From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <ruiyu.ni@intel.com>
Received-SPF: Pass (sender SPF authorized) identity=mailfrom;
 client-ip=134.134.136.100; helo=mga07.intel.com;
 envelope-from=ruiyu.ni@intel.com; receiver=edk2-devel@lists.01.org 
Received: from mga07.intel.com (mga07.intel.com [134.134.136.100])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by ml01.01.org (Postfix) with ESMTPS id D716321164EFA
 for <edk2-devel@lists.01.org>; Sun, 14 Oct 2018 23:37:31 -0700 (PDT)
X-Amp-Result: SKIPPED(no attachment in message)
X-Amp-File-Uploaded: False
Received: from fmsmga007.fm.intel.com ([10.253.24.52])
 by orsmga105.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384;
 14 Oct 2018 23:37:31 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.54,383,1534834800"; d="scan'208";a="78046725"
Received: from ray-dev.ccr.corp.intel.com ([10.239.9.11])
 by fmsmga007.fm.intel.com with ESMTP; 14 Oct 2018 23:37:30 -0700
From: Ruiyu Ni <ruiyu.ni@intel.com>
To: edk2-devel@lists.01.org
Date: Mon, 15 Oct 2018 14:38:22 +0800
Message-Id: <20181015063833.61304-1-ruiyu.ni@intel.com>
X-Mailer: git-send-email 2.16.1.windows.1
Subject: [PATCH 00/11] Need to validate data from HW
X-BeenThere: edk2-devel@lists.01.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: EDK II Development  <edk2-devel.lists.01.org>
List-Unsubscribe: <https://lists.01.org/mailman/options/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=unsubscribe>
List-Archive: <http://lists.01.org/pipermail/edk2-devel/>
List-Post: <mailto:edk2-devel@lists.01.org>
List-Help: <mailto:edk2-devel-request@lists.01.org?subject=help>
List-Subscribe: <https://lists.01.org/mailman/listinfo/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=subscribe>
X-List-Received-Date: Mon, 15 Oct 2018 06:37:32 -0000

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1250

The patches contain logic to check the data from HW before using.
It can avoid corrupted data from HW causes software behave abnormally.

Hao Wu (1):
  MdeModulePkg/Bus/Ufs: Ensure device not return more data than expected

Ruiyu Ni (10):
  MdeModulePkg/UsbMass: Merge UsbBoot(Read|Write)Blocks(16)
  MdeModulePkg/UsbMass: Fix integer overflow when BlockSize is 1
  MdeModulePkg/UsbBus: Fix out-of-bound read access to descriptors
  MdeModulePkg/UsbBus: Reject descriptor whose length is bad
  MdeModulePkg/Usb: Make sure data from HW is no more than expected
  SourceLevelDebugPkg/Usb3: Make sure data from HW can fit in buffer
  MdeModulePkg/UsbKb: Don't access key codes when length is wrong
  MdeModulePkg/AbsPointer: Don't access key codes when length is wrong
  MdeModulePkg/UsbMouse: Don't access key codes when length is wrong
  MdeModulePkg/UsbBus: Deny when the string descriptor length is odd

 MdeModulePkg/Bus/Pci/EhciDxe/EhciSched.c           |   9 +-
 MdeModulePkg/Bus/Pci/UhciDxe/UhciSched.c           |   7 +-
 MdeModulePkg/Bus/Pci/XhciDxe/XhciSched.c           |   9 +-
 MdeModulePkg/Bus/Ufs/UfsBlockIoPei/UfsHci.c        |  19 +-
 .../Bus/Ufs/UfsPassThruDxe/UfsPassThruHci.c        |  30 ++-
 MdeModulePkg/Bus/Usb/UsbBusDxe/UsbDesc.c           |  59 ++++-
 MdeModulePkg/Bus/Usb/UsbKbDxe/KeyBoard.c           |   4 +
 .../Bus/Usb/UsbMassStorageDxe/UsbMassBoot.c        | 269 +++++----------------
 .../Bus/Usb/UsbMassStorageDxe/UsbMassBoot.h        |  76 ++----
 .../Bus/Usb/UsbMassStorageDxe/UsbMassImpl.c        |   8 +-
 .../UsbMouseAbsolutePointer.c                      |   8 +-
 MdeModulePkg/Bus/Usb/UsbMouseDxe/UsbMouse.c        |   8 +-
 .../DebugCommunicationLibUsb3Transfer.c            |   7 +
 13 files changed, 219 insertions(+), 294 deletions(-)

-- 
2.16.1.windows.1