Re: [edk2-devel] [PATCH V6 0/1] Disable safe string constraint assertions

public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed

From: "Ard Biesheuvel" <ard.biesheuvel@arm.com>
To: devel@edk2.groups.io, cheptsov@ispras.ru
Cc: "Andrew Fish" <afish@apple.com>,
	"Ard Biesheuvel" <ard.biesheuvel@linaro.org>,
	"Bret Barkelew" <bret.barkelew@microsoft.com>,
	"Brian J . Johnson" <brian.johnson@hpe.com>,
	"Chasel Chiu" <chasel.chiu@intel.com>,
	"Jordan Justen" <jordan.l.justen@intel.com>,
	"Laszlo Ersek" <lersek@redhat.com>,
	"Leif Lindholm" <leif@nuviainc.com>,
	"Liming Gao" <liming.gao@intel.com>,
	"Marvin Häuser" <mhaeuser@outlook.de>,
	"Mike Kinney" <michael.d.kinney@intel.com>,
	"Vincent Zimmer" <vincent.zimmer@intel.com>,
	"Zhichao Gao" <zhichao.gao@intel.com>
Subject: Re: [edk2-devel] [PATCH V6 0/1] Disable safe string constraint assertions
Date: Thu, 14 May 2020 13:33:19 +0200	[thread overview]
Message-ID: <6b0ff798-db01-f29b-271c-0a61ae37ea41@arm.com> (raw)
In-Reply-To: <20200514092537.29609-1-cheptsov@ispras.ru>

On 5/14/20 11:25 AM, Vitaly Cheptsov via groups.io wrote:
> CC: Andrew Fish <afish@apple.com>
> CC: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> CC: Bret Barkelew <bret.barkelew@microsoft.com>
> CC: Brian J. Johnson <brian.johnson@hpe.com>
> CC: Chasel Chiu <chasel.chiu@intel.com>
> CC: Jordan Justen <jordan.l.justen@intel.com>
> CC: Laszlo Ersek <lersek@redhat.com>
> CC: Leif Lindholm <leif@nuviainc.com>
> CC: Liming Gao <liming.gao@intel.com>
> CC: Marvin Häuser <mhaeuser@outlook.de>
> CC: Mike Kinney <michael.d.kinney@intel.com>
> CC: Vincent Zimmer <vincent.zimmer@intel.com>
> CC: Zhichao Gao <zhichao.gao@intel.com>
> 
> Current implementation of SafeString does not let one parse untrusted
> data with its interfaces as they ASSERT on failing runtime checks and
> require one to effectively reimplement the function on the caller side.
> 
> All the former proposals made it clear that the attempts to introduce
> a solution preserving this behaviour require a lot of changes
> throughout the codebase including platform code (e.g. introducing
> constraint assertions and updating all DebugLib implementations)
> or require all sorts of hacks.
> 
> Since the original code has roughly no benefit except in some very
> special cases and the effort required to preserve it is very high,
> I propose to remove it as agreed on with several other parties.
> 
> Please note, that this patch does not change the behaviour of the
> functions in RELEASE builds. I.e. they will still check for NULL
> and return RETURN_INVALID_PARAMETER. In the future we may (or may
> not) want them to simply ASSERT in this case. Regardless this should
> be done in a separate BZ entry and a separate commit. For this reason
> I ask everyone not to touch this subject.
> 
> Due to the amount of discussion this has already undergone after
> almost a year I kindly request everyone to reduce the communication
> to the minimum and abstain from proposing another approach.
> 
> REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2054
> 
> Requesting to merge this into edk2-stable202005.
> 
> Vitaly Cheptsov (1):
>    MdePkg: Fix SafeString performing assertions on runtime checks
> 
>   MdePkg/Include/Library/BaseLib.h    | 120 ++------------------
>   MdePkg/Library/BaseLib/SafeString.c |  80 -------------
>   2 files changed, 7 insertions(+), 193 deletions(-)
> 

Acked-by: Ard Biesheuvel <ard.biesheuvel@arm.com>

     prev parent reply	other threads:[~2020-05-14 11:33 UTC|newest]

Thread overview: 15+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-05-14  9:25 [PATCH V6 0/1] Disable safe string constraint assertions Vitaly Cheptsov
2020-05-14  9:25 ` [PATCH V6 1/1] MdePkg: Fix SafeString performing assertions on runtime checks Vitaly Cheptsov
2020-05-14 13:35   ` Laszlo Ersek
2020-05-14 16:38   ` [edk2-devel] " Michael D Kinney
2020-05-14 17:39     ` Vitaly Cheptsov
2020-05-14 17:58       ` Michael D Kinney
2020-05-14 18:59         ` Vitaly Cheptsov
2020-05-14 19:45           ` Ard Biesheuvel
2020-05-14 21:07           ` Michael D Kinney
2020-05-14 21:15             ` [EXTERNAL] " Bret Barkelew
2020-05-14 22:14               ` Michael D Kinney
2020-05-15  9:28                 ` Marvin Häuser
2020-05-15  9:30                 ` [EXTERNAL] " Vitaly Cheptsov
2020-05-15 15:26                   ` Bret Barkelew
2020-05-14 11:33 ` Ard Biesheuvel [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-list from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=6b0ff798-db01-f29b-271c-0a61ae37ea41@arm.com \
    --to=devel@edk2.groups.io \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox