From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <bounce+27952+121310+7686176+12367111@groups.io>
Received: from mail05.groups.io (mail05.groups.io [45.79.224.7])
	by spool.mail.gandi.net (Postfix) with ESMTPS id 5D99794149E
	for <rebecca@openfw.io>; Tue,  6 May 2025 12:51:52 +0000 (UTC)
DKIM-Signature: a=rsa-sha256; bh=W7t9nj4mwz2C1ThUZEISuSczWNAhKfSoJVlVc7MhrZY=;
 c=relaxed/simple; d=groups.io;
 h=From:To:Cc:Subject:Date:Message-Id:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Resent-Date:Resent-From:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding;
 s=20240830; t=1746535912; v=1; x=1746795110;
 b=ZDY2/meShFw34VDVOSEnb1j6aXq21B4+XHOXDoIdIzCvTAw4KKC6NqdxhLthWHaL4eWn4Cgm
 nSbW+r/dF+P6GoyhED930dYy+0AS9gDbZFmEqlVV0UjpfkxKkyBXrlvUlDcFbgh1Aaz9dmnYox2
 c6LeFiEzQZnZ+rcUjjMkPpYorFmId9+9TsHJaVblbo9+fp4I50PD9nf6BIvRRyKbzNmsJu2ceuM
 gVaecbOvDLYJPIsw3AJ9B4MCgWKHlwa68BYQge8JVuqUPg5yK++xR+zfKzJNTPjXkv7Pa15tFGp
 2usRRnA89JdMNdAVLkDXaiW78UBs4bJb7NcOagERb19GA==
X-Received: by 127.0.0.2 with SMTP id zB3eYY7687511xwVQ2yzbnUm; Tue, 06 May 2025 05:51:50 -0700
X-Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.14])
 by mx.groups.io with SMTP id smtpd.web10.74940.1746535910210764935
 for <devel@edk2.groups.io>;
 Tue, 06 May 2025 05:51:50 -0700
X-CSE-ConnectionGUID: Fy6aWgA7RumsQjK7gabJLQ==
X-CSE-MsgGUID: pP4jR93hTpasPIT2YdNv5A==
X-IronPort-AV: E=McAfee;i="6700,10204,11425"; a="48329667"
X-IronPort-AV: E=Sophos;i="6.15,266,1739865600"; 
   d="scan'208";a="48329667"
X-Received: from orviesa003.jf.intel.com ([10.64.159.143])
  by fmvoesa108.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 06 May 2025 05:51:49 -0700
X-CSE-ConnectionGUID: Xp1GJg4ES7Wyprco1jg1tQ==
X-CSE-MsgGUID: ZoKkUrrCRf62ALVqYqeq7w==
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="6.15,266,1739865600"; 
   d="scan'208";a="140369978"
X-Received: from shsse002.sh.intel.com ([10.239.132.247])
  by orviesa003.jf.intel.com with ESMTP; 06 May 2025 05:51:46 -0700
From: "Zhou Jianfeng via groups.io" <jianfeng.zhou=intel.com@groups.io>
To: devel@edk2.groups.io
Cc: Zhou Jianfeng <jianfeng.zhou@intel.com>,
	Ray Ni <ray.ni@intel.com>,
	Gerd Hoffmann <kraxel@redhat.com>,
	Jiaxin Wu <jiaxin.wu@intel.com>,
	Zhiguang Liu <zhiguang.liu@intel.com>,
	Dun Tan <dun.tan@intel.com>,
	Rahul Kumar <rahul1.kumar@intel.com>,
	Star Zeng <star.zeng@intel.com>,
	Liming Gao <gaoliming@byosoft.com.cn>
Subject: [edk2-devel] [PATCH] UefiCpuPkg/PiSmmCpuDxeSmm: Fix SMRAM memory leak during S3 resume
Date: Tue,  6 May 2025 08:50:59 -0400
Message-Id: <20250506125059.3343414-1-jianfeng.zhou@intel.com>
MIME-Version: 1.0
Precedence: Bulk
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Resent-Date: Tue, 06 May 2025 05:51:50 -0700
Resent-From: jianfeng.zhou@intel.com
Reply-To: devel@edk2.groups.io,jianfeng.zhou@intel.com
List-Unsubscribe-Post: List-Unsubscribe=One-Click
List-Unsubscribe: <https://edk2.groups.io/g/devel/leave/12367111/7686176/1913456212/plugh>
X-Gm-Message-State: hsuPUdHTkJjBOJB8A2Hn0Kozx7686176AA=
Content-Transfer-Encoding: 8bit
X-GND-Status: LEGIT
Authentication-Results: spool.mail.gandi.net;
	dkim=pass header.d=groups.io header.s=20240830 header.b="ZDY2/meS";
	dmarc=pass (policy=none) header.from=groups.io;
	spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 45.79.224.7 as permitted sender) smtp.mailfrom=bounce@groups.io

SyncContext of SMM_DISPATCHER_MP_SYNC_DATA was dynamically allocated from
SMRAM. The memory was not freed before reallocation in S3 resume path.
This could lead to:
1. Memory leak in SMRAM.
2. Potential S3 resume failure after repeated S3 tests due to SMRAM
exhaustion.

This change releases the SyncContext memory before reallocating it

Cc: Ray Ni <ray.ni@intel.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Zhiguang Liu <zhiguang.liu@intel.com>
Cc: Dun Tan <dun.tan@intel.com>
Cc: Rahul Kumar <rahul1.kumar@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Rahul Kumar <rahul1.kumar@intel.com>
Cc: Zhou Jianfeng <jianfeng.zhou@intel.com>

Signed-off-by: Zhou Jianfeng <jianfeng.zhou@intel.com>
---
 UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c b/UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c
index b19906b610..7bc68087ad 100644
--- a/UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c
+++ b/UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c
@@ -1868,6 +1868,10 @@ InitializeMpSyncData (
   UINTN  CpuIndex;

   if (mSmmMpSyncData != NULL) {
+    if (mSmmMpSyncData->SyncContext != NULL) {
+      SmmCpuSyncContextDeinit (mSmmMpSyncData->SyncContext);
+    }
+
     //
     // mSmmMpSyncDataSize includes one structure of SMM_DISPATCHER_MP_SYNC_DATA, one
     // CpuData array of SMM_CPU_DATA_BLOCK and one CandidateBsp array of BOOLEAN.
@@ -1968,6 +1972,7 @@ InitializeMpServiceData (
   mSmmMpSyncData = (SMM_DISPATCHER_MP_SYNC_DATA *)AllocatePages (EFI_SIZE_TO_PAGES (mSmmMpSyncDataSize));
   ASSERT (mSmmMpSyncData != NULL);

+  ZeroMem (mSmmMpSyncData, mSmmMpSyncDataSize);
   RelaxedMode = FALSE;
   GetSmmCpuSyncConfigData (&RelaxedMode, NULL, NULL);
   mCpuSmmSyncMode = RelaxedMode ? MmCpuSyncModeRelaxedAp : MmCpuSyncModeTradition;
-- 
2.25.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#121310): https://edk2.groups.io/g/devel/message/121310
Mute This Topic: https://groups.io/mt/112647890/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-