From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-pl1-f174.google.com (mail-pl1-f174.google.com [209.85.214.174]) by mx.groups.io with SMTP id smtpd.web09.21276.1647403215070888924 for ; Tue, 15 Mar 2022 21:00:15 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20210112 header.b=YBZyCjL2; spf=pass (domain: gmail.com, ip: 209.85.214.174, mailfrom: kuqin12@gmail.com) Received: by mail-pl1-f174.google.com with SMTP id w8so787925pll.10 for ; Tue, 15 Mar 2022 21:00:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=y3U5T9d9zu0aZpfqgAfQo24yr2TvRQl7YAk+takGiNw=; b=YBZyCjL20e7JX5PgGB0pjw1vj9onF6NMVGxIMny4Pb6LpiGC4fUxNqTepO5BZoPyu+ 11Rosex6in7NvEko2ZF2pt2//aMsJafsD15fCIql6lo0KZPXLdrwJV1ahJaSUg6Ag/CN YZqqRfay+69NPnSHW0IeJpjucgCCeSxjIZTjvzfvT383WUftY2RO8tvt4QOfK4Yk5a2d vu3/6FWGBpftZ8uA6ZTfvAiPfY2kYI0anD3Jy9AEeUj6Ay4xAULZtKLp/IdO4h5xDm59 W4RQ+RVSzj7EomaqkE1fzx3xoGV84anH9+ax4uhHj8A6KQ+IWOi99fz9pahpPsrFYNzK JDjg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=y3U5T9d9zu0aZpfqgAfQo24yr2TvRQl7YAk+takGiNw=; b=pz8l0sIaWYM9ioIeJmZZjshfnx+6OECgmxtBeRDhxB0UV/ZJYiOJgR0KNFcSI03phK eU1JJdqV44qIeS/3eSjBbxIA4+6K/oJ58z/RTU0DPQR+BchYY/ea1mJ9pf0y+aIehnSA 1L40C6o/EONjE7uv+eSKzvQ0bGEeZLI2Uush1Qj3rdtnVw+97ys6adWRPn6bFvHgbKYW 6ClXSLmVleDbbRTqeEpbQRvTww1NfcOCvzYcQIR4jgubcvsgPf3YrI7fl5fJ6r3ayox7 NxhUjSo0nq488BsRx1vPjbwhTNd6z5CXWy0x7oNae93H7c8gkcBSavoe9J7lOqEC+N95 XoQw== X-Gm-Message-State: AOAM530o5Oc6+Knq7DOZcjhgT3uYskyeopeULIy+9enyq4P9JApvpXVR MhsnVZtwjIGqjpE+0pjTQ5Uwq+4dblYkCg== X-Google-Smtp-Source: ABdhPJxGHOS439rCm58xNGV1R04HiBkxbU9+xsc30PpPMLQc30pEG6kerYEQE0kP2QiMQa6t7w+jFw== X-Received: by 2002:a17:902:f701:b0:14d:7cea:82af with SMTP id h1-20020a170902f70100b0014d7cea82afmr31400424plo.71.1647403214464; Tue, 15 Mar 2022 21:00:14 -0700 (PDT) Return-Path: Received: from localhost.localdomain ([50.47.82.110]) by smtp.gmail.com with ESMTPSA id l2-20020a056a0016c200b004f7e3181a41sm768664pfc.98.2022.03.15.21.00.14 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 15 Mar 2022 21:00:14 -0700 (PDT) From: "Kun Qin" To: devel@edk2.groups.io Cc: Jiewen Yao , Eric Dong , Ray Ni , Jian J Wang , Liming Gao Subject: [PATCH v1 0/1] SMM memory management: Inspect memory guarded with pool headers Date: Tue, 15 Mar 2022 20:59:53 -0700 Message-Id: <20220316035954.1146-1-kuqin12@gmail.com> X-Mailer: git-send-email 2.35.1.windows.2 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3488 Current free pool routine from PiSmmCore will inspect memory guard status for target buffer without considering pool headers. This could lead to `IsMemoryGuarded` function to return incorrect results. i.e. A 0-sized pool that is configured to be near tail guard page, it could cause the returned region points into a guard page, which is legal. However, trying to free this 0 sized pool will cause `IsMemoryGuarded` to access guard page, which leads to page fault. This change will inspect memory guarded with pool headers. This can avoid errors when a pool content happens to be on a page boundary. Patch v1 branch: https://github.com/kuqin12/edk2/tree/mm_zero_sized_pool Cc: Jiewen Yao Cc: Eric Dong Cc: Ray Ni Cc: Jian J Wang Cc: Liming Gao Kun Qin (1): MdeModulePkg: PiSmmCore: Inspect memory guarded with pool headers MdeModulePkg/Core/PiSmmCore/Pool.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) -- 2.35.1.windows.2