From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from de-smtp-delivery-102.mimecast.com (de-smtp-delivery-102.mimecast.com [51.163.158.102]) by mx.groups.io with SMTP id smtpd.web12.5968.1594966331899950018 for ; Thu, 16 Jul 2020 23:12:12 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@suse.com header.s=mimecast20200619 header.b=bwwufg9i; spf=pass (domain: suse.com, ip: 51.163.158.102, mailfrom: glin@suse.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.com; s=mimecast20200619; t=1594966330; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=AGphs0Wjqr2/a50XCk+esZMMwzBlBaYSMGtpQHJzVq4=; b=bwwufg9iH8ifbZRZmNZlGAeKOBTc9UqXGAfuDdurieQPwI/8/i4WQVN0KDLZ9ap69/YMXl D3kDw0p3Q5W4qF55GiqNBqJbpGkK61T2gcnR2lKf1HPHOeOuO7/C8wtgrVBXdJzSJHnn7t z7MVMleYwki17gSSJT72oyQiGfWlGUw= Received: from EUR05-DB8-obe.outbound.protection.outlook.com (mail-db8eur05lp2104.outbound.protection.outlook.com [104.47.17.104]) (Using TLS) by relay.mimecast.com with ESMTP id de-mta-19-LHHIVDWUMlWKZzFDR5CrMQ-1; Fri, 17 Jul 2020 08:12:08 +0200 X-MC-Unique: LHHIVDWUMlWKZzFDR5CrMQ-1 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=RYLyOI9ufdGfHzzKqZY24LkP3l3E38jjocdO/0h2ndK68o2RTy1B8V+yr+7v10cSsatDCmhJkOQ9UiPPZL2BJD8MQz5aO7oGS96tlbd+WfEG+QgwFNawi07vY3pxm3EdP2lKMnXt7QGKZQmLE/QB5VtXa9ge2OMjAD/ES2/uf3XNCHLWX8dbZ1tvWSLxzIca7wEvQwWx3amipZPN/UYRfG5lzr9a982kVxu5BGAtcG1isk2zBewjX1BqN4mVMCHBsbGZMS7FTqjzMniNWYwjGBWwpXVwBfFi4TIDdWY91mSAtEVp66VXpRlftynHMAmzXC8up8m1Anp3j3TuEiKnDw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=AGphs0Wjqr2/a50XCk+esZMMwzBlBaYSMGtpQHJzVq4=; b=Er5jtQi7OXzIPOAdPCWEQK8so+J2ZvWIw2t6t7Tg/BdS5ynWE/tW3O36sSWJqiC1Q982H/szTK51GFKn+CDTNAvpUAmVdlcKgsefGThf2bkbdzHcx2xv45MOIwR7jtSxIWclDKsxeFRxEoXQRfNM86duhlOfF3+Z/iNqZ3r25pm4qz7qQSxLjLsrv1ZIct5XJzbxEHzc2HM3CHFq3mwKKO5IUOjTKbadhgZ6zLRxbg1R5pcNzSp5r7nPaxT9p6WiYh1CyE6Pd411rJJAa+A+Ee2NtAXNQKfeJcKOzTA4TWVbuSvrd0dKfLAQo5YY9x/kyg4w1oFxYuQQDiBEgW+vuw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none Authentication-Results: edk2.groups.io; dkim=none (message not signed) header.d=none;edk2.groups.io; dmarc=none action=none header.from=suse.com; Received: from AM0PR0402MB3809.eurprd04.prod.outlook.com (2603:10a6:208:10::30) by AM0PR04MB4740.eurprd04.prod.outlook.com (2603:10a6:208:c8::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3195.17; Fri, 17 Jul 2020 06:12:07 +0000 Received: from AM0PR0402MB3809.eurprd04.prod.outlook.com ([fe80::a14c:d441:c8a9:77ba]) by AM0PR0402MB3809.eurprd04.prod.outlook.com ([fe80::a14c:d441:c8a9:77ba%6]) with mapi id 15.20.3174.026; Fri, 17 Jul 2020 06:12:07 +0000 From: "Gary Lin" To: devel@edk2.groups.io Cc: Jordan Justen , Laszlo Ersek , Ard Biesheuvel Subject: [PATCH v3 09/11] OvmfPkg/LsiScsiDxe: Examine the incoming SCSI Request Packet Date: Fri, 17 Jul 2020 14:11:28 +0800 Message-Id: <20200717061130.8881-10-glin@suse.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20200717061130.8881-1-glin@suse.com> References: <20200717061130.8881-1-glin@suse.com> X-ClientProxiedBy: AM0PR04CA0138.eurprd04.prod.outlook.com (2603:10a6:208:55::43) To AM0PR0402MB3809.eurprd04.prod.outlook.com (2603:10a6:208:10::30) Return-Path: glin@suse.com MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from GaryWorkstation.suse.cz (60.251.47.115) by AM0PR04CA0138.eurprd04.prod.outlook.com (2603:10a6:208:55::43) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3195.18 via Frontend Transport; Fri, 17 Jul 2020 06:12:05 +0000 X-Mailer: git-send-email 2.25.1 X-Originating-IP: [60.251.47.115] X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 3b5ac25e-2a09-4cfd-f51a-08d82a18551d X-MS-TrafficTypeDiagnostic: AM0PR04MB4740: X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:9508; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: zu9BUE9gwVmOpRa3zFFwq2oF+c7hUpJdbnFVrQ81BRKuZkplVJoApm4c4pp3DSkx4gK70mATPlt9+64nJ1hiGfeRO0UhOZvC7LwiXnI3fbXLdC3/kKob7iuB4uVCIDmv81gyRZyLUIK9VY0JGROBRHXywauYqT006meBi2K5+K3va+eGl0zkgpgzUCm3wH8bs0KLAGIXNihRfJHWJr0hwYXXB2solXBv5q2uRyArcMWzem2bVLhIKRkBtesObqi3obmQ1MDEvWev0qD8bQDMEBTeW2NhxHbGxfkYbqX0AIwZi6FKrSpta8HvB0sbrIXr1hFB+XMXaUkjEs8cI+upUA== X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:AM0PR0402MB3809.eurprd04.prod.outlook.com;PTR:;CAT:NONE;SFTY:;SFS:(39860400002)(136003)(396003)(376002)(346002)(366004)(55236004)(2906002)(186003)(1076003)(16526019)(66556008)(6506007)(66946007)(6486002)(8936002)(66476007)(54906003)(86362001)(6916009)(8676002)(26005)(83380400001)(5660300002)(6512007)(316002)(6666004)(52116002)(478600001)(956004)(36756003)(2616005)(4326008);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData: lKfeEx9ROQAyq6b11uNKsH0MouBVFt2W63U+61xz2qglXkVS9O8rzCMpeLSYjMZ6vg7+C3xH7ENFJi3CMwdbYf/S/27s1jMW8YP/2EZXjy5rOQ+e+gjCsmeTVFUp5xNIuo04sum6Qw0NkMe+V1tjZw6Y7Awuo+szNcy3GArOqKgISdChumFTVERaVduWbi0fFdZ5CWBgJEQaUENQJ5HWffkmkEWdcrt51oPLFoP5PrBuNe7KuP27SuahlCYtdfzqfY1EZ88oum7YnPOlZSOfZPD0qdY1ZII/oF89psa+LXF6WuB2XXl2KxRfjJfERtRQxmDkiouUGzm5CcOnSvo3UDi8ITsFJuPns4nfI6l7MQWUGkuLQZ88IpucISqezjp9h2tDqJoeELMbP8TnVR95pnQHYL/AlfjTq61AqqMVzG9aQIYzrF8TdSFfS/bscPNp2awmOOwW4MhyKTeFeUJsIrbcWZCGVJP4QOBGRWm/LMQ= X-OriginatorOrg: suse.com X-MS-Exchange-CrossTenant-Network-Message-Id: 3b5ac25e-2a09-4cfd-f51a-08d82a18551d X-MS-Exchange-CrossTenant-AuthSource: AM0PR0402MB3809.eurprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 17 Jul 2020 06:12:07.2051 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: f7a17af6-1c5c-4a36-aa8b-f5be247aa4ba X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: YBEojRD/BeRwLaI+WztI3XPD2XVwY8MMlXc4U8dKd9pPua7Kz1xSbEN1T6vM1Gkv X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR04MB4740 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain This is the first part of LsiScsiPassThru(). Before processing the SCSI Request packet, we have to make sure whether the packet is valid or not. v2: Make LsiScsiPassThru() return EFI_UNSUPPORTED since this function is half-implemented Cc: Jordan Justen Cc: Laszlo Ersek Cc: Ard Biesheuvel Signed-off-by: Gary Lin Reviewed-by: Laszlo Ersek --- OvmfPkg/LsiScsiDxe/LsiScsi.c | 98 ++++++++++++++++++++++++++++++++++++ OvmfPkg/LsiScsiDxe/LsiScsi.h | 4 ++ 2 files changed, 102 insertions(+) diff --git a/OvmfPkg/LsiScsiDxe/LsiScsi.c b/OvmfPkg/LsiScsiDxe/LsiScsi.c index 52c224aad9a5..9859632e02d6 100644 --- a/OvmfPkg/LsiScsiDxe/LsiScsi.c +++ b/OvmfPkg/LsiScsiDxe/LsiScsi.c @@ -52,6 +52,95 @@ LsiScsiReset ( return Out8 (Dev, LSI_REG_ISTAT0, LSI_ISTAT0_SRST);=0D }=0D =0D +STATIC=0D +EFI_STATUS=0D +ReportHostAdapterOverrunError (=0D + OUT EFI_EXT_SCSI_PASS_THRU_SCSI_REQUEST_PACKET *Packet=0D + )=0D +{=0D + Packet->SenseDataLength =3D 0;=0D + Packet->HostAdapterStatus =3D=0D + EFI_EXT_SCSI_STATUS_HOST_ADAPTER_DATA_OVERRUN_UNDERRUN;=0D + Packet->TargetStatus =3D EFI_EXT_SCSI_STATUS_TARGET_GOOD;=0D + return EFI_BAD_BUFFER_SIZE;=0D +}=0D +=0D +/**=0D +=0D + Check the request packet from the Extended SCSI Pass Thru Protocol. The= =0D + request packet is modified, to be forwarded outwards by LsiScsiPassThru(= ),=0D + if invalid or unsupported parameters are detected.=0D +=0D + @param[in] Dev The LSI 53C895A SCSI device the packet targets.= =0D +=0D + @param[in] Target The SCSI target controlled by the LSI 53C895A SC= SI=0D + device.=0D +=0D + @param[in] Lun The Logical Unit Number under the SCSI target.=0D +=0D + @param[in out] Packet The Extended SCSI Pass Thru Protocol packet.=0D +=0D +=0D + @retval EFI_SUCCESS The Extended SCSI Pass Thru Protocol packet was val= id.=0D +=0D + @return Otherwise, invalid or unsupported parameters were=0D + detected. Status codes are meant for direct forward= ing=0D + by the EFI_EXT_SCSI_PASS_THRU_PROTOCOL.PassThru()=0D + implementation.=0D +=0D + **/=0D +STATIC=0D +EFI_STATUS=0D +LsiScsiCheckRequest (=0D + IN LSI_SCSI_DEV *Dev,=0D + IN UINT8 Target,=0D + IN UINT64 Lun,=0D + IN OUT EFI_EXT_SCSI_PASS_THRU_SCSI_REQUEST_PACKET *Packet=0D + )=0D +{=0D + if (Target > Dev->MaxTarget || Lun > Dev->MaxLun ||=0D + Packet->DataDirection > EFI_EXT_SCSI_DATA_DIRECTION_BIDIRECTIONAL ||= =0D + //=0D + // Trying to receive, but destination pointer is NULL, or contradict= ing=0D + // transfer direction=0D + //=0D + (Packet->InTransferLength > 0 &&=0D + (Packet->InDataBuffer =3D=3D NULL ||=0D + Packet->DataDirection =3D=3D EFI_EXT_SCSI_DATA_DIRECTION_WRITE=0D + )=0D + ) ||=0D +=0D + //=0D + // Trying to send, but source pointer is NULL, or contradicting tran= sfer=0D + // direction=0D + //=0D + (Packet->OutTransferLength > 0 &&=0D + (Packet->OutDataBuffer =3D=3D NULL ||=0D + Packet->DataDirection =3D=3D EFI_EXT_SCSI_DATA_DIRECTION_READ=0D + )=0D + )=0D + ) {=0D + return EFI_INVALID_PARAMETER;=0D + }=0D +=0D + if (Packet->DataDirection =3D=3D EFI_EXT_SCSI_DATA_DIRECTION_BIDIRECTION= AL ||=0D + (Packet->InTransferLength > 0 && Packet->OutTransferLength > 0) ||=0D + Packet->CdbLength > sizeof Dev->Dma->Cdb) {=0D + return EFI_UNSUPPORTED;=0D + }=0D +=0D + if (Packet->InTransferLength > sizeof Dev->Dma->Data) {=0D + Packet->InTransferLength =3D sizeof Dev->Dma->Data;=0D + return ReportHostAdapterOverrunError (Packet);=0D + }=0D + if (Packet->OutTransferLength > sizeof Dev->Dma->Data) {=0D + Packet->OutTransferLength =3D sizeof Dev->Dma->Data;=0D + return ReportHostAdapterOverrunError (Packet);=0D + }=0D +=0D + return EFI_SUCCESS;=0D +}=0D +=0D //=0D // The next seven functions implement EFI_EXT_SCSI_PASS_THRU_PROTOCOL=0D // for the LSI 53C895A SCSI Controller. Refer to UEFI Spec 2.3.1 + Errata = C,=0D @@ -70,6 +159,15 @@ LsiScsiPassThru ( IN EFI_EVENT Event OPTIONAL=0D )=0D {=0D + EFI_STATUS Status;=0D + LSI_SCSI_DEV *Dev;=0D +=0D + Dev =3D LSI_SCSI_FROM_PASS_THRU (This);=0D + Status =3D LsiScsiCheckRequest (Dev, *Target, Lun, Packet);=0D + if (EFI_ERROR (Status)) {=0D + return Status;=0D + }=0D +=0D return EFI_UNSUPPORTED;=0D }=0D =0D diff --git a/OvmfPkg/LsiScsiDxe/LsiScsi.h b/OvmfPkg/LsiScsiDxe/LsiScsi.h index 9f9e5c7fed00..05deeed379fe 100644 --- a/OvmfPkg/LsiScsiDxe/LsiScsi.h +++ b/OvmfPkg/LsiScsiDxe/LsiScsi.h @@ -13,6 +13,10 @@ #define _LSI_SCSI_DXE_H_=0D =0D typedef struct {=0D + //=0D + // The max size of CDB is 32.=0D + //=0D + UINT8 Cdb[32];=0D //=0D // Allocate 64KB for read/write buffer. It seems sufficient for the comm= on=0D // boot scenarios.=0D --=20 2.25.1