From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <jiewen.yao@intel.com>
Received: from mga06.intel.com (mga06.intel.com [134.134.136.31])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by ml01.01.org (Postfix) with ESMTPS id 5DDEB82136
 for <edk2-devel@lists.01.org>; Mon, 19 Dec 2016 18:06:30 -0800 (PST)
Received: from orsmga003.jf.intel.com ([10.7.209.27])
 by orsmga104.jf.intel.com with ESMTP; 19 Dec 2016 18:06:30 -0800
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.33,376,1477983600"; 
 d="scan'208,217";a="914224264"
Received: from fmsmsx108.amr.corp.intel.com ([10.18.124.206])
 by orsmga003.jf.intel.com with ESMTP; 19 Dec 2016 18:06:29 -0800
Received: from shsmsx101.ccr.corp.intel.com (10.239.4.153) by
 FMSMSX108.amr.corp.intel.com (10.18.124.206) with Microsoft SMTP Server (TLS)
 id 14.3.248.2; Mon, 19 Dec 2016 18:06:29 -0800
Received: from shsmsx102.ccr.corp.intel.com ([169.254.2.54]) by
 SHSMSX101.ccr.corp.intel.com ([169.254.1.97]) with mapi id 14.03.0248.002;
 Tue, 20 Dec 2016 10:06:27 +0800
From: "Yao, Jiewen" <jiewen.yao@intel.com>
To: "Yao, Jiewen" <jiewen.yao@intel.com>, "Kinney, Michael D"
 <michael.d.kinney@intel.com>, "Wu, Hao A" <hao.a.wu@intel.com>,
 "edk2-devel@lists.01.org" <edk2-devel@lists.01.org>
CC: "Fan, Jeff" <jeff.fan@intel.com>
Thread-Topic: [PATCH] UefiCpuPkg/PiSmmCpuDxeSmm: Add check to avoid NULL ptr
 dereference
Thread-Index: AQHSWmJChbPOEz3gRk+wUoTAeUY/mqEQD+vA//984ICAAIZHQIAAA1KA
Date: Tue, 20 Dec 2016 02:06:26 +0000
Message-ID: <74D8A39837DF1E4DA445A8C0B3885C503A8C6A8A@shsmsx102.ccr.corp.intel.com>
References: <1482198106-12044-1-git-send-email-hao.a.wu@intel.com>
 <74D8A39837DF1E4DA445A8C0B3885C503A8C69FD@shsmsx102.ccr.corp.intel.com>
 <E92EE9817A31E24EB0585FDF735412F56487DAB5@ORSMSX113.amr.corp.intel.com>
 <74D8A39837DF1E4DA445A8C0B3885C503A8C6A5A@shsmsx102.ccr.corp.intel.com>
In-Reply-To: <74D8A39837DF1E4DA445A8C0B3885C503A8C6A5A@shsmsx102.ccr.corp.intel.com>
Accept-Language: zh-CN, en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-originating-ip: [10.239.127.40]
MIME-Version: 1.0
X-Content-Filtered-By: Mailman/MimeDel 2.1.21
Subject: Re: [PATCH] UefiCpuPkg/PiSmmCpuDxeSmm: Add check to avoid NULL ptr dereference
X-BeenThere: edk2-devel@lists.01.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: EDK II Development  <edk2-devel.lists.01.org>
List-Unsubscribe: <https://lists.01.org/mailman/options/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=unsubscribe>
List-Archive: <http://lists.01.org/pipermail/edk2-devel/>
List-Post: <mailto:edk2-devel@lists.01.org>
List-Help: <mailto:edk2-devel-request@lists.01.org?subject=help>
List-Subscribe: <https://lists.01.org/mailman/listinfo/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=subscribe>
X-List-Received-Date: Tue, 20 Dec 2016 02:06:30 -0000
Content-Language: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

Maybe we can update IsSmmCommBufferForbiddenAddress() to use similar check =
- if (mUefiMemoryMap =3D=3D NULL).

Thank you
Yao Jiewen

From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Yao,=
 Jiewen
Sent: Tuesday, December 20, 2016 10:02 AM
To: Kinney, Michael D <michael.d.kinney@intel.com>; Wu, Hao A <hao.a.wu@int=
el.com>; edk2-devel@lists.01.org
Cc: Fan, Jeff <jeff.fan@intel.com>
Subject: Re: [edk2] [PATCH] UefiCpuPkg/PiSmmCpuDxeSmm: Add check to avoid N=
ULL ptr dereference

Hi Mike

1)       If there is no memory map, the SetUefiMemMapAttributes() API will =
return immediately without setting any protection.

SetUefiMemMapAttributes()
{
  if (mUefiMemoryMap =3D=3D NULL) {
    DEBUG ((DEBUG_INFO, "UefiMemoryMap - NULL\n"));
    return ;
  }
}


2)  IsSmmCommBufferForbiddenAddress() API will return FALSE directly.

IsSmmCommBufferForbiddenAddress()
{
  MemoryMapEntryCount =3D mUefiMemoryMapSize/mUefiDescriptorSize;
  for (Index =3D 0; Index < MemoryMapEntryCount; Index++) {
  }
  return FALSE;
}

Thank you
Yao Jiewen

From: Kinney, Michael D
Sent: Tuesday, December 20, 2016 9:53 AM
To: Yao, Jiewen <jiewen.yao@intel.com<mailto:jiewen.yao@intel.com>>; Wu, Ha=
o A <hao.a.wu@intel.com<mailto:hao.a.wu@intel.com>>; edk2-devel@lists.01.or=
g<mailto:edk2-devel@lists.01.org>; Kinney, Michael D <michael.d.kinney@inte=
l.com<mailto:michael.d.kinney@intel.com>>
Cc: Fan, Jeff <jeff.fan@intel.com<mailto:jeff.fan@intel.com>>
Subject: RE: [PATCH] UefiCpuPkg/PiSmmCpuDxeSmm: Add check to avoid NULL ptr=
 dereference

Jiewen,

What is the behavior of the module/platform if this function returns
before completing its work?

Mike

> -----Original Message-----
> From: Yao, Jiewen
> Sent: Monday, December 19, 2016 5:43 PM
> To: Wu, Hao A <hao.a.wu@intel.com<mailto:hao.a.wu@intel.com<mailto:hao.a.=
wu@intel.com%3cmailto:hao.a.wu@intel.com>>>; edk2-devel@lists.01.org<mailto=
:edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org%3cmailto:edk2-devel=
@lists.01.org>>
> Cc: Fan, Jeff <jeff.fan@intel.com<mailto:jeff.fan@intel.com<mailto:jeff.f=
an@intel.com%3cmailto:jeff.fan@intel.com>>>; Kinney, Michael D
> <michael.d.kinney@intel.com<mailto:michael.d.kinney@intel.com<mailto:mich=
ael.d.kinney@intel.com%3cmailto:michael.d.kinney@intel.com>>>
> Subject: RE: [PATCH] UefiCpuPkg/PiSmmCpuDxeSmm: Add check to avoid NULL p=
tr
> dereference
>
> Reviewed-by: jiewen.yao@intel.com<mailto:jiewen.yao@intel.com<mailto:jiew=
en.yao@intel.com%3cmailto:jiewen.yao@intel.com>>
>
> > -----Original Message-----
> > From: Wu, Hao A
> > Sent: Tuesday, December 20, 2016 9:42 AM
> > To: edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org<mailto:edk2-=
devel@lists.01.org%3cmailto:edk2-devel@lists.01.org>>
> > Cc: Wu, Hao A <hao.a.wu@intel.com<mailto:hao.a.wu@intel.com<mailto:hao.=
a.wu@intel.com%3cmailto:hao.a.wu@intel.com>>>; Yao, Jiewen <jiewen.yao@inte=
l.com<mailto:jiewen.yao@intel.com<mailto:jiewen.yao@intel.com%3cmailto:jiew=
en.yao@intel.com>>>; Fan,
> > Jeff <jeff.fan@intel.com<mailto:jeff.fan@intel.com<mailto:jeff.fan@inte=
l.com%3cmailto:jeff.fan@intel.com>>>; Kinney, Michael D <michael.d.kinney@i=
ntel.com<mailto:michael.d.kinney@intel.com<mailto:michael.d.kinney@intel.co=
m%3cmailto:michael.d.kinney@intel.com>>>
> > Subject: [PATCH] UefiCpuPkg/PiSmmCpuDxeSmm: Add check to avoid NULL ptr
> > dereference
> >
> > Cc: Jiewen Yao <jiewen.yao@intel.com<mailto:jiewen.yao@intel.com<mailto=
:jiewen.yao@intel.com%3cmailto:jiewen.yao@intel.com>>>
> > Cc: Jeff Fan <jeff.fan@intel.com<mailto:jeff.fan@intel.com<mailto:jeff.=
fan@intel.com%3cmailto:jeff.fan@intel.com>>>
> > Cc: Michael Kinney <michael.d.kinney@intel.com<mailto:michael.d.kinney@=
intel.com<mailto:michael.d.kinney@intel.com%3cmailto:michael.d.kinney@intel=
.com>>>
> > Contributed-under: TianoCore Contribution Agreement 1.0
> > Signed-off-by: Hao Wu <hao.a.wu@intel.com<mailto:hao.a.wu@intel.com<mai=
lto:hao.a.wu@intel.com%3cmailto:hao.a.wu@intel.com>>>
> > ---
> >  UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c | 4 ++++
> >  1 file changed, 4 insertions(+)
> >
> > diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c
> > b/UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c
> > index f4716f3..11fb891 100644
> > --- a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c
> > +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c
> > @@ -1011,6 +1011,10 @@ GetUefiMemoryMap (
> >      }
> >    } while (Status =3D=3D EFI_BUFFER_TOO_SMALL);
> >
> > +  if (MemoryMap =3D=3D NULL) {
> > +    return ;
> > +  }
> > +
> >    SortMemoryMap (MemoryMap, UefiMemoryMapSize, mUefiDescriptorSize);
> >    MergeMemoryMapForNotPresentEntry (MemoryMap,
> > &UefiMemoryMapSize, mUefiDescriptorSize);
> >
> > --
> > 1.9.5.msysgit.0
_______________________________________________
edk2-devel mailing list
edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org>
https://lists.01.org/mailman/listinfo/edk2-devel