Hi Ard, No worries. Liming has helped to merge these patches here: MM communicate functionality in variable policy by lgao4 · Pull Request #2443 · tianocore/edk2 (github.com) . Thanks for checking back. Regards, Kun On 9/7/2022 1:27 AM, Ard Biesheuvel wrote: > On Mon, 13 Dec 2021 at 19:23, Kun Qin wrote: >> Hi ArmPkg and MdeModulePkg maintainers, >> >> Now that the hard freeze is lifted, could you please provide some >> feedback on these patches when you have a chance? >> > My apologies for not responding to these changes. > > If these patches are still relevant, please rebase and resend them. > > >> On 12/06/2021 10:41, Ard Biesheuvel wrote: >>> On Mon, 6 Dec 2021 at 19:35, Kun Qin wrote: >>>> Hi ArmPkg and MdeModulePkg maintainers, >>>> >>>> It has been a week since the patches were sent. Could you please review >>>> the changes and let me know if there is any feedback? Any input is >>>> appreciated. >>>> >>> As far as I know, we are still in hard freeze for the upcoming stable tag. >>> >>>> On 11/29/2021 16:39, Kun Qin via groups.io wrote: >>>>> REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3709 >>>>> REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3751 >>>>> >>>>> Currently, setups with variable policy operations used together with MM >>>>> communicate from ArmPkg could fail with `EFI_INVALID_PARAMETER`. This was >>>>> due to the errors from 2 following aspects: >>>>> >>>>> 1. For variable policy implementations in MdeModulePkg, the DXE runtime >>>>> agent would communicate to MM to disable, register or query policies. >>>>> However, during these operations, the MessageLength calculation is >>>>> including MM communicate header. This could lead to MM agent read data >>>>> across the given buffer boundary and/or trigger other errors. >>>>> >>>>> 2. On the other hand, current MM communicate routine from ArmPkg would >>>>> fail the function if the input message length does not equal to input >>>>> buffer size. >>>>> >>>>> As defined in PI specification, the `CommSize`, when as input, should >>>>> stand for "The size of the data buffer being passed in", which would mean >>>>> the maximal number of bytes `CommBuffer` can hold. In turn, the value of >>>>> this input parameter can be used for MM handlers to determine whether the >>>>> output data is too large to fit in this buffer. Enforcing the incoming >>>>> buffer to hold exactly the number of used bytes mismatches with the PI >>>>> spec description. >>>>> >>>>> This change fix MessageLength field calculation from variable policy and >>>>> updated input argument inspections from MM communicate routine in ArmPkg >>>>> to match PI spec descriptions. >>>>> >>>>> Patch v1 branch:https://github.com/kuqin12/edk2/tree/mm_communicate_check >>>>> >>>>> Cc: Jian J Wang >>>>> Cc: Liming Gao >>>>> Cc: Hao A Wu >>>>> Cc: Leif Lindholm >>>>> Cc: Ard Biesheuvel >>>>> Cc: Bret Barkelew >>>>> Cc: Michael Kubacki >>>>> >>>>> Kun Qin (2): >>>>> MdeModulePkg: VariableSmmRuntimeDxe: Fix Variable Policy Message >>>>> Length >>>>> ArmPkg: MmCommunicationDxe: Update MM communicate input arguments >>>>> checks >>>>> >>>>> ArmPkg/Drivers/MmCommunicationDxe/MmCommunication.c | 44 ++++++++++++-------- >>>>> MdeModulePkg/Universal/Variable/RuntimeDxe/VariablePolicySmmDxe.c | 10 ++--- >>>>> 2 files changed, 32 insertions(+), 22 deletions(-) >>>>>