu@intel.com>
>> > ---
>> >  MdePkg/Library/BaseLib/String.c                              |  4 ++--
>> >  MdePkg/Library/BasePeCoffLib/BasePeCoff.c                    | 12 +++++-------
>> >  MdePkg/Library/BaseS3PciLib/S3PciLib.c                       |  4 ++--
>> >  MdePkg/Library/SmmMemoryAllocationLib/MemoryAllocationLib.c  |  4
>++--
>> >  MdePkg/Library/UefiMemoryAllocationLib/MemoryAllocationLib.c |  4
>++--
>> >  5 files changed, 13 insertions(+), 15 deletions(-)
>> >
>> > diff --git a/MdePkg/Library/BaseLib/String.c
>> b/MdePkg/Library/BaseLib/String.c
>> > index e84bf50..4151e0e 100644
>> > --- a/MdePkg/Library/BaseLib/String.c
>> > +++ b/MdePkg/Library/BaseLib/String.c
>> > @@ -586,7 +586,7 @@ InternalHexCharToUintn (
>> >      return Char - L'0';
>> >    }
>> >
>> > -  return (UINTN) (10 + InternalCharToUpper (Char) - L'A');
>> > +  return (10 + InternalCharToUpper (Char) - L'A');
>> >  }
>> >
>> >  /**
>> > @@ -1211,7 +1211,7 @@ InternalAsciiHexCharToUintn (
>> >      return Char - '0';
>> >    }
>> >
>> > -  return (UINTN) (10 + InternalBaseLibAsciiToUpper (Char) - 'A');
>> > +  return (10 + InternalBaseLibAsciiToUpper (Char) - 'A');
>> >  }
>> >
>> >
>> > diff --git a/MdePkg/Library/BasePeCoffLib/BasePeCoff.c
>> b/MdePkg/Library/BasePeCoffLib/BasePeCoff.c
>> > index 33cad23..8d1daba 100644
>> > --- a/MdePkg/Library/BasePeCoffLib/BasePeCoff.c
>> > +++ b/MdePkg/Library/BasePeCoffLib/BasePeCoff.c
>> > @@ -15,7 +15,7 @@
>> >    PeCoffLoaderGetPeHeader() routine will do basic check for PE/COFF
>header.
>> >    PeCoffLoaderGetImageInfo() routine will do basic check for whole
>PE/COFF
>> image.
>> >
>> > -  Copyright (c) 2006 - 2014, Intel Corporation. All rights reserved.<BR>
>> > +  Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.<BR>
>> >    Portions copyright (c) 2008 - 2009, Apple Inc. All rights reserved.<BR>
>> >    This program and the accompanying materials
>> >    are licensed and made available under the terms and conditions of the
>BSD
>> License
>> > @@ -703,12 +703,10 @@ PeCoffLoaderGetImageInfo (
>> >        //
>> >        DebugDirectoryEntryFileOffset = 0;
>> >
>> > -      SectionHeaderOffset = (UINTN)(
>> > -                               ImageContext->PeCoffHeaderOffset +
>> > -                               sizeof (UINT32) +
>> > -                               sizeof (EFI_IMAGE_FILE_HEADER) +
>> > -                               Hdr.Pe32->FileHeader.SizeOfOptionalHeader
>> > -                               );
>> > +      SectionHeaderOffset = ImageContext->PeCoffHeaderOffset +
>> > +                            sizeof (UINT32) +
>> > +                            sizeof (EFI_IMAGE_FILE_HEADER) +
>> > +                            Hdr.Pe32->FileHeader.SizeOfOptionalHeader;
>> >
>> >        for (Index = 0; Index < Hdr.Pe32->FileHeader.NumberOfSections;
>Index++)
>> {
>> >          //
>> > diff --git a/MdePkg/Library/BaseS3PciLib/S3PciLib.c
>> b/MdePkg/Library/BaseS3PciLib/S3PciLib.c
>> > index e29f7fe..27342b0 100644
>> > --- a/MdePkg/Library/BaseS3PciLib/S3PciLib.c
>> > +++ b/MdePkg/Library/BaseS3PciLib/S3PciLib.c
>> > @@ -3,7 +3,7 @@
>> >    the PCI operations to be replayed during an S3 resume. This library class
>> >    maps directly on top of the PciLib class.
>> >
>> > -  Copyright (c) 2006 - 2012, Intel Corporation. All rights reserved.<BR>
>> > +  Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.<BR>
>> >
>> >    This program and the accompanying materials
>> >    are licensed and made available under the terms and conditions
>> > @@ -25,7 +25,7 @@
>> >  #include <Library/S3PciLib.h>
>> >
>> >  #define PCILIB_TO_COMMON_ADDRESS(Address) \
>> > -        ((UINT64) ((((UINTN) ((Address>>20) & 0xff)) << 24) + (((UINTN)
>> ((Address>>15) & 0x1f)) << 16) + (((UINTN) ((Address>>12) & 0x07)) << 8) +
>> ((UINTN) (Address & 0xfff ))))
>> > +        ((((UINTN) ((Address>>20) & 0xff)) << 24) + (((UINTN)
>((Address>>15) &
>> 0x1f)) << 16) + (((UINTN) ((Address>>12) & 0x07)) << 8) + ((UINTN)
>(Address &
>> 0xfff )))
>> >
>> >  /**
>> >    Saves a PCI configuration value to the boot script.
>>
>> I think this change is potentially unsafe, without auditing all uses of
>> PCILIB_TO_COMMON_ADDRESS(). In a 32-bit build, the type of the result
>> will no longer be UINT64 but UINT32, and that can cause problems in
>> several contexts. For example:
>>
>> - as an operand to the sizeof operator
>> - when it's being relied upon to cause conversion to UINT64, for example
>> another (UINT32) operand could be added to it
>> - when it is passed through a variable argument list
>>
>> It might be safe, but there's no way to tell without auditing all the
>> call sites. So let me see...
>>
>> Apparently this macro is only passed to S3BootScriptSavePciCfgWrite() as
>> second argument, within the same file, and that argument is covered by
>> the function prototype explicitly, with type UINT64. So the change
>> should be safe.
>>
>
>Thanks for the checking. I did search the whole edk2 repository for the
>reference of "PCILIB_TO_COMMON_ADDRESS" and it is only comsumed by
>the
>function you mentioned.
>
>> (I see the same macro definition and kind of invocation in
>> "QuarkPlatformPkg/Acpi/DxeSmm/AcpiSmm/AcpiSmmPlatform.c"; I didn't
>try
>> to audit that file.)
>>
>> The rest looks okay too.
>>
>> Reviewed-by: Laszlo Ersek <lersek@redhat.com>
>>
>
>Many thanks for the feedbacks and the effort for reviewing the patch.
>
>> (If you go ahead and submit a 30-part series that does this kind of
>> fixup all over the tree, please don't expect me to review it all -- I'm
>> okay reviewing OvmfPkg and ArmVirtPkg changes, but I can't take on the
>> rest. This kind of patch cannot be reviewed without consulting a really
>> wide context.)
>>
>
>I am thinking if the package level patch contains too many changes, I
>might break it into multiple module-level patches and include module
>owners/experts to help reviewing them.
>
>Best Regards,
>Hao Wu
>
>> Thanks
>> Laszlo
>>
>>
>> > diff --git
>> a/MdePkg/Library/SmmMemoryAllocationLib/MemoryAllocationLib.c
>> b/MdePkg/Library/SmmMemoryAllocationLib/MemoryAllocationLib.c
>> > index 937165a..592cced 100644
>> > --- a/MdePkg/Library/SmmMemoryAllocationLib/MemoryAllocationLib.c
>> > +++ b/MdePkg/Library/SmmMemoryAllocationLib/MemoryAllocationLib.c
>> > @@ -12,7 +12,7 @@
>> >    allocation for the Reserved memory types are not supported and will
>> always
>> >    return NULL.
>> >
>> > -  Copyright (c) 2006 - 2015, Intel Corporation. All rights reserved.<BR>
>> > +  Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.<BR>
>> >    This program and the accompanying materials
>> >    are licensed and made available under the terms and conditions of the
>BSD
>> License
>> >    which accompanies this distribution.  The full text of the license may be
>> found at
>> > @@ -343,7 +343,7 @@ InternalAllocateAlignedPages (
>> >        Status = gSmst->SmmFreePages (Memory, UnalignedPages);
>> >        ASSERT_EFI_ERROR (Status);
>> >      }
>> > -    Memory         = (EFI_PHYSICAL_ADDRESS) (AlignedMemory +
>> EFI_PAGES_TO_SIZE (Pages));
>> > +    Memory         = AlignedMemory + EFI_PAGES_TO_SIZE (Pages);
>> >      UnalignedPages = RealPages - Pages - UnalignedPages;
>> >      if (UnalignedPages > 0) {
>> >        //
>> > diff --git
>a/MdePkg/Library/UefiMemoryAllocationLib/MemoryAllocationLib.c
>> b/MdePkg/Library/UefiMemoryAllocationLib/MemoryAllocationLib.c
>> > index 3da5e211..3bd3aef 100644
>> > --- a/MdePkg/Library/UefiMemoryAllocationLib/MemoryAllocationLib.c
>> > +++ b/MdePkg/Library/UefiMemoryAllocationLib/MemoryAllocationLib.c
>> > @@ -2,7 +2,7 @@
>> >    Support routines for memory allocation routines based
>> >    on boot services for Dxe phase drivers.
>> >
>> > -  Copyright (c) 2006 - 2015, Intel Corporation. All rights reserved.<BR>
>> > +  Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.<BR>
>> >    This program and the accompanying materials
>> >    are licensed and made available under the terms and conditions of the
>BSD
>> License
>> >    which accompanies this distribution.  The full text of the license may be
>> found at
>> > @@ -216,7 +216,7 @@ InternalAllocateAlignedPages (
>> >        Status = gBS->FreePages (Memory, UnalignedPages);
>> >        ASSERT_EFI_ERROR (Status);
>> >      }
>> > -    Memory         = (EFI_PHYSICAL_ADDRESS) (AlignedMemory +
>> EFI_PAGES_TO_SIZE (Pages));
>> > +    Memory         = AlignedMemory + EFI_PAGES_TO_SIZE (Pages);
>> >      UnalignedPages = RealPages - Pages - UnalignedPages;
>> >      if (UnalignedPages > 0) {
>> >        //
>> >
>
>_______________________________________________
>edk2-devel mailing list
>edk2-devel@lists.01.org
>https://lists.01.org/mailman/listinfo/edk2-devel


^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [PATCH v2 1/1] MdePkg: Refine casting expression result to bigger size
  2017-01-25  5:57       ` Gao, Liming
@ 2017-01-25  6:16         ` Wu, Hao A
  2017-01-25  6:19           ` Gao, Liming
  0 siblings, 1 reply; 7+ messages in thread
From: Wu, Hao A @ 2017-01-25  6:16 UTC (permalink / raw)
  To: Gao, Liming; +Cc: edk2-devel@ml01.01.org

> -----Original Message-----
> From: Gao, Liming
> Sent: Wednesday, January 25, 2017 1:58 PM
> To: Wu, Hao A; Laszlo Ersek
> Cc: edk2-devel@ml01.01.org
> Subject: RE: [edk2] [PATCH v2 1/1] MdePkg: Refine casting expression result to
> bigger size
> 
> Hao:
>   For PCILIB_TO_COMMON_ADDRESS, we can't assume its usage in the
> consumer code. There may be some usage in other projects. So, I suggest to
> provide the safe fix.
> 

Hi Liming,

The definition "PCILIB_TO_COMMON_ADDRESS" is defined in
MdePkg/Library/BaseS3PciLib/S3PciLib.c. It will not be consumed outside.

Best Regards,
Hao Wu

> Thanks
> Liming
> >-----Original Message-----
> >From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Wu,
> >Hao A
> >Sent: Wednesday, January 25, 2017 8:26 AM
> >To: Laszlo Ersek <lersek@redhat.com>
> >Cc: edk2-devel@ml01.01.org
> >Subject: Re: [edk2] [PATCH v2 1/1] MdePkg: Refine casting expression result
> >to bigger size
> >
> >> -----Original Message-----
> >> From: Laszlo Ersek [mailto:lersek@redhat.com]
> >> Sent: Tuesday, January 24, 2017 5:54 PM
> >> To: Wu, Hao A
> >> Cc: edk2-devel@ml01.01.org
> >> Subject: Re: [edk2] [PATCH v2 1/1] MdePkg: Refine casting expression result
> >to
> >> bigger size
> >>
> >> On 01/24/17 08:25, Hao Wu wrote:
> >> > There are cases that the operands of an expression are all with rank less
> >> > than UINT64/INT64 and the result of the expression is explicitly casted to
> >> > UINT64/INT64 to fit the target size.
> >> >
> >> > An example will be:
> >> > UINT32 a,b;
> >> > // a and b can be any unsigned int type with rank less than UINT64, like
> >> > // UINT8, UINT16, etc.
> >> > UINT64 c;
> >> > c = (UINT64) (a + b);
> >> >
> >> > Some static code checkers may warn that the expression result might
> >> > overflow within the rank of "int" (integer promotions) and the result is
> >> > then cast to a bigger size.
> >> >
> >> > The commit refines codes by the following rules:
> >> > 1). When the expression will not overflow within the rank of "int", remove
> >> > the explicit type casts:
> >> > c = a + b;
> >> >
> >> > 2). When the expression is possible to overflow the range of unsigned int/
> >> > int:
> >> > c = (UINT64)a + b;
> >> >
> >> > Contributed-under: TianoCore Contribution Agreement 1.0
> >> > Signed-off-by: Hao Wu <hao.a.wu@intel.com>
> >> > ---
> >> >  MdePkg/Library/BaseLib/String.c                              |  4 ++--
> >> >  MdePkg/Library/BasePeCoffLib/BasePeCoff.c                    | 12 +++++-------
> >> >  MdePkg/Library/BaseS3PciLib/S3PciLib.c                       |  4 ++--
> >> >  MdePkg/Library/SmmMemoryAllocationLib/MemoryAllocationLib.c  |  4
> >++--
> >> >  MdePkg/Library/UefiMemoryAllocationLib/MemoryAllocationLib.c |  4
> >++--
> >> >  5 files changed, 13 insertions(+), 15 deletions(-)
> >> >
> >> > diff --git a/MdePkg/Library/BaseLib/String.c
> >> b/MdePkg/Library/BaseLib/String.c
> >> > index e84bf50..4151e0e 100644
> >> > --- a/MdePkg/Library/BaseLib/String.c
> >> > +++ b/MdePkg/Library/BaseLib/String.c
> >> > @@ -586,7 +586,7 @@ InternalHexCharToUintn (
> >> >      return Char - L'0';
> >> >    }
> >> >
> >> > -  return (UINTN) (10 + InternalCharToUpper (Char) - L'A');
> >> > +  return (10 + InternalCharToUpper (Char) - L'A');
> >> >  }
> >> >
> >> >  /**
> >> > @@ -1211,7 +1211,7 @@ InternalAsciiHexCharToUintn (
> >> >      return Char - '0';
> >> >    }
> >> >
> >> > -  return (UINTN) (10 + InternalBaseLibAsciiToUpper (Char) - 'A');
> >> > +  return (10 + InternalBaseLibAsciiToUpper (Char) - 'A');
> >> >  }
> >> >
> >> >
> >> > diff --git a/MdePkg/Library/BasePeCoffLib/BasePeCoff.c
> >> b/MdePkg/Library/BasePeCoffLib/BasePeCoff.c
> >> > index 33cad23..8d1daba 100644
> >> > --- a/MdePkg/Library/BasePeCoffLib/BasePeCoff.c
> >> > +++ b/MdePkg/Library/BasePeCoffLib/BasePeCoff.c
> >> > @@ -15,7 +15,7 @@
> >> >    PeCoffLoaderGetPeHeader() routine will do basic check for PE/COFF
> >header.
> >> >    PeCoffLoaderGetImageInfo() routine will do basic check for whole
> >PE/COFF
> >> image.
> >> >
> >> > -  Copyright (c) 2006 - 2014, Intel Corporation. All rights reserved.<BR>
> >> > +  Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.<BR>
> >> >    Portions copyright (c) 2008 - 2009, Apple Inc. All rights reserved.<BR>
> >> >    This program and the accompanying materials
> >> >    are licensed and made available under the terms and conditions of the
> >BSD
> >> License
> >> > @@ -703,12 +703,10 @@ PeCoffLoaderGetImageInfo (
> >> >        //
> >> >        DebugDirectoryEntryFileOffset = 0;
> >> >
> >> > -      SectionHeaderOffset = (UINTN)(
> >> > -                               ImageContext->PeCoffHeaderOffset +
> >> > -                               sizeof (UINT32) +
> >> > -                               sizeof (EFI_IMAGE_FILE_HEADER) +
> >> > -                               Hdr.Pe32->FileHeader.SizeOfOptionalHeader
> >> > -                               );
> >> > +      SectionHeaderOffset = ImageContext->PeCoffHeaderOffset +
> >> > +                            sizeof (UINT32) +
> >> > +                            sizeof (EFI_IMAGE_FILE_HEADER) +
> >> > +                            Hdr.Pe32->FileHeader.SizeOfOptionalHeader;
> >> >
> >> >        for (Index = 0; Index < Hdr.Pe32->FileHeader.NumberOfSections;
> >Index++)
> >> {
> >> >          //
> >> > diff --git a/MdePkg/Library/BaseS3PciLib/S3PciLib.c
> >> b/MdePkg/Library/BaseS3PciLib/S3PciLib.c
> >> > index e29f7fe..27342b0 100644
> >> > --- a/MdePkg/Library/BaseS3PciLib/S3PciLib.c
> >> > +++ b/MdePkg/Library/BaseS3PciLib/S3PciLib.c
> >> > @@ -3,7 +3,7 @@
> >> >    the PCI operations to be replayed during an S3 resume. This library class
> >> >    maps directly on top of the PciLib class.
> >> >
> >> > -  Copyright (c) 2006 - 2012, Intel Corporation. All rights reserved.<BR>
> >> > +  Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.<BR>
> >> >
> >> >    This program and the accompanying materials
> >> >    are licensed and made available under the terms and conditions
> >> > @@ -25,7 +25,7 @@
> >> >  #include <Library/S3PciLib.h>
> >> >
> >> >  #define PCILIB_TO_COMMON_ADDRESS(Address) \
> >> > -        ((UINT64) ((((UINTN) ((Address>>20) & 0xff)) << 24) + (((UINTN)
> >> ((Address>>15) & 0x1f)) << 16) + (((UINTN) ((Address>>12) & 0x07)) << 8) +
> >> ((UINTN) (Address & 0xfff ))))
> >> > +        ((((UINTN) ((Address>>20) & 0xff)) << 24) + (((UINTN)
> >((Address>>15) &
> >> 0x1f)) << 16) + (((UINTN) ((Address>>12) & 0x07)) << 8) + ((UINTN)
> >(Address &
> >> 0xfff )))
> >> >
> >> >  /**
> >> >    Saves a PCI configuration value to the boot script.
> >>
> >> I think this change is potentially unsafe, without auditing all uses of
> >> PCILIB_TO_COMMON_ADDRESS(). In a 32-bit build, the type of the result
> >> will no longer be UINT64 but UINT32, and that can cause problems in
> >> several contexts. For example:
> >>
> >> - as an operand to the sizeof operator
> >> - when it's being relied upon to cause conversion to UINT64, for example
> >> another (UINT32) operand could be added to it
> >> - when it is passed through a variable argument list
> >>
> >> It might be safe, but there's no way to tell without auditing all the
> >> call sites. So let me see...
> >>
> >> Apparently this macro is only passed to S3BootScriptSavePciCfgWrite() as
> >> second argument, within the same file, and that argument is covered by
> >> the function prototype explicitly, with type UINT64. So the change
> >> should be safe.
> >>
> >
> >Thanks for the checking. I did search the whole edk2 repository for the
> >reference of "PCILIB_TO_COMMON_ADDRESS" and it is only comsumed by
> >the
> >function you mentioned.
> >
> >> (I see the same macro definition and kind of invocation in
> >> "QuarkPlatformPkg/Acpi/DxeSmm/AcpiSmm/AcpiSmmPlatform.c"; I didn't
> >try
> >> to audit that file.)
> >>
> >> The rest looks okay too.
> >>
> >> Reviewed-by: Laszlo Ersek <lersek@redhat.com>
> >>
> >
> >Many thanks for the feedbacks and the effort for reviewing the patch.
> >
> >> (If you go ahead and submit a 30-part series that does this kind of
> >> fixup all over the tree, please don't expect me to review it all -- I'm
> >> okay reviewing OvmfPkg and ArmVirtPkg changes, but I can't take on the
> >> rest. This kind of patch cannot be reviewed without consulting a really
> >> wide context.)
> >>
> >
> >I am thinking if the package level patch contains too many changes, I
> >might break it into multiple module-level patches and include module
> >owners/experts to help reviewing them.
> >
> >Best Regards,
> >Hao Wu
> >
> >> Thanks
> >> Laszlo
> >>
> >>
> >> > diff --git
> >> a/MdePkg/Library/SmmMemoryAllocationLib/MemoryAllocationLib.c
> >> b/MdePkg/Library/SmmMemoryAllocationLib/MemoryAllocationLib.c
> >> > index 937165a..592cced 100644
> >> > --- a/MdePkg/Library/SmmMemoryAllocationLib/MemoryAllocationLib.c
> >> > +++ b/MdePkg/Library/SmmMemoryAllocationLib/MemoryAllocationLib.c
> >> > @@ -12,7 +12,7 @@
> >> >    allocation for the Reserved memory types are not supported and will
> >> always
> >> >    return NULL.
> >> >
> >> > -  Copyright (c) 2006 - 2015, Intel Corporation. All rights reserved.<BR>
> >> > +  Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.<BR>
> >> >    This program and the accompanying materials
> >> >    are licensed and made available under the terms and conditions of the
> >BSD
> >> License
> >> >    which accompanies this distribution.  The full text of the license may be
> >> found at
> >> > @@ -343,7 +343,7 @@ InternalAllocateAlignedPages (
> >> >        Status = gSmst->SmmFreePages (Memory, UnalignedPages);
> >> >        ASSERT_EFI_ERROR (Status);
> >> >      }
> >> > -    Memory         = (EFI_PHYSICAL_ADDRESS) (AlignedMemory +
> >> EFI_PAGES_TO_SIZE (Pages));
> >> > +    Memory         = AlignedMemory + EFI_PAGES_TO_SIZE (Pages);
> >> >      UnalignedPages = RealPages - Pages - UnalignedPages;
> >> >      if (UnalignedPages > 0) {
> >> >        //
> >> > diff --git
> >a/MdePkg/Library/UefiMemoryAllocationLib/MemoryAllocationLib.c
> >> b/MdePkg/Library/UefiMemoryAllocationLib/MemoryAllocationLib.c
> >> > index 3da5e211..3bd3aef 100644
> >> > --- a/MdePkg/Library/UefiMemoryAllocationLib/MemoryAllocationLib.c
> >> > +++ b/MdePkg/Library/UefiMemoryAllocationLib/MemoryAllocationLib.c
> >> > @@ -2,7 +2,7 @@
> >> >    Support routines for memory allocation routines based
> >> >    on boot services for Dxe phase drivers.
> >> >
> >> > -  Copyright (c) 2006 - 2015, Intel Corporation. All rights reserved.<BR>
> >> > +  Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.<BR>
> >> >    This program and the accompanying materials
> >> >    are licensed and made available under the terms and conditions of the
> >BSD
> >> License
> >> >    which accompanies this distribution.  The full text of the license may be
> >> found at
> >> > @@ -216,7 +216,7 @@ InternalAllocateAlignedPages (
> >> >        Status = gBS->FreePages (Memory, UnalignedPages);
> >> >        ASSERT_EFI_ERROR (Status);
> >> >      }
> >> > -    Memory         = (EFI_PHYSICAL_ADDRESS) (AlignedMemory +
> >> EFI_PAGES_TO_SIZE (Pages));
> >> > +    Memory         = AlignedMemory + EFI_PAGES_TO_SIZE (Pages);
> >> >      UnalignedPages = RealPages - Pages - UnalignedPages;
> >> >      if (UnalignedPages > 0) {
> >> >        //
> >> >
> >
> >_______________________________________________
> >edk2-devel mailing list
> >edk2-devel@lists.01.org
> >https://lists.01.org/mailman/listinfo/edk2-devel


^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [PATCH v2 1/1] MdePkg: Refine casting expression result to bigger size
  2017-01-25  6:16         ` Wu, Hao A
@ 2017-01-25  6:19           ` Gao, Liming
  0 siblings, 0 replies; 7+ messages in thread
From: Gao, Liming @ 2017-01-25  6:19 UTC (permalink / raw)
  To: Wu, Hao A; +Cc: edk2-devel@ml01.01.org

Got it. Thanks for your clarification. 

>-----Original Message-----
>From: Wu, Hao A
>Sent: Wednesday, January 25, 2017 2:17 PM
>To: Gao, Liming <liming.gao@intel.com>
>Cc: edk2-devel@ml01.01.org
>Subject: RE: [edk2] [PATCH v2 1/1] MdePkg: Refine casting expression result
>to bigger size
>
>> -----Original Message-----
>> From: Gao, Liming
>> Sent: Wednesday, January 25, 2017 1:58 PM
>> To: Wu, Hao A; Laszlo Ersek
>> Cc: edk2-devel@ml01.01.org
>> Subject: RE: [edk2] [PATCH v2 1/1] MdePkg: Refine casting expression result
>to
>> bigger size
>>
>> Hao:
>>   For PCILIB_TO_COMMON_ADDRESS, we can't assume its usage in the
>> consumer code. There may be some usage in other projects. So, I suggest to
>> provide the safe fix.
>>
>
>Hi Liming,
>
>The definition "PCILIB_TO_COMMON_ADDRESS" is defined in
>MdePkg/Library/BaseS3PciLib/S3PciLib.c. It will not be consumed outside.
>
>Best Regards,
>Hao Wu
>
>> Thanks
>> Liming
>> >-----Original Message-----
>> >From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of
>Wu,
>> >Hao A
>> >Sent: Wednesday, January 25, 2017 8:26 AM
>> >To: Laszlo Ersek <lersek@redhat.com>
>> >Cc: edk2-devel@ml01.01.org
>> >Subject: Re: [edk2] [PATCH v2 1/1] MdePkg: Refine casting expression
>result
>> >to bigger size
>> >
>> >> -----Original Message-----
>> >> From: Laszlo Ersek [mailto:lersek@redhat.com]
>> >> Sent: Tuesday, January 24, 2017 5:54 PM
>> >> To: Wu, Hao A
>> >> Cc: edk2-devel@ml01.01.org
>> >> Subject: Re: [edk2] [PATCH v2 1/1] MdePkg: Refine casting expression
>result
>> >to
>> >> bigger size
>> >>
>> >> On 01/24/17 08:25, Hao Wu wrote:
>> >> > There are cases that the operands of an expression are all with rank
>less
>> >> > than UINT64/INT64 and the result of the expression is explicitly casted
>to
>> >> > UINT64/INT64 to fit the target size.
>> >> >
>> >> > An example will be:
>> >> > UINT32 a,b;
>> >> > // a and b can be any unsigned int type with rank less than UINT64, like
>> >> > // UINT8, UINT16, etc.
>> >> > UINT64 c;
>> >> > c = (UINT64) (a + b);
>> >> >
>> >> > Some static code checkers may warn that the expression result might
>> >> > overflow within the rank of "int" (integer promotions) and the result is
>> >> > then cast to a bigger size.
>> >> >
>> >> > The commit refines codes by the following rules:
>> >> > 1). When the expression will not overflow within the rank of "int",
>remove
>> >> > the explicit type casts:
>> >> > c = a + b;
>> >> >
>> >> > 2). When the expression is possible to overflow the range of unsigned
>int/
>> >> > int:
>> >> > c = (UINT64)a + b;
>> >> >
>> >> > Contributed-under: TianoCore Contribution Agreement 1.0
>> >> > Signed-off-by: Hao Wu <hao.a.wu@intel.com>
>> >> > ---
>> >> >  MdePkg/Library/BaseLib/String.c                              |  4 ++--
>> >> >  MdePkg/Library/BasePeCoffLib/BasePeCoff.c                    | 12 +++++-----
>--
>> >> >  MdePkg/Library/BaseS3PciLib/S3PciLib.c                       |  4 ++--
>> >> >  MdePkg/Library/SmmMemoryAllocationLib/MemoryAllocationLib.c  |
>4
>> >++--
>> >> >  MdePkg/Library/UefiMemoryAllocationLib/MemoryAllocationLib.c |  4
>> >++--
>> >> >  5 files changed, 13 insertions(+), 15 deletions(-)
>> >> >
>> >> > diff --git a/MdePkg/Library/BaseLib/String.c
>> >> b/MdePkg/Library/BaseLib/String.c
>> >> > index e84bf50..4151e0e 100644
>> >> > --- a/MdePkg/Library/BaseLib/String.c
>> >> > +++ b/MdePkg/Library/BaseLib/String.c
>> >> > @@ -586,7 +586,7 @@ InternalHexCharToUintn (
>> >> >      return Char - L'0';
>> >> >    }
>> >> >
>> >> > -  return (UINTN) (10 + InternalCharToUpper (Char) - L'A');
>> >> > +  return (10 + InternalCharToUpper (Char) - L'A');
>> >> >  }
>> >> >
>> >> >  /**
>> >> > @@ -1211,7 +1211,7 @@ InternalAsciiHexCharToUintn (
>> >> >      return Char - '0';
>> >> >    }
>> >> >
>> >> > -  return (UINTN) (10 + InternalBaseLibAsciiToUpper (Char) - 'A');
>> >> > +  return (10 + InternalBaseLibAsciiToUpper (Char) - 'A');
>> >> >  }
>> >> >
>> >> >
>> >> > diff --git a/MdePkg/Library/BasePeCoffLib/BasePeCoff.c
>> >> b/MdePkg/Library/BasePeCoffLib/BasePeCoff.c
>> >> > index 33cad23..8d1daba 100644
>> >> > --- a/MdePkg/Library/BasePeCoffLib/BasePeCoff.c
>> >> > +++ b/MdePkg/Library/BasePeCoffLib/BasePeCoff.c
>> >> > @@ -15,7 +15,7 @@
>> >> >    PeCoffLoaderGetPeHeader() routine will do basic check for PE/COFF
>> >header.
>> >> >    PeCoffLoaderGetImageInfo() routine will do basic check for whole
>> >PE/COFF
>> >> image.
>> >> >
>> >> > -  Copyright (c) 2006 - 2014, Intel Corporation. All rights reserved.<BR>
>> >> > +  Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.<BR>
>> >> >    Portions copyright (c) 2008 - 2009, Apple Inc. All rights reserved.<BR>
>> >> >    This program and the accompanying materials
>> >> >    are licensed and made available under the terms and conditions of
>the
>> >BSD
>> >> License
>> >> > @@ -703,12 +703,10 @@ PeCoffLoaderGetImageInfo (
>> >> >        //
>> >> >        DebugDirectoryEntryFileOffset = 0;
>> >> >
>> >> > -      SectionHeaderOffset = (UINTN)(
>> >> > -                               ImageContext->PeCoffHeaderOffset +
>> >> > -                               sizeof (UINT32) +
>> >> > -                               sizeof (EFI_IMAGE_FILE_HEADER) +
>> >> > -                               Hdr.Pe32->FileHeader.SizeOfOptionalHeader
>> >> > -                               );
>> >> > +      SectionHeaderOffset = ImageContext->PeCoffHeaderOffset +
>> >> > +                            sizeof (UINT32) +
>> >> > +                            sizeof (EFI_IMAGE_FILE_HEADER) +
>> >> > +                            Hdr.Pe32->FileHeader.SizeOfOptionalHeader;
>> >> >
>> >> >        for (Index = 0; Index < Hdr.Pe32->FileHeader.NumberOfSections;
>> >Index++)
>> >> {
>> >> >          //
>> >> > diff --git a/MdePkg/Library/BaseS3PciLib/S3PciLib.c
>> >> b/MdePkg/Library/BaseS3PciLib/S3PciLib.c
>> >> > index e29f7fe..27342b0 100644
>> >> > --- a/MdePkg/Library/BaseS3PciLib/S3PciLib.c
>> >> > +++ b/MdePkg/Library/BaseS3PciLib/S3PciLib.c
>> >> > @@ -3,7 +3,7 @@
>> >> >    the PCI operations to be replayed during an S3 resume. This library
>class
>> >> >    maps directly on top of the PciLib class.
>> >> >
>> >> > -  Copyright (c) 2006 - 2012, Intel Corporation. All rights reserved.<BR>
>> >> > +  Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.<BR>
>> >> >
>> >> >    This program and the accompanying materials
>> >> >    are licensed and made available under the terms and conditions
>> >> > @@ -25,7 +25,7 @@
>> >> >  #include <Library/S3PciLib.h>
>> >> >
>> >> >  #define PCILIB_TO_COMMON_ADDRESS(Address) \
>> >> > -        ((UINT64) ((((UINTN) ((Address>>20) & 0xff)) << 24) + (((UINTN)
>> >> ((Address>>15) & 0x1f)) << 16) + (((UINTN) ((Address>>12) & 0x07)) << 8)
>+
>> >> ((UINTN) (Address & 0xfff ))))
>> >> > +        ((((UINTN) ((Address>>20) & 0xff)) << 24) + (((UINTN)
>> >((Address>>15) &
>> >> 0x1f)) << 16) + (((UINTN) ((Address>>12) & 0x07)) << 8) + ((UINTN)
>> >(Address &
>> >> 0xfff )))
>> >> >
>> >> >  /**
>> >> >    Saves a PCI configuration value to the boot script.
>> >>
>> >> I think this change is potentially unsafe, without auditing all uses of
>> >> PCILIB_TO_COMMON_ADDRESS(). In a 32-bit build, the type of the result
>> >> will no longer be UINT64 but UINT32, and that can cause problems in
>> >> several contexts. For example:
>> >>
>> >> - as an operand to the sizeof operator
>> >> - when it's being relied upon to cause conversion to UINT64, for example
>> >> another (UINT32) operand could be added to it
>> >> - when it is passed through a variable argument list
>> >>
>> >> It might be safe, but there's no way to tell without auditing all the
>> >> call sites. So let me see...
>> >>
>> >> Apparently this macro is only passed to S3BootScriptSavePciCfgWrite() as
>> >> second argument, within the same file, and that argument is covered by
>> >> the function prototype explicitly, with type UINT64. So the change
>> >> should be safe.
>> >>
>> >
>> >Thanks for the checking. I did search the whole edk2 repository for the
>> >reference of "PCILIB_TO_COMMON_ADDRESS" and it is only comsumed
>by
>> >the
>> >function you mentioned.
>> >
>> >> (I see the same macro definition and kind of invocation in
>> >> "QuarkPlatformPkg/Acpi/DxeSmm/AcpiSmm/AcpiSmmPlatform.c"; I
>didn't
>> >try
>> >> to audit that file.)
>> >>
>> >> The rest looks okay too.
>> >>
>> >> Reviewed-by: Laszlo Ersek <lersek@redhat.com>
>> >>
>> >
>> >Many thanks for the feedbacks and the effort for reviewing the patch.
>> >
>> >> (If you go ahead and submit a 30-part series that does this kind of
>> >> fixup all over the tree, please don't expect me to review it all -- I'm
>> >> okay reviewing OvmfPkg and ArmVirtPkg changes, but I can't take on the
>> >> rest. This kind of patch cannot be reviewed without consulting a really
>> >> wide context.)
>> >>
>> >
>> >I am thinking if the package level patch contains too many changes, I
>> >might break it into multiple module-level patches and include module
>> >owners/experts to help reviewing them.
>> >
>> >Best Regards,
>> >Hao Wu
>> >
>> >> Thanks
>> >> Laszlo
>> >>
>> >>
>> >> > diff --git
>> >> a/MdePkg/Library/SmmMemoryAllocationLib/MemoryAllocationLib.c
>> >> b/MdePkg/Library/SmmMemoryAllocationLib/MemoryAllocationLib.c
>> >> > index 937165a..592cced 100644
>> >> > ---
>a/MdePkg/Library/SmmMemoryAllocationLib/MemoryAllocationLib.c
>> >> > +++
>b/MdePkg/Library/SmmMemoryAllocationLib/MemoryAllocationLib.c
>> >> > @@ -12,7 +12,7 @@
>> >> >    allocation for the Reserved memory types are not supported and will
>> >> always
>> >> >    return NULL.
>> >> >
>> >> > -  Copyright (c) 2006 - 2015, Intel Corporation. All rights reserved.<BR>
>> >> > +  Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.<BR>
>> >> >    This program and the accompanying materials
>> >> >    are licensed and made available under the terms and conditions of
>the
>> >BSD
>> >> License
>> >> >    which accompanies this distribution.  The full text of the license may
>be
>> >> found at
>> >> > @@ -343,7 +343,7 @@ InternalAllocateAlignedPages (
>> >> >        Status = gSmst->SmmFreePages (Memory, UnalignedPages);
>> >> >        ASSERT_EFI_ERROR (Status);
>> >> >      }
>> >> > -    Memory         = (EFI_PHYSICAL_ADDRESS) (AlignedMemory +
>> >> EFI_PAGES_TO_SIZE (Pages));
>> >> > +    Memory         = AlignedMemory + EFI_PAGES_TO_SIZE (Pages);
>> >> >      UnalignedPages = RealPages - Pages - UnalignedPages;
>> >> >      if (UnalignedPages > 0) {
>> >> >        //
>> >> > diff --git
>> >a/MdePkg/Library/UefiMemoryAllocationLib/MemoryAllocationLib.c
>> >> b/MdePkg/Library/UefiMemoryAllocationLib/MemoryAllocationLib.c
>> >> > index 3da5e211..3bd3aef 100644
>> >> > ---
>a/MdePkg/Library/UefiMemoryAllocationLib/MemoryAllocationLib.c
>> >> > +++
>b/MdePkg/Library/UefiMemoryAllocationLib/MemoryAllocationLib.c
>> >> > @@ -2,7 +2,7 @@
>> >> >    Support routines for memory allocation routines based
>> >> >    on boot services for Dxe phase drivers.
>> >> >
>> >> > -  Copyright (c) 2006 - 2015, Intel Corporation. All rights reserved.<BR>
>> >> > +  Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.<BR>
>> >> >    This program and the accompanying materials
>> >> >    are licensed and made available under the terms and conditions of
>the
>> >BSD
>> >> License
>> >> >    which accompanies this distribution.  The full text of the license may
>be
>> >> found at
>> >> > @@ -216,7 +216,7 @@ InternalAllocateAlignedPages (
>> >> >        Status = gBS->FreePages (Memory, UnalignedPages);
>> >> >        ASSERT_EFI_ERROR (Status);
>> >> >      }
>> >> > -    Memory         = (EFI_PHYSICAL_ADDRESS) (AlignedMemory +
>> >> EFI_PAGES_TO_SIZE (Pages));
>> >> > +    Memory         = AlignedMemory + EFI_PAGES_TO_SIZE (Pages);
>> >> >      UnalignedPages = RealPages - Pages - UnalignedPages;
>> >> >      if (UnalignedPages > 0) {
>> >> >        //
>> >> >
>> >
>> >_______________________________________________
>> >edk2-devel mailing list
>> >edk2-devel@lists.01.org
>> >https://lists.01.org/mailman/listinfo/edk2-devel


^ permalink raw reply	[flat|nested] 7+ messages in thread

end of thread, other threads:[~2017-01-25  6:19 UTC | newest]

Thread overview: 7+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2017-01-24  7:25 [PATCH v2 0/1] Refine casting expression result to bigger size Hao Wu
2017-01-24  7:25 ` [PATCH v2 1/1] MdePkg: " Hao Wu
2017-01-24  9:53   ` Laszlo Ersek
2017-01-25  0:25     ` Wu, Hao A
2017-01-25  5:57       ` Gao, Liming
2017-01-25  6:16         ` Wu, Hao A
2017-01-25  6:19           ` Gao, Liming

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox