From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-pl1-f173.google.com (mail-pl1-f173.google.com [209.85.214.173]) by mx.groups.io with SMTP id smtpd.web12.1945.1643139559444445864 for ; Tue, 25 Jan 2022 11:39:19 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20210112 header.b=gxm7Z5gL; spf=pass (domain: gmail.com, ip: 209.85.214.173, mailfrom: kuqin12@gmail.com) Received: by mail-pl1-f173.google.com with SMTP id x11so14574553plg.6 for ; Tue, 25 Jan 2022 11:39:19 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=EYu80WVc8iCAkEtjTb0rixmIAbfOJx8gjgcJfVDHeiA=; b=gxm7Z5gLAaeZ9BWeDWckGh70H35M0DDWkDBJhMDgFdz6ikdK3yk2865yUrnZEhmH0k pb2ibP0ezrzJIRNSqwQIkhGWSQMeIJ9SrufDsONZWFgyxiFg/RSE53LiU5d/nJDyubNU hjuGcA3Xyho+g7lG+6D3w33w3K3Mrqn8iKfDqF/VTXtVTqxHYshJK7GOK3bNZMbEHLjW TWXyuEjKzFLcoaHkusI3QFfA1rT0iRoNNDL/We8wl9k3u7EE06egT0GwujY6VlNaywCC SI9vpRV0ZD5I7fiLT9Rci4B+yWY7tHuBXEjAMqEdVcWdyCH1k3PnlOMUOsTxHnN8+li7 wVjQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=EYu80WVc8iCAkEtjTb0rixmIAbfOJx8gjgcJfVDHeiA=; b=BIddgjDPGXv95+oMwHu3U7KZ8rXCURrzyHUFwri7YwfbRy8aEeT4WfMlVWCgjKxNZ7 XN8/ApndwBdftQYZnPskvnONYjPi34BVzq8AmQy2WxxezM+kfgXWZuAeukMzVkikq/XS HHJ1nd4cZMjs+LPiOpo/07bEH8kJMtLC8KJGwqzqzv8M5OmPQ3YEwgdWbtK6rORo9LEP GqnWeu7DoHNoGU77AsHFQFbsN6LEHgg2/kSJC1iWkdo6mI7j+hUPE/2LgNVmjT7iTjL6 7QiwcBD/DGfAs1lSP1IQZpG9246rkUYwdACj9i2oWxPYwUsXIxFH1Zz5Yzq4ZiHMliFT HUaA== X-Gm-Message-State: AOAM530+38MKyUSLxxGpQHHwiSo+RUwkYqI3xWwLWQabLYX/tTDNQQPV PE6m4OOE7EVpYnKaKgrzjq+8CAeNF+c= X-Google-Smtp-Source: ABdhPJysYZ7RKSd6QbTD20rDghcHfwBSo2MIxuw4WIS5GzgLzyfNZqWyGhm90YfDOuBh1d9Gaj9goQ== X-Received: by 2002:a17:902:dad1:b0:14b:5094:9076 with SMTP id q17-20020a170902dad100b0014b50949076mr10538008plx.22.1643139558944; Tue, 25 Jan 2022 11:39:18 -0800 (PST) Return-Path: Received: from gem-name-lb-02.localdomain ([50.35.74.198]) by smtp.gmail.com with ESMTPSA id v8sm1036929pju.51.2022.01.25.11.39.18 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 25 Jan 2022 11:39:18 -0800 (PST) From: "Kun Qin" To: devel@edk2.groups.io Cc: Leif Lindholm , Ard Biesheuvel , Bret Barkelew , Michael Kubacki , Sami Mujawar Subject: [PATCH v3 6/6] ArmPkg: MmCommunicationDxe: Update MM communicate `MessageLength` check Date: Tue, 25 Jan 2022 11:39:09 -0800 Message-Id: <20220125193909.491-7-kuqin12@gmail.com> X-Mailer: git-send-email 2.34.1.windows.1 In-Reply-To: <20220125193909.491-1-kuqin12@gmail.com> References: <20220125193909.491-1-kuqin12@gmail.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3751 Current MM communicate routine from ArmPkg would conduct few checks prior to proceeding with SMC calls. However, the inspection step is different from PI specification. This patch updated MM communicate input argument inspection routine to assure that "if the `MessageLength` is zero, or too large for the MM implementation to manage, the MM implementation must update the `MessageLength` to reflect the size of the `Data` buffer that it can tolerate", as described by `EFI_MM_COMMUNICATION_PROTOCOL.Communicate()` section in PI specification. Cc: Leif Lindholm Cc: Ard Biesheuvel Cc: Bret Barkelew Cc: Michael Kubacki Cc: Sami Mujawar Signed-off-by: Kun Qin Reviewed-by: Sami Mujawar --- Notes: v2: - Splitting patch into 4 of 4 [Ard] - Uncrustify style update v3: - Added cc entry and reviewed-by tag [Sami] ArmPkg/Drivers/MmCommunicationDxe/MmCommunication.c | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) diff --git a/ArmPkg/Drivers/MmCommunicationDxe/MmCommunication.c b/ArmPkg/Drivers/MmCommunicationDxe/MmCommunication.c index 2f89b7c5b6c4..85d9034555f0 100644 --- a/ArmPkg/Drivers/MmCommunicationDxe/MmCommunication.c +++ b/ArmPkg/Drivers/MmCommunicationDxe/MmCommunication.c @@ -92,6 +92,7 @@ MmCommunication2Communicate ( return EFI_INVALID_PARAMETER; } + Status = EFI_SUCCESS; CommunicateHeader = CommBufferVirtual; // CommBuffer is a mandatory parameter. Hence, Rely on // MessageLength + Header to ascertain the @@ -109,28 +110,33 @@ MmCommunication2Communicate ( (*CommSize > mNsCommBuffMemRegion.Length)) { *CommSize = mNsCommBuffMemRegion.Length; - return EFI_BAD_BUFFER_SIZE; + Status = EFI_BAD_BUFFER_SIZE; } // // CommSize should cover at least MessageLength + sizeof (EFI_MM_COMMUNICATE_HEADER); // if (*CommSize < BufferSize) { - return EFI_INVALID_PARAMETER; + Status = EFI_INVALID_PARAMETER; } } // - // If the buffer size is 0 or greater than what can be tolerated by the MM + // If the message length is 0 or greater than what can be tolerated by the MM // environment then return the expected size. // - if ((BufferSize == 0) || + if ((CommunicateHeader->MessageLength == 0) || (BufferSize > mNsCommBuffMemRegion.Length)) { CommunicateHeader->MessageLength = mNsCommBuffMemRegion.Length - sizeof (CommunicateHeader->HeaderGuid) - sizeof (CommunicateHeader->MessageLength); - return EFI_BAD_BUFFER_SIZE; + Status = EFI_BAD_BUFFER_SIZE; + } + + // MessageLength or CommSize check has failed, return here. + if (EFI_ERROR (Status)) { + return Status; } // SMC Function ID -- 2.34.1.windows.1