From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from us-smtp-delivery-1.mimecast.com (us-smtp-delivery-1.mimecast.com [207.211.31.81])
 by mx.groups.io with SMTP id smtpd.web12.13336.1594117048662863523
 for <devel@edk2.groups.io>;
 Tue, 07 Jul 2020 03:17:29 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=OlEW83Sb;
 spf=pass (domain: redhat.com, ip: 207.211.31.81, mailfrom: lersek@redhat.com)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1594117047;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=uMTZ6UT2mOHSBOlhgvhQymAFPZkJ/TFM2NGRMdMNvuY=;
	b=OlEW83SbhEsHNoAFe0TjJ6hLmdboxvfgS536GxzYvoJjdZb5PMRRyU8JBaIzdwvzi0iqoy
	pnremEcQOJ3Sj1VhWbzJWlAil0DiaLu1xBO75M7lMHt6KEExp8qeTUSwOXKxAtFGiHlDL6
	d3lU4kjKasF0FMVODptp1b+Arcl5Gx4=
Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com
 [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id
 us-mta-455-akBswaY2OBmhSYtM6P-qJw-1; Tue, 07 Jul 2020 06:17:26 -0400
X-MC-Unique: akBswaY2OBmhSYtM6P-qJw-1
Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mimecast-mx01.redhat.com (Postfix) with ESMTPS id C4DC71940922;
	Tue,  7 Jul 2020 10:17:24 +0000 (UTC)
Received: from lacos-laptop-7.usersys.redhat.com (ovpn-114-90.ams2.redhat.com [10.36.114.90])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 95C61C0067;
	Tue,  7 Jul 2020 10:17:22 +0000 (UTC)
Subject: Re: [PATCH 09/11] OvmfPkg/LsiScsiDxe: Examine the incoming SCSI Request Packet
To: Gary Lin <glin@suse.com>, devel@edk2.groups.io
Cc: Jordan Justen <jordan.l.justen@intel.com>,
 Ard Biesheuvel <ard.biesheuvel@arm.com>
References: <20200701040448.14871-1-glin@suse.com>
 <20200701040448.14871-10-glin@suse.com>
From: "Laszlo Ersek" <lersek@redhat.com>
Message-ID: <7eb82ece-08fd-cb48-ddae-47a2069a3cd4@redhat.com>
Date: Tue, 7 Jul 2020 12:17:21 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101
 Firefox/52.0 Thunderbird/52.9.1
MIME-Version: 1.0
In-Reply-To: <20200701040448.14871-10-glin@suse.com>
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15
Authentication-Results: relay.mimecast.com;
	auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=lersek@redhat.com
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Language: en-US
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit

On 07/01/20 06:04, Gary Lin wrote:
> This is the first part of LsiScsiPassThru(). Before processing the SCSI
> Request packet, we have to make sure whether the packet is valid or not.
> 
> Cc: Jordan Justen <jordan.l.justen@intel.com>
> Cc: Laszlo Ersek <lersek@redhat.com>
> Cc: Ard Biesheuvel <ard.biesheuvel@arm.com>
> Signed-off-by: Gary Lin <glin@suse.com>
> ---
>  OvmfPkg/LsiScsiDxe/LsiScsi.c | 100 ++++++++++++++++++++++++++++++++++-
>  OvmfPkg/LsiScsiDxe/LsiScsi.h |   4 ++
>  2 files changed, 103 insertions(+), 1 deletion(-)
> 
> diff --git a/OvmfPkg/LsiScsiDxe/LsiScsi.c b/OvmfPkg/LsiScsiDxe/LsiScsi.c
> index b728d18d51df..1bcebd92e455 100644
> --- a/OvmfPkg/LsiScsiDxe/LsiScsi.c
> +++ b/OvmfPkg/LsiScsiDxe/LsiScsi.c
> @@ -52,6 +52,95 @@ LsiScsiReset (
>    return Out8 (Dev, LSI_REG_ISTAT0, LSI_ISTAT0_SRST);
>  }
>  
> +STATIC
> +EFI_STATUS
> +ReportHostAdapterOverrunError (
> +  OUT EFI_EXT_SCSI_PASS_THRU_SCSI_REQUEST_PACKET *Packet
> +  )
> +{
> +  Packet->SenseDataLength = 0;
> +  Packet->HostAdapterStatus =
> +            EFI_EXT_SCSI_STATUS_HOST_ADAPTER_DATA_OVERRUN_UNDERRUN;
> +  Packet->TargetStatus = EFI_EXT_SCSI_STATUS_TARGET_GOOD;
> +  return EFI_BAD_BUFFER_SIZE;
> +}
> +
> +/**
> +
> +  Check the request packet from the Extended SCSI Pass Thru Protocol. The
> +  request packet is modified, to be forwarded outwards by LsiScsiPassThru(),
> +  if invalid or unsupported parameters are detected.
> +
> +  @param[in] Dev          The LSI 53C895A SCSI device the packet targets.
> +
> +  @param[in] Target       The SCSI target controlled by the LSI 53C895A SCSI
> +                          device.
> +
> +  @param[in] Lun          The Logical Unit Number under the SCSI target.
> +
> +  @param[in out] Packet   The Extended SCSI Pass Thru Protocol packet.
> +
> +
> +  @retval EFI_SUCCESS  The Extended SCSI Pass Thru Protocol packet was valid.
> +
> +  @return              Otherwise, invalid or unsupported parameters were
> +                       detected. Status codes are meant for direct forwarding
> +                       by the EFI_EXT_SCSI_PASS_THRU_PROTOCOL.PassThru()
> +                       implementation.
> +
> + **/
> +STATIC
> +EFI_STATUS
> +LsiScsiCheckRequest (
> +  IN LSI_SCSI_DEV                                   *Dev,
> +  IN UINT8                                          Target,
> +  IN UINT64                                         Lun,
> +  IN OUT EFI_EXT_SCSI_PASS_THRU_SCSI_REQUEST_PACKET *Packet
> +  )
> +{
> +  if (Target > Dev->MaxTarget || Lun > Dev->MaxLun ||
> +      Packet->DataDirection > EFI_EXT_SCSI_DATA_DIRECTION_BIDIRECTIONAL ||
> +      //
> +      // Trying to receive, but destination pointer is NULL, or contradicting
> +      // transfer direction
> +      //
> +      (Packet->InTransferLength > 0 &&
> +       (Packet->InDataBuffer == NULL ||
> +        Packet->DataDirection == EFI_EXT_SCSI_DATA_DIRECTION_WRITE
> +         )
> +        ) ||
> +
> +      //
> +      // Trying to send, but source pointer is NULL, or contradicting transfer
> +      // direction
> +      //
> +      (Packet->OutTransferLength > 0 &&
> +       (Packet->OutDataBuffer == NULL ||
> +        Packet->DataDirection == EFI_EXT_SCSI_DATA_DIRECTION_READ
> +         )
> +        )
> +    ) {
> +    return EFI_INVALID_PARAMETER;
> +  }
> +
> +  if (Packet->DataDirection == EFI_EXT_SCSI_DATA_DIRECTION_BIDIRECTIONAL ||
> +      (Packet->InTransferLength > 0 && Packet->OutTransferLength > 0) ||
> +      Packet->CdbLength > sizeof Dev->Dma->Cdb) {
> +    return EFI_UNSUPPORTED;
> +  }
> +
> +  if (Packet->InTransferLength > sizeof Dev->Dma->Data) {
> +    Packet->InTransferLength = sizeof Dev->Dma->Data;
> +    return ReportHostAdapterOverrunError (Packet);
> +  }
> +  if (Packet->OutTransferLength > sizeof Dev->Dma->Data) {
> +    Packet->OutTransferLength = sizeof Dev->Dma->Data;
> +    return ReportHostAdapterOverrunError (Packet);
> +  }
> +
> +  return EFI_SUCCESS;
> +}
> +
>  //
>  // The next seven functions implement EFI_EXT_SCSI_PASS_THRU_PROTOCOL
>  // for the LSI 53C895A SCSI Controller. Refer to UEFI Spec 2.3.1 + Errata C,
> @@ -70,7 +159,16 @@ LsiScsiPassThru (
>    IN EFI_EVENT                                      Event     OPTIONAL
>    )
>  {
> -  return EFI_UNSUPPORTED;
> +  EFI_STATUS   Status;
> +  LSI_SCSI_DEV *Dev;
> +
> +  Dev = LSI_SCSI_FROM_PASS_THRU (This);
> +  Status = LsiScsiCheckRequest (Dev, *Target, Lun, Packet);
> +  if (EFI_ERROR (Status)) {
> +    return Status;
> +  }
> +
> +  return EFI_SUCCESS;
>  }
>  
>  EFI_STATUS

In this patch, we do not implement LsiScsiPassThru() completely yet.
Therefore we should not return EFI_SUCCESS, just because
LsiScsiCheckRequest() succeeds.

(1) So please keep the EFI_UNSUPPORTED value for the last "return"
statement in the function, for now.

EFI_UNSUPPORTED should be replaced with EFI_SUCCESS in "[PATCH 10/11]
OvmfPkg/LsiScsiDxe: Process the SCSI Request Packet".

With that update, for this patch:

Reviewed-by: Laszlo Ersek <lersek@redhat.com>

Thanks
Laszlo

> diff --git a/OvmfPkg/LsiScsiDxe/LsiScsi.h b/OvmfPkg/LsiScsiDxe/LsiScsi.h
> index 1e4bbc56f933..9272eb7506c7 100644
> --- a/OvmfPkg/LsiScsiDxe/LsiScsi.h
> +++ b/OvmfPkg/LsiScsiDxe/LsiScsi.h
> @@ -13,6 +13,10 @@
>  #define _LSI_SCSI_DXE_H_
>  
>  typedef struct {
> +  //
> +  // The max size of CDB is 32.
> +  //
> +  UINT8                           Cdb[32];
>    //
>    // Allocate 64KB for read/write buffer.
>    //
>