From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=134.134.136.100; helo=mga07.intel.com; envelope-from=ray.ni@intel.com; receiver=edk2-devel@lists.01.org Received: from mga07.intel.com (mga07.intel.com [134.134.136.100]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 7EC89211D56B4 for ; Tue, 5 Mar 2019 18:19:41 -0800 (PST) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga004.fm.intel.com ([10.253.24.48]) by orsmga105.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 05 Mar 2019 18:19:40 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.58,446,1544515200"; d="scan'208";a="149628378" Received: from fmsmsx104.amr.corp.intel.com ([10.18.124.202]) by fmsmga004.fm.intel.com with ESMTP; 05 Mar 2019 18:19:39 -0800 Received: from FMSMSX109.amr.corp.intel.com (10.18.116.9) by fmsmsx104.amr.corp.intel.com (10.18.124.202) with Microsoft SMTP Server (TLS) id 14.3.408.0; Tue, 5 Mar 2019 18:19:35 -0800 Received: from shsmsx108.ccr.corp.intel.com (10.239.4.97) by fmsmsx109.amr.corp.intel.com (10.18.116.9) with Microsoft SMTP Server (TLS) id 14.3.408.0; Tue, 5 Mar 2019 18:19:34 -0800 Received: from shsmsx104.ccr.corp.intel.com ([169.254.5.74]) by SHSMSX108.ccr.corp.intel.com ([169.254.8.57]) with mapi id 14.03.0415.000; Wed, 6 Mar 2019 10:19:00 +0800 From: "Ni, Ray" To: "Chen, Chen A" , "edk2-devel@lists.01.org" CC: "Dong, Eric" Thread-Topic: [edk2] [PATCH] UefiCpuPkg/Microcode.c: Add verification before calculate CheckSum32 Thread-Index: AQHU0ul7UqdVE3cgxE+vP6lcradFFaX939nw Date: Wed, 6 Mar 2019 02:15:18 +0000 Deferred-Delivery: Wed, 6 Mar 2019 02:19:00 +0000 Message-ID: <734D49CCEBEEF84792F5B80ED585239D5C05FD4A@SHSMSX104.ccr.corp.intel.com> References: <20190305002118.10572-1-chen.a.chen@intel.com> In-Reply-To: <20190305002118.10572-1-chen.a.chen@intel.com> Accept-Language: en-US, zh-CN X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.239.127.40] MIME-Version: 1.0 Subject: Re: [PATCH] UefiCpuPkg/Microcode.c: Add verification before calculate CheckSum32 X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 06 Mar 2019 02:19:41 -0000 Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Reviewed-by: Ray Ni > -----Original Message----- > From: edk2-devel On Behalf Of Chen A > Chen > Sent: Tuesday, March 5, 2019 8:21 AM > To: edk2-devel@lists.01.org > Cc: Dong, Eric > Subject: [edk2] [PATCH] UefiCpuPkg/Microcode.c: Add verification before > calculate CheckSum32 >=20 > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D1020 >=20 > Should make sure the TotalSize of Microcode is aligned with 4 bytes > before calling CalculateSum32 function. >=20 > Contributed-under: TianoCore Contribution Agreement 1.1 > Signed-off-by: Chen A Chen > Cc: Ray Ni > Cc: Eric Dong > --- > UefiCpuPkg/Library/MpInitLib/Microcode.c | 31 ++++++++++++++++++++-- > --------- > 1 file changed, 20 insertions(+), 11 deletions(-) >=20 > diff --git a/UefiCpuPkg/Library/MpInitLib/Microcode.c > b/UefiCpuPkg/Library/MpInitLib/Microcode.c > index 5f9ae22794..643a6f94f4 100644 > --- a/UefiCpuPkg/Library/MpInitLib/Microcode.c > +++ b/UefiCpuPkg/Library/MpInitLib/Microcode.c > @@ -166,20 +166,29 @@ MicrocodeDetect ( > // > CorrectMicrocode =3D FALSE; >=20 > - // > - // Save an in-complete CheckSum32 from CheckSum Part1 for common > parts. > - // > if (MicrocodeEntryPoint->DataSize =3D=3D 0) { > - InCompleteCheckSum32 =3D CalculateSum32 ( > - (UINT32 *) MicrocodeEntryPoint, > - sizeof (CPU_MICROCODE_HEADER) + 2000 > - ); > + TotalSize =3D sizeof (CPU_MICROCODE_HEADER) + 2000; > } else { > - InCompleteCheckSum32 =3D CalculateSum32 ( > - (UINT32 *) MicrocodeEntryPoint, > - sizeof (CPU_MICROCODE_HEADER) + Microcode= EntryPoint- > >DataSize > - ); > + TotalSize =3D sizeof (CPU_MICROCODE_HEADER) + MicrocodeEntryPoint- > >DataSize; > } > + > + /// > + /// Check overflow and whether TotalSize is aligned with 4 bytes. > + /// > + if ( ((UINTN)MicrocodeEntryPoint + TotalSize) > MicrocodeEnd || > + (TotalSize & 0x3) !=3D 0 > + ) { > + MicrocodeEntryPoint =3D (CPU_MICROCODE_HEADER *) (((UINTN) > MicrocodeEntryPoint) + SIZE_1KB); > + continue; > + } > + > + // > + // Save an in-complete CheckSum32 from CheckSum Part1 for common > parts. > + // > + InCompleteCheckSum32 =3D CalculateSum32 ( > + (UINT32 *) MicrocodeEntryPoint, > + TotalSize > + ); > InCompleteCheckSum32 -=3D MicrocodeEntryPoint- > >ProcessorSignature.Uint32; > InCompleteCheckSum32 -=3D MicrocodeEntryPoint->ProcessorFlags; > InCompleteCheckSum32 -=3D MicrocodeEntryPoint->Checksum; > -- > 2.16.2.windows.1 >=20 > _______________________________________________ > edk2-devel mailing list > edk2-devel@lists.01.org > https://lists.01.org/mailman/listinfo/edk2-devel