* [PATCH v2 0/1] MdePkg/BaseLib: AArch64 SetJump/LongJump bugfix @ 2020-10-01 16:15 Jan Bobek 2020-10-01 16:15 ` [PATCH v2 1/1] MdePkg/BaseLib: Fix invalid memory access in AArch64 SetJump/LongJump Jan Bobek 0 siblings, 1 reply; 7+ messages in thread From: Jan Bobek @ 2020-10-01 16:15 UTC (permalink / raw) To: devel Cc: Leif Lindholm, Ard Biesheuvel, Michael D Kinney, Liming Gao, Zhiguang Liu, Jeff Brasen, Ashish Singhal Hello, sending a v2 of my patch after following the instructions Laszlo Ersek gave me in response to the v1. Best, -Jan Jan Bobek (1): MdePkg/BaseLib: Fix invalid memory access in AArch64 SetJump/LongJump MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.S | 8 ++++---- MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.asm | 8 ++++---- 2 files changed, 8 insertions(+), 8 deletions(-) -- 2.28.0 ^ permalink raw reply [flat|nested] 7+ messages in thread
* [PATCH v2 1/1] MdePkg/BaseLib: Fix invalid memory access in AArch64 SetJump/LongJump 2020-10-01 16:15 [PATCH v2 0/1] MdePkg/BaseLib: AArch64 SetJump/LongJump bugfix Jan Bobek @ 2020-10-01 16:15 ` Jan Bobek 2020-10-05 14:33 ` Ard Biesheuvel 0 siblings, 1 reply; 7+ messages in thread From: Jan Bobek @ 2020-10-01 16:15 UTC (permalink / raw) To: devel Cc: Leif Lindholm, Ard Biesheuvel, Michael D Kinney, Liming Gao, Zhiguang Liu, Jeff Brasen, Ashish Singhal Correct the memory offsets used in REG_ONE/REG_PAIR macros to synchronize them with definition of the BASE_LIBRARY_JUMP_BUFFER structure on AArch64. The REG_ONE macro declares only a single 64-bit register be read/written; however, the subsequent offset is 16 bytes larger, creating an unused memory gap in the middle of the structure and causing SetJump/LongJump functions to read/write 8 bytes of memory past the end of the jump buffer struct. Signed-off-by: Jan Bobek <jbobek@nvidia.com> --- MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.S | 8 ++++---- MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.asm | 8 ++++---- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.S b/MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.S index 72cea259e913..deefdf526b95 100644 --- a/MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.S +++ b/MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.S @@ -20,10 +20,10 @@ GCC_ASM_EXPORT(InternalLongJump) REG_ONE (x16, 96) /*IP0*/ #define FPR_LAYOUT \ - REG_PAIR ( d8, d9, 112); \ - REG_PAIR (d10, d11, 128); \ - REG_PAIR (d12, d13, 144); \ - REG_PAIR (d14, d15, 160); + REG_PAIR ( d8, d9, 104); \ + REG_PAIR (d10, d11, 120); \ + REG_PAIR (d12, d13, 136); \ + REG_PAIR (d14, d15, 152); #/** # Saves the current CPU context that can be restored with a call to LongJump() and returns 0.# diff --git a/MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.asm b/MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.asm index 20dd0f1b850f..df70f298998e 100644 --- a/MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.asm +++ b/MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.asm @@ -19,10 +19,10 @@ REG_ONE (x16, #96) /*IP0*/ #define FPR_LAYOUT \ - REG_PAIR ( d8, d9, #112); \ - REG_PAIR (d10, d11, #128); \ - REG_PAIR (d12, d13, #144); \ - REG_PAIR (d14, d15, #160); + REG_PAIR ( d8, d9, #104); \ + REG_PAIR (d10, d11, #120); \ + REG_PAIR (d12, d13, #136); \ + REG_PAIR (d14, d15, #152); ;/** ; Saves the current CPU context that can be restored with a call to LongJump() and returns 0.# -- 2.28.0 ^ permalink raw reply related [flat|nested] 7+ messages in thread
* Re: [PATCH v2 1/1] MdePkg/BaseLib: Fix invalid memory access in AArch64 SetJump/LongJump 2020-10-01 16:15 ` [PATCH v2 1/1] MdePkg/BaseLib: Fix invalid memory access in AArch64 SetJump/LongJump Jan Bobek @ 2020-10-05 14:33 ` Ard Biesheuvel 2020-10-05 21:57 ` Michael D Kinney 0 siblings, 1 reply; 7+ messages in thread From: Ard Biesheuvel @ 2020-10-05 14:33 UTC (permalink / raw) To: Jan Bobek, devel, Michael D Kinney, Liming Gao Cc: Leif Lindholm, Zhiguang Liu, Jeff Brasen, Ashish Singhal On 10/1/20 6:15 PM, Jan Bobek wrote: > Correct the memory offsets used in REG_ONE/REG_PAIR macros to > synchronize them with definition of the BASE_LIBRARY_JUMP_BUFFER > structure on AArch64. > > The REG_ONE macro declares only a single 64-bit register be > read/written; however, the subsequent offset is 16 bytes larger, > creating an unused memory gap in the middle of the structure and > causing SetJump/LongJump functions to read/write 8 bytes of memory > past the end of the jump buffer struct. > > Signed-off-by: Jan Bobek <jbobek@nvidia.com> Thanks Jan, Reviewed-by: Ard Biesheuvel <ard.biesheuvel@arm.com> Liming, Michael: any concerns? Thanks, > --- > MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.S | 8 ++++---- > MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.asm | 8 ++++---- > 2 files changed, 8 insertions(+), 8 deletions(-) > > diff --git a/MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.S b/MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.S > index 72cea259e913..deefdf526b95 100644 > --- a/MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.S > +++ b/MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.S > @@ -20,10 +20,10 @@ GCC_ASM_EXPORT(InternalLongJump) > REG_ONE (x16, 96) /*IP0*/ > > #define FPR_LAYOUT \ > - REG_PAIR ( d8, d9, 112); \ > - REG_PAIR (d10, d11, 128); \ > - REG_PAIR (d12, d13, 144); \ > - REG_PAIR (d14, d15, 160); > + REG_PAIR ( d8, d9, 104); \ > + REG_PAIR (d10, d11, 120); \ > + REG_PAIR (d12, d13, 136); \ > + REG_PAIR (d14, d15, 152); > > #/** > # Saves the current CPU context that can be restored with a call to LongJump() and returns 0.# > diff --git a/MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.asm b/MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.asm > index 20dd0f1b850f..df70f298998e 100644 > --- a/MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.asm > +++ b/MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.asm > @@ -19,10 +19,10 @@ > REG_ONE (x16, #96) /*IP0*/ > > #define FPR_LAYOUT \ > - REG_PAIR ( d8, d9, #112); \ > - REG_PAIR (d10, d11, #128); \ > - REG_PAIR (d12, d13, #144); \ > - REG_PAIR (d14, d15, #160); > + REG_PAIR ( d8, d9, #104); \ > + REG_PAIR (d10, d11, #120); \ > + REG_PAIR (d12, d13, #136); \ > + REG_PAIR (d14, d15, #152); > > ;/** > ; Saves the current CPU context that can be restored with a call to LongJump() and returns 0.# > ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH v2 1/1] MdePkg/BaseLib: Fix invalid memory access in AArch64 SetJump/LongJump 2020-10-05 14:33 ` Ard Biesheuvel @ 2020-10-05 21:57 ` Michael D Kinney 2020-10-12 18:55 ` Jan Bobek 0 siblings, 1 reply; 7+ messages in thread From: Michael D Kinney @ 2020-10-05 21:57 UTC (permalink / raw) To: Ard Biesheuvel, Jan Bobek, devel@edk2.groups.io, Liming Gao, Kinney, Michael D Cc: Leif Lindholm, Liu, Zhiguang, Jeff Brasen, Ashish Singhal No concerns. Acked-by: Michael D Kinney <michael.d.kinney@intel.com> Mike > -----Original Message----- > From: Ard Biesheuvel <ard.biesheuvel@arm.com> > Sent: Monday, October 5, 2020 7:33 AM > To: Jan Bobek <jbobek@nvidia.com>; devel@edk2.groups.io; Kinney, Michael D <michael.d.kinney@intel.com>; Liming Gao > <gaoliming@byosoft.com.cn> > Cc: Leif Lindholm <leif@nuviainc.com>; Liu, Zhiguang <zhiguang.liu@intel.com>; Jeff Brasen <jbrasen@nvidia.com>; Ashish Singhal > <ashishsingha@nvidia.com> > Subject: Re: [PATCH v2 1/1] MdePkg/BaseLib: Fix invalid memory access in AArch64 SetJump/LongJump > > On 10/1/20 6:15 PM, Jan Bobek wrote: > > Correct the memory offsets used in REG_ONE/REG_PAIR macros to > > synchronize them with definition of the BASE_LIBRARY_JUMP_BUFFER > > structure on AArch64. > > > > The REG_ONE macro declares only a single 64-bit register be > > read/written; however, the subsequent offset is 16 bytes larger, > > creating an unused memory gap in the middle of the structure and > > causing SetJump/LongJump functions to read/write 8 bytes of memory > > past the end of the jump buffer struct. > > > > Signed-off-by: Jan Bobek <jbobek@nvidia.com> > > Thanks Jan, > > Reviewed-by: Ard Biesheuvel <ard.biesheuvel@arm.com> > > Liming, Michael: any concerns? > > Thanks, > > > > --- > > MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.S | 8 ++++---- > > MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.asm | 8 ++++---- > > 2 files changed, 8 insertions(+), 8 deletions(-) > > > > diff --git a/MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.S b/MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.S > > index 72cea259e913..deefdf526b95 100644 > > --- a/MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.S > > +++ b/MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.S > > @@ -20,10 +20,10 @@ GCC_ASM_EXPORT(InternalLongJump) > > REG_ONE (x16, 96) /*IP0*/ > > > > #define FPR_LAYOUT \ > > - REG_PAIR ( d8, d9, 112); \ > > - REG_PAIR (d10, d11, 128); \ > > - REG_PAIR (d12, d13, 144); \ > > - REG_PAIR (d14, d15, 160); > > + REG_PAIR ( d8, d9, 104); \ > > + REG_PAIR (d10, d11, 120); \ > > + REG_PAIR (d12, d13, 136); \ > > + REG_PAIR (d14, d15, 152); > > > > #/** > > # Saves the current CPU context that can be restored with a call to LongJump() and returns 0.# > > diff --git a/MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.asm b/MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.asm > > index 20dd0f1b850f..df70f298998e 100644 > > --- a/MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.asm > > +++ b/MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.asm > > @@ -19,10 +19,10 @@ > > REG_ONE (x16, #96) /*IP0*/ > > > > #define FPR_LAYOUT \ > > - REG_PAIR ( d8, d9, #112); \ > > - REG_PAIR (d10, d11, #128); \ > > - REG_PAIR (d12, d13, #144); \ > > - REG_PAIR (d14, d15, #160); > > + REG_PAIR ( d8, d9, #104); \ > > + REG_PAIR (d10, d11, #120); \ > > + REG_PAIR (d12, d13, #136); \ > > + REG_PAIR (d14, d15, #152); > > > > ;/** > > ; Saves the current CPU context that can be restored with a call to LongJump() and returns 0.# > > ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH v2 1/1] MdePkg/BaseLib: Fix invalid memory access in AArch64 SetJump/LongJump 2020-10-05 21:57 ` Michael D Kinney @ 2020-10-12 18:55 ` Jan Bobek 2020-10-13 1:09 ` 回复: " gaoliming [not found] ` <163D68004C6050DB.25724@groups.io> 0 siblings, 2 replies; 7+ messages in thread From: Jan Bobek @ 2020-10-12 18:55 UTC (permalink / raw) To: Kinney, Michael D, Ard Biesheuvel, devel@edk2.groups.io, Liming Gao Cc: Leif Lindholm, Liu, Zhiguang, Jeff Brasen, Ashish Singhal Hey guys, just wondering, are we waiting for more reviews before this is good to merge? Best, -Jan Kinney, Michael D writes: > No concerns. > > Acked-by: Michael D Kinney <michael.d.kinney@intel.com> > > Mike > >> -----Original Message----- >> From: Ard Biesheuvel <ard.biesheuvel@arm.com> >> Sent: Monday, October 5, 2020 7:33 AM >> To: Jan Bobek <jbobek@nvidia.com>; devel@edk2.groups.io; Kinney, Michael D <michael.d.kinney@intel.com>; Liming Gao >> <gaoliming@byosoft.com.cn> >> Cc: Leif Lindholm <leif@nuviainc.com>; Liu, Zhiguang <zhiguang.liu@intel.com>; Jeff Brasen <jbrasen@nvidia.com>; Ashish Singhal >> <ashishsingha@nvidia.com> >> Subject: Re: [PATCH v2 1/1] MdePkg/BaseLib: Fix invalid memory access in AArch64 SetJump/LongJump >> >> On 10/1/20 6:15 PM, Jan Bobek wrote: >> > Correct the memory offsets used in REG_ONE/REG_PAIR macros to >> > synchronize them with definition of the BASE_LIBRARY_JUMP_BUFFER >> > structure on AArch64. >> > >> > The REG_ONE macro declares only a single 64-bit register be >> > read/written; however, the subsequent offset is 16 bytes larger, >> > creating an unused memory gap in the middle of the structure and >> > causing SetJump/LongJump functions to read/write 8 bytes of memory >> > past the end of the jump buffer struct. >> > >> > Signed-off-by: Jan Bobek <jbobek@nvidia.com> >> >> Thanks Jan, >> >> Reviewed-by: Ard Biesheuvel <ard.biesheuvel@arm.com> >> >> Liming, Michael: any concerns? >> >> Thanks, >> >> >> > --- >> > MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.S | 8 ++++---- >> > MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.asm | 8 ++++---- >> > 2 files changed, 8 insertions(+), 8 deletions(-) >> > >> > diff --git a/MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.S b/MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.S >> > index 72cea259e913..deefdf526b95 100644 >> > --- a/MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.S >> > +++ b/MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.S >> > @@ -20,10 +20,10 @@ GCC_ASM_EXPORT(InternalLongJump) >> > REG_ONE (x16, 96) /*IP0*/ >> > >> > #define FPR_LAYOUT \ >> > - REG_PAIR ( d8, d9, 112); \ >> > - REG_PAIR (d10, d11, 128); \ >> > - REG_PAIR (d12, d13, 144); \ >> > - REG_PAIR (d14, d15, 160); >> > + REG_PAIR ( d8, d9, 104); \ >> > + REG_PAIR (d10, d11, 120); \ >> > + REG_PAIR (d12, d13, 136); \ >> > + REG_PAIR (d14, d15, 152); >> > >> > #/** >> > # Saves the current CPU context that can be restored with a call to LongJump() and returns 0.# >> > diff --git a/MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.asm b/MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.asm >> > index 20dd0f1b850f..df70f298998e 100644 >> > --- a/MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.asm >> > +++ b/MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.asm >> > @@ -19,10 +19,10 @@ >> > REG_ONE (x16, #96) /*IP0*/ >> > >> > #define FPR_LAYOUT \ >> > - REG_PAIR ( d8, d9, #112); \ >> > - REG_PAIR (d10, d11, #128); \ >> > - REG_PAIR (d12, d13, #144); \ >> > - REG_PAIR (d14, d15, #160); >> > + REG_PAIR ( d8, d9, #104); \ >> > + REG_PAIR (d10, d11, #120); \ >> > + REG_PAIR (d12, d13, #136); \ >> > + REG_PAIR (d14, d15, #152); >> > >> > ;/** >> > ; Saves the current CPU context that can be restored with a call to LongJump() and returns 0.# >> > ^ permalink raw reply [flat|nested] 7+ messages in thread
* 回复: [PATCH v2 1/1] MdePkg/BaseLib: Fix invalid memory access in AArch64 SetJump/LongJump 2020-10-12 18:55 ` Jan Bobek @ 2020-10-13 1:09 ` gaoliming [not found] ` <163D68004C6050DB.25724@groups.io> 1 sibling, 0 replies; 7+ messages in thread From: gaoliming @ 2020-10-13 1:09 UTC (permalink / raw) To: 'Jan Bobek', 'Kinney, Michael D', 'Ard Biesheuvel', devel Cc: 'Leif Lindholm', 'Liu, Zhiguang', 'Jeff Brasen', 'Ashish Singhal' Ack-by: Liming Gao <gaoliming@byosoft.com.cn> I will merge this change today. Thanks Liming > -----邮件原件----- > 发件人: Jan Bobek <jbobek@nvidia.com> > 发送时间: 2020年10月13日 2:55 > 收件人: Kinney, Michael D <michael.d.kinney@intel.com>; Ard Biesheuvel > <ard.biesheuvel@arm.com>; devel@edk2.groups.io; Liming Gao > <gaoliming@byosoft.com.cn> > 抄送: Leif Lindholm <leif@nuviainc.com>; Liu, Zhiguang > <zhiguang.liu@intel.com>; Jeff Brasen <jbrasen@nvidia.com>; Ashish Singhal > <ashishsingha@nvidia.com> > 主题: Re: [PATCH v2 1/1] MdePkg/BaseLib: Fix invalid memory access in > AArch64 SetJump/LongJump > > Hey guys, > > just wondering, are we waiting for more reviews before this is good to > merge? > > Best, > -Jan > > Kinney, Michael D writes: > > No concerns. > > > > Acked-by: Michael D Kinney <michael.d.kinney@intel.com> > > > > Mike > > > >> -----Original Message----- > >> From: Ard Biesheuvel <ard.biesheuvel@arm.com> > >> Sent: Monday, October 5, 2020 7:33 AM > >> To: Jan Bobek <jbobek@nvidia.com>; devel@edk2.groups.io; Kinney, > Michael D <michael.d.kinney@intel.com>; Liming Gao > >> <gaoliming@byosoft.com.cn> > >> Cc: Leif Lindholm <leif@nuviainc.com>; Liu, Zhiguang > <zhiguang.liu@intel.com>; Jeff Brasen <jbrasen@nvidia.com>; Ashish Singhal > >> <ashishsingha@nvidia.com> > >> Subject: Re: [PATCH v2 1/1] MdePkg/BaseLib: Fix invalid memory access in > AArch64 SetJump/LongJump > >> > >> On 10/1/20 6:15 PM, Jan Bobek wrote: > >> > Correct the memory offsets used in REG_ONE/REG_PAIR macros to > >> > synchronize them with definition of the BASE_LIBRARY_JUMP_BUFFER > >> > structure on AArch64. > >> > > >> > The REG_ONE macro declares only a single 64-bit register be > >> > read/written; however, the subsequent offset is 16 bytes larger, > >> > creating an unused memory gap in the middle of the structure and > >> > causing SetJump/LongJump functions to read/write 8 bytes of memory > >> > past the end of the jump buffer struct. > >> > > >> > Signed-off-by: Jan Bobek <jbobek@nvidia.com> > >> > >> Thanks Jan, > >> > >> Reviewed-by: Ard Biesheuvel <ard.biesheuvel@arm.com> > >> > >> Liming, Michael: any concerns? > >> > >> Thanks, > >> > >> > >> > --- > >> > MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.S | 8 > ++++---- > >> > MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.asm | 8 > ++++---- > >> > 2 files changed, 8 insertions(+), 8 deletions(-) > >> > > >> > diff --git a/MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.S > b/MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.S > >> > index 72cea259e913..deefdf526b95 100644 > >> > --- a/MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.S > >> > +++ b/MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.S > >> > @@ -20,10 +20,10 @@ GCC_ASM_EXPORT(InternalLongJump) > >> > REG_ONE (x16, 96) /*IP0*/ > >> > > >> > #define FPR_LAYOUT \ > >> > - REG_PAIR ( d8, d9, 112); \ > >> > - REG_PAIR (d10, d11, 128); \ > >> > - REG_PAIR (d12, d13, 144); \ > >> > - REG_PAIR (d14, d15, 160); > >> > + REG_PAIR ( d8, d9, 104); \ > >> > + REG_PAIR (d10, d11, 120); \ > >> > + REG_PAIR (d12, d13, 136); \ > >> > + REG_PAIR (d14, d15, 152); > >> > > >> > #/** > >> > # Saves the current CPU context that can be restored with a call to > LongJump() and returns 0.# > >> > diff --git a/MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.asm > b/MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.asm > >> > index 20dd0f1b850f..df70f298998e 100644 > >> > --- a/MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.asm > >> > +++ b/MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.asm > >> > @@ -19,10 +19,10 @@ > >> > REG_ONE (x16, #96) /*IP0*/ > >> > > >> > #define FPR_LAYOUT \ > >> > - REG_PAIR ( d8, d9, #112); \ > >> > - REG_PAIR (d10, d11, #128); \ > >> > - REG_PAIR (d12, d13, #144); \ > >> > - REG_PAIR (d14, d15, #160); > >> > + REG_PAIR ( d8, d9, #104); \ > >> > + REG_PAIR (d10, d11, #120); \ > >> > + REG_PAIR (d12, d13, #136); \ > >> > + REG_PAIR (d14, d15, #152); > >> > > >> > ;/** > >> > ; Saves the current CPU context that can be restored with a call to > LongJump() and returns 0.# > >> > ^ permalink raw reply [flat|nested] 7+ messages in thread
[parent not found: <163D68004C6050DB.25724@groups.io>]
* 回复: [edk2-devel] 回复: [PATCH v2 1/1] MdePkg/BaseLib: Fix invalid memory access in AArch64 SetJump/LongJump [not found] ` <163D68004C6050DB.25724@groups.io> @ 2020-10-13 3:26 ` gaoliming 0 siblings, 0 replies; 7+ messages in thread From: gaoliming @ 2020-10-13 3:26 UTC (permalink / raw) To: devel, gaoliming, 'Jan Bobek', 'Kinney, Michael D', 'Ard Biesheuvel' Cc: 'Leif Lindholm', 'Liu, Zhiguang', 'Jeff Brasen', 'Ashish Singhal' Pull request https://github.com/tianocore/edk2/pull/1007 has been merged. > -----邮件原件----- > 发件人: bounce+27952+66140+4905953+8761045@groups.io > <bounce+27952+66140+4905953+8761045@groups.io> 代表 gaoliming > 发送时间: 2020年10月13日 9:10 > 收件人: 'Jan Bobek' <jbobek@nvidia.com>; 'Kinney, Michael D' > <michael.d.kinney@intel.com>; 'Ard Biesheuvel' <ard.biesheuvel@arm.com>; > devel@edk2.groups.io > 抄送: 'Leif Lindholm' <leif@nuviainc.com>; 'Liu, Zhiguang' > <zhiguang.liu@intel.com>; 'Jeff Brasen' <jbrasen@nvidia.com>; 'Ashish > Singhal' <ashishsingha@nvidia.com> > 主题: [edk2-devel] 回复: [PATCH v2 1/1] MdePkg/BaseLib: Fix invalid > memory access in AArch64 SetJump/LongJump > > Ack-by: Liming Gao <gaoliming@byosoft.com.cn> > > I will merge this change today. > > Thanks > Liming > > -----邮件原件----- > > 发件人: Jan Bobek <jbobek@nvidia.com> > > 发送时间: 2020年10月13日 2:55 > > 收件人: Kinney, Michael D <michael.d.kinney@intel.com>; Ard Biesheuvel > > <ard.biesheuvel@arm.com>; devel@edk2.groups.io; Liming Gao > > <gaoliming@byosoft.com.cn> > > 抄送: Leif Lindholm <leif@nuviainc.com>; Liu, Zhiguang > > <zhiguang.liu@intel.com>; Jeff Brasen <jbrasen@nvidia.com>; Ashish > Singhal > > <ashishsingha@nvidia.com> > > 主题: Re: [PATCH v2 1/1] MdePkg/BaseLib: Fix invalid memory access in > > AArch64 SetJump/LongJump > > > > Hey guys, > > > > just wondering, are we waiting for more reviews before this is good to > > merge? > > > > Best, > > -Jan > > > > Kinney, Michael D writes: > > > No concerns. > > > > > > Acked-by: Michael D Kinney <michael.d.kinney@intel.com> > > > > > > Mike > > > > > >> -----Original Message----- > > >> From: Ard Biesheuvel <ard.biesheuvel@arm.com> > > >> Sent: Monday, October 5, 2020 7:33 AM > > >> To: Jan Bobek <jbobek@nvidia.com>; devel@edk2.groups.io; Kinney, > > Michael D <michael.d.kinney@intel.com>; Liming Gao > > >> <gaoliming@byosoft.com.cn> > > >> Cc: Leif Lindholm <leif@nuviainc.com>; Liu, Zhiguang > > <zhiguang.liu@intel.com>; Jeff Brasen <jbrasen@nvidia.com>; Ashish > Singhal > > >> <ashishsingha@nvidia.com> > > >> Subject: Re: [PATCH v2 1/1] MdePkg/BaseLib: Fix invalid memory access > in > > AArch64 SetJump/LongJump > > >> > > >> On 10/1/20 6:15 PM, Jan Bobek wrote: > > >> > Correct the memory offsets used in REG_ONE/REG_PAIR macros to > > >> > synchronize them with definition of the BASE_LIBRARY_JUMP_BUFFER > > >> > structure on AArch64. > > >> > > > >> > The REG_ONE macro declares only a single 64-bit register be > > >> > read/written; however, the subsequent offset is 16 bytes larger, > > >> > creating an unused memory gap in the middle of the structure and > > >> > causing SetJump/LongJump functions to read/write 8 bytes of memory > > >> > past the end of the jump buffer struct. > > >> > > > >> > Signed-off-by: Jan Bobek <jbobek@nvidia.com> > > >> > > >> Thanks Jan, > > >> > > >> Reviewed-by: Ard Biesheuvel <ard.biesheuvel@arm.com> > > >> > > >> Liming, Michael: any concerns? > > >> > > >> Thanks, > > >> > > >> > > >> > --- > > >> > MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.S | 8 > > ++++---- > > >> > MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.asm | 8 > > ++++---- > > >> > 2 files changed, 8 insertions(+), 8 deletions(-) > > >> > > > >> > diff --git a/MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.S > > b/MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.S > > >> > index 72cea259e913..deefdf526b95 100644 > > >> > --- a/MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.S > > >> > +++ b/MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.S > > >> > @@ -20,10 +20,10 @@ GCC_ASM_EXPORT(InternalLongJump) > > >> > REG_ONE (x16, 96) /*IP0*/ > > >> > > > >> > #define FPR_LAYOUT \ > > >> > - REG_PAIR ( d8, d9, 112); \ > > >> > - REG_PAIR (d10, d11, 128); \ > > >> > - REG_PAIR (d12, d13, 144); \ > > >> > - REG_PAIR (d14, d15, 160); > > >> > + REG_PAIR ( d8, d9, 104); \ > > >> > + REG_PAIR (d10, d11, 120); \ > > >> > + REG_PAIR (d12, d13, 136); \ > > >> > + REG_PAIR (d14, d15, 152); > > >> > > > >> > #/** > > >> > # Saves the current CPU context that can be restored with a call > to > > LongJump() and returns 0.# > > >> > diff --git a/MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.asm > > b/MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.asm > > >> > index 20dd0f1b850f..df70f298998e 100644 > > >> > --- a/MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.asm > > >> > +++ b/MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.asm > > >> > @@ -19,10 +19,10 @@ > > >> > REG_ONE (x16, #96) /*IP0*/ > > >> > > > >> > #define FPR_LAYOUT \ > > >> > - REG_PAIR ( d8, d9, #112); \ > > >> > - REG_PAIR (d10, d11, #128); \ > > >> > - REG_PAIR (d12, d13, #144); \ > > >> > - REG_PAIR (d14, d15, #160); > > >> > + REG_PAIR ( d8, d9, #104); \ > > >> > + REG_PAIR (d10, d11, #120); \ > > >> > + REG_PAIR (d12, d13, #136); \ > > >> > + REG_PAIR (d14, d15, #152); > > >> > > > >> > ;/** > > >> > ; Saves the current CPU context that can be restored with a call > to > > LongJump() and returns 0.# > > >> > > > > > > > > ^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2020-10-13 3:26 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2020-10-01 16:15 [PATCH v2 0/1] MdePkg/BaseLib: AArch64 SetJump/LongJump bugfix Jan Bobek
2020-10-01 16:15 ` [PATCH v2 1/1] MdePkg/BaseLib: Fix invalid memory access in AArch64 SetJump/LongJump Jan Bobek
2020-10-05 14:33 ` Ard Biesheuvel
2020-10-05 21:57 ` Michael D Kinney
2020-10-12 18:55 ` Jan Bobek
2020-10-13 1:09 ` 回复: " gaoliming
[not found] ` <163D68004C6050DB.25724@groups.io>
2020-10-13 3:26 ` 回复: [edk2-devel] " gaoliming
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox