From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <star.zeng@intel.com>
Received-SPF: Pass (sender SPF authorized) identity=mailfrom;
 client-ip=192.55.52.43; helo=mga05.intel.com;
 envelope-from=star.zeng@intel.com; receiver=edk2-devel@lists.01.org 
Received: from mga05.intel.com (mga05.intel.com [192.55.52.43])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by ml01.01.org (Postfix) with ESMTPS id 417E42238B581
 for <edk2-devel@lists.01.org>; Thu, 25 Jan 2018 19:44:26 -0800 (PST)
X-Amp-Result: SKIPPED(no attachment in message)
X-Amp-File-Uploaded: False
Received: from fmsmga005.fm.intel.com ([10.253.24.32])
 by fmsmga105.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384;
 25 Jan 2018 19:49:56 -0800
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.46,414,1511856000"; d="scan'208";a="198771445"
Received: from shwdeopenpsi068.ccr.corp.intel.com ([10.239.158.46])
 by fmsmga005.fm.intel.com with ESMTP; 25 Jan 2018 19:49:55 -0800
From: Star Zeng <star.zeng@intel.com>
To: edk2-devel@lists.01.org
Cc: Star Zeng <star.zeng@intel.com>, Jiewen Yao <jiewen.yao@intel.com>,
 Rangasai V Chaganty <rangasai.v.chaganty@intel.com>
Date: Fri, 26 Jan 2018 11:49:51 +0800
Message-Id: <1516938591-9856-1-git-send-email-star.zeng@intel.com>
X-Mailer: git-send-email 2.7.0.windows.1
Subject: [PATCH] IntelSiliconPkg MicrocodeUpdateDxe: TotalSize must be multiples of 1KB
X-BeenThere: edk2-devel@lists.01.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: EDK II Development  <edk2-devel.lists.01.org>
List-Unsubscribe: <https://lists.01.org/mailman/options/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=unsubscribe>
List-Archive: <http://lists.01.org/pipermail/edk2-devel/>
List-Post: <mailto:edk2-devel@lists.01.org>
List-Help: <mailto:edk2-devel-request@lists.01.org?subject=help>
List-Subscribe: <https://lists.01.org/mailman/listinfo/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=subscribe>
X-List-Received-Date: Fri, 26 Jan 2018 03:44:26 -0000

TotalSize must be multiples of 1024 bytes (1 KBytes) according to SDM.

Also enhance the debug message for DataSize that must be
multiples of DWORDs.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Rangasai V Chaganty <rangasai.v.chaganty@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Star Zeng <star.zeng@intel.com>
---
 .../Capsule/MicrocodeUpdateDxe/MicrocodeUpdate.c      | 19 +++++++++++++++----
 1 file changed, 15 insertions(+), 4 deletions(-)

diff --git a/IntelSiliconPkg/Feature/Capsule/MicrocodeUpdateDxe/MicrocodeUpdate.c b/IntelSiliconPkg/Feature/Capsule/MicrocodeUpdateDxe/MicrocodeUpdate.c
index 11a51106fdd2..46b55088285f 100644
--- a/IntelSiliconPkg/Feature/Capsule/MicrocodeUpdateDxe/MicrocodeUpdate.c
+++ b/IntelSiliconPkg/Feature/Capsule/MicrocodeUpdateDxe/MicrocodeUpdate.c
@@ -8,7 +8,7 @@
 
   MicrocodeWrite() and VerifyMicrocode() will receive untrusted input and do basic validation.
 
-  Copyright (c) 2016 - 2017, Intel Corporation. All rights reserved.<BR>
+  Copyright (c) 2016 - 2018, Intel Corporation. All rights reserved.<BR>
   This program and the accompanying materials
   are licensed and made available under the terms and conditions of the BSD License
   which accompanies this distribution.  The full text of the license may be found at
@@ -421,7 +421,7 @@ VerifyMicrocode (
     return EFI_INCOMPATIBLE_VERSION;
   }
   //
-  // Check Size
+  // Check TotalSize
   //
   if (MicrocodeEntryPoint->DataSize == 0) {
     TotalSize = 2048;
@@ -436,6 +436,14 @@ VerifyMicrocode (
     }
     return EFI_VOLUME_CORRUPTED;
   }
+  if ((TotalSize & (SIZE_1KB - 1)) != 0) {
+    DEBUG((DEBUG_ERROR, "VerifyMicrocode - TotalSize is not multiples of 1024 bytes (1 KBytes)\n"));
+    *LastAttemptStatus = LAST_ATTEMPT_STATUS_ERROR_INVALID_FORMAT;
+    if (AbortReason != NULL) {
+      *AbortReason = AllocateCopyPool(sizeof(L"InvalidTotalSize"), L"InvalidTotalSize");
+    }
+    return EFI_VOLUME_CORRUPTED;
+  }
   if (TotalSize != ImageSize) {
     DEBUG((DEBUG_ERROR, "VerifyMicrocode - fail on TotalSize\n"));
     *LastAttemptStatus = LAST_ATTEMPT_STATUS_ERROR_INVALID_FORMAT;
@@ -445,7 +453,7 @@ VerifyMicrocode (
     return EFI_VOLUME_CORRUPTED;
   }
   //
-  // Check CheckSum32
+  // Check DataSize
   //
   if (MicrocodeEntryPoint->DataSize == 0) {
     DataSize = 2048 - sizeof(CPU_MICROCODE_HEADER);
@@ -461,13 +469,16 @@ VerifyMicrocode (
     return EFI_VOLUME_CORRUPTED;
   }
   if ((DataSize & 0x3) != 0) {
-    DEBUG((DEBUG_ERROR, "VerifyMicrocode - DataSize not aligned\n"));
+    DEBUG((DEBUG_ERROR, "VerifyMicrocode - DataSize is not multiples of DWORDs\n"));
     *LastAttemptStatus = LAST_ATTEMPT_STATUS_ERROR_INVALID_FORMAT;
     if (AbortReason != NULL) {
       *AbortReason = AllocateCopyPool(sizeof(L"InvalidDataSize"), L"InvalidDataSize");
     }
     return EFI_VOLUME_CORRUPTED;
   }
+  //
+  // Check CheckSum32
+  //
   CheckSum32 = CalculateSum32((UINT32 *)MicrocodeEntryPoint, DataSize + sizeof(CPU_MICROCODE_HEADER));
   if (CheckSum32 != 0) {
     DEBUG((DEBUG_ERROR, "VerifyMicrocode - fail on CheckSum32\n"));
-- 
2.7.0.windows.1