public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed
* [PATCH] ArmPkg/DefaultExceptionHandlerLib: Fix DebugImageInfoTable lookup
@ 2021-08-08 19:39 Marvin Häuser
  2021-08-08 19:39 ` [PATCH] BaseTools: Define the read-only data section name per toolchain Marvin Häuser
                   ` (18 more replies)
  0 siblings, 19 replies; 49+ messages in thread
From: Marvin Häuser @ 2021-08-08 19:39 UTC (permalink / raw)
  To: devel; +Cc: Leif Lindholm, Ard Biesheuvel, Vitaly Cheptsov

The sum of ImageBase + ImageSize yields the address of the first byte
outside of the range of the image. Adjust the address comparison
accordingly.

Cc: Leif Lindholm <leif@nuviainc.com>
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Vitaly Cheptsov <vit9696@protonmail.com>
Signed-off-by: Marvin Häuser <mhaeuser@posteo.de>
---
 ArmPkg/Library/DefaultExceptionHandlerLib/DefaultExceptionHandlerUefi.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ArmPkg/Library/DefaultExceptionHandlerLib/DefaultExceptionHandlerUefi.c b/ArmPkg/Library/DefaultExceptionHandlerLib/DefaultExceptionHandlerUefi.c
index e9fea4038252..a9b97cf7caf4 100644
--- a/ArmPkg/Library/DefaultExceptionHandlerLib/DefaultExceptionHandlerUefi.c
+++ b/ArmPkg/Library/DefaultExceptionHandlerLib/DefaultExceptionHandlerUefi.c
@@ -55,7 +55,7 @@ GetImageName (
       if ((DebugTable->NormalImage->ImageInfoType == EFI_DEBUG_IMAGE_INFO_TYPE_NORMAL) &&
           (DebugTable->NormalImage->LoadedImageProtocolInstance != NULL)) {
         if ((Address >= (CHAR8 *)DebugTable->NormalImage->LoadedImageProtocolInstance->ImageBase) &&
-            (Address <= ((CHAR8 *)DebugTable->NormalImage->LoadedImageProtocolInstance->ImageBase + DebugTable->NormalImage->LoadedImageProtocolInstance->ImageSize))) {
+            (Address < ((CHAR8 *)DebugTable->NormalImage->LoadedImageProtocolInstance->ImageBase + DebugTable->NormalImage->LoadedImageProtocolInstance->ImageSize))) {
           *ImageBase = (UINTN)DebugTable->NormalImage->LoadedImageProtocolInstance->ImageBase;
           *PeCoffSizeOfHeaders = PeCoffGetSizeOfHeaders ((VOID *)(UINTN)*ImageBase);
           return PeCoffLoaderGetPdbPointer (DebugTable->NormalImage->LoadedImageProtocolInstance->ImageBase);
-- 
2.31.1


^ permalink raw reply related	[flat|nested] 49+ messages in thread

* [PATCH] BaseTools: Define the read-only data section name per toolchain
  2021-08-08 19:39 [PATCH] ArmPkg/DefaultExceptionHandlerLib: Fix DebugImageInfoTable lookup Marvin Häuser
@ 2021-08-08 19:39 ` Marvin Häuser
  2021-08-08 19:39   ` [PATCH] UefiCpuPkg/BaseUefiCpuLib: Use toolchain-specific rodata section name Marvin Häuser
  2021-08-08 19:39 ` [PATCH] BaseTools/tools_def: Fix CLANGPDB X64 RCPATH Marvin Häuser
                   ` (17 subsequent siblings)
  18 siblings, 1 reply; 49+ messages in thread
From: Marvin Häuser @ 2021-08-08 19:39 UTC (permalink / raw)
  To: devel; +Cc: Bob Feng, Liming Gao, Yuwei Chen, Vitaly Cheptsov

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3318

Different toolchains of the EDK II build system may generate ELF or
Mach-O files, which use the ".rodata" naming convention, or PE/COFF
files, which use the ".rdata" naming convention. Section permissions
are chosen based on this name per file format by NASM. To harden
image permission security, and to save space by avoiding both
".rdata" and ".rodata" sections being emitted, expose the appropriate
name as a preprocessor constant.

Cc: Bob Feng <bob.c.feng@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Yuwei Chen <yuwei.chen@intel.com>
Cc: Vitaly Cheptsov <vit9696@protonmail.com>
Signed-off-by: Marvin Häuser <mhaeuser@posteo.de>
---
 BaseTools/Conf/tools_def.template | 172 ++++++++++----------
 1 file changed, 86 insertions(+), 86 deletions(-)

diff --git a/BaseTools/Conf/tools_def.template b/BaseTools/Conf/tools_def.template
index 2e6b382ab623..84d464916c4d 100755
--- a/BaseTools/Conf/tools_def.template
+++ b/BaseTools/Conf/tools_def.template
@@ -463,9 +463,9 @@ NOOPT_VS2008_IA32_CC_FLAGS        = /nologo /c /WX /GS- /W4 /Gs32768 /D UNICODE
 RELEASE_VS2008_IA32_ASM_FLAGS     = /nologo /c /WX /W3 /Cx /coff /Zd
 NOOPT_VS2008_IA32_ASM_FLAGS       = /nologo /c /WX /W3 /Cx /coff /Zd /Zi
 
-  DEBUG_VS2008_IA32_NASM_FLAGS    = -Ox -f win32 -g
-RELEASE_VS2008_IA32_NASM_FLAGS    = -Ox -f win32
-NOOPT_VS2008_IA32_NASM_FLAGS      = -O0 -f win32 -g
+  DEBUG_VS2008_IA32_NASM_FLAGS    = -Ox -f win32 -g -DRODATA_SECTION_NAME=.rdata
+RELEASE_VS2008_IA32_NASM_FLAGS    = -Ox -f win32 -DRODATA_SECTION_NAME=.rdata
+NOOPT_VS2008_IA32_NASM_FLAGS      = -O0 -f win32 -g -DRODATA_SECTION_NAME=.rdata
 
   DEBUG_VS2008_IA32_DLINK_FLAGS   = /NOLOGO /NODEFAULTLIB /IGNORE:4001 /OPT:REF /OPT:ICF=10 /MAP /ALIGN:32 /SECTION:.xdata,D /SECTION:.pdata,D /MACHINE:X86 /LTCG /DLL /ENTRY:$(IMAGE_ENTRY_POINT) /SUBSYSTEM:EFI_BOOT_SERVICE_DRIVER /SAFESEH:NO /BASE:0 /DRIVER /DEBUG
 RELEASE_VS2008_IA32_DLINK_FLAGS   = /NOLOGO /NODEFAULTLIB /IGNORE:4001 /IGNORE:4254 /OPT:REF /OPT:ICF=10 /MAP /ALIGN:32 /SECTION:.xdata,D /SECTION:.pdata,D /MACHINE:X86 /LTCG /DLL /ENTRY:$(IMAGE_ENTRY_POINT) /SUBSYSTEM:EFI_BOOT_SERVICE_DRIVER /SAFESEH:NO /BASE:0 /DRIVER /MERGE:.rdata=.data
@@ -495,9 +495,9 @@ NOOPT_VS2008_X64_CC_FLAGS       = /nologo /c /WX /GS- /W4 /Gs32768 /D UNICODE /G
 RELEASE_VS2008_X64_ASM_FLAGS    = /nologo /c /WX /W3 /Cx /Zd
 NOOPT_VS2008_X64_ASM_FLAGS    = /nologo /c /WX /W3 /Cx /Zd /Zi
 
-  DEBUG_VS2008_X64_NASM_FLAGS   = -Ox -f win64 -g
-RELEASE_VS2008_X64_NASM_FLAGS   = -Ox -f win64
-NOOPT_VS2008_X64_NASM_FLAGS     = -O0 -f win64 -g
+  DEBUG_VS2008_X64_NASM_FLAGS   = -Ox -f win64 -g -DRODATA_SECTION_NAME=.rdata
+RELEASE_VS2008_X64_NASM_FLAGS   = -Ox -f win64 -DRODATA_SECTION_NAME=.rdata
+NOOPT_VS2008_X64_NASM_FLAGS     = -O0 -f win64 -g -DRODATA_SECTION_NAME=.rdata
 
   DEBUG_VS2008_X64_DLINK_FLAGS  = /NOLOGO /NODEFAULTLIB /IGNORE:4001 /OPT:REF /OPT:ICF=10 /MAP /ALIGN:32 /SECTION:.xdata,D /SECTION:.pdata,D /Machine:X64 /LTCG /DLL /ENTRY:$(IMAGE_ENTRY_POINT) /SUBSYSTEM:EFI_BOOT_SERVICE_DRIVER /SAFESEH:NO /BASE:0 /DRIVER /DEBUG
 RELEASE_VS2008_X64_DLINK_FLAGS  = /NOLOGO /NODEFAULTLIB /IGNORE:4001 /IGNORE:4254 /OPT:REF /OPT:ICF=10 /MAP /ALIGN:32 /SECTION:.xdata,D /SECTION:.pdata,D /Machine:X64 /LTCG /DLL /ENTRY:$(IMAGE_ENTRY_POINT) /SUBSYSTEM:EFI_BOOT_SERVICE_DRIVER /SAFESEH:NO /BASE:0 /DRIVER /MERGE:.rdata=.data
@@ -574,9 +574,9 @@ NOOPT_VS2008x86_IA32_CC_FLAGS      = /nologo /c /WX /GS- /W4 /Gs32768 /D UNICODE
 RELEASE_VS2008x86_IA32_ASM_FLAGS   = /nologo /c /WX /W3 /Cx /coff /Zd
 NOOPT_VS2008x86_IA32_ASM_FLAGS     = /nologo /c /WX /W3 /Cx /coff /Zd /Zi
 
-  DEBUG_VS2008x86_IA32_NASM_FLAGS  = -Ox -f win32 -g
-RELEASE_VS2008x86_IA32_NASM_FLAGS  = -Ox -f win32
-NOOPT_VS2008x86_IA32_NASM_FLAGS    = -O0 -f win32 -g
+  DEBUG_VS2008x86_IA32_NASM_FLAGS  = -Ox -f win32 -g -DRODATA_SECTION_NAME=.rdata
+RELEASE_VS2008x86_IA32_NASM_FLAGS  = -Ox -f win32 -DRODATA_SECTION_NAME=.rdata
+NOOPT_VS2008x86_IA32_NASM_FLAGS    = -O0 -f win32 -g -DRODATA_SECTION_NAME=.rdata
 
   DEBUG_VS2008x86_IA32_DLINK_FLAGS = /NOLOGO /NODEFAULTLIB /IGNORE:4001 /OPT:REF /OPT:ICF=10 /MAP /ALIGN:32 /SECTION:.xdata,D /SECTION:.pdata,D /MACHINE:X86 /LTCG /DLL /ENTRY:$(IMAGE_ENTRY_POINT) /SUBSYSTEM:EFI_BOOT_SERVICE_DRIVER /SAFESEH:NO /BASE:0 /DRIVER /DEBUG
 RELEASE_VS2008x86_IA32_DLINK_FLAGS = /NOLOGO /NODEFAULTLIB /IGNORE:4001 /IGNORE:4254 /OPT:REF /OPT:ICF=10 /MAP /ALIGN:32 /SECTION:.xdata,D /SECTION:.pdata,D /MACHINE:X86 /LTCG /DLL /ENTRY:$(IMAGE_ENTRY_POINT) /SUBSYSTEM:EFI_BOOT_SERVICE_DRIVER /SAFESEH:NO /BASE:0 /DRIVER /MERGE:.rdata=.data
@@ -605,9 +605,9 @@ NOOPT_VS2008x86_X64_CC_FLAGS       = /nologo /c /WX /GS- /W4 /Gs32768 /D UNICODE
 RELEASE_VS2008x86_X64_ASM_FLAGS    = /nologo /c /WX /W3 /Cx /Zd
 NOOPT_VS2008x86_X64_ASM_FLAGS      = /nologo /c /WX /W3 /Cx /Zd /Zi
 
-  DEBUG_VS2008x86_X64_NASM_FLAGS   = -Ox -f win64 -g
-RELEASE_VS2008x86_X64_NASM_FLAGS   = -Ox -f win64
-NOOPT_VS2008x86_X64_NASM_FLAGS     = -O0 -f win64 -g
+  DEBUG_VS2008x86_X64_NASM_FLAGS   = -Ox -f win64 -g -DRODATA_SECTION_NAME=.rdata
+RELEASE_VS2008x86_X64_NASM_FLAGS   = -Ox -f win64 -DRODATA_SECTION_NAME=.rdata
+NOOPT_VS2008x86_X64_NASM_FLAGS     = -O0 -f win64 -g -DRODATA_SECTION_NAME=.rdata
 
   DEBUG_VS2008x86_X64_DLINK_FLAGS  = /NOLOGO /NODEFAULTLIB /IGNORE:4001 /OPT:REF /OPT:ICF=10 /MAP /ALIGN:32 /SECTION:.xdata,D /SECTION:.pdata,D /Machine:X64 /LTCG /DLL /ENTRY:$(IMAGE_ENTRY_POINT) /SUBSYSTEM:EFI_BOOT_SERVICE_DRIVER /SAFESEH:NO /BASE:0 /DRIVER /DEBUG
 RELEASE_VS2008x86_X64_DLINK_FLAGS  = /NOLOGO /NODEFAULTLIB /IGNORE:4001 /IGNORE:4254 /OPT:REF /OPT:ICF=10 /MAP /ALIGN:32 /SECTION:.xdata,D /SECTION:.pdata,D /Machine:X64 /LTCG /DLL /ENTRY:$(IMAGE_ENTRY_POINT) /SUBSYSTEM:EFI_BOOT_SERVICE_DRIVER /SAFESEH:NO /BASE:0 /DRIVER /MERGE:.rdata=.data
@@ -688,9 +688,9 @@ NOOPT_VS2010_IA32_CC_FLAGS        = /nologo /c /WX /GS- /W4 /Gs32768 /D UNICODE
 RELEASE_VS2010_IA32_ASM_FLAGS     = /nologo /c /WX /W3 /Cx /coff /Zd
 NOOPT_VS2010_IA32_ASM_FLAGS       = /nologo /c /WX /W3 /Cx /coff /Zd /Zi
 
-  DEBUG_VS2010_IA32_NASM_FLAGS    = -Ox -f win32 -g
-RELEASE_VS2010_IA32_NASM_FLAGS    = -Ox -f win32
-NOOPT_VS2010_IA32_NASM_FLAGS      = -O0 -f win32 -g
+  DEBUG_VS2010_IA32_NASM_FLAGS    = -Ox -f win32 -g -DRODATA_SECTION_NAME=.rdata
+RELEASE_VS2010_IA32_NASM_FLAGS    = -Ox -f win32 -DRODATA_SECTION_NAME=.rdata
+NOOPT_VS2010_IA32_NASM_FLAGS      = -O0 -f win32 -g -DRODATA_SECTION_NAME=.rdata
 
   DEBUG_VS2010_IA32_DLINK_FLAGS   = /NOLOGO /NODEFAULTLIB /IGNORE:4001 /OPT:REF /OPT:ICF=10 /MAP /ALIGN:32 /SECTION:.xdata,D /SECTION:.pdata,D /MACHINE:X86 /LTCG /DLL /ENTRY:$(IMAGE_ENTRY_POINT) /SUBSYSTEM:EFI_BOOT_SERVICE_DRIVER /SAFESEH:NO /BASE:0 /DRIVER /DEBUG
 RELEASE_VS2010_IA32_DLINK_FLAGS   = /NOLOGO /NODEFAULTLIB /IGNORE:4001 /IGNORE:4254 /OPT:REF /OPT:ICF=10 /MAP /ALIGN:32 /SECTION:.xdata,D /SECTION:.pdata,D /MACHINE:X86 /LTCG /DLL /ENTRY:$(IMAGE_ENTRY_POINT) /SUBSYSTEM:EFI_BOOT_SERVICE_DRIVER /SAFESEH:NO /BASE:0 /DRIVER /MERGE:.rdata=.data
@@ -720,9 +720,9 @@ NOOPT_VS2010_X64_CC_FLAGS       = /nologo /c /WX /GS- /W4 /Gs32768 /D UNICODE /G
 RELEASE_VS2010_X64_ASM_FLAGS    = /nologo /c /WX /W3 /Cx /Zd
 NOOPT_VS2010_X64_ASM_FLAGS    = /nologo /c /WX /W3 /Cx /Zd /Zi
 
-  DEBUG_VS2010_X64_NASM_FLAGS   = -Ox -f win64 -g
-RELEASE_VS2010_X64_NASM_FLAGS   = -Ox -f win64
-NOOPT_VS2010_X64_NASM_FLAGS     = -O0 -f win64 -g
+  DEBUG_VS2010_X64_NASM_FLAGS   = -Ox -f win64 -g -DRODATA_SECTION_NAME=.rdata
+RELEASE_VS2010_X64_NASM_FLAGS   = -Ox -f win64 -DRODATA_SECTION_NAME=.rdata
+NOOPT_VS2010_X64_NASM_FLAGS     = -O0 -f win64 -g -DRODATA_SECTION_NAME=.rdata
 
   DEBUG_VS2010_X64_DLINK_FLAGS  = /NOLOGO /NODEFAULTLIB /IGNORE:4001 /OPT:REF /OPT:ICF=10 /MAP /ALIGN:32 /SECTION:.xdata,D /SECTION:.pdata,D /Machine:X64 /LTCG /DLL /ENTRY:$(IMAGE_ENTRY_POINT) /SUBSYSTEM:EFI_BOOT_SERVICE_DRIVER /SAFESEH:NO /BASE:0 /DRIVER /DEBUG
 RELEASE_VS2010_X64_DLINK_FLAGS  = /NOLOGO /NODEFAULTLIB /IGNORE:4001 /IGNORE:4254 /OPT:REF /OPT:ICF=10 /MAP /ALIGN:32 /SECTION:.xdata,D /SECTION:.pdata,D /Machine:X64 /LTCG /DLL /ENTRY:$(IMAGE_ENTRY_POINT) /SUBSYSTEM:EFI_BOOT_SERVICE_DRIVER /SAFESEH:NO /BASE:0 /DRIVER /MERGE:.rdata=.data
@@ -799,9 +799,9 @@ NOOPT_VS2010x86_IA32_CC_FLAGS      = /nologo /c /WX /GS- /W4 /Gs32768 /D UNICODE
 RELEASE_VS2010x86_IA32_ASM_FLAGS   = /nologo /c /WX /W3 /Cx /coff /Zd
 NOOPT_VS2010x86_IA32_ASM_FLAGS     = /nologo /c /WX /W3 /Cx /coff /Zd /Zi
 
-  DEBUG_VS2010x86_IA32_NASM_FLAGS  = -Ox -f win32 -g
-RELEASE_VS2010x86_IA32_NASM_FLAGS  = -Ox -f win32
-NOOPT_VS2010x86_IA32_NASM_FLAGS    = -O0 -f win32 -g
+  DEBUG_VS2010x86_IA32_NASM_FLAGS  = -Ox -f win32 -g -DRODATA_SECTION_NAME=.rdata
+RELEASE_VS2010x86_IA32_NASM_FLAGS  = -Ox -f win32 -DRODATA_SECTION_NAME=.rdata
+NOOPT_VS2010x86_IA32_NASM_FLAGS    = -O0 -f win32 -g -DRODATA_SECTION_NAME=.rdata
 
   DEBUG_VS2010x86_IA32_DLINK_FLAGS = /NOLOGO /NODEFAULTLIB /IGNORE:4001 /OPT:REF /OPT:ICF=10 /MAP /ALIGN:32 /SECTION:.xdata,D /SECTION:.pdata,D /MACHINE:X86 /LTCG /DLL /ENTRY:$(IMAGE_ENTRY_POINT) /SUBSYSTEM:EFI_BOOT_SERVICE_DRIVER /SAFESEH:NO /BASE:0 /DRIVER /DEBUG
 RELEASE_VS2010x86_IA32_DLINK_FLAGS = /NOLOGO /NODEFAULTLIB /IGNORE:4001 /IGNORE:4254 /OPT:REF /OPT:ICF=10 /MAP /ALIGN:32 /SECTION:.xdata,D /SECTION:.pdata,D /MACHINE:X86 /LTCG /DLL /ENTRY:$(IMAGE_ENTRY_POINT) /SUBSYSTEM:EFI_BOOT_SERVICE_DRIVER /SAFESEH:NO /BASE:0 /DRIVER /MERGE:.rdata=.data
@@ -831,9 +831,9 @@ NOOPT_VS2010x86_X64_CC_FLAGS       = /nologo /c /WX /GS- /W4 /Gs32768 /D UNICODE
 RELEASE_VS2010x86_X64_ASM_FLAGS    = /nologo /c /WX /W3 /Cx /Zd
 NOOPT_VS2010x86_X64_ASM_FLAGS      = /nologo /c /WX /W3 /Cx /Zd /Zi
 
-  DEBUG_VS2010x86_X64_NASM_FLAGS   = -Ox -f win64 -g
-RELEASE_VS2010x86_X64_NASM_FLAGS   = -Ox -f win64
-NOOPT_VS2010x86_X64_NASM_FLAGS     = -O0 -f win64 -g
+  DEBUG_VS2010x86_X64_NASM_FLAGS   = -Ox -f win64 -g -DRODATA_SECTION_NAME=.rdata
+RELEASE_VS2010x86_X64_NASM_FLAGS   = -Ox -f win64 -DRODATA_SECTION_NAME=.rdata
+NOOPT_VS2010x86_X64_NASM_FLAGS     = -O0 -f win64 -g -DRODATA_SECTION_NAME=.rdata
 
   DEBUG_VS2010x86_X64_DLINK_FLAGS  = /NOLOGO /NODEFAULTLIB /IGNORE:4001 /OPT:REF /OPT:ICF=10 /MAP /ALIGN:32 /SECTION:.xdata,D /SECTION:.pdata,D /Machine:X64 /LTCG /DLL /ENTRY:$(IMAGE_ENTRY_POINT) /SUBSYSTEM:EFI_BOOT_SERVICE_DRIVER /SAFESEH:NO /BASE:0 /DRIVER /DEBUG
 RELEASE_VS2010x86_X64_DLINK_FLAGS  = /NOLOGO /NODEFAULTLIB /IGNORE:4001 /IGNORE:4254 /OPT:REF /OPT:ICF=10 /MAP /ALIGN:32 /SECTION:.xdata,D /SECTION:.pdata,D /Machine:X64 /LTCG /DLL /ENTRY:$(IMAGE_ENTRY_POINT) /SUBSYSTEM:EFI_BOOT_SERVICE_DRIVER /SAFESEH:NO /BASE:0 /DRIVER /MERGE:.rdata=.data
@@ -913,9 +913,9 @@ NOOPT_VS2012_IA32_CC_FLAGS        = /nologo /arch:IA32 /c /WX /GS- /W4 /Gs32768
 RELEASE_VS2012_IA32_ASM_FLAGS     = /nologo /c /WX /W3 /Cx /coff /Zd
 NOOPT_VS2012_IA32_ASM_FLAGS       = /nologo /c /WX /W3 /Cx /coff /Zd /Zi
 
-  DEBUG_VS2012_IA32_NASM_FLAGS    = -Ox -f win32 -g
-RELEASE_VS2012_IA32_NASM_FLAGS    = -Ox -f win32
-NOOPT_VS2012_IA32_NASM_FLAGS      = -O0 -f win32 -g
+  DEBUG_VS2012_IA32_NASM_FLAGS    = -Ox -f win32 -g -DRODATA_SECTION_NAME=.rdata
+RELEASE_VS2012_IA32_NASM_FLAGS    = -Ox -f win32 -DRODATA_SECTION_NAME=.rdata
+NOOPT_VS2012_IA32_NASM_FLAGS      = -O0 -f win32 -g -DRODATA_SECTION_NAME=.rdata
 
   DEBUG_VS2012_IA32_DLINK_FLAGS   = /NOLOGO /NODEFAULTLIB /IGNORE:4001 /OPT:REF /OPT:ICF=10 /MAP /ALIGN:32 /SECTION:.xdata,D /SECTION:.pdata,D /MACHINE:X86 /LTCG /DLL /ENTRY:$(IMAGE_ENTRY_POINT) /SUBSYSTEM:EFI_BOOT_SERVICE_DRIVER /SAFESEH:NO /BASE:0 /DRIVER /DEBUG
 RELEASE_VS2012_IA32_DLINK_FLAGS   = /NOLOGO /NODEFAULTLIB /IGNORE:4001 /IGNORE:4254 /OPT:REF /OPT:ICF=10 /MAP /ALIGN:32 /SECTION:.xdata,D /SECTION:.pdata,D /MACHINE:X86 /LTCG /DLL /ENTRY:$(IMAGE_ENTRY_POINT) /SUBSYSTEM:EFI_BOOT_SERVICE_DRIVER /SAFESEH:NO /BASE:0 /DRIVER /MERGE:.rdata=.data
@@ -945,9 +945,9 @@ NOOPT_VS2012_X64_CC_FLAGS       = /nologo /c /WX /GS- /W4 /Gs32768 /D UNICODE /G
 RELEASE_VS2012_X64_ASM_FLAGS    = /nologo /c /WX /W3 /Cx /Zd
 NOOPT_VS2012_X64_ASM_FLAGS    = /nologo /c /WX /W3 /Cx /Zd /Zi
 
-  DEBUG_VS2012_X64_NASM_FLAGS   = -Ox -f win64 -g
-RELEASE_VS2012_X64_NASM_FLAGS   = -Ox -f win64
-NOOPT_VS2012_X64_NASM_FLAGS     = -O0 -f win64 -g
+  DEBUG_VS2012_X64_NASM_FLAGS   = -Ox -f win64 -g -DRODATA_SECTION_NAME=.rdata
+RELEASE_VS2012_X64_NASM_FLAGS   = -Ox -f win64 -DRODATA_SECTION_NAME=.rdata
+NOOPT_VS2012_X64_NASM_FLAGS     = -O0 -f win64 -g -DRODATA_SECTION_NAME=.rdata
 
   DEBUG_VS2012_X64_DLINK_FLAGS  = /NOLOGO /NODEFAULTLIB /IGNORE:4001 /OPT:REF /OPT:ICF=10 /MAP /ALIGN:32 /SECTION:.xdata,D /SECTION:.pdata,D /Machine:X64 /LTCG /DLL /ENTRY:$(IMAGE_ENTRY_POINT) /SUBSYSTEM:EFI_BOOT_SERVICE_DRIVER /SAFESEH:NO /BASE:0 /DRIVER /DEBUG
 RELEASE_VS2012_X64_DLINK_FLAGS  = /NOLOGO /NODEFAULTLIB /IGNORE:4001 /IGNORE:4254 /OPT:REF /OPT:ICF=10 /MAP /ALIGN:32 /SECTION:.xdata,D /SECTION:.pdata,D /Machine:X64 /LTCG /DLL /ENTRY:$(IMAGE_ENTRY_POINT) /SUBSYSTEM:EFI_BOOT_SERVICE_DRIVER /SAFESEH:NO /BASE:0 /DRIVER /MERGE:.rdata=.data
@@ -1024,9 +1024,9 @@ NOOPT_VS2012x86_IA32_CC_FLAGS      = /nologo /arch:IA32 /c /WX /GS- /W4 /Gs32768
 RELEASE_VS2012x86_IA32_ASM_FLAGS   = /nologo /c /WX /W3 /Cx /coff /Zd
 NOOPT_VS2012x86_IA32_ASM_FLAGS     = /nologo /c /WX /W3 /Cx /coff /Zd /Zi
 
-  DEBUG_VS2012x86_IA32_NASM_FLAGS  = -Ox -f win32 -g
-RELEASE_VS2012x86_IA32_NASM_FLAGS  = -Ox -f win32
-NOOPT_VS2012x86_IA32_NASM_FLAGS    = -O0 -f win32 -g
+  DEBUG_VS2012x86_IA32_NASM_FLAGS  = -Ox -f win32 -g -DRODATA_SECTION_NAME=.rdata
+RELEASE_VS2012x86_IA32_NASM_FLAGS  = -Ox -f win32 -DRODATA_SECTION_NAME=.rdata
+NOOPT_VS2012x86_IA32_NASM_FLAGS    = -O0 -f win32 -g -DRODATA_SECTION_NAME=.rdata
 
   DEBUG_VS2012x86_IA32_DLINK_FLAGS = /NOLOGO /NODEFAULTLIB /IGNORE:4001 /OPT:REF /OPT:ICF=10 /MAP /ALIGN:32 /SECTION:.xdata,D /SECTION:.pdata,D /MACHINE:X86 /LTCG /DLL /ENTRY:$(IMAGE_ENTRY_POINT) /SUBSYSTEM:EFI_BOOT_SERVICE_DRIVER /SAFESEH:NO /BASE:0 /DRIVER /DEBUG
 RELEASE_VS2012x86_IA32_DLINK_FLAGS = /NOLOGO /NODEFAULTLIB /IGNORE:4001 /IGNORE:4254 /OPT:REF /OPT:ICF=10 /MAP /ALIGN:32 /SECTION:.xdata,D /SECTION:.pdata,D /MACHINE:X86 /LTCG /DLL /ENTRY:$(IMAGE_ENTRY_POINT) /SUBSYSTEM:EFI_BOOT_SERVICE_DRIVER /SAFESEH:NO /BASE:0 /DRIVER /MERGE:.rdata=.data
@@ -1056,9 +1056,9 @@ NOOPT_VS2012x86_X64_CC_FLAGS       = /nologo /c /WX /GS- /W4 /Gs32768 /D UNICODE
 RELEASE_VS2012x86_X64_ASM_FLAGS    = /nologo /c /WX /W3 /Cx /Zd
 NOOPT_VS2012x86_X64_ASM_FLAGS      = /nologo /c /WX /W3 /Cx /Zd /Zi
 
-  DEBUG_VS2012x86_X64_NASM_FLAGS   = -Ox -f win64 -g
-RELEASE_VS2012x86_X64_NASM_FLAGS   = -Ox -f win64
-NOOPT_VS2012x86_X64_NASM_FLAGS     = -O0 -f win64 -g
+  DEBUG_VS2012x86_X64_NASM_FLAGS   = -Ox -f win64 -g -DRODATA_SECTION_NAME=.rdata
+RELEASE_VS2012x86_X64_NASM_FLAGS   = -Ox -f win64 -DRODATA_SECTION_NAME=.rdata
+NOOPT_VS2012x86_X64_NASM_FLAGS     = -O0 -f win64 -g -DRODATA_SECTION_NAME=.rdata
 
   DEBUG_VS2012x86_X64_DLINK_FLAGS  = /NOLOGO /NODEFAULTLIB /IGNORE:4001 /OPT:REF /OPT:ICF=10 /MAP /ALIGN:32 /SECTION:.xdata,D /SECTION:.pdata,D /Machine:X64 /LTCG /DLL /ENTRY:$(IMAGE_ENTRY_POINT) /SUBSYSTEM:EFI_BOOT_SERVICE_DRIVER /SAFESEH:NO /BASE:0 /DRIVER /DEBUG
 RELEASE_VS2012x86_X64_DLINK_FLAGS  = /NOLOGO /NODEFAULTLIB /IGNORE:4001 /IGNORE:4254 /OPT:REF /OPT:ICF=10 /MAP /ALIGN:32 /SECTION:.xdata,D /SECTION:.pdata,D /Machine:X64 /LTCG /DLL /ENTRY:$(IMAGE_ENTRY_POINT) /SUBSYSTEM:EFI_BOOT_SERVICE_DRIVER /SAFESEH:NO /BASE:0 /DRIVER /MERGE:.rdata=.data
@@ -1138,9 +1138,9 @@ NOOPT_VS2013_IA32_CC_FLAGS        = /nologo /arch:IA32 /c /WX /GS- /W4 /Gs32768
 RELEASE_VS2013_IA32_ASM_FLAGS     = /nologo /c /WX /W3 /Cx /coff /Zd
 NOOPT_VS2013_IA32_ASM_FLAGS       = /nologo /c /WX /W3 /Cx /coff /Zd /Zi
 
-  DEBUG_VS2013_IA32_NASM_FLAGS    = -Ox -f win32 -g
-RELEASE_VS2013_IA32_NASM_FLAGS    = -Ox -f win32
-NOOPT_VS2013_IA32_NASM_FLAGS      = -O0 -f win32 -g
+  DEBUG_VS2013_IA32_NASM_FLAGS    = -Ox -f win32 -g -DRODATA_SECTION_NAME=.rdata
+RELEASE_VS2013_IA32_NASM_FLAGS    = -Ox -f win32 -DRODATA_SECTION_NAME=.rdata
+NOOPT_VS2013_IA32_NASM_FLAGS      = -O0 -f win32 -g -DRODATA_SECTION_NAME=.rdata
 
   DEBUG_VS2013_IA32_DLINK_FLAGS   = /NOLOGO /NODEFAULTLIB /IGNORE:4001 /OPT:REF /OPT:ICF=10 /MAP /ALIGN:32 /SECTION:.xdata,D /SECTION:.pdata,D /MACHINE:X86 /LTCG /DLL /ENTRY:$(IMAGE_ENTRY_POINT) /SUBSYSTEM:EFI_BOOT_SERVICE_DRIVER /SAFESEH:NO /BASE:0 /DRIVER /DEBUG
 RELEASE_VS2013_IA32_DLINK_FLAGS   = /NOLOGO /NODEFAULTLIB /IGNORE:4001 /IGNORE:4254 /OPT:REF /OPT:ICF=10 /MAP /ALIGN:32 /SECTION:.xdata,D /SECTION:.pdata,D /MACHINE:X86 /LTCG /DLL /ENTRY:$(IMAGE_ENTRY_POINT) /SUBSYSTEM:EFI_BOOT_SERVICE_DRIVER /SAFESEH:NO /BASE:0 /DRIVER /MERGE:.rdata=.data
@@ -1170,9 +1170,9 @@ NOOPT_VS2013_X64_CC_FLAGS       = /nologo /c /WX /GS- /W4 /Gs32768 /D UNICODE /G
 RELEASE_VS2013_X64_ASM_FLAGS    = /nologo /c /WX /W3 /Cx /Zd
 NOOPT_VS2013_X64_ASM_FLAGS    = /nologo /c /WX /W3 /Cx /Zd /Zi
 
-  DEBUG_VS2013_X64_NASM_FLAGS   = -Ox -f win64 -g
-RELEASE_VS2013_X64_NASM_FLAGS   = -Ox -f win64
-NOOPT_VS2013_X64_NASM_FLAGS     = -O0 -f win64 -g
+  DEBUG_VS2013_X64_NASM_FLAGS   = -Ox -f win64 -g -DRODATA_SECTION_NAME=.rdata
+RELEASE_VS2013_X64_NASM_FLAGS   = -Ox -f win64 -DRODATA_SECTION_NAME=.rdata
+NOOPT_VS2013_X64_NASM_FLAGS     = -O0 -f win64 -g -DRODATA_SECTION_NAME=.rdata
 
   DEBUG_VS2013_X64_DLINK_FLAGS  = /NOLOGO /NODEFAULTLIB /IGNORE:4001 /OPT:REF /OPT:ICF=10 /MAP /ALIGN:32 /SECTION:.xdata,D /SECTION:.pdata,D /Machine:X64 /LTCG /DLL /ENTRY:$(IMAGE_ENTRY_POINT) /SUBSYSTEM:EFI_BOOT_SERVICE_DRIVER /SAFESEH:NO /BASE:0 /DRIVER /DEBUG
 RELEASE_VS2013_X64_DLINK_FLAGS  = /NOLOGO /NODEFAULTLIB /IGNORE:4001 /IGNORE:4254 /OPT:REF /OPT:ICF=10 /MAP /ALIGN:32 /SECTION:.xdata,D /SECTION:.pdata,D /Machine:X64 /LTCG /DLL /ENTRY:$(IMAGE_ENTRY_POINT) /SUBSYSTEM:EFI_BOOT_SERVICE_DRIVER /SAFESEH:NO /BASE:0 /DRIVER /MERGE:.rdata=.data
@@ -1249,9 +1249,9 @@ NOOPT_VS2013x86_IA32_CC_FLAGS      = /nologo /arch:IA32 /c /WX /GS- /W4 /Gs32768
 RELEASE_VS2013x86_IA32_ASM_FLAGS   = /nologo /c /WX /W3 /Cx /coff /Zd
 NOOPT_VS2013x86_IA32_ASM_FLAGS     = /nologo /c /WX /W3 /Cx /coff /Zd /Zi
 
-  DEBUG_VS2013x86_IA32_NASM_FLAGS  = -Ox -f win32 -g
-RELEASE_VS2013x86_IA32_NASM_FLAGS  = -Ox -f win32
-NOOPT_VS2013x86_IA32_NASM_FLAGS    = -O0 -f win32 -g
+  DEBUG_VS2013x86_IA32_NASM_FLAGS  = -Ox -f win32 -g -DRODATA_SECTION_NAME=.rdata
+RELEASE_VS2013x86_IA32_NASM_FLAGS  = -Ox -f win32 -DRODATA_SECTION_NAME=.rdata
+NOOPT_VS2013x86_IA32_NASM_FLAGS    = -O0 -f win32 -g -DRODATA_SECTION_NAME=.rdata
 
   DEBUG_VS2013x86_IA32_DLINK_FLAGS = /NOLOGO /NODEFAULTLIB /IGNORE:4001 /OPT:REF /OPT:ICF=10 /MAP /ALIGN:32 /SECTION:.xdata,D /SECTION:.pdata,D /MACHINE:X86 /LTCG /DLL /ENTRY:$(IMAGE_ENTRY_POINT) /SUBSYSTEM:EFI_BOOT_SERVICE_DRIVER /SAFESEH:NO /BASE:0 /DRIVER /DEBUG
 RELEASE_VS2013x86_IA32_DLINK_FLAGS = /NOLOGO /NODEFAULTLIB /IGNORE:4001 /IGNORE:4254 /OPT:REF /OPT:ICF=10 /MAP /ALIGN:32 /SECTION:.xdata,D /SECTION:.pdata,D /MACHINE:X86 /LTCG /DLL /ENTRY:$(IMAGE_ENTRY_POINT) /SUBSYSTEM:EFI_BOOT_SERVICE_DRIVER /SAFESEH:NO /BASE:0 /DRIVER /MERGE:.rdata=.data
@@ -1281,9 +1281,9 @@ NOOPT_VS2013x86_X64_CC_FLAGS       = /nologo /c /WX /GS- /W4 /Gs32768 /D UNICODE
 RELEASE_VS2013x86_X64_ASM_FLAGS    = /nologo /c /WX /W3 /Cx /Zd
 NOOPT_VS2013x86_X64_ASM_FLAGS      = /nologo /c /WX /W3 /Cx /Zd /Zi
 
-  DEBUG_VS2013x86_X64_NASM_FLAGS   = -Ox -f win64 -g
-RELEASE_VS2013x86_X64_NASM_FLAGS   = -Ox -f win64
-NOOPT_VS2013x86_X64_NASM_FLAGS     = -O0 -f win64 -g
+  DEBUG_VS2013x86_X64_NASM_FLAGS   = -Ox -f win64 -g -DRODATA_SECTION_NAME=.rdata
+RELEASE_VS2013x86_X64_NASM_FLAGS   = -Ox -f win64 -DRODATA_SECTION_NAME=.rdata
+NOOPT_VS2013x86_X64_NASM_FLAGS     = -O0 -f win64 -g -DRODATA_SECTION_NAME=.rdata
 
   DEBUG_VS2013x86_X64_DLINK_FLAGS  = /NOLOGO /NODEFAULTLIB /IGNORE:4001 /OPT:REF /OPT:ICF=10 /MAP /ALIGN:32 /SECTION:.xdata,D /SECTION:.pdata,D /Machine:X64 /LTCG /DLL /ENTRY:$(IMAGE_ENTRY_POINT) /SUBSYSTEM:EFI_BOOT_SERVICE_DRIVER /SAFESEH:NO /BASE:0 /DRIVER /DEBUG
 RELEASE_VS2013x86_X64_DLINK_FLAGS  = /NOLOGO /NODEFAULTLIB /IGNORE:4001 /IGNORE:4254 /OPT:REF /OPT:ICF=10 /MAP /ALIGN:32 /SECTION:.xdata,D /SECTION:.pdata,D /Machine:X64 /LTCG /DLL /ENTRY:$(IMAGE_ENTRY_POINT) /SUBSYSTEM:EFI_BOOT_SERVICE_DRIVER /SAFESEH:NO /BASE:0 /DRIVER /MERGE:.rdata=.data
@@ -1364,9 +1364,9 @@ NOOPT_VS2015_IA32_CC_FLAGS        = /nologo /arch:IA32 /c /WX /GS- /W4 /Gs32768
 RELEASE_VS2015_IA32_ASM_FLAGS     = /nologo /c /WX /W3 /Cx /coff /Zd
 NOOPT_VS2015_IA32_ASM_FLAGS       = /nologo /c /WX /W3 /Cx /coff /Zd /Zi
 
-  DEBUG_VS2015_IA32_NASM_FLAGS    = -Ox -f win32 -g
-RELEASE_VS2015_IA32_NASM_FLAGS    = -Ox -f win32
-NOOPT_VS2015_IA32_NASM_FLAGS      = -O0 -f win32 -g
+  DEBUG_VS2015_IA32_NASM_FLAGS    = -Ox -f win32 -g -DRODATA_SECTION_NAME=.rdata
+RELEASE_VS2015_IA32_NASM_FLAGS    = -Ox -f win32 -DRODATA_SECTION_NAME=.rdata
+NOOPT_VS2015_IA32_NASM_FLAGS      = -O0 -f win32 -g -DRODATA_SECTION_NAME=.rdata
 
   DEBUG_VS2015_IA32_DLINK_FLAGS   = /NOLOGO /NODEFAULTLIB /IGNORE:4001 /OPT:REF /OPT:ICF=10 /MAP /ALIGN:32 /SECTION:.xdata,D /SECTION:.pdata,D /MACHINE:X86 /LTCG /DLL /ENTRY:$(IMAGE_ENTRY_POINT) /SUBSYSTEM:EFI_BOOT_SERVICE_DRIVER /SAFESEH:NO /BASE:0 /DRIVER /DEBUG
 RELEASE_VS2015_IA32_DLINK_FLAGS   = /NOLOGO /NODEFAULTLIB /IGNORE:4001 /IGNORE:4254 /OPT:REF /OPT:ICF=10 /MAP /ALIGN:32 /SECTION:.xdata,D /SECTION:.pdata,D /MACHINE:X86 /LTCG /DLL /ENTRY:$(IMAGE_ENTRY_POINT) /SUBSYSTEM:EFI_BOOT_SERVICE_DRIVER /SAFESEH:NO /BASE:0 /DRIVER /MERGE:.rdata=.data
@@ -1396,9 +1396,9 @@ NOOPT_VS2015_X64_CC_FLAGS       = /nologo /c /WX /GS- /W4 /Gs32768 /D UNICODE /G
 RELEASE_VS2015_X64_ASM_FLAGS    = /nologo /c /WX /W3 /Cx /Zd
 NOOPT_VS2015_X64_ASM_FLAGS    = /nologo /c /WX /W3 /Cx /Zd /Zi
 
-  DEBUG_VS2015_X64_NASM_FLAGS   = -Ox -f win64 -g
-RELEASE_VS2015_X64_NASM_FLAGS   = -Ox -f win64
-NOOPT_VS2015_X64_NASM_FLAGS     = -O0 -f win64 -g
+  DEBUG_VS2015_X64_NASM_FLAGS   = -Ox -f win64 -g -DRODATA_SECTION_NAME=.rdata
+RELEASE_VS2015_X64_NASM_FLAGS   = -Ox -f win64 -DRODATA_SECTION_NAME=.rdata
+NOOPT_VS2015_X64_NASM_FLAGS     = -O0 -f win64 -g -DRODATA_SECTION_NAME=.rdata
 
   DEBUG_VS2015_X64_DLINK_FLAGS  = /NOLOGO /NODEFAULTLIB /IGNORE:4001 /OPT:REF /OPT:ICF=10 /MAP /ALIGN:32 /SECTION:.xdata,D /SECTION:.pdata,D /Machine:X64 /LTCG /DLL /ENTRY:$(IMAGE_ENTRY_POINT) /SUBSYSTEM:EFI_BOOT_SERVICE_DRIVER /SAFESEH:NO /BASE:0 /DRIVER /DEBUG
 RELEASE_VS2015_X64_DLINK_FLAGS  = /NOLOGO /NODEFAULTLIB /IGNORE:4001 /IGNORE:4254 /OPT:REF /OPT:ICF=10 /MAP /ALIGN:32 /SECTION:.xdata,D /SECTION:.pdata,D /Machine:X64 /LTCG /DLL /ENTRY:$(IMAGE_ENTRY_POINT) /SUBSYSTEM:EFI_BOOT_SERVICE_DRIVER /SAFESEH:NO /BASE:0 /DRIVER /MERGE:.rdata=.data
@@ -1476,9 +1476,9 @@ NOOPT_VS2015x86_IA32_CC_FLAGS      = /nologo /arch:IA32 /c /WX /GS- /W4 /Gs32768
 RELEASE_VS2015x86_IA32_ASM_FLAGS   = /nologo /c /WX /W3 /Cx /coff /Zd
 NOOPT_VS2015x86_IA32_ASM_FLAGS     = /nologo /c /WX /W3 /Cx /coff /Zd /Zi
 
-  DEBUG_VS2015x86_IA32_NASM_FLAGS  = -Ox -f win32 -g
-RELEASE_VS2015x86_IA32_NASM_FLAGS  = -Ox -f win32
-NOOPT_VS2015x86_IA32_NASM_FLAGS    = -O0 -f win32 -g
+  DEBUG_VS2015x86_IA32_NASM_FLAGS  = -Ox -f win32 -g -DRODATA_SECTION_NAME=.rdata
+RELEASE_VS2015x86_IA32_NASM_FLAGS  = -Ox -f win32 -DRODATA_SECTION_NAME=.rdata
+NOOPT_VS2015x86_IA32_NASM_FLAGS    = -O0 -f win32 -g -DRODATA_SECTION_NAME=.rdata
 
   DEBUG_VS2015x86_IA32_DLINK_FLAGS = /NOLOGO /NODEFAULTLIB /IGNORE:4001 /OPT:REF /OPT:ICF=10 /MAP /ALIGN:32 /SECTION:.xdata,D /SECTION:.pdata,D /MACHINE:X86 /LTCG /DLL /ENTRY:$(IMAGE_ENTRY_POINT) /SUBSYSTEM:EFI_BOOT_SERVICE_DRIVER /SAFESEH:NO /BASE:0 /DRIVER /DEBUG
 RELEASE_VS2015x86_IA32_DLINK_FLAGS = /NOLOGO /NODEFAULTLIB /IGNORE:4001 /IGNORE:4254 /OPT:REF /OPT:ICF=10 /MAP /ALIGN:32 /SECTION:.xdata,D /SECTION:.pdata,D /MACHINE:X86 /LTCG /DLL /ENTRY:$(IMAGE_ENTRY_POINT) /SUBSYSTEM:EFI_BOOT_SERVICE_DRIVER /SAFESEH:NO /BASE:0 /DRIVER /MERGE:.rdata=.data
@@ -1508,9 +1508,9 @@ NOOPT_VS2015x86_X64_CC_FLAGS       = /nologo /c /WX /GS- /W4 /Gs32768 /D UNICODE
 RELEASE_VS2015x86_X64_ASM_FLAGS    = /nologo /c /WX /W3 /Cx /Zd
 NOOPT_VS2015x86_X64_ASM_FLAGS      = /nologo /c /WX /W3 /Cx /Zd /Zi
 
-  DEBUG_VS2015x86_X64_NASM_FLAGS   = -Ox -f win64 -g
-RELEASE_VS2015x86_X64_NASM_FLAGS   = -Ox -f win64
-NOOPT_VS2015x86_X64_NASM_FLAGS     = -O0 -f win64 -g
+  DEBUG_VS2015x86_X64_NASM_FLAGS   = -Ox -f win64 -g -DRODATA_SECTION_NAME=.rdata
+RELEASE_VS2015x86_X64_NASM_FLAGS   = -Ox -f win64 -DRODATA_SECTION_NAME=.rdata
+NOOPT_VS2015x86_X64_NASM_FLAGS     = -O0 -f win64 -g -DRODATA_SECTION_NAME=.rdata
 
   DEBUG_VS2015x86_X64_DLINK_FLAGS  = /NOLOGO /NODEFAULTLIB /IGNORE:4001 /OPT:REF /OPT:ICF=10 /MAP /ALIGN:32 /SECTION:.xdata,D /SECTION:.pdata,D /Machine:X64 /LTCG /DLL /ENTRY:$(IMAGE_ENTRY_POINT) /SUBSYSTEM:EFI_BOOT_SERVICE_DRIVER /SAFESEH:NO /BASE:0 /DRIVER /DEBUG
 RELEASE_VS2015x86_X64_DLINK_FLAGS  = /NOLOGO /NODEFAULTLIB /IGNORE:4001 /IGNORE:4254 /OPT:REF /OPT:ICF=10 /MAP /ALIGN:32 /SECTION:.xdata,D /SECTION:.pdata,D /Machine:X64 /LTCG /DLL /ENTRY:$(IMAGE_ENTRY_POINT) /SUBSYSTEM:EFI_BOOT_SERVICE_DRIVER /SAFESEH:NO /BASE:0 /DRIVER /MERGE:.rdata=.data
@@ -1586,9 +1586,9 @@ NOOPT_VS2017_IA32_CC_FLAGS      = /nologo /arch:IA32 /c /WX /GS- /W4 /Gs32768 /D
 RELEASE_VS2017_IA32_ASM_FLAGS   = /nologo /c /WX /W3 /Cx /coff /Zd
 NOOPT_VS2017_IA32_ASM_FLAGS     = /nologo /c /WX /W3 /Cx /coff /Zd /Zi
 
-  DEBUG_VS2017_IA32_NASM_FLAGS  = -Ox -f win32 -g
-RELEASE_VS2017_IA32_NASM_FLAGS  = -Ox -f win32
-NOOPT_VS2017_IA32_NASM_FLAGS    = -O0 -f win32 -g
+  DEBUG_VS2017_IA32_NASM_FLAGS  = -Ox -f win32 -g -DRODATA_SECTION_NAME=.rdata
+RELEASE_VS2017_IA32_NASM_FLAGS  = -Ox -f win32 -DRODATA_SECTION_NAME=.rdata
+NOOPT_VS2017_IA32_NASM_FLAGS    = -O0 -f win32 -g -DRODATA_SECTION_NAME=.rdata
 
   DEBUG_VS2017_IA32_DLINK_FLAGS = /NOLOGO /NODEFAULTLIB /IGNORE:4001 /OPT:REF /OPT:ICF=10 /MAP /ALIGN:32 /SECTION:.xdata,D /SECTION:.pdata,D /MACHINE:X86 /LTCG /DLL /ENTRY:$(IMAGE_ENTRY_POINT) /SUBSYSTEM:EFI_BOOT_SERVICE_DRIVER /SAFESEH:NO /BASE:0 /DRIVER /DEBUG
 RELEASE_VS2017_IA32_DLINK_FLAGS = /NOLOGO /NODEFAULTLIB /IGNORE:4001 /IGNORE:4254 /OPT:REF /OPT:ICF=10 /MAP /ALIGN:32 /SECTION:.xdata,D /SECTION:.pdata,D /MACHINE:X86 /LTCG /DLL /ENTRY:$(IMAGE_ENTRY_POINT) /SUBSYSTEM:EFI_BOOT_SERVICE_DRIVER /SAFESEH:NO /BASE:0 /DRIVER /MERGE:.rdata=.data
@@ -1616,9 +1616,9 @@ NOOPT_VS2017_X64_CC_FLAGS       = /nologo /c /WX /GS- /W4 /Gs32768 /D UNICODE /G
 RELEASE_VS2017_X64_ASM_FLAGS    = /nologo /c /WX /W3 /Cx /Zd
 NOOPT_VS2017_X64_ASM_FLAGS      = /nologo /c /WX /W3 /Cx /Zd /Zi
 
-  DEBUG_VS2017_X64_NASM_FLAGS   = -Ox -f win64 -g
-RELEASE_VS2017_X64_NASM_FLAGS   = -Ox -f win64
-NOOPT_VS2017_X64_NASM_FLAGS     = -O0 -f win64 -g
+  DEBUG_VS2017_X64_NASM_FLAGS   = -Ox -f win64 -g -DRODATA_SECTION_NAME=.rdata
+RELEASE_VS2017_X64_NASM_FLAGS   = -Ox -f win64 -DRODATA_SECTION_NAME=.rdata
+NOOPT_VS2017_X64_NASM_FLAGS     = -O0 -f win64 -g -DRODATA_SECTION_NAME=.rdata
 
   DEBUG_VS2017_X64_DLINK_FLAGS  = /NOLOGO /NODEFAULTLIB /IGNORE:4001 /IGNORE:4281 /OPT:REF /OPT:ICF=10 /MAP /ALIGN:32 /SECTION:.xdata,D /SECTION:.pdata,D /Machine:X64 /LTCG /DLL /ENTRY:$(IMAGE_ENTRY_POINT) /SUBSYSTEM:EFI_BOOT_SERVICE_DRIVER /SAFESEH:NO /BASE:0 /DRIVER /DEBUG
 RELEASE_VS2017_X64_DLINK_FLAGS  = /NOLOGO /NODEFAULTLIB /IGNORE:4001 /IGNORE:4281 /IGNORE:4254 /OPT:REF /OPT:ICF=10 /MAP /ALIGN:32 /SECTION:.xdata,D /SECTION:.pdata,D /Machine:X64 /LTCG /DLL /ENTRY:$(IMAGE_ENTRY_POINT) /SUBSYSTEM:EFI_BOOT_SERVICE_DRIVER /SAFESEH:NO /BASE:0 /DRIVER /MERGE:.rdata=.data
@@ -1744,9 +1744,9 @@ NOOPT_VS2019_IA32_CC_FLAGS      = /nologo /arch:IA32 /c /WX /GS- /W4 /Gs32768 /D
 RELEASE_VS2019_IA32_ASM_FLAGS   = /nologo /c /WX /W3 /Cx /coff /Zd
 NOOPT_VS2019_IA32_ASM_FLAGS     = /nologo /c /WX /W3 /Cx /coff /Zd /Zi
 
-  DEBUG_VS2019_IA32_NASM_FLAGS  = -Ox -f win32 -g
-RELEASE_VS2019_IA32_NASM_FLAGS  = -Ox -f win32
-NOOPT_VS2019_IA32_NASM_FLAGS    = -O0 -f win32 -g
+  DEBUG_VS2019_IA32_NASM_FLAGS  = -Ox -f win32 -g -DRODATA_SECTION_NAME=.rdata
+RELEASE_VS2019_IA32_NASM_FLAGS  = -Ox -f win32 -DRODATA_SECTION_NAME=.rdata
+NOOPT_VS2019_IA32_NASM_FLAGS    = -O0 -f win32 -g -DRODATA_SECTION_NAME=.rdata
 
   DEBUG_VS2019_IA32_DLINK_FLAGS = /NOLOGO /NODEFAULTLIB /IGNORE:4001 /OPT:REF /OPT:ICF=10 /MAP /ALIGN:32 /SECTION:.xdata,D /SECTION:.pdata,D /MACHINE:X86 /LTCG /DLL /ENTRY:$(IMAGE_ENTRY_POINT) /SUBSYSTEM:EFI_BOOT_SERVICE_DRIVER /SAFESEH:NO /BASE:0 /DRIVER /DEBUG
 RELEASE_VS2019_IA32_DLINK_FLAGS = /NOLOGO /NODEFAULTLIB /IGNORE:4001 /IGNORE:4254 /OPT:REF /OPT:ICF=10 /MAP /ALIGN:32 /SECTION:.xdata,D /SECTION:.pdata,D /MACHINE:X86 /LTCG /DLL /ENTRY:$(IMAGE_ENTRY_POINT) /SUBSYSTEM:EFI_BOOT_SERVICE_DRIVER /SAFESEH:NO /BASE:0 /DRIVER /MERGE:.rdata=.data
@@ -1774,9 +1774,9 @@ NOOPT_VS2019_X64_CC_FLAGS       = /nologo /c /WX /GS- /W4 /Gs32768 /D UNICODE /G
 RELEASE_VS2019_X64_ASM_FLAGS    = /nologo /c /WX /W3 /Cx /Zd
 NOOPT_VS2019_X64_ASM_FLAGS      = /nologo /c /WX /W3 /Cx /Zd /Zi
 
-  DEBUG_VS2019_X64_NASM_FLAGS   = -Ox -f win64 -g
-RELEASE_VS2019_X64_NASM_FLAGS   = -Ox -f win64
-NOOPT_VS2019_X64_NASM_FLAGS     = -O0 -f win64 -g
+  DEBUG_VS2019_X64_NASM_FLAGS   = -Ox -f win64 -g -DRODATA_SECTION_NAME=.rdata
+RELEASE_VS2019_X64_NASM_FLAGS   = -Ox -f win64 -DRODATA_SECTION_NAME=.rdata
+NOOPT_VS2019_X64_NASM_FLAGS     = -O0 -f win64 -g -DRODATA_SECTION_NAME=.rdata
 
   DEBUG_VS2019_X64_DLINK_FLAGS  = /NOLOGO /NODEFAULTLIB /IGNORE:4001 /IGNORE:4281 /OPT:REF /OPT:ICF=10 /MAP /ALIGN:32 /SECTION:.xdata,D /SECTION:.pdata,D /Machine:X64 /LTCG /DLL /ENTRY:$(IMAGE_ENTRY_POINT) /SUBSYSTEM:EFI_BOOT_SERVICE_DRIVER /SAFESEH:NO /BASE:0 /DRIVER /DEBUG
 RELEASE_VS2019_X64_DLINK_FLAGS  = /NOLOGO /NODEFAULTLIB /IGNORE:4001 /IGNORE:4281 /IGNORE:4254 /OPT:REF /OPT:ICF=10 /MAP /ALIGN:32 /SECTION:.xdata,D /SECTION:.pdata,D /Machine:X64 /LTCG /DLL /ENTRY:$(IMAGE_ENTRY_POINT) /SUBSYSTEM:EFI_BOOT_SERVICE_DRIVER /SAFESEH:NO /BASE:0 /DRIVER /MERGE:.rdata=.data
@@ -2030,7 +2030,7 @@ DEFINE GCC_PP_FLAGS                        = -E -x assembler-with-cpp -include A
 *_GCC48_IA32_DLINK2_FLAGS         = DEF(GCC48_IA32_DLINK2_FLAGS)
 *_GCC48_IA32_RC_FLAGS             = DEF(GCC_IA32_RC_FLAGS)
 *_GCC48_IA32_OBJCOPY_FLAGS        =
-*_GCC48_IA32_NASM_FLAGS           = -f elf32
+*_GCC48_IA32_NASM_FLAGS           = -f elf32 -DRODATA_SECTION_NAME=.rodata
 
   DEBUG_GCC48_IA32_CC_FLAGS       = DEF(GCC48_IA32_CC_FLAGS) -Os
 RELEASE_GCC48_IA32_CC_FLAGS       = DEF(GCC48_IA32_CC_FLAGS) -Os -Wno-unused-but-set-variable
@@ -2058,7 +2058,7 @@ RELEASE_GCC48_IA32_CC_FLAGS       = DEF(GCC48_IA32_CC_FLAGS) -Os -Wno-unused-but
 *_GCC48_X64_DLINK2_FLAGS         = DEF(GCC48_X64_DLINK2_FLAGS)
 *_GCC48_X64_RC_FLAGS             = DEF(GCC_X64_RC_FLAGS)
 *_GCC48_X64_OBJCOPY_FLAGS        =
-*_GCC48_X64_NASM_FLAGS           = -f elf64
+*_GCC48_X64_NASM_FLAGS           = -f elf64 -DRODATA_SECTION_NAME=.rodata
 
   DEBUG_GCC48_X64_CC_FLAGS       = DEF(GCC48_X64_CC_FLAGS) -Os
 RELEASE_GCC48_X64_CC_FLAGS       = DEF(GCC48_X64_CC_FLAGS) -Os -Wno-unused-but-set-variable
@@ -2170,7 +2170,7 @@ RELEASE_GCC48_AARCH64_CC_FLAGS   = DEF(GCC48_AARCH64_CC_FLAGS) -Wno-unused-but-s
 *_GCC49_IA32_DLINK2_FLAGS         = DEF(GCC49_IA32_DLINK2_FLAGS)
 *_GCC49_IA32_RC_FLAGS             = DEF(GCC_IA32_RC_FLAGS)
 *_GCC49_IA32_OBJCOPY_FLAGS        =
-*_GCC49_IA32_NASM_FLAGS           = -f elf32
+*_GCC49_IA32_NASM_FLAGS           = -f elf32 -DRODATA_SECTION_NAME=.rodata
 
   DEBUG_GCC49_IA32_CC_FLAGS       = DEF(GCC49_IA32_CC_FLAGS) -Os
 RELEASE_GCC49_IA32_CC_FLAGS       = DEF(GCC49_IA32_CC_FLAGS) -Os -Wno-unused-but-set-variable -Wno-unused-const-variable
@@ -2198,7 +2198,7 @@ RELEASE_GCC49_IA32_CC_FLAGS       = DEF(GCC49_IA32_CC_FLAGS) -Os -Wno-unused-but
 *_GCC49_X64_DLINK2_FLAGS         = DEF(GCC49_X64_DLINK2_FLAGS)
 *_GCC49_X64_RC_FLAGS             = DEF(GCC_X64_RC_FLAGS)
 *_GCC49_X64_OBJCOPY_FLAGS        =
-*_GCC49_X64_NASM_FLAGS           = -f elf64
+*_GCC49_X64_NASM_FLAGS           = -f elf64 -DRODATA_SECTION_NAME=.rodata
 
   DEBUG_GCC49_X64_CC_FLAGS       = DEF(GCC49_X64_CC_FLAGS) -Os
 RELEASE_GCC49_X64_CC_FLAGS       = DEF(GCC49_X64_CC_FLAGS) -Os -Wno-unused-but-set-variable -Wno-unused-const-variable
@@ -2316,7 +2316,7 @@ RELEASE_GCC49_AARCH64_DLINK_XIPFLAGS = -z common-page-size=0x20
 *_GCC5_IA32_DLINK2_FLAGS         = DEF(GCC5_IA32_DLINK2_FLAGS) -no-pie
 *_GCC5_IA32_RC_FLAGS             = DEF(GCC_IA32_RC_FLAGS)
 *_GCC5_IA32_OBJCOPY_FLAGS        =
-*_GCC5_IA32_NASM_FLAGS           = -f elf32
+*_GCC5_IA32_NASM_FLAGS           = -f elf32 -DRODATA_SECTION_NAME=.rodata
 
   DEBUG_GCC5_IA32_CC_FLAGS       = DEF(GCC5_IA32_CC_FLAGS) -flto -Os
   DEBUG_GCC5_IA32_DLINK_FLAGS    = DEF(GCC5_IA32_X64_DLINK_FLAGS) -flto -Os -Wl,-m,elf_i386,--oformat=elf32-i386
@@ -2348,7 +2348,7 @@ RELEASE_GCC5_IA32_DLINK_FLAGS    = DEF(GCC5_IA32_X64_DLINK_FLAGS) -flto -Os -Wl,
 *_GCC5_X64_DLINK2_FLAGS          = DEF(GCC5_X64_DLINK2_FLAGS)
 *_GCC5_X64_RC_FLAGS              = DEF(GCC_X64_RC_FLAGS)
 *_GCC5_X64_OBJCOPY_FLAGS         =
-*_GCC5_X64_NASM_FLAGS            = -f elf64
+*_GCC5_X64_NASM_FLAGS            = -f elf64 -DRODATA_SECTION_NAME=.rodata
 
   DEBUG_GCC5_X64_CC_FLAGS        = DEF(GCC5_X64_CC_FLAGS) -flto -DUSING_LTO -Os
   DEBUG_GCC5_X64_DLINK_FLAGS     = DEF(GCC5_X64_DLINK_FLAGS) -flto -Os
@@ -2589,7 +2589,7 @@ DEFINE CLANG38_ALL_CC_FLAGS         = DEF(GCC48_ALL_CC_FLAGS) DEF(CLANG38_WARNIN
 *_CLANG38_IA32_ASM_FLAGS            = DEF(GCC5_ASM_FLAGS) -m32 -march=i386 DEF(CLANG38_IA32_TARGET)
 *_CLANG38_IA32_RC_FLAGS             = DEF(GCC_IA32_RC_FLAGS)
 *_CLANG38_IA32_OBJCOPY_FLAGS        =
-*_CLANG38_IA32_NASM_FLAGS           = -f elf32
+*_CLANG38_IA32_NASM_FLAGS           = -f elf32 -DRODATA_SECTION_NAME=.rodata
 *_CLANG38_IA32_PP_FLAGS             = DEF(GCC_PP_FLAGS) DEF(CLANG38_IA32_TARGET)
 *_CLANG38_IA32_ASLPP_FLAGS          = DEF(GCC_ASLPP_FLAGS) DEF(CLANG38_IA32_TARGET)
 *_CLANG38_IA32_VFRPP_FLAGS          = DEF(GCC_VFRPP_FLAGS) DEF(CLANG38_IA32_TARGET)
@@ -2626,7 +2626,7 @@ NOOPT_CLANG38_IA32_DLINK2_FLAGS     = DEF(GCC5_IA32_DLINK2_FLAGS) -O0
 *_CLANG38_X64_ASM_FLAGS            = DEF(GCC5_ASM_FLAGS) -m64 DEF(CLANG38_X64_TARGET)
 *_CLANG38_X64_RC_FLAGS             = DEF(GCC_X64_RC_FLAGS)
 *_CLANG38_X64_OBJCOPY_FLAGS        =
-*_CLANG38_X64_NASM_FLAGS           = -f elf64
+*_CLANG38_X64_NASM_FLAGS           = -f elf64 -DRODATA_SECTION_NAME=.rodata
 *_CLANG38_X64_PP_FLAGS             = DEF(GCC_PP_FLAGS) DEF(CLANG38_X64_TARGET)
 *_CLANG38_X64_ASLPP_FLAGS          = DEF(GCC_ASLPP_FLAGS) DEF(CLANG38_X64_TARGET)
 *_CLANG38_X64_VFRPP_FLAGS          = DEF(GCC_VFRPP_FLAGS) DEF(CLANG38_X64_TARGET)
@@ -2777,7 +2777,7 @@ DEFINE CLANGPDB_ALL_CC_FLAGS         = DEF(GCC48_ALL_CC_FLAGS) DEF(CLANGPDB_WARN
 *_CLANGPDB_IA32_ASLCC_FLAGS          = DEF(GCC_ASLCC_FLAGS) -m32 -fno-lto DEF(CLANGPDB_IA32_TARGET)
 *_CLANGPDB_IA32_ASM_FLAGS            = DEF(GCC_ASM_FLAGS) -m32 -march=i386 DEF(CLANGPDB_IA32_TARGET)
 *_CLANGPDB_IA32_OBJCOPY_FLAGS        =
-*_CLANGPDB_IA32_NASM_FLAGS           = -f win32
+*_CLANGPDB_IA32_NASM_FLAGS           = -f win32 -DRODATA_SECTION_NAME=.rdata
 *_CLANGPDB_IA32_PP_FLAGS             = DEF(GCC_PP_FLAGS) DEF(CLANGPDB_IA32_TARGET)
 *_CLANGPDB_IA32_ASLPP_FLAGS          = DEF(GCC_ASLPP_FLAGS) DEF(CLANGPDB_IA32_TARGET)
 *_CLANGPDB_IA32_VFRPP_FLAGS          = DEF(GCC_VFRPP_FLAGS) DEF(CLANGPDB_IA32_TARGET)
@@ -2811,7 +2811,7 @@ NOOPT_CLANGPDB_IA32_DLINK2_FLAGS     =
 *_CLANGPDB_X64_ASLCC_FLAGS          = DEF(GCC_ASLCC_FLAGS) -m64 -fno-lto DEF(CLANGPDB_X64_TARGET)
 *_CLANGPDB_X64_ASM_FLAGS            = DEF(GCC_ASM_FLAGS) -m64 DEF(CLANGPDB_X64_TARGET)
 *_CLANGPDB_X64_OBJCOPY_FLAGS        =
-*_CLANGPDB_X64_NASM_FLAGS           = -f win64
+*_CLANGPDB_X64_NASM_FLAGS           = -f win64 -DRODATA_SECTION_NAME=.rdata
 *_CLANGPDB_X64_PP_FLAGS             = DEF(GCC_PP_FLAGS) DEF(CLANGPDB_X64_TARGET)
 *_CLANGPDB_X64_ASLPP_FLAGS          = DEF(GCC_ASLPP_FLAGS) DEF(CLANGPDB_X64_TARGET)
 *_CLANGPDB_X64_VFRPP_FLAGS          = DEF(GCC_VFRPP_FLAGS) DEF(CLANGPDB_X64_TARGET)
@@ -2878,7 +2878,7 @@ DEFINE CLANGDWARF_X64_DLINK2_FLAGS        = -Wl,--defsym=PECOFF_HEADER_SIZE=0x22
 *_CLANGDWARF_IA32_ASM_FLAGS            = DEF(GCC5_ASM_FLAGS) -m32 -march=i386 DEF(CLANG38_IA32_TARGET)
 *_CLANGDWARF_IA32_RC_FLAGS             = DEF(GCC_IA32_RC_FLAGS)
 *_CLANGDWARF_IA32_OBJCOPY_FLAGS        =
-*_CLANGDWARF_IA32_NASM_FLAGS           = -f elf32
+*_CLANGDWARF_IA32_NASM_FLAGS           = -f elf32 -DRODATA_SECTION_NAME=.rodata
 *_CLANGDWARF_IA32_PP_FLAGS             = DEF(GCC_PP_FLAGS) DEF(CLANG38_IA32_TARGET)
 *_CLANGDWARF_IA32_ASLPP_FLAGS          = DEF(GCC_ASLPP_FLAGS) DEF(CLANG38_IA32_TARGET)
 *_CLANGDWARF_IA32_VFRPP_FLAGS          = DEF(GCC_VFRPP_FLAGS) DEF(CLANG38_IA32_TARGET)
@@ -2914,7 +2914,7 @@ NOOPT_CLANGDWARF_IA32_DLINK2_FLAGS     = DEF(CLANGDWARF_IA32_DLINK2_FLAGS) -O0 -
 *_CLANGDWARF_X64_ASM_FLAGS            = DEF(GCC5_ASM_FLAGS) -m64 DEF(CLANG38_X64_TARGET)
 *_CLANGDWARF_X64_RC_FLAGS             = DEF(GCC_X64_RC_FLAGS)
 *_CLANGDWARF_X64_OBJCOPY_FLAGS        =
-*_CLANGDWARF_X64_NASM_FLAGS           = -f elf64
+*_CLANGDWARF_X64_NASM_FLAGS           = -f elf64 -DRODATA_SECTION_NAME=.rodata
 *_CLANGDWARF_X64_PP_FLAGS             = DEF(GCC_PP_FLAGS) DEF(CLANG38_X64_TARGET)
 *_CLANGDWARF_X64_ASLPP_FLAGS          = DEF(GCC_ASLPP_FLAGS) DEF(CLANG38_X64_TARGET)
 *_CLANGDWARF_X64_VFRPP_FLAGS          = DEF(GCC_VFRPP_FLAGS) DEF(CLANG38_X64_TARGET)
@@ -2985,7 +2985,7 @@ RELEASE_XCODE5_IA32_DLINK_FLAGS      = -arch i386 -u _$(IMAGE_ENTRY_POINT) -e _$
   DEBUG_XCODE5_IA32_ASM_FLAGS  = -arch i386 -g
   NOOPT_XCODE5_IA32_ASM_FLAGS  = -arch i386 -g
 RELEASE_XCODE5_IA32_ASM_FLAGS  = -arch i386
-      *_XCODE5_IA32_NASM_FLAGS = -f macho32
+      *_XCODE5_IA32_NASM_FLAGS = -f macho32 -DRODATA_SECTION_NAME=.rodata
 
 
   DEBUG_XCODE5_IA32_CC_FLAGS   = -arch i386 -c -g -Os       -Wall -Werror -include AutoGen.h -funsigned-char -fno-stack-protector -fno-builtin -fshort-wchar -fasm-blocks -mdynamic-no-pic -mno-implicit-float -mms-bitfields -msoft-float -Wno-unused-parameter -Wno-missing-braces -Wno-missing-field-initializers -Wno-tautological-compare -Wno-sign-compare -Wno-varargs -ftrap-function=undefined_behavior_has_been_optimized_away_by_clang $(PLATFORM_FLAGS)
@@ -3003,7 +3003,7 @@ RELEASE_XCODE5_X64_DLINK_FLAGS      = -arch x86_64 -u _$(IMAGE_ENTRY_POINT) -e _
   DEBUG_XCODE5_X64_ASM_FLAGS  = -arch x86_64 -g
   NOOPT_XCODE5_X64_ASM_FLAGS  = -arch x86_64 -g
 RELEASE_XCODE5_X64_ASM_FLAGS  = -arch x86_64
-      *_XCODE5_X64_NASM_FLAGS = -f macho64
+      *_XCODE5_X64_NASM_FLAGS = -f macho64 -DRODATA_SECTION_NAME=.rodata
 *_XCODE5_*_PP_FLAGS         = -E -x assembler-with-cpp -include AutoGen.h
 *_XCODE5_*_VFRPP_FLAGS      = -x c -E -P -DVFRCOMPILE -include $(MODULE_NAME)StrDefs.h
 
-- 
2.31.1



^ permalink raw reply related	[flat|nested] 49+ messages in thread

* [PATCH] BaseTools/tools_def: Fix CLANGPDB X64 RCPATH
  2021-08-08 19:39 [PATCH] ArmPkg/DefaultExceptionHandlerLib: Fix DebugImageInfoTable lookup Marvin Häuser
  2021-08-08 19:39 ` [PATCH] BaseTools: Define the read-only data section name per toolchain Marvin Häuser
@ 2021-08-08 19:39 ` Marvin Häuser
  2021-08-08 19:39 ` [PATCH] EmulatorPkg/Host/Unix: Drop dlopen() usage Marvin Häuser
                   ` (16 subsequent siblings)
  18 siblings, 0 replies; 49+ messages in thread
From: Marvin Häuser @ 2021-08-08 19:39 UTC (permalink / raw)
  To: devel; +Cc: Bob Feng, Liming Gao, Yuwei Chen, Vitaly Cheptsov

Use the correct X64 path for CLANGPDB RCPATH.

Cc: Bob Feng <bob.c.feng@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Yuwei Chen <yuwei.chen@intel.com>
Cc: Vitaly Cheptsov <vit9696@protonmail.com>
Signed-off-by: Marvin Häuser <mhaeuser@posteo.de>
---
 BaseTools/Conf/tools_def.template | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/BaseTools/Conf/tools_def.template b/BaseTools/Conf/tools_def.template
index 2e6b382ab623..de13fb0732db 100755
--- a/BaseTools/Conf/tools_def.template
+++ b/BaseTools/Conf/tools_def.template
@@ -2806,7 +2806,7 @@ NOOPT_CLANGPDB_IA32_DLINK2_FLAGS     =
 *_CLANGPDB_X64_VFRPP_PATH           = DEF(CLANGPDB_X64_PREFIX)clang
 *_CLANGPDB_X64_ASLCC_PATH           = DEF(CLANGPDB_X64_PREFIX)clang
 *_CLANGPDB_X64_ASLPP_PATH           = DEF(CLANGPDB_X64_PREFIX)clang
-*_CLANGPDB_X64_RC_PATH              = DEF(CLANGPDB_IA32_PREFIX)llvm-rc
+*_CLANGPDB_X64_RC_PATH              = DEF(CLANGPDB_X64_PREFIX)llvm-rc
 
 *_CLANGPDB_X64_ASLCC_FLAGS          = DEF(GCC_ASLCC_FLAGS) -m64 -fno-lto DEF(CLANGPDB_X64_TARGET)
 *_CLANGPDB_X64_ASM_FLAGS            = DEF(GCC_ASM_FLAGS) -m64 DEF(CLANGPDB_X64_TARGET)
-- 
2.31.1


^ permalink raw reply related	[flat|nested] 49+ messages in thread

* [PATCH] EmulatorPkg/Host/Unix: Drop dlopen() usage
  2021-08-08 19:39 [PATCH] ArmPkg/DefaultExceptionHandlerLib: Fix DebugImageInfoTable lookup Marvin Häuser
  2021-08-08 19:39 ` [PATCH] BaseTools: Define the read-only data section name per toolchain Marvin Häuser
  2021-08-08 19:39 ` [PATCH] BaseTools/tools_def: Fix CLANGPDB X64 RCPATH Marvin Häuser
@ 2021-08-08 19:39 ` Marvin Häuser
  2021-08-08 19:39 ` [PATCH] EmulatorPkg/Host/Unix: Remove unused declarations Marvin Häuser
                   ` (15 subsequent siblings)
  18 siblings, 0 replies; 49+ messages in thread
From: Marvin Häuser @ 2021-08-08 19:39 UTC (permalink / raw)
  To: devel; +Cc: Andrew Fish, Ray Ni, Vitaly Cheptsov

To assist debugging, i.e. to have the OS load the image debug
symbols, EmulatorPkg/Unix used to load most UEFI executables with OS
APIs, namely dlopen() and dlclose(). After support was added for GDB
and LLDB debugging of images loaded by the EDK II code, this route
became orphaned. Namely, it does not work for a variety of reasons:

1) Support is explicitly disabled for Xcode builds.
2) The dlopen() route is only attempted if the PDB path name ends
with ".pdb", which has not been the case with recent GCC toolchains.
3) By default, the images are not 4K-aligned, which causes some OSes
to deny the image executioon.
4) With recent GCC toolchains, UEFI images are built as ELF
executables, which cannot be dynamically loaded via dlopen().

Drop support for the dlopen() path as realistically it has not been
used or functioning in a long time.

Cc: Andrew Fish <afish@apple.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Vitaly Cheptsov <vit9696@protonmail.com>
Signed-off-by: Marvin Häuser <mhaeuser@posteo.de>
---
 EmulatorPkg/Unix/Host/Host.c | 194 +-------------------
 1 file changed, 2 insertions(+), 192 deletions(-)

diff --git a/EmulatorPkg/Unix/Host/Host.c b/EmulatorPkg/Unix/Host/Host.c
index b4e5510613c8..e19e20ed2902 100644
--- a/EmulatorPkg/Unix/Host/Host.c
+++ b/EmulatorPkg/Unix/Host/Host.c
@@ -48,9 +48,6 @@ EMU_SYSTEM_MEMORY  *gSystemMemory;
 
 
 
-UINTN                        mImageContextModHandleArraySize = 0;
-IMAGE_CONTEXT_TO_MOD_HANDLE  *mImageContextModHandleArray = NULL;
-
 EFI_PEI_PPI_DESCRIPTOR  *gPpiList;
 
 
@@ -118,8 +115,7 @@ main (
   SecGdbConfigBreak ();
 
   //
-  // If dlopen doesn't work, then we build a gdb script to allow the
-  // symbols to be loaded.
+  // We build a gdb script to allow the symbols to be loaded.
   //
   Index = strlen (*Argv);
   gGdbWorkingFileName = AllocatePool (Index + strlen(".gdb") + 1);
@@ -762,7 +758,6 @@ SecPeCoffGetEntryPoint (
     ImageContext.EntryPoint = (UINTN)*EntryPoint;
   }
 
-  // On Unix a dlopen is done that will change the entry point
   SecPeCoffRelocateImageExtraAction (&ImageContext);
   *EntryPoint = (VOID *)(UINTN)ImageContext.EntryPoint;
 
@@ -891,115 +886,6 @@ Returns:
 }
 
 
-/*++
-
-Routine Description:
-  Store the ModHandle in an array indexed by the Pdb File name.
-  The ModHandle is needed to unload the image.
-
-Arguments:
-  ImageContext - Input data returned from PE Loader Library. Used to find the
-                 .PDB file name of the PE Image.
-  ModHandle    - Returned from LoadLibraryEx() and stored for call to
-                 FreeLibrary().
-
-Returns:
-  EFI_SUCCESS - ModHandle was stored.
-
-**/
-EFI_STATUS
-AddHandle (
-  IN  PE_COFF_LOADER_IMAGE_CONTEXT         *ImageContext,
-  IN  VOID                                 *ModHandle
-  )
-{
-  UINTN                       Index;
-  IMAGE_CONTEXT_TO_MOD_HANDLE *Array;
-  UINTN                       PreviousSize;
-
-
-  Array = mImageContextModHandleArray;
-  for (Index = 0; Index < mImageContextModHandleArraySize; Index++, Array++) {
-    if (Array->ImageContext == NULL) {
-      //
-      // Make a copy of the string and store the ModHandle
-      //
-      Array->ImageContext = ImageContext;
-      Array->ModHandle    = ModHandle;
-      return EFI_SUCCESS;
-    }
-  }
-
-  //
-  // No free space in mImageContextModHandleArray so grow it by
-  // IMAGE_CONTEXT_TO_MOD_HANDLE entires. realloc will
-  // copy the old values to the new location. But it does
-  // not zero the new memory area.
-  //
-  PreviousSize = mImageContextModHandleArraySize * sizeof (IMAGE_CONTEXT_TO_MOD_HANDLE);
-  mImageContextModHandleArraySize += MAX_IMAGE_CONTEXT_TO_MOD_HANDLE_ARRAY_SIZE;
-
-  mImageContextModHandleArray = ReallocatePool (
-                                  (mImageContextModHandleArraySize - 1) * sizeof (IMAGE_CONTEXT_TO_MOD_HANDLE),
-                                  mImageContextModHandleArraySize * sizeof (IMAGE_CONTEXT_TO_MOD_HANDLE),
-                                  mImageContextModHandleArray
-                                  );
-  if (mImageContextModHandleArray == NULL) {
-    ASSERT (FALSE);
-    return EFI_OUT_OF_RESOURCES;
-  }
-
-  memset (mImageContextModHandleArray + PreviousSize, 0, MAX_IMAGE_CONTEXT_TO_MOD_HANDLE_ARRAY_SIZE * sizeof (IMAGE_CONTEXT_TO_MOD_HANDLE));
-
-  return AddHandle (ImageContext, ModHandle);
-}
-
-
-/*++
-
-Routine Description:
-  Return the ModHandle and delete the entry in the array.
-
-Arguments:
-  ImageContext - Input data returned from PE Loader Library. Used to find the
-                 .PDB file name of the PE Image.
-
-Returns:
-  ModHandle - ModHandle associated with ImageContext is returned
-  NULL      - No ModHandle associated with ImageContext
-
-**/
-VOID *
-RemoveHandle (
-  IN  PE_COFF_LOADER_IMAGE_CONTEXT         *ImageContext
-  )
-{
-  UINTN                        Index;
-  IMAGE_CONTEXT_TO_MOD_HANDLE  *Array;
-
-  if (ImageContext->PdbPointer == NULL) {
-    //
-    // If no PDB pointer there is no ModHandle so return NULL
-    //
-    return NULL;
-  }
-
-  Array = mImageContextModHandleArray;
-  for (Index = 0; Index < mImageContextModHandleArraySize; Index++, Array++) {
-    if (Array->ImageContext == ImageContext) {
-      //
-      // If you find a match return it and delete the entry
-      //
-      Array->ImageContext = NULL;
-      return Array->ModHandle;
-    }
-  }
-
-  return NULL;
-}
-
-
-
 BOOLEAN
 IsPdbFile (
   IN  CHAR8   *PdbFileName
@@ -1052,67 +938,6 @@ PrintLoadAddress (
 }
 
 
-/**
-  Loads the image using dlopen so symbols will be automatically
-  loaded by gdb.
-
-  @param  ImageContext  The PE/COFF image context
-
-  @retval TRUE - The image was successfully loaded
-  @retval FALSE - The image was successfully loaded
-
-**/
-BOOLEAN
-DlLoadImage (
-  IN OUT PE_COFF_LOADER_IMAGE_CONTEXT         *ImageContext
-  )
-{
-
-#ifdef __APPLE__
-
-  return FALSE;
-
-#else
-
-  void        *Handle = NULL;
-  void        *Entry = NULL;
-
-  if (ImageContext->PdbPointer == NULL) {
-    return FALSE;
-  }
-
-  if (!IsPdbFile (ImageContext->PdbPointer)) {
-    return FALSE;
-  }
-
-  fprintf (
-     stderr,
-     "Loading %s 0x%08lx - entry point 0x%08lx\n",
-     ImageContext->PdbPointer,
-     (unsigned long)ImageContext->ImageAddress,
-     (unsigned long)ImageContext->EntryPoint
-     );
-
-  Handle = dlopen (ImageContext->PdbPointer, RTLD_NOW);
-  if (Handle != NULL) {
-    Entry = dlsym (Handle, "_ModuleEntryPoint");
-    AddHandle (ImageContext, Handle);
-  } else {
-    printf("%s\n", dlerror());
-  }
-
-  if (Entry != NULL) {
-    ImageContext->EntryPoint = (UINTN)Entry;
-    printf ("Change %s Entrypoint to :0x%08lx\n", ImageContext->PdbPointer, (unsigned long)Entry);
-    return TRUE;
-  } else {
-    return FALSE;
-  }
-
-#endif
-}
-
-
 #ifdef __APPLE__
 __attribute__((noinline))
 #endif
@@ -1195,9 +1020,7 @@ SecPeCoffRelocateImageExtraAction (
   IN OUT PE_COFF_LOADER_IMAGE_CONTEXT         *ImageContext
   )
 {
-  if (!DlLoadImage (ImageContext)) {
-    GdbScriptAddImage (ImageContext);
-  }
+  GdbScriptAddImage (ImageContext);
 }
 
 
@@ -1264,19 +1087,6 @@ SecPeCoffUnloadImageExtraAction (
   IN PE_COFF_LOADER_IMAGE_CONTEXT         *ImageContext
   )
 {
-  VOID *Handle;
-
-  //
-  // Check to see if the image symbols were loaded with gdb script, or dlopen
-  //
-  Handle = RemoveHandle (ImageContext);
-  if (Handle != NULL) {
-#ifndef __APPLE__
-    dlclose (Handle);
-#endif
-    return;
-  }
-
   GdbScriptRemoveImage (ImageContext);
 }
 
-- 
2.31.1


^ permalink raw reply related	[flat|nested] 49+ messages in thread

* [PATCH] EmulatorPkg/Host/Unix: Remove unused declarations
  2021-08-08 19:39 [PATCH] ArmPkg/DefaultExceptionHandlerLib: Fix DebugImageInfoTable lookup Marvin Häuser
                   ` (2 preceding siblings ...)
  2021-08-08 19:39 ` [PATCH] EmulatorPkg/Host/Unix: Drop dlopen() usage Marvin Häuser
@ 2021-08-08 19:39 ` Marvin Häuser
  2021-08-08 19:39 ` [PATCH] MdeModulePkg/CoreDxe: Drop caller-allocated image buffers Marvin Häuser
                   ` (14 subsequent siblings)
  18 siblings, 0 replies; 49+ messages in thread
From: Marvin Häuser @ 2021-08-08 19:39 UTC (permalink / raw)
  To: devel; +Cc: Andrew Fish, Ray Ni, Vitaly Cheptsov

Remove declarations of functions that are not implemented at all,
or are implemented elsewhere.

Cc: Andrew Fish <afish@apple.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Vitaly Cheptsov <vit9696@protonmail.com>
Signed-off-by: Marvin Häuser <mhaeuser@posteo.de>
---
 EmulatorPkg/Unix/Host/Host.h | 87 --------------------
 1 file changed, 87 deletions(-)

diff --git a/EmulatorPkg/Unix/Host/Host.h b/EmulatorPkg/Unix/Host/Host.h
index 9791cf8c370e..b2e5eafb6323 100644
--- a/EmulatorPkg/Unix/Host/Host.h
+++ b/EmulatorPkg/Unix/Host/Host.h
@@ -145,15 +145,6 @@ typedef struct {
 } IMAGE_CONTEXT_TO_MOD_HANDLE;
 
 
-EFI_STATUS
-EFIAPI
-SecUnixPeiLoadFile (
-  VOID                  *Pe32Data,
-  EFI_PHYSICAL_ADDRESS  *ImageAddress,
-  UINT64                *ImageSize,
-  EFI_PHYSICAL_ADDRESS  *EntryPoint
-  );
-
 int
 main (
   IN  int   Argc,
@@ -169,48 +160,6 @@ SecLoadFromCore (
   IN  VOID    *PeiCoreFile
   );
 
-EFI_STATUS
-SecLoadFile (
-  IN  VOID                    *Pe32Data,
-  IN  EFI_PHYSICAL_ADDRESS    *ImageAddress,
-  IN  UINT64                  *ImageSize,
-  IN  EFI_PHYSICAL_ADDRESS    *EntryPoint
-  );
-
-EFI_STATUS
-SecFfsFindPeiCore (
-  IN  EFI_FIRMWARE_VOLUME_HEADER  *FwVolHeader,
-  OUT VOID                        **Pe32Data
-  );
-
-EFI_STATUS
-SecFfsFindNextFile (
-  IN EFI_FV_FILETYPE             SearchType,
-  IN EFI_FIRMWARE_VOLUME_HEADER  *FwVolHeader,
-  IN OUT EFI_FFS_FILE_HEADER     **FileHeader
-  );
-
-EFI_STATUS
-SecFfsFindSectionData (
-  IN EFI_SECTION_TYPE      SectionType,
-  IN EFI_FFS_FILE_HEADER   *FfsFileHeader,
-  IN OUT VOID              **SectionData
-  );
-
-EFI_STATUS
-EFIAPI
-SecUnixPeCoffLoaderLoadAsDll (
-  IN CHAR8    *PdbFileName,
-  IN VOID     **ImageEntryPoint,
-  OUT VOID    **ModHandle
-  );
-
-EFI_STATUS
-EFIAPI
-SecUnixPeCoffLoaderFreeLibrary (
-  OUT VOID    *ModHandle
-  );
-
 EFI_STATUS
 SecUnixFdAddress (
   IN     UINTN                 Index,
@@ -231,12 +180,6 @@ GasketSecUnixFdAddress (
 ;
 
 
-EFI_STATUS
-GetImageReadFunction (
-  IN PE_COFF_LOADER_IMAGE_CONTEXT          *ImageContext,
-  IN EFI_PHYSICAL_ADDRESS                  *TopOfMemory
-  );
-
 EFI_STATUS
 EFIAPI
 SecImageRead (
@@ -246,36 +189,12 @@ SecImageRead (
   OUT    VOID    *Buffer
   );
 
-CHAR16                            *
-AsciiToUnicode (
-  IN  CHAR8   *Ascii,
-  IN  UINTN   *StrLen OPTIONAL
-  );
-
 UINTN
 CountSeparatorsInString (
   IN  const CHAR16   *String,
   IN  CHAR16   Separator
   );
 
-EFI_STATUS
-EFIAPI
-SecTemporaryRamSupport (
-  IN CONST EFI_PEI_SERVICES   **PeiServices,
-  IN EFI_PHYSICAL_ADDRESS     TemporaryMemoryBase,
-  IN EFI_PHYSICAL_ADDRESS     PermanentMemoryBase,
-  IN UINTN                    CopySize
-  );
-
-EFI_STATUS
-EFIAPI
-GasketSecTemporaryRamSupport (
-  IN CONST EFI_PEI_SERVICES   **PeiServices,
-  IN EFI_PHYSICAL_ADDRESS     TemporaryMemoryBase,
-  IN EFI_PHYSICAL_ADDRESS     PermanentMemoryBase,
-  IN UINTN                    CopySize
-  );
-
 
 RETURN_STATUS
 EFIAPI
@@ -290,12 +209,6 @@ SecPeCoffRelocateImageExtraAction (
   IN OUT PE_COFF_LOADER_IMAGE_CONTEXT  *ImageContext
   );
 
-VOID
-EFIAPI
-SecPeCoffLoaderUnloadImageExtraAction (
-  IN OUT PE_COFF_LOADER_IMAGE_CONTEXT  *ImageContext
-  );
-
 
 VOID
 PeiSwitchStacks (
-- 
2.31.1


^ permalink raw reply related	[flat|nested] 49+ messages in thread

* [PATCH] MdeModulePkg/CoreDxe: Drop caller-allocated image buffers
  2021-08-08 19:39 [PATCH] ArmPkg/DefaultExceptionHandlerLib: Fix DebugImageInfoTable lookup Marvin Häuser
                   ` (3 preceding siblings ...)
  2021-08-08 19:39 ` [PATCH] EmulatorPkg/Host/Unix: Remove unused declarations Marvin Häuser
@ 2021-08-08 19:39 ` Marvin Häuser
  2021-08-08 19:39 ` [PATCH] MdeModulePkg/DxeCore: Consistent DebugImageInfoTable updates Marvin Häuser
                   ` (13 subsequent siblings)
  18 siblings, 0 replies; 49+ messages in thread
From: Marvin Häuser @ 2021-08-08 19:39 UTC (permalink / raw)
  To: devel; +Cc: Jian J Wang, Hao A Wu, Dandan Bi, Liming Gao, Vitaly Cheptsov

The current image loading code supports using an caller-allocated
buffer to load an UEFI image into. This concept is inherently flawed
as a caller would need to parse the image itself first to retrieve
the appropriate destination size.

As the only caller does not use this functionality, remove it.
Further drop the EntryPoint parameter, as it is unused as well.

Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
Cc: Dandan Bi <dandan.bi@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Vitaly Cheptsov <vit9696@protonmail.com>
Signed-off-by: Marvin Häuser <mhaeuser@posteo.de>
---
 MdeModulePkg/Core/Dxe/Image/Image.c | 199 ++++++--------------
 1 file changed, 62 insertions(+), 137 deletions(-)

diff --git a/MdeModulePkg/Core/Dxe/Image/Image.c b/MdeModulePkg/Core/Dxe/Image/Image.c
index 641a5715b112..1de83f96e5ed 100644
--- a/MdeModulePkg/Core/Dxe/Image/Image.c
+++ b/MdeModulePkg/Core/Dxe/Image/Image.c
@@ -540,8 +540,6 @@ CoreIsImageTypeSupported (
                                   boot selection.
   @param  Pe32Handle              The handle of PE32 image
   @param  Image                   PE image to be loaded
-  @param  DstBuffer               The buffer to store the image
-  @param  EntryPoint              A pointer to the entry point
   @param  Attribute               The bit mask of attributes to set for the load
                                   PE image
 
@@ -557,13 +555,10 @@ CoreLoadPeImage (
   IN BOOLEAN                     BootPolicy,
   IN VOID                        *Pe32Handle,
   IN LOADED_IMAGE_PRIVATE_DATA   *Image,
-  IN EFI_PHYSICAL_ADDRESS        DstBuffer    OPTIONAL,
-  OUT EFI_PHYSICAL_ADDRESS       *EntryPoint  OPTIONAL,
   IN  UINT32                     Attribute
   )
 {
   EFI_STATUS                Status;
-  BOOLEAN                   DstBufAlocated;
   UINTN                     Size;
 
   ZeroMem (&Image->ImageContext, sizeof (Image->ImageContext));
@@ -615,93 +610,63 @@ CoreLoadPeImage (
   //
   // Allocate memory of the correct memory type aligned on the required image boundary
   //
-  DstBufAlocated = FALSE;
-  if (DstBuffer == 0) {
-    //
-    // Allocate Destination Buffer as caller did not pass it in
-    //
 
-    if (Image->ImageContext.SectionAlignment > EFI_PAGE_SIZE) {
-      Size = (UINTN)Image->ImageContext.ImageSize + Image->ImageContext.SectionAlignment;
-    } else {
-      Size = (UINTN)Image->ImageContext.ImageSize;
-    }
-
-    Image->NumberOfPages = EFI_SIZE_TO_PAGES (Size);
-
-    //
-    // If the image relocations have not been stripped, then load at any address.
-    // Otherwise load at the address at which it was linked.
-    //
-    // Memory below 1MB should be treated reserved for CSM and there should be
-    // no modules whose preferred load addresses are below 1MB.
-    //
-    Status = EFI_OUT_OF_RESOURCES;
-    //
-    // If Loading Module At Fixed Address feature is enabled, the module should be loaded to
-    // a specified address.
-    //
-    if (PcdGet64(PcdLoadModuleAtFixAddressEnable) != 0 ) {
-      Status = GetPeCoffImageFixLoadingAssignedAddress (&(Image->ImageContext));
-
-      if (EFI_ERROR (Status))  {
-          //
-          // If the code memory is not ready, invoke CoreAllocatePage with AllocateAnyPages to load the driver.
-          //
-          DEBUG ((EFI_D_INFO|EFI_D_LOAD, "LOADING MODULE FIXED ERROR: Loading module at fixed address failed since specified memory is not available.\n"));
-
-          Status = CoreAllocatePages (
-                     AllocateAnyPages,
-                     (EFI_MEMORY_TYPE) (Image->ImageContext.ImageCodeMemoryType),
-                     Image->NumberOfPages,
-                     &Image->ImageContext.ImageAddress
-                     );
-      }
-    } else {
-      if (Image->ImageContext.ImageAddress >= 0x100000 || Image->ImageContext.RelocationsStripped) {
-        Status = CoreAllocatePages (
-                   AllocateAddress,
-                   (EFI_MEMORY_TYPE) (Image->ImageContext.ImageCodeMemoryType),
-                   Image->NumberOfPages,
-                   &Image->ImageContext.ImageAddress
-                   );
-      }
-      if (EFI_ERROR (Status) && !Image->ImageContext.RelocationsStripped) {
-        Status = CoreAllocatePages (
-                   AllocateAnyPages,
-                   (EFI_MEMORY_TYPE) (Image->ImageContext.ImageCodeMemoryType),
-                   Image->NumberOfPages,
-                   &Image->ImageContext.ImageAddress
-                   );
-      }
-    }
-    if (EFI_ERROR (Status)) {
-      return Status;
-    }
-    DstBufAlocated = TRUE;
+  if (Image->ImageContext.SectionAlignment > EFI_PAGE_SIZE) {
+    Size = (UINTN)Image->ImageContext.ImageSize + Image->ImageContext.SectionAlignment;
   } else {
-    //
-    // Caller provided the destination buffer
-    //
-
-    if (Image->ImageContext.RelocationsStripped && (Image->ImageContext.ImageAddress != DstBuffer)) {
+    Size = (UINTN)Image->ImageContext.ImageSize;
+  }
+
+  Image->NumberOfPages = EFI_SIZE_TO_PAGES (Size);
+
+  //
+  // If the image relocations have not been stripped, then load at any address.
+  // Otherwise load at the address at which it was linked.
+  //
+  // Memory below 1MB should be treated reserved for CSM and there should be
+  // no modules whose preferred load addresses are below 1MB.
+  //
+  Status = EFI_OUT_OF_RESOURCES;
+  //
+  // If Loading Module At Fixed Address feature is enabled, the module should be loaded to
+  // a specified address.
+  //
+  if (PcdGet64(PcdLoadModuleAtFixAddressEnable) != 0 ) {
+    Status = GetPeCoffImageFixLoadingAssignedAddress (&(Image->ImageContext));
+
+    if (EFI_ERROR (Status))  {
       //
-      // If the image relocations were stripped, and the caller provided a
-      // destination buffer address that does not match the address that the
-      // image is linked at, then the image cannot be loaded.
+      // If the code memory is not ready, invoke CoreAllocatePage with AllocateAnyPages to load the driver.
       //
-      return EFI_INVALID_PARAMETER;
+      DEBUG ((EFI_D_INFO|EFI_D_LOAD, "LOADING MODULE FIXED ERROR: Loading module at fixed address failed since specified memory is not available.\n"));
+
+      Status = CoreAllocatePages (
+                 AllocateAnyPages,
+                 (EFI_MEMORY_TYPE) (Image->ImageContext.ImageCodeMemoryType),
+                 Image->NumberOfPages,
+                 &Image->ImageContext.ImageAddress
+                 );
     }
-
-    if (Image->NumberOfPages != 0 &&
-        Image->NumberOfPages <
-        (EFI_SIZE_TO_PAGES ((UINTN)Image->ImageContext.ImageSize + Image->ImageContext.SectionAlignment))) {
-      Image->NumberOfPages = EFI_SIZE_TO_PAGES ((UINTN)Image->ImageContext.ImageSize + Image->ImageContext.SectionAlignment);
-      return EFI_BUFFER_TOO_SMALL;
+  } else {
+    if (Image->ImageContext.ImageAddress >= 0x100000 || Image->ImageContext.RelocationsStripped) {
+      Status = CoreAllocatePages (
+                  AllocateAddress,
+                  (EFI_MEMORY_TYPE) (Image->ImageContext.ImageCodeMemoryType),
+                  Image->NumberOfPages,
+                  &Image->ImageContext.ImageAddress
+                  );
     }
-
-    Image->NumberOfPages = EFI_SIZE_TO_PAGES ((UINTN)Image->ImageContext.ImageSize + Image->ImageContext.SectionAlignment);
-    Image->ImageContext.ImageAddress = DstBuffer;
+    if (EFI_ERROR (Status) && !Image->ImageContext.RelocationsStripped) {
+      Status = CoreAllocatePages (
+                  AllocateAnyPages,
+                  (EFI_MEMORY_TYPE) (Image->ImageContext.ImageCodeMemoryType),
+                  Image->NumberOfPages,
+                  &Image->ImageContext.ImageAddress
+                  );
+    }
+  }
+  if (EFI_ERROR (Status)) {
+    return Status;
   }
 
   Image->ImageBasePage = Image->ImageContext.ImageAddress;
@@ -783,13 +748,6 @@ CoreLoadPeImage (
     }
   }
 
-  //
-  // Fill in the entry point of the image if it is available
-  //
-  if (EntryPoint != NULL) {
-    *EntryPoint = Image->ImageContext.EntryPoint;
-  }
-
   //
   // Print the load address and the PDB file name if it is available
   //
@@ -854,11 +812,9 @@ Done:
   // Free memory.
   //
 
-  if (DstBufAlocated) {
-    CoreFreePages (Image->ImageContext.ImageAddress, Image->NumberOfPages);
-    Image->ImageContext.ImageAddress = 0;
-    Image->ImageBasePage = 0;
-  }
+  CoreFreePages (Image->ImageContext.ImageAddress, Image->NumberOfPages);
+  Image->ImageContext.ImageAddress = 0;
+  Image->ImageBasePage = 0;
 
   if (Image->ImageContext.FixupData != NULL) {
     CoreFreePool (Image->ImageContext.FixupData);
@@ -906,13 +862,11 @@ CoreLoadedImageInfo (
   Unloads EFI image from memory.
 
   @param  Image                   EFI image
-  @param  FreePage                Free allocated pages
 
 **/
 VOID
 CoreUnloadAndCloseImage (
-  IN LOADED_IMAGE_PRIVATE_DATA  *Image,
-  IN BOOLEAN                    FreePage
+  IN LOADED_IMAGE_PRIVATE_DATA  *Image
   )
 {
   EFI_STATUS                          Status;
@@ -1038,7 +992,7 @@ CoreUnloadAndCloseImage (
   //
   // Free the Image from memory
   //
-  if ((Image->ImageBasePage != 0) && FreePage) {
+  if (Image->ImageBasePage != 0) {
     CoreFreePages (Image->ImageBasePage, Image->NumberOfPages);
   }
 
@@ -1074,15 +1028,8 @@ CoreUnloadAndCloseImage (
   @param  SourceBuffer            If not NULL, a pointer to the memory location
                                   containing a copy of the image to be loaded.
   @param  SourceSize              The size in bytes of SourceBuffer.
-  @param  DstBuffer               The buffer to store the image
-  @param  NumberOfPages           If not NULL, it inputs a pointer to the page
-                                  number of DstBuffer and outputs a pointer to
-                                  the page number of the image. If this number is
-                                  not enough,  return EFI_BUFFER_TOO_SMALL and
-                                  this parameter contains the required number.
   @param  ImageHandle             Pointer to the returned image handle that is
                                   created when the image is successfully loaded.
-  @param  EntryPoint              A pointer to the entry point
   @param  Attribute               The bit mask of attributes to set for the load
                                   PE image
 
@@ -1112,10 +1059,7 @@ CoreLoadImageCommon (
   IN  EFI_DEVICE_PATH_PROTOCOL         *FilePath,
   IN  VOID                             *SourceBuffer       OPTIONAL,
   IN  UINTN                            SourceSize,
-  IN  EFI_PHYSICAL_ADDRESS             DstBuffer           OPTIONAL,
-  IN OUT UINTN                         *NumberOfPages      OPTIONAL,
   OUT EFI_HANDLE                       *ImageHandle,
-  OUT EFI_PHYSICAL_ADDRESS             *EntryPoint         OPTIONAL,
   IN  UINT32                           Attribute
   )
 {
@@ -1320,13 +1264,6 @@ CoreLoadImageCommon (
   Image->Info.FilePath     = DuplicateDevicePath (FilePath);
   Image->Info.ParentHandle = ParentImageHandle;
 
-
-  if (NumberOfPages != NULL) {
-    Image->NumberOfPages = *NumberOfPages ;
-  } else {
-    Image->NumberOfPages = 0 ;
-  }
-
   //
   // Install the protocol interfaces for this image
   // don't fire notifications yet
@@ -1343,22 +1280,13 @@ CoreLoadImageCommon (
   }
 
   //
-  // Load the image.  If EntryPoint is Null, it will not be set.
+  // Load the image.
   //
-  Status = CoreLoadPeImage (BootPolicy, &FHand, Image, DstBuffer, EntryPoint, Attribute);
+  Status = CoreLoadPeImage (BootPolicy, &FHand, Image, Attribute);
   if (EFI_ERROR (Status)) {
-    if ((Status == EFI_BUFFER_TOO_SMALL) || (Status == EFI_OUT_OF_RESOURCES)) {
-      if (NumberOfPages != NULL) {
-        *NumberOfPages = Image->NumberOfPages;
-      }
-    }
     goto Done;
   }
 
-  if (NumberOfPages != NULL) {
-    *NumberOfPages = Image->NumberOfPages;
-  }
-
   //
   // Register the image in the Debug Image Info Table if the attribute is set
   //
@@ -1438,7 +1366,7 @@ Done:
   //
   if (EFI_ERROR (Status)) {
     if (Image != NULL) {
-      CoreUnloadAndCloseImage (Image, (BOOLEAN)(DstBuffer == 0));
+      CoreUnloadAndCloseImage (Image);
       Image = NULL;
     }
   } else if (EFI_ERROR (SecurityStatus)) {
@@ -1514,10 +1442,7 @@ CoreLoadImage (
              FilePath,
              SourceBuffer,
              SourceSize,
-             (EFI_PHYSICAL_ADDRESS) (UINTN) NULL,
-             NULL,
              ImageHandle,
-             NULL,
              EFI_LOAD_PE_IMAGE_ATTRIBUTE_RUNTIME_REGISTRATION | EFI_LOAD_PE_IMAGE_ATTRIBUTE_DEBUG_IMAGE_INFO_TABLE_REGISTRATION
              );
 
@@ -1734,7 +1659,7 @@ CoreStartImage (
   // unload it
   //
   if (EFI_ERROR (Image->Status) || Image->Type == EFI_IMAGE_SUBSYSTEM_EFI_APPLICATION) {
-    CoreUnloadAndCloseImage (Image, TRUE);
+    CoreUnloadAndCloseImage (Image);
     //
     // ImageHandle may be invalid after the image is unloaded, so use NULL handle to record perf log.
     //
@@ -1799,7 +1724,7 @@ CoreExit (
     //
     // The image has not been started so just free its resources
     //
-    CoreUnloadAndCloseImage (Image, TRUE);
+    CoreUnloadAndCloseImage (Image);
     Status = EFI_SUCCESS;
     goto Done;
   }
@@ -1901,7 +1826,7 @@ CoreUnloadImage (
     //
     // if the Image was not started or Unloaded O.K. then clean up
     //
-    CoreUnloadAndCloseImage (Image, TRUE);
+    CoreUnloadAndCloseImage (Image);
   }
 
 Done:
-- 
2.31.1


^ permalink raw reply related	[flat|nested] 49+ messages in thread

* [PATCH] MdeModulePkg/DxeCore: Consistent DebugImageInfoTable updates
  2021-08-08 19:39 [PATCH] ArmPkg/DefaultExceptionHandlerLib: Fix DebugImageInfoTable lookup Marvin Häuser
                   ` (4 preceding siblings ...)
  2021-08-08 19:39 ` [PATCH] MdeModulePkg/CoreDxe: Drop caller-allocated image buffers Marvin Häuser
@ 2021-08-08 19:39 ` Marvin Häuser
  2021-08-08 19:39   ` [PATCH] MdeModulePkg/DxeCore: Fix DebugImageInfoTable size report Marvin Häuser
                     ` (6 more replies)
  2021-08-08 19:39 ` [PATCH] MdeModulePkg/DxeCore: Drop unnecessary pointer indirection Marvin Häuser
                   ` (12 subsequent siblings)
  18 siblings, 7 replies; 49+ messages in thread
From: Marvin Häuser @ 2021-08-08 19:39 UTC (permalink / raw)
  To: devel; +Cc: Jian J Wang, Hao A Wu, Dandan Bi, Liming Gao, Vitaly Cheptsov

In theory, modifications to the DebugImageInfoTable may cause
exceptions. If the exception handler parses the table, this can lead
to subsequent exceptions if the table state is inconsistent.

Ensure the DebugImageInfoTable remains consistent during
modifications. This includes:
1) Free the old table only only after the new table has been
published. Mitigates use-after-free of the old table.
2) Do not insert an image entry till it is fully initialised. Entries
may be inserted in the live range if an entry was deleted previously.
Mitigaes the usage of inconsistent entries.
3) Free the old image entry only after the table has been updated
with the NULL value. Mitigates use-after-free of the old entry.
4) Set the MODIFIED state before performing any modifications.

Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
Cc: Dandan Bi <dandan.bi@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Vitaly Cheptsov <vit9696@protonmail.com>
Signed-off-by: Marvin Häuser <mhaeuser@posteo.de>
---
 MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c | 60 +++++++++++---------
 1 file changed, 34 insertions(+), 26 deletions(-)

diff --git a/MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c b/MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c
index a75d4158280b..7bd970115111 100644
--- a/MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c
+++ b/MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c
@@ -165,10 +165,11 @@ CoreNewDebugImageInfoEntry (
   IN  EFI_HANDLE                  ImageHandle
   )
 {
-  EFI_DEBUG_IMAGE_INFO      *Table;
-  EFI_DEBUG_IMAGE_INFO      *NewTable;
-  UINTN                     Index;
-  UINTN                     TableSize;
+  EFI_DEBUG_IMAGE_INFO        *Table;
+  EFI_DEBUG_IMAGE_INFO        *NewTable;
+  UINTN                       Index;
+  UINTN                       TableSize;
+  EFI_DEBUG_IMAGE_INFO_NORMAL *NormalImage;
 
   //
   // Set the flag indicating that we're in the process of updating the table.
@@ -203,14 +204,6 @@ CoreNewDebugImageInfoEntry (
     // Copy the old table into the new one
     //
     CopyMem (NewTable, Table, TableSize);
-    //
-    // Free the old table
-    //
-    CoreFreePool (Table);
-    //
-    // Update the table header
-    //
-    Table = NewTable;
     mDebugInfoTableHeader.EfiDebugImageInfoTable = NewTable;
     //
     // Enlarge the max table entries and set the first empty entry index to
@@ -218,24 +211,34 @@ CoreNewDebugImageInfoEntry (
     //
     Index             = mMaxTableEntries;
     mMaxTableEntries += EFI_PAGE_SIZE / EFI_DEBUG_TABLE_ENTRY_SIZE;
+    //
+    // Free the old table
+    //
+    CoreFreePool (Table);
+    //
+    // Update the table header
+    //
+    Table = NewTable;
   }
 
   //
   // Allocate data for new entry
   //
-  Table[Index].NormalImage = AllocateZeroPool (sizeof (EFI_DEBUG_IMAGE_INFO_NORMAL));
-  if (Table[Index].NormalImage != NULL) {
+  NormalImage = AllocateZeroPool (sizeof (EFI_DEBUG_IMAGE_INFO_NORMAL));
+  if (NormalImage != NULL) {
     //
     // Update the entry
     //
-    Table[Index].NormalImage->ImageInfoType               = (UINT32) ImageInfoType;
-    Table[Index].NormalImage->LoadedImageProtocolInstance = LoadedImage;
-    Table[Index].NormalImage->ImageHandle                 = ImageHandle;
+    NormalImage->ImageInfoType               = (UINT32) ImageInfoType;
+    NormalImage->LoadedImageProtocolInstance = LoadedImage;
+    NormalImage->ImageHandle                 = ImageHandle;
     //
-    // Increase the number of EFI_DEBUG_IMAGE_INFO elements and set the mDebugInfoTable in modified status.
+    // Set the mDebugInfoTable in modified status, insert the entry, and
+    // increase the number of EFI_DEBUG_IMAGE_INFO elements.
     //
-    mDebugInfoTableHeader.TableSize++;
     mDebugInfoTableHeader.UpdateStatus |= EFI_DEBUG_IMAGE_INFO_TABLE_MODIFIED;
+    Table[Index].NormalImage = NormalImage;
+    mDebugInfoTableHeader.TableSize++;
   }
   mDebugInfoTableHeader.UpdateStatus &= ~EFI_DEBUG_IMAGE_INFO_UPDATE_IN_PROGRESS;
 }
@@ -253,8 +256,9 @@ CoreRemoveDebugImageInfoEntry (
   EFI_HANDLE ImageHandle
   )
 {
-  EFI_DEBUG_IMAGE_INFO  *Table;
-  UINTN                 Index;
+  EFI_DEBUG_IMAGE_INFO        *Table;
+  UINTN                       Index;
+  EFI_DEBUG_IMAGE_INFO_NORMAL *NormalImage;
 
   mDebugInfoTableHeader.UpdateStatus |= EFI_DEBUG_IMAGE_INFO_UPDATE_IN_PROGRESS;
 
@@ -263,16 +267,20 @@ CoreRemoveDebugImageInfoEntry (
   for (Index = 0; Index < mMaxTableEntries; Index++) {
     if (Table[Index].NormalImage != NULL && Table[Index].NormalImage->ImageHandle == ImageHandle) {
       //
-      // Found a match. Free up the record, then NULL the pointer to indicate the slot
-      // is free.
+      // Found a match. Set the mDebugInfoTable in modified status and NULL the
+      // pointer to indicate the slot is free and.
       //
-      CoreFreePool (Table[Index].NormalImage);
+      NormalImage = Table[Index].NormalImage;
+      mDebugInfoTableHeader.UpdateStatus |= EFI_DEBUG_IMAGE_INFO_TABLE_MODIFIED;
       Table[Index].NormalImage = NULL;
       //
-      // Decrease the number of EFI_DEBUG_IMAGE_INFO elements and set the mDebugInfoTable in modified status.
+      // Decrease the number of EFI_DEBUG_IMAGE_INFO elements.
       //
       mDebugInfoTableHeader.TableSize--;
-      mDebugInfoTableHeader.UpdateStatus |= EFI_DEBUG_IMAGE_INFO_TABLE_MODIFIED;
+      //
+      // Free up the record.
+      //
+      CoreFreePool (NormalImage);
       break;
     }
   }
-- 
2.31.1


^ permalink raw reply related	[flat|nested] 49+ messages in thread

* [PATCH] MdeModulePkg/DxeCore: Drop unnecessary pointer indirection
  2021-08-08 19:39 [PATCH] ArmPkg/DefaultExceptionHandlerLib: Fix DebugImageInfoTable lookup Marvin Häuser
                   ` (5 preceding siblings ...)
  2021-08-08 19:39 ` [PATCH] MdeModulePkg/DxeCore: Consistent DebugImageInfoTable updates Marvin Häuser
@ 2021-08-08 19:39 ` Marvin Häuser
  2021-08-08 19:39 ` [PATCH] MdeModulePkg/DxeCore: Use the correct source for fixed load address Marvin Häuser
                   ` (11 subsequent siblings)
  18 siblings, 0 replies; 49+ messages in thread
From: Marvin Häuser @ 2021-08-08 19:39 UTC (permalink / raw)
  To: devel; +Cc: Jian J Wang, Hao A Wu, Dandan Bi, Liming Gao, Vitaly Cheptsov

CoreInitializeGcdServices() takes a pointer-to-pointer for the first
HOB. However, it is dereferenced in every operation inside. To
mitigate confusion whether or not it can be re-allocated by the
callee, remove the unnecessary indirection.

Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
Cc: Dandan Bi <dandan.bi@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Vitaly Cheptsov <vit9696@protonmail.com>
Signed-off-by: Marvin Häuser <mhaeuser@posteo.de>
---
 MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c |  2 +-
 MdeModulePkg/Core/Dxe/Gcd/Gcd.c         | 10 +++++-----
 MdeModulePkg/Core/Dxe/DxeMain.h         |  2 +-
 3 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c b/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c
index db21311f9352..1a8f6b57f356 100644
--- a/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c
+++ b/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c
@@ -263,7 +263,7 @@ DxeMain (
   //
   // Initialize Memory Services
   //
-  CoreInitializeMemoryServices (&HobStart, &MemoryBaseAddress, &MemoryLength);
+  CoreInitializeMemoryServices (HobStart, &MemoryBaseAddress, &MemoryLength);
 
   MemoryProfileInit (HobStart);
 
diff --git a/MdeModulePkg/Core/Dxe/Gcd/Gcd.c b/MdeModulePkg/Core/Dxe/Gcd/Gcd.c
index 51b082b7e7eb..af9e9e315819 100644
--- a/MdeModulePkg/Core/Dxe/Gcd/Gcd.c
+++ b/MdeModulePkg/Core/Dxe/Gcd/Gcd.c
@@ -2168,7 +2168,7 @@ FindLargestFreeRegion (
 **/
 EFI_STATUS
 CoreInitializeMemoryServices (
-  IN  VOID                  **HobStart,
+  IN  VOID                  *HobStart,
   OUT EFI_PHYSICAL_ADDRESS  *MemoryBaseAddress,
   OUT UINT64                *MemoryLength
   )
@@ -2194,7 +2194,7 @@ CoreInitializeMemoryServices (
   //
   // Point at the first HOB.  This must be the PHIT HOB.
   //
-  Hob.Raw = *HobStart;
+  Hob.Raw = HobStart;
   ASSERT (GET_HOB_TYPE (Hob) == EFI_HOB_TYPE_HANDOFF);
 
   //
@@ -2248,7 +2248,7 @@ CoreInitializeMemoryServices (
   // Find the Resource Descriptor HOB that contains PHIT range EfiFreeMemoryBottom..EfiFreeMemoryTop
   //
   Found  = FALSE;
-  for (Hob.Raw = *HobStart; !END_OF_HOB_LIST(Hob); Hob.Raw = GET_NEXT_HOB(Hob)) {
+  for (Hob.Raw = HobStart; !END_OF_HOB_LIST(Hob); Hob.Raw = GET_NEXT_HOB(Hob)) {
     //
     // Skip all HOBs except Resource Descriptor HOBs
     //
@@ -2304,7 +2304,7 @@ CoreInitializeMemoryServices (
         // Compute range between the start of the Resource Descriptor HOB and the start of the HOB List
         //
         BaseAddress = PageAlignAddress (ResourceHob->PhysicalStart);
-        Length      = PageAlignLength  ((UINT64)((UINTN)*HobStart - BaseAddress));
+        Length      = PageAlignLength  ((UINT64)((UINTN)HobStart - BaseAddress));
         FindLargestFreeRegion (&BaseAddress, &Length, (EFI_HOB_MEMORY_ALLOCATION *)GetFirstHob (EFI_HOB_TYPE_MEMORY_ALLOCATION));
       }
     }
@@ -2329,7 +2329,7 @@ CoreInitializeMemoryServices (
     // The max address must be within the physically addressible range for the processor.
     //
     HighAddress = MAX_ALLOC_ADDRESS;
-    for (Hob.Raw = *HobStart; !END_OF_HOB_LIST(Hob); Hob.Raw = GET_NEXT_HOB(Hob)) {
+    for (Hob.Raw = HobStart; !END_OF_HOB_LIST(Hob); Hob.Raw = GET_NEXT_HOB(Hob)) {
       //
       // Skip the Resource Descriptor HOB that contains the PHIT
       //
diff --git a/MdeModulePkg/Core/Dxe/DxeMain.h b/MdeModulePkg/Core/Dxe/DxeMain.h
index 9bd3c0d08411..8f268dd2854a 100644
--- a/MdeModulePkg/Core/Dxe/DxeMain.h
+++ b/MdeModulePkg/Core/Dxe/DxeMain.h
@@ -366,7 +366,7 @@ CoreAcquireGcdMemoryLock (
 **/
 EFI_STATUS
 CoreInitializeMemoryServices (
-  IN  VOID                  **HobStart,
+  IN  VOID                  *HobStart,
   OUT EFI_PHYSICAL_ADDRESS  *MemoryBaseAddress,
   OUT UINT64                *MemoryLength
   );
-- 
2.31.1


^ permalink raw reply related	[flat|nested] 49+ messages in thread

* [PATCH] MdeModulePkg/DxeCore: Use the correct source for fixed load address
  2021-08-08 19:39 [PATCH] ArmPkg/DefaultExceptionHandlerLib: Fix DebugImageInfoTable lookup Marvin Häuser
                   ` (6 preceding siblings ...)
  2021-08-08 19:39 ` [PATCH] MdeModulePkg/DxeCore: Drop unnecessary pointer indirection Marvin Häuser
@ 2021-08-08 19:39 ` Marvin Häuser
  2021-08-08 19:39 ` [PATCH] MdeModulePkg/PiSmmCore: Drop deprecated image profiling commands Marvin Häuser
                   ` (10 subsequent siblings)
  18 siblings, 0 replies; 49+ messages in thread
From: Marvin Häuser @ 2021-08-08 19:39 UTC (permalink / raw)
  To: devel; +Cc: Jian J Wang, Hao A Wu, Dandan Bi, Liming Gao, Vitaly Cheptsov

The build tools write the fixed load address into the section header
of the first non-code section. While PeiCore and PiSmmCore correctly
load it from there, DxeCore uses ImageBase from the PE/COFF Optional
Header instead.

Align the behaviour of DxeCore with the other dispatchers.

Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
Cc: Dandan Bi <dandan.bi@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Vitaly Cheptsov <vit9696@protonmail.com>
Signed-off-by: Marvin Häuser <mhaeuser@posteo.de>
---
 MdeModulePkg/Core/Dxe/Image/Image.c | 30 ++++++++++++++------
 1 file changed, 21 insertions(+), 9 deletions(-)

diff --git a/MdeModulePkg/Core/Dxe/Image/Image.c b/MdeModulePkg/Core/Dxe/Image/Image.c
index 641a5715b112..9455c2fa45ad 100644
--- a/MdeModulePkg/Core/Dxe/Image/Image.c
+++ b/MdeModulePkg/Core/Dxe/Image/Image.c
@@ -416,6 +416,7 @@ GetPeCoffImageFixLoadingAssignedAddress(
    EFI_STATUS                         Status;
    EFI_IMAGE_SECTION_HEADER           SectionHeader;
    EFI_IMAGE_OPTIONAL_HEADER_UNION    *ImgHdr;
+   EFI_PHYSICAL_ADDRESS               FixLoadingAddress;
    UINT16                             Index;
    UINTN                              Size;
    UINT16                             NumberOfSections;
@@ -468,24 +469,35 @@ GetPeCoffImageFixLoadingAssignedAddress(
        //
        ValueInSectionHeader = ReadUnaligned64((UINT64*)&SectionHeader.PointerToRelocations);
        if (ValueInSectionHeader != 0) {
-         //
-         // When the feature is configured as load module at fixed absolute address, the ImageAddress field of ImageContext
-         // hold the specified address. If the feature is configured as load module at fixed offset, ImageAddress hold an offset
-         // relative to top address
-         //
-         if ((INT64)PcdGet64(PcdLoadModuleAtFixAddressEnable) < 0) {
-            ImageContext->ImageAddress = gLoadModuleAtFixAddressConfigurationTable.DxeCodeTopAddress + (INT64)(INTN)ImageContext->ImageAddress;
+          if ((INT64)PcdGet64(PcdLoadModuleAtFixAddressEnable) > 0) {
+           //
+           // When LMFA feature is configured as Load Module at Fixed Absolute Address mode, PointerToRelocations & PointerToLineNumbers field
+           // hold the absolute address of image base running in memory
+           //
+           FixLoadingAddress = ValueInSectionHeader;
+         } else {
+           //
+           // When LMFA feature is configured as Load Module at Fixed offset mode, PointerToRelocations & PointerToLineNumbers field
+           // hold the offset relative to a platform-specific top address.
+           //
+           FixLoadingAddress = gLoadModuleAtFixAddressConfigurationTable.DxeCodeTopAddress + ValueInSectionHeader;
          }
          //
          // Check if the memory range is available.
          //
-         Status = CheckAndMarkFixLoadingMemoryUsageBitMap (ImageContext->ImageAddress, (UINTN)(ImageContext->ImageSize + ImageContext->SectionAlignment));
+         Status = CheckAndMarkFixLoadingMemoryUsageBitMap (FixLoadingAddress, (UINTN)(ImageContext->ImageSize + ImageContext->SectionAlignment));
+         if (!EFI_ERROR(Status)) {
+           //
+           // The assigned address is valid. Return the specified loading address
+           //
+           ImageContext->ImageAddress = FixLoadingAddress;
+         }
        }
        break;
      }
      SectionHeaderOffset += sizeof (EFI_IMAGE_SECTION_HEADER);
    }
-   DEBUG ((EFI_D_INFO|EFI_D_LOAD, "LOADING MODULE FIXED INFO: Loading module at fixed address 0x%11p. Status = %r \n", (VOID *)(UINTN)(ImageContext->ImageAddress), Status));
+   DEBUG ((EFI_D_INFO|EFI_D_LOAD, "LOADING MODULE FIXED INFO: Loading module at fixed address 0x%11p. Status = %r \n", (VOID *)(UINTN)FixLoadingAddress, Status));
    return Status;
 }
 
-- 
2.31.1


^ permalink raw reply related	[flat|nested] 49+ messages in thread

* [PATCH] MdeModulePkg/PiSmmCore: Drop deprecated image profiling commands
  2021-08-08 19:39 [PATCH] ArmPkg/DefaultExceptionHandlerLib: Fix DebugImageInfoTable lookup Marvin Häuser
                   ` (7 preceding siblings ...)
  2021-08-08 19:39 ` [PATCH] MdeModulePkg/DxeCore: Use the correct source for fixed load address Marvin Häuser
@ 2021-08-08 19:39 ` Marvin Häuser
  2021-08-09  4:23   ` Ni, Ray
  2021-08-08 19:39 ` [PATCH] MdeModulePkg/PiSmmIpl: Correct fixed load address bounds check Marvin Häuser
                   ` (9 subsequent siblings)
  18 siblings, 1 reply; 49+ messages in thread
From: Marvin Häuser @ 2021-08-08 19:39 UTC (permalink / raw)
  To: devel; +Cc: Jian J Wang, Hao A Wu, Eric Dong, Ray Ni, Vitaly Cheptsov

The legacy codebase allowed SMM images to be registered for profiling
from DXE. Support for this has been dropped entirely, so remove the
remaining handlers.

Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
Cc: Eric Dong <eric.dong@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Vitaly Cheptsov <vit9696@protonmail.com>
Signed-off-by: Marvin Häuser <mhaeuser@posteo.de>
---
 MdeModulePkg/Core/PiSmmCore/SmramProfileRecord.c | 80 --------------------
 MdeModulePkg/Include/Guid/MemoryProfile.h        |  5 --
 2 files changed, 85 deletions(-)

diff --git a/MdeModulePkg/Core/PiSmmCore/SmramProfileRecord.c b/MdeModulePkg/Core/PiSmmCore/SmramProfileRecord.c
index 1b302c810cc9..7316df7531fd 100644
--- a/MdeModulePkg/Core/PiSmmCore/SmramProfileRecord.c
+++ b/MdeModulePkg/Core/PiSmmCore/SmramProfileRecord.c
@@ -2232,64 +2232,6 @@ Done:
   mSmramProfileGettingStatus = SmramProfileGettingStatus;
 }
 
-/**
-  SMRAM profile handler to register SMM image.
-
-  @param SmramProfileParameterRegisterImage The parameter of SMM profile register image.
-
-**/
-VOID
-SmramProfileHandlerRegisterImage (
-  IN SMRAM_PROFILE_PARAMETER_REGISTER_IMAGE *SmramProfileParameterRegisterImage
-  )
-{
-  EFI_STATUS                        Status;
-  EFI_SMM_DRIVER_ENTRY              DriverEntry;
-  VOID                              *EntryPointInImage;
-
-  ZeroMem (&DriverEntry, sizeof (DriverEntry));
-  CopyMem (&DriverEntry.FileName, &SmramProfileParameterRegisterImage->FileName, sizeof(EFI_GUID));
-  DriverEntry.ImageBuffer = SmramProfileParameterRegisterImage->ImageBuffer;
-  DriverEntry.NumberOfPage = (UINTN) SmramProfileParameterRegisterImage->NumberOfPage;
-  Status = InternalPeCoffGetEntryPoint ((VOID *) (UINTN) DriverEntry.ImageBuffer, &EntryPointInImage);
-  ASSERT_EFI_ERROR (Status);
-  DriverEntry.ImageEntryPoint = (PHYSICAL_ADDRESS) (UINTN) EntryPointInImage;
-
-  Status = RegisterSmramProfileImage (&DriverEntry, FALSE);
-  if (!EFI_ERROR (Status)) {
-    SmramProfileParameterRegisterImage->Header.ReturnStatus = 0;
-  }
-}
-
-/**
-  SMRAM profile handler to unregister SMM image.
-
-  @param SmramProfileParameterUnregisterImage The parameter of SMM profile unregister image.
-
-**/
-VOID
-SmramProfileHandlerUnregisterImage (
-  IN SMRAM_PROFILE_PARAMETER_UNREGISTER_IMAGE *SmramProfileParameterUnregisterImage
-  )
-{
-  EFI_STATUS                        Status;
-  EFI_SMM_DRIVER_ENTRY              DriverEntry;
-  VOID                              *EntryPointInImage;
-
-  ZeroMem (&DriverEntry, sizeof (DriverEntry));
-  CopyMem (&DriverEntry.FileName, &SmramProfileParameterUnregisterImage->FileName, sizeof (EFI_GUID));
-  DriverEntry.ImageBuffer = SmramProfileParameterUnregisterImage->ImageBuffer;
-  DriverEntry.NumberOfPage = (UINTN) SmramProfileParameterUnregisterImage->NumberOfPage;
-  Status = InternalPeCoffGetEntryPoint ((VOID *) (UINTN) DriverEntry.ImageBuffer, &EntryPointInImage);
-  ASSERT_EFI_ERROR (Status);
-  DriverEntry.ImageEntryPoint = (PHYSICAL_ADDRESS) (UINTN) EntryPointInImage;
-
-  Status = UnregisterSmramProfileImage (&DriverEntry, FALSE);
-  if (!EFI_ERROR (Status)) {
-    SmramProfileParameterUnregisterImage->Header.ReturnStatus = 0;
-  }
-}
-
 /**
   Dispatch function for a Software SMI handler.
 
@@ -2374,28 +2316,6 @@ SmramProfileHandler (
     }
     SmramProfileHandlerGetDataByOffset ((SMRAM_PROFILE_PARAMETER_GET_PROFILE_DATA_BY_OFFSET *) (UINTN) CommBuffer);
     break;
-  case SMRAM_PROFILE_COMMAND_REGISTER_IMAGE:
-    DEBUG ((EFI_D_ERROR, "SmramProfileHandlerRegisterImage\n"));
-    if (TempCommBufferSize != sizeof (SMRAM_PROFILE_PARAMETER_REGISTER_IMAGE)) {
-      DEBUG ((EFI_D_ERROR, "SmramProfileHandler: SMM communication buffer size invalid!\n"));
-      return EFI_SUCCESS;
-    }
-    if (mSmramReadyToLock) {
-      return EFI_SUCCESS;
-    }
-    SmramProfileHandlerRegisterImage ((SMRAM_PROFILE_PARAMETER_REGISTER_IMAGE *) (UINTN) CommBuffer);
-    break;
-  case SMRAM_PROFILE_COMMAND_UNREGISTER_IMAGE:
-    DEBUG ((EFI_D_ERROR, "SmramProfileHandlerUnregisterImage\n"));
-    if (TempCommBufferSize != sizeof (SMRAM_PROFILE_PARAMETER_UNREGISTER_IMAGE)) {
-      DEBUG ((EFI_D_ERROR, "SmramProfileHandler: SMM communication buffer size invalid!\n"));
-      return EFI_SUCCESS;
-    }
-    if (mSmramReadyToLock) {
-      return EFI_SUCCESS;
-    }
-    SmramProfileHandlerUnregisterImage ((SMRAM_PROFILE_PARAMETER_UNREGISTER_IMAGE *) (UINTN) CommBuffer);
-    break;
   case SMRAM_PROFILE_COMMAND_GET_RECORDING_STATE:
     DEBUG ((EFI_D_ERROR, "SmramProfileHandlerGetRecordingState\n"));
     if (TempCommBufferSize != sizeof (SMRAM_PROFILE_PARAMETER_RECORDING_STATE)) {
diff --git a/MdeModulePkg/Include/Guid/MemoryProfile.h b/MdeModulePkg/Include/Guid/MemoryProfile.h
index eee3b9125240..92cd1e7cf493 100644
--- a/MdeModulePkg/Include/Guid/MemoryProfile.h
+++ b/MdeModulePkg/Include/Guid/MemoryProfile.h
@@ -388,11 +388,6 @@ struct _EDKII_MEMORY_PROFILE_PROTOCOL {
 //
 #define SMRAM_PROFILE_COMMAND_GET_PROFILE_INFO           0x1
 #define SMRAM_PROFILE_COMMAND_GET_PROFILE_DATA           0x2
-//
-// Below 2 commands are now used by ECP only and only valid before SmmReadyToLock
-//
-#define SMRAM_PROFILE_COMMAND_REGISTER_IMAGE             0x3
-#define SMRAM_PROFILE_COMMAND_UNREGISTER_IMAGE           0x4
 
 #define SMRAM_PROFILE_COMMAND_GET_PROFILE_DATA_BY_OFFSET 0x5
 #define SMRAM_PROFILE_COMMAND_GET_RECORDING_STATE        0x6
-- 
2.31.1


^ permalink raw reply related	[flat|nested] 49+ messages in thread

* [PATCH] MdeModulePkg/PiSmmIpl: Correct fixed load address bounds check
  2021-08-08 19:39 [PATCH] ArmPkg/DefaultExceptionHandlerLib: Fix DebugImageInfoTable lookup Marvin Häuser
                   ` (8 preceding siblings ...)
  2021-08-08 19:39 ` [PATCH] MdeModulePkg/PiSmmCore: Drop deprecated image profiling commands Marvin Häuser
@ 2021-08-08 19:39 ` Marvin Häuser
  2021-08-08 19:39 ` [PATCH] MdePkg/Base.h: Introduce various alignment-related macros Marvin Häuser
                   ` (8 subsequent siblings)
  18 siblings, 0 replies; 49+ messages in thread
From: Marvin Häuser @ 2021-08-08 19:39 UTC (permalink / raw)
  To: devel; +Cc: Jian J Wang, Hao A Wu, Eric Dong, Ray Ni, Vitaly Cheptsov

The current code only checks whether PiSmmCore's fixed loading
address, but not its entire memory range, is in bounds of the
reserved area. Furthermore, it does not consider the module's fixed
loading address, which is relative to the reserved area, could
wraparound when added to the base address.

Fix both issues by performing sufficient bounds checks in a way that
is free from wraparounds.

Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
Cc: Eric Dong <eric.dong@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Vitaly Cheptsov <vit9696@protonmail.com>
Signed-off-by: Marvin Häuser <mhaeuser@posteo.de>
---
 MdeModulePkg/Core/PiSmmCore/PiSmmIpl.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/MdeModulePkg/Core/PiSmmCore/PiSmmIpl.c b/MdeModulePkg/Core/PiSmmCore/PiSmmIpl.c
index 599a0cd01d80..259cd0bb8924 100644
--- a/MdeModulePkg/Core/PiSmmCore/PiSmmIpl.c
+++ b/MdeModulePkg/Core/PiSmmCore/PiSmmIpl.c
@@ -979,7 +979,8 @@ GetPeCoffImageFixLoadingAssignedAddress(
          //
          FixLoadingAddress = (EFI_PHYSICAL_ADDRESS)(SmramBase + (INT64)ValueInSectionHeader);
 
-         if (SmramBase + SmmCodeSize > FixLoadingAddress && SmramBase <=  FixLoadingAddress) {
+         if (ValueInSectionHeader < SmmCodeSize
+          && (UINTN)(ImageContext->ImageSize + ImageContext->SectionAlignment) <= SmmCodeSize - ValueInSectionHeader) {
            //
            // The assigned address is valid. Return the specified loading address
            //
-- 
2.31.1


^ permalink raw reply related	[flat|nested] 49+ messages in thread

* [PATCH] MdePkg/Base.h: Introduce various alignment-related macros
  2021-08-08 19:39 [PATCH] ArmPkg/DefaultExceptionHandlerLib: Fix DebugImageInfoTable lookup Marvin Häuser
                   ` (9 preceding siblings ...)
  2021-08-08 19:39 ` [PATCH] MdeModulePkg/PiSmmIpl: Correct fixed load address bounds check Marvin Häuser
@ 2021-08-08 19:39 ` Marvin Häuser
  2021-08-13  7:27   ` Wu, Hao A
  2021-08-08 19:39 ` [PATCH] MdePkg/BaseLib: Fix unaligned API prototypes Marvin Häuser
                   ` (7 subsequent siblings)
  18 siblings, 1 reply; 49+ messages in thread
From: Marvin Häuser @ 2021-08-08 19:39 UTC (permalink / raw)
  To: devel
  Cc: Michael D Kinney, Liming Gao, Zhiguang Liu, Jian J Wang, Hao A Wu,
	Ray Ni, Vitaly Cheptsov

ALIGNOF: Determining the alignment requirement of data types is
crucial to ensure safe memory accesses when parsing untrusted data.

IS_POW2: Determining whether a value is a power of two is important
to verify whether untrusted values are valid alignment values.

IS_ALIGNED: In combination with ALIGNOF data offsets can be verified.
A more general version of IS_ALIGNED defined by several modules.

ADDRESS_IS_ALIGNED: Variant of IS_ALIGNED for pointers and addresses.
Replaces module-specific definitions throughout the codebase.

ALIGN_VALUE_ADDEND: The added to align up can be used to directly
determine the required offset for data alignment.

Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Zhiguang Liu <zhiguang.liu@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Vitaly Cheptsov <vit9696@protonmail.com>
Signed-off-by: Marvin Häuser <mhaeuser@posteo.de>
---
 MdeModulePkg/Bus/Ata/AhciPei/AhciMode.c                  |  2 +-
 MdeModulePkg/Bus/Ata/AhciPei/AhciPeiPassThru.c           |  6 +-
 MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.c | 12 +--
 MdeModulePkg/Bus/Ata/AtaBusDxe/AtaPassThruExecute.c      |  2 +-
 MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDisk.c             |  4 +-
 MdeModulePkg/Bus/Ufs/UfsPassThruDxe/UfsPassThru.c        |  6 +-
 MdeModulePkg/Universal/EbcDxe/EbcExecute.c               | 36 ++++----
 MdeModulePkg/Bus/Ata/AhciPei/AhciPei.h                   |  1 -
 MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.h |  2 -
 MdeModulePkg/Bus/Ata/AtaBusDxe/AtaBus.h                  |  1 -
 MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDisk.h             |  4 +-
 MdeModulePkg/Bus/Ufs/UfsBlockIoPei/UfsBlockIoPei.h       |  2 -
 MdeModulePkg/Bus/Ufs/UfsPassThruDxe/UfsPassThru.h        |  2 -
 MdeModulePkg/Universal/EbcDxe/EbcExecute.h               |  3 +-
 MdePkg/Include/Base.h                                    | 90 +++++++++++++++++++-
 15 files changed, 125 insertions(+), 48 deletions(-)

diff --git a/MdeModulePkg/Bus/Ata/AhciPei/AhciMode.c b/MdeModulePkg/Bus/Ata/AhciPei/AhciMode.c
index 7636ad27c86c..520197aee752 100644
--- a/MdeModulePkg/Bus/Ata/AhciPei/AhciMode.c
+++ b/MdeModulePkg/Bus/Ata/AhciPei/AhciMode.c
@@ -2099,7 +2099,7 @@ TrustTransferAtaDevice (
     // ATA PassThru PPI.
     //
     if ((AtaPassThru->Mode->IoAlign > 1) &&
-        !IS_ALIGNED (Buffer, AtaPassThru->Mode->IoAlign)) {
+        !ADDRESS_IS_ALIGNED (Buffer, AtaPassThru->Mode->IoAlign)) {
       NewBuffer = AllocateAlignedPages (
                     EFI_SIZE_TO_PAGES (TransferLength),
                     AtaPassThru->Mode->IoAlign
diff --git a/MdeModulePkg/Bus/Ata/AhciPei/AhciPeiPassThru.c b/MdeModulePkg/Bus/Ata/AhciPei/AhciPeiPassThru.c
index 191b78c88541..057ad42d596b 100644
--- a/MdeModulePkg/Bus/Ata/AhciPei/AhciPeiPassThru.c
+++ b/MdeModulePkg/Bus/Ata/AhciPei/AhciPeiPassThru.c
@@ -193,15 +193,15 @@ AhciAtaPassThruPassThru (
   }
 
   IoAlign = This->Mode->IoAlign;
-  if ((IoAlign > 1) && !IS_ALIGNED (Packet->InDataBuffer, IoAlign)) {
+  if ((IoAlign > 1) && !ADDRESS_IS_ALIGNED (Packet->InDataBuffer, IoAlign)) {
     return EFI_INVALID_PARAMETER;
   }
 
-  if ((IoAlign > 1) && !IS_ALIGNED (Packet->OutDataBuffer, IoAlign)) {
+  if ((IoAlign > 1) && !ADDRESS_IS_ALIGNED (Packet->OutDataBuffer, IoAlign)) {
     return EFI_INVALID_PARAMETER;
   }
 
-  if ((IoAlign > 1) && !IS_ALIGNED (Packet->Asb, IoAlign)) {
+  if ((IoAlign > 1) && !ADDRESS_IS_ALIGNED (Packet->Asb, IoAlign)) {
     return EFI_INVALID_PARAMETER;
   }
 
diff --git a/MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.c b/MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.c
index 86fe9d954fdb..c7b3cfce1340 100644
--- a/MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.c
+++ b/MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.c
@@ -1281,15 +1281,15 @@ AtaPassThruPassThru (
 
   Instance = ATA_PASS_THRU_PRIVATE_DATA_FROM_THIS (This);
 
-  if ((This->Mode->IoAlign > 1) && !IS_ALIGNED(Packet->InDataBuffer, This->Mode->IoAlign)) {
+  if ((This->Mode->IoAlign > 1) && !ADDRESS_IS_ALIGNED(Packet->InDataBuffer, This->Mode->IoAlign)) {
     return EFI_INVALID_PARAMETER;
   }
 
-  if ((This->Mode->IoAlign > 1) && !IS_ALIGNED(Packet->OutDataBuffer, This->Mode->IoAlign)) {
+  if ((This->Mode->IoAlign > 1) && !ADDRESS_IS_ALIGNED(Packet->OutDataBuffer, This->Mode->IoAlign)) {
     return EFI_INVALID_PARAMETER;
   }
 
-  if ((This->Mode->IoAlign > 1) && !IS_ALIGNED(Packet->Asb, This->Mode->IoAlign)) {
+  if ((This->Mode->IoAlign > 1) && !ADDRESS_IS_ALIGNED(Packet->Asb, This->Mode->IoAlign)) {
     return EFI_INVALID_PARAMETER;
   }
 
@@ -2012,15 +2012,15 @@ ExtScsiPassThruPassThru (
     return EFI_INVALID_PARAMETER;
   }
 
-  if ((This->Mode->IoAlign > 1) && !IS_ALIGNED(Packet->InDataBuffer, This->Mode->IoAlign)) {
+  if ((This->Mode->IoAlign > 1) && !ADDRESS_IS_ALIGNED(Packet->InDataBuffer, This->Mode->IoAlign)) {
     return EFI_INVALID_PARAMETER;
   }
 
-  if ((This->Mode->IoAlign > 1) && !IS_ALIGNED(Packet->OutDataBuffer, This->Mode->IoAlign)) {
+  if ((This->Mode->IoAlign > 1) && !ADDRESS_IS_ALIGNED(Packet->OutDataBuffer, This->Mode->IoAlign)) {
     return EFI_INVALID_PARAMETER;
   }
 
-  if ((This->Mode->IoAlign > 1) && !IS_ALIGNED(Packet->SenseData, This->Mode->IoAlign)) {
+  if ((This->Mode->IoAlign > 1) && !ADDRESS_IS_ALIGNED(Packet->SenseData, This->Mode->IoAlign)) {
     return EFI_INVALID_PARAMETER;
   }
 
diff --git a/MdeModulePkg/Bus/Ata/AtaBusDxe/AtaPassThruExecute.c b/MdeModulePkg/Bus/Ata/AtaBusDxe/AtaPassThruExecute.c
index 79026a4a957d..eabab8ac5bc5 100644
--- a/MdeModulePkg/Bus/Ata/AtaBusDxe/AtaPassThruExecute.c
+++ b/MdeModulePkg/Bus/Ata/AtaBusDxe/AtaPassThruExecute.c
@@ -1036,7 +1036,7 @@ TrustTransferAtaDevice (
     // Check the alignment of the incoming buffer prior to invoking underlying ATA PassThru
     //
     AtaPassThru = AtaDevice->AtaBusDriverData->AtaPassThru;
-    if ((AtaPassThru->Mode->IoAlign > 1) && !IS_ALIGNED (Buffer, AtaPassThru->Mode->IoAlign)) {
+    if ((AtaPassThru->Mode->IoAlign > 1) && !ADDRESS_IS_ALIGNED (Buffer, AtaPassThru->Mode->IoAlign)) {
       NewBuffer = AllocateAlignedBuffer (AtaDevice, TransferLength);
       if (NewBuffer == NULL) {
         return EFI_OUT_OF_RESOURCES;
diff --git a/MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDisk.c b/MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDisk.c
index c80e78fa8a6b..81db2efd0599 100644
--- a/MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDisk.c
+++ b/MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDisk.c
@@ -1956,7 +1956,7 @@ ScsiDiskReceiveData (
       goto Done;
     }
 
-    if ((ScsiDiskDevice->ScsiIo->IoAlign > 1) && !IS_ALIGNED (PayloadBuffer, ScsiDiskDevice->ScsiIo->IoAlign)) {
+    if ((ScsiDiskDevice->ScsiIo->IoAlign > 1) && !ADDRESS_IS_ALIGNED (PayloadBuffer, ScsiDiskDevice->ScsiIo->IoAlign)) {
       AlignedBuffer = AllocateAlignedBuffer (ScsiDiskDevice, PayloadBufferSize);
       if (AlignedBuffer == NULL) {
         Status = EFI_OUT_OF_RESOURCES;
@@ -2171,7 +2171,7 @@ ScsiDiskSendData (
       goto Done;
     }
 
-    if ((ScsiDiskDevice->ScsiIo->IoAlign > 1) && !IS_ALIGNED (PayloadBuffer, ScsiDiskDevice->ScsiIo->IoAlign)) {
+    if ((ScsiDiskDevice->ScsiIo->IoAlign > 1) && !ADDRESS_IS_ALIGNED (PayloadBuffer, ScsiDiskDevice->ScsiIo->IoAlign)) {
       AlignedBuffer = AllocateAlignedBuffer (ScsiDiskDevice, PayloadBufferSize);
       if (AlignedBuffer == NULL) {
         Status = EFI_OUT_OF_RESOURCES;
diff --git a/MdeModulePkg/Bus/Ufs/UfsPassThruDxe/UfsPassThru.c b/MdeModulePkg/Bus/Ufs/UfsPassThruDxe/UfsPassThru.c
index 92ff958f161e..c4d01a20fcbe 100644
--- a/MdeModulePkg/Bus/Ufs/UfsPassThruDxe/UfsPassThru.c
+++ b/MdeModulePkg/Bus/Ufs/UfsPassThruDxe/UfsPassThru.c
@@ -170,15 +170,15 @@ UfsPassThruPassThru (
     return EFI_INVALID_PARAMETER;
   }
 
-  if ((This->Mode->IoAlign > 1) && !IS_ALIGNED(Packet->InDataBuffer, This->Mode->IoAlign)) {
+  if ((This->Mode->IoAlign > 1) && !ADDRESS_IS_ALIGNED(Packet->InDataBuffer, This->Mode->IoAlign)) {
     return EFI_INVALID_PARAMETER;
   }
 
-  if ((This->Mode->IoAlign > 1) && !IS_ALIGNED(Packet->OutDataBuffer, This->Mode->IoAlign)) {
+  if ((This->Mode->IoAlign > 1) && !ADDRESS_IS_ALIGNED(Packet->OutDataBuffer, This->Mode->IoAlign)) {
     return EFI_INVALID_PARAMETER;
   }
 
-  if ((This->Mode->IoAlign > 1) && !IS_ALIGNED(Packet->SenseData, This->Mode->IoAlign)) {
+  if ((This->Mode->IoAlign > 1) && !ADDRESS_IS_ALIGNED(Packet->SenseData, This->Mode->IoAlign)) {
     return EFI_INVALID_PARAMETER;
   }
 
diff --git a/MdeModulePkg/Universal/EbcDxe/EbcExecute.c b/MdeModulePkg/Universal/EbcDxe/EbcExecute.c
index 1c4a4f5155c9..ba66f441bcea 100644
--- a/MdeModulePkg/Universal/EbcDxe/EbcExecute.c
+++ b/MdeModulePkg/Universal/EbcDxe/EbcExecute.c
@@ -2004,7 +2004,7 @@ ExecuteJMP (
     // check for alignment, and jump absolute.
     //
     Data64 = (UINT64) VmReadImmed64 (VmPtr, 2);
-    if (!IS_ALIGNED ((UINTN) Data64, sizeof (UINT16))) {
+    if (!ADDRESS_IS_ALIGNED ((UINTN) Data64, sizeof (UINT16))) {
       EbcDebugSignalException (
         EXCEPT_EBC_ALIGNMENT_CHECK,
         EXCEPTION_FLAG_FATAL,
@@ -2059,7 +2059,7 @@ ExecuteJMP (
     // Form: JMP32 @Rx {Index32}
     //
     Addr = VmReadMemN (VmPtr, (UINTN) Data64 + Index32);
-    if (!IS_ALIGNED ((UINTN) Addr, sizeof (UINT16))) {
+    if (!ADDRESS_IS_ALIGNED ((UINTN) Addr, sizeof (UINT16))) {
       EbcDebugSignalException (
         EXCEPT_EBC_ALIGNMENT_CHECK,
         EXCEPTION_FLAG_FATAL,
@@ -2082,7 +2082,7 @@ ExecuteJMP (
     // Form: JMP32 Rx {Immed32}
     //
     Addr = (UINTN) (Data64 + Index32);
-    if (!IS_ALIGNED ((UINTN) Addr, sizeof (UINT16))) {
+    if (!ADDRESS_IS_ALIGNED ((UINTN) Addr, sizeof (UINT16))) {
       EbcDebugSignalException (
         EXCEPT_EBC_ALIGNMENT_CHECK,
         EXCEPTION_FLAG_FATAL,
@@ -3128,7 +3128,7 @@ ExecuteRET (
     // Pull the return address off the VM app's stack and set the IP
     // to it
     //
-    if (!IS_ALIGNED ((UINTN) VmPtr->Gpr[0], sizeof (UINT16))) {
+    if (!ADDRESS_IS_ALIGNED ((UINTN) VmPtr->Gpr[0], sizeof (UINT16))) {
       EbcDebugSignalException (
         EXCEPT_EBC_ALIGNMENT_CHECK,
         EXCEPTION_FLAG_FATAL,
@@ -4693,7 +4693,7 @@ VmWriteMem16 (
   //
   // Do a simple write if aligned
   //
-  if (IS_ALIGNED (Addr, sizeof (UINT16))) {
+  if (ADDRESS_IS_ALIGNED (Addr, sizeof (UINT16))) {
     *(UINT16 *) Addr = Data;
   } else {
     //
@@ -4756,7 +4756,7 @@ VmWriteMem32 (
   //
   // Do a simple write if aligned
   //
-  if (IS_ALIGNED (Addr, sizeof (UINT32))) {
+  if (ADDRESS_IS_ALIGNED (Addr, sizeof (UINT32))) {
     *(UINT32 *) Addr = Data;
   } else {
     //
@@ -4819,7 +4819,7 @@ VmWriteMem64 (
   //
   // Do a simple write if aligned
   //
-  if (IS_ALIGNED (Addr, sizeof (UINT64))) {
+  if (ADDRESS_IS_ALIGNED (Addr, sizeof (UINT64))) {
     *(UINT64 *) Addr = Data;
   } else {
     //
@@ -4885,7 +4885,7 @@ VmWriteMemN (
   //
   // Do a simple write if aligned
   //
-  if (IS_ALIGNED (Addr, sizeof (UINTN))) {
+  if (ADDRESS_IS_ALIGNED (Addr, sizeof (UINTN))) {
     *(UINTN *) Addr = Data;
   } else {
     for (Index = 0; Index < sizeof (UINTN) / sizeof (UINT32); Index++) {
@@ -4949,7 +4949,7 @@ VmReadImmed16 (
   //
   // Read direct if aligned
   //
-  if (IS_ALIGNED ((UINTN) VmPtr->Ip + Offset, sizeof (INT16))) {
+  if (ADDRESS_IS_ALIGNED ((UINTN) VmPtr->Ip + Offset, sizeof (INT16))) {
     return * (INT16 *) (VmPtr->Ip + Offset);
   } else {
     //
@@ -4993,7 +4993,7 @@ VmReadImmed32 (
   //
   // Read direct if aligned
   //
-  if (IS_ALIGNED ((UINTN) VmPtr->Ip + Offset, sizeof (UINT32))) {
+  if (ADDRESS_IS_ALIGNED ((UINTN) VmPtr->Ip + Offset, sizeof (UINT32))) {
     return * (INT32 *) (VmPtr->Ip + Offset);
   }
   //
@@ -5032,7 +5032,7 @@ VmReadImmed64 (
   //
   // Read direct if aligned
   //
-  if (IS_ALIGNED ((UINTN) VmPtr->Ip + Offset, sizeof (UINT64))) {
+  if (ADDRESS_IS_ALIGNED ((UINTN) VmPtr->Ip + Offset, sizeof (UINT64))) {
     return * (UINT64 *) (VmPtr->Ip + Offset);
   }
   //
@@ -5069,7 +5069,7 @@ VmReadCode16 (
   //
   // Read direct if aligned
   //
-  if (IS_ALIGNED ((UINTN) VmPtr->Ip + Offset, sizeof (UINT16))) {
+  if (ADDRESS_IS_ALIGNED ((UINTN) VmPtr->Ip + Offset, sizeof (UINT16))) {
     return * (UINT16 *) (VmPtr->Ip + Offset);
   } else {
     //
@@ -5110,7 +5110,7 @@ VmReadCode32 (
   //
   // Read direct if aligned
   //
-  if (IS_ALIGNED ((UINTN) VmPtr->Ip + Offset, sizeof (UINT32))) {
+  if (ADDRESS_IS_ALIGNED ((UINTN) VmPtr->Ip + Offset, sizeof (UINT32))) {
     return * (UINT32 *) (VmPtr->Ip + Offset);
   }
   //
@@ -5147,7 +5147,7 @@ VmReadCode64 (
   //
   // Read direct if aligned
   //
-  if (IS_ALIGNED ((UINTN) VmPtr->Ip + Offset, sizeof (UINT64))) {
+  if (ADDRESS_IS_ALIGNED ((UINTN) VmPtr->Ip + Offset, sizeof (UINT64))) {
     return * (UINT64 *) (VmPtr->Ip + Offset);
   }
   //
@@ -5210,7 +5210,7 @@ VmReadMem16 (
   //
   // Read direct if aligned
   //
-  if (IS_ALIGNED (Addr, sizeof (UINT16))) {
+  if (ADDRESS_IS_ALIGNED (Addr, sizeof (UINT16))) {
     return * (UINT16 *) Addr;
   }
   //
@@ -5243,7 +5243,7 @@ VmReadMem32 (
   //
   // Read direct if aligned
   //
-  if (IS_ALIGNED (Addr, sizeof (UINT32))) {
+  if (ADDRESS_IS_ALIGNED (Addr, sizeof (UINT32))) {
     return * (UINT32 *) Addr;
   }
   //
@@ -5280,7 +5280,7 @@ VmReadMem64 (
   //
   // Read direct if aligned
   //
-  if (IS_ALIGNED (Addr, sizeof (UINT64))) {
+  if (ADDRESS_IS_ALIGNED (Addr, sizeof (UINT64))) {
     return * (UINT64 *) Addr;
   }
   //
@@ -5349,7 +5349,7 @@ VmReadMemN (
   //
   // Read direct if aligned
   //
-  if (IS_ALIGNED (Addr, sizeof (UINTN))) {
+  if (ADDRESS_IS_ALIGNED (Addr, sizeof (UINTN))) {
     return * (UINTN *) Addr;
   }
   //
diff --git a/MdeModulePkg/Bus/Ata/AhciPei/AhciPei.h b/MdeModulePkg/Bus/Ata/AhciPei/AhciPei.h
index 2be78076bee7..59bb9e5d0bca 100644
--- a/MdeModulePkg/Bus/Ata/AhciPei/AhciPei.h
+++ b/MdeModulePkg/Bus/Ata/AhciPei/AhciPei.h
@@ -145,7 +145,6 @@ typedef union {
 #define AHCI_PORT_SERR                         0x0030
 #define AHCI_PORT_CI                           0x0038
 
-#define IS_ALIGNED(addr, size)                 (((UINTN) (addr) & (size - 1)) == 0)
 #define TIMER_PERIOD_SECONDS(Seconds)          MultU64x32((UINT64)(Seconds), 10000000)
 
 #pragma pack(1)
diff --git a/MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.h b/MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.h
index 5f582b9b3e76..99bbf7d14a17 100644
--- a/MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.h
+++ b/MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.h
@@ -147,8 +147,6 @@ struct _ATA_NONBLOCK_TASK {
 #define ATA_ATAPI_TIMEOUT           EFI_TIMER_PERIOD_SECONDS(3)
 #define ATA_SPINUP_TIMEOUT          EFI_TIMER_PERIOD_SECONDS(10)
 
-#define IS_ALIGNED(addr, size)      (((UINTN) (addr) & (size - 1)) == 0)
-
 #define ATA_PASS_THRU_PRIVATE_DATA_FROM_THIS(a) \
   CR (a, \
       ATA_ATAPI_PASS_THRU_INSTANCE, \
diff --git a/MdeModulePkg/Bus/Ata/AtaBusDxe/AtaBus.h b/MdeModulePkg/Bus/Ata/AtaBusDxe/AtaBus.h
index a5a865209942..172d2d61ea6c 100644
--- a/MdeModulePkg/Bus/Ata/AtaBusDxe/AtaBus.h
+++ b/MdeModulePkg/Bus/Ata/AtaBusDxe/AtaBus.h
@@ -76,7 +76,6 @@
 #define ATA_TASK_SIGNATURE                SIGNATURE_32 ('A', 'T', 'S', 'K')
 #define ATA_DEVICE_SIGNATURE              SIGNATURE_32 ('A', 'B', 'I', 'D')
 #define ATA_SUB_TASK_SIGNATURE            SIGNATURE_32 ('A', 'S', 'T', 'S')
-#define IS_ALIGNED(addr, size)            (((UINTN) (addr) & (size - 1)) == 0)
 
 //
 // ATA bus data structure for ATA controller
diff --git a/MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDisk.h b/MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDisk.h
index ed9bbd6f8ba8..86ad27b3292f 100644
--- a/MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDisk.h
+++ b/MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDisk.h
@@ -37,9 +37,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 #include <IndustryStandard/Scsi.h>
 #include <IndustryStandard/Atapi.h>
 
-#define IS_DEVICE_FIXED(a)        (a)->FixedDevice ? 1 : 0
-
-#define IS_ALIGNED(addr, size)    (((UINTN) (addr) & (size - 1)) == 0)
+#define IS_DEVICE_FIXED(a)          (a)->FixedDevice ? 1 : 0
 
 #define UFS_WLUN_RPMB 0xC4
 
diff --git a/MdeModulePkg/Bus/Ufs/UfsBlockIoPei/UfsBlockIoPei.h b/MdeModulePkg/Bus/Ufs/UfsBlockIoPei/UfsBlockIoPei.h
index 6e2305aa2bc2..7306106a4454 100644
--- a/MdeModulePkg/Bus/Ufs/UfsBlockIoPei/UfsBlockIoPei.h
+++ b/MdeModulePkg/Bus/Ufs/UfsBlockIoPei/UfsBlockIoPei.h
@@ -133,8 +133,6 @@ typedef struct _UFS_PEIM_HC_PRIVATE_DATA {
 
 #define ROUNDUP8(x) (((x) % 8 == 0) ? (x) : ((x) / 8 + 1) * 8)
 
-#define IS_ALIGNED(addr, size)      (((UINTN) (addr) & (size - 1)) == 0)
-
 #define GET_UFS_PEIM_HC_PRIVATE_DATA_FROM_THIS(a) CR (a, UFS_PEIM_HC_PRIVATE_DATA, BlkIoPpi, UFS_PEIM_HC_SIG)
 #define GET_UFS_PEIM_HC_PRIVATE_DATA_FROM_THIS2(a) CR (a, UFS_PEIM_HC_PRIVATE_DATA, BlkIo2Ppi, UFS_PEIM_HC_SIG)
 #define GET_UFS_PEIM_HC_PRIVATE_DATA_FROM_THIS_NOTIFY(a) CR (a, UFS_PEIM_HC_PRIVATE_DATA, EndOfPeiNotifyList, UFS_PEIM_HC_SIG)
diff --git a/MdeModulePkg/Bus/Ufs/UfsPassThruDxe/UfsPassThru.h b/MdeModulePkg/Bus/Ufs/UfsPassThruDxe/UfsPassThru.h
index 79b86f7e6b3d..11b5b197b67a 100644
--- a/MdeModulePkg/Bus/Ufs/UfsPassThruDxe/UfsPassThru.h
+++ b/MdeModulePkg/Bus/Ufs/UfsPassThruDxe/UfsPassThru.h
@@ -105,8 +105,6 @@ typedef struct {
 
 #define ROUNDUP8(x) (((x) % 8 == 0) ? (x) : ((x) / 8 + 1) * 8)
 
-#define IS_ALIGNED(addr, size)        (((UINTN) (addr) & (size - 1)) == 0)
-
 #define UFS_PASS_THRU_PRIVATE_DATA_FROM_THIS(a) \
   CR (a, \
       UFS_PASS_THRU_PRIVATE_DATA, \
diff --git a/MdeModulePkg/Universal/EbcDxe/EbcExecute.h b/MdeModulePkg/Universal/EbcDxe/EbcExecute.h
index 1cb68bc5385a..858ca7fc86ae 100644
--- a/MdeModulePkg/Universal/EbcDxe/EbcExecute.h
+++ b/MdeModulePkg/Universal/EbcDxe/EbcExecute.h
@@ -14,8 +14,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 //
 // Macros to check and set alignment
 //
-#define ASSERT_ALIGNED(addr, size)  ASSERT (!((UINT32) (addr) & (size - 1)))
-#define IS_ALIGNED(addr, size)      !((UINT32) (addr) & (size - 1))
+#define ASSERT_ALIGNED(addr, size)  ASSERT (IS_ALIGNED (addr, size))
 
 //
 // Debug macro
diff --git a/MdePkg/Include/Base.h b/MdePkg/Include/Base.h
index 2da08b0c787f..32d0e512e05f 100644
--- a/MdePkg/Include/Base.h
+++ b/MdePkg/Include/Base.h
@@ -789,6 +789,35 @@ typedef UINTN  *BASE_LIST;
 #define OFFSET_OF(TYPE, Field) ((UINTN) &(((TYPE *)0)->Field))
 #endif
 
+/**
+  Returns the alignment requirement of a type.
+
+  @param   TYPE  The name of the type to retrieve the alignment requirement of.
+
+  @return  Alignment requirement, in Bytes, of TYPE.
+**/
+#if defined(__GNUC__) || defined(__clang__) || (defined(_MSC_VER) && _MSC_VER >= 1900)
+  //
+  // All supported versions of GCC and Clang, as well as MSVC 2015 and later,
+  // support the standard operator _Alignof.
+  //
+  #define ALIGNOF(TYPE)  _Alignof (TYPE)
+#elif defined(_MSC_VER)
+  //
+  // Earlier versions of MSVC, at least MSVC 2008 and later, support the
+  // vendor-extension __alignof.
+  //
+  #define ALIGNOF(TYPE)  __alignof (TYPE)
+#else
+  //
+  // For compilers that do not support inbuilt alignof operators, use OFFSET_OF.
+  // CHAR8 is known to have both a size and an alignment requirement of 1 Byte.
+  // As such, A must be located exactly at the offset equal to its alignment
+  // requirement.
+  //
+  #define ALIGNOF(TYPE) OFFSET_OF (struct { CHAR8 C; TYPE A; }, A)
+#endif
+
 /**
   Portable definition for compile time assertions.
   Equivalent to C11 static_assert macro from assert.h.
@@ -824,6 +853,21 @@ STATIC_ASSERT (sizeof (CHAR16)  == 2, "sizeof (CHAR16) does not meet UEFI Specif
 STATIC_ASSERT (sizeof (L'A')    == 2, "sizeof (L'A') does not meet UEFI Specification Data Type requirements");
 STATIC_ASSERT (sizeof (L"A")    == 4, "sizeof (L\"A\") does not meet UEFI Specification Data Type requirements");
 
+STATIC_ASSERT (ALIGNOF (BOOLEAN) == sizeof (BOOLEAN), "Alignment of BOOLEAN does not meet UEFI Specification Data Type requirements");
+STATIC_ASSERT (ALIGNOF (INT8)    == sizeof (INT8),    "Alignment of INT8 does not meet UEFI Specification Data Type requirements");
+STATIC_ASSERT (ALIGNOF (UINT8)   == sizeof (UINT8),   "Alignment of INT16 does not meet UEFI Specification Data Type requirements");
+STATIC_ASSERT (ALIGNOF (INT16)   == sizeof (INT16),   "Alignment of INT16 does not meet UEFI Specification Data Type requirements");
+STATIC_ASSERT (ALIGNOF (UINT16)  == sizeof (UINT16),  "Alignment of UINT16 does not meet UEFI Specification Data Type requirements");
+STATIC_ASSERT (ALIGNOF (INT32)   == sizeof (INT32),   "Alignment of INT32 does not meet UEFI Specification Data Type requirements");
+STATIC_ASSERT (ALIGNOF (UINT32)  == sizeof (UINT32),  "Alignment of UINT32 does not meet UEFI Specification Data Type requirements");
+STATIC_ASSERT (ALIGNOF (INT64)   == sizeof (INT64),   "Alignment of INT64 does not meet UEFI Specification Data Type requirements");
+STATIC_ASSERT (ALIGNOF (UINT64)  == sizeof (UINT64),  "Alignment of UINT64 does not meet UEFI Specification Data Type requirements");
+STATIC_ASSERT (ALIGNOF (CHAR8)   == sizeof (CHAR8),   "Alignment of CHAR8 does not meet UEFI Specification Data Type requirements");
+STATIC_ASSERT (ALIGNOF (CHAR16)  == sizeof (CHAR16),  "Alignment of CHAR16 does not meet UEFI Specification Data Type requirements");
+STATIC_ASSERT (ALIGNOF (INTN)    == sizeof (INTN),    "Alignment of INTN does not meet UEFI Specification Data Type requirements");
+STATIC_ASSERT (ALIGNOF (UINTN)   == sizeof (UINTN),   "Alignment of UINTN does not meet UEFI Specification Data Type requirements");
+STATIC_ASSERT (ALIGNOF (VOID *)  == sizeof (VOID *),  "Alignment of VOID * does not meet UEFI Specification Data Type requirements");
+
 //
 // The following three enum types are used to verify that the compiler
 // configuration for enum types is compliant with Section 2.3.1 of the
@@ -847,6 +891,10 @@ STATIC_ASSERT (sizeof (__VERIFY_UINT8_ENUM_SIZE) == 4, "Size of enum does not me
 STATIC_ASSERT (sizeof (__VERIFY_UINT16_ENUM_SIZE) == 4, "Size of enum does not meet UEFI Specification Data Type requirements");
 STATIC_ASSERT (sizeof (__VERIFY_UINT32_ENUM_SIZE) == 4, "Size of enum does not meet UEFI Specification Data Type requirements");
 
+STATIC_ASSERT (ALIGNOF (__VERIFY_UINT8_ENUM_SIZE)  == sizeof (__VERIFY_UINT8_ENUM_SIZE),  "Alignment of enum does not meet UEFI Specification Data Type requirements");
+STATIC_ASSERT (ALIGNOF (__VERIFY_UINT16_ENUM_SIZE) == sizeof (__VERIFY_UINT16_ENUM_SIZE), "Alignment of enum does not meet UEFI Specification Data Type requirements");
+STATIC_ASSERT (ALIGNOF (__VERIFY_UINT32_ENUM_SIZE) == sizeof (__VERIFY_UINT32_ENUM_SIZE), "Alignment of enum does not meet UEFI Specification Data Type requirements");
+
 /**
   Macro that returns a pointer to the data structure that contains a specified field of
   that data structure.  This is a lightweight method to hide information by placing a
@@ -868,6 +916,46 @@ STATIC_ASSERT (sizeof (__VERIFY_UINT32_ENUM_SIZE) == 4, "Size of enum does not m
 **/
 #define BASE_CR(Record, TYPE, Field)  ((TYPE *) ((CHAR8 *) (Record) - OFFSET_OF (TYPE, Field)))
 
+/**
+  Checks whether a value is a power of two.
+
+  @param   Value  The value to check.
+
+  @return  Whether Value is a power of two.
+**/
+#define IS_POW2(Value)  ((Value) != 0U && ((Value) & ((Value) - 1U)) == 0U)
+
+/**
+  Checks whether a value is aligned by a specified alignment.
+
+  @param   Value      The value to check.
+  @param   Alignment  The alignment boundary used to check against.
+
+  @return  Whether Value is aligned by Alignment.
+**/
+#define IS_ALIGNED(Value, Alignment)  (((Value) & ((Alignment) - 1U)) == 0U)
+
+/**
+  Checks whether a pointer or address is aligned by a specified alignment.
+
+  @param   Address    The pointer or address to check.
+  @param   Alignment  The alignment boundary used to check against.
+
+  @return  Whether Address is aligned by Alignment.
+**/
+#define ADDRESS_IS_ALIGNED(Address, Alignment)  IS_ALIGNED ((UINTN) (Address), Alignment)
+
+/**
+  Determines the addend to add to a value to round it up to the next boundary of
+  a specified alignment.
+
+  @param   Value      The value to round up.
+  @param   Alignment  The alignment boundary used to return the addend.
+
+  @return  Addend to round Value up to alignment boundary Alignment.
+**/
+#define ALIGN_VALUE_ADDEND(Value, Alignment)  (((Alignment) - (Value)) & ((Alignment) - 1U))
+
 /**
   Rounds a value up to the next boundary using a specified alignment.
 
@@ -880,7 +968,7 @@ STATIC_ASSERT (sizeof (__VERIFY_UINT32_ENUM_SIZE) == 4, "Size of enum does not m
   @return  A value up to the next boundary.
 
 **/
-#define ALIGN_VALUE(Value, Alignment) ((Value) + (((Alignment) - (Value)) & ((Alignment) - 1)))
+#define ALIGN_VALUE(Value, Alignment) ((Value) + ALIGN_VALUE_ADDEND (Value, Alignment))
 
 /**
   Adjust a pointer by adding the minimum offset required for it to be aligned on
-- 
2.31.1


^ permalink raw reply related	[flat|nested] 49+ messages in thread

* [PATCH] MdePkg/BaseLib: Fix unaligned API prototypes
  2021-08-08 19:39 [PATCH] ArmPkg/DefaultExceptionHandlerLib: Fix DebugImageInfoTable lookup Marvin Häuser
                   ` (10 preceding siblings ...)
  2021-08-08 19:39 ` [PATCH] MdePkg/Base.h: Introduce various alignment-related macros Marvin Häuser
@ 2021-08-08 19:39 ` Marvin Häuser
  2021-08-08 19:39   ` [PATCH] BaseTools/CommonLib: " Marvin Häuser
  2021-08-08 19:39 ` [PATCH] SecurityPkg/DxeImageVerificationLib: Always lookup SHA-256 hash in dbx Marvin Häuser
                   ` (6 subsequent siblings)
  18 siblings, 1 reply; 49+ messages in thread
From: Marvin Häuser @ 2021-08-08 19:39 UTC (permalink / raw)
  To: devel; +Cc: Michael D Kinney, Liming Gao, Zhiguang Liu, Vitaly Cheptsov

C prohibits not only dereferencing but also casting to unaligned
pointers. Thus, the current set of unaligned APIs cannot be called
safely. Update their prototypes to take VOID * pointers, which must
be able to represent any valid pointer.

Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Zhiguang Liu <zhiguang.liu@intel.com>
Cc: Vitaly Cheptsov <vit9696@protonmail.com>
Signed-off-by: Marvin Häuser <mhaeuser@posteo.de>
---
 MdePkg/Library/BaseLib/Arm/Unaligned.c | 14 ++++-----
 MdePkg/Library/BaseLib/Unaligned.c     | 32 ++++++++++----------
 MdePkg/Include/Library/BaseLib.h       | 16 +++++-----
 3 files changed, 31 insertions(+), 31 deletions(-)

diff --git a/MdePkg/Library/BaseLib/Arm/Unaligned.c b/MdePkg/Library/BaseLib/Arm/Unaligned.c
index e9934e7003cb..57f19fc44e0b 100644
--- a/MdePkg/Library/BaseLib/Arm/Unaligned.c
+++ b/MdePkg/Library/BaseLib/Arm/Unaligned.c
@@ -59,7 +59,7 @@ ReadUnaligned16 (
 UINT16
 EFIAPI
 WriteUnaligned16 (
-  OUT UINT16                    *Buffer,
+  OUT VOID                      *Buffer,
   IN  UINT16                    Value
   )
 {
@@ -87,7 +87,7 @@ WriteUnaligned16 (
 UINT32
 EFIAPI
 ReadUnaligned24 (
-  IN CONST UINT32              *Buffer
+  IN CONST VOID                *Buffer
   )
 {
   ASSERT (Buffer != NULL);
@@ -116,7 +116,7 @@ ReadUnaligned24 (
 UINT32
 EFIAPI
 WriteUnaligned24 (
-  OUT UINT32                    *Buffer,
+  OUT VOID                      *Buffer,
   IN  UINT32                    Value
   )
 {
@@ -143,7 +143,7 @@ WriteUnaligned24 (
 UINT32
 EFIAPI
 ReadUnaligned32 (
-  IN CONST UINT32              *Buffer
+  IN CONST VOID                *Buffer
   )
 {
   UINT16  LowerBytes;
@@ -175,7 +175,7 @@ ReadUnaligned32 (
 UINT32
 EFIAPI
 WriteUnaligned32 (
-  OUT UINT32                    *Buffer,
+  OUT VOID                      *Buffer,
   IN  UINT32                    Value
   )
 {
@@ -202,7 +202,7 @@ WriteUnaligned32 (
 UINT64
 EFIAPI
 ReadUnaligned64 (
-  IN CONST UINT64              *Buffer
+  IN CONST VOID                *Buffer
   )
 {
   UINT32  LowerBytes;
@@ -234,7 +234,7 @@ ReadUnaligned64 (
 UINT64
 EFIAPI
 WriteUnaligned64 (
-  OUT UINT64                    *Buffer,
+  OUT VOID                      *Buffer,
   IN  UINT64                    Value
   )
 {
diff --git a/MdePkg/Library/BaseLib/Unaligned.c b/MdePkg/Library/BaseLib/Unaligned.c
index a419cb85e53c..3041adcde606 100644
--- a/MdePkg/Library/BaseLib/Unaligned.c
+++ b/MdePkg/Library/BaseLib/Unaligned.c
@@ -26,12 +26,12 @@
 UINT16
 EFIAPI
 ReadUnaligned16 (
-  IN CONST UINT16              *Buffer
+  IN CONST VOID                *Buffer
   )
 {
   ASSERT (Buffer != NULL);
 
-  return *Buffer;
+  return *(CONST UINT16 *) Buffer;
 }
 
 /**
@@ -52,13 +52,13 @@ ReadUnaligned16 (
 UINT16
 EFIAPI
 WriteUnaligned16 (
-  OUT UINT16                    *Buffer,
+  OUT VOID                      *Buffer,
   IN  UINT16                    Value
   )
 {
   ASSERT (Buffer != NULL);
 
-  return *Buffer = Value;
+  return *(UINT16 *) Buffer = Value;
 }
 
 /**
@@ -77,12 +77,12 @@ WriteUnaligned16 (
 UINT32
 EFIAPI
 ReadUnaligned24 (
-  IN CONST UINT32              *Buffer
+  IN CONST VOID                *Buffer
   )
 {
   ASSERT (Buffer != NULL);
 
-  return *Buffer & 0xffffff;
+  return *(CONST UINT32 *) Buffer & 0xffffff;
 }
 
 /**
@@ -103,13 +103,13 @@ ReadUnaligned24 (
 UINT32
 EFIAPI
 WriteUnaligned24 (
-  OUT UINT32                    *Buffer,
+  OUT VOID                      *Buffer,
   IN  UINT32                    Value
   )
 {
   ASSERT (Buffer != NULL);
 
-  *Buffer = BitFieldWrite32 (*Buffer, 0, 23, Value);
+  *(UINT32 *) Buffer = BitFieldWrite32 (*(CONST UINT32 *) Buffer, 0, 23, Value);
   return Value;
 }
 
@@ -129,12 +129,12 @@ WriteUnaligned24 (
 UINT32
 EFIAPI
 ReadUnaligned32 (
-  IN CONST UINT32              *Buffer
+  IN CONST VOID                *Buffer
   )
 {
   ASSERT (Buffer != NULL);
 
-  return *Buffer;
+  return *(CONST UINT32 *) Buffer;
 }
 
 /**
@@ -155,13 +155,13 @@ ReadUnaligned32 (
 UINT32
 EFIAPI
 WriteUnaligned32 (
-  OUT UINT32                    *Buffer,
+  OUT VOID                      *Buffer,
   IN  UINT32                    Value
   )
 {
   ASSERT (Buffer != NULL);
 
-  return *Buffer = Value;
+  return *(UINT32 *) Buffer = Value;
 }
 
 /**
@@ -180,12 +180,12 @@ WriteUnaligned32 (
 UINT64
 EFIAPI
 ReadUnaligned64 (
-  IN CONST UINT64              *Buffer
+  IN CONST VOID                *Buffer
   )
 {
   ASSERT (Buffer != NULL);
 
-  return *Buffer;
+  return *(CONST UINT64 *) Buffer;
 }
 
 /**
@@ -206,11 +206,11 @@ ReadUnaligned64 (
 UINT64
 EFIAPI
 WriteUnaligned64 (
-  OUT UINT64                    *Buffer,
+  OUT VOID                      *Buffer,
   IN  UINT64                    Value
   )
 {
   ASSERT (Buffer != NULL);
 
-  return *Buffer = Value;
+  return *(UINT64 *) Buffer = Value;
 }
diff --git a/MdePkg/Include/Library/BaseLib.h b/MdePkg/Include/Library/BaseLib.h
index 2452c1d92e51..4d30f0539c6b 100644
--- a/MdePkg/Include/Library/BaseLib.h
+++ b/MdePkg/Include/Library/BaseLib.h
@@ -3420,7 +3420,7 @@ DivS64x64Remainder (
 UINT16
 EFIAPI
 ReadUnaligned16 (
-  IN CONST UINT16              *Buffer
+  IN CONST VOID                *Buffer
   );
 
 
@@ -3442,7 +3442,7 @@ ReadUnaligned16 (
 UINT16
 EFIAPI
 WriteUnaligned16 (
-  OUT UINT16                    *Buffer,
+  OUT VOID                      *Buffer,
   IN  UINT16                    Value
   );
 
@@ -3463,7 +3463,7 @@ WriteUnaligned16 (
 UINT32
 EFIAPI
 ReadUnaligned24 (
-  IN CONST UINT32              *Buffer
+  IN CONST VOID                *Buffer
   );
 
 
@@ -3485,7 +3485,7 @@ ReadUnaligned24 (
 UINT32
 EFIAPI
 WriteUnaligned24 (
-  OUT UINT32                    *Buffer,
+  OUT VOID                      *Buffer,
   IN  UINT32                    Value
   );
 
@@ -3506,7 +3506,7 @@ WriteUnaligned24 (
 UINT32
 EFIAPI
 ReadUnaligned32 (
-  IN CONST UINT32              *Buffer
+  IN CONST VOID                *Buffer
   );
 
 
@@ -3528,7 +3528,7 @@ ReadUnaligned32 (
 UINT32
 EFIAPI
 WriteUnaligned32 (
-  OUT UINT32                    *Buffer,
+  OUT VOID                      *Buffer,
   IN  UINT32                    Value
   );
 
@@ -3549,7 +3549,7 @@ WriteUnaligned32 (
 UINT64
 EFIAPI
 ReadUnaligned64 (
-  IN CONST UINT64              *Buffer
+  IN CONST VOID                *Buffer
   );
 
 
@@ -3571,7 +3571,7 @@ ReadUnaligned64 (
 UINT64
 EFIAPI
 WriteUnaligned64 (
-  OUT UINT64                    *Buffer,
+  OUT VOID                      *Buffer,
   IN  UINT64                    Value
   );
 
-- 
2.31.1


^ permalink raw reply related	[flat|nested] 49+ messages in thread

* [PATCH] SecurityPkg/DxeImageVerificationLib: Always lookup SHA-256 hash in dbx
  2021-08-08 19:39 [PATCH] ArmPkg/DefaultExceptionHandlerLib: Fix DebugImageInfoTable lookup Marvin Häuser
                   ` (11 preceding siblings ...)
  2021-08-08 19:39 ` [PATCH] MdePkg/BaseLib: Fix unaligned API prototypes Marvin Häuser
@ 2021-08-08 19:39 ` Marvin Häuser
  2021-08-09  0:02   ` Min Xu
  2021-08-09  2:48   ` Yao, Jiewen
  2021-08-08 19:39 ` [PATCH] SecurityPkg/DxeImageVerificationLib: Fix certificate lookup algorithm Marvin Häuser
                   ` (5 subsequent siblings)
  18 siblings, 2 replies; 49+ messages in thread
From: Marvin Häuser @ 2021-08-08 19:39 UTC (permalink / raw)
  To: devel; +Cc: Jiewen Yao, Jian J Wang, Min Xu, Vitaly Cheptsov

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3461

The UEFI specification prohibits loading any UEFI image of which a
matching SHA-256 hash is contained in "dbx" (UEFI 2.9, 32.5.3.3
"Authorization Process", 3.A). Currently, this is only explicitly
checked when the image is unsigned and otherwise the hash algorithms
of the certificates are used.

Align with the UEFI specification by specifically looking up the
SHA-256 hash of the image in "dbx".

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Min Xu <min.m.xu@intel.com>
Cc: Vitaly Cheptsov <vit9696@protonmail.com>
Signed-off-by: Marvin Häuser <mhaeuser@posteo.de>
---
 SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c | 60 ++++++++------------
 1 file changed, 24 insertions(+), 36 deletions(-)

diff --git a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
index c48861cd6496..1f9bb33e86c3 100644
--- a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
+++ b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
@@ -1803,34 +1803,36 @@ DxeImageVerificationHandler (
     }
   }
 
+  //
+  // The SHA256 hash value of the image must not be reflected in the security data base "dbx".
+  //
+  if (!HashPeImage (HASHALG_SHA256)) {
+    DEBUG ((DEBUG_INFO, "DxeImageVerificationLib: Failed to hash this image using %s.\n", mHashTypeStr));
+    goto Failed;
+  }
+
+  DbStatus = IsSignatureFoundInDatabase (
+               EFI_IMAGE_SECURITY_DATABASE1,
+               mImageDigest,
+               &mCertType,
+               mImageDigestSize,
+               &IsFound
+               );
+  if (EFI_ERROR (DbStatus) || IsFound) {
+    //
+    // Image Hash is in forbidden database (DBX).
+    //
+    DEBUG ((DEBUG_INFO, "DxeImageVerificationLib: Image is not signed and %s hash of image is forbidden by DBX.\n", mHashTypeStr));
+    goto Failed;
+  }
+
   //
   // Start Image Validation.
   //
   if (SecDataDir == NULL || SecDataDir->Size == 0) {
     //
-    // This image is not signed. The SHA256 hash value of the image must match a record in the security database "db",
-    // and not be reflected in the security data base "dbx".
+    // This image is not signed. The SHA256 hash value of the image must match a record in the security database "db".
     //
-    if (!HashPeImage (HASHALG_SHA256)) {
-      DEBUG ((DEBUG_INFO, "DxeImageVerificationLib: Failed to hash this image using %s.\n", mHashTypeStr));
-      goto Failed;
-    }
-
-    DbStatus = IsSignatureFoundInDatabase (
-                 EFI_IMAGE_SECURITY_DATABASE1,
-                 mImageDigest,
-                 &mCertType,
-                 mImageDigestSize,
-                 &IsFound
-                 );
-    if (EFI_ERROR (DbStatus) || IsFound) {
-      //
-      // Image Hash is in forbidden database (DBX).
-      //
-      DEBUG ((DEBUG_INFO, "DxeImageVerificationLib: Image is not signed and %s hash of image is forbidden by DBX.\n", mHashTypeStr));
-      goto Failed;
-    }
-
     DbStatus = IsSignatureFoundInDatabase (
                  EFI_IMAGE_SECURITY_DATABASE,
                  mImageDigest,
@@ -1932,20 +1934,6 @@ DxeImageVerificationHandler (
     //
     // Check the image's hash value.
     //
-    DbStatus = IsSignatureFoundInDatabase (
-                 EFI_IMAGE_SECURITY_DATABASE1,
-                 mImageDigest,
-                 &mCertType,
-                 mImageDigestSize,
-                 &IsFound
-                 );
-    if (EFI_ERROR (DbStatus) || IsFound) {
-      Action = EFI_IMAGE_EXECUTION_AUTH_SIG_FOUND;
-      DEBUG ((DEBUG_INFO, "DxeImageVerificationLib: Image is signed but %s hash of image is found in DBX.\n", mHashTypeStr));
-      IsVerified = FALSE;
-      break;
-    }
-
     if (!IsVerified) {
       DbStatus = IsSignatureFoundInDatabase (
                    EFI_IMAGE_SECURITY_DATABASE,
-- 
2.31.1


^ permalink raw reply related	[flat|nested] 49+ messages in thread

* [PATCH] SecurityPkg/DxeImageVerificationLib: Fix certificate lookup algorithm
  2021-08-08 19:39 [PATCH] ArmPkg/DefaultExceptionHandlerLib: Fix DebugImageInfoTable lookup Marvin Häuser
                   ` (12 preceding siblings ...)
  2021-08-08 19:39 ` [PATCH] SecurityPkg/DxeImageVerificationLib: Always lookup SHA-256 hash in dbx Marvin Häuser
@ 2021-08-08 19:39 ` Marvin Häuser
  2021-08-08 19:39   ` [PATCH] SecurityPkg/SecureBootConfigDxe: " Marvin Häuser
  2021-08-08 19:39 ` [PATCH] StandaloneMmPkg/FvLib: Correct FV section data size Marvin Häuser
                   ` (4 subsequent siblings)
  18 siblings, 1 reply; 49+ messages in thread
From: Marvin Häuser @ 2021-08-08 19:39 UTC (permalink / raw)
  To: devel; +Cc: Jiewen Yao, Jian J Wang, Min Xu, Vitaly Cheptsov

The current certificate lookup code does not check the bounds of the
authentication data before accessing it. Abort if the header cannot
fit. Also, the lookup code aborts once the authetication data is
smaller than an algorithm's OID size. As OIDs are variably-sized,
this may cause unexpected authentication failure due to the early
error-exit.

Additionally move the two-byte encoding check out of the loop as the
data is invariant.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Min Xu <min.m.xu@intel.com>
Cc: Vitaly Cheptsov <vit9696@protonmail.com>
Signed-off-by: Marvin Häuser <mhaeuser@posteo.de>
---
 SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c | 43 +++++++++++---------
 1 file changed, 23 insertions(+), 20 deletions(-)

diff --git a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
index c48861cd6496..6615099baafb 100644
--- a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
+++ b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
@@ -624,30 +624,33 @@ HashPeImageByType (
 {
   UINT8                     Index;
 
+  if (AuthDataSize < 32) {
+    return EFI_UNSUPPORTED;
+  }
+  //
+  // Check the Hash algorithm in PE/COFF Authenticode.
+  //    According to PKCS#7 Definition:
+  //        SignedData ::= SEQUENCE {
+  //            version Version,
+  //            digestAlgorithms DigestAlgorithmIdentifiers,
+  //            contentInfo ContentInfo,
+  //            .... }
+  //    The DigestAlgorithmIdentifiers can be used to determine the hash algorithm in PE/COFF hashing
+  //    This field has the fixed offset (+32) in final Authenticode ASN.1 data.
+  //    Fixed offset (+32) is calculated based on two bytes of length encoding.
+  //
+  if ((*(AuthData + 1) & TWO_BYTE_ENCODE) != TWO_BYTE_ENCODE) {
+    //
+    // Only support two bytes of Long Form of Length Encoding.
+    //
+    return EFI_UNSUPPORTED;
+  }
+
   for (Index = 0; Index < HASHALG_MAX; Index++) {
-    //
-    // Check the Hash algorithm in PE/COFF Authenticode.
-    //    According to PKCS#7 Definition:
-    //        SignedData ::= SEQUENCE {
-    //            version Version,
-    //            digestAlgorithms DigestAlgorithmIdentifiers,
-    //            contentInfo ContentInfo,
-    //            .... }
-    //    The DigestAlgorithmIdentifiers can be used to determine the hash algorithm in PE/COFF hashing
-    //    This field has the fixed offset (+32) in final Authenticode ASN.1 data.
-    //    Fixed offset (+32) is calculated based on two bytes of length encoding.
-    //
-    if ((*(AuthData + 1) & TWO_BYTE_ENCODE) != TWO_BYTE_ENCODE) {
-      //
-      // Only support two bytes of Long Form of Length Encoding.
-      //
+    if (AuthDataSize - 32 < mHash[Index].OidLength) {
       continue;
     }
 
-    if (AuthDataSize < 32 + mHash[Index].OidLength) {
-      return EFI_UNSUPPORTED;
-    }
-
     if (CompareMem (AuthData + 32, mHash[Index].OidValue, mHash[Index].OidLength) == 0) {
       break;
     }
-- 
2.31.1


^ permalink raw reply related	[flat|nested] 49+ messages in thread

* [PATCH] StandaloneMmPkg/FvLib: Correct FV section data size
  2021-08-08 19:39 [PATCH] ArmPkg/DefaultExceptionHandlerLib: Fix DebugImageInfoTable lookup Marvin Häuser
                   ` (13 preceding siblings ...)
  2021-08-08 19:39 ` [PATCH] SecurityPkg/DxeImageVerificationLib: Fix certificate lookup algorithm Marvin Häuser
@ 2021-08-08 19:39 ` Marvin Häuser
  2021-08-08 19:39 ` [PATCH] StandaloneMmPkg/StandaloneMmCore: Drop code for traditional drivers Marvin Häuser
                   ` (3 subsequent siblings)
  18 siblings, 0 replies; 49+ messages in thread
From: Marvin Häuser @ 2021-08-08 19:39 UTC (permalink / raw)
  To: devel
  Cc: Ard Biesheuvel, Sami Mujawar, Jiewen Yao, Supreeth Venkatesh,
	Vitaly Cheptsov

The size of a FV section includes the size of its header. Subtract
latter to yield the correct size of the contained data.

Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Sami Mujawar <sami.mujawar@arm.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Supreeth Venkatesh <supreeth.venkatesh@arm.com>
Cc: Vitaly Cheptsov <vit9696@protonmail.com>
Signed-off-by: Marvin Häuser <mhaeuser@posteo.de>
---
 StandaloneMmPkg/Library/FvLib/FvLib.c | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/StandaloneMmPkg/Library/FvLib/FvLib.c b/StandaloneMmPkg/Library/FvLib/FvLib.c
index 94139ae3898b..5d5ad8f73fe0 100644
--- a/StandaloneMmPkg/Library/FvLib/FvLib.c
+++ b/StandaloneMmPkg/Library/FvLib/FvLib.c
@@ -359,16 +359,22 @@ FfsFindSectionData (
   ParsedLength  = 0;
   while (ParsedLength < FileSize) {
     if (Section->Type == SectionType) {
+      //
+      // Size is 24 bits wide so mask upper 8 bits.
+      //
+      SectionLength = SECTION_SIZE (Section);
+
+      if (SectionLength < sizeof (*Section)) {
+        return EFI_VOLUME_CORRUPTED;
+      }
       *SectionData = (VOID *) (Section + 1);
-      *SectionDataSize = SECTION_SIZE(Section);
+      *SectionDataSize = SectionLength - sizeof (*Section);
       return EFI_SUCCESS;
     }
     //
-    // Size is 24 bits wide so mask upper 8 bits.
     // SectionLength is adjusted it is 4 byte aligned.
     // Go to the next section
     //
-    SectionLength = SECTION_SIZE(Section);
     SectionLength = GET_OCCUPIED_SIZE (SectionLength, 4);
 
     ParsedLength += SectionLength;
-- 
2.31.1


^ permalink raw reply related	[flat|nested] 49+ messages in thread

* [PATCH] StandaloneMmPkg/StandaloneMmCore: Drop code for traditional drivers
  2021-08-08 19:39 [PATCH] ArmPkg/DefaultExceptionHandlerLib: Fix DebugImageInfoTable lookup Marvin Häuser
                   ` (14 preceding siblings ...)
  2021-08-08 19:39 ` [PATCH] StandaloneMmPkg/FvLib: Correct FV section data size Marvin Häuser
@ 2021-08-08 19:39 ` Marvin Häuser
  2021-08-08 19:39 ` [PATCH] StandaloneMmPkg/StandaloneMmCore: Drop unused fixed address feature Marvin Häuser
                   ` (2 subsequent siblings)
  18 siblings, 0 replies; 49+ messages in thread
From: Marvin Häuser @ 2021-08-08 19:39 UTC (permalink / raw)
  To: devel
  Cc: Ard Biesheuvel, Sami Mujawar, Jiewen Yao, Supreeth Venkatesh,
	Vitaly Cheptsov

StandaloneMmCore has code paths in place to support traditional MM
drivers based on the availability of mEfiSystemTable. This variable
is not populated anywhere however, rendering said paths unreachable.
Remove the unreachable support code.

Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Sami Mujawar <sami.mujawar@arm.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Supreeth Venkatesh <supreeth.venkatesh@arm.com>
Cc: Vitaly Cheptsov <vit9696@protonmail.com>
Signed-off-by: Marvin Häuser <mhaeuser@posteo.de>
---
 StandaloneMmPkg/Core/Dependency.c       |  6 ---
 StandaloneMmPkg/Core/Dispatcher.c       | 51 +-------------------
 StandaloneMmPkg/Core/StandaloneMmCore.c |  1 -
 StandaloneMmPkg/Core/StandaloneMmCore.h |  1 -
 4 files changed, 2 insertions(+), 57 deletions(-)

diff --git a/StandaloneMmPkg/Core/Dependency.c b/StandaloneMmPkg/Core/Dependency.c
index eb4baa4086f0..3ae0201eb647 100644
--- a/StandaloneMmPkg/Core/Dependency.c
+++ b/StandaloneMmPkg/Core/Dependency.c
@@ -242,12 +242,6 @@ MmIsSchedulable (
       CopyMem (&DriverGuid, Iterator + 1, sizeof (EFI_GUID));
 
       Status = MmLocateProtocol (&DriverGuid, NULL, &Interface);
-      if (EFI_ERROR (Status) && (mEfiSystemTable != NULL)) {
-        //
-        // For MM Driver, it may depend on uefi protocols
-        //
-        Status = mEfiSystemTable->BootServices->LocateProtocol (&DriverGuid, NULL, &Interface);
-      }
 
       if (EFI_ERROR (Status)) {
         DEBUG ((DEBUG_DISPATCH, "  PUSH GUID(%g) = FALSE\n", &DriverGuid));
diff --git a/StandaloneMmPkg/Core/Dispatcher.c b/StandaloneMmPkg/Core/Dispatcher.c
index 7e4bf5e94025..76d33f81fef1 100644
--- a/StandaloneMmPkg/Core/Dispatcher.c
+++ b/StandaloneMmPkg/Core/Dispatcher.c
@@ -364,45 +364,6 @@ MmLoadImage (
   DriverEntry->ImageBuffer      = DstBuffer;
   DriverEntry->NumberOfPage     = PageCount;
 
-  if (mEfiSystemTable != NULL) {
-    Status = mEfiSystemTable->BootServices->AllocatePool (
-                                              EfiBootServicesData,
-                                              sizeof (EFI_LOADED_IMAGE_PROTOCOL),
-                                              (VOID **)&DriverEntry->LoadedImage
-                                              );
-    if (EFI_ERROR (Status)) {
-      MmFreePages (DstBuffer, PageCount);
-      return Status;
-    }
-
-    ZeroMem (DriverEntry->LoadedImage, sizeof (EFI_LOADED_IMAGE_PROTOCOL));
-    //
-    // Fill in the remaining fields of the Loaded Image Protocol instance.
-    // Note: ImageBase is an SMRAM address that can not be accessed outside of SMRAM if SMRAM window is closed.
-    //
-    DriverEntry->LoadedImage->Revision      = EFI_LOADED_IMAGE_PROTOCOL_REVISION;
-    DriverEntry->LoadedImage->ParentHandle  = NULL;
-    DriverEntry->LoadedImage->SystemTable   = mEfiSystemTable;
-    DriverEntry->LoadedImage->DeviceHandle  = NULL;
-    DriverEntry->LoadedImage->FilePath      = NULL;
-
-    DriverEntry->LoadedImage->ImageBase     = (VOID *)(UINTN)DriverEntry->ImageBuffer;
-    DriverEntry->LoadedImage->ImageSize     = ImageContext.ImageSize;
-    DriverEntry->LoadedImage->ImageCodeType = EfiRuntimeServicesCode;
-    DriverEntry->LoadedImage->ImageDataType = EfiRuntimeServicesData;
-
-    //
-    // Create a new image handle in the UEFI handle database for the MM Driver
-    //
-    DriverEntry->ImageHandle = NULL;
-    Status = mEfiSystemTable->BootServices->InstallMultipleProtocolInterfaces (
-                                              &DriverEntry->ImageHandle,
-                                              &gEfiLoadedImageProtocolGuid,
-                                              DriverEntry->LoadedImage,
-                                              NULL
-                                              );
-  }
-
   //
   // Print the load address and the PDB file name if it is available
   //
@@ -637,16 +598,8 @@ MmDispatcher (
       //
       // For each MM driver, pass NULL as ImageHandle
       //
-      if (mEfiSystemTable == NULL) {
-        DEBUG ((DEBUG_INFO, "StartImage - 0x%x (Standalone Mode)\n", DriverEntry->ImageEntryPoint));
-        Status = ((MM_IMAGE_ENTRY_POINT)(UINTN)DriverEntry->ImageEntryPoint) (DriverEntry->ImageHandle, &gMmCoreMmst);
-      } else {
-        DEBUG ((DEBUG_INFO, "StartImage - 0x%x (Tradition Mode)\n", DriverEntry->ImageEntryPoint));
-        Status = ((EFI_IMAGE_ENTRY_POINT)(UINTN)DriverEntry->ImageEntryPoint) (
-                                                               DriverEntry->ImageHandle,
-                                                               mEfiSystemTable
-                                                               );
-      }
+      DEBUG ((DEBUG_INFO, "StartImage - 0x%x (Standalone Mode)\n", DriverEntry->ImageEntryPoint));
+      Status = ((MM_IMAGE_ENTRY_POINT)(UINTN)DriverEntry->ImageEntryPoint) (DriverEntry->ImageHandle, &gMmCoreMmst);
       if (EFI_ERROR(Status)) {
         DEBUG ((DEBUG_INFO, "StartImage Status - %r\n", Status));
         MmFreePages(DriverEntry->ImageBuffer, DriverEntry->NumberOfPage);
diff --git a/StandaloneMmPkg/Core/StandaloneMmCore.c b/StandaloneMmPkg/Core/StandaloneMmCore.c
index fbb0ec75e557..45976f203dd9 100644
--- a/StandaloneMmPkg/Core/StandaloneMmCore.c
+++ b/StandaloneMmPkg/Core/StandaloneMmCore.c
@@ -92,7 +92,6 @@ MM_CORE_MMI_HANDLERS  mMmCoreMmiHandlers[] = {
   { NULL,                    NULL,                               NULL, FALSE },
 };
 
-EFI_SYSTEM_TABLE                *mEfiSystemTable;
 UINTN                           mMmramRangeCount;
 EFI_MMRAM_DESCRIPTOR            *mMmramRanges;
 
diff --git a/StandaloneMmPkg/Core/StandaloneMmCore.h b/StandaloneMmPkg/Core/StandaloneMmCore.h
index 2a89edd0fc46..f6b3cc861e39 100644
--- a/StandaloneMmPkg/Core/StandaloneMmCore.h
+++ b/StandaloneMmPkg/Core/StandaloneMmCore.h
@@ -848,6 +848,5 @@ DumpMmramInfo (
 
 extern UINTN                    mMmramRangeCount;
 extern EFI_MMRAM_DESCRIPTOR     *mMmramRanges;
-extern EFI_SYSTEM_TABLE         *mEfiSystemTable;
 
 #endif
-- 
2.31.1


^ permalink raw reply related	[flat|nested] 49+ messages in thread

* [PATCH] StandaloneMmPkg/StandaloneMmCore: Drop unused fixed address feature
  2021-08-08 19:39 [PATCH] ArmPkg/DefaultExceptionHandlerLib: Fix DebugImageInfoTable lookup Marvin Häuser
                   ` (15 preceding siblings ...)
  2021-08-08 19:39 ` [PATCH] StandaloneMmPkg/StandaloneMmCore: Drop code for traditional drivers Marvin Häuser
@ 2021-08-08 19:39 ` Marvin Häuser
  2021-08-08 19:39 ` [PATCH] StandaloneMmPkg: Support CLANGPDB X64 builds Marvin Häuser
  2021-08-08 19:39 ` [PATCH] UefiPayloadPkg/UefiPayloadEntry: Fix memory corruption Marvin Häuser
  18 siblings, 0 replies; 49+ messages in thread
From: Marvin Häuser @ 2021-08-08 19:39 UTC (permalink / raw)
  To: devel
  Cc: Ard Biesheuvel, Sami Mujawar, Jiewen Yao, Supreeth Venkatesh,
	Vitaly Cheptsov

StandaloneMmCore does not support fixed load addresses for modules.
Remove the unreferenced functions that are used in other dispatchers
to implement this feature.

Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Sami Mujawar <sami.mujawar@arm.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Supreeth Venkatesh <supreeth.venkatesh@arm.com>
Cc: Vitaly Cheptsov <vit9696@protonmail.com>
Signed-off-by: Marvin Häuser <mhaeuser@posteo.de>
---
 StandaloneMmPkg/Core/Dispatcher.c | 167 --------------------
 1 file changed, 167 deletions(-)

diff --git a/StandaloneMmPkg/Core/Dispatcher.c b/StandaloneMmPkg/Core/Dispatcher.c
index 7e4bf5e94025..d5631f47be68 100644
--- a/StandaloneMmPkg/Core/Dispatcher.c
+++ b/StandaloneMmPkg/Core/Dispatcher.c
@@ -109,173 +109,6 @@ BOOLEAN  gRequestDispatch = FALSE;
 //
 GLOBAL_REMOVE_IF_UNREFERENCED    UINT64                *mMmCodeMemoryRangeUsageBitMap=NULL;
 
-/**
-  To check memory usage bit map array to figure out if the memory range in which the image will be loaded
-  is available or not. If memory range is avaliable, the function will mark the corresponding bits to 1
-  which indicates the memory range is used. The function is only invoked when load modules at fixed address
-  feature is enabled.
-
-  @param  ImageBase                The base addres the image will be loaded at.
-  @param  ImageSize                The size of the image
-
-  @retval EFI_SUCCESS              The memory range the image will be loaded in is available
-  @retval EFI_NOT_FOUND            The memory range the image will be loaded in is not available
-**/
-EFI_STATUS
-CheckAndMarkFixLoadingMemoryUsageBitMap (
-  IN  EFI_PHYSICAL_ADDRESS          ImageBase,
-  IN  UINTN                         ImageSize
-  )
-{
-  UINT32                             MmCodePageNumber;
-  UINT64                             MmCodeSize;
-  EFI_PHYSICAL_ADDRESS               MmCodeBase;
-  UINTN                              BaseOffsetPageNumber;
-  UINTN                              TopOffsetPageNumber;
-  UINTN                              Index;
-
-  //
-  // Build tool will calculate the smm code size and then patch the PcdLoadFixAddressMmCodePageNumber
-  //
-  MmCodePageNumber = 0;
-  MmCodeSize = EFI_PAGES_TO_SIZE (MmCodePageNumber);
-  MmCodeBase = gLoadModuleAtFixAddressMmramBase;
-
-  //
-  // If the memory usage bit map is not initialized,  do it. Every bit in the array
-  // indicate the status of the corresponding memory page, available or not
-  //
-  if (mMmCodeMemoryRangeUsageBitMap == NULL) {
-    mMmCodeMemoryRangeUsageBitMap = AllocateZeroPool (((MmCodePageNumber / 64) + 1) * sizeof (UINT64));
-  }
-
-  //
-  // If the Dxe code memory range is not allocated or the bit map array allocation failed, return EFI_NOT_FOUND
-  //
-  if (mMmCodeMemoryRangeUsageBitMap == NULL) {
-    return EFI_NOT_FOUND;
-  }
-
-  //
-  // see if the memory range for loading the image is in the MM code range.
-  //
-  if (MmCodeBase + MmCodeSize <  ImageBase + ImageSize || MmCodeBase >  ImageBase) {
-    return EFI_NOT_FOUND;
-  }
-
-  //
-  // Test if the memory is available or not.
-  //
-  BaseOffsetPageNumber = (UINTN)EFI_SIZE_TO_PAGES ((UINT32)(ImageBase - MmCodeBase));
-  TopOffsetPageNumber  = (UINTN)EFI_SIZE_TO_PAGES ((UINT32)(ImageBase + ImageSize - MmCodeBase));
-  for (Index = BaseOffsetPageNumber; Index < TopOffsetPageNumber; Index ++) {
-    if ((mMmCodeMemoryRangeUsageBitMap[Index / 64] & LShiftU64 (1, (Index % 64))) != 0) {
-      //
-      // This page is already used.
-      //
-      return EFI_NOT_FOUND;
-    }
-  }
-
-  //
-  // Being here means the memory range is available.  So mark the bits for the memory range
-  //
-  for (Index = BaseOffsetPageNumber; Index < TopOffsetPageNumber; Index ++) {
-    mMmCodeMemoryRangeUsageBitMap[Index / 64] |= LShiftU64 (1, (Index % 64));
-  }
-  return  EFI_SUCCESS;
-}
-
-/**
-  Get the fixed loading address from image header assigned by build tool. This function only be called
-  when Loading module at Fixed address feature enabled.
-
-  @param  ImageContext              Pointer to the image context structure that describes the PE/COFF
-                                    image that needs to be examined by this function.
-  @retval EFI_SUCCESS               An fixed loading address is assigned to this image by build tools .
-  @retval EFI_NOT_FOUND             The image has no assigned fixed loadding address.
-
-**/
-EFI_STATUS
-GetPeCoffImageFixLoadingAssignedAddress(
-  IN OUT PE_COFF_LOADER_IMAGE_CONTEXT  *ImageContext
-  )
-{
-  UINTN                              SectionHeaderOffset;
-  EFI_STATUS                         Status;
-  EFI_IMAGE_SECTION_HEADER           SectionHeader;
-  EFI_IMAGE_OPTIONAL_HEADER_UNION    *ImgHdr;
-  EFI_PHYSICAL_ADDRESS               FixLoadingAddress;
-  UINT16                             Index;
-  UINTN                              Size;
-  UINT16                             NumberOfSections;
-  UINT64                             ValueInSectionHeader;
-
-  FixLoadingAddress = 0;
-  Status = EFI_NOT_FOUND;
-
-  //
-  // Get PeHeader pointer
-  //
-  ImgHdr = (EFI_IMAGE_OPTIONAL_HEADER_UNION *)((CHAR8* )ImageContext->Handle + ImageContext->PeCoffHeaderOffset);
-  SectionHeaderOffset = ImageContext->PeCoffHeaderOffset + sizeof (UINT32) + sizeof (EFI_IMAGE_FILE_HEADER) +
-    ImgHdr->Pe32.FileHeader.SizeOfOptionalHeader;
-  NumberOfSections = ImgHdr->Pe32.FileHeader.NumberOfSections;
-
-  //
-  // Get base address from the first section header that doesn't point to code section.
-  //
-  for (Index = 0; Index < NumberOfSections; Index++) {
-    //
-    // Read section header from file
-    //
-    Size = sizeof (EFI_IMAGE_SECTION_HEADER);
-    Status = ImageContext->ImageRead (
-                             ImageContext->Handle,
-                             SectionHeaderOffset,
-                             &Size,
-                             &SectionHeader
-                             );
-    if (EFI_ERROR (Status)) {
-      return Status;
-    }
-
-    Status = EFI_NOT_FOUND;
-
-    if ((SectionHeader.Characteristics & EFI_IMAGE_SCN_CNT_CODE) == 0) {
-      //
-      // Build tool will save the address in PointerToRelocations & PointerToLineNumbers fields
-      // in the first section header that doesn't point to code section in image header. So there
-      // is an assumption that when the feature is enabled, if a module with a loading address
-      // assigned by tools, the PointerToRelocations & PointerToLineNumbers fields should not be
-      // Zero, or else, these 2 fields should be set to Zero
-      //
-      ValueInSectionHeader = ReadUnaligned64 ((UINT64*)&SectionHeader.PointerToRelocations);
-      if (ValueInSectionHeader != 0) {
-        //
-        // Found first section header that doesn't point to code section in which build tool saves the
-        // offset to SMRAM base as image base in PointerToRelocations & PointerToLineNumbers fields
-        //
-        FixLoadingAddress = (EFI_PHYSICAL_ADDRESS)(gLoadModuleAtFixAddressMmramBase + (INT64)ValueInSectionHeader);
-        //
-        // Check if the memory range is available.
-        //
-        Status = CheckAndMarkFixLoadingMemoryUsageBitMap (FixLoadingAddress, (UINTN)(ImageContext->ImageSize + ImageContext->SectionAlignment));
-        if (!EFI_ERROR(Status)) {
-          //
-          // The assigned address is valid. Return the specified loading address
-          //
-          ImageContext->ImageAddress = FixLoadingAddress;
-        }
-      }
-      break;
-    }
-    SectionHeaderOffset += sizeof (EFI_IMAGE_SECTION_HEADER);
-  }
-  DEBUG ((DEBUG_INFO|DEBUG_LOAD, "LOADING MODULE FIXED INFO: Loading module at fixed address %x, Status = %r\n",
-          FixLoadingAddress, Status));
-  return Status;
-}
 /**
   Loads an EFI image into SMRAM.
 
-- 
2.31.1


^ permalink raw reply related	[flat|nested] 49+ messages in thread

* [PATCH] StandaloneMmPkg: Support CLANGPDB X64 builds
  2021-08-08 19:39 [PATCH] ArmPkg/DefaultExceptionHandlerLib: Fix DebugImageInfoTable lookup Marvin Häuser
                   ` (16 preceding siblings ...)
  2021-08-08 19:39 ` [PATCH] StandaloneMmPkg/StandaloneMmCore: Drop unused fixed address feature Marvin Häuser
@ 2021-08-08 19:39 ` Marvin Häuser
  2021-10-11  1:04   ` [edk2-devel] " Steven Shi
  2021-08-08 19:39 ` [PATCH] UefiPayloadPkg/UefiPayloadEntry: Fix memory corruption Marvin Häuser
  18 siblings, 1 reply; 49+ messages in thread
From: Marvin Häuser @ 2021-08-08 19:39 UTC (permalink / raw)
  To: devel
  Cc: Ard Biesheuvel, Sami Mujawar, Jiewen Yao, Supreeth Venkatesh,
	Vitaly Cheptsov

Currently, the flag "-fpie" is passed for all builds with a GCC
family toolchain, including CLANGPDB. CLANGPDB however does not
support this flag as it generates PE/COFF files directly.

As the flag is mostly required for AArch64-specific self-relocation,
drop it for X64 builds and document the limitation to enable X64
CLANGPDB builds of StandaloneMmCore.

Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Sami Mujawar <sami.mujawar@arm.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Supreeth Venkatesh <supreeth.venkatesh@arm.com>
Cc: Vitaly Cheptsov <vit9696@protonmail.com>
Signed-off-by: Marvin Häuser <mhaeuser@posteo.de>
---
 StandaloneMmPkg/Core/StandaloneMmCore.inf                                         | 9 +++++++--
 StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/StandaloneMmCoreEntryPoint.inf | 7 ++++++-
 2 files changed, 13 insertions(+), 3 deletions(-)

diff --git a/StandaloneMmPkg/Core/StandaloneMmCore.inf b/StandaloneMmPkg/Core/StandaloneMmCore.inf
index 87bf6e9440a7..e3349fff29cc 100644
--- a/StandaloneMmPkg/Core/StandaloneMmCore.inf
+++ b/StandaloneMmPkg/Core/StandaloneMmCore.inf
@@ -76,6 +76,11 @@ [Guids]
   gEfiEventExitBootServicesGuid
   gEfiEventReadyToBootGuid
 
+#
+# This configuration fails for CLANGPDB, which does not support PIE in the GCC
+# sense. Such however is required for AArch64 StandaloneMmCore self-relocation,
+# and thus the CLANGPDB toolchain is unsupported for AArch64 for this module.
+#
 [BuildOptions]
-  GCC:*_*_*_CC_FLAGS = -fpie
-  GCC:*_*_*_DLINK_FLAGS = -Wl,-z,text,-Bsymbolic,-pie
+  GCC:*_*_AARCH64_CC_FLAGS = -fpie
+  GCC:*_*_AARCH64_DLINK_FLAGS = -Wl,-z,text,-Bsymbolic,-pie
diff --git a/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/StandaloneMmCoreEntryPoint.inf b/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/StandaloneMmCoreEntryPoint.inf
index 4fa426f58ef4..dcbb082d4ab8 100644
--- a/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/StandaloneMmCoreEntryPoint.inf
+++ b/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/StandaloneMmCoreEntryPoint.inf
@@ -54,5 +54,10 @@ [Guids]
 [FeaturePcd.AARCH64]
   gArmTokenSpaceGuid.PcdFfaEnable
 
+#
+# This configuration fails for CLANGPDB, which does not support PIE in the GCC
+# sense. Such however is required for AArch64 StandaloneMmCore self-relocation,
+# and thus the CLANGPDB toolchain is unsupported for AArch64 for this module.
+#
 [BuildOptions]
-  GCC:*_*_*_CC_FLAGS = -fpie
+  GCC:*_*_AARCH64_CC_FLAGS = -fpie
-- 
2.31.1


^ permalink raw reply related	[flat|nested] 49+ messages in thread

* [PATCH] UefiPayloadPkg/UefiPayloadEntry: Fix memory corruption
  2021-08-08 19:39 [PATCH] ArmPkg/DefaultExceptionHandlerLib: Fix DebugImageInfoTable lookup Marvin Häuser
                   ` (17 preceding siblings ...)
  2021-08-08 19:39 ` [PATCH] StandaloneMmPkg: Support CLANGPDB X64 builds Marvin Häuser
@ 2021-08-08 19:39 ` Marvin Häuser
  2021-08-09  4:20   ` Ni, Ray
  2021-08-10 19:13   ` Guo Dong
  18 siblings, 2 replies; 49+ messages in thread
From: Marvin Häuser @ 2021-08-08 19:39 UTC (permalink / raw)
  To: devel; +Cc: Guo Dong, Ray Ni, Maurice Ma, Benjamin You, Vitaly Cheptsov

UefiPayloadEntry's AllocatePool() applies the "sizeof" operator to
HOB index rather than the HOB header structure. This yields 4 Bytes
compared to the 8 Bytes the structure header requires. Fix the call
to allocate the required space instead.

Cc: Guo Dong <guo.dong@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Maurice Ma <maurice.ma@intel.com>
Cc: Benjamin You <benjamin.you@intel.com>
Cc: Vitaly Cheptsov <vit9696@protonmail.com>
Signed-off-by: Marvin Häuser <mhaeuser@posteo.de>
---
 UefiPayloadPkg/UefiPayloadEntry/MemoryAllocation.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/UefiPayloadPkg/UefiPayloadEntry/MemoryAllocation.c b/UefiPayloadPkg/UefiPayloadEntry/MemoryAllocation.c
index 1204573b3e09..f3494969e5ac 100644
--- a/UefiPayloadPkg/UefiPayloadEntry/MemoryAllocation.c
+++ b/UefiPayloadPkg/UefiPayloadEntry/MemoryAllocation.c
@@ -163,7 +163,7 @@ AllocatePool (
     return NULL;
   }
 
-  Hob = (EFI_HOB_MEMORY_POOL *)CreateHob (EFI_HOB_TYPE_MEMORY_POOL, (UINT16)(sizeof (EFI_HOB_TYPE_MEMORY_POOL) + AllocationSize));
+  Hob = (EFI_HOB_MEMORY_POOL *)CreateHob (EFI_HOB_TYPE_MEMORY_POOL, (UINT16)(sizeof (EFI_HOB_MEMORY_POOL) + AllocationSize));
   return (VOID *)(Hob + 1);
 }
 
-- 
2.31.1


^ permalink raw reply related	[flat|nested] 49+ messages in thread

* [PATCH] BaseTools/CommonLib: Fix unaligned API prototypes
  2021-08-08 19:39 ` [PATCH] MdePkg/BaseLib: Fix unaligned API prototypes Marvin Häuser
@ 2021-08-08 19:39   ` Marvin Häuser
  0 siblings, 0 replies; 49+ messages in thread
From: Marvin Häuser @ 2021-08-08 19:39 UTC (permalink / raw)
  To: devel; +Cc: Bob Feng, Liming Gao, Yuwei Chen, Vitaly Cheptsov

C prohibits not only dereferencing but also casting to unaligned
pointers. Thus, the current set of unaligned APIs cannot be called
safely. Update their prototypes to take VOID * pointers, which must
be able to represent any valid pointer.

Cc: Bob Feng <bob.c.feng@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Yuwei Chen <yuwei.chen@intel.com>
Cc: Vitaly Cheptsov <vit9696@protonmail.com>
Signed-off-by: Marvin Häuser <mhaeuser@posteo.de>
---
 BaseTools/Source/C/Common/CommonLib.c | 16 ++++++++--------
 BaseTools/Source/C/Common/CommonLib.h |  8 ++++----
 2 files changed, 12 insertions(+), 12 deletions(-)

diff --git a/BaseTools/Source/C/Common/CommonLib.c b/BaseTools/Source/C/Common/CommonLib.c
index 7fb4ab764fcd..f1223fb2ae0a 100644
--- a/BaseTools/Source/C/Common/CommonLib.c
+++ b/BaseTools/Source/C/Common/CommonLib.c
@@ -1154,23 +1154,23 @@ StrSize (
 
 UINT64
 ReadUnaligned64 (
-   CONST UINT64              *Buffer
+   CONST VOID                *Buffer
   )
 {
   ASSERT (Buffer != NULL);
 
-  return *Buffer;
+  return *(CONST UINT64 *) Buffer;
 }
 
 UINT64
 WriteUnaligned64 (
-   UINT64                    *Buffer,
+   VOID                      *Buffer,
    UINT64                    Value
   )
 {
   ASSERT (Buffer != NULL);
 
-  return *Buffer = Value;
+  return *(UINT64 *) Buffer = Value;
 }
 
 
@@ -2018,23 +2018,23 @@ AllocatePool (
 
 UINT16
 WriteUnaligned16 (
-  UINT16                    *Buffer,
+  VOID                      *Buffer,
   UINT16                    Value
   )
 {
   ASSERT (Buffer != NULL);
 
-  return *Buffer = Value;
+  return *(UINT16 *) Buffer = Value;
 }
 
 UINT16
 ReadUnaligned16 (
-  CONST UINT16              *Buffer
+  CONST VOID                *Buffer
   )
 {
   ASSERT (Buffer != NULL);
 
-  return *Buffer;
+  return *(CONST UINT16 *) Buffer;
 }
 /**
   Return whether the integer string is a hex string.
diff --git a/BaseTools/Source/C/Common/CommonLib.h b/BaseTools/Source/C/Common/CommonLib.h
index 0f05d88db206..67c42a91765d 100644
--- a/BaseTools/Source/C/Common/CommonLib.h
+++ b/BaseTools/Source/C/Common/CommonLib.h
@@ -238,13 +238,13 @@ CopyGuid (
 
 UINT64
 WriteUnaligned64 (
-   UINT64                    *Buffer,
+   VOID                      *Buffer,
    UINT64                    Value
   );
 
 UINT64
 ReadUnaligned64 (
-   CONST UINT64              *Buffer
+   CONST VOID                *Buffer
   );
 
 UINTN
@@ -363,13 +363,13 @@ AllocatePool (
 
 UINT16
 WriteUnaligned16 (
-  UINT16                    *Buffer,
+  VOID                      *Buffer,
   UINT16                    Value
   );
 
 UINT16
 ReadUnaligned16 (
-  CONST UINT16              *Buffer
+  CONST VOID                *Buffer
   );
 
 VOID *
-- 
2.31.1


^ permalink raw reply related	[flat|nested] 49+ messages in thread

* [PATCH] MdeModulePkg/DxeCore: Fix DebugImageInfoTable size report
  2021-08-08 19:39 ` [PATCH] MdeModulePkg/DxeCore: Consistent DebugImageInfoTable updates Marvin Häuser
@ 2021-08-08 19:39   ` Marvin Häuser
  2021-08-08 19:39   ` [PATCH] EmbeddedPkg/GdbStub: Check DebugImageInfoTable type safely Marvin Häuser
                     ` (5 subsequent siblings)
  6 siblings, 0 replies; 49+ messages in thread
From: Marvin Häuser @ 2021-08-08 19:39 UTC (permalink / raw)
  To: devel; +Cc: Jian J Wang, Hao A Wu, Dandan Bi, Liming Gao, Vitaly Cheptsov

Separate tracking the used entries from the table's self-reported
size. Removing an entry from the table does not necessarily reduce
the size of the table as defragmentation is not performed.

Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
Cc: Dandan Bi <dandan.bi@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Vitaly Cheptsov <vit9696@protonmail.com>
Signed-off-by: Marvin Häuser <mhaeuser@posteo.de>
---
 MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c | 20 ++++++++++++++++----
 1 file changed, 16 insertions(+), 4 deletions(-)

diff --git a/MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c b/MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c
index 7bd970115111..cc22e23eb0b3 100644
--- a/MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c
+++ b/MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c
@@ -18,6 +18,8 @@ EFI_DEBUG_IMAGE_INFO_TABLE_HEADER  mDebugInfoTableHeader = {
 
 UINTN mMaxTableEntries = 0;
 
+UINTN mUsedTableEntries = 0;
+
 EFI_SYSTEM_TABLE_POINTER  *mDebugTable = NULL;
 
 #define EFI_DEBUG_TABLE_ENTRY_SIZE       (sizeof (VOID *))
@@ -178,7 +180,7 @@ CoreNewDebugImageInfoEntry (
 
   Table = mDebugInfoTableHeader.EfiDebugImageInfoTable;
 
-  if (mDebugInfoTableHeader.TableSize < mMaxTableEntries) {
+  if (mUsedTableEntries < mMaxTableEntries) {
     //
     // We still have empty entires in the Table, find the first empty entry.
     //
@@ -237,8 +239,17 @@ CoreNewDebugImageInfoEntry (
     // increase the number of EFI_DEBUG_IMAGE_INFO elements.
     //
     mDebugInfoTableHeader.UpdateStatus |= EFI_DEBUG_IMAGE_INFO_TABLE_MODIFIED;
+    mUsedTableEntries++;
     Table[Index].NormalImage = NormalImage;
-    mDebugInfoTableHeader.TableSize++;
+    //
+    // Only increase the amount of elements in the table if the new entry did
+    // not take the place of a previously removed entry.
+    //
+    if (Index == mDebugInfoTableHeader.TableSize) {
+      mDebugInfoTableHeader.TableSize++;
+    }
+
+    ASSERT (Index < mDebugInfoTableHeader.TableSize);
   }
   mDebugInfoTableHeader.UpdateStatus &= ~EFI_DEBUG_IMAGE_INFO_UPDATE_IN_PROGRESS;
 }
@@ -274,9 +285,10 @@ CoreRemoveDebugImageInfoEntry (
       mDebugInfoTableHeader.UpdateStatus |= EFI_DEBUG_IMAGE_INFO_TABLE_MODIFIED;
       Table[Index].NormalImage = NULL;
       //
-      // Decrease the number of EFI_DEBUG_IMAGE_INFO elements.
+      // Do not reduce the amount of elements reported to be in the table as
+      // this would only work for the last element without defragmentation.
       //
-      mDebugInfoTableHeader.TableSize--;
+      mUsedTableEntries--;
       //
       // Free up the record.
       //
-- 
2.31.1


^ permalink raw reply related	[flat|nested] 49+ messages in thread

* [PATCH] SecurityPkg/SecureBootConfigDxe: Fix certificate lookup algorithm
  2021-08-08 19:39 ` [PATCH] SecurityPkg/DxeImageVerificationLib: Fix certificate lookup algorithm Marvin Häuser
@ 2021-08-08 19:39   ` Marvin Häuser
  0 siblings, 0 replies; 49+ messages in thread
From: Marvin Häuser @ 2021-08-08 19:39 UTC (permalink / raw)
  To: devel; +Cc: Jiewen Yao, Jian J Wang, Min Xu, Vitaly Cheptsov

The current certificate lookup code does not check the bounds of the
authentication data before accessing it. Abort if the header cannot
fit, and proceed to the next hashing algortihm if the OID of the
current one exceeds the authentication data bounds.

Additionally move the two-byte encoding check out of the loop as the
data is invariant.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Min Xu <min.m.xu@intel.com>
Cc: Vitaly Cheptsov <vit9696@protonmail.com>
Signed-off-by: Marvin Häuser <mhaeuser@posteo.de>
---
 SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c | 45 ++++++++++++--------
 1 file changed, 28 insertions(+), 17 deletions(-)

diff --git a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c
index 65a8188d6d03..fd7629f61862 100644
--- a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c
+++ b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c
@@ -1969,30 +1969,41 @@ HashPeImageByType (
 {
   UINT8                     Index;
   WIN_CERTIFICATE_EFI_PKCS  *PkcsCertData;
+  UINT32                    AuthDataSize;
 
   PkcsCertData = (WIN_CERTIFICATE_EFI_PKCS *) (mImageBase + mSecDataDir->Offset);
+  if (PkcsCertData->Hdr.dwLength <= sizeof (PkcsCertData->Hdr)) {
+    return EFI_UNSUPPORTED;
+  }
+
+  AuthDataSize = PkcsCertData->Hdr.dwLength - sizeof (PkcsCertData->Hdr);
+  if (AuthDataSize < 32) {
+    return EFI_UNSUPPORTED;
+  }
+  //
+  // Check the Hash algorithm in PE/COFF Authenticode.
+  //    According to PKCS#7 Definition:
+  //        SignedData ::= SEQUENCE {
+  //            version Version,
+  //            digestAlgorithms DigestAlgorithmIdentifiers,
+  //            contentInfo ContentInfo,
+  //            .... }
+  //    The DigestAlgorithmIdentifiers can be used to determine the hash algorithm in PE/COFF hashing
+  //    This field has the fixed offset (+32) in final Authenticode ASN.1 data.
+  //    Fixed offset (+32) is calculated based on two bytes of length encoding.
+  //
+  if ((*(PkcsCertData->CertData + 1) & TWO_BYTE_ENCODE) != TWO_BYTE_ENCODE) {
+    //
+    // Only support two bytes of Long Form of Length Encoding.
+    //
+    return EFI_UNSUPPORTED;
+  }
 
   for (Index = 0; Index < HASHALG_MAX; Index++) {
-    //
-    // Check the Hash algorithm in PE/COFF Authenticode.
-    //    According to PKCS#7 Definition:
-    //        SignedData ::= SEQUENCE {
-    //            version Version,
-    //            digestAlgorithms DigestAlgorithmIdentifiers,
-    //            contentInfo ContentInfo,
-    //            .... }
-    //    The DigestAlgorithmIdentifiers can be used to determine the hash algorithm in PE/COFF hashing
-    //    This field has the fixed offset (+32) in final Authenticode ASN.1 data.
-    //    Fixed offset (+32) is calculated based on two bytes of length encoding.
-     //
-    if ((*(PkcsCertData->CertData + 1) & TWO_BYTE_ENCODE) != TWO_BYTE_ENCODE) {
-      //
-      // Only support two bytes of Long Form of Length Encoding.
-      //
+    if (AuthDataSize - 32 < mHash[Index].OidLength) {
       continue;
     }
 
-    //
     if (CompareMem (PkcsCertData->CertData + 32, mHash[Index].OidValue, mHash[Index].OidLength) == 0) {
       break;
     }
-- 
2.31.1


^ permalink raw reply related	[flat|nested] 49+ messages in thread

* [PATCH] UefiCpuPkg/BaseUefiCpuLib: Use toolchain-specific rodata section name
  2021-08-08 19:39 ` [PATCH] BaseTools: Define the read-only data section name per toolchain Marvin Häuser
@ 2021-08-08 19:39   ` Marvin Häuser
  0 siblings, 0 replies; 49+ messages in thread
From: Marvin Häuser @ 2021-08-08 19:39 UTC (permalink / raw)
  To: devel; +Cc: Eric Dong, Ray Ni, Rahul Kumar, Vitaly Cheptsov

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3318

Correctly define the read-only data sections with the
toolchain-specific section name. This hardens image permission
security and may save image space.

Cc: Eric Dong <eric.dong@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Rahul Kumar <rahul1.kumar@intel.com>
Cc: Vitaly Cheptsov <vit9696@protonmail.com>
Signed-off-by: Marvin Häuser <mhaeuser@posteo.de>
---
 UefiCpuPkg/Library/BaseUefiCpuLib/Ia32/InitializeFpu.nasm | 2 +-
 UefiCpuPkg/Library/BaseUefiCpuLib/X64/InitializeFpu.nasm  | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/UefiCpuPkg/Library/BaseUefiCpuLib/Ia32/InitializeFpu.nasm b/UefiCpuPkg/Library/BaseUefiCpuLib/Ia32/InitializeFpu.nasm
index 5e27cc325012..cfb8bf4a5ae0 100644
--- a/UefiCpuPkg/Library/BaseUefiCpuLib/Ia32/InitializeFpu.nasm
+++ b/UefiCpuPkg/Library/BaseUefiCpuLib/Ia32/InitializeFpu.nasm
@@ -6,7 +6,7 @@
 ;*
 ;------------------------------------------------------------------------------
 
-    SECTION .rodata
+    SECTION RODATA_SECTION_NAME
 
 ;
 ; Float control word initial value:
diff --git a/UefiCpuPkg/Library/BaseUefiCpuLib/X64/InitializeFpu.nasm b/UefiCpuPkg/Library/BaseUefiCpuLib/X64/InitializeFpu.nasm
index 8485b4713548..3c976a21e391 100644
--- a/UefiCpuPkg/Library/BaseUefiCpuLib/X64/InitializeFpu.nasm
+++ b/UefiCpuPkg/Library/BaseUefiCpuLib/X64/InitializeFpu.nasm
@@ -6,7 +6,7 @@
 ;*
 ;------------------------------------------------------------------------------
 
-    SECTION .rodata
+    SECTION RODATA_SECTION_NAME
 ;
 ; Float control word initial value:
 ; all exceptions masked, double-extended-precision, round-to-nearest
-- 
2.31.1


^ permalink raw reply related	[flat|nested] 49+ messages in thread

* [PATCH] EmbeddedPkg/GdbStub: Check DebugImageInfoTable type safely
  2021-08-08 19:39 ` [PATCH] MdeModulePkg/DxeCore: Consistent DebugImageInfoTable updates Marvin Häuser
  2021-08-08 19:39   ` [PATCH] MdeModulePkg/DxeCore: Fix DebugImageInfoTable size report Marvin Häuser
@ 2021-08-08 19:39   ` Marvin Häuser
  2021-08-08 19:39   ` [PATCH] ArmPkg/DefaultExceptionHandlerLib: " Marvin Häuser
                     ` (4 subsequent siblings)
  6 siblings, 0 replies; 49+ messages in thread
From: Marvin Häuser @ 2021-08-08 19:39 UTC (permalink / raw)
  To: devel
  Cc: Leif Lindholm, Ard Biesheuvel, Abner Chang, Daniel Schaefer,
	Vitaly Cheptsov

C does not allow casting to or dereferencing incompatible pointer
types. Use the ImageInfoType member of the union first to determine
the data type before dereferencing NormalImage.

Cc: Leif Lindholm <leif@nuviainc.com>
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Abner Chang <abner.chang@hpe.com>
Cc: Daniel Schaefer <daniel.schaefer@hpe.com>
Cc: Vitaly Cheptsov <vit9696@protonmail.com>
Signed-off-by: Marvin Häuser <mhaeuser@posteo.de>
---
 EmbeddedPkg/GdbStub/GdbStub.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/EmbeddedPkg/GdbStub/GdbStub.c b/EmbeddedPkg/GdbStub/GdbStub.c
index 7f2a5ed20011..09167fdafb4d 100644
--- a/EmbeddedPkg/GdbStub/GdbStub.c
+++ b/EmbeddedPkg/GdbStub/GdbStub.c
@@ -1043,8 +1043,8 @@ QxferLibrary (
 
   if (gDebugTable != NULL) {
     for (; gEfiDebugImageTableEntry < gDebugImageTableHeader->TableSize; gEfiDebugImageTableEntry++, gDebugTable++) {
-      if (gDebugTable->NormalImage != NULL) {
-        if ((gDebugTable->NormalImage->ImageInfoType == EFI_DEBUG_IMAGE_INFO_TYPE_NORMAL) &&
+      if (gDebugTable->ImageInfoType != NULL) {
+        if ((*gDebugTable->ImageInfoType == EFI_DEBUG_IMAGE_INFO_TYPE_NORMAL) &&
             (gDebugTable->NormalImage->LoadedImageProtocolInstance != NULL)) {
           Pdb = PeCoffLoaderGetDebuggerInfo (
                  gDebugTable->NormalImage->LoadedImageProtocolInstance->ImageBase,
-- 
2.31.1


^ permalink raw reply related	[flat|nested] 49+ messages in thread

* [PATCH] ArmPkg/DefaultExceptionHandlerLib: Check DebugImageInfoTable type safely
  2021-08-08 19:39 ` [PATCH] MdeModulePkg/DxeCore: Consistent DebugImageInfoTable updates Marvin Häuser
  2021-08-08 19:39   ` [PATCH] MdeModulePkg/DxeCore: Fix DebugImageInfoTable size report Marvin Häuser
  2021-08-08 19:39   ` [PATCH] EmbeddedPkg/GdbStub: Check DebugImageInfoTable type safely Marvin Häuser
@ 2021-08-08 19:39   ` Marvin Häuser
  2021-08-08 19:40   ` [PATCH] MdeModulePkg/CoreDxe: Mandatory LoadedImage for DebugImageInfoTable Marvin Häuser
                     ` (3 subsequent siblings)
  6 siblings, 0 replies; 49+ messages in thread
From: Marvin Häuser @ 2021-08-08 19:39 UTC (permalink / raw)
  To: devel; +Cc: Leif Lindholm, Ard Biesheuvel, Vitaly Cheptsov

C does not allow casting to or dereferencing incompatible pointer
types. Use the ImageInfoType member of the union first to determine
the data type before dereferencing NormalImage.

Cc: Leif Lindholm <leif@nuviainc.com>
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Vitaly Cheptsov <vit9696@protonmail.com>
Signed-off-by: Marvin Häuser <mhaeuser@posteo.de>
---
 ArmPkg/Library/DefaultExceptionHandlerLib/DefaultExceptionHandlerUefi.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/ArmPkg/Library/DefaultExceptionHandlerLib/DefaultExceptionHandlerUefi.c b/ArmPkg/Library/DefaultExceptionHandlerLib/DefaultExceptionHandlerUefi.c
index e9fea4038252..9befb6d4db9b 100644
--- a/ArmPkg/Library/DefaultExceptionHandlerLib/DefaultExceptionHandlerUefi.c
+++ b/ArmPkg/Library/DefaultExceptionHandlerLib/DefaultExceptionHandlerUefi.c
@@ -51,8 +51,8 @@ GetImageName (
 
   Address = (CHAR8 *)(UINTN)FaultAddress;
   for (Entry = 0; Entry < DebugTableHeader->TableSize; Entry++, DebugTable++) {
-    if (DebugTable->NormalImage != NULL) {
-      if ((DebugTable->NormalImage->ImageInfoType == EFI_DEBUG_IMAGE_INFO_TYPE_NORMAL) &&
+    if (DebugTable->ImageInfoType != NULL) {
+      if ((*DebugTable->ImageInfoType == EFI_DEBUG_IMAGE_INFO_TYPE_NORMAL) &&
           (DebugTable->NormalImage->LoadedImageProtocolInstance != NULL)) {
         if ((Address >= (CHAR8 *)DebugTable->NormalImage->LoadedImageProtocolInstance->ImageBase) &&
             (Address <= ((CHAR8 *)DebugTable->NormalImage->LoadedImageProtocolInstance->ImageBase + DebugTable->NormalImage->LoadedImageProtocolInstance->ImageSize))) {
-- 
2.31.1


^ permalink raw reply related	[flat|nested] 49+ messages in thread

* [PATCH] MdeModulePkg/CoreDxe: Mandatory LoadedImage for DebugImageInfoTable
  2021-08-08 19:39 ` [PATCH] MdeModulePkg/DxeCore: Consistent DebugImageInfoTable updates Marvin Häuser
                     ` (2 preceding siblings ...)
  2021-08-08 19:39   ` [PATCH] ArmPkg/DefaultExceptionHandlerLib: " Marvin Häuser
@ 2021-08-08 19:40   ` Marvin Häuser
  2021-08-08 19:40   ` [PATCH] EmbeddedPkg/GdbStub: " Marvin Häuser
                     ` (2 subsequent siblings)
  6 siblings, 0 replies; 49+ messages in thread
From: Marvin Häuser @ 2021-08-08 19:40 UTC (permalink / raw)
  To: devel; +Cc: Jian J Wang, Hao A Wu, Dandan Bi, Liming Gao, Vitaly Cheptsov

To make parsing DebugImageInfoTable easier and safer, require the
LoadedImage protocol instance to be valid for every NormalImage
entry.

Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
Cc: Dandan Bi <dandan.bi@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Vitaly Cheptsov <vit9696@protonmail.com>
Signed-off-by: Marvin Häuser <mhaeuser@posteo.de>
---
 MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c b/MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c
index cc22e23eb0b3..afc54965bc33 100644
--- a/MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c
+++ b/MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c
@@ -173,6 +173,8 @@ CoreNewDebugImageInfoEntry (
   UINTN                       TableSize;
   EFI_DEBUG_IMAGE_INFO_NORMAL *NormalImage;
 
+  ASSERT (LoadedImage != NULL);
+
   //
   // Set the flag indicating that we're in the process of updating the table.
   //
-- 
2.31.1


^ permalink raw reply related	[flat|nested] 49+ messages in thread

* [PATCH] EmbeddedPkg/GdbStub: Mandatory LoadedImage for DebugImageInfoTable
  2021-08-08 19:39 ` [PATCH] MdeModulePkg/DxeCore: Consistent DebugImageInfoTable updates Marvin Häuser
                     ` (3 preceding siblings ...)
  2021-08-08 19:40   ` [PATCH] MdeModulePkg/CoreDxe: Mandatory LoadedImage for DebugImageInfoTable Marvin Häuser
@ 2021-08-08 19:40   ` Marvin Häuser
  2021-08-08 19:40   ` [PATCH] ArmPkg/DefaultExceptionHandlerLib: " Marvin Häuser
  2021-08-09  6:10   ` [PATCH] MdeModulePkg/DxeCore: Consistent DebugImageInfoTable updates Wu, Hao A
  6 siblings, 0 replies; 49+ messages in thread
From: Marvin Häuser @ 2021-08-08 19:40 UTC (permalink / raw)
  To: devel
  Cc: Leif Lindholm, Ard Biesheuvel, Abner Chang, Daniel Schaefer,
	Vitaly Cheptsov

To make parsing DebugImageInfoTable easier and safer, require the
LoadedImage protocol instance to be valid for every NormalImage
entry.

Cc: Leif Lindholm <leif@nuviainc.com>
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Abner Chang <abner.chang@hpe.com>
Cc: Daniel Schaefer <daniel.schaefer@hpe.com>
Cc: Vitaly Cheptsov <vit9696@protonmail.com>
Signed-off-by: Marvin Häuser <mhaeuser@posteo.de>
---
 EmbeddedPkg/GdbStub/GdbStub.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/EmbeddedPkg/GdbStub/GdbStub.c b/EmbeddedPkg/GdbStub/GdbStub.c
index 09167fdafb4d..29aa63237304 100644
--- a/EmbeddedPkg/GdbStub/GdbStub.c
+++ b/EmbeddedPkg/GdbStub/GdbStub.c
@@ -1044,8 +1044,9 @@ QxferLibrary (
   if (gDebugTable != NULL) {
     for (; gEfiDebugImageTableEntry < gDebugImageTableHeader->TableSize; gEfiDebugImageTableEntry++, gDebugTable++) {
       if (gDebugTable->ImageInfoType != NULL) {
-        if ((*gDebugTable->ImageInfoType == EFI_DEBUG_IMAGE_INFO_TYPE_NORMAL) &&
-            (gDebugTable->NormalImage->LoadedImageProtocolInstance != NULL)) {
+        if (*gDebugTable->ImageInfoType == EFI_DEBUG_IMAGE_INFO_TYPE_NORMAL) {
+          ASSERT (gDebugTable->NormalImage->LoadedImageProtocolInstance != NULL);
+
           Pdb = PeCoffLoaderGetDebuggerInfo (
                  gDebugTable->NormalImage->LoadedImageProtocolInstance->ImageBase,
                  &LoadAddress
-- 
2.31.1


^ permalink raw reply related	[flat|nested] 49+ messages in thread

* [PATCH] ArmPkg/DefaultExceptionHandlerLib: Mandatory LoadedImage for DebugImageInfoTable
  2021-08-08 19:39 ` [PATCH] MdeModulePkg/DxeCore: Consistent DebugImageInfoTable updates Marvin Häuser
                     ` (4 preceding siblings ...)
  2021-08-08 19:40   ` [PATCH] EmbeddedPkg/GdbStub: " Marvin Häuser
@ 2021-08-08 19:40   ` Marvin Häuser
  2021-08-09  6:10   ` [PATCH] MdeModulePkg/DxeCore: Consistent DebugImageInfoTable updates Wu, Hao A
  6 siblings, 0 replies; 49+ messages in thread
From: Marvin Häuser @ 2021-08-08 19:40 UTC (permalink / raw)
  To: devel; +Cc: Leif Lindholm, Ard Biesheuvel, Vitaly Cheptsov

To make parsing DebugImageInfoTable easier and safer, require the
LoadedImage protocol instance to be valid for every NormalImage
entry.

Cc: Leif Lindholm <leif@nuviainc.com>
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Vitaly Cheptsov <vit9696@protonmail.com>
Signed-off-by: Marvin Häuser <mhaeuser@posteo.de>
---
 ArmPkg/Library/DefaultExceptionHandlerLib/DefaultExceptionHandlerUefi.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/ArmPkg/Library/DefaultExceptionHandlerLib/DefaultExceptionHandlerUefi.c b/ArmPkg/Library/DefaultExceptionHandlerLib/DefaultExceptionHandlerUefi.c
index 9befb6d4db9b..d442b5d358b2 100644
--- a/ArmPkg/Library/DefaultExceptionHandlerLib/DefaultExceptionHandlerUefi.c
+++ b/ArmPkg/Library/DefaultExceptionHandlerLib/DefaultExceptionHandlerUefi.c
@@ -52,8 +52,9 @@ GetImageName (
   Address = (CHAR8 *)(UINTN)FaultAddress;
   for (Entry = 0; Entry < DebugTableHeader->TableSize; Entry++, DebugTable++) {
     if (DebugTable->ImageInfoType != NULL) {
-      if ((*DebugTable->ImageInfoType == EFI_DEBUG_IMAGE_INFO_TYPE_NORMAL) &&
-          (DebugTable->NormalImage->LoadedImageProtocolInstance != NULL)) {
+      if (*DebugTable->ImageInfoType == EFI_DEBUG_IMAGE_INFO_TYPE_NORMAL) {
+        ASSERT (gDebugTable->NormalImage->LoadedImageProtocolInstance != NULL);
+
         if ((Address >= (CHAR8 *)DebugTable->NormalImage->LoadedImageProtocolInstance->ImageBase) &&
             (Address <= ((CHAR8 *)DebugTable->NormalImage->LoadedImageProtocolInstance->ImageBase + DebugTable->NormalImage->LoadedImageProtocolInstance->ImageSize))) {
           *ImageBase = (UINTN)DebugTable->NormalImage->LoadedImageProtocolInstance->ImageBase;
-- 
2.31.1


^ permalink raw reply related	[flat|nested] 49+ messages in thread

* Re: [PATCH] SecurityPkg/DxeImageVerificationLib: Always lookup SHA-256 hash in dbx
  2021-08-08 19:39 ` [PATCH] SecurityPkg/DxeImageVerificationLib: Always lookup SHA-256 hash in dbx Marvin Häuser
@ 2021-08-09  0:02   ` Min Xu
  2021-08-09  5:25     ` [edk2-devel] " Marvin Häuser
  2021-08-09  2:48   ` Yao, Jiewen
  1 sibling, 1 reply; 49+ messages in thread
From: Min Xu @ 2021-08-09  0:02 UTC (permalink / raw)
  To: Marvin Häuser, devel@edk2.groups.io
  Cc: Yao, Jiewen, Wang, Jian J, Vitaly Cheptsov

On August 9, 2021 3:40 AM, Marvin Häuser wrote:
> Subject: [PATCH] SecurityPkg/DxeImageVerificationLib: Always lookup SHA-256
> hash in dbx
> 
> REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3461
> 
> The UEFI specification prohibits loading any UEFI image of which a matching
> SHA-256 hash is contained in "dbx" (UEFI 2.9, 32.5.3.3 "Authorization Process",
> 3.A). Currently, this is only explicitly checked when the image is unsigned and
> otherwise the hash algorithms of the certificates are used.
> 
> Align with the UEFI specification by specifically looking up the
> SHA-256 hash of the image in "dbx".
> 
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> Cc: Jian J Wang <jian.j.wang@intel.com>
> Cc: Min Xu <min.m.xu@intel.com>
> Cc: Vitaly Cheptsov <vit9696@protonmail.com>
> Signed-off-by: Marvin Häuser <mhaeuser@posteo.de>
> ---
It seems there are 3 patches sent from Marvin Häuser and I suppose they're in one patch-set, right? Please follow the link below to send out patch-set for review.
https://github.com/tianocore/tianocore.github.io/wiki/Laszlo's-unkempt-git-guide-for-edk2-contributors-and-maintainers
For example, if there are 3 commits in one patch-set, then the subject of the commits looks like:
[PATCH 0/4] This is the cover letter
[PATCH 1/4] This is patch 1

Otherwise the reviewers are confused by the patches.

Thanks!
Xu, Min

^ permalink raw reply	[flat|nested] 49+ messages in thread

* Re: [PATCH] SecurityPkg/DxeImageVerificationLib: Always lookup SHA-256 hash in dbx
  2021-08-08 19:39 ` [PATCH] SecurityPkg/DxeImageVerificationLib: Always lookup SHA-256 hash in dbx Marvin Häuser
  2021-08-09  0:02   ` Min Xu
@ 2021-08-09  2:48   ` Yao, Jiewen
  2021-08-09  5:42     ` [edk2-devel] " Marvin Häuser
  1 sibling, 1 reply; 49+ messages in thread
From: Yao, Jiewen @ 2021-08-09  2:48 UTC (permalink / raw)
  To: Marvin Häuser, devel@edk2.groups.io
  Cc: Wang, Jian J, Xu, Min M, Vitaly Cheptsov

Hi Marvin
With this patch, the path "Action == EFI_IMAGE_EXECUTION_AUTH_SIG_FOUND" no longer exists.

Do you think we should remove EFI_IMAGE_EXECUTION_AUTH_SIG_FOUND as well?



Thank you
Yao Jiewen


> -----Original Message-----
> From: Marvin Häuser <mhaeuser@posteo.de>
> Sent: Monday, August 9, 2021 3:40 AM
> To: devel@edk2.groups.io
> Cc: Yao, Jiewen <jiewen.yao@intel.com>; Wang, Jian J <jian.j.wang@intel.com>;
> Xu, Min M <min.m.xu@intel.com>; Vitaly Cheptsov <vit9696@protonmail.com>
> Subject: [PATCH] SecurityPkg/DxeImageVerificationLib: Always lookup SHA-256
> hash in dbx
> 
> REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3461
> 
> The UEFI specification prohibits loading any UEFI image of which a
> matching SHA-256 hash is contained in "dbx" (UEFI 2.9, 32.5.3.3
> "Authorization Process", 3.A). Currently, this is only explicitly
> checked when the image is unsigned and otherwise the hash algorithms
> of the certificates are used.
> 
> Align with the UEFI specification by specifically looking up the
> SHA-256 hash of the image in "dbx".
> 
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> Cc: Jian J Wang <jian.j.wang@intel.com>
> Cc: Min Xu <min.m.xu@intel.com>
> Cc: Vitaly Cheptsov <vit9696@protonmail.com>
> Signed-off-by: Marvin Häuser <mhaeuser@posteo.de>
> ---
>  SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c | 60
> ++++++++------------
>  1 file changed, 24 insertions(+), 36 deletions(-)
> 
> diff --git
> a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
> b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
> index c48861cd6496..1f9bb33e86c3 100644
> --- a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
> +++ b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
> @@ -1803,34 +1803,36 @@ DxeImageVerificationHandler (
>      }
> 
>    }
> 
> 
> 
> +  //
> 
> +  // The SHA256 hash value of the image must not be reflected in the security
> data base "dbx".
> 
> +  //
> 
> +  if (!HashPeImage (HASHALG_SHA256)) {
> 
> +    DEBUG ((DEBUG_INFO, "DxeImageVerificationLib: Failed to hash this image
> using %s.\n", mHashTypeStr));
> 
> +    goto Failed;
> 
> +  }
> 
> +
> 
> +  DbStatus = IsSignatureFoundInDatabase (
> 
> +               EFI_IMAGE_SECURITY_DATABASE1,
> 
> +               mImageDigest,
> 
> +               &mCertType,
> 
> +               mImageDigestSize,
> 
> +               &IsFound
> 
> +               );
> 
> +  if (EFI_ERROR (DbStatus) || IsFound) {
> 
> +    //
> 
> +    // Image Hash is in forbidden database (DBX).
> 
> +    //
> 
> +    DEBUG ((DEBUG_INFO, "DxeImageVerificationLib: Image is not signed
> and %s hash of image is forbidden by DBX.\n", mHashTypeStr));
> 
> +    goto Failed;
> 
> +  }
> 
> +
> 
>    //
> 
>    // Start Image Validation.
> 
>    //
> 
>    if (SecDataDir == NULL || SecDataDir->Size == 0) {
> 
>      //
> 
> -    // This image is not signed. The SHA256 hash value of the image must match
> a record in the security database "db",
> 
> -    // and not be reflected in the security data base "dbx".
> 
> +    // This image is not signed. The SHA256 hash value of the image must match
> a record in the security database "db".
> 
>      //
> 
> -    if (!HashPeImage (HASHALG_SHA256)) {
> 
> -      DEBUG ((DEBUG_INFO, "DxeImageVerificationLib: Failed to hash this image
> using %s.\n", mHashTypeStr));
> 
> -      goto Failed;
> 
> -    }
> 
> -
> 
> -    DbStatus = IsSignatureFoundInDatabase (
> 
> -                 EFI_IMAGE_SECURITY_DATABASE1,
> 
> -                 mImageDigest,
> 
> -                 &mCertType,
> 
> -                 mImageDigestSize,
> 
> -                 &IsFound
> 
> -                 );
> 
> -    if (EFI_ERROR (DbStatus) || IsFound) {
> 
> -      //
> 
> -      // Image Hash is in forbidden database (DBX).
> 
> -      //
> 
> -      DEBUG ((DEBUG_INFO, "DxeImageVerificationLib: Image is not signed
> and %s hash of image is forbidden by DBX.\n", mHashTypeStr));
> 
> -      goto Failed;
> 
> -    }
> 
> -
> 
>      DbStatus = IsSignatureFoundInDatabase (
> 
>                   EFI_IMAGE_SECURITY_DATABASE,
> 
>                   mImageDigest,
> 
> @@ -1932,20 +1934,6 @@ DxeImageVerificationHandler (
>      //
> 
>      // Check the image's hash value.
> 
>      //
> 
> -    DbStatus = IsSignatureFoundInDatabase (
> 
> -                 EFI_IMAGE_SECURITY_DATABASE1,
> 
> -                 mImageDigest,
> 
> -                 &mCertType,
> 
> -                 mImageDigestSize,
> 
> -                 &IsFound
> 
> -                 );
> 
> -    if (EFI_ERROR (DbStatus) || IsFound) {
> 
> -      Action = EFI_IMAGE_EXECUTION_AUTH_SIG_FOUND;
> 
> -      DEBUG ((DEBUG_INFO, "DxeImageVerificationLib: Image is signed but %s
> hash of image is found in DBX.\n", mHashTypeStr));
> 
> -      IsVerified = FALSE;
> 
> -      break;
> 
> -    }
> 
> -
> 
>      if (!IsVerified) {
> 
>        DbStatus = IsSignatureFoundInDatabase (
> 
>                     EFI_IMAGE_SECURITY_DATABASE,
> 
> --
> 2.31.1


^ permalink raw reply	[flat|nested] 49+ messages in thread

* Re: [PATCH] UefiPayloadPkg/UefiPayloadEntry: Fix memory corruption
  2021-08-08 19:39 ` [PATCH] UefiPayloadPkg/UefiPayloadEntry: Fix memory corruption Marvin Häuser
@ 2021-08-09  4:20   ` Ni, Ray
  2021-08-09  5:47     ` Marvin Häuser
  2021-08-10 19:13   ` Guo Dong
  1 sibling, 1 reply; 49+ messages in thread
From: Ni, Ray @ 2021-08-09  4:20 UTC (permalink / raw)
  To: Marvin Häuser, devel@edk2.groups.io
  Cc: Dong, Guo, Ma, Maurice, You, Benjamin, Vitaly Cheptsov

It's so lucky that no code calls AllocatePool so the bug didn't cause real issues. (I tried to remove AllocatePool() and build still passed.)

Thanks for catching the bug. Reviewed-by: Ray Ni <ray.ni@intel.com>

Can you kindly share how you found this issue?

Thanks,
Ray

-----Original Message-----
From: Marvin Häuser <mhaeuser@posteo.de> 
Sent: Monday, August 9, 2021 3:40 AM
To: devel@edk2.groups.io
Cc: Dong, Guo <guo.dong@intel.com>; Ni, Ray <ray.ni@intel.com>; Ma, Maurice <maurice.ma@intel.com>; You, Benjamin <benjamin.you@intel.com>; Vitaly Cheptsov <vit9696@protonmail.com>
Subject: [PATCH] UefiPayloadPkg/UefiPayloadEntry: Fix memory corruption

UefiPayloadEntry's AllocatePool() applies the "sizeof" operator to
HOB index rather than the HOB header structure. This yields 4 Bytes
compared to the 8 Bytes the structure header requires. Fix the call
to allocate the required space instead.

Cc: Guo Dong <guo.dong@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Maurice Ma <maurice.ma@intel.com>
Cc: Benjamin You <benjamin.you@intel.com>
Cc: Vitaly Cheptsov <vit9696@protonmail.com>
Signed-off-by: Marvin Häuser <mhaeuser@posteo.de>
---
 UefiPayloadPkg/UefiPayloadEntry/MemoryAllocation.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/UefiPayloadPkg/UefiPayloadEntry/MemoryAllocation.c b/UefiPayloadPkg/UefiPayloadEntry/MemoryAllocation.c
index 1204573b3e09..f3494969e5ac 100644
--- a/UefiPayloadPkg/UefiPayloadEntry/MemoryAllocation.c
+++ b/UefiPayloadPkg/UefiPayloadEntry/MemoryAllocation.c
@@ -163,7 +163,7 @@ AllocatePool (
     return NULL;

   }

 

-  Hob = (EFI_HOB_MEMORY_POOL *)CreateHob (EFI_HOB_TYPE_MEMORY_POOL, (UINT16)(sizeof (EFI_HOB_TYPE_MEMORY_POOL) + AllocationSize));

+  Hob = (EFI_HOB_MEMORY_POOL *)CreateHob (EFI_HOB_TYPE_MEMORY_POOL, (UINT16)(sizeof (EFI_HOB_MEMORY_POOL) + AllocationSize));

   return (VOID *)(Hob + 1);

 }

 

-- 
2.31.1


^ permalink raw reply related	[flat|nested] 49+ messages in thread

* Re: [PATCH] MdeModulePkg/PiSmmCore: Drop deprecated image profiling commands
  2021-08-08 19:39 ` [PATCH] MdeModulePkg/PiSmmCore: Drop deprecated image profiling commands Marvin Häuser
@ 2021-08-09  4:23   ` Ni, Ray
  2021-08-09  5:33     ` Yao, Jiewen
  0 siblings, 1 reply; 49+ messages in thread
From: Ni, Ray @ 2021-08-09  4:23 UTC (permalink / raw)
  To: mhaeuser@posteo.de, devel@edk2.groups.io
  Cc: Wang, Jian J, Wu, Hao A, Dong, Eric, Vitaly Cheptsov, Zeng, Star,
	Yao, Jiewen

Reviewed-by: Ray Ni <ray.ni@intel.com>

+Star and Jiewen for confirmation.

-----Original Message-----
From: Marvin Häuser <mhaeuser@posteo.de> 
Sent: Monday, August 9, 2021 3:40 AM
To: devel@edk2.groups.io
Cc: Wang, Jian J <jian.j.wang@intel.com>; Wu, Hao A <hao.a.wu@intel.com>; Dong, Eric <eric.dong@intel.com>; Ni, Ray <ray.ni@intel.com>; Vitaly Cheptsov <vit9696@protonmail.com>
Subject: [PATCH] MdeModulePkg/PiSmmCore: Drop deprecated image profiling commands

The legacy codebase allowed SMM images to be registered for profiling
from DXE. Support for this has been dropped entirely, so remove the
remaining handlers.

Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
Cc: Eric Dong <eric.dong@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Vitaly Cheptsov <vit9696@protonmail.com>
Signed-off-by: Marvin Häuser <mhaeuser@posteo.de>
---
 MdeModulePkg/Core/PiSmmCore/SmramProfileRecord.c | 80 --------------------
 MdeModulePkg/Include/Guid/MemoryProfile.h        |  5 --
 2 files changed, 85 deletions(-)

diff --git a/MdeModulePkg/Core/PiSmmCore/SmramProfileRecord.c b/MdeModulePkg/Core/PiSmmCore/SmramProfileRecord.c
index 1b302c810cc9..7316df7531fd 100644
--- a/MdeModulePkg/Core/PiSmmCore/SmramProfileRecord.c
+++ b/MdeModulePkg/Core/PiSmmCore/SmramProfileRecord.c
@@ -2232,64 +2232,6 @@ Done:
   mSmramProfileGettingStatus = SmramProfileGettingStatus;

 }

 

-/**

-  SMRAM profile handler to register SMM image.

-

-  @param SmramProfileParameterRegisterImage The parameter of SMM profile register image.

-

-**/

-VOID

-SmramProfileHandlerRegisterImage (

-  IN SMRAM_PROFILE_PARAMETER_REGISTER_IMAGE *SmramProfileParameterRegisterImage

-  )

-{

-  EFI_STATUS                        Status;

-  EFI_SMM_DRIVER_ENTRY              DriverEntry;

-  VOID                              *EntryPointInImage;

-

-  ZeroMem (&DriverEntry, sizeof (DriverEntry));

-  CopyMem (&DriverEntry.FileName, &SmramProfileParameterRegisterImage->FileName, sizeof(EFI_GUID));

-  DriverEntry.ImageBuffer = SmramProfileParameterRegisterImage->ImageBuffer;

-  DriverEntry.NumberOfPage = (UINTN) SmramProfileParameterRegisterImage->NumberOfPage;

-  Status = InternalPeCoffGetEntryPoint ((VOID *) (UINTN) DriverEntry.ImageBuffer, &EntryPointInImage);

-  ASSERT_EFI_ERROR (Status);

-  DriverEntry.ImageEntryPoint = (PHYSICAL_ADDRESS) (UINTN) EntryPointInImage;

-

-  Status = RegisterSmramProfileImage (&DriverEntry, FALSE);

-  if (!EFI_ERROR (Status)) {

-    SmramProfileParameterRegisterImage->Header.ReturnStatus = 0;

-  }

-}

-

-/**

-  SMRAM profile handler to unregister SMM image.

-

-  @param SmramProfileParameterUnregisterImage The parameter of SMM profile unregister image.

-

-**/

-VOID

-SmramProfileHandlerUnregisterImage (

-  IN SMRAM_PROFILE_PARAMETER_UNREGISTER_IMAGE *SmramProfileParameterUnregisterImage

-  )

-{

-  EFI_STATUS                        Status;

-  EFI_SMM_DRIVER_ENTRY              DriverEntry;

-  VOID                              *EntryPointInImage;

-

-  ZeroMem (&DriverEntry, sizeof (DriverEntry));

-  CopyMem (&DriverEntry.FileName, &SmramProfileParameterUnregisterImage->FileName, sizeof (EFI_GUID));

-  DriverEntry.ImageBuffer = SmramProfileParameterUnregisterImage->ImageBuffer;

-  DriverEntry.NumberOfPage = (UINTN) SmramProfileParameterUnregisterImage->NumberOfPage;

-  Status = InternalPeCoffGetEntryPoint ((VOID *) (UINTN) DriverEntry.ImageBuffer, &EntryPointInImage);

-  ASSERT_EFI_ERROR (Status);

-  DriverEntry.ImageEntryPoint = (PHYSICAL_ADDRESS) (UINTN) EntryPointInImage;

-

-  Status = UnregisterSmramProfileImage (&DriverEntry, FALSE);

-  if (!EFI_ERROR (Status)) {

-    SmramProfileParameterUnregisterImage->Header.ReturnStatus = 0;

-  }

-}

-

 /**

   Dispatch function for a Software SMI handler.

 

@@ -2374,28 +2316,6 @@ SmramProfileHandler (
     }

     SmramProfileHandlerGetDataByOffset ((SMRAM_PROFILE_PARAMETER_GET_PROFILE_DATA_BY_OFFSET *) (UINTN) CommBuffer);

     break;

-  case SMRAM_PROFILE_COMMAND_REGISTER_IMAGE:

-    DEBUG ((EFI_D_ERROR, "SmramProfileHandlerRegisterImage\n"));

-    if (TempCommBufferSize != sizeof (SMRAM_PROFILE_PARAMETER_REGISTER_IMAGE)) {

-      DEBUG ((EFI_D_ERROR, "SmramProfileHandler: SMM communication buffer size invalid!\n"));

-      return EFI_SUCCESS;

-    }

-    if (mSmramReadyToLock) {

-      return EFI_SUCCESS;

-    }

-    SmramProfileHandlerRegisterImage ((SMRAM_PROFILE_PARAMETER_REGISTER_IMAGE *) (UINTN) CommBuffer);

-    break;

-  case SMRAM_PROFILE_COMMAND_UNREGISTER_IMAGE:

-    DEBUG ((EFI_D_ERROR, "SmramProfileHandlerUnregisterImage\n"));

-    if (TempCommBufferSize != sizeof (SMRAM_PROFILE_PARAMETER_UNREGISTER_IMAGE)) {

-      DEBUG ((EFI_D_ERROR, "SmramProfileHandler: SMM communication buffer size invalid!\n"));

-      return EFI_SUCCESS;

-    }

-    if (mSmramReadyToLock) {

-      return EFI_SUCCESS;

-    }

-    SmramProfileHandlerUnregisterImage ((SMRAM_PROFILE_PARAMETER_UNREGISTER_IMAGE *) (UINTN) CommBuffer);

-    break;

   case SMRAM_PROFILE_COMMAND_GET_RECORDING_STATE:

     DEBUG ((EFI_D_ERROR, "SmramProfileHandlerGetRecordingState\n"));

     if (TempCommBufferSize != sizeof (SMRAM_PROFILE_PARAMETER_RECORDING_STATE)) {

diff --git a/MdeModulePkg/Include/Guid/MemoryProfile.h b/MdeModulePkg/Include/Guid/MemoryProfile.h
index eee3b9125240..92cd1e7cf493 100644
--- a/MdeModulePkg/Include/Guid/MemoryProfile.h
+++ b/MdeModulePkg/Include/Guid/MemoryProfile.h
@@ -388,11 +388,6 @@ struct _EDKII_MEMORY_PROFILE_PROTOCOL {
 //

 #define SMRAM_PROFILE_COMMAND_GET_PROFILE_INFO           0x1

 #define SMRAM_PROFILE_COMMAND_GET_PROFILE_DATA           0x2

-//

-// Below 2 commands are now used by ECP only and only valid before SmmReadyToLock

-//

-#define SMRAM_PROFILE_COMMAND_REGISTER_IMAGE             0x3

-#define SMRAM_PROFILE_COMMAND_UNREGISTER_IMAGE           0x4

 

 #define SMRAM_PROFILE_COMMAND_GET_PROFILE_DATA_BY_OFFSET 0x5

 #define SMRAM_PROFILE_COMMAND_GET_RECORDING_STATE        0x6

-- 
2.31.1


^ permalink raw reply related	[flat|nested] 49+ messages in thread

* Re: [edk2-devel] [PATCH] SecurityPkg/DxeImageVerificationLib: Always lookup SHA-256 hash in dbx
  2021-08-09  0:02   ` Min Xu
@ 2021-08-09  5:25     ` Marvin Häuser
  0 siblings, 0 replies; 49+ messages in thread
From: Marvin Häuser @ 2021-08-09  5:25 UTC (permalink / raw)
  To: devel, min.m.xu; +Cc: Yao, Jiewen, Wang, Jian J, Vitaly Cheptsov

Good day,

I just woke up to this mess, yes. I actually did follow that guide, just 
around 3 years ago I believe, so let me check where things went wrong 
since then...
The patch you quoted was a standalone patch. However, for some reason, 
none of the other patch series had indices appended.
I'm sure I can get that fixed shortly, but what to do then, re-send the 
entire bulk? I don't want to spam the list, maybe it is smarter to group 
them by some overview mail this one time?

Sorry for the disruption!

Best regards,
Marvin

On 09/08/2021 02:02, Min Xu wrote:
> On August 9, 2021 3:40 AM, Marvin Häuser wrote:
>> Subject: [PATCH] SecurityPkg/DxeImageVerificationLib: Always lookup SHA-256
>> hash in dbx
>>
>> REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3461
>>
>> The UEFI specification prohibits loading any UEFI image of which a matching
>> SHA-256 hash is contained in "dbx" (UEFI 2.9, 32.5.3.3 "Authorization Process",
>> 3.A). Currently, this is only explicitly checked when the image is unsigned and
>> otherwise the hash algorithms of the certificates are used.
>>
>> Align with the UEFI specification by specifically looking up the
>> SHA-256 hash of the image in "dbx".
>>
>> Cc: Jiewen Yao <jiewen.yao@intel.com>
>> Cc: Jian J Wang <jian.j.wang@intel.com>
>> Cc: Min Xu <min.m.xu@intel.com>
>> Cc: Vitaly Cheptsov <vit9696@protonmail.com>
>> Signed-off-by: Marvin Häuser <mhaeuser@posteo.de>
>> ---
> It seems there are 3 patches sent from Marvin Häuser and I suppose they're in one patch-set, right? Please follow the link below to send out patch-set for review.
> https://github.com/tianocore/tianocore.github.io/wiki/Laszlo's-unkempt-git-guide-for-edk2-contributors-and-maintainers
> For example, if there are 3 commits in one patch-set, then the subject of the commits looks like:
> [PATCH 0/4] This is the cover letter
> [PATCH 1/4] This is patch 1
>
> Otherwise the reviewers are confused by the patches.
>
> Thanks!
> Xu, Min
>
>
> 
>
>


^ permalink raw reply	[flat|nested] 49+ messages in thread

* Re: [PATCH] MdeModulePkg/PiSmmCore: Drop deprecated image profiling commands
  2021-08-09  4:23   ` Ni, Ray
@ 2021-08-09  5:33     ` Yao, Jiewen
  2021-08-09  5:43       ` [edk2-devel] " Marvin Häuser
  0 siblings, 1 reply; 49+ messages in thread
From: Yao, Jiewen @ 2021-08-09  5:33 UTC (permalink / raw)
  To: Ni, Ray, mhaeuser@posteo.de, devel@edk2.groups.io
  Cc: Wang, Jian J, Wu, Hao A, Dong, Eric, Vitaly Cheptsov, Zeng, Star

Can we define 3 and 4 to be "reserved and do not use", instead of removed ?
-#define SMRAM_PROFILE_COMMAND_REGISTER_IMAGE             0x3
-#define SMRAM_PROFILE_COMMAND_UNREGISTER_IMAGE           0x4

For example:
Command 0x3 and 0x4 are deprecated and reserved. They should not be used in the future.

With that changed, reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>


> -----Original Message-----
> From: Ni, Ray <ray.ni@intel.com>
> Sent: Monday, August 9, 2021 12:24 PM
> To: mhaeuser@posteo.de; devel@edk2.groups.io
> Cc: Wang, Jian J <jian.j.wang@intel.com>; Wu, Hao A <hao.a.wu@intel.com>;
> Dong, Eric <eric.dong@intel.com>; Vitaly Cheptsov <vit9696@protonmail.com>;
> Zeng, Star <star.zeng@intel.com>; Yao, Jiewen <jiewen.yao@intel.com>
> Subject: RE: [PATCH] MdeModulePkg/PiSmmCore: Drop deprecated image
> profiling commands
> 
> Reviewed-by: Ray Ni <ray.ni@intel.com>
> 
> +Star and Jiewen for confirmation.
> 
> -----Original Message-----
> From: Marvin Häuser <mhaeuser@posteo.de>
> Sent: Monday, August 9, 2021 3:40 AM
> To: devel@edk2.groups.io
> Cc: Wang, Jian J <jian.j.wang@intel.com>; Wu, Hao A <hao.a.wu@intel.com>;
> Dong, Eric <eric.dong@intel.com>; Ni, Ray <ray.ni@intel.com>; Vitaly Cheptsov
> <vit9696@protonmail.com>
> Subject: [PATCH] MdeModulePkg/PiSmmCore: Drop deprecated image profiling
> commands
> 
> The legacy codebase allowed SMM images to be registered for profiling
> from DXE. Support for this has been dropped entirely, so remove the
> remaining handlers.
> 
> Cc: Jian J Wang <jian.j.wang@intel.com>
> Cc: Hao A Wu <hao.a.wu@intel.com>
> Cc: Eric Dong <eric.dong@intel.com>
> Cc: Ray Ni <ray.ni@intel.com>
> Cc: Vitaly Cheptsov <vit9696@protonmail.com>
> Signed-off-by: Marvin Häuser <mhaeuser@posteo.de>
> ---
>  MdeModulePkg/Core/PiSmmCore/SmramProfileRecord.c | 80 --------------------
>  MdeModulePkg/Include/Guid/MemoryProfile.h        |  5 --
>  2 files changed, 85 deletions(-)
> 
> diff --git a/MdeModulePkg/Core/PiSmmCore/SmramProfileRecord.c
> b/MdeModulePkg/Core/PiSmmCore/SmramProfileRecord.c
> index 1b302c810cc9..7316df7531fd 100644
> --- a/MdeModulePkg/Core/PiSmmCore/SmramProfileRecord.c
> +++ b/MdeModulePkg/Core/PiSmmCore/SmramProfileRecord.c
> @@ -2232,64 +2232,6 @@ Done:
>    mSmramProfileGettingStatus = SmramProfileGettingStatus;
> 
>  }
> 
> 
> 
> -/**
> 
> -  SMRAM profile handler to register SMM image.
> 
> -
> 
> -  @param SmramProfileParameterRegisterImage The parameter of SMM
> profile register image.
> 
> -
> 
> -**/
> 
> -VOID
> 
> -SmramProfileHandlerRegisterImage (
> 
> -  IN SMRAM_PROFILE_PARAMETER_REGISTER_IMAGE
> *SmramProfileParameterRegisterImage
> 
> -  )
> 
> -{
> 
> -  EFI_STATUS                        Status;
> 
> -  EFI_SMM_DRIVER_ENTRY              DriverEntry;
> 
> -  VOID                              *EntryPointInImage;
> 
> -
> 
> -  ZeroMem (&DriverEntry, sizeof (DriverEntry));
> 
> -  CopyMem (&DriverEntry.FileName, &SmramProfileParameterRegisterImage-
> >FileName, sizeof(EFI_GUID));
> 
> -  DriverEntry.ImageBuffer = SmramProfileParameterRegisterImage-
> >ImageBuffer;
> 
> -  DriverEntry.NumberOfPage = (UINTN) SmramProfileParameterRegisterImage-
> >NumberOfPage;
> 
> -  Status = InternalPeCoffGetEntryPoint ((VOID *) (UINTN)
> DriverEntry.ImageBuffer, &EntryPointInImage);
> 
> -  ASSERT_EFI_ERROR (Status);
> 
> -  DriverEntry.ImageEntryPoint = (PHYSICAL_ADDRESS) (UINTN)
> EntryPointInImage;
> 
> -
> 
> -  Status = RegisterSmramProfileImage (&DriverEntry, FALSE);
> 
> -  if (!EFI_ERROR (Status)) {
> 
> -    SmramProfileParameterRegisterImage->Header.ReturnStatus = 0;
> 
> -  }
> 
> -}
> 
> -
> 
> -/**
> 
> -  SMRAM profile handler to unregister SMM image.
> 
> -
> 
> -  @param SmramProfileParameterUnregisterImage The parameter of SMM
> profile unregister image.
> 
> -
> 
> -**/
> 
> -VOID
> 
> -SmramProfileHandlerUnregisterImage (
> 
> -  IN SMRAM_PROFILE_PARAMETER_UNREGISTER_IMAGE
> *SmramProfileParameterUnregisterImage
> 
> -  )
> 
> -{
> 
> -  EFI_STATUS                        Status;
> 
> -  EFI_SMM_DRIVER_ENTRY              DriverEntry;
> 
> -  VOID                              *EntryPointInImage;
> 
> -
> 
> -  ZeroMem (&DriverEntry, sizeof (DriverEntry));
> 
> -  CopyMem (&DriverEntry.FileName,
> &SmramProfileParameterUnregisterImage->FileName, sizeof (EFI_GUID));
> 
> -  DriverEntry.ImageBuffer = SmramProfileParameterUnregisterImage-
> >ImageBuffer;
> 
> -  DriverEntry.NumberOfPage = (UINTN)
> SmramProfileParameterUnregisterImage->NumberOfPage;
> 
> -  Status = InternalPeCoffGetEntryPoint ((VOID *) (UINTN)
> DriverEntry.ImageBuffer, &EntryPointInImage);
> 
> -  ASSERT_EFI_ERROR (Status);
> 
> -  DriverEntry.ImageEntryPoint = (PHYSICAL_ADDRESS) (UINTN)
> EntryPointInImage;
> 
> -
> 
> -  Status = UnregisterSmramProfileImage (&DriverEntry, FALSE);
> 
> -  if (!EFI_ERROR (Status)) {
> 
> -    SmramProfileParameterUnregisterImage->Header.ReturnStatus = 0;
> 
> -  }
> 
> -}
> 
> -
> 
>  /**
> 
>    Dispatch function for a Software SMI handler.
> 
> 
> 
> @@ -2374,28 +2316,6 @@ SmramProfileHandler (
>      }
> 
>      SmramProfileHandlerGetDataByOffset
> ((SMRAM_PROFILE_PARAMETER_GET_PROFILE_DATA_BY_OFFSET *) (UINTN)
> CommBuffer);
> 
>      break;
> 
> -  case SMRAM_PROFILE_COMMAND_REGISTER_IMAGE:
> 
> -    DEBUG ((EFI_D_ERROR, "SmramProfileHandlerRegisterImage\n"));
> 
> -    if (TempCommBufferSize != sizeof
> (SMRAM_PROFILE_PARAMETER_REGISTER_IMAGE)) {
> 
> -      DEBUG ((EFI_D_ERROR, "SmramProfileHandler: SMM communication buffer
> size invalid!\n"));
> 
> -      return EFI_SUCCESS;
> 
> -    }
> 
> -    if (mSmramReadyToLock) {
> 
> -      return EFI_SUCCESS;
> 
> -    }
> 
> -    SmramProfileHandlerRegisterImage
> ((SMRAM_PROFILE_PARAMETER_REGISTER_IMAGE *) (UINTN) CommBuffer);
> 
> -    break;
> 
> -  case SMRAM_PROFILE_COMMAND_UNREGISTER_IMAGE:
> 
> -    DEBUG ((EFI_D_ERROR, "SmramProfileHandlerUnregisterImage\n"));
> 
> -    if (TempCommBufferSize != sizeof
> (SMRAM_PROFILE_PARAMETER_UNREGISTER_IMAGE)) {
> 
> -      DEBUG ((EFI_D_ERROR, "SmramProfileHandler: SMM communication buffer
> size invalid!\n"));
> 
> -      return EFI_SUCCESS;
> 
> -    }
> 
> -    if (mSmramReadyToLock) {
> 
> -      return EFI_SUCCESS;
> 
> -    }
> 
> -    SmramProfileHandlerUnregisterImage
> ((SMRAM_PROFILE_PARAMETER_UNREGISTER_IMAGE *) (UINTN) CommBuffer);
> 
> -    break;
> 
>    case SMRAM_PROFILE_COMMAND_GET_RECORDING_STATE:
> 
>      DEBUG ((EFI_D_ERROR, "SmramProfileHandlerGetRecordingState\n"));
> 
>      if (TempCommBufferSize != sizeof
> (SMRAM_PROFILE_PARAMETER_RECORDING_STATE)) {
> 
> diff --git a/MdeModulePkg/Include/Guid/MemoryProfile.h
> b/MdeModulePkg/Include/Guid/MemoryProfile.h
> index eee3b9125240..92cd1e7cf493 100644
> --- a/MdeModulePkg/Include/Guid/MemoryProfile.h
> +++ b/MdeModulePkg/Include/Guid/MemoryProfile.h
> @@ -388,11 +388,6 @@ struct _EDKII_MEMORY_PROFILE_PROTOCOL {
>  //
> 
>  #define SMRAM_PROFILE_COMMAND_GET_PROFILE_INFO           0x1
> 
>  #define SMRAM_PROFILE_COMMAND_GET_PROFILE_DATA           0x2
> 
> -//
> 
> -// Below 2 commands are now used by ECP only and only valid before
> SmmReadyToLock
> 
> -//
> 
> -#define SMRAM_PROFILE_COMMAND_REGISTER_IMAGE             0x3
> 
> -#define SMRAM_PROFILE_COMMAND_UNREGISTER_IMAGE           0x4
> 
> 
> 
>  #define SMRAM_PROFILE_COMMAND_GET_PROFILE_DATA_BY_OFFSET 0x5
> 
>  #define SMRAM_PROFILE_COMMAND_GET_RECORDING_STATE        0x6
> 
> --
> 2.31.1


^ permalink raw reply	[flat|nested] 49+ messages in thread

* Re: [edk2-devel] [PATCH] SecurityPkg/DxeImageVerificationLib: Always lookup SHA-256 hash in dbx
  2021-08-09  2:48   ` Yao, Jiewen
@ 2021-08-09  5:42     ` Marvin Häuser
  0 siblings, 0 replies; 49+ messages in thread
From: Marvin Häuser @ 2021-08-09  5:42 UTC (permalink / raw)
  To: devel, jiewen.yao; +Cc: Wang, Jian J, Xu, Min M, Vitaly Cheptsov

Hey Jiewen,

Right, I meant to ask about this and forgot (sorry, I sent out a bit 
less than 30 patches yesterday :) ).
Why do we record and potentially defer the loading of images that are 
distrusted by dbx?
I would expect any image explicitly distrusted (not just untrusted) to 
be rejected and unloaded immediately.

Sorry if I got wrong what is happening!

Best regards,
Marvin

On 09/08/2021 04:48, Yao, Jiewen wrote:
> Hi Marvin
> With this patch, the path "Action == EFI_IMAGE_EXECUTION_AUTH_SIG_FOUND" no longer exists.
>
> Do you think we should remove EFI_IMAGE_EXECUTION_AUTH_SIG_FOUND as well?
>
>
>
> Thank you
> Yao Jiewen
>
>
>> -----Original Message-----
>> From: Marvin Häuser <mhaeuser@posteo.de>
>> Sent: Monday, August 9, 2021 3:40 AM
>> To: devel@edk2.groups.io
>> Cc: Yao, Jiewen <jiewen.yao@intel.com>; Wang, Jian J <jian.j.wang@intel.com>;
>> Xu, Min M <min.m.xu@intel.com>; Vitaly Cheptsov <vit9696@protonmail.com>
>> Subject: [PATCH] SecurityPkg/DxeImageVerificationLib: Always lookup SHA-256
>> hash in dbx
>>
>> REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3461
>>
>> The UEFI specification prohibits loading any UEFI image of which a
>> matching SHA-256 hash is contained in "dbx" (UEFI 2.9, 32.5.3.3
>> "Authorization Process", 3.A). Currently, this is only explicitly
>> checked when the image is unsigned and otherwise the hash algorithms
>> of the certificates are used.
>>
>> Align with the UEFI specification by specifically looking up the
>> SHA-256 hash of the image in "dbx".
>>
>> Cc: Jiewen Yao <jiewen.yao@intel.com>
>> Cc: Jian J Wang <jian.j.wang@intel.com>
>> Cc: Min Xu <min.m.xu@intel.com>
>> Cc: Vitaly Cheptsov <vit9696@protonmail.com>
>> Signed-off-by: Marvin Häuser <mhaeuser@posteo.de>
>> ---
>>   SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c | 60
>> ++++++++------------
>>   1 file changed, 24 insertions(+), 36 deletions(-)
>>
>> diff --git
>> a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
>> b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
>> index c48861cd6496..1f9bb33e86c3 100644
>> --- a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
>> +++ b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
>> @@ -1803,34 +1803,36 @@ DxeImageVerificationHandler (
>>       }
>>
>>     }
>>
>>
>>
>> +  //
>>
>> +  // The SHA256 hash value of the image must not be reflected in the security
>> data base "dbx".
>>
>> +  //
>>
>> +  if (!HashPeImage (HASHALG_SHA256)) {
>>
>> +    DEBUG ((DEBUG_INFO, "DxeImageVerificationLib: Failed to hash this image
>> using %s.\n", mHashTypeStr));
>>
>> +    goto Failed;
>>
>> +  }
>>
>> +
>>
>> +  DbStatus = IsSignatureFoundInDatabase (
>>
>> +               EFI_IMAGE_SECURITY_DATABASE1,
>>
>> +               mImageDigest,
>>
>> +               &mCertType,
>>
>> +               mImageDigestSize,
>>
>> +               &IsFound
>>
>> +               );
>>
>> +  if (EFI_ERROR (DbStatus) || IsFound) {
>>
>> +    //
>>
>> +    // Image Hash is in forbidden database (DBX).
>>
>> +    //
>>
>> +    DEBUG ((DEBUG_INFO, "DxeImageVerificationLib: Image is not signed
>> and %s hash of image is forbidden by DBX.\n", mHashTypeStr));
>>
>> +    goto Failed;
>>
>> +  }
>>
>> +
>>
>>     //
>>
>>     // Start Image Validation.
>>
>>     //
>>
>>     if (SecDataDir == NULL || SecDataDir->Size == 0) {
>>
>>       //
>>
>> -    // This image is not signed. The SHA256 hash value of the image must match
>> a record in the security database "db",
>>
>> -    // and not be reflected in the security data base "dbx".
>>
>> +    // This image is not signed. The SHA256 hash value of the image must match
>> a record in the security database "db".
>>
>>       //
>>
>> -    if (!HashPeImage (HASHALG_SHA256)) {
>>
>> -      DEBUG ((DEBUG_INFO, "DxeImageVerificationLib: Failed to hash this image
>> using %s.\n", mHashTypeStr));
>>
>> -      goto Failed;
>>
>> -    }
>>
>> -
>>
>> -    DbStatus = IsSignatureFoundInDatabase (
>>
>> -                 EFI_IMAGE_SECURITY_DATABASE1,
>>
>> -                 mImageDigest,
>>
>> -                 &mCertType,
>>
>> -                 mImageDigestSize,
>>
>> -                 &IsFound
>>
>> -                 );
>>
>> -    if (EFI_ERROR (DbStatus) || IsFound) {
>>
>> -      //
>>
>> -      // Image Hash is in forbidden database (DBX).
>>
>> -      //
>>
>> -      DEBUG ((DEBUG_INFO, "DxeImageVerificationLib: Image is not signed
>> and %s hash of image is forbidden by DBX.\n", mHashTypeStr));
>>
>> -      goto Failed;
>>
>> -    }
>>
>> -
>>
>>       DbStatus = IsSignatureFoundInDatabase (
>>
>>                    EFI_IMAGE_SECURITY_DATABASE,
>>
>>                    mImageDigest,
>>
>> @@ -1932,20 +1934,6 @@ DxeImageVerificationHandler (
>>       //
>>
>>       // Check the image's hash value.
>>
>>       //
>>
>> -    DbStatus = IsSignatureFoundInDatabase (
>>
>> -                 EFI_IMAGE_SECURITY_DATABASE1,
>>
>> -                 mImageDigest,
>>
>> -                 &mCertType,
>>
>> -                 mImageDigestSize,
>>
>> -                 &IsFound
>>
>> -                 );
>>
>> -    if (EFI_ERROR (DbStatus) || IsFound) {
>>
>> -      Action = EFI_IMAGE_EXECUTION_AUTH_SIG_FOUND;
>>
>> -      DEBUG ((DEBUG_INFO, "DxeImageVerificationLib: Image is signed but %s
>> hash of image is found in DBX.\n", mHashTypeStr));
>>
>> -      IsVerified = FALSE;
>>
>> -      break;
>>
>> -    }
>>
>> -
>>
>>       if (!IsVerified) {
>>
>>         DbStatus = IsSignatureFoundInDatabase (
>>
>>                      EFI_IMAGE_SECURITY_DATABASE,
>>
>> --
>> 2.31.1
>
>
> 
>
>


^ permalink raw reply	[flat|nested] 49+ messages in thread

* Re: [edk2-devel] [PATCH] MdeModulePkg/PiSmmCore: Drop deprecated image profiling commands
  2021-08-09  5:33     ` Yao, Jiewen
@ 2021-08-09  5:43       ` Marvin Häuser
  0 siblings, 0 replies; 49+ messages in thread
From: Marvin Häuser @ 2021-08-09  5:43 UTC (permalink / raw)
  To: devel, jiewen.yao, Ni, Ray
  Cc: Wang, Jian J, Wu, Hao A, Dong, Eric, Vitaly Cheptsov, Zeng, Star

Hey Jiewen,

Good point, sure. Will probably add ASSERTs as well, if that is fine 
with you.

Best regards,
Marvin

On 09/08/2021 07:33, Yao, Jiewen wrote:
> Can we define 3 and 4 to be "reserved and do not use", instead of removed ?
> -#define SMRAM_PROFILE_COMMAND_REGISTER_IMAGE             0x3
> -#define SMRAM_PROFILE_COMMAND_UNREGISTER_IMAGE           0x4
>
> For example:
> Command 0x3 and 0x4 are deprecated and reserved. They should not be used in the future.
>
> With that changed, reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
>
>
>> -----Original Message-----
>> From: Ni, Ray <ray.ni@intel.com>
>> Sent: Monday, August 9, 2021 12:24 PM
>> To: mhaeuser@posteo.de; devel@edk2.groups.io
>> Cc: Wang, Jian J <jian.j.wang@intel.com>; Wu, Hao A <hao.a.wu@intel.com>;
>> Dong, Eric <eric.dong@intel.com>; Vitaly Cheptsov <vit9696@protonmail.com>;
>> Zeng, Star <star.zeng@intel.com>; Yao, Jiewen <jiewen.yao@intel.com>
>> Subject: RE: [PATCH] MdeModulePkg/PiSmmCore: Drop deprecated image
>> profiling commands
>>
>> Reviewed-by: Ray Ni <ray.ni@intel.com>
>>
>> +Star and Jiewen for confirmation.
>>
>> -----Original Message-----
>> From: Marvin Häuser <mhaeuser@posteo.de>
>> Sent: Monday, August 9, 2021 3:40 AM
>> To: devel@edk2.groups.io
>> Cc: Wang, Jian J <jian.j.wang@intel.com>; Wu, Hao A <hao.a.wu@intel.com>;
>> Dong, Eric <eric.dong@intel.com>; Ni, Ray <ray.ni@intel.com>; Vitaly Cheptsov
>> <vit9696@protonmail.com>
>> Subject: [PATCH] MdeModulePkg/PiSmmCore: Drop deprecated image profiling
>> commands
>>
>> The legacy codebase allowed SMM images to be registered for profiling
>> from DXE. Support for this has been dropped entirely, so remove the
>> remaining handlers.
>>
>> Cc: Jian J Wang <jian.j.wang@intel.com>
>> Cc: Hao A Wu <hao.a.wu@intel.com>
>> Cc: Eric Dong <eric.dong@intel.com>
>> Cc: Ray Ni <ray.ni@intel.com>
>> Cc: Vitaly Cheptsov <vit9696@protonmail.com>
>> Signed-off-by: Marvin Häuser <mhaeuser@posteo.de>
>> ---
>>   MdeModulePkg/Core/PiSmmCore/SmramProfileRecord.c | 80 --------------------
>>   MdeModulePkg/Include/Guid/MemoryProfile.h        |  5 --
>>   2 files changed, 85 deletions(-)
>>
>> diff --git a/MdeModulePkg/Core/PiSmmCore/SmramProfileRecord.c
>> b/MdeModulePkg/Core/PiSmmCore/SmramProfileRecord.c
>> index 1b302c810cc9..7316df7531fd 100644
>> --- a/MdeModulePkg/Core/PiSmmCore/SmramProfileRecord.c
>> +++ b/MdeModulePkg/Core/PiSmmCore/SmramProfileRecord.c
>> @@ -2232,64 +2232,6 @@ Done:
>>     mSmramProfileGettingStatus = SmramProfileGettingStatus;
>>
>>   }
>>
>>
>>
>> -/**
>>
>> -  SMRAM profile handler to register SMM image.
>>
>> -
>>
>> -  @param SmramProfileParameterRegisterImage The parameter of SMM
>> profile register image.
>>
>> -
>>
>> -**/
>>
>> -VOID
>>
>> -SmramProfileHandlerRegisterImage (
>>
>> -  IN SMRAM_PROFILE_PARAMETER_REGISTER_IMAGE
>> *SmramProfileParameterRegisterImage
>>
>> -  )
>>
>> -{
>>
>> -  EFI_STATUS                        Status;
>>
>> -  EFI_SMM_DRIVER_ENTRY              DriverEntry;
>>
>> -  VOID                              *EntryPointInImage;
>>
>> -
>>
>> -  ZeroMem (&DriverEntry, sizeof (DriverEntry));
>>
>> -  CopyMem (&DriverEntry.FileName, &SmramProfileParameterRegisterImage-
>>> FileName, sizeof(EFI_GUID));
>> -  DriverEntry.ImageBuffer = SmramProfileParameterRegisterImage-
>>> ImageBuffer;
>> -  DriverEntry.NumberOfPage = (UINTN) SmramProfileParameterRegisterImage-
>>> NumberOfPage;
>> -  Status = InternalPeCoffGetEntryPoint ((VOID *) (UINTN)
>> DriverEntry.ImageBuffer, &EntryPointInImage);
>>
>> -  ASSERT_EFI_ERROR (Status);
>>
>> -  DriverEntry.ImageEntryPoint = (PHYSICAL_ADDRESS) (UINTN)
>> EntryPointInImage;
>>
>> -
>>
>> -  Status = RegisterSmramProfileImage (&DriverEntry, FALSE);
>>
>> -  if (!EFI_ERROR (Status)) {
>>
>> -    SmramProfileParameterRegisterImage->Header.ReturnStatus = 0;
>>
>> -  }
>>
>> -}
>>
>> -
>>
>> -/**
>>
>> -  SMRAM profile handler to unregister SMM image.
>>
>> -
>>
>> -  @param SmramProfileParameterUnregisterImage The parameter of SMM
>> profile unregister image.
>>
>> -
>>
>> -**/
>>
>> -VOID
>>
>> -SmramProfileHandlerUnregisterImage (
>>
>> -  IN SMRAM_PROFILE_PARAMETER_UNREGISTER_IMAGE
>> *SmramProfileParameterUnregisterImage
>>
>> -  )
>>
>> -{
>>
>> -  EFI_STATUS                        Status;
>>
>> -  EFI_SMM_DRIVER_ENTRY              DriverEntry;
>>
>> -  VOID                              *EntryPointInImage;
>>
>> -
>>
>> -  ZeroMem (&DriverEntry, sizeof (DriverEntry));
>>
>> -  CopyMem (&DriverEntry.FileName,
>> &SmramProfileParameterUnregisterImage->FileName, sizeof (EFI_GUID));
>>
>> -  DriverEntry.ImageBuffer = SmramProfileParameterUnregisterImage-
>>> ImageBuffer;
>> -  DriverEntry.NumberOfPage = (UINTN)
>> SmramProfileParameterUnregisterImage->NumberOfPage;
>>
>> -  Status = InternalPeCoffGetEntryPoint ((VOID *) (UINTN)
>> DriverEntry.ImageBuffer, &EntryPointInImage);
>>
>> -  ASSERT_EFI_ERROR (Status);
>>
>> -  DriverEntry.ImageEntryPoint = (PHYSICAL_ADDRESS) (UINTN)
>> EntryPointInImage;
>>
>> -
>>
>> -  Status = UnregisterSmramProfileImage (&DriverEntry, FALSE);
>>
>> -  if (!EFI_ERROR (Status)) {
>>
>> -    SmramProfileParameterUnregisterImage->Header.ReturnStatus = 0;
>>
>> -  }
>>
>> -}
>>
>> -
>>
>>   /**
>>
>>     Dispatch function for a Software SMI handler.
>>
>>
>>
>> @@ -2374,28 +2316,6 @@ SmramProfileHandler (
>>       }
>>
>>       SmramProfileHandlerGetDataByOffset
>> ((SMRAM_PROFILE_PARAMETER_GET_PROFILE_DATA_BY_OFFSET *) (UINTN)
>> CommBuffer);
>>
>>       break;
>>
>> -  case SMRAM_PROFILE_COMMAND_REGISTER_IMAGE:
>>
>> -    DEBUG ((EFI_D_ERROR, "SmramProfileHandlerRegisterImage\n"));
>>
>> -    if (TempCommBufferSize != sizeof
>> (SMRAM_PROFILE_PARAMETER_REGISTER_IMAGE)) {
>>
>> -      DEBUG ((EFI_D_ERROR, "SmramProfileHandler: SMM communication buffer
>> size invalid!\n"));
>>
>> -      return EFI_SUCCESS;
>>
>> -    }
>>
>> -    if (mSmramReadyToLock) {
>>
>> -      return EFI_SUCCESS;
>>
>> -    }
>>
>> -    SmramProfileHandlerRegisterImage
>> ((SMRAM_PROFILE_PARAMETER_REGISTER_IMAGE *) (UINTN) CommBuffer);
>>
>> -    break;
>>
>> -  case SMRAM_PROFILE_COMMAND_UNREGISTER_IMAGE:
>>
>> -    DEBUG ((EFI_D_ERROR, "SmramProfileHandlerUnregisterImage\n"));
>>
>> -    if (TempCommBufferSize != sizeof
>> (SMRAM_PROFILE_PARAMETER_UNREGISTER_IMAGE)) {
>>
>> -      DEBUG ((EFI_D_ERROR, "SmramProfileHandler: SMM communication buffer
>> size invalid!\n"));
>>
>> -      return EFI_SUCCESS;
>>
>> -    }
>>
>> -    if (mSmramReadyToLock) {
>>
>> -      return EFI_SUCCESS;
>>
>> -    }
>>
>> -    SmramProfileHandlerUnregisterImage
>> ((SMRAM_PROFILE_PARAMETER_UNREGISTER_IMAGE *) (UINTN) CommBuffer);
>>
>> -    break;
>>
>>     case SMRAM_PROFILE_COMMAND_GET_RECORDING_STATE:
>>
>>       DEBUG ((EFI_D_ERROR, "SmramProfileHandlerGetRecordingState\n"));
>>
>>       if (TempCommBufferSize != sizeof
>> (SMRAM_PROFILE_PARAMETER_RECORDING_STATE)) {
>>
>> diff --git a/MdeModulePkg/Include/Guid/MemoryProfile.h
>> b/MdeModulePkg/Include/Guid/MemoryProfile.h
>> index eee3b9125240..92cd1e7cf493 100644
>> --- a/MdeModulePkg/Include/Guid/MemoryProfile.h
>> +++ b/MdeModulePkg/Include/Guid/MemoryProfile.h
>> @@ -388,11 +388,6 @@ struct _EDKII_MEMORY_PROFILE_PROTOCOL {
>>   //
>>
>>   #define SMRAM_PROFILE_COMMAND_GET_PROFILE_INFO           0x1
>>
>>   #define SMRAM_PROFILE_COMMAND_GET_PROFILE_DATA           0x2
>>
>> -//
>>
>> -// Below 2 commands are now used by ECP only and only valid before
>> SmmReadyToLock
>>
>> -//
>>
>> -#define SMRAM_PROFILE_COMMAND_REGISTER_IMAGE             0x3
>>
>> -#define SMRAM_PROFILE_COMMAND_UNREGISTER_IMAGE           0x4
>>
>>
>>
>>   #define SMRAM_PROFILE_COMMAND_GET_PROFILE_DATA_BY_OFFSET 0x5
>>
>>   #define SMRAM_PROFILE_COMMAND_GET_RECORDING_STATE        0x6
>>
>> --
>> 2.31.1
>
>
> 
>
>


^ permalink raw reply	[flat|nested] 49+ messages in thread

* Re: [PATCH] UefiPayloadPkg/UefiPayloadEntry: Fix memory corruption
  2021-08-09  4:20   ` Ni, Ray
@ 2021-08-09  5:47     ` Marvin Häuser
  0 siblings, 0 replies; 49+ messages in thread
From: Marvin Häuser @ 2021-08-09  5:47 UTC (permalink / raw)
  To: Ni, Ray, devel@edk2.groups.io
  Cc: Dong, Guo, Ma, Maurice, You, Benjamin, Vitaly Cheptsov

On 09/08/2021 06:20, Ni, Ray wrote:
> It's so lucky that no code calls AllocatePool so the bug didn't cause real issues. (I tried to remove AllocatePool() and build still passed.)
>
> Thanks for catching the bug. Reviewed-by: Ray Ni <ray.ni@intel.com>
>
> Can you kindly share how you found this issue?

Hey Ray,

clang-tidy gave me a hand. :)
"Suspicious usage of 'sizeof(K)'; did you mean 'K'?
clang-tidy(bugprone-sizeof-expression)"

I set it up as follows (this is *not* sophisticated, just added things 
to quickly move on):
https://github.com/tianocore/edk2-staging/blob/2021-gsoc-secure-loader/compile_flags.txt

Best regards,
Marvin

>
> Thanks,
> Ray
>
> -----Original Message-----
> From: Marvin Häuser <mhaeuser@posteo.de>
> Sent: Monday, August 9, 2021 3:40 AM
> To: devel@edk2.groups.io
> Cc: Dong, Guo <guo.dong@intel.com>; Ni, Ray <ray.ni@intel.com>; Ma, Maurice <maurice.ma@intel.com>; You, Benjamin <benjamin.you@intel.com>; Vitaly Cheptsov <vit9696@protonmail.com>
> Subject: [PATCH] UefiPayloadPkg/UefiPayloadEntry: Fix memory corruption
>
> UefiPayloadEntry's AllocatePool() applies the "sizeof" operator to
> HOB index rather than the HOB header structure. This yields 4 Bytes
> compared to the 8 Bytes the structure header requires. Fix the call
> to allocate the required space instead.
>
> Cc: Guo Dong <guo.dong@intel.com>
> Cc: Ray Ni <ray.ni@intel.com>
> Cc: Maurice Ma <maurice.ma@intel.com>
> Cc: Benjamin You <benjamin.you@intel.com>
> Cc: Vitaly Cheptsov <vit9696@protonmail.com>
> Signed-off-by: Marvin Häuser <mhaeuser@posteo.de>
> ---
>   UefiPayloadPkg/UefiPayloadEntry/MemoryAllocation.c | 2 +-
>   1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/UefiPayloadPkg/UefiPayloadEntry/MemoryAllocation.c b/UefiPayloadPkg/UefiPayloadEntry/MemoryAllocation.c
> index 1204573b3e09..f3494969e5ac 100644
> --- a/UefiPayloadPkg/UefiPayloadEntry/MemoryAllocation.c
> +++ b/UefiPayloadPkg/UefiPayloadEntry/MemoryAllocation.c
> @@ -163,7 +163,7 @@ AllocatePool (
>       return NULL;
>
>     }
>
>   
>
> -  Hob = (EFI_HOB_MEMORY_POOL *)CreateHob (EFI_HOB_TYPE_MEMORY_POOL, (UINT16)(sizeof (EFI_HOB_TYPE_MEMORY_POOL) + AllocationSize));
>
> +  Hob = (EFI_HOB_MEMORY_POOL *)CreateHob (EFI_HOB_TYPE_MEMORY_POOL, (UINT16)(sizeof (EFI_HOB_MEMORY_POOL) + AllocationSize));
>
>     return (VOID *)(Hob + 1);
>
>   }
>
>   
>


^ permalink raw reply	[flat|nested] 49+ messages in thread

* Re: [PATCH] MdeModulePkg/DxeCore: Consistent DebugImageInfoTable updates
  2021-08-08 19:39 ` [PATCH] MdeModulePkg/DxeCore: Consistent DebugImageInfoTable updates Marvin Häuser
                     ` (5 preceding siblings ...)
  2021-08-08 19:40   ` [PATCH] ArmPkg/DefaultExceptionHandlerLib: " Marvin Häuser
@ 2021-08-09  6:10   ` Wu, Hao A
  2021-08-09  6:15     ` Marvin Häuser
  6 siblings, 1 reply; 49+ messages in thread
From: Wu, Hao A @ 2021-08-09  6:10 UTC (permalink / raw)
  To: Marvin Häuser, devel@edk2.groups.io; +Cc: Wang, Jian J, Vitaly Cheptsov

Sorry Marvin Häuser,

Could you help to confirm that below 9 MdeModulePkg related patches are either:
 * All independent patches
 * Belong to a patch series that includes all these 9 MdeModulePkg related commits
 * Belong to several independent patch series

MdePkg/Base.h: Introduce various alignment-related macros
MdeModulePkg/CoreDxe: Mandatory LoadedImage for DebugImageInfoTable
MdeModulePkg/DxeCore: Fix DebugImageInfoTable size report
MdeModulePkg/DxeCore: Use the correct source for fixed load address
MdeModulePkg/PiSmmCore: Drop deprecated image profiling commands
MdeModulePkg/CoreDxe: Drop caller-allocated image buffers
MdeModulePkg/DxeCore: Drop unnecessary pointer indirection
MdeModulePkg/PiSmmIpl: Correct fixed load address bounds check
MdeModulePkg/DxeCore: Consistent DebugImageInfoTable updates

Best Regards,
Hao Wu

> -----Original Message-----
> From: Marvin Häuser <mhaeuser@posteo.de>
> Sent: Monday, August 9, 2021 3:40 AM
> To: devel@edk2.groups.io
> Cc: Wang, Jian J <jian.j.wang@intel.com>; Wu, Hao A <hao.a.wu@intel.com>;
> Bi, Dandan <dandan.bi@intel.com>; Liming Gao
> <gaoliming@byosoft.com.cn>; Vitaly Cheptsov <vit9696@protonmail.com>
> Subject: [PATCH] MdeModulePkg/DxeCore: Consistent
> DebugImageInfoTable updates
> 
> In theory, modifications to the DebugImageInfoTable may cause exceptions.
> If the exception handler parses the table, this can lead to subsequent
> exceptions if the table state is inconsistent.
> 
> Ensure the DebugImageInfoTable remains consistent during modifications.
> This includes:
> 1) Free the old table only only after the new table has been published.
> Mitigates use-after-free of the old table.
> 2) Do not insert an image entry till it is fully initialised. Entries may be inserted
> in the live range if an entry was deleted previously.
> Mitigaes the usage of inconsistent entries.
> 3) Free the old image entry only after the table has been updated with the
> NULL value. Mitigates use-after-free of the old entry.
> 4) Set the MODIFIED state before performing any modifications.
> 
> Cc: Jian J Wang <jian.j.wang@intel.com>
> Cc: Hao A Wu <hao.a.wu@intel.com>
> Cc: Dandan Bi <dandan.bi@intel.com>
> Cc: Liming Gao <gaoliming@byosoft.com.cn>
> Cc: Vitaly Cheptsov <vit9696@protonmail.com>
> Signed-off-by: Marvin Häuser <mhaeuser@posteo.de>
> ---
>  MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c | 60 +++++++++++------
> ---
>  1 file changed, 34 insertions(+), 26 deletions(-)
> 
> diff --git a/MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c
> b/MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c
> index a75d4158280b..7bd970115111 100644
> --- a/MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c
> +++ b/MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c
> @@ -165,10 +165,11 @@ CoreNewDebugImageInfoEntry (
>    IN  EFI_HANDLE                  ImageHandle   ) {-  EFI_DEBUG_IMAGE_INFO
> *Table;-  EFI_DEBUG_IMAGE_INFO      *NewTable;-  UINTN                     Index;-
> UINTN                     TableSize;+  EFI_DEBUG_IMAGE_INFO        *Table;+
> EFI_DEBUG_IMAGE_INFO        *NewTable;+  UINTN                       Index;+
> UINTN                       TableSize;+  EFI_DEBUG_IMAGE_INFO_NORMAL
> *NormalImage;    //   // Set the flag indicating that we're in the process of
> updating the table.@@ -203,14 +204,6 @@ CoreNewDebugImageInfoEntry (
>      // Copy the old table into the new one     //     CopyMem (NewTable, Table,
> TableSize);-    //-    // Free the old table-    //-    CoreFreePool (Table);-    //-
> // Update the table header-    //-    Table = NewTable;
> mDebugInfoTableHeader.EfiDebugImageInfoTable = NewTable;     //     //
> Enlarge the max table entries and set the first empty entry index to@@ -
> 218,24 +211,34 @@ CoreNewDebugImageInfoEntry (
>      //     Index             = mMaxTableEntries;     mMaxTableEntries +=
> EFI_PAGE_SIZE / EFI_DEBUG_TABLE_ENTRY_SIZE;+    //+    // Free the old
> table+    //+    CoreFreePool (Table);+    //+    // Update the table header+
> //+    Table = NewTable;   }    //   // Allocate data for new entry   //-
> Table[Index].NormalImage = AllocateZeroPool (sizeof
> (EFI_DEBUG_IMAGE_INFO_NORMAL));-  if (Table[Index].NormalImage !=
> NULL) {+  NormalImage = AllocateZeroPool (sizeof
> (EFI_DEBUG_IMAGE_INFO_NORMAL));+  if (NormalImage != NULL) {     //
> // Update the entry     //-    Table[Index].NormalImage->ImageInfoType
> = (UINT32) ImageInfoType;-    Table[Index].NormalImage-
> >LoadedImageProtocolInstance = LoadedImage;-
> Table[Index].NormalImage->ImageHandle                 = ImageHandle;+
> NormalImage->ImageInfoType               = (UINT32) ImageInfoType;+
> NormalImage->LoadedImageProtocolInstance = LoadedImage;+
> NormalImage->ImageHandle                 = ImageHandle;     //-    // Increase the
> number of EFI_DEBUG_IMAGE_INFO elements and set the
> mDebugInfoTable in modified status.+    // Set the mDebugInfoTable in
> modified status, insert the entry, and+    // increase the number of
> EFI_DEBUG_IMAGE_INFO elements.     //-
> mDebugInfoTableHeader.TableSize++;
> mDebugInfoTableHeader.UpdateStatus |=
> EFI_DEBUG_IMAGE_INFO_TABLE_MODIFIED;+    Table[Index].NormalImage
> = NormalImage;+    mDebugInfoTableHeader.TableSize++;   }
> mDebugInfoTableHeader.UpdateStatus &=
> ~EFI_DEBUG_IMAGE_INFO_UPDATE_IN_PROGRESS; }@@ -253,8 +256,9
> @@ CoreRemoveDebugImageInfoEntry (
>    EFI_HANDLE ImageHandle   ) {-  EFI_DEBUG_IMAGE_INFO  *Table;-  UINTN
> Index;+  EFI_DEBUG_IMAGE_INFO        *Table;+  UINTN                       Index;+
> EFI_DEBUG_IMAGE_INFO_NORMAL *NormalImage;
> mDebugInfoTableHeader.UpdateStatus |=
> EFI_DEBUG_IMAGE_INFO_UPDATE_IN_PROGRESS; @@ -263,16 +267,20
> @@ CoreRemoveDebugImageInfoEntry (
>    for (Index = 0; Index < mMaxTableEntries; Index++) {     if
> (Table[Index].NormalImage != NULL && Table[Index].NormalImage-
> >ImageHandle == ImageHandle) {       //-      // Found a match. Free up the
> record, then NULL the pointer to indicate the slot-      // is free.+      // Found a
> match. Set the mDebugInfoTable in modified status and NULL the+      //
> pointer to indicate the slot is free and.       //-      CoreFreePool
> (Table[Index].NormalImage);+      NormalImage =
> Table[Index].NormalImage;+      mDebugInfoTableHeader.UpdateStatus |=
> EFI_DEBUG_IMAGE_INFO_TABLE_MODIFIED;       Table[Index].NormalImage
> = NULL;       //-      // Decrease the number of EFI_DEBUG_IMAGE_INFO
> elements and set the mDebugInfoTable in modified status.+      // Decrease
> the number of EFI_DEBUG_IMAGE_INFO elements.       //
> mDebugInfoTableHeader.TableSize--;-
> mDebugInfoTableHeader.UpdateStatus |=
> EFI_DEBUG_IMAGE_INFO_TABLE_MODIFIED;+      //+      // Free up the
> record.+      //+      CoreFreePool (NormalImage);       break;     }   }--
> 2.31.1


^ permalink raw reply	[flat|nested] 49+ messages in thread

* Re: [PATCH] MdeModulePkg/DxeCore: Consistent DebugImageInfoTable updates
  2021-08-09  6:10   ` [PATCH] MdeModulePkg/DxeCore: Consistent DebugImageInfoTable updates Wu, Hao A
@ 2021-08-09  6:15     ` Marvin Häuser
  2021-08-09  6:52       ` [edk2-devel] " Wu, Hao A
  0 siblings, 1 reply; 49+ messages in thread
From: Marvin Häuser @ 2021-08-09  6:15 UTC (permalink / raw)
  To: Wu, Hao A, devel@edk2.groups.io; +Cc: Wang, Jian J, Vitaly Cheptsov

Good day Hao,

Sorry for the confusion, and you are (rightfully!) not alone. :( I'll 
quote myself from a different patch:

[...] for some reason, none of the other patch series had indices appended.
I'm sure I can get that fixed shortly, but what to do then, re-send the 
entire bulk? I don't want to spam the list, maybe it is smarter to group 
them by some overview mail this one time?

Sorry for the disruption!

Best regards,
Marvin

On 09/08/2021 08:10, Wu, Hao A wrote:
> Sorry Marvin Häuser,
>
> Could you help to confirm that below 9 MdeModulePkg related patches are either:
>   * All independent patches
>   * Belong to a patch series that includes all these 9 MdeModulePkg related commits
>   * Belong to several independent patch series
>
> MdePkg/Base.h: Introduce various alignment-related macros
> MdeModulePkg/CoreDxe: Mandatory LoadedImage for DebugImageInfoTable
> MdeModulePkg/DxeCore: Fix DebugImageInfoTable size report
> MdeModulePkg/DxeCore: Use the correct source for fixed load address
> MdeModulePkg/PiSmmCore: Drop deprecated image profiling commands
> MdeModulePkg/CoreDxe: Drop caller-allocated image buffers
> MdeModulePkg/DxeCore: Drop unnecessary pointer indirection
> MdeModulePkg/PiSmmIpl: Correct fixed load address bounds check
> MdeModulePkg/DxeCore: Consistent DebugImageInfoTable updates
>
> Best Regards,
> Hao Wu
>
>> -----Original Message-----
>> From: Marvin Häuser <mhaeuser@posteo.de>
>> Sent: Monday, August 9, 2021 3:40 AM
>> To: devel@edk2.groups.io
>> Cc: Wang, Jian J <jian.j.wang@intel.com>; Wu, Hao A <hao.a.wu@intel.com>;
>> Bi, Dandan <dandan.bi@intel.com>; Liming Gao
>> <gaoliming@byosoft.com.cn>; Vitaly Cheptsov <vit9696@protonmail.com>
>> Subject: [PATCH] MdeModulePkg/DxeCore: Consistent
>> DebugImageInfoTable updates
>>
>> In theory, modifications to the DebugImageInfoTable may cause exceptions.
>> If the exception handler parses the table, this can lead to subsequent
>> exceptions if the table state is inconsistent.
>>
>> Ensure the DebugImageInfoTable remains consistent during modifications.
>> This includes:
>> 1) Free the old table only only after the new table has been published.
>> Mitigates use-after-free of the old table.
>> 2) Do not insert an image entry till it is fully initialised. Entries may be inserted
>> in the live range if an entry was deleted previously.
>> Mitigaes the usage of inconsistent entries.
>> 3) Free the old image entry only after the table has been updated with the
>> NULL value. Mitigates use-after-free of the old entry.
>> 4) Set the MODIFIED state before performing any modifications.
>>
>> Cc: Jian J Wang <jian.j.wang@intel.com>
>> Cc: Hao A Wu <hao.a.wu@intel.com>
>> Cc: Dandan Bi <dandan.bi@intel.com>
>> Cc: Liming Gao <gaoliming@byosoft.com.cn>
>> Cc: Vitaly Cheptsov <vit9696@protonmail.com>
>> Signed-off-by: Marvin Häuser <mhaeuser@posteo.de>
>> ---
>>   MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c | 60 +++++++++++------
>> ---
>>   1 file changed, 34 insertions(+), 26 deletions(-)
>>
>> diff --git a/MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c
>> b/MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c
>> index a75d4158280b..7bd970115111 100644
>> --- a/MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c
>> +++ b/MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c
>> @@ -165,10 +165,11 @@ CoreNewDebugImageInfoEntry (
>>     IN  EFI_HANDLE                  ImageHandle   ) {-  EFI_DEBUG_IMAGE_INFO
>> *Table;-  EFI_DEBUG_IMAGE_INFO      *NewTable;-  UINTN                     Index;-
>> UINTN                     TableSize;+  EFI_DEBUG_IMAGE_INFO        *Table;+
>> EFI_DEBUG_IMAGE_INFO        *NewTable;+  UINTN                       Index;+
>> UINTN                       TableSize;+  EFI_DEBUG_IMAGE_INFO_NORMAL
>> *NormalImage;    //   // Set the flag indicating that we're in the process of
>> updating the table.@@ -203,14 +204,6 @@ CoreNewDebugImageInfoEntry (
>>       // Copy the old table into the new one     //     CopyMem (NewTable, Table,
>> TableSize);-    //-    // Free the old table-    //-    CoreFreePool (Table);-    //-
>> // Update the table header-    //-    Table = NewTable;
>> mDebugInfoTableHeader.EfiDebugImageInfoTable = NewTable;     //     //
>> Enlarge the max table entries and set the first empty entry index to@@ -
>> 218,24 +211,34 @@ CoreNewDebugImageInfoEntry (
>>       //     Index             = mMaxTableEntries;     mMaxTableEntries +=
>> EFI_PAGE_SIZE / EFI_DEBUG_TABLE_ENTRY_SIZE;+    //+    // Free the old
>> table+    //+    CoreFreePool (Table);+    //+    // Update the table header+
>> //+    Table = NewTable;   }    //   // Allocate data for new entry   //-
>> Table[Index].NormalImage = AllocateZeroPool (sizeof
>> (EFI_DEBUG_IMAGE_INFO_NORMAL));-  if (Table[Index].NormalImage !=
>> NULL) {+  NormalImage = AllocateZeroPool (sizeof
>> (EFI_DEBUG_IMAGE_INFO_NORMAL));+  if (NormalImage != NULL) {     //
>> // Update the entry     //-    Table[Index].NormalImage->ImageInfoType
>> = (UINT32) ImageInfoType;-    Table[Index].NormalImage-
>>> LoadedImageProtocolInstance = LoadedImage;-
>> Table[Index].NormalImage->ImageHandle                 = ImageHandle;+
>> NormalImage->ImageInfoType               = (UINT32) ImageInfoType;+
>> NormalImage->LoadedImageProtocolInstance = LoadedImage;+
>> NormalImage->ImageHandle                 = ImageHandle;     //-    // Increase the
>> number of EFI_DEBUG_IMAGE_INFO elements and set the
>> mDebugInfoTable in modified status.+    // Set the mDebugInfoTable in
>> modified status, insert the entry, and+    // increase the number of
>> EFI_DEBUG_IMAGE_INFO elements.     //-
>> mDebugInfoTableHeader.TableSize++;
>> mDebugInfoTableHeader.UpdateStatus |=
>> EFI_DEBUG_IMAGE_INFO_TABLE_MODIFIED;+    Table[Index].NormalImage
>> = NormalImage;+    mDebugInfoTableHeader.TableSize++;   }
>> mDebugInfoTableHeader.UpdateStatus &=
>> ~EFI_DEBUG_IMAGE_INFO_UPDATE_IN_PROGRESS; }@@ -253,8 +256,9
>> @@ CoreRemoveDebugImageInfoEntry (
>>     EFI_HANDLE ImageHandle   ) {-  EFI_DEBUG_IMAGE_INFO  *Table;-  UINTN
>> Index;+  EFI_DEBUG_IMAGE_INFO        *Table;+  UINTN                       Index;+
>> EFI_DEBUG_IMAGE_INFO_NORMAL *NormalImage;
>> mDebugInfoTableHeader.UpdateStatus |=
>> EFI_DEBUG_IMAGE_INFO_UPDATE_IN_PROGRESS; @@ -263,16 +267,20
>> @@ CoreRemoveDebugImageInfoEntry (
>>     for (Index = 0; Index < mMaxTableEntries; Index++) {     if
>> (Table[Index].NormalImage != NULL && Table[Index].NormalImage-
>>> ImageHandle == ImageHandle) {       //-      // Found a match. Free up the
>> record, then NULL the pointer to indicate the slot-      // is free.+      // Found a
>> match. Set the mDebugInfoTable in modified status and NULL the+      //
>> pointer to indicate the slot is free and.       //-      CoreFreePool
>> (Table[Index].NormalImage);+      NormalImage =
>> Table[Index].NormalImage;+      mDebugInfoTableHeader.UpdateStatus |=
>> EFI_DEBUG_IMAGE_INFO_TABLE_MODIFIED;       Table[Index].NormalImage
>> = NULL;       //-      // Decrease the number of EFI_DEBUG_IMAGE_INFO
>> elements and set the mDebugInfoTable in modified status.+      // Decrease
>> the number of EFI_DEBUG_IMAGE_INFO elements.       //
>> mDebugInfoTableHeader.TableSize--;-
>> mDebugInfoTableHeader.UpdateStatus |=
>> EFI_DEBUG_IMAGE_INFO_TABLE_MODIFIED;+      //+      // Free up the
>> record.+      //+      CoreFreePool (NormalImage);       break;     }   }--
>> 2.31.1


^ permalink raw reply	[flat|nested] 49+ messages in thread

* Re: [edk2-devel] [PATCH] MdeModulePkg/DxeCore: Consistent DebugImageInfoTable updates
  2021-08-09  6:15     ` Marvin Häuser
@ 2021-08-09  6:52       ` Wu, Hao A
  2021-08-09  6:55         ` Wu, Hao A
  2021-08-09  7:21         ` Marvin Häuser
  0 siblings, 2 replies; 49+ messages in thread
From: Wu, Hao A @ 2021-08-09  6:52 UTC (permalink / raw)
  To: devel@edk2.groups.io, mhaeuser@posteo.de; +Cc: Wang, Jian J, Vitaly Cheptsov

> -----Original Message-----
> From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Marvin
> H?user
> Sent: Monday, August 9, 2021 2:16 PM
> To: Wu, Hao A <hao.a.wu@intel.com>; devel@edk2.groups.io
> Cc: Wang, Jian J <jian.j.wang@intel.com>; Vitaly Cheptsov
> <vit9696@protonmail.com>
> Subject: Re: [edk2-devel] [PATCH] MdeModulePkg/DxeCore: Consistent
> DebugImageInfoTable updates
> 
> Good day Hao,
> 
> Sorry for the confusion, and you are (rightfully!) not alone. :( I'll quote myself
> from a different patch:
> 
> [...] for some reason, none of the other patch series had indices appended.
> I'm sure I can get that fixed shortly, but what to do then, re-send the entire
> bulk? I don't want to spam the list, maybe it is smarter to group them by
> some overview mail this one time?


I would suggest to send a V2 series for all the patches (not only limited to MdeModulePkg) you sent.

Please ensure that patches belong to one series are generated by a single 'git format-patch' command.
I think doing so will add information like '1/n', '2/n', ..., 'n/n' for the patches in one series.
And you may need to create a cover-letter for one patch series to give a brief summary on the purpose of the series as a whole.

Also, if you are implementing a new feature or a fix that touches many modules, I suggest to file a Bugzilla tracker for it:
Feature request: https://bugzilla.tianocore.org/enter_bug.cgi?product=Tianocore%20Feature%20Requests
Bugfix: https://bugzilla.tianocore.org/enter_bug.cgi?product=EDK2

Lastly, you may keep the 'Reviewed-by' tags already received by other reviewers.

Best Regards,
Hao Wu


> 
> Sorry for the disruption!
> 
> Best regards,
> Marvin
> 
> On 09/08/2021 08:10, Wu, Hao A wrote:
> > Sorry Marvin Häuser,
> >
> > Could you help to confirm that below 9 MdeModulePkg related patches are
> either:
> >   * All independent patches
> >   * Belong to a patch series that includes all these 9 MdeModulePkg related
> commits
> >   * Belong to several independent patch series
> >
> > MdePkg/Base.h: Introduce various alignment-related macros
> > MdeModulePkg/CoreDxe: Mandatory LoadedImage for
> DebugImageInfoTable
> > MdeModulePkg/DxeCore: Fix DebugImageInfoTable size report
> > MdeModulePkg/DxeCore: Use the correct source for fixed load address
> > MdeModulePkg/PiSmmCore: Drop deprecated image profiling commands
> > MdeModulePkg/CoreDxe: Drop caller-allocated image buffers
> > MdeModulePkg/DxeCore: Drop unnecessary pointer indirection
> > MdeModulePkg/PiSmmIpl: Correct fixed load address bounds check
> > MdeModulePkg/DxeCore: Consistent DebugImageInfoTable updates
> >
> > Best Regards,
> > Hao Wu
> >
> >> -----Original Message-----
> >> From: Marvin Häuser <mhaeuser@posteo.de>
> >> Sent: Monday, August 9, 2021 3:40 AM
> >> To: devel@edk2.groups.io
> >> Cc: Wang, Jian J <jian.j.wang@intel.com>; Wu, Hao A
> >> <hao.a.wu@intel.com>; Bi, Dandan <dandan.bi@intel.com>; Liming Gao
> >> <gaoliming@byosoft.com.cn>; Vitaly Cheptsov <vit9696@protonmail.com>
> >> Subject: [PATCH] MdeModulePkg/DxeCore: Consistent
> DebugImageInfoTable
> >> updates
> >>
> >> In theory, modifications to the DebugImageInfoTable may cause
> exceptions.
> >> If the exception handler parses the table, this can lead to
> >> subsequent exceptions if the table state is inconsistent.
> >>
> >> Ensure the DebugImageInfoTable remains consistent during modifications.
> >> This includes:
> >> 1) Free the old table only only after the new table has been published.
> >> Mitigates use-after-free of the old table.
> >> 2) Do not insert an image entry till it is fully initialised. Entries
> >> may be inserted in the live range if an entry was deleted previously.
> >> Mitigaes the usage of inconsistent entries.
> >> 3) Free the old image entry only after the table has been updated
> >> with the NULL value. Mitigates use-after-free of the old entry.
> >> 4) Set the MODIFIED state before performing any modifications.
> >>
> >> Cc: Jian J Wang <jian.j.wang@intel.com>
> >> Cc: Hao A Wu <hao.a.wu@intel.com>
> >> Cc: Dandan Bi <dandan.bi@intel.com>
> >> Cc: Liming Gao <gaoliming@byosoft.com.cn>
> >> Cc: Vitaly Cheptsov <vit9696@protonmail.com>
> >> Signed-off-by: Marvin Häuser <mhaeuser@posteo.de>
> >> ---
> >>   MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c | 60 +++++++++++--
> ----
> >> ---
> >>   1 file changed, 34 insertions(+), 26 deletions(-)
> >>
> >> diff --git a/MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c
> >> b/MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c
> >> index a75d4158280b..7bd970115111 100644
> >> --- a/MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c
> >> +++ b/MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c
> >> @@ -165,10 +165,11 @@ CoreNewDebugImageInfoEntry (
> >>     IN  EFI_HANDLE                  ImageHandle   ) {-  EFI_DEBUG_IMAGE_INFO
> >> *Table;-  EFI_DEBUG_IMAGE_INFO      *NewTable;-  UINTN
> Index;-
> >> UINTN                     TableSize;+  EFI_DEBUG_IMAGE_INFO        *Table;+
> >> EFI_DEBUG_IMAGE_INFO        *NewTable;+  UINTN                       Index;+
> >> UINTN                       TableSize;+  EFI_DEBUG_IMAGE_INFO_NORMAL
> >> *NormalImage;    //   // Set the flag indicating that we're in the process of
> >> updating the table.@@ -203,14 +204,6 @@
> CoreNewDebugImageInfoEntry (
> >>       // Copy the old table into the new one     //     CopyMem (NewTable,
> Table,
> >> TableSize);-    //-    // Free the old table-    //-    CoreFreePool (Table);-    //-
> >> // Update the table header-    //-    Table = NewTable;
> >> mDebugInfoTableHeader.EfiDebugImageInfoTable = NewTable;     //     //
> >> Enlarge the max table entries and set the first empty entry index
> >> to@@ -
> >> 218,24 +211,34 @@ CoreNewDebugImageInfoEntry (
> >>       //     Index             = mMaxTableEntries;     mMaxTableEntries +=
> >> EFI_PAGE_SIZE / EFI_DEBUG_TABLE_ENTRY_SIZE;+    //+    // Free the old
> >> table+    //+    CoreFreePool (Table);+    //+    // Update the table header+
> >> //+    Table = NewTable;   }    //   // Allocate data for new entry   //-
> >> Table[Index].NormalImage = AllocateZeroPool (sizeof
> >> (EFI_DEBUG_IMAGE_INFO_NORMAL));-  if (Table[Index].NormalImage !=
> >> NULL) {+  NormalImage = AllocateZeroPool (sizeof
> >> (EFI_DEBUG_IMAGE_INFO_NORMAL));+  if (NormalImage != NULL) {     //
> >> // Update the entry     //-    Table[Index].NormalImage->ImageInfoType
> >> = (UINT32) ImageInfoType;-    Table[Index].NormalImage-
> >>> LoadedImageProtocolInstance = LoadedImage;-
> >> Table[Index].NormalImage->ImageHandle                 = ImageHandle;+
> >> NormalImage->ImageInfoType               = (UINT32) ImageInfoType;+
> >> NormalImage->LoadedImageProtocolInstance = LoadedImage;+
> >> NormalImage->ImageHandle                 = ImageHandle;     //-    // Increase
> the
> >> number of EFI_DEBUG_IMAGE_INFO elements and set the
> >> mDebugInfoTable in modified status.+    // Set the mDebugInfoTable in
> >> modified status, insert the entry, and+    // increase the number of
> >> EFI_DEBUG_IMAGE_INFO elements.     //-
> >> mDebugInfoTableHeader.TableSize++;
> >> mDebugInfoTableHeader.UpdateStatus |=
> >> EFI_DEBUG_IMAGE_INFO_TABLE_MODIFIED;+
> Table[Index].NormalImage
> >> = NormalImage;+    mDebugInfoTableHeader.TableSize++;   }
> >> mDebugInfoTableHeader.UpdateStatus &=
> >> ~EFI_DEBUG_IMAGE_INFO_UPDATE_IN_PROGRESS; }@@ -253,8 +256,9
> @@
> >> CoreRemoveDebugImageInfoEntry (
> >>     EFI_HANDLE ImageHandle   ) {-  EFI_DEBUG_IMAGE_INFO  *Table;-
> UINTN
> >> Index;+  EFI_DEBUG_IMAGE_INFO        *Table;+  UINTN
> Index;+
> >> EFI_DEBUG_IMAGE_INFO_NORMAL *NormalImage;
> >> mDebugInfoTableHeader.UpdateStatus |=
> >> EFI_DEBUG_IMAGE_INFO_UPDATE_IN_PROGRESS; @@ -263,16 +267,20
> @@
> >> CoreRemoveDebugImageInfoEntry (
> >>     for (Index = 0; Index < mMaxTableEntries; Index++) {     if
> >> (Table[Index].NormalImage != NULL && Table[Index].NormalImage-
> >>> ImageHandle == ImageHandle) {       //-      // Found a match. Free up the
> >> record, then NULL the pointer to indicate the slot-      // is free.+      //
> Found a
> >> match. Set the mDebugInfoTable in modified status and NULL the+      //
> >> pointer to indicate the slot is free and.       //-      CoreFreePool
> >> (Table[Index].NormalImage);+      NormalImage =
> >> Table[Index].NormalImage;+      mDebugInfoTableHeader.UpdateStatus
> |=
> >> EFI_DEBUG_IMAGE_INFO_TABLE_MODIFIED;
> Table[Index].NormalImage
> >> = NULL;       //-      // Decrease the number of EFI_DEBUG_IMAGE_INFO
> >> elements and set the mDebugInfoTable in modified status.+      //
> Decrease
> >> the number of EFI_DEBUG_IMAGE_INFO elements.       //
> >> mDebugInfoTableHeader.TableSize--;-
> >> mDebugInfoTableHeader.UpdateStatus |=
> >> EFI_DEBUG_IMAGE_INFO_TABLE_MODIFIED;+      //+      // Free up the
> >> record.+      //+      CoreFreePool (NormalImage);       break;     }   }--
> >> 2.31.1
> 
> 
> 
> 
> 


^ permalink raw reply	[flat|nested] 49+ messages in thread

* Re: [edk2-devel] [PATCH] MdeModulePkg/DxeCore: Consistent DebugImageInfoTable updates
  2021-08-09  6:52       ` [edk2-devel] " Wu, Hao A
@ 2021-08-09  6:55         ` Wu, Hao A
  2021-08-09  7:21         ` Marvin Häuser
  1 sibling, 0 replies; 49+ messages in thread
From: Wu, Hao A @ 2021-08-09  6:55 UTC (permalink / raw)
  To: devel@edk2.groups.io, Wu, Hao A, mhaeuser@posteo.de
  Cc: Wang, Jian J, Vitaly Cheptsov

> -----Original Message-----
> From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Wu, Hao
> A
> Sent: Monday, August 9, 2021 2:52 PM
> To: devel@edk2.groups.io; mhaeuser@posteo.de
> Cc: Wang, Jian J <jian.j.wang@intel.com>; Vitaly Cheptsov
> <vit9696@protonmail.com>
> Subject: Re: [edk2-devel] [PATCH] MdeModulePkg/DxeCore: Consistent
> DebugImageInfoTable updates
> 
> > -----Original Message-----
> > From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of
> Marvin
> > H?user
> > Sent: Monday, August 9, 2021 2:16 PM
> > To: Wu, Hao A <hao.a.wu@intel.com>; devel@edk2.groups.io
> > Cc: Wang, Jian J <jian.j.wang@intel.com>; Vitaly Cheptsov
> > <vit9696@protonmail.com>
> > Subject: Re: [edk2-devel] [PATCH] MdeModulePkg/DxeCore: Consistent
> > DebugImageInfoTable updates
> >
> > Good day Hao,
> >
> > Sorry for the confusion, and you are (rightfully!) not alone. :( I'll
> > quote myself from a different patch:
> >
> > [...] for some reason, none of the other patch series had indices appended.
> > I'm sure I can get that fixed shortly, but what to do then, re-send
> > the entire bulk? I don't want to spam the list, maybe it is smarter to
> > group them by some overview mail this one time?
> 
> 
> I would suggest to send a V2 series for all the patches (not only limited to
> MdeModulePkg) you sent.


Maybe more than 1 patch series.
I cannot tell at this moment since there are many patches sent from you.

Best Regards,
Hao Wu


> 
> Please ensure that patches belong to one series are generated by a single 'git
> format-patch' command.
> I think doing so will add information like '1/n', '2/n', ..., 'n/n' for the patches in
> one series.
> And you may need to create a cover-letter for one patch series to give a brief
> summary on the purpose of the series as a whole.
> 
> Also, if you are implementing a new feature or a fix that touches many
> modules, I suggest to file a Bugzilla tracker for it:
> Feature request:
> https://bugzilla.tianocore.org/enter_bug.cgi?product=Tianocore%20Feature
> %20Requests
> Bugfix: https://bugzilla.tianocore.org/enter_bug.cgi?product=EDK2
> 
> Lastly, you may keep the 'Reviewed-by' tags already received by other
> reviewers.
> 
> Best Regards,
> Hao Wu
> 
> 
> >
> > Sorry for the disruption!
> >
> > Best regards,
> > Marvin
> >
> > On 09/08/2021 08:10, Wu, Hao A wrote:
> > > Sorry Marvin Häuser,
> > >
> > > Could you help to confirm that below 9 MdeModulePkg related patches
> > > are
> > either:
> > >   * All independent patches
> > >   * Belong to a patch series that includes all these 9 MdeModulePkg
> > > related
> > commits
> > >   * Belong to several independent patch series
> > >
> > > MdePkg/Base.h: Introduce various alignment-related macros
> > > MdeModulePkg/CoreDxe: Mandatory LoadedImage for
> > DebugImageInfoTable
> > > MdeModulePkg/DxeCore: Fix DebugImageInfoTable size report
> > > MdeModulePkg/DxeCore: Use the correct source for fixed load address
> > > MdeModulePkg/PiSmmCore: Drop deprecated image profiling
> commands
> > > MdeModulePkg/CoreDxe: Drop caller-allocated image buffers
> > > MdeModulePkg/DxeCore: Drop unnecessary pointer indirection
> > > MdeModulePkg/PiSmmIpl: Correct fixed load address bounds check
> > > MdeModulePkg/DxeCore: Consistent DebugImageInfoTable updates
> > >
> > > Best Regards,
> > > Hao Wu
> > >
> > >> -----Original Message-----
> > >> From: Marvin Häuser <mhaeuser@posteo.de>
> > >> Sent: Monday, August 9, 2021 3:40 AM
> > >> To: devel@edk2.groups.io
> > >> Cc: Wang, Jian J <jian.j.wang@intel.com>; Wu, Hao A
> > >> <hao.a.wu@intel.com>; Bi, Dandan <dandan.bi@intel.com>; Liming Gao
> > >> <gaoliming@byosoft.com.cn>; Vitaly Cheptsov
> > >> <vit9696@protonmail.com>
> > >> Subject: [PATCH] MdeModulePkg/DxeCore: Consistent
> > DebugImageInfoTable
> > >> updates
> > >>
> > >> In theory, modifications to the DebugImageInfoTable may cause
> > exceptions.
> > >> If the exception handler parses the table, this can lead to
> > >> subsequent exceptions if the table state is inconsistent.
> > >>
> > >> Ensure the DebugImageInfoTable remains consistent during
> modifications.
> > >> This includes:
> > >> 1) Free the old table only only after the new table has been published.
> > >> Mitigates use-after-free of the old table.
> > >> 2) Do not insert an image entry till it is fully initialised.
> > >> Entries may be inserted in the live range if an entry was deleted
> previously.
> > >> Mitigaes the usage of inconsistent entries.
> > >> 3) Free the old image entry only after the table has been updated
> > >> with the NULL value. Mitigates use-after-free of the old entry.
> > >> 4) Set the MODIFIED state before performing any modifications.
> > >>
> > >> Cc: Jian J Wang <jian.j.wang@intel.com>
> > >> Cc: Hao A Wu <hao.a.wu@intel.com>
> > >> Cc: Dandan Bi <dandan.bi@intel.com>
> > >> Cc: Liming Gao <gaoliming@byosoft.com.cn>
> > >> Cc: Vitaly Cheptsov <vit9696@protonmail.com>
> > >> Signed-off-by: Marvin Häuser <mhaeuser@posteo.de>
> > >> ---
> > >>   MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c | 60
> +++++++++++--
> > ----
> > >> ---
> > >>   1 file changed, 34 insertions(+), 26 deletions(-)
> > >>
> > >> diff --git a/MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c
> > >> b/MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c
> > >> index a75d4158280b..7bd970115111 100644
> > >> --- a/MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c
> > >> +++ b/MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c
> > >> @@ -165,10 +165,11 @@ CoreNewDebugImageInfoEntry (
> > >>     IN  EFI_HANDLE                  ImageHandle   ) {-  EFI_DEBUG_IMAGE_INFO
> > >> *Table;-  EFI_DEBUG_IMAGE_INFO      *NewTable;-  UINTN
> > Index;-
> > >> UINTN                     TableSize;+  EFI_DEBUG_IMAGE_INFO        *Table;+
> > >> EFI_DEBUG_IMAGE_INFO        *NewTable;+  UINTN                       Index;+
> > >> UINTN                       TableSize;+  EFI_DEBUG_IMAGE_INFO_NORMAL
> > >> *NormalImage;    //   // Set the flag indicating that we're in the process
> of
> > >> updating the table.@@ -203,14 +204,6 @@
> > CoreNewDebugImageInfoEntry (
> > >>       // Copy the old table into the new one     //     CopyMem (NewTable,
> > Table,
> > >> TableSize);-    //-    // Free the old table-    //-    CoreFreePool (Table);-
> //-
> > >> // Update the table header-    //-    Table = NewTable;
> > >> mDebugInfoTableHeader.EfiDebugImageInfoTable = NewTable;     //
> //
> > >> Enlarge the max table entries and set the first empty entry index
> > >> to@@ -
> > >> 218,24 +211,34 @@ CoreNewDebugImageInfoEntry (
> > >>       //     Index             = mMaxTableEntries;     mMaxTableEntries +=
> > >> EFI_PAGE_SIZE / EFI_DEBUG_TABLE_ENTRY_SIZE;+    //+    // Free the
> old
> > >> table+    //+    CoreFreePool (Table);+    //+    // Update the table
> header+
> > >> //+    Table = NewTable;   }    //   // Allocate data for new entry   //-
> > >> Table[Index].NormalImage = AllocateZeroPool (sizeof
> > >> (EFI_DEBUG_IMAGE_INFO_NORMAL));-  if
> (Table[Index].NormalImage !=
> > >> NULL) {+  NormalImage = AllocateZeroPool (sizeof
> > >> (EFI_DEBUG_IMAGE_INFO_NORMAL));+  if (NormalImage != NULL)
> {     //
> > >> // Update the entry     //-    Table[Index].NormalImage->ImageInfoType
> > >> = (UINT32) ImageInfoType;-    Table[Index].NormalImage-
> > >>> LoadedImageProtocolInstance = LoadedImage;-
> > >> Table[Index].NormalImage->ImageHandle                 = ImageHandle;+
> > >> NormalImage->ImageInfoType               = (UINT32) ImageInfoType;+
> > >> NormalImage->LoadedImageProtocolInstance = LoadedImage;+
> > >> NormalImage->ImageHandle                 = ImageHandle;     //-    // Increase
> > the
> > >> number of EFI_DEBUG_IMAGE_INFO elements and set the
> > >> mDebugInfoTable in modified status.+    // Set the mDebugInfoTable in
> > >> modified status, insert the entry, and+    // increase the number of
> > >> EFI_DEBUG_IMAGE_INFO elements.     //-
> > >> mDebugInfoTableHeader.TableSize++;
> > >> mDebugInfoTableHeader.UpdateStatus |=
> > >> EFI_DEBUG_IMAGE_INFO_TABLE_MODIFIED;+
> > Table[Index].NormalImage
> > >> = NormalImage;+    mDebugInfoTableHeader.TableSize++;   }
> > >> mDebugInfoTableHeader.UpdateStatus &=
> > >> ~EFI_DEBUG_IMAGE_INFO_UPDATE_IN_PROGRESS; }@@ -253,8
> +256,9
> > @@
> > >> CoreRemoveDebugImageInfoEntry (
> > >>     EFI_HANDLE ImageHandle   ) {-  EFI_DEBUG_IMAGE_INFO  *Table;-
> > UINTN
> > >> Index;+  EFI_DEBUG_IMAGE_INFO        *Table;+  UINTN
> > Index;+
> > >> EFI_DEBUG_IMAGE_INFO_NORMAL *NormalImage;
> > >> mDebugInfoTableHeader.UpdateStatus |=
> > >> EFI_DEBUG_IMAGE_INFO_UPDATE_IN_PROGRESS; @@ -263,16
> +267,20
> > @@
> > >> CoreRemoveDebugImageInfoEntry (
> > >>     for (Index = 0; Index < mMaxTableEntries; Index++) {     if
> > >> (Table[Index].NormalImage != NULL && Table[Index].NormalImage-
> > >>> ImageHandle == ImageHandle) {       //-      // Found a match. Free up
> the
> > >> record, then NULL the pointer to indicate the slot-      // is free.+      //
> > Found a
> > >> match. Set the mDebugInfoTable in modified status and NULL the+      //
> > >> pointer to indicate the slot is free and.       //-      CoreFreePool
> > >> (Table[Index].NormalImage);+      NormalImage =
> > >> Table[Index].NormalImage;+      mDebugInfoTableHeader.UpdateStatus
> > |=
> > >> EFI_DEBUG_IMAGE_INFO_TABLE_MODIFIED;
> > Table[Index].NormalImage
> > >> = NULL;       //-      // Decrease the number of EFI_DEBUG_IMAGE_INFO
> > >> elements and set the mDebugInfoTable in modified status.+      //
> > Decrease
> > >> the number of EFI_DEBUG_IMAGE_INFO elements.       //
> > >> mDebugInfoTableHeader.TableSize--;-
> > >> mDebugInfoTableHeader.UpdateStatus |=
> > >> EFI_DEBUG_IMAGE_INFO_TABLE_MODIFIED;+      //+      // Free up the
> > >> record.+      //+      CoreFreePool (NormalImage);       break;     }   }--
> > >> 2.31.1
> >
> >
> >
> >
> >
> 
> 
> 
> 
> 


^ permalink raw reply	[flat|nested] 49+ messages in thread

* Re: [edk2-devel] [PATCH] MdeModulePkg/DxeCore: Consistent DebugImageInfoTable updates
  2021-08-09  6:52       ` [edk2-devel] " Wu, Hao A
  2021-08-09  6:55         ` Wu, Hao A
@ 2021-08-09  7:21         ` Marvin Häuser
  2021-08-09  7:26           ` Wu, Hao A
  1 sibling, 1 reply; 49+ messages in thread
From: Marvin Häuser @ 2021-08-09  7:21 UTC (permalink / raw)
  To: Wu, Hao A, devel@edk2.groups.io; +Cc: Wang, Jian J, Vitaly Cheptsov

On 09/08/2021 08:52, Wu, Hao A wrote:
>> -----Original Message-----
>> From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Marvin
>> H?user
>> Sent: Monday, August 9, 2021 2:16 PM
>> To: Wu, Hao A <hao.a.wu@intel.com>; devel@edk2.groups.io
>> Cc: Wang, Jian J <jian.j.wang@intel.com>; Vitaly Cheptsov
>> <vit9696@protonmail.com>
>> Subject: Re: [edk2-devel] [PATCH] MdeModulePkg/DxeCore: Consistent
>> DebugImageInfoTable updates
>>
>> Good day Hao,
>>
>> Sorry for the confusion, and you are (rightfully!) not alone. :( I'll quote myself
>> from a different patch:
>>
>> [...] for some reason, none of the other patch series had indices appended.
>> I'm sure I can get that fixed shortly, but what to do then, re-send the entire
>> bulk? I don't want to spam the list, maybe it is smarter to group them by
>> some overview mail this one time?
>
> I would suggest to send a V2 series for all the patches (not only limited to MdeModulePkg) you sent.

Right, I can do that, just many of the patches were actually meant to be 
single and independent. I believe there were two series that somehow did 
not get indexed by the command. I just forced numbering now and it seems 
to work.

May it be easier if I re-send only the two series? A few of the 
individual patches actually started review.

Thanks for your suggestions, and sorry again for the disruption!

Best regards,
Marvin

>
> Please ensure that patches belong to one series are generated by a single 'git format-patch' command.
> I think doing so will add information like '1/n', '2/n', ..., 'n/n' for the patches in one series.
> And you may need to create a cover-letter for one patch series to give a brief summary on the purpose of the series as a whole.
>
> Also, if you are implementing a new feature or a fix that touches many modules, I suggest to file a Bugzilla tracker for it:
> Feature request: https://bugzilla.tianocore.org/enter_bug.cgi?product=Tianocore%20Feature%20Requests
> Bugfix: https://bugzilla.tianocore.org/enter_bug.cgi?product=EDK2
>
> Lastly, you may keep the 'Reviewed-by' tags already received by other reviewers.
>
> Best Regards,
> Hao Wu
>
>
>> Sorry for the disruption!
>>
>> Best regards,
>> Marvin
>>
>> On 09/08/2021 08:10, Wu, Hao A wrote:
>>> Sorry Marvin Häuser,
>>>
>>> Could you help to confirm that below 9 MdeModulePkg related patches are
>> either:
>>>    * All independent patches
>>>    * Belong to a patch series that includes all these 9 MdeModulePkg related
>> commits
>>>    * Belong to several independent patch series
>>>
>>> MdePkg/Base.h: Introduce various alignment-related macros
>>> MdeModulePkg/CoreDxe: Mandatory LoadedImage for
>> DebugImageInfoTable
>>> MdeModulePkg/DxeCore: Fix DebugImageInfoTable size report
>>> MdeModulePkg/DxeCore: Use the correct source for fixed load address
>>> MdeModulePkg/PiSmmCore: Drop deprecated image profiling commands
>>> MdeModulePkg/CoreDxe: Drop caller-allocated image buffers
>>> MdeModulePkg/DxeCore: Drop unnecessary pointer indirection
>>> MdeModulePkg/PiSmmIpl: Correct fixed load address bounds check
>>> MdeModulePkg/DxeCore: Consistent DebugImageInfoTable updates
>>>
>>> Best Regards,
>>> Hao Wu
>>>
>>>> -----Original Message-----
>>>> From: Marvin Häuser <mhaeuser@posteo.de>
>>>> Sent: Monday, August 9, 2021 3:40 AM
>>>> To: devel@edk2.groups.io
>>>> Cc: Wang, Jian J <jian.j.wang@intel.com>; Wu, Hao A
>>>> <hao.a.wu@intel.com>; Bi, Dandan <dandan.bi@intel.com>; Liming Gao
>>>> <gaoliming@byosoft.com.cn>; Vitaly Cheptsov <vit9696@protonmail.com>
>>>> Subject: [PATCH] MdeModulePkg/DxeCore: Consistent
>> DebugImageInfoTable
>>>> updates
>>>>
>>>> In theory, modifications to the DebugImageInfoTable may cause
>> exceptions.
>>>> If the exception handler parses the table, this can lead to
>>>> subsequent exceptions if the table state is inconsistent.
>>>>
>>>> Ensure the DebugImageInfoTable remains consistent during modifications.
>>>> This includes:
>>>> 1) Free the old table only only after the new table has been published.
>>>> Mitigates use-after-free of the old table.
>>>> 2) Do not insert an image entry till it is fully initialised. Entries
>>>> may be inserted in the live range if an entry was deleted previously.
>>>> Mitigaes the usage of inconsistent entries.
>>>> 3) Free the old image entry only after the table has been updated
>>>> with the NULL value. Mitigates use-after-free of the old entry.
>>>> 4) Set the MODIFIED state before performing any modifications.
>>>>
>>>> Cc: Jian J Wang <jian.j.wang@intel.com>
>>>> Cc: Hao A Wu <hao.a.wu@intel.com>
>>>> Cc: Dandan Bi <dandan.bi@intel.com>
>>>> Cc: Liming Gao <gaoliming@byosoft.com.cn>
>>>> Cc: Vitaly Cheptsov <vit9696@protonmail.com>
>>>> Signed-off-by: Marvin Häuser <mhaeuser@posteo.de>
>>>> ---
>>>>    MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c | 60 +++++++++++--
>> ----
>>>> ---
>>>>    1 file changed, 34 insertions(+), 26 deletions(-)
>>>>
>>>> diff --git a/MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c
>>>> b/MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c
>>>> index a75d4158280b..7bd970115111 100644
>>>> --- a/MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c
>>>> +++ b/MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c
>>>> @@ -165,10 +165,11 @@ CoreNewDebugImageInfoEntry (
>>>>      IN  EFI_HANDLE                  ImageHandle   ) {-  EFI_DEBUG_IMAGE_INFO
>>>> *Table;-  EFI_DEBUG_IMAGE_INFO      *NewTable;-  UINTN
>> Index;-
>>>> UINTN                     TableSize;+  EFI_DEBUG_IMAGE_INFO        *Table;+
>>>> EFI_DEBUG_IMAGE_INFO        *NewTable;+  UINTN                       Index;+
>>>> UINTN                       TableSize;+  EFI_DEBUG_IMAGE_INFO_NORMAL
>>>> *NormalImage;    //   // Set the flag indicating that we're in the process of
>>>> updating the table.@@ -203,14 +204,6 @@
>> CoreNewDebugImageInfoEntry (
>>>>        // Copy the old table into the new one     //     CopyMem (NewTable,
>> Table,
>>>> TableSize);-    //-    // Free the old table-    //-    CoreFreePool (Table);-    //-
>>>> // Update the table header-    //-    Table = NewTable;
>>>> mDebugInfoTableHeader.EfiDebugImageInfoTable = NewTable;     //     //
>>>> Enlarge the max table entries and set the first empty entry index
>>>> to@@ -
>>>> 218,24 +211,34 @@ CoreNewDebugImageInfoEntry (
>>>>        //     Index             = mMaxTableEntries;     mMaxTableEntries +=
>>>> EFI_PAGE_SIZE / EFI_DEBUG_TABLE_ENTRY_SIZE;+    //+    // Free the old
>>>> table+    //+    CoreFreePool (Table);+    //+    // Update the table header+
>>>> //+    Table = NewTable;   }    //   // Allocate data for new entry   //-
>>>> Table[Index].NormalImage = AllocateZeroPool (sizeof
>>>> (EFI_DEBUG_IMAGE_INFO_NORMAL));-  if (Table[Index].NormalImage !=
>>>> NULL) {+  NormalImage = AllocateZeroPool (sizeof
>>>> (EFI_DEBUG_IMAGE_INFO_NORMAL));+  if (NormalImage != NULL) {     //
>>>> // Update the entry     //-    Table[Index].NormalImage->ImageInfoType
>>>> = (UINT32) ImageInfoType;-    Table[Index].NormalImage-
>>>>> LoadedImageProtocolInstance = LoadedImage;-
>>>> Table[Index].NormalImage->ImageHandle                 = ImageHandle;+
>>>> NormalImage->ImageInfoType               = (UINT32) ImageInfoType;+
>>>> NormalImage->LoadedImageProtocolInstance = LoadedImage;+
>>>> NormalImage->ImageHandle                 = ImageHandle;     //-    // Increase
>> the
>>>> number of EFI_DEBUG_IMAGE_INFO elements and set the
>>>> mDebugInfoTable in modified status.+    // Set the mDebugInfoTable in
>>>> modified status, insert the entry, and+    // increase the number of
>>>> EFI_DEBUG_IMAGE_INFO elements.     //-
>>>> mDebugInfoTableHeader.TableSize++;
>>>> mDebugInfoTableHeader.UpdateStatus |=
>>>> EFI_DEBUG_IMAGE_INFO_TABLE_MODIFIED;+
>> Table[Index].NormalImage
>>>> = NormalImage;+    mDebugInfoTableHeader.TableSize++;   }
>>>> mDebugInfoTableHeader.UpdateStatus &=
>>>> ~EFI_DEBUG_IMAGE_INFO_UPDATE_IN_PROGRESS; }@@ -253,8 +256,9
>> @@
>>>> CoreRemoveDebugImageInfoEntry (
>>>>      EFI_HANDLE ImageHandle   ) {-  EFI_DEBUG_IMAGE_INFO  *Table;-
>> UINTN
>>>> Index;+  EFI_DEBUG_IMAGE_INFO        *Table;+  UINTN
>> Index;+
>>>> EFI_DEBUG_IMAGE_INFO_NORMAL *NormalImage;
>>>> mDebugInfoTableHeader.UpdateStatus |=
>>>> EFI_DEBUG_IMAGE_INFO_UPDATE_IN_PROGRESS; @@ -263,16 +267,20
>> @@
>>>> CoreRemoveDebugImageInfoEntry (
>>>>      for (Index = 0; Index < mMaxTableEntries; Index++) {     if
>>>> (Table[Index].NormalImage != NULL && Table[Index].NormalImage-
>>>>> ImageHandle == ImageHandle) {       //-      // Found a match. Free up the
>>>> record, then NULL the pointer to indicate the slot-      // is free.+      //
>> Found a
>>>> match. Set the mDebugInfoTable in modified status and NULL the+      //
>>>> pointer to indicate the slot is free and.       //-      CoreFreePool
>>>> (Table[Index].NormalImage);+      NormalImage =
>>>> Table[Index].NormalImage;+      mDebugInfoTableHeader.UpdateStatus
>> |=
>>>> EFI_DEBUG_IMAGE_INFO_TABLE_MODIFIED;
>> Table[Index].NormalImage
>>>> = NULL;       //-      // Decrease the number of EFI_DEBUG_IMAGE_INFO
>>>> elements and set the mDebugInfoTable in modified status.+      //
>> Decrease
>>>> the number of EFI_DEBUG_IMAGE_INFO elements.       //
>>>> mDebugInfoTableHeader.TableSize--;-
>>>> mDebugInfoTableHeader.UpdateStatus |=
>>>> EFI_DEBUG_IMAGE_INFO_TABLE_MODIFIED;+      //+      // Free up the
>>>> record.+      //+      CoreFreePool (NormalImage);       break;     }   }--
>>>> 2.31.1
>>
>>
>> 
>>


^ permalink raw reply	[flat|nested] 49+ messages in thread

* Re: [edk2-devel] [PATCH] MdeModulePkg/DxeCore: Consistent DebugImageInfoTable updates
  2021-08-09  7:21         ` Marvin Häuser
@ 2021-08-09  7:26           ` Wu, Hao A
  0 siblings, 0 replies; 49+ messages in thread
From: Wu, Hao A @ 2021-08-09  7:26 UTC (permalink / raw)
  To: devel@edk2.groups.io, mhaeuser@posteo.de; +Cc: Wang, Jian J, Vitaly Cheptsov

> -----Original Message-----
> From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Marvin
> H?user
> Sent: Monday, August 9, 2021 3:21 PM
> To: Wu, Hao A <hao.a.wu@intel.com>; devel@edk2.groups.io
> Cc: Wang, Jian J <jian.j.wang@intel.com>; Vitaly Cheptsov
> <vit9696@protonmail.com>
> Subject: Re: [edk2-devel] [PATCH] MdeModulePkg/DxeCore: Consistent
> DebugImageInfoTable updates
> 
> On 09/08/2021 08:52, Wu, Hao A wrote:
> >> -----Original Message-----
> >> From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Marvin
> >> H?user
> >> Sent: Monday, August 9, 2021 2:16 PM
> >> To: Wu, Hao A <hao.a.wu@intel.com>; devel@edk2.groups.io
> >> Cc: Wang, Jian J <jian.j.wang@intel.com>; Vitaly Cheptsov
> >> <vit9696@protonmail.com>
> >> Subject: Re: [edk2-devel] [PATCH] MdeModulePkg/DxeCore: Consistent
> >> DebugImageInfoTable updates
> >>
> >> Good day Hao,
> >>
> >> Sorry for the confusion, and you are (rightfully!) not alone. :( I'll
> >> quote myself from a different patch:
> >>
> >> [...] for some reason, none of the other patch series had indices appended.
> >> I'm sure I can get that fixed shortly, but what to do then, re-send
> >> the entire bulk? I don't want to spam the list, maybe it is smarter
> >> to group them by some overview mail this one time?
> >
> > I would suggest to send a V2 series for all the patches (not only limited to
> MdeModulePkg) you sent.
> 
> Right, I can do that, just many of the patches were actually meant to be single
> and independent. I believe there were two series that somehow did not get
> indexed by the command. I just forced numbering now and it seems to work.
> 
> May it be easier if I re-send only the two series? A few of the individual patches
> actually started review.


I am fine with this.
My intention for asking V2 for all the patches was that doing so I can simply ignore all the V1 patch mails.

Best Regards,
Hao Wu


> 
> Thanks for your suggestions, and sorry again for the disruption!
> 
> Best regards,
> Marvin
> 
> >
> > Please ensure that patches belong to one series are generated by a single 'git
> format-patch' command.
> > I think doing so will add information like '1/n', '2/n', ..., 'n/n' for the patches in
> one series.
> > And you may need to create a cover-letter for one patch series to give a brief
> summary on the purpose of the series as a whole.
> >
> > Also, if you are implementing a new feature or a fix that touches many
> modules, I suggest to file a Bugzilla tracker for it:
> > Feature request:
> > https://bugzilla.tianocore.org/enter_bug.cgi?product=Tianocore%20Featu
> > re%20Requests
> > Bugfix: https://bugzilla.tianocore.org/enter_bug.cgi?product=EDK2
> >
> > Lastly, you may keep the 'Reviewed-by' tags already received by other
> reviewers.
> >
> > Best Regards,
> > Hao Wu
> >
> >
> >> Sorry for the disruption!
> >>
> >> Best regards,
> >> Marvin
> >>
> >> On 09/08/2021 08:10, Wu, Hao A wrote:
> >>> Sorry Marvin Häuser,
> >>>
> >>> Could you help to confirm that below 9 MdeModulePkg related patches
> >>> are
> >> either:
> >>>    * All independent patches
> >>>    * Belong to a patch series that includes all these 9 MdeModulePkg
> >>> related
> >> commits
> >>>    * Belong to several independent patch series
> >>>
> >>> MdePkg/Base.h: Introduce various alignment-related macros
> >>> MdeModulePkg/CoreDxe: Mandatory LoadedImage for
> >> DebugImageInfoTable
> >>> MdeModulePkg/DxeCore: Fix DebugImageInfoTable size report
> >>> MdeModulePkg/DxeCore: Use the correct source for fixed load address
> >>> MdeModulePkg/PiSmmCore: Drop deprecated image profiling commands
> >>> MdeModulePkg/CoreDxe: Drop caller-allocated image buffers
> >>> MdeModulePkg/DxeCore: Drop unnecessary pointer indirection
> >>> MdeModulePkg/PiSmmIpl: Correct fixed load address bounds check
> >>> MdeModulePkg/DxeCore: Consistent DebugImageInfoTable updates
> >>>
> >>> Best Regards,
> >>> Hao Wu
> >>>
> >>>> -----Original Message-----
> >>>> From: Marvin Häuser <mhaeuser@posteo.de>
> >>>> Sent: Monday, August 9, 2021 3:40 AM
> >>>> To: devel@edk2.groups.io
> >>>> Cc: Wang, Jian J <jian.j.wang@intel.com>; Wu, Hao A
> >>>> <hao.a.wu@intel.com>; Bi, Dandan <dandan.bi@intel.com>; Liming Gao
> >>>> <gaoliming@byosoft.com.cn>; Vitaly Cheptsov
> >>>> <vit9696@protonmail.com>
> >>>> Subject: [PATCH] MdeModulePkg/DxeCore: Consistent
> >> DebugImageInfoTable
> >>>> updates
> >>>>
> >>>> In theory, modifications to the DebugImageInfoTable may cause
> >> exceptions.
> >>>> If the exception handler parses the table, this can lead to
> >>>> subsequent exceptions if the table state is inconsistent.
> >>>>
> >>>> Ensure the DebugImageInfoTable remains consistent during modifications.
> >>>> This includes:
> >>>> 1) Free the old table only only after the new table has been published.
> >>>> Mitigates use-after-free of the old table.
> >>>> 2) Do not insert an image entry till it is fully initialised.
> >>>> Entries may be inserted in the live range if an entry was deleted previously.
> >>>> Mitigaes the usage of inconsistent entries.
> >>>> 3) Free the old image entry only after the table has been updated
> >>>> with the NULL value. Mitigates use-after-free of the old entry.
> >>>> 4) Set the MODIFIED state before performing any modifications.
> >>>>
> >>>> Cc: Jian J Wang <jian.j.wang@intel.com>
> >>>> Cc: Hao A Wu <hao.a.wu@intel.com>
> >>>> Cc: Dandan Bi <dandan.bi@intel.com>
> >>>> Cc: Liming Gao <gaoliming@byosoft.com.cn>
> >>>> Cc: Vitaly Cheptsov <vit9696@protonmail.com>
> >>>> Signed-off-by: Marvin Häuser <mhaeuser@posteo.de>
> >>>> ---
> >>>>    MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c | 60 +++++++++++--
> >> ----
> >>>> ---
> >>>>    1 file changed, 34 insertions(+), 26 deletions(-)
> >>>>
> >>>> diff --git a/MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c
> >>>> b/MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c
> >>>> index a75d4158280b..7bd970115111 100644
> >>>> --- a/MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c
> >>>> +++ b/MdeModulePkg/Core/Dxe/Misc/DebugImageInfo.c
> >>>> @@ -165,10 +165,11 @@ CoreNewDebugImageInfoEntry (
> >>>>      IN  EFI_HANDLE                  ImageHandle   ) {-  EFI_DEBUG_IMAGE_INFO
> >>>> *Table;-  EFI_DEBUG_IMAGE_INFO      *NewTable;-  UINTN
> >> Index;-
> >>>> UINTN                     TableSize;+  EFI_DEBUG_IMAGE_INFO        *Table;+
> >>>> EFI_DEBUG_IMAGE_INFO        *NewTable;+  UINTN                       Index;+
> >>>> UINTN                       TableSize;+  EFI_DEBUG_IMAGE_INFO_NORMAL
> >>>> *NormalImage;    //   // Set the flag indicating that we're in the process of
> >>>> updating the table.@@ -203,14 +204,6 @@
> >> CoreNewDebugImageInfoEntry (
> >>>>        // Copy the old table into the new one     //     CopyMem (NewTable,
> >> Table,
> >>>> TableSize);-    //-    // Free the old table-    //-    CoreFreePool (Table);-    //-
> >>>> // Update the table header-    //-    Table = NewTable;
> >>>> mDebugInfoTableHeader.EfiDebugImageInfoTable = NewTable;     //     //
> >>>> Enlarge the max table entries and set the first empty entry index
> >>>> to@@ -
> >>>> 218,24 +211,34 @@ CoreNewDebugImageInfoEntry (
> >>>>        //     Index             = mMaxTableEntries;     mMaxTableEntries +=
> >>>> EFI_PAGE_SIZE / EFI_DEBUG_TABLE_ENTRY_SIZE;+    //+    // Free the old
> >>>> table+    //+    CoreFreePool (Table);+    //+    // Update the table header+
> >>>> //+    Table = NewTable;   }    //   // Allocate data for new entry   //-
> >>>> Table[Index].NormalImage = AllocateZeroPool (sizeof
> >>>> (EFI_DEBUG_IMAGE_INFO_NORMAL));-  if (Table[Index].NormalImage !=
> >>>> NULL) {+  NormalImage = AllocateZeroPool (sizeof
> >>>> (EFI_DEBUG_IMAGE_INFO_NORMAL));+  if (NormalImage != NULL) {     //
> >>>> // Update the entry     //-    Table[Index].NormalImage->ImageInfoType
> >>>> = (UINT32) ImageInfoType;-    Table[Index].NormalImage-
> >>>>> LoadedImageProtocolInstance = LoadedImage;-
> >>>> Table[Index].NormalImage->ImageHandle                 = ImageHandle;+
> >>>> NormalImage->ImageInfoType               = (UINT32) ImageInfoType;+
> >>>> NormalImage->LoadedImageProtocolInstance = LoadedImage;+
> >>>> NormalImage->ImageHandle                 = ImageHandle;     //-    // Increase
> >> the
> >>>> number of EFI_DEBUG_IMAGE_INFO elements and set the
> >>>> mDebugInfoTable in modified status.+    // Set the mDebugInfoTable in
> >>>> modified status, insert the entry, and+    // increase the number of
> >>>> EFI_DEBUG_IMAGE_INFO elements.     //-
> >>>> mDebugInfoTableHeader.TableSize++;
> >>>> mDebugInfoTableHeader.UpdateStatus |=
> >>>> EFI_DEBUG_IMAGE_INFO_TABLE_MODIFIED;+
> >> Table[Index].NormalImage
> >>>> = NormalImage;+    mDebugInfoTableHeader.TableSize++;   }
> >>>> mDebugInfoTableHeader.UpdateStatus &=
> >>>> ~EFI_DEBUG_IMAGE_INFO_UPDATE_IN_PROGRESS; }@@ -253,8 +256,9
> >> @@
> >>>> CoreRemoveDebugImageInfoEntry (
> >>>>      EFI_HANDLE ImageHandle   ) {-  EFI_DEBUG_IMAGE_INFO  *Table;-
> >> UINTN
> >>>> Index;+  EFI_DEBUG_IMAGE_INFO        *Table;+  UINTN
> >> Index;+
> >>>> EFI_DEBUG_IMAGE_INFO_NORMAL *NormalImage;
> >>>> mDebugInfoTableHeader.UpdateStatus |=
> >>>> EFI_DEBUG_IMAGE_INFO_UPDATE_IN_PROGRESS; @@ -263,16 +267,20
> >> @@
> >>>> CoreRemoveDebugImageInfoEntry (
> >>>>      for (Index = 0; Index < mMaxTableEntries; Index++) {     if
> >>>> (Table[Index].NormalImage != NULL && Table[Index].NormalImage-
> >>>>> ImageHandle == ImageHandle) {       //-      // Found a match. Free up the
> >>>> record, then NULL the pointer to indicate the slot-      // is free.+      //
> >> Found a
> >>>> match. Set the mDebugInfoTable in modified status and NULL the+      //
> >>>> pointer to indicate the slot is free and.       //-      CoreFreePool
> >>>> (Table[Index].NormalImage);+      NormalImage =
> >>>> Table[Index].NormalImage;+      mDebugInfoTableHeader.UpdateStatus
> >> |=
> >>>> EFI_DEBUG_IMAGE_INFO_TABLE_MODIFIED;
> >> Table[Index].NormalImage
> >>>> = NULL;       //-      // Decrease the number of EFI_DEBUG_IMAGE_INFO
> >>>> elements and set the mDebugInfoTable in modified status.+      //
> >> Decrease
> >>>> the number of EFI_DEBUG_IMAGE_INFO elements.       //
> >>>> mDebugInfoTableHeader.TableSize--;-
> >>>> mDebugInfoTableHeader.UpdateStatus |=
> >>>> EFI_DEBUG_IMAGE_INFO_TABLE_MODIFIED;+      //+      // Free up the
> >>>> record.+      //+      CoreFreePool (NormalImage);       break;     }   }--
> >>>> 2.31.1
> >>
> >>
> >>
> >>
> 
> 
> 
> 
> 


^ permalink raw reply	[flat|nested] 49+ messages in thread

* Re: [PATCH] UefiPayloadPkg/UefiPayloadEntry: Fix memory corruption
  2021-08-08 19:39 ` [PATCH] UefiPayloadPkg/UefiPayloadEntry: Fix memory corruption Marvin Häuser
  2021-08-09  4:20   ` Ni, Ray
@ 2021-08-10 19:13   ` Guo Dong
  1 sibling, 0 replies; 49+ messages in thread
From: Guo Dong @ 2021-08-10 19:13 UTC (permalink / raw)
  To: Marvin Häuser, devel@edk2.groups.io
  Cc: Ni, Ray, Ma, Maurice, You, Benjamin, Vitaly Cheptsov


Thanks to capture and fix this issue.

Reviewed-by: Guo Dong <guo.dong@intel.com>

-----Original Message-----
From: Marvin Häuser <mhaeuser@posteo.de> 
Sent: Sunday, August 8, 2021 12:40 PM
To: devel@edk2.groups.io
Cc: Dong, Guo <guo.dong@intel.com>; Ni, Ray <ray.ni@intel.com>; Ma, Maurice <maurice.ma@intel.com>; You, Benjamin <benjamin.you@intel.com>; Vitaly Cheptsov <vit9696@protonmail.com>
Subject: [PATCH] UefiPayloadPkg/UefiPayloadEntry: Fix memory corruption

UefiPayloadEntry's AllocatePool() applies the "sizeof" operator to HOB index rather than the HOB header structure. This yields 4 Bytes compared to the 8 Bytes the structure header requires. Fix the call to allocate the required space instead.

Cc: Guo Dong <guo.dong@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Maurice Ma <maurice.ma@intel.com>
Cc: Benjamin You <benjamin.you@intel.com>
Cc: Vitaly Cheptsov <vit9696@protonmail.com>
Signed-off-by: Marvin Häuser <mhaeuser@posteo.de>
---
 UefiPayloadPkg/UefiPayloadEntry/MemoryAllocation.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/UefiPayloadPkg/UefiPayloadEntry/MemoryAllocation.c b/UefiPayloadPkg/UefiPayloadEntry/MemoryAllocation.c
index 1204573b3e09..f3494969e5ac 100644
--- a/UefiPayloadPkg/UefiPayloadEntry/MemoryAllocation.c
+++ b/UefiPayloadPkg/UefiPayloadEntry/MemoryAllocation.c
@@ -163,7 +163,7 @@ AllocatePool (
     return NULL;   } -  Hob = (EFI_HOB_MEMORY_POOL *)CreateHob (EFI_HOB_TYPE_MEMORY_POOL, (UINT16)(sizeof (EFI_HOB_TYPE_MEMORY_POOL) + AllocationSize));+  Hob = (EFI_HOB_MEMORY_POOL *)CreateHob (EFI_HOB_TYPE_MEMORY_POOL, (UINT16)(sizeof (EFI_HOB_MEMORY_POOL) + AllocationSize));   return (VOID *)(Hob + 1); } -- 
2.31.1


^ permalink raw reply related	[flat|nested] 49+ messages in thread

* Re: [PATCH] MdePkg/Base.h: Introduce various alignment-related macros
  2021-08-08 19:39 ` [PATCH] MdePkg/Base.h: Introduce various alignment-related macros Marvin Häuser
@ 2021-08-13  7:27   ` Wu, Hao A
  2021-08-13  8:41     ` [edk2-devel] " Marvin Häuser
  0 siblings, 1 reply; 49+ messages in thread
From: Wu, Hao A @ 2021-08-13  7:27 UTC (permalink / raw)
  To: Marvin Häuser, devel@edk2.groups.io
  Cc: Kinney, Michael D, Liming Gao, Liu, Zhiguang, Wang, Jian J,
	Ni, Ray, Vitaly Cheptsov

> -----Original Message-----
> From: Marvin Häuser <mhaeuser@posteo.de>
> Sent: Monday, August 9, 2021 3:40 AM
> To: devel@edk2.groups.io
> Cc: Kinney, Michael D <michael.d.kinney@intel.com>; Liming Gao
> <gaoliming@byosoft.com.cn>; Liu, Zhiguang <zhiguang.liu@intel.com>;
> Wang, Jian J <jian.j.wang@intel.com>; Wu, Hao A <hao.a.wu@intel.com>; Ni,
> Ray <ray.ni@intel.com>; Vitaly Cheptsov <vit9696@protonmail.com>
> Subject: [PATCH] MdePkg/Base.h: Introduce various alignment-related
> macros
> 
> ALIGNOF: Determining the alignment requirement of data types is crucial to
> ensure safe memory accesses when parsing untrusted data.
> 
> IS_POW2: Determining whether a value is a power of two is important to
> verify whether untrusted values are valid alignment values.
> 
> IS_ALIGNED: In combination with ALIGNOF data offsets can be verified.
> A more general version of IS_ALIGNED defined by several modules.
> 
> ADDRESS_IS_ALIGNED: Variant of IS_ALIGNED for pointers and addresses.
> Replaces module-specific definitions throughout the codebase.
> 
> ALIGN_VALUE_ADDEND: The added to align up can be used to directly
> determine the required offset for data alignment.
> 
> Cc: Michael D Kinney <michael.d.kinney@intel.com>
> Cc: Liming Gao <gaoliming@byosoft.com.cn>
> Cc: Zhiguang Liu <zhiguang.liu@intel.com>
> Cc: Jian J Wang <jian.j.wang@intel.com>
> Cc: Hao A Wu <hao.a.wu@intel.com>
> Cc: Ray Ni <ray.ni@intel.com>
> Cc: Vitaly Cheptsov <vit9696@protonmail.com>
> Signed-off-by: Marvin Häuser <mhaeuser@posteo.de>
> ---
>  MdeModulePkg/Bus/Ata/AhciPei/AhciMode.c                  |  2 +-
>  MdeModulePkg/Bus/Ata/AhciPei/AhciPeiPassThru.c           |  6 +-
>  MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.c | 12 +--
>  MdeModulePkg/Bus/Ata/AtaBusDxe/AtaPassThruExecute.c      |  2 +-
>  MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDisk.c             |  4 +-
>  MdeModulePkg/Bus/Ufs/UfsPassThruDxe/UfsPassThru.c        |  6 +-
>  MdeModulePkg/Universal/EbcDxe/EbcExecute.c               | 36 ++++----
>  MdeModulePkg/Bus/Ata/AhciPei/AhciPei.h                   |  1 -
>  MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.h |  2 -
>  MdeModulePkg/Bus/Ata/AtaBusDxe/AtaBus.h                  |  1 -
>  MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDisk.h             |  4 +-
>  MdeModulePkg/Bus/Ufs/UfsBlockIoPei/UfsBlockIoPei.h       |  2 -
>  MdeModulePkg/Bus/Ufs/UfsPassThruDxe/UfsPassThru.h        |  2 -
>  MdeModulePkg/Universal/EbcDxe/EbcExecute.h               |  3 +-
>  MdePkg/Include/Base.h                                    | 90 +++++++++++++++++++-
>  15 files changed, 125 insertions(+), 48 deletions(-)


Suggest to break this into 2 patches:
The first one is for MdePkg for adding the macros. And the second one for changes in MdeModulePkg.

For the MdeModulePkg changes, they look good to me:
Reviewed-by: Hao A Wu <hao.a.wu@intel.com>

You can add the above 'R-b' tag for your MdeModulePkg patch in the V2 series.

Best Regards,
Hao Wu


> 
> diff --git a/MdeModulePkg/Bus/Ata/AhciPei/AhciMode.c
> b/MdeModulePkg/Bus/Ata/AhciPei/AhciMode.c
> index 7636ad27c86c..520197aee752 100644
> --- a/MdeModulePkg/Bus/Ata/AhciPei/AhciMode.c
> +++ b/MdeModulePkg/Bus/Ata/AhciPei/AhciMode.c
> @@ -2099,7 +2099,7 @@ TrustTransferAtaDevice (
>      // ATA PassThru PPI.     //     if ((AtaPassThru->Mode->IoAlign > 1) &&-
>         !IS_ALIGNED (Buffer, AtaPassThru->Mode->IoAlign))
> {+        !ADDRESS_IS_ALIGNED (Buffer, AtaPassThru->Mode->IoAlign))
> {       NewBuffer = AllocateAlignedPages (                     EFI_SIZE_TO_PAGES
> (TransferLength),                     AtaPassThru->Mode->IoAligndiff --git
> a/MdeModulePkg/Bus/Ata/AhciPei/AhciPeiPassThru.c
> b/MdeModulePkg/Bus/Ata/AhciPei/AhciPeiPassThru.c
> index 191b78c88541..057ad42d596b 100644
> --- a/MdeModulePkg/Bus/Ata/AhciPei/AhciPeiPassThru.c
> +++ b/MdeModulePkg/Bus/Ata/AhciPei/AhciPeiPassThru.c
> @@ -193,15 +193,15 @@ AhciAtaPassThruPassThru (
>    }    IoAlign = This->Mode->IoAlign;-  if ((IoAlign > 1) && !IS_ALIGNED
> (Packet->InDataBuffer, IoAlign)) {+  if ((IoAlign > 1)
> && !ADDRESS_IS_ALIGNED (Packet->InDataBuffer, IoAlign)) {     return
> EFI_INVALID_PARAMETER;   } -  if ((IoAlign > 1) && !IS_ALIGNED (Packet-
> >OutDataBuffer, IoAlign)) {+  if ((IoAlign > 1) && !ADDRESS_IS_ALIGNED
> (Packet->OutDataBuffer, IoAlign)) {     return EFI_INVALID_PARAMETER;   } -
> if ((IoAlign > 1) && !IS_ALIGNED (Packet->Asb, IoAlign)) {+  if ((IoAlign > 1)
> && !ADDRESS_IS_ALIGNED (Packet->Asb, IoAlign)) {     return
> EFI_INVALID_PARAMETER;   } diff --git
> a/MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.c
> b/MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.c
> index 86fe9d954fdb..c7b3cfce1340 100644
> --- a/MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.c
> +++ b/MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.c
> @@ -1281,15 +1281,15 @@ AtaPassThruPassThru (
>     Instance = ATA_PASS_THRU_PRIVATE_DATA_FROM_THIS (This); -  if
> ((This->Mode->IoAlign > 1) && !IS_ALIGNED(Packet->InDataBuffer, This-
> >Mode->IoAlign)) {+  if ((This->Mode->IoAlign > 1)
> && !ADDRESS_IS_ALIGNED(Packet->InDataBuffer, This->Mode->IoAlign))
> {     return EFI_INVALID_PARAMETER;   } -  if ((This->Mode->IoAlign > 1)
> && !IS_ALIGNED(Packet->OutDataBuffer, This->Mode->IoAlign)) {+  if ((This-
> >Mode->IoAlign > 1) && !ADDRESS_IS_ALIGNED(Packet->OutDataBuffer,
> This->Mode->IoAlign)) {     return EFI_INVALID_PARAMETER;   } -  if ((This-
> >Mode->IoAlign > 1) && !IS_ALIGNED(Packet->Asb, This->Mode->IoAlign))
> {+  if ((This->Mode->IoAlign > 1) && !ADDRESS_IS_ALIGNED(Packet->Asb,
> This->Mode->IoAlign)) {     return EFI_INVALID_PARAMETER;   } @@ -2012,15
> +2012,15 @@ ExtScsiPassThruPassThru (
>      return EFI_INVALID_PARAMETER;   } -  if ((This->Mode->IoAlign > 1)
> && !IS_ALIGNED(Packet->InDataBuffer, This->Mode->IoAlign)) {+  if ((This-
> >Mode->IoAlign > 1) && !ADDRESS_IS_ALIGNED(Packet->InDataBuffer, This-
> >Mode->IoAlign)) {     return EFI_INVALID_PARAMETER;   } -  if ((This->Mode-
> >IoAlign > 1) && !IS_ALIGNED(Packet->OutDataBuffer, This->Mode-
> >IoAlign)) {+  if ((This->Mode->IoAlign > 1)
> && !ADDRESS_IS_ALIGNED(Packet->OutDataBuffer, This->Mode->IoAlign))
> {     return EFI_INVALID_PARAMETER;   } -  if ((This->Mode->IoAlign > 1)
> && !IS_ALIGNED(Packet->SenseData, This->Mode->IoAlign)) {+  if ((This-
> >Mode->IoAlign > 1) && !ADDRESS_IS_ALIGNED(Packet->SenseData, This-
> >Mode->IoAlign)) {     return EFI_INVALID_PARAMETER;   } diff --git
> a/MdeModulePkg/Bus/Ata/AtaBusDxe/AtaPassThruExecute.c
> b/MdeModulePkg/Bus/Ata/AtaBusDxe/AtaPassThruExecute.c
> index 79026a4a957d..eabab8ac5bc5 100644
> --- a/MdeModulePkg/Bus/Ata/AtaBusDxe/AtaPassThruExecute.c
> +++ b/MdeModulePkg/Bus/Ata/AtaBusDxe/AtaPassThruExecute.c
> @@ -1036,7 +1036,7 @@ TrustTransferAtaDevice (
>      // Check the alignment of the incoming buffer prior to invoking underlying
> ATA PassThru     //     AtaPassThru = AtaDevice->AtaBusDriverData-
> >AtaPassThru;-    if ((AtaPassThru->Mode->IoAlign > 1) && !IS_ALIGNED
> (Buffer, AtaPassThru->Mode->IoAlign)) {+    if ((AtaPassThru->Mode-
> >IoAlign > 1) && !ADDRESS_IS_ALIGNED (Buffer, AtaPassThru->Mode-
> >IoAlign)) {       NewBuffer = AllocateAlignedBuffer (AtaDevice,
> TransferLength);       if (NewBuffer == NULL) {         return
> EFI_OUT_OF_RESOURCES;diff --git
> a/MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDisk.c
> b/MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDisk.c
> index c80e78fa8a6b..81db2efd0599 100644
> --- a/MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDisk.c
> +++ b/MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDisk.c
> @@ -1956,7 +1956,7 @@ ScsiDiskReceiveData (
>        goto Done;     } -    if ((ScsiDiskDevice->ScsiIo->IoAlign > 1)
> && !IS_ALIGNED (PayloadBuffer, ScsiDiskDevice->ScsiIo->IoAlign)) {+    if
> ((ScsiDiskDevice->ScsiIo->IoAlign > 1) && !ADDRESS_IS_ALIGNED
> (PayloadBuffer, ScsiDiskDevice->ScsiIo->IoAlign)) {       AlignedBuffer =
> AllocateAlignedBuffer (ScsiDiskDevice, PayloadBufferSize);       if
> (AlignedBuffer == NULL) {         Status = EFI_OUT_OF_RESOURCES;@@ -
> 2171,7 +2171,7 @@ ScsiDiskSendData (
>        goto Done;     } -    if ((ScsiDiskDevice->ScsiIo->IoAlign > 1)
> && !IS_ALIGNED (PayloadBuffer, ScsiDiskDevice->ScsiIo->IoAlign)) {+    if
> ((ScsiDiskDevice->ScsiIo->IoAlign > 1) && !ADDRESS_IS_ALIGNED
> (PayloadBuffer, ScsiDiskDevice->ScsiIo->IoAlign)) {       AlignedBuffer =
> AllocateAlignedBuffer (ScsiDiskDevice, PayloadBufferSize);       if
> (AlignedBuffer == NULL) {         Status = EFI_OUT_OF_RESOURCES;diff --git
> a/MdeModulePkg/Bus/Ufs/UfsPassThruDxe/UfsPassThru.c
> b/MdeModulePkg/Bus/Ufs/UfsPassThruDxe/UfsPassThru.c
> index 92ff958f161e..c4d01a20fcbe 100644
> --- a/MdeModulePkg/Bus/Ufs/UfsPassThruDxe/UfsPassThru.c
> +++ b/MdeModulePkg/Bus/Ufs/UfsPassThruDxe/UfsPassThru.c
> @@ -170,15 +170,15 @@ UfsPassThruPassThru (
>      return EFI_INVALID_PARAMETER;   } -  if ((This->Mode->IoAlign > 1)
> && !IS_ALIGNED(Packet->InDataBuffer, This->Mode->IoAlign)) {+  if ((This-
> >Mode->IoAlign > 1) && !ADDRESS_IS_ALIGNED(Packet->InDataBuffer, This-
> >Mode->IoAlign)) {     return EFI_INVALID_PARAMETER;   } -  if ((This->Mode-
> >IoAlign > 1) && !IS_ALIGNED(Packet->OutDataBuffer, This->Mode-
> >IoAlign)) {+  if ((This->Mode->IoAlign > 1)
> && !ADDRESS_IS_ALIGNED(Packet->OutDataBuffer, This->Mode->IoAlign))
> {     return EFI_INVALID_PARAMETER;   } -  if ((This->Mode->IoAlign > 1)
> && !IS_ALIGNED(Packet->SenseData, This->Mode->IoAlign)) {+  if ((This-
> >Mode->IoAlign > 1) && !ADDRESS_IS_ALIGNED(Packet->SenseData, This-
> >Mode->IoAlign)) {     return EFI_INVALID_PARAMETER;   } diff --git
> a/MdeModulePkg/Universal/EbcDxe/EbcExecute.c
> b/MdeModulePkg/Universal/EbcDxe/EbcExecute.c
> index 1c4a4f5155c9..ba66f441bcea 100644
> --- a/MdeModulePkg/Universal/EbcDxe/EbcExecute.c
> +++ b/MdeModulePkg/Universal/EbcDxe/EbcExecute.c
> @@ -2004,7 +2004,7 @@ ExecuteJMP (
>      // check for alignment, and jump absolute.     //     Data64 = (UINT64)
> VmReadImmed64 (VmPtr, 2);-    if (!IS_ALIGNED ((UINTN) Data64, sizeof
> (UINT16))) {+    if (!ADDRESS_IS_ALIGNED ((UINTN) Data64, sizeof (UINT16)))
> {       EbcDebugSignalException (         EXCEPT_EBC_ALIGNMENT_CHECK,
> EXCEPTION_FLAG_FATAL,@@ -2059,7 +2059,7 @@ ExecuteJMP (
>      // Form: JMP32 @Rx {Index32}     //     Addr = VmReadMemN (VmPtr,
> (UINTN) Data64 + Index32);-    if (!IS_ALIGNED ((UINTN) Addr, sizeof
> (UINT16))) {+    if (!ADDRESS_IS_ALIGNED ((UINTN) Addr, sizeof (UINT16)))
> {       EbcDebugSignalException (         EXCEPT_EBC_ALIGNMENT_CHECK,
> EXCEPTION_FLAG_FATAL,@@ -2082,7 +2082,7 @@ ExecuteJMP (
>      // Form: JMP32 Rx {Immed32}     //     Addr = (UINTN) (Data64 + Index32);-
> if (!IS_ALIGNED ((UINTN) Addr, sizeof (UINT16))) {+    if
> (!ADDRESS_IS_ALIGNED ((UINTN) Addr, sizeof (UINT16)))
> {       EbcDebugSignalException (         EXCEPT_EBC_ALIGNMENT_CHECK,
> EXCEPTION_FLAG_FATAL,@@ -3128,7 +3128,7 @@ ExecuteRET (
>      // Pull the return address off the VM app's stack and set the IP     // to it
> //-    if (!IS_ALIGNED ((UINTN) VmPtr->Gpr[0], sizeof (UINT16))) {+    if
> (!ADDRESS_IS_ALIGNED ((UINTN) VmPtr->Gpr[0], sizeof (UINT16)))
> {       EbcDebugSignalException (         EXCEPT_EBC_ALIGNMENT_CHECK,
> EXCEPTION_FLAG_FATAL,@@ -4693,7 +4693,7 @@ VmWriteMem16 (
>    //   // Do a simple write if aligned   //-  if (IS_ALIGNED (Addr, sizeof
> (UINT16))) {+  if (ADDRESS_IS_ALIGNED (Addr, sizeof (UINT16)))
> {     *(UINT16 *) Addr = Data;   } else {     //@@ -4756,7 +4756,7 @@
> VmWriteMem32 (
>    //   // Do a simple write if aligned   //-  if (IS_ALIGNED (Addr, sizeof
> (UINT32))) {+  if (ADDRESS_IS_ALIGNED (Addr, sizeof (UINT32)))
> {     *(UINT32 *) Addr = Data;   } else {     //@@ -4819,7 +4819,7 @@
> VmWriteMem64 (
>    //   // Do a simple write if aligned   //-  if (IS_ALIGNED (Addr, sizeof
> (UINT64))) {+  if (ADDRESS_IS_ALIGNED (Addr, sizeof (UINT64)))
> {     *(UINT64 *) Addr = Data;   } else {     //@@ -4885,7 +4885,7 @@
> VmWriteMemN (
>    //   // Do a simple write if aligned   //-  if (IS_ALIGNED (Addr, sizeof (UINTN)))
> {+  if (ADDRESS_IS_ALIGNED (Addr, sizeof (UINTN))) {     *(UINTN *) Addr =
> Data;   } else {     for (Index = 0; Index < sizeof (UINTN) / sizeof (UINT32);
> Index++) {@@ -4949,7 +4949,7 @@ VmReadImmed16 (
>    //   // Read direct if aligned   //-  if (IS_ALIGNED ((UINTN) VmPtr->Ip +
> Offset, sizeof (INT16))) {+  if (ADDRESS_IS_ALIGNED ((UINTN) VmPtr->Ip +
> Offset, sizeof (INT16))) {     return * (INT16 *) (VmPtr->Ip + Offset);   } else
> {     //@@ -4993,7 +4993,7 @@ VmReadImmed32 (
>    //   // Read direct if aligned   //-  if (IS_ALIGNED ((UINTN) VmPtr->Ip +
> Offset, sizeof (UINT32))) {+  if (ADDRESS_IS_ALIGNED ((UINTN) VmPtr->Ip +
> Offset, sizeof (UINT32))) {     return * (INT32 *) (VmPtr->Ip + Offset);   }
> //@@ -5032,7 +5032,7 @@ VmReadImmed64 (
>    //   // Read direct if aligned   //-  if (IS_ALIGNED ((UINTN) VmPtr->Ip +
> Offset, sizeof (UINT64))) {+  if (ADDRESS_IS_ALIGNED ((UINTN) VmPtr->Ip +
> Offset, sizeof (UINT64))) {     return * (UINT64 *) (VmPtr->Ip + Offset);   }
> //@@ -5069,7 +5069,7 @@ VmReadCode16 (
>    //   // Read direct if aligned   //-  if (IS_ALIGNED ((UINTN) VmPtr->Ip +
> Offset, sizeof (UINT16))) {+  if (ADDRESS_IS_ALIGNED ((UINTN) VmPtr->Ip +
> Offset, sizeof (UINT16))) {     return * (UINT16 *) (VmPtr->Ip + Offset);   } else
> {     //@@ -5110,7 +5110,7 @@ VmReadCode32 (
>    //   // Read direct if aligned   //-  if (IS_ALIGNED ((UINTN) VmPtr->Ip +
> Offset, sizeof (UINT32))) {+  if (ADDRESS_IS_ALIGNED ((UINTN) VmPtr->Ip +
> Offset, sizeof (UINT32))) {     return * (UINT32 *) (VmPtr->Ip + Offset);   }
> //@@ -5147,7 +5147,7 @@ VmReadCode64 (
>    //   // Read direct if aligned   //-  if (IS_ALIGNED ((UINTN) VmPtr->Ip +
> Offset, sizeof (UINT64))) {+  if (ADDRESS_IS_ALIGNED ((UINTN) VmPtr->Ip +
> Offset, sizeof (UINT64))) {     return * (UINT64 *) (VmPtr->Ip + Offset);   }
> //@@ -5210,7 +5210,7 @@ VmReadMem16 (
>    //   // Read direct if aligned   //-  if (IS_ALIGNED (Addr, sizeof (UINT16))) {+
> if (ADDRESS_IS_ALIGNED (Addr, sizeof (UINT16))) {     return * (UINT16 *)
> Addr;   }   //@@ -5243,7 +5243,7 @@ VmReadMem32 (
>    //   // Read direct if aligned   //-  if (IS_ALIGNED (Addr, sizeof (UINT32))) {+
> if (ADDRESS_IS_ALIGNED (Addr, sizeof (UINT32))) {     return * (UINT32 *)
> Addr;   }   //@@ -5280,7 +5280,7 @@ VmReadMem64 (
>    //   // Read direct if aligned   //-  if (IS_ALIGNED (Addr, sizeof (UINT64))) {+
> if (ADDRESS_IS_ALIGNED (Addr, sizeof (UINT64))) {     return * (UINT64 *)
> Addr;   }   //@@ -5349,7 +5349,7 @@ VmReadMemN (
>    //   // Read direct if aligned   //-  if (IS_ALIGNED (Addr, sizeof (UINTN))) {+  if
> (ADDRESS_IS_ALIGNED (Addr, sizeof (UINTN))) {     return * (UINTN *)
> Addr;   }   //diff --git a/MdeModulePkg/Bus/Ata/AhciPei/AhciPei.h
> b/MdeModulePkg/Bus/Ata/AhciPei/AhciPei.h
> index 2be78076bee7..59bb9e5d0bca 100644
> --- a/MdeModulePkg/Bus/Ata/AhciPei/AhciPei.h
> +++ b/MdeModulePkg/Bus/Ata/AhciPei/AhciPei.h
> @@ -145,7 +145,6 @@ typedef union {
>  #define AHCI_PORT_SERR                         0x0030 #define AHCI_PORT_CI
> 0x0038 -#define IS_ALIGNED(addr, size)                 (((UINTN) (addr) & (size - 1))
> == 0) #define TIMER_PERIOD_SECONDS(Seconds)
> MultU64x32((UINT64)(Seconds), 10000000)  #pragma pack(1)diff --git
> a/MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.h
> b/MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.h
> index 5f582b9b3e76..99bbf7d14a17 100644
> --- a/MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.h
> +++ b/MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.h
> @@ -147,8 +147,6 @@ struct _ATA_NONBLOCK_TASK {
>  #define ATA_ATAPI_TIMEOUT           EFI_TIMER_PERIOD_SECONDS(3)
> #define ATA_SPINUP_TIMEOUT          EFI_TIMER_PERIOD_SECONDS(10) -
> #define IS_ALIGNED(addr, size)      (((UINTN) (addr) & (size - 1)) == 0)-
> #define ATA_PASS_THRU_PRIVATE_DATA_FROM_THIS(a) \   CR (a, \
> ATA_ATAPI_PASS_THRU_INSTANCE, \diff --git
> a/MdeModulePkg/Bus/Ata/AtaBusDxe/AtaBus.h
> b/MdeModulePkg/Bus/Ata/AtaBusDxe/AtaBus.h
> index a5a865209942..172d2d61ea6c 100644
> --- a/MdeModulePkg/Bus/Ata/AtaBusDxe/AtaBus.h
> +++ b/MdeModulePkg/Bus/Ata/AtaBusDxe/AtaBus.h
> @@ -76,7 +76,6 @@
>  #define ATA_TASK_SIGNATURE                SIGNATURE_32 ('A', 'T', 'S', 'K')
> #define ATA_DEVICE_SIGNATURE              SIGNATURE_32 ('A', 'B', 'I', 'D')
> #define ATA_SUB_TASK_SIGNATURE            SIGNATURE_32 ('A', 'S', 'T', 'S')-
> #define IS_ALIGNED(addr, size)            (((UINTN) (addr) & (size - 1)) == 0)  // //
> ATA bus data structure for ATA controllerdiff --git
> a/MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDisk.h
> b/MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDisk.h
> index ed9bbd6f8ba8..86ad27b3292f 100644
> --- a/MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDisk.h
> +++ b/MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDisk.h
> @@ -37,9 +37,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
>  #include <IndustryStandard/Scsi.h> #include <IndustryStandard/Atapi.h> -
> #define IS_DEVICE_FIXED(a)        (a)->FixedDevice ? 1 : 0--#define
> IS_ALIGNED(addr, size)    (((UINTN) (addr) & (size - 1)) == 0)+#define
> IS_DEVICE_FIXED(a)          (a)->FixedDevice ? 1 : 0  #define UFS_WLUN_RPMB
> 0xC4 diff --git a/MdeModulePkg/Bus/Ufs/UfsBlockIoPei/UfsBlockIoPei.h
> b/MdeModulePkg/Bus/Ufs/UfsBlockIoPei/UfsBlockIoPei.h
> index 6e2305aa2bc2..7306106a4454 100644
> --- a/MdeModulePkg/Bus/Ufs/UfsBlockIoPei/UfsBlockIoPei.h
> +++ b/MdeModulePkg/Bus/Ufs/UfsBlockIoPei/UfsBlockIoPei.h
> @@ -133,8 +133,6 @@ typedef struct _UFS_PEIM_HC_PRIVATE_DATA {
>   #define ROUNDUP8(x) (((x) % 8 == 0) ? (x) : ((x) / 8 + 1) * 8) -#define
> IS_ALIGNED(addr, size)      (((UINTN) (addr) & (size - 1)) == 0)- #define
> GET_UFS_PEIM_HC_PRIVATE_DATA_FROM_THIS(a) CR (a,
> UFS_PEIM_HC_PRIVATE_DATA, BlkIoPpi, UFS_PEIM_HC_SIG) #define
> GET_UFS_PEIM_HC_PRIVATE_DATA_FROM_THIS2(a) CR (a,
> UFS_PEIM_HC_PRIVATE_DATA, BlkIo2Ppi, UFS_PEIM_HC_SIG) #define
> GET_UFS_PEIM_HC_PRIVATE_DATA_FROM_THIS_NOTIFY(a) CR (a,
> UFS_PEIM_HC_PRIVATE_DATA, EndOfPeiNotifyList, UFS_PEIM_HC_SIG)diff
> --git a/MdeModulePkg/Bus/Ufs/UfsPassThruDxe/UfsPassThru.h
> b/MdeModulePkg/Bus/Ufs/UfsPassThruDxe/UfsPassThru.h
> index 79b86f7e6b3d..11b5b197b67a 100644
> --- a/MdeModulePkg/Bus/Ufs/UfsPassThruDxe/UfsPassThru.h
> +++ b/MdeModulePkg/Bus/Ufs/UfsPassThruDxe/UfsPassThru.h
> @@ -105,8 +105,6 @@ typedef struct {
>   #define ROUNDUP8(x) (((x) % 8 == 0) ? (x) : ((x) / 8 + 1) * 8) -#define
> IS_ALIGNED(addr, size)        (((UINTN) (addr) & (size - 1)) == 0)- #define
> UFS_PASS_THRU_PRIVATE_DATA_FROM_THIS(a) \   CR (a, \
> UFS_PASS_THRU_PRIVATE_DATA, \diff --git
> a/MdeModulePkg/Universal/EbcDxe/EbcExecute.h
> b/MdeModulePkg/Universal/EbcDxe/EbcExecute.h
> index 1cb68bc5385a..858ca7fc86ae 100644
> --- a/MdeModulePkg/Universal/EbcDxe/EbcExecute.h
> +++ b/MdeModulePkg/Universal/EbcDxe/EbcExecute.h
> @@ -14,8 +14,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
>  // // Macros to check and set alignment //-#define ASSERT_ALIGNED(addr,
> size)  ASSERT (!((UINT32) (addr) & (size - 1)))-#define IS_ALIGNED(addr,
> size)      !((UINT32) (addr) & (size - 1))+#define ASSERT_ALIGNED(addr, size)
> ASSERT (IS_ALIGNED (addr, size))  // // Debug macrodiff --git
> a/MdePkg/Include/Base.h b/MdePkg/Include/Base.h
> index 2da08b0c787f..32d0e512e05f 100644
> --- a/MdePkg/Include/Base.h
> +++ b/MdePkg/Include/Base.h
> @@ -789,6 +789,35 @@ typedef UINTN  *BASE_LIST;
>  #define OFFSET_OF(TYPE, Field) ((UINTN) &(((TYPE *)0)->Field)) #endif
> +/**+  Returns the alignment requirement of a type.++  @param   TYPE  The
> name of the type to retrieve the alignment requirement of.++  @return
> Alignment requirement, in Bytes, of TYPE.+**/+#if defined(__GNUC__) ||
> defined(__clang__) || (defined(_MSC_VER) && _MSC_VER >= 1900)+  //+
> // All supported versions of GCC and Clang, as well as MSVC 2015 and later,+
> // support the standard operator _Alignof.+  //+  #define ALIGNOF(TYPE)
> _Alignof (TYPE)+#elif defined(_MSC_VER)+  //+  // Earlier versions of MSVC,
> at least MSVC 2008 and later, support the+  // vendor-extension __alignof.+
> //+  #define ALIGNOF(TYPE)  __alignof (TYPE)+#else+  //+  // For compilers
> that do not support inbuilt alignof operators, use OFFSET_OF.+  // CHAR8 is
> known to have both a size and an alignment requirement of 1 Byte.+  // As
> such, A must be located exactly at the offset equal to its alignment+  //
> requirement.+  //+  #define ALIGNOF(TYPE) OFFSET_OF (struct { CHAR8 C;
> TYPE A; }, A)+#endif+ /**   Portable definition for compile time assertions.
> Equivalent to C11 static_assert macro from assert.h.@@ -824,6 +853,21 @@
> STATIC_ASSERT (sizeof (CHAR16)  == 2, "sizeof (CHAR16) does not meet UEFI
> Specif
>  STATIC_ASSERT (sizeof (L'A')    == 2, "sizeof (L'A') does not meet UEFI
> Specification Data Type requirements"); STATIC_ASSERT (sizeof (L"A")    == 4,
> "sizeof (L\"A\") does not meet UEFI Specification Data Type requirements");
> +STATIC_ASSERT (ALIGNOF (BOOLEAN) == sizeof (BOOLEAN), "Alignment of
> BOOLEAN does not meet UEFI Specification Data Type
> requirements");+STATIC_ASSERT (ALIGNOF (INT8)    == sizeof (INT8),
> "Alignment of INT8 does not meet UEFI Specification Data Type
> requirements");+STATIC_ASSERT (ALIGNOF (UINT8)   == sizeof (UINT8),
> "Alignment of INT16 does not meet UEFI Specification Data Type
> requirements");+STATIC_ASSERT (ALIGNOF (INT16)   == sizeof (INT16),
> "Alignment of INT16 does not meet UEFI Specification Data Type
> requirements");+STATIC_ASSERT (ALIGNOF (UINT16)  == sizeof (UINT16),
> "Alignment of UINT16 does not meet UEFI Specification Data Type
> requirements");+STATIC_ASSERT (ALIGNOF (INT32)   == sizeof (INT32),
> "Alignment of INT32 does not meet UEFI Specification Data Type
> requirements");+STATIC_ASSERT (ALIGNOF (UINT32)  == sizeof (UINT32),
> "Alignment of UINT32 does not meet UEFI Specification Data Type
> requirements");+STATIC_ASSERT (ALIGNOF (INT64)   == sizeof (INT64),
> "Alignment of INT64 does not meet UEFI Specification Data Type
> requirements");+STATIC_ASSERT (ALIGNOF (UINT64)  == sizeof (UINT64),
> "Alignment of UINT64 does not meet UEFI Specification Data Type
> requirements");+STATIC_ASSERT (ALIGNOF (CHAR8)   == sizeof (CHAR8),
> "Alignment of CHAR8 does not meet UEFI Specification Data Type
> requirements");+STATIC_ASSERT (ALIGNOF (CHAR16)  == sizeof (CHAR16),
> "Alignment of CHAR16 does not meet UEFI Specification Data Type
> requirements");+STATIC_ASSERT (ALIGNOF (INTN)    == sizeof (INTN),
> "Alignment of INTN does not meet UEFI Specification Data Type
> requirements");+STATIC_ASSERT (ALIGNOF (UINTN)   == sizeof (UINTN),
> "Alignment of UINTN does not meet UEFI Specification Data Type
> requirements");+STATIC_ASSERT (ALIGNOF (VOID *)  == sizeof (VOID *),
> "Alignment of VOID * does not meet UEFI Specification Data Type
> requirements");+ // // The following three enum types are used to verify
> that the compiler // configuration for enum types is compliant with Section
> 2.3.1 of the@@ -847,6 +891,10 @@ STATIC_ASSERT (sizeof
> (__VERIFY_UINT8_ENUM_SIZE) == 4, "Size of enum does not me
>  STATIC_ASSERT (sizeof (__VERIFY_UINT16_ENUM_SIZE) == 4, "Size of enum
> does not meet UEFI Specification Data Type requirements"); STATIC_ASSERT
> (sizeof (__VERIFY_UINT32_ENUM_SIZE) == 4, "Size of enum does not meet
> UEFI Specification Data Type requirements"); +STATIC_ASSERT (ALIGNOF
> (__VERIFY_UINT8_ENUM_SIZE)  == sizeof (__VERIFY_UINT8_ENUM_SIZE),
> "Alignment of enum does not meet UEFI Specification Data Type
> requirements");+STATIC_ASSERT (ALIGNOF (__VERIFY_UINT16_ENUM_SIZE)
> == sizeof (__VERIFY_UINT16_ENUM_SIZE), "Alignment of enum does not
> meet UEFI Specification Data Type requirements");+STATIC_ASSERT
> (ALIGNOF (__VERIFY_UINT32_ENUM_SIZE) == sizeof
> (__VERIFY_UINT32_ENUM_SIZE), "Alignment of enum does not meet UEFI
> Specification Data Type requirements");+ /**   Macro that returns a pointer
> to the data structure that contains a specified field of   that data structure.
> This is a lightweight method to hide information by placing a@@ -868,6
> +916,46 @@ STATIC_ASSERT (sizeof (__VERIFY_UINT32_ENUM_SIZE) == 4,
> "Size of enum does not m
>  **/ #define BASE_CR(Record, TYPE, Field)  ((TYPE *) ((CHAR8 *) (Record) -
> OFFSET_OF (TYPE, Field))) +/**+  Checks whether a value is a power of
> two.++  @param   Value  The value to check.++  @return  Whether Value is a
> power of two.+**/+#define IS_POW2(Value)  ((Value) != 0U && ((Value) &
> ((Value) - 1U)) == 0U)++/**+  Checks whether a value is aligned by a
> specified alignment.++  @param   Value      The value to check.+  @param
> Alignment  The alignment boundary used to check against.++  @return
> Whether Value is aligned by Alignment.+**/+#define IS_ALIGNED(Value,
> Alignment)  (((Value) & ((Alignment) - 1U)) == 0U)++/**+  Checks whether a
> pointer or address is aligned by a specified alignment.++  @param   Address
> The pointer or address to check.+  @param   Alignment  The alignment
> boundary used to check against.++  @return  Whether Address is aligned by
> Alignment.+**/+#define ADDRESS_IS_ALIGNED(Address, Alignment)
> IS_ALIGNED ((UINTN) (Address), Alignment)++/**+  Determines the addend
> to add to a value to round it up to the next boundary of+  a specified
> alignment.++  @param   Value      The value to round up.+  @param
> Alignment  The alignment boundary used to return the addend.++  @return
> Addend to round Value up to alignment boundary Alignment.+**/+#define
> ALIGN_VALUE_ADDEND(Value, Alignment)  (((Alignment) - (Value)) &
> ((Alignment) - 1U))+ /**   Rounds a value up to the next boundary using a
> specified alignment. @@ -880,7 +968,7 @@ STATIC_ASSERT (sizeof
> (__VERIFY_UINT32_ENUM_SIZE) == 4, "Size of enum does not m
>    @return  A value up to the next boundary.  **/-#define
> ALIGN_VALUE(Value, Alignment) ((Value) + (((Alignment) - (Value)) &
> ((Alignment) - 1)))+#define ALIGN_VALUE(Value, Alignment) ((Value) +
> ALIGN_VALUE_ADDEND (Value, Alignment))  /**   Adjust a pointer by adding
> the minimum offset required for it to be aligned on--
> 2.31.1


^ permalink raw reply	[flat|nested] 49+ messages in thread

* Re: [edk2-devel] [PATCH] MdePkg/Base.h: Introduce various alignment-related macros
  2021-08-13  7:27   ` Wu, Hao A
@ 2021-08-13  8:41     ` Marvin Häuser
  2021-08-13  8:45       ` Wu, Hao A
  0 siblings, 1 reply; 49+ messages in thread
From: Marvin Häuser @ 2021-08-13  8:41 UTC (permalink / raw)
  To: devel, hao.a.wu
  Cc: Kinney, Michael D, Liming Gao, Liu, Zhiguang, Wang, Jian J,
	Ni, Ray, Vitaly Cheptsov

On 13/08/2021 09:27, Wu, Hao A wrote:
>> -----Original Message-----
>> From: Marvin Häuser <mhaeuser@posteo.de>
>> Sent: Monday, August 9, 2021 3:40 AM
>> To: devel@edk2.groups.io
>> Cc: Kinney, Michael D <michael.d.kinney@intel.com>; Liming Gao
>> <gaoliming@byosoft.com.cn>; Liu, Zhiguang <zhiguang.liu@intel.com>;
>> Wang, Jian J <jian.j.wang@intel.com>; Wu, Hao A <hao.a.wu@intel.com>; Ni,
>> Ray <ray.ni@intel.com>; Vitaly Cheptsov <vit9696@protonmail.com>
>> Subject: [PATCH] MdePkg/Base.h: Introduce various alignment-related
>> macros
>>
>> ALIGNOF: Determining the alignment requirement of data types is crucial to
>> ensure safe memory accesses when parsing untrusted data.
>>
>> IS_POW2: Determining whether a value is a power of two is important to
>> verify whether untrusted values are valid alignment values.
>>
>> IS_ALIGNED: In combination with ALIGNOF data offsets can be verified.
>> A more general version of IS_ALIGNED defined by several modules.
>>
>> ADDRESS_IS_ALIGNED: Variant of IS_ALIGNED for pointers and addresses.
>> Replaces module-specific definitions throughout the codebase.
>>
>> ALIGN_VALUE_ADDEND: The added to align up can be used to directly
>> determine the required offset for data alignment.
>>
>> Cc: Michael D Kinney <michael.d.kinney@intel.com>
>> Cc: Liming Gao <gaoliming@byosoft.com.cn>
>> Cc: Zhiguang Liu <zhiguang.liu@intel.com>
>> Cc: Jian J Wang <jian.j.wang@intel.com>
>> Cc: Hao A Wu <hao.a.wu@intel.com>
>> Cc: Ray Ni <ray.ni@intel.com>
>> Cc: Vitaly Cheptsov <vit9696@protonmail.com>
>> Signed-off-by: Marvin Häuser <mhaeuser@posteo.de>
>> ---
>>   MdeModulePkg/Bus/Ata/AhciPei/AhciMode.c                  |  2 +-
>>   MdeModulePkg/Bus/Ata/AhciPei/AhciPeiPassThru.c           |  6 +-
>>   MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.c | 12 +--
>>   MdeModulePkg/Bus/Ata/AtaBusDxe/AtaPassThruExecute.c      |  2 +-
>>   MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDisk.c             |  4 +-
>>   MdeModulePkg/Bus/Ufs/UfsPassThruDxe/UfsPassThru.c        |  6 +-
>>   MdeModulePkg/Universal/EbcDxe/EbcExecute.c               | 36 ++++----
>>   MdeModulePkg/Bus/Ata/AhciPei/AhciPei.h                   |  1 -
>>   MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.h |  2 -
>>   MdeModulePkg/Bus/Ata/AtaBusDxe/AtaBus.h                  |  1 -
>>   MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDisk.h             |  4 +-
>>   MdeModulePkg/Bus/Ufs/UfsBlockIoPei/UfsBlockIoPei.h       |  2 -
>>   MdeModulePkg/Bus/Ufs/UfsPassThruDxe/UfsPassThru.h        |  2 -
>>   MdeModulePkg/Universal/EbcDxe/EbcExecute.h               |  3 +-
>>   MdePkg/Include/Base.h                                    | 90 +++++++++++++++++++-
>>   15 files changed, 125 insertions(+), 48 deletions(-)
>
> Suggest to break this into 2 patches:
> The first one is for MdePkg for adding the macros. And the second one for changes in MdeModulePkg.
>
> For the MdeModulePkg changes, they look good to me:
> Reviewed-by: Hao A Wu <hao.a.wu@intel.com>
>
> You can add the above 'R-b' tag for your MdeModulePkg patch in the V2 series.

Thank you! The reason I didn't do this is that MdeModulePkg already has 
"IS_ALIGNED" macros, so basically it would need three patches:
1) Rename MdeModulePkg "IS_ALIGNED" to something else
2) Introduce MdePkg "IS_ALIGNED"
3) Drop newly renamed macros from 1) to use the macros from 2)

if you prefer it that way, I'll have a V2 ready soon.

Best regards,
Marvin

>
> Best Regards,
> Hao Wu
>
>
>> diff --git a/MdeModulePkg/Bus/Ata/AhciPei/AhciMode.c
>> b/MdeModulePkg/Bus/Ata/AhciPei/AhciMode.c
>> index 7636ad27c86c..520197aee752 100644
>> --- a/MdeModulePkg/Bus/Ata/AhciPei/AhciMode.c
>> +++ b/MdeModulePkg/Bus/Ata/AhciPei/AhciMode.c
>> @@ -2099,7 +2099,7 @@ TrustTransferAtaDevice (
>>       // ATA PassThru PPI.     //     if ((AtaPassThru->Mode->IoAlign > 1) &&-
>>          !IS_ALIGNED (Buffer, AtaPassThru->Mode->IoAlign))
>> {+        !ADDRESS_IS_ALIGNED (Buffer, AtaPassThru->Mode->IoAlign))
>> {       NewBuffer = AllocateAlignedPages (                     EFI_SIZE_TO_PAGES
>> (TransferLength),                     AtaPassThru->Mode->IoAligndiff --git
>> a/MdeModulePkg/Bus/Ata/AhciPei/AhciPeiPassThru.c
>> b/MdeModulePkg/Bus/Ata/AhciPei/AhciPeiPassThru.c
>> index 191b78c88541..057ad42d596b 100644
>> --- a/MdeModulePkg/Bus/Ata/AhciPei/AhciPeiPassThru.c
>> +++ b/MdeModulePkg/Bus/Ata/AhciPei/AhciPeiPassThru.c
>> @@ -193,15 +193,15 @@ AhciAtaPassThruPassThru (
>>     }    IoAlign = This->Mode->IoAlign;-  if ((IoAlign > 1) && !IS_ALIGNED
>> (Packet->InDataBuffer, IoAlign)) {+  if ((IoAlign > 1)
>> && !ADDRESS_IS_ALIGNED (Packet->InDataBuffer, IoAlign)) {     return
>> EFI_INVALID_PARAMETER;   } -  if ((IoAlign > 1) && !IS_ALIGNED (Packet-
>>> OutDataBuffer, IoAlign)) {+  if ((IoAlign > 1) && !ADDRESS_IS_ALIGNED
>> (Packet->OutDataBuffer, IoAlign)) {     return EFI_INVALID_PARAMETER;   } -
>> if ((IoAlign > 1) && !IS_ALIGNED (Packet->Asb, IoAlign)) {+  if ((IoAlign > 1)
>> && !ADDRESS_IS_ALIGNED (Packet->Asb, IoAlign)) {     return
>> EFI_INVALID_PARAMETER;   } diff --git
>> a/MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.c
>> b/MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.c
>> index 86fe9d954fdb..c7b3cfce1340 100644
>> --- a/MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.c
>> +++ b/MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.c
>> @@ -1281,15 +1281,15 @@ AtaPassThruPassThru (
>>      Instance = ATA_PASS_THRU_PRIVATE_DATA_FROM_THIS (This); -  if
>> ((This->Mode->IoAlign > 1) && !IS_ALIGNED(Packet->InDataBuffer, This-
>>> Mode->IoAlign)) {+  if ((This->Mode->IoAlign > 1)
>> && !ADDRESS_IS_ALIGNED(Packet->InDataBuffer, This->Mode->IoAlign))
>> {     return EFI_INVALID_PARAMETER;   } -  if ((This->Mode->IoAlign > 1)
>> && !IS_ALIGNED(Packet->OutDataBuffer, This->Mode->IoAlign)) {+  if ((This-
>>> Mode->IoAlign > 1) && !ADDRESS_IS_ALIGNED(Packet->OutDataBuffer,
>> This->Mode->IoAlign)) {     return EFI_INVALID_PARAMETER;   } -  if ((This-
>>> Mode->IoAlign > 1) && !IS_ALIGNED(Packet->Asb, This->Mode->IoAlign))
>> {+  if ((This->Mode->IoAlign > 1) && !ADDRESS_IS_ALIGNED(Packet->Asb,
>> This->Mode->IoAlign)) {     return EFI_INVALID_PARAMETER;   } @@ -2012,15
>> +2012,15 @@ ExtScsiPassThruPassThru (
>>       return EFI_INVALID_PARAMETER;   } -  if ((This->Mode->IoAlign > 1)
>> && !IS_ALIGNED(Packet->InDataBuffer, This->Mode->IoAlign)) {+  if ((This-
>>> Mode->IoAlign > 1) && !ADDRESS_IS_ALIGNED(Packet->InDataBuffer, This-
>>> Mode->IoAlign)) {     return EFI_INVALID_PARAMETER;   } -  if ((This->Mode-
>>> IoAlign > 1) && !IS_ALIGNED(Packet->OutDataBuffer, This->Mode-
>>> IoAlign)) {+  if ((This->Mode->IoAlign > 1)
>> && !ADDRESS_IS_ALIGNED(Packet->OutDataBuffer, This->Mode->IoAlign))
>> {     return EFI_INVALID_PARAMETER;   } -  if ((This->Mode->IoAlign > 1)
>> && !IS_ALIGNED(Packet->SenseData, This->Mode->IoAlign)) {+  if ((This-
>>> Mode->IoAlign > 1) && !ADDRESS_IS_ALIGNED(Packet->SenseData, This-
>>> Mode->IoAlign)) {     return EFI_INVALID_PARAMETER;   } diff --git
>> a/MdeModulePkg/Bus/Ata/AtaBusDxe/AtaPassThruExecute.c
>> b/MdeModulePkg/Bus/Ata/AtaBusDxe/AtaPassThruExecute.c
>> index 79026a4a957d..eabab8ac5bc5 100644
>> --- a/MdeModulePkg/Bus/Ata/AtaBusDxe/AtaPassThruExecute.c
>> +++ b/MdeModulePkg/Bus/Ata/AtaBusDxe/AtaPassThruExecute.c
>> @@ -1036,7 +1036,7 @@ TrustTransferAtaDevice (
>>       // Check the alignment of the incoming buffer prior to invoking underlying
>> ATA PassThru     //     AtaPassThru = AtaDevice->AtaBusDriverData-
>>> AtaPassThru;-    if ((AtaPassThru->Mode->IoAlign > 1) && !IS_ALIGNED
>> (Buffer, AtaPassThru->Mode->IoAlign)) {+    if ((AtaPassThru->Mode-
>>> IoAlign > 1) && !ADDRESS_IS_ALIGNED (Buffer, AtaPassThru->Mode-
>>> IoAlign)) {       NewBuffer = AllocateAlignedBuffer (AtaDevice,
>> TransferLength);       if (NewBuffer == NULL) {         return
>> EFI_OUT_OF_RESOURCES;diff --git
>> a/MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDisk.c
>> b/MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDisk.c
>> index c80e78fa8a6b..81db2efd0599 100644
>> --- a/MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDisk.c
>> +++ b/MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDisk.c
>> @@ -1956,7 +1956,7 @@ ScsiDiskReceiveData (
>>         goto Done;     } -    if ((ScsiDiskDevice->ScsiIo->IoAlign > 1)
>> && !IS_ALIGNED (PayloadBuffer, ScsiDiskDevice->ScsiIo->IoAlign)) {+    if
>> ((ScsiDiskDevice->ScsiIo->IoAlign > 1) && !ADDRESS_IS_ALIGNED
>> (PayloadBuffer, ScsiDiskDevice->ScsiIo->IoAlign)) {       AlignedBuffer =
>> AllocateAlignedBuffer (ScsiDiskDevice, PayloadBufferSize);       if
>> (AlignedBuffer == NULL) {         Status = EFI_OUT_OF_RESOURCES;@@ -
>> 2171,7 +2171,7 @@ ScsiDiskSendData (
>>         goto Done;     } -    if ((ScsiDiskDevice->ScsiIo->IoAlign > 1)
>> && !IS_ALIGNED (PayloadBuffer, ScsiDiskDevice->ScsiIo->IoAlign)) {+    if
>> ((ScsiDiskDevice->ScsiIo->IoAlign > 1) && !ADDRESS_IS_ALIGNED
>> (PayloadBuffer, ScsiDiskDevice->ScsiIo->IoAlign)) {       AlignedBuffer =
>> AllocateAlignedBuffer (ScsiDiskDevice, PayloadBufferSize);       if
>> (AlignedBuffer == NULL) {         Status = EFI_OUT_OF_RESOURCES;diff --git
>> a/MdeModulePkg/Bus/Ufs/UfsPassThruDxe/UfsPassThru.c
>> b/MdeModulePkg/Bus/Ufs/UfsPassThruDxe/UfsPassThru.c
>> index 92ff958f161e..c4d01a20fcbe 100644
>> --- a/MdeModulePkg/Bus/Ufs/UfsPassThruDxe/UfsPassThru.c
>> +++ b/MdeModulePkg/Bus/Ufs/UfsPassThruDxe/UfsPassThru.c
>> @@ -170,15 +170,15 @@ UfsPassThruPassThru (
>>       return EFI_INVALID_PARAMETER;   } -  if ((This->Mode->IoAlign > 1)
>> && !IS_ALIGNED(Packet->InDataBuffer, This->Mode->IoAlign)) {+  if ((This-
>>> Mode->IoAlign > 1) && !ADDRESS_IS_ALIGNED(Packet->InDataBuffer, This-
>>> Mode->IoAlign)) {     return EFI_INVALID_PARAMETER;   } -  if ((This->Mode-
>>> IoAlign > 1) && !IS_ALIGNED(Packet->OutDataBuffer, This->Mode-
>>> IoAlign)) {+  if ((This->Mode->IoAlign > 1)
>> && !ADDRESS_IS_ALIGNED(Packet->OutDataBuffer, This->Mode->IoAlign))
>> {     return EFI_INVALID_PARAMETER;   } -  if ((This->Mode->IoAlign > 1)
>> && !IS_ALIGNED(Packet->SenseData, This->Mode->IoAlign)) {+  if ((This-
>>> Mode->IoAlign > 1) && !ADDRESS_IS_ALIGNED(Packet->SenseData, This-
>>> Mode->IoAlign)) {     return EFI_INVALID_PARAMETER;   } diff --git
>> a/MdeModulePkg/Universal/EbcDxe/EbcExecute.c
>> b/MdeModulePkg/Universal/EbcDxe/EbcExecute.c
>> index 1c4a4f5155c9..ba66f441bcea 100644
>> --- a/MdeModulePkg/Universal/EbcDxe/EbcExecute.c
>> +++ b/MdeModulePkg/Universal/EbcDxe/EbcExecute.c
>> @@ -2004,7 +2004,7 @@ ExecuteJMP (
>>       // check for alignment, and jump absolute.     //     Data64 = (UINT64)
>> VmReadImmed64 (VmPtr, 2);-    if (!IS_ALIGNED ((UINTN) Data64, sizeof
>> (UINT16))) {+    if (!ADDRESS_IS_ALIGNED ((UINTN) Data64, sizeof (UINT16)))
>> {       EbcDebugSignalException (         EXCEPT_EBC_ALIGNMENT_CHECK,
>> EXCEPTION_FLAG_FATAL,@@ -2059,7 +2059,7 @@ ExecuteJMP (
>>       // Form: JMP32 @Rx {Index32}     //     Addr = VmReadMemN (VmPtr,
>> (UINTN) Data64 + Index32);-    if (!IS_ALIGNED ((UINTN) Addr, sizeof
>> (UINT16))) {+    if (!ADDRESS_IS_ALIGNED ((UINTN) Addr, sizeof (UINT16)))
>> {       EbcDebugSignalException (         EXCEPT_EBC_ALIGNMENT_CHECK,
>> EXCEPTION_FLAG_FATAL,@@ -2082,7 +2082,7 @@ ExecuteJMP (
>>       // Form: JMP32 Rx {Immed32}     //     Addr = (UINTN) (Data64 + Index32);-
>> if (!IS_ALIGNED ((UINTN) Addr, sizeof (UINT16))) {+    if
>> (!ADDRESS_IS_ALIGNED ((UINTN) Addr, sizeof (UINT16)))
>> {       EbcDebugSignalException (         EXCEPT_EBC_ALIGNMENT_CHECK,
>> EXCEPTION_FLAG_FATAL,@@ -3128,7 +3128,7 @@ ExecuteRET (
>>       // Pull the return address off the VM app's stack and set the IP     // to it
>> //-    if (!IS_ALIGNED ((UINTN) VmPtr->Gpr[0], sizeof (UINT16))) {+    if
>> (!ADDRESS_IS_ALIGNED ((UINTN) VmPtr->Gpr[0], sizeof (UINT16)))
>> {       EbcDebugSignalException (         EXCEPT_EBC_ALIGNMENT_CHECK,
>> EXCEPTION_FLAG_FATAL,@@ -4693,7 +4693,7 @@ VmWriteMem16 (
>>     //   // Do a simple write if aligned   //-  if (IS_ALIGNED (Addr, sizeof
>> (UINT16))) {+  if (ADDRESS_IS_ALIGNED (Addr, sizeof (UINT16)))
>> {     *(UINT16 *) Addr = Data;   } else {     //@@ -4756,7 +4756,7 @@
>> VmWriteMem32 (
>>     //   // Do a simple write if aligned   //-  if (IS_ALIGNED (Addr, sizeof
>> (UINT32))) {+  if (ADDRESS_IS_ALIGNED (Addr, sizeof (UINT32)))
>> {     *(UINT32 *) Addr = Data;   } else {     //@@ -4819,7 +4819,7 @@
>> VmWriteMem64 (
>>     //   // Do a simple write if aligned   //-  if (IS_ALIGNED (Addr, sizeof
>> (UINT64))) {+  if (ADDRESS_IS_ALIGNED (Addr, sizeof (UINT64)))
>> {     *(UINT64 *) Addr = Data;   } else {     //@@ -4885,7 +4885,7 @@
>> VmWriteMemN (
>>     //   // Do a simple write if aligned   //-  if (IS_ALIGNED (Addr, sizeof (UINTN)))
>> {+  if (ADDRESS_IS_ALIGNED (Addr, sizeof (UINTN))) {     *(UINTN *) Addr =
>> Data;   } else {     for (Index = 0; Index < sizeof (UINTN) / sizeof (UINT32);
>> Index++) {@@ -4949,7 +4949,7 @@ VmReadImmed16 (
>>     //   // Read direct if aligned   //-  if (IS_ALIGNED ((UINTN) VmPtr->Ip +
>> Offset, sizeof (INT16))) {+  if (ADDRESS_IS_ALIGNED ((UINTN) VmPtr->Ip +
>> Offset, sizeof (INT16))) {     return * (INT16 *) (VmPtr->Ip + Offset);   } else
>> {     //@@ -4993,7 +4993,7 @@ VmReadImmed32 (
>>     //   // Read direct if aligned   //-  if (IS_ALIGNED ((UINTN) VmPtr->Ip +
>> Offset, sizeof (UINT32))) {+  if (ADDRESS_IS_ALIGNED ((UINTN) VmPtr->Ip +
>> Offset, sizeof (UINT32))) {     return * (INT32 *) (VmPtr->Ip + Offset);   }
>> //@@ -5032,7 +5032,7 @@ VmReadImmed64 (
>>     //   // Read direct if aligned   //-  if (IS_ALIGNED ((UINTN) VmPtr->Ip +
>> Offset, sizeof (UINT64))) {+  if (ADDRESS_IS_ALIGNED ((UINTN) VmPtr->Ip +
>> Offset, sizeof (UINT64))) {     return * (UINT64 *) (VmPtr->Ip + Offset);   }
>> //@@ -5069,7 +5069,7 @@ VmReadCode16 (
>>     //   // Read direct if aligned   //-  if (IS_ALIGNED ((UINTN) VmPtr->Ip +
>> Offset, sizeof (UINT16))) {+  if (ADDRESS_IS_ALIGNED ((UINTN) VmPtr->Ip +
>> Offset, sizeof (UINT16))) {     return * (UINT16 *) (VmPtr->Ip + Offset);   } else
>> {     //@@ -5110,7 +5110,7 @@ VmReadCode32 (
>>     //   // Read direct if aligned   //-  if (IS_ALIGNED ((UINTN) VmPtr->Ip +
>> Offset, sizeof (UINT32))) {+  if (ADDRESS_IS_ALIGNED ((UINTN) VmPtr->Ip +
>> Offset, sizeof (UINT32))) {     return * (UINT32 *) (VmPtr->Ip + Offset);   }
>> //@@ -5147,7 +5147,7 @@ VmReadCode64 (
>>     //   // Read direct if aligned   //-  if (IS_ALIGNED ((UINTN) VmPtr->Ip +
>> Offset, sizeof (UINT64))) {+  if (ADDRESS_IS_ALIGNED ((UINTN) VmPtr->Ip +
>> Offset, sizeof (UINT64))) {     return * (UINT64 *) (VmPtr->Ip + Offset);   }
>> //@@ -5210,7 +5210,7 @@ VmReadMem16 (
>>     //   // Read direct if aligned   //-  if (IS_ALIGNED (Addr, sizeof (UINT16))) {+
>> if (ADDRESS_IS_ALIGNED (Addr, sizeof (UINT16))) {     return * (UINT16 *)
>> Addr;   }   //@@ -5243,7 +5243,7 @@ VmReadMem32 (
>>     //   // Read direct if aligned   //-  if (IS_ALIGNED (Addr, sizeof (UINT32))) {+
>> if (ADDRESS_IS_ALIGNED (Addr, sizeof (UINT32))) {     return * (UINT32 *)
>> Addr;   }   //@@ -5280,7 +5280,7 @@ VmReadMem64 (
>>     //   // Read direct if aligned   //-  if (IS_ALIGNED (Addr, sizeof (UINT64))) {+
>> if (ADDRESS_IS_ALIGNED (Addr, sizeof (UINT64))) {     return * (UINT64 *)
>> Addr;   }   //@@ -5349,7 +5349,7 @@ VmReadMemN (
>>     //   // Read direct if aligned   //-  if (IS_ALIGNED (Addr, sizeof (UINTN))) {+  if
>> (ADDRESS_IS_ALIGNED (Addr, sizeof (UINTN))) {     return * (UINTN *)
>> Addr;   }   //diff --git a/MdeModulePkg/Bus/Ata/AhciPei/AhciPei.h
>> b/MdeModulePkg/Bus/Ata/AhciPei/AhciPei.h
>> index 2be78076bee7..59bb9e5d0bca 100644
>> --- a/MdeModulePkg/Bus/Ata/AhciPei/AhciPei.h
>> +++ b/MdeModulePkg/Bus/Ata/AhciPei/AhciPei.h
>> @@ -145,7 +145,6 @@ typedef union {
>>   #define AHCI_PORT_SERR                         0x0030 #define AHCI_PORT_CI
>> 0x0038 -#define IS_ALIGNED(addr, size)                 (((UINTN) (addr) & (size - 1))
>> == 0) #define TIMER_PERIOD_SECONDS(Seconds)
>> MultU64x32((UINT64)(Seconds), 10000000)  #pragma pack(1)diff --git
>> a/MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.h
>> b/MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.h
>> index 5f582b9b3e76..99bbf7d14a17 100644
>> --- a/MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.h
>> +++ b/MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.h
>> @@ -147,8 +147,6 @@ struct _ATA_NONBLOCK_TASK {
>>   #define ATA_ATAPI_TIMEOUT           EFI_TIMER_PERIOD_SECONDS(3)
>> #define ATA_SPINUP_TIMEOUT          EFI_TIMER_PERIOD_SECONDS(10) -
>> #define IS_ALIGNED(addr, size)      (((UINTN) (addr) & (size - 1)) == 0)-
>> #define ATA_PASS_THRU_PRIVATE_DATA_FROM_THIS(a) \   CR (a, \
>> ATA_ATAPI_PASS_THRU_INSTANCE, \diff --git
>> a/MdeModulePkg/Bus/Ata/AtaBusDxe/AtaBus.h
>> b/MdeModulePkg/Bus/Ata/AtaBusDxe/AtaBus.h
>> index a5a865209942..172d2d61ea6c 100644
>> --- a/MdeModulePkg/Bus/Ata/AtaBusDxe/AtaBus.h
>> +++ b/MdeModulePkg/Bus/Ata/AtaBusDxe/AtaBus.h
>> @@ -76,7 +76,6 @@
>>   #define ATA_TASK_SIGNATURE                SIGNATURE_32 ('A', 'T', 'S', 'K')
>> #define ATA_DEVICE_SIGNATURE              SIGNATURE_32 ('A', 'B', 'I', 'D')
>> #define ATA_SUB_TASK_SIGNATURE            SIGNATURE_32 ('A', 'S', 'T', 'S')-
>> #define IS_ALIGNED(addr, size)            (((UINTN) (addr) & (size - 1)) == 0)  // //
>> ATA bus data structure for ATA controllerdiff --git
>> a/MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDisk.h
>> b/MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDisk.h
>> index ed9bbd6f8ba8..86ad27b3292f 100644
>> --- a/MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDisk.h
>> +++ b/MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDisk.h
>> @@ -37,9 +37,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
>>   #include <IndustryStandard/Scsi.h> #include <IndustryStandard/Atapi.h> -
>> #define IS_DEVICE_FIXED(a)        (a)->FixedDevice ? 1 : 0--#define
>> IS_ALIGNED(addr, size)    (((UINTN) (addr) & (size - 1)) == 0)+#define
>> IS_DEVICE_FIXED(a)          (a)->FixedDevice ? 1 : 0  #define UFS_WLUN_RPMB
>> 0xC4 diff --git a/MdeModulePkg/Bus/Ufs/UfsBlockIoPei/UfsBlockIoPei.h
>> b/MdeModulePkg/Bus/Ufs/UfsBlockIoPei/UfsBlockIoPei.h
>> index 6e2305aa2bc2..7306106a4454 100644
>> --- a/MdeModulePkg/Bus/Ufs/UfsBlockIoPei/UfsBlockIoPei.h
>> +++ b/MdeModulePkg/Bus/Ufs/UfsBlockIoPei/UfsBlockIoPei.h
>> @@ -133,8 +133,6 @@ typedef struct _UFS_PEIM_HC_PRIVATE_DATA {
>>    #define ROUNDUP8(x) (((x) % 8 == 0) ? (x) : ((x) / 8 + 1) * 8) -#define
>> IS_ALIGNED(addr, size)      (((UINTN) (addr) & (size - 1)) == 0)- #define
>> GET_UFS_PEIM_HC_PRIVATE_DATA_FROM_THIS(a) CR (a,
>> UFS_PEIM_HC_PRIVATE_DATA, BlkIoPpi, UFS_PEIM_HC_SIG) #define
>> GET_UFS_PEIM_HC_PRIVATE_DATA_FROM_THIS2(a) CR (a,
>> UFS_PEIM_HC_PRIVATE_DATA, BlkIo2Ppi, UFS_PEIM_HC_SIG) #define
>> GET_UFS_PEIM_HC_PRIVATE_DATA_FROM_THIS_NOTIFY(a) CR (a,
>> UFS_PEIM_HC_PRIVATE_DATA, EndOfPeiNotifyList, UFS_PEIM_HC_SIG)diff
>> --git a/MdeModulePkg/Bus/Ufs/UfsPassThruDxe/UfsPassThru.h
>> b/MdeModulePkg/Bus/Ufs/UfsPassThruDxe/UfsPassThru.h
>> index 79b86f7e6b3d..11b5b197b67a 100644
>> --- a/MdeModulePkg/Bus/Ufs/UfsPassThruDxe/UfsPassThru.h
>> +++ b/MdeModulePkg/Bus/Ufs/UfsPassThruDxe/UfsPassThru.h
>> @@ -105,8 +105,6 @@ typedef struct {
>>    #define ROUNDUP8(x) (((x) % 8 == 0) ? (x) : ((x) / 8 + 1) * 8) -#define
>> IS_ALIGNED(addr, size)        (((UINTN) (addr) & (size - 1)) == 0)- #define
>> UFS_PASS_THRU_PRIVATE_DATA_FROM_THIS(a) \   CR (a, \
>> UFS_PASS_THRU_PRIVATE_DATA, \diff --git
>> a/MdeModulePkg/Universal/EbcDxe/EbcExecute.h
>> b/MdeModulePkg/Universal/EbcDxe/EbcExecute.h
>> index 1cb68bc5385a..858ca7fc86ae 100644
>> --- a/MdeModulePkg/Universal/EbcDxe/EbcExecute.h
>> +++ b/MdeModulePkg/Universal/EbcDxe/EbcExecute.h
>> @@ -14,8 +14,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
>>   // // Macros to check and set alignment //-#define ASSERT_ALIGNED(addr,
>> size)  ASSERT (!((UINT32) (addr) & (size - 1)))-#define IS_ALIGNED(addr,
>> size)      !((UINT32) (addr) & (size - 1))+#define ASSERT_ALIGNED(addr, size)
>> ASSERT (IS_ALIGNED (addr, size))  // // Debug macrodiff --git
>> a/MdePkg/Include/Base.h b/MdePkg/Include/Base.h
>> index 2da08b0c787f..32d0e512e05f 100644
>> --- a/MdePkg/Include/Base.h
>> +++ b/MdePkg/Include/Base.h
>> @@ -789,6 +789,35 @@ typedef UINTN  *BASE_LIST;
>>   #define OFFSET_OF(TYPE, Field) ((UINTN) &(((TYPE *)0)->Field)) #endif
>> +/**+  Returns the alignment requirement of a type.++  @param   TYPE  The
>> name of the type to retrieve the alignment requirement of.++  @return
>> Alignment requirement, in Bytes, of TYPE.+**/+#if defined(__GNUC__) ||
>> defined(__clang__) || (defined(_MSC_VER) && _MSC_VER >= 1900)+  //+
>> // All supported versions of GCC and Clang, as well as MSVC 2015 and later,+
>> // support the standard operator _Alignof.+  //+  #define ALIGNOF(TYPE)
>> _Alignof (TYPE)+#elif defined(_MSC_VER)+  //+  // Earlier versions of MSVC,
>> at least MSVC 2008 and later, support the+  // vendor-extension __alignof.+
>> //+  #define ALIGNOF(TYPE)  __alignof (TYPE)+#else+  //+  // For compilers
>> that do not support inbuilt alignof operators, use OFFSET_OF.+  // CHAR8 is
>> known to have both a size and an alignment requirement of 1 Byte.+  // As
>> such, A must be located exactly at the offset equal to its alignment+  //
>> requirement.+  //+  #define ALIGNOF(TYPE) OFFSET_OF (struct { CHAR8 C;
>> TYPE A; }, A)+#endif+ /**   Portable definition for compile time assertions.
>> Equivalent to C11 static_assert macro from assert.h.@@ -824,6 +853,21 @@
>> STATIC_ASSERT (sizeof (CHAR16)  == 2, "sizeof (CHAR16) does not meet UEFI
>> Specif
>>   STATIC_ASSERT (sizeof (L'A')    == 2, "sizeof (L'A') does not meet UEFI
>> Specification Data Type requirements"); STATIC_ASSERT (sizeof (L"A")    == 4,
>> "sizeof (L\"A\") does not meet UEFI Specification Data Type requirements");
>> +STATIC_ASSERT (ALIGNOF (BOOLEAN) == sizeof (BOOLEAN), "Alignment of
>> BOOLEAN does not meet UEFI Specification Data Type
>> requirements");+STATIC_ASSERT (ALIGNOF (INT8)    == sizeof (INT8),
>> "Alignment of INT8 does not meet UEFI Specification Data Type
>> requirements");+STATIC_ASSERT (ALIGNOF (UINT8)   == sizeof (UINT8),
>> "Alignment of INT16 does not meet UEFI Specification Data Type
>> requirements");+STATIC_ASSERT (ALIGNOF (INT16)   == sizeof (INT16),
>> "Alignment of INT16 does not meet UEFI Specification Data Type
>> requirements");+STATIC_ASSERT (ALIGNOF (UINT16)  == sizeof (UINT16),
>> "Alignment of UINT16 does not meet UEFI Specification Data Type
>> requirements");+STATIC_ASSERT (ALIGNOF (INT32)   == sizeof (INT32),
>> "Alignment of INT32 does not meet UEFI Specification Data Type
>> requirements");+STATIC_ASSERT (ALIGNOF (UINT32)  == sizeof (UINT32),
>> "Alignment of UINT32 does not meet UEFI Specification Data Type
>> requirements");+STATIC_ASSERT (ALIGNOF (INT64)   == sizeof (INT64),
>> "Alignment of INT64 does not meet UEFI Specification Data Type
>> requirements");+STATIC_ASSERT (ALIGNOF (UINT64)  == sizeof (UINT64),
>> "Alignment of UINT64 does not meet UEFI Specification Data Type
>> requirements");+STATIC_ASSERT (ALIGNOF (CHAR8)   == sizeof (CHAR8),
>> "Alignment of CHAR8 does not meet UEFI Specification Data Type
>> requirements");+STATIC_ASSERT (ALIGNOF (CHAR16)  == sizeof (CHAR16),
>> "Alignment of CHAR16 does not meet UEFI Specification Data Type
>> requirements");+STATIC_ASSERT (ALIGNOF (INTN)    == sizeof (INTN),
>> "Alignment of INTN does not meet UEFI Specification Data Type
>> requirements");+STATIC_ASSERT (ALIGNOF (UINTN)   == sizeof (UINTN),
>> "Alignment of UINTN does not meet UEFI Specification Data Type
>> requirements");+STATIC_ASSERT (ALIGNOF (VOID *)  == sizeof (VOID *),
>> "Alignment of VOID * does not meet UEFI Specification Data Type
>> requirements");+ // // The following three enum types are used to verify
>> that the compiler // configuration for enum types is compliant with Section
>> 2.3.1 of the@@ -847,6 +891,10 @@ STATIC_ASSERT (sizeof
>> (__VERIFY_UINT8_ENUM_SIZE) == 4, "Size of enum does not me
>>   STATIC_ASSERT (sizeof (__VERIFY_UINT16_ENUM_SIZE) == 4, "Size of enum
>> does not meet UEFI Specification Data Type requirements"); STATIC_ASSERT
>> (sizeof (__VERIFY_UINT32_ENUM_SIZE) == 4, "Size of enum does not meet
>> UEFI Specification Data Type requirements"); +STATIC_ASSERT (ALIGNOF
>> (__VERIFY_UINT8_ENUM_SIZE)  == sizeof (__VERIFY_UINT8_ENUM_SIZE),
>> "Alignment of enum does not meet UEFI Specification Data Type
>> requirements");+STATIC_ASSERT (ALIGNOF (__VERIFY_UINT16_ENUM_SIZE)
>> == sizeof (__VERIFY_UINT16_ENUM_SIZE), "Alignment of enum does not
>> meet UEFI Specification Data Type requirements");+STATIC_ASSERT
>> (ALIGNOF (__VERIFY_UINT32_ENUM_SIZE) == sizeof
>> (__VERIFY_UINT32_ENUM_SIZE), "Alignment of enum does not meet UEFI
>> Specification Data Type requirements");+ /**   Macro that returns a pointer
>> to the data structure that contains a specified field of   that data structure.
>> This is a lightweight method to hide information by placing a@@ -868,6
>> +916,46 @@ STATIC_ASSERT (sizeof (__VERIFY_UINT32_ENUM_SIZE) == 4,
>> "Size of enum does not m
>>   **/ #define BASE_CR(Record, TYPE, Field)  ((TYPE *) ((CHAR8 *) (Record) -
>> OFFSET_OF (TYPE, Field))) +/**+  Checks whether a value is a power of
>> two.++  @param   Value  The value to check.++  @return  Whether Value is a
>> power of two.+**/+#define IS_POW2(Value)  ((Value) != 0U && ((Value) &
>> ((Value) - 1U)) == 0U)++/**+  Checks whether a value is aligned by a
>> specified alignment.++  @param   Value      The value to check.+  @param
>> Alignment  The alignment boundary used to check against.++  @return
>> Whether Value is aligned by Alignment.+**/+#define IS_ALIGNED(Value,
>> Alignment)  (((Value) & ((Alignment) - 1U)) == 0U)++/**+  Checks whether a
>> pointer or address is aligned by a specified alignment.++  @param   Address
>> The pointer or address to check.+  @param   Alignment  The alignment
>> boundary used to check against.++  @return  Whether Address is aligned by
>> Alignment.+**/+#define ADDRESS_IS_ALIGNED(Address, Alignment)
>> IS_ALIGNED ((UINTN) (Address), Alignment)++/**+  Determines the addend
>> to add to a value to round it up to the next boundary of+  a specified
>> alignment.++  @param   Value      The value to round up.+  @param
>> Alignment  The alignment boundary used to return the addend.++  @return
>> Addend to round Value up to alignment boundary Alignment.+**/+#define
>> ALIGN_VALUE_ADDEND(Value, Alignment)  (((Alignment) - (Value)) &
>> ((Alignment) - 1U))+ /**   Rounds a value up to the next boundary using a
>> specified alignment. @@ -880,7 +968,7 @@ STATIC_ASSERT (sizeof
>> (__VERIFY_UINT32_ENUM_SIZE) == 4, "Size of enum does not m
>>     @return  A value up to the next boundary.  **/-#define
>> ALIGN_VALUE(Value, Alignment) ((Value) + (((Alignment) - (Value)) &
>> ((Alignment) - 1)))+#define ALIGN_VALUE(Value, Alignment) ((Value) +
>> ALIGN_VALUE_ADDEND (Value, Alignment))  /**   Adjust a pointer by adding
>> the minimum offset required for it to be aligned on--
>> 2.31.1
>
>
> 
>
>


^ permalink raw reply	[flat|nested] 49+ messages in thread

* Re: [edk2-devel] [PATCH] MdePkg/Base.h: Introduce various alignment-related macros
  2021-08-13  8:41     ` [edk2-devel] " Marvin Häuser
@ 2021-08-13  8:45       ` Wu, Hao A
  0 siblings, 0 replies; 49+ messages in thread
From: Wu, Hao A @ 2021-08-13  8:45 UTC (permalink / raw)
  To: devel@edk2.groups.io, mhaeuser@posteo.de
  Cc: Kinney, Michael D, Liming Gao, Liu, Zhiguang, Wang, Jian J,
	Ni, Ray, Vitaly Cheptsov

> -----Original Message-----
> From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Marvin
> H?user
> Sent: Friday, August 13, 2021 4:41 PM
> To: devel@edk2.groups.io; Wu, Hao A <hao.a.wu@intel.com>
> Cc: Kinney, Michael D <michael.d.kinney@intel.com>; Liming Gao
> <gaoliming@byosoft.com.cn>; Liu, Zhiguang <zhiguang.liu@intel.com>;
> Wang, Jian J <jian.j.wang@intel.com>; Ni, Ray <ray.ni@intel.com>; Vitaly
> Cheptsov <vit9696@protonmail.com>
> Subject: Re: [edk2-devel] [PATCH] MdePkg/Base.h: Introduce various
> alignment-related macros
> 
> On 13/08/2021 09:27, Wu, Hao A wrote:
> >> -----Original Message-----
> >> From: Marvin Häuser <mhaeuser@posteo.de>
> >> Sent: Monday, August 9, 2021 3:40 AM
> >> To: devel@edk2.groups.io
> >> Cc: Kinney, Michael D <michael.d.kinney@intel.com>; Liming Gao
> >> <gaoliming@byosoft.com.cn>; Liu, Zhiguang <zhiguang.liu@intel.com>;
> >> Wang, Jian J <jian.j.wang@intel.com>; Wu, Hao A <hao.a.wu@intel.com>;
> >> Ni, Ray <ray.ni@intel.com>; Vitaly Cheptsov <vit9696@protonmail.com>
> >> Subject: [PATCH] MdePkg/Base.h: Introduce various alignment-related
> >> macros
> >>
> >> ALIGNOF: Determining the alignment requirement of data types is
> >> crucial to ensure safe memory accesses when parsing untrusted data.
> >>
> >> IS_POW2: Determining whether a value is a power of two is important
> >> to verify whether untrusted values are valid alignment values.
> >>
> >> IS_ALIGNED: In combination with ALIGNOF data offsets can be verified.
> >> A more general version of IS_ALIGNED defined by several modules.
> >>
> >> ADDRESS_IS_ALIGNED: Variant of IS_ALIGNED for pointers and addresses.
> >> Replaces module-specific definitions throughout the codebase.
> >>
> >> ALIGN_VALUE_ADDEND: The added to align up can be used to directly
> >> determine the required offset for data alignment.
> >>
> >> Cc: Michael D Kinney <michael.d.kinney@intel.com>
> >> Cc: Liming Gao <gaoliming@byosoft.com.cn>
> >> Cc: Zhiguang Liu <zhiguang.liu@intel.com>
> >> Cc: Jian J Wang <jian.j.wang@intel.com>
> >> Cc: Hao A Wu <hao.a.wu@intel.com>
> >> Cc: Ray Ni <ray.ni@intel.com>
> >> Cc: Vitaly Cheptsov <vit9696@protonmail.com>
> >> Signed-off-by: Marvin Häuser <mhaeuser@posteo.de>
> >> ---
> >>   MdeModulePkg/Bus/Ata/AhciPei/AhciMode.c                  |  2 +-
> >>   MdeModulePkg/Bus/Ata/AhciPei/AhciPeiPassThru.c           |  6 +-
> >>   MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.c | 12 +--
> >>   MdeModulePkg/Bus/Ata/AtaBusDxe/AtaPassThruExecute.c      |  2 +-
> >>   MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDisk.c             |  4 +-
> >>   MdeModulePkg/Bus/Ufs/UfsPassThruDxe/UfsPassThru.c        |  6 +-
> >>   MdeModulePkg/Universal/EbcDxe/EbcExecute.c               | 36 ++++----
> >>   MdeModulePkg/Bus/Ata/AhciPei/AhciPei.h                   |  1 -
> >>   MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.h |  2 -
> >>   MdeModulePkg/Bus/Ata/AtaBusDxe/AtaBus.h                  |  1 -
> >>   MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDisk.h             |  4 +-
> >>   MdeModulePkg/Bus/Ufs/UfsBlockIoPei/UfsBlockIoPei.h       |  2 -
> >>   MdeModulePkg/Bus/Ufs/UfsPassThruDxe/UfsPassThru.h        |  2 -
> >>   MdeModulePkg/Universal/EbcDxe/EbcExecute.h               |  3 +-
> >>   MdePkg/Include/Base.h                                    | 90 +++++++++++++++++++-
> >>   15 files changed, 125 insertions(+), 48 deletions(-)
> >
> > Suggest to break this into 2 patches:
> > The first one is for MdePkg for adding the macros. And the second one for
> changes in MdeModulePkg.
> >
> > For the MdeModulePkg changes, they look good to me:
> > Reviewed-by: Hao A Wu <hao.a.wu@intel.com>
> >
> > You can add the above 'R-b' tag for your MdeModulePkg patch in the V2
> series.
> 
> Thank you! The reason I didn't do this is that MdeModulePkg already has
> "IS_ALIGNED" macros, so basically it would need three patches:
> 1) Rename MdeModulePkg "IS_ALIGNED" to something else
> 2) Introduce MdePkg "IS_ALIGNED"
> 3) Drop newly renamed macros from 1) to use the macros from 2)


Please help to do so.
Generally, a single patch should make changes within only one package.

Best Regards,
Hao Wu


> 
> if you prefer it that way, I'll have a V2 ready soon.
> 
> Best regards,
> Marvin
> 
> >
> > Best Regards,
> > Hao Wu
> >
> >
> >> diff --git a/MdeModulePkg/Bus/Ata/AhciPei/AhciMode.c
> >> b/MdeModulePkg/Bus/Ata/AhciPei/AhciMode.c
> >> index 7636ad27c86c..520197aee752 100644
> >> --- a/MdeModulePkg/Bus/Ata/AhciPei/AhciMode.c
> >> +++ b/MdeModulePkg/Bus/Ata/AhciPei/AhciMode.c
> >> @@ -2099,7 +2099,7 @@ TrustTransferAtaDevice (
> >>       // ATA PassThru PPI.     //     if ((AtaPassThru->Mode->IoAlign > 1) &&-
> >>          !IS_ALIGNED (Buffer, AtaPassThru->Mode->IoAlign))
> >> {+        !ADDRESS_IS_ALIGNED (Buffer, AtaPassThru->Mode->IoAlign))
> >> {       NewBuffer = AllocateAlignedPages (                     EFI_SIZE_TO_PAGES
> >> (TransferLength),                     AtaPassThru->Mode->IoAligndiff --git
> >> a/MdeModulePkg/Bus/Ata/AhciPei/AhciPeiPassThru.c
> >> b/MdeModulePkg/Bus/Ata/AhciPei/AhciPeiPassThru.c
> >> index 191b78c88541..057ad42d596b 100644
> >> --- a/MdeModulePkg/Bus/Ata/AhciPei/AhciPeiPassThru.c
> >> +++ b/MdeModulePkg/Bus/Ata/AhciPei/AhciPeiPassThru.c
> >> @@ -193,15 +193,15 @@ AhciAtaPassThruPassThru (
> >>     }    IoAlign = This->Mode->IoAlign;-  if ((IoAlign > 1) && !IS_ALIGNED
> >> (Packet->InDataBuffer, IoAlign)) {+  if ((IoAlign > 1)
> >> && !ADDRESS_IS_ALIGNED (Packet->InDataBuffer, IoAlign)) {     return
> >> EFI_INVALID_PARAMETER;   } -  if ((IoAlign > 1) && !IS_ALIGNED (Packet-
> >>> OutDataBuffer, IoAlign)) {+  if ((IoAlign > 1) &&
> >>> !ADDRESS_IS_ALIGNED
> >> (Packet->OutDataBuffer, IoAlign)) {     return EFI_INVALID_PARAMETER;   }
> -
> >> if ((IoAlign > 1) && !IS_ALIGNED (Packet->Asb, IoAlign)) {+  if ((IoAlign > 1)
> >> && !ADDRESS_IS_ALIGNED (Packet->Asb, IoAlign)) {     return
> >> EFI_INVALID_PARAMETER;   } diff --git
> >> a/MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.c
> >> b/MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.c
> >> index 86fe9d954fdb..c7b3cfce1340 100644
> >> --- a/MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.c
> >> +++ b/MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.c
> >> @@ -1281,15 +1281,15 @@ AtaPassThruPassThru (
> >>      Instance = ATA_PASS_THRU_PRIVATE_DATA_FROM_THIS (This); -  if
> >> ((This->Mode->IoAlign > 1) && !IS_ALIGNED(Packet->InDataBuffer, This-
> >>> Mode->IoAlign)) {+  if ((This->Mode->IoAlign > 1)
> >> && !ADDRESS_IS_ALIGNED(Packet->InDataBuffer, This->Mode->IoAlign))
> >> {     return EFI_INVALID_PARAMETER;   } -  if ((This->Mode->IoAlign > 1)
> >> && !IS_ALIGNED(Packet->OutDataBuffer, This->Mode->IoAlign)) {+  if
> >> ((This-
> >>> Mode->IoAlign > 1) && !ADDRESS_IS_ALIGNED(Packet->OutDataBuffer,
> >> This->Mode->IoAlign)) {     return EFI_INVALID_PARAMETER;   } -  if ((This-
> >>> Mode->IoAlign > 1) && !IS_ALIGNED(Packet->Asb, This->Mode-
> >IoAlign))
> >> {+  if ((This->Mode->IoAlign > 1) && !ADDRESS_IS_ALIGNED(Packet->Asb,
> >> This->Mode->IoAlign)) {     return EFI_INVALID_PARAMETER;   } @@ -
> 2012,15
> >> +2012,15 @@ ExtScsiPassThruPassThru (
> >>       return EFI_INVALID_PARAMETER;   } -  if ((This->Mode->IoAlign > 1)
> >> && !IS_ALIGNED(Packet->InDataBuffer, This->Mode->IoAlign)) {+  if
> >> ((This-
> >>> Mode->IoAlign > 1) && !ADDRESS_IS_ALIGNED(Packet->InDataBuffer,
> This-
> >>> Mode->IoAlign)) {     return EFI_INVALID_PARAMETER;   } -  if ((This-
> >Mode-
> >>> IoAlign > 1) && !IS_ALIGNED(Packet->OutDataBuffer, This->Mode-
> >>> IoAlign)) {+  if ((This->Mode->IoAlign > 1)
> >> && !ADDRESS_IS_ALIGNED(Packet->OutDataBuffer, This->Mode-
> >IoAlign))
> >> {     return EFI_INVALID_PARAMETER;   } -  if ((This->Mode->IoAlign > 1)
> >> && !IS_ALIGNED(Packet->SenseData, This->Mode->IoAlign)) {+  if
> >> ((This-
> >>> Mode->IoAlign > 1) && !ADDRESS_IS_ALIGNED(Packet->SenseData,
> This-
> >>> Mode->IoAlign)) {     return EFI_INVALID_PARAMETER;   } diff --git
> >> a/MdeModulePkg/Bus/Ata/AtaBusDxe/AtaPassThruExecute.c
> >> b/MdeModulePkg/Bus/Ata/AtaBusDxe/AtaPassThruExecute.c
> >> index 79026a4a957d..eabab8ac5bc5 100644
> >> --- a/MdeModulePkg/Bus/Ata/AtaBusDxe/AtaPassThruExecute.c
> >> +++ b/MdeModulePkg/Bus/Ata/AtaBusDxe/AtaPassThruExecute.c
> >> @@ -1036,7 +1036,7 @@ TrustTransferAtaDevice (
> >>       // Check the alignment of the incoming buffer prior to invoking
> underlying
> >> ATA PassThru     //     AtaPassThru = AtaDevice->AtaBusDriverData-
> >>> AtaPassThru;-    if ((AtaPassThru->Mode->IoAlign > 1) && !IS_ALIGNED
> >> (Buffer, AtaPassThru->Mode->IoAlign)) {+    if ((AtaPassThru->Mode-
> >>> IoAlign > 1) && !ADDRESS_IS_ALIGNED (Buffer, AtaPassThru->Mode-
> >>> IoAlign)) {       NewBuffer = AllocateAlignedBuffer (AtaDevice,
> >> TransferLength);       if (NewBuffer == NULL) {         return
> >> EFI_OUT_OF_RESOURCES;diff --git
> >> a/MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDisk.c
> >> b/MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDisk.c
> >> index c80e78fa8a6b..81db2efd0599 100644
> >> --- a/MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDisk.c
> >> +++ b/MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDisk.c
> >> @@ -1956,7 +1956,7 @@ ScsiDiskReceiveData (
> >>         goto Done;     } -    if ((ScsiDiskDevice->ScsiIo->IoAlign > 1)
> >> && !IS_ALIGNED (PayloadBuffer, ScsiDiskDevice->ScsiIo->IoAlign)) {+    if
> >> ((ScsiDiskDevice->ScsiIo->IoAlign > 1) && !ADDRESS_IS_ALIGNED
> >> (PayloadBuffer, ScsiDiskDevice->ScsiIo->IoAlign)) {       AlignedBuffer =
> >> AllocateAlignedBuffer (ScsiDiskDevice, PayloadBufferSize);       if
> >> (AlignedBuffer == NULL) {         Status = EFI_OUT_OF_RESOURCES;@@ -
> >> 2171,7 +2171,7 @@ ScsiDiskSendData (
> >>         goto Done;     } -    if ((ScsiDiskDevice->ScsiIo->IoAlign > 1)
> >> && !IS_ALIGNED (PayloadBuffer, ScsiDiskDevice->ScsiIo->IoAlign)) {+    if
> >> ((ScsiDiskDevice->ScsiIo->IoAlign > 1) && !ADDRESS_IS_ALIGNED
> >> (PayloadBuffer, ScsiDiskDevice->ScsiIo->IoAlign)) {       AlignedBuffer =
> >> AllocateAlignedBuffer (ScsiDiskDevice, PayloadBufferSize);       if
> >> (AlignedBuffer == NULL) {         Status = EFI_OUT_OF_RESOURCES;diff --git
> >> a/MdeModulePkg/Bus/Ufs/UfsPassThruDxe/UfsPassThru.c
> >> b/MdeModulePkg/Bus/Ufs/UfsPassThruDxe/UfsPassThru.c
> >> index 92ff958f161e..c4d01a20fcbe 100644
> >> --- a/MdeModulePkg/Bus/Ufs/UfsPassThruDxe/UfsPassThru.c
> >> +++ b/MdeModulePkg/Bus/Ufs/UfsPassThruDxe/UfsPassThru.c
> >> @@ -170,15 +170,15 @@ UfsPassThruPassThru (
> >>       return EFI_INVALID_PARAMETER;   } -  if ((This->Mode->IoAlign > 1)
> >> && !IS_ALIGNED(Packet->InDataBuffer, This->Mode->IoAlign)) {+  if
> >> ((This-
> >>> Mode->IoAlign > 1) && !ADDRESS_IS_ALIGNED(Packet->InDataBuffer,
> This-
> >>> Mode->IoAlign)) {     return EFI_INVALID_PARAMETER;   } -  if ((This-
> >Mode-
> >>> IoAlign > 1) && !IS_ALIGNED(Packet->OutDataBuffer, This->Mode-
> >>> IoAlign)) {+  if ((This->Mode->IoAlign > 1)
> >> && !ADDRESS_IS_ALIGNED(Packet->OutDataBuffer, This->Mode-
> >IoAlign))
> >> {     return EFI_INVALID_PARAMETER;   } -  if ((This->Mode->IoAlign > 1)
> >> && !IS_ALIGNED(Packet->SenseData, This->Mode->IoAlign)) {+  if
> >> ((This-
> >>> Mode->IoAlign > 1) && !ADDRESS_IS_ALIGNED(Packet->SenseData,
> This-
> >>> Mode->IoAlign)) {     return EFI_INVALID_PARAMETER;   } diff --git
> >> a/MdeModulePkg/Universal/EbcDxe/EbcExecute.c
> >> b/MdeModulePkg/Universal/EbcDxe/EbcExecute.c
> >> index 1c4a4f5155c9..ba66f441bcea 100644
> >> --- a/MdeModulePkg/Universal/EbcDxe/EbcExecute.c
> >> +++ b/MdeModulePkg/Universal/EbcDxe/EbcExecute.c
> >> @@ -2004,7 +2004,7 @@ ExecuteJMP (
> >>       // check for alignment, and jump absolute.     //     Data64 = (UINT64)
> >> VmReadImmed64 (VmPtr, 2);-    if (!IS_ALIGNED ((UINTN) Data64, sizeof
> >> (UINT16))) {+    if (!ADDRESS_IS_ALIGNED ((UINTN) Data64, sizeof
> (UINT16)))
> >> {       EbcDebugSignalException (         EXCEPT_EBC_ALIGNMENT_CHECK,
> >> EXCEPTION_FLAG_FATAL,@@ -2059,7 +2059,7 @@ ExecuteJMP (
> >>       // Form: JMP32 @Rx {Index32}     //     Addr = VmReadMemN (VmPtr,
> >> (UINTN) Data64 + Index32);-    if (!IS_ALIGNED ((UINTN) Addr, sizeof
> >> (UINT16))) {+    if (!ADDRESS_IS_ALIGNED ((UINTN) Addr, sizeof (UINT16)))
> >> {       EbcDebugSignalException (         EXCEPT_EBC_ALIGNMENT_CHECK,
> >> EXCEPTION_FLAG_FATAL,@@ -2082,7 +2082,7 @@ ExecuteJMP (
> >>       // Form: JMP32 Rx {Immed32}     //     Addr = (UINTN) (Data64 +
> Index32);-
> >> if (!IS_ALIGNED ((UINTN) Addr, sizeof (UINT16))) {+    if
> >> (!ADDRESS_IS_ALIGNED ((UINTN) Addr, sizeof (UINT16)))
> >> {       EbcDebugSignalException (         EXCEPT_EBC_ALIGNMENT_CHECK,
> >> EXCEPTION_FLAG_FATAL,@@ -3128,7 +3128,7 @@ ExecuteRET (
> >>       // Pull the return address off the VM app's stack and set the IP     // to
> it
> >> //-    if (!IS_ALIGNED ((UINTN) VmPtr->Gpr[0], sizeof (UINT16))) {+    if
> >> (!ADDRESS_IS_ALIGNED ((UINTN) VmPtr->Gpr[0], sizeof (UINT16)))
> >> {       EbcDebugSignalException (         EXCEPT_EBC_ALIGNMENT_CHECK,
> >> EXCEPTION_FLAG_FATAL,@@ -4693,7 +4693,7 @@ VmWriteMem16 (
> >>     //   // Do a simple write if aligned   //-  if (IS_ALIGNED (Addr, sizeof
> >> (UINT16))) {+  if (ADDRESS_IS_ALIGNED (Addr, sizeof (UINT16)))
> >> {     *(UINT16 *) Addr = Data;   } else {     //@@ -4756,7 +4756,7 @@
> >> VmWriteMem32 (
> >>     //   // Do a simple write if aligned   //-  if (IS_ALIGNED (Addr, sizeof
> >> (UINT32))) {+  if (ADDRESS_IS_ALIGNED (Addr, sizeof (UINT32)))
> >> {     *(UINT32 *) Addr = Data;   } else {     //@@ -4819,7 +4819,7 @@
> >> VmWriteMem64 (
> >>     //   // Do a simple write if aligned   //-  if (IS_ALIGNED (Addr, sizeof
> >> (UINT64))) {+  if (ADDRESS_IS_ALIGNED (Addr, sizeof (UINT64)))
> >> {     *(UINT64 *) Addr = Data;   } else {     //@@ -4885,7 +4885,7 @@
> >> VmWriteMemN (
> >>     //   // Do a simple write if aligned   //-  if (IS_ALIGNED (Addr, sizeof
> (UINTN)))
> >> {+  if (ADDRESS_IS_ALIGNED (Addr, sizeof (UINTN))) {     *(UINTN *) Addr
> =
> >> Data;   } else {     for (Index = 0; Index < sizeof (UINTN) / sizeof (UINT32);
> >> Index++) {@@ -4949,7 +4949,7 @@ VmReadImmed16 (
> >>     //   // Read direct if aligned   //-  if (IS_ALIGNED ((UINTN) VmPtr->Ip +
> >> Offset, sizeof (INT16))) {+  if (ADDRESS_IS_ALIGNED ((UINTN) VmPtr->Ip
> +
> >> Offset, sizeof (INT16))) {     return * (INT16 *) (VmPtr->Ip + Offset);   } else
> >> {     //@@ -4993,7 +4993,7 @@ VmReadImmed32 (
> >>     //   // Read direct if aligned   //-  if (IS_ALIGNED ((UINTN) VmPtr->Ip +
> >> Offset, sizeof (UINT32))) {+  if (ADDRESS_IS_ALIGNED ((UINTN) VmPtr-
> >Ip +
> >> Offset, sizeof (UINT32))) {     return * (INT32 *) (VmPtr->Ip + Offset);   }
> >> //@@ -5032,7 +5032,7 @@ VmReadImmed64 (
> >>     //   // Read direct if aligned   //-  if (IS_ALIGNED ((UINTN) VmPtr->Ip +
> >> Offset, sizeof (UINT64))) {+  if (ADDRESS_IS_ALIGNED ((UINTN) VmPtr-
> >Ip +
> >> Offset, sizeof (UINT64))) {     return * (UINT64 *) (VmPtr->Ip + Offset);   }
> >> //@@ -5069,7 +5069,7 @@ VmReadCode16 (
> >>     //   // Read direct if aligned   //-  if (IS_ALIGNED ((UINTN) VmPtr->Ip +
> >> Offset, sizeof (UINT16))) {+  if (ADDRESS_IS_ALIGNED ((UINTN) VmPtr-
> >Ip +
> >> Offset, sizeof (UINT16))) {     return * (UINT16 *) (VmPtr->Ip + Offset);   }
> else
> >> {     //@@ -5110,7 +5110,7 @@ VmReadCode32 (
> >>     //   // Read direct if aligned   //-  if (IS_ALIGNED ((UINTN) VmPtr->Ip +
> >> Offset, sizeof (UINT32))) {+  if (ADDRESS_IS_ALIGNED ((UINTN) VmPtr-
> >Ip +
> >> Offset, sizeof (UINT32))) {     return * (UINT32 *) (VmPtr->Ip + Offset);   }
> >> //@@ -5147,7 +5147,7 @@ VmReadCode64 (
> >>     //   // Read direct if aligned   //-  if (IS_ALIGNED ((UINTN) VmPtr->Ip +
> >> Offset, sizeof (UINT64))) {+  if (ADDRESS_IS_ALIGNED ((UINTN) VmPtr-
> >Ip +
> >> Offset, sizeof (UINT64))) {     return * (UINT64 *) (VmPtr->Ip + Offset);   }
> >> //@@ -5210,7 +5210,7 @@ VmReadMem16 (
> >>     //   // Read direct if aligned   //-  if (IS_ALIGNED (Addr, sizeof (UINT16)))
> {+
> >> if (ADDRESS_IS_ALIGNED (Addr, sizeof (UINT16))) {     return * (UINT16 *)
> >> Addr;   }   //@@ -5243,7 +5243,7 @@ VmReadMem32 (
> >>     //   // Read direct if aligned   //-  if (IS_ALIGNED (Addr, sizeof (UINT32)))
> {+
> >> if (ADDRESS_IS_ALIGNED (Addr, sizeof (UINT32))) {     return * (UINT32 *)
> >> Addr;   }   //@@ -5280,7 +5280,7 @@ VmReadMem64 (
> >>     //   // Read direct if aligned   //-  if (IS_ALIGNED (Addr, sizeof (UINT64)))
> {+
> >> if (ADDRESS_IS_ALIGNED (Addr, sizeof (UINT64))) {     return * (UINT64 *)
> >> Addr;   }   //@@ -5349,7 +5349,7 @@ VmReadMemN (
> >>     //   // Read direct if aligned   //-  if (IS_ALIGNED (Addr, sizeof (UINTN)))
> {+  if
> >> (ADDRESS_IS_ALIGNED (Addr, sizeof (UINTN))) {     return * (UINTN *)
> >> Addr;   }   //diff --git a/MdeModulePkg/Bus/Ata/AhciPei/AhciPei.h
> >> b/MdeModulePkg/Bus/Ata/AhciPei/AhciPei.h
> >> index 2be78076bee7..59bb9e5d0bca 100644
> >> --- a/MdeModulePkg/Bus/Ata/AhciPei/AhciPei.h
> >> +++ b/MdeModulePkg/Bus/Ata/AhciPei/AhciPei.h
> >> @@ -145,7 +145,6 @@ typedef union {
> >>   #define AHCI_PORT_SERR                         0x0030 #define AHCI_PORT_CI
> >> 0x0038 -#define IS_ALIGNED(addr, size)                 (((UINTN) (addr) & (size -
> 1))
> >> == 0) #define TIMER_PERIOD_SECONDS(Seconds)
> >> MultU64x32((UINT64)(Seconds), 10000000)  #pragma pack(1)diff --git
> >> a/MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.h
> >> b/MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.h
> >> index 5f582b9b3e76..99bbf7d14a17 100644
> >> --- a/MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.h
> >> +++ b/MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.h
> >> @@ -147,8 +147,6 @@ struct _ATA_NONBLOCK_TASK {
> >>   #define ATA_ATAPI_TIMEOUT           EFI_TIMER_PERIOD_SECONDS(3)
> >> #define ATA_SPINUP_TIMEOUT          EFI_TIMER_PERIOD_SECONDS(10) -
> >> #define IS_ALIGNED(addr, size)      (((UINTN) (addr) & (size - 1)) == 0)-
> >> #define ATA_PASS_THRU_PRIVATE_DATA_FROM_THIS(a) \   CR (a, \
> >> ATA_ATAPI_PASS_THRU_INSTANCE, \diff --git
> >> a/MdeModulePkg/Bus/Ata/AtaBusDxe/AtaBus.h
> >> b/MdeModulePkg/Bus/Ata/AtaBusDxe/AtaBus.h
> >> index a5a865209942..172d2d61ea6c 100644
> >> --- a/MdeModulePkg/Bus/Ata/AtaBusDxe/AtaBus.h
> >> +++ b/MdeModulePkg/Bus/Ata/AtaBusDxe/AtaBus.h
> >> @@ -76,7 +76,6 @@
> >>   #define ATA_TASK_SIGNATURE                SIGNATURE_32 ('A', 'T', 'S', 'K')
> >> #define ATA_DEVICE_SIGNATURE              SIGNATURE_32 ('A', 'B', 'I', 'D')
> >> #define ATA_SUB_TASK_SIGNATURE            SIGNATURE_32 ('A', 'S', 'T', 'S')-
> >> #define IS_ALIGNED(addr, size)            (((UINTN) (addr) & (size - 1)) == 0)
> // //
> >> ATA bus data structure for ATA controllerdiff --git
> >> a/MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDisk.h
> >> b/MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDisk.h
> >> index ed9bbd6f8ba8..86ad27b3292f 100644
> >> --- a/MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDisk.h
> >> +++ b/MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDisk.h
> >> @@ -37,9 +37,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
> >>   #include <IndustryStandard/Scsi.h> #include <IndustryStandard/Atapi.h>
> -
> >> #define IS_DEVICE_FIXED(a)        (a)->FixedDevice ? 1 : 0--#define
> >> IS_ALIGNED(addr, size)    (((UINTN) (addr) & (size - 1)) == 0)+#define
> >> IS_DEVICE_FIXED(a)          (a)->FixedDevice ? 1 : 0  #define
> UFS_WLUN_RPMB
> >> 0xC4 diff --git a/MdeModulePkg/Bus/Ufs/UfsBlockIoPei/UfsBlockIoPei.h
> >> b/MdeModulePkg/Bus/Ufs/UfsBlockIoPei/UfsBlockIoPei.h
> >> index 6e2305aa2bc2..7306106a4454 100644
> >> --- a/MdeModulePkg/Bus/Ufs/UfsBlockIoPei/UfsBlockIoPei.h
> >> +++ b/MdeModulePkg/Bus/Ufs/UfsBlockIoPei/UfsBlockIoPei.h
> >> @@ -133,8 +133,6 @@ typedef struct _UFS_PEIM_HC_PRIVATE_DATA {
> >>    #define ROUNDUP8(x) (((x) % 8 == 0) ? (x) : ((x) / 8 + 1) * 8) -#define
> >> IS_ALIGNED(addr, size)      (((UINTN) (addr) & (size - 1)) == 0)- #define
> >> GET_UFS_PEIM_HC_PRIVATE_DATA_FROM_THIS(a) CR (a,
> >> UFS_PEIM_HC_PRIVATE_DATA, BlkIoPpi, UFS_PEIM_HC_SIG) #define
> >> GET_UFS_PEIM_HC_PRIVATE_DATA_FROM_THIS2(a) CR (a,
> >> UFS_PEIM_HC_PRIVATE_DATA, BlkIo2Ppi, UFS_PEIM_HC_SIG) #define
> >> GET_UFS_PEIM_HC_PRIVATE_DATA_FROM_THIS_NOTIFY(a) CR (a,
> >> UFS_PEIM_HC_PRIVATE_DATA, EndOfPeiNotifyList,
> UFS_PEIM_HC_SIG)diff
> >> --git a/MdeModulePkg/Bus/Ufs/UfsPassThruDxe/UfsPassThru.h
> >> b/MdeModulePkg/Bus/Ufs/UfsPassThruDxe/UfsPassThru.h
> >> index 79b86f7e6b3d..11b5b197b67a 100644
> >> --- a/MdeModulePkg/Bus/Ufs/UfsPassThruDxe/UfsPassThru.h
> >> +++ b/MdeModulePkg/Bus/Ufs/UfsPassThruDxe/UfsPassThru.h
> >> @@ -105,8 +105,6 @@ typedef struct {
> >>    #define ROUNDUP8(x) (((x) % 8 == 0) ? (x) : ((x) / 8 + 1) * 8) -#define
> >> IS_ALIGNED(addr, size)        (((UINTN) (addr) & (size - 1)) == 0)- #define
> >> UFS_PASS_THRU_PRIVATE_DATA_FROM_THIS(a) \   CR (a, \
> >> UFS_PASS_THRU_PRIVATE_DATA, \diff --git
> >> a/MdeModulePkg/Universal/EbcDxe/EbcExecute.h
> >> b/MdeModulePkg/Universal/EbcDxe/EbcExecute.h
> >> index 1cb68bc5385a..858ca7fc86ae 100644
> >> --- a/MdeModulePkg/Universal/EbcDxe/EbcExecute.h
> >> +++ b/MdeModulePkg/Universal/EbcDxe/EbcExecute.h
> >> @@ -14,8 +14,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
> >>   // // Macros to check and set alignment //-#define
> >> ASSERT_ALIGNED(addr,
> >> size)  ASSERT (!((UINT32) (addr) & (size - 1)))-#define IS_ALIGNED(addr,
> >> size)      !((UINT32) (addr) & (size - 1))+#define ASSERT_ALIGNED(addr,
> size)
> >> ASSERT (IS_ALIGNED (addr, size))  // // Debug macrodiff --git
> >> a/MdePkg/Include/Base.h b/MdePkg/Include/Base.h index
> >> 2da08b0c787f..32d0e512e05f 100644
> >> --- a/MdePkg/Include/Base.h
> >> +++ b/MdePkg/Include/Base.h
> >> @@ -789,6 +789,35 @@ typedef UINTN  *BASE_LIST;
> >>   #define OFFSET_OF(TYPE, Field) ((UINTN) &(((TYPE *)0)->Field))
> >> #endif
> >> +/**+  Returns the alignment requirement of a type.++  @param   TYPE
> The
> >> name of the type to retrieve the alignment requirement of.++  @return
> >> Alignment requirement, in Bytes, of TYPE.+**/+#if defined(__GNUC__)
> >> ||
> >> defined(__clang__) || (defined(_MSC_VER) && _MSC_VER >= 1900)+
> //+
> >> // All supported versions of GCC and Clang, as well as MSVC 2015 and
> >> later,+ // support the standard operator _Alignof.+  //+  #define
> >> ALIGNOF(TYPE) _Alignof (TYPE)+#elif defined(_MSC_VER)+  //+  //
> >> Earlier versions of MSVC, at least MSVC 2008 and later, support the+
> >> // vendor-extension __alignof.+ //+  #define ALIGNOF(TYPE)  __alignof
> >> (TYPE)+#else+  //+  // For compilers that do not support inbuilt
> >> alignof operators, use OFFSET_OF.+  // CHAR8 is known to have both a
> >> size and an alignment requirement of 1 Byte.+  // As such, A must be
> >> located exactly at the offset equal to its alignment+  // requirement.+  //+
> #define ALIGNOF(TYPE) OFFSET_OF (struct { CHAR8 C;
> >> TYPE A; }, A)+#endif+ /**   Portable definition for compile time assertions.
> >> Equivalent to C11 static_assert macro from assert.h.@@ -824,6 +853,21
> >> @@ STATIC_ASSERT (sizeof (CHAR16)  == 2, "sizeof (CHAR16) does not
> >> meet UEFI Specif
> >>   STATIC_ASSERT (sizeof (L'A')    == 2, "sizeof (L'A') does not meet UEFI
> >> Specification Data Type requirements"); STATIC_ASSERT (sizeof (L"A")
> == 4,
> >> "sizeof (L\"A\") does not meet UEFI Specification Data Type
> >> requirements");
> >> +STATIC_ASSERT (ALIGNOF (BOOLEAN) == sizeof (BOOLEAN), "Alignment
> of
> >> BOOLEAN does not meet UEFI Specification Data Type
> >> requirements");+STATIC_ASSERT (ALIGNOF (INT8)    == sizeof (INT8),
> >> "Alignment of INT8 does not meet UEFI Specification Data Type
> >> requirements");+STATIC_ASSERT (ALIGNOF (UINT8)   == sizeof (UINT8),
> >> "Alignment of INT16 does not meet UEFI Specification Data Type
> >> requirements");+STATIC_ASSERT (ALIGNOF (INT16)   == sizeof (INT16),
> >> "Alignment of INT16 does not meet UEFI Specification Data Type
> >> requirements");+STATIC_ASSERT (ALIGNOF (UINT16)  == sizeof (UINT16),
> >> "Alignment of UINT16 does not meet UEFI Specification Data Type
> >> requirements");+STATIC_ASSERT (ALIGNOF (INT32)   == sizeof (INT32),
> >> "Alignment of INT32 does not meet UEFI Specification Data Type
> >> requirements");+STATIC_ASSERT (ALIGNOF (UINT32)  == sizeof (UINT32),
> >> "Alignment of UINT32 does not meet UEFI Specification Data Type
> >> requirements");+STATIC_ASSERT (ALIGNOF (INT64)   == sizeof (INT64),
> >> "Alignment of INT64 does not meet UEFI Specification Data Type
> >> requirements");+STATIC_ASSERT (ALIGNOF (UINT64)  == sizeof (UINT64),
> >> "Alignment of UINT64 does not meet UEFI Specification Data Type
> >> requirements");+STATIC_ASSERT (ALIGNOF (CHAR8)   == sizeof (CHAR8),
> >> "Alignment of CHAR8 does not meet UEFI Specification Data Type
> >> requirements");+STATIC_ASSERT (ALIGNOF (CHAR16)  == sizeof (CHAR16),
> >> "Alignment of CHAR16 does not meet UEFI Specification Data Type
> >> requirements");+STATIC_ASSERT (ALIGNOF (INTN)    == sizeof (INTN),
> >> "Alignment of INTN does not meet UEFI Specification Data Type
> >> requirements");+STATIC_ASSERT (ALIGNOF (UINTN)   == sizeof (UINTN),
> >> "Alignment of UINTN does not meet UEFI Specification Data Type
> >> requirements");+STATIC_ASSERT (ALIGNOF (VOID *)  == sizeof (VOID *),
> >> "Alignment of VOID * does not meet UEFI Specification Data Type
> >> requirements");+ // // The following three enum types are used to
> >> verify that the compiler // configuration for enum types is compliant
> >> with Section
> >> 2.3.1 of the@@ -847,6 +891,10 @@ STATIC_ASSERT (sizeof
> >> (__VERIFY_UINT8_ENUM_SIZE) == 4, "Size of enum does not me
> >>   STATIC_ASSERT (sizeof (__VERIFY_UINT16_ENUM_SIZE) == 4, "Size of
> >> enum does not meet UEFI Specification Data Type requirements");
> >> STATIC_ASSERT (sizeof (__VERIFY_UINT32_ENUM_SIZE) == 4, "Size of
> enum
> >> does not meet UEFI Specification Data Type requirements");
> >> +STATIC_ASSERT (ALIGNOF
> >> (__VERIFY_UINT8_ENUM_SIZE)  == sizeof
> (__VERIFY_UINT8_ENUM_SIZE),
> >> "Alignment of enum does not meet UEFI Specification Data Type
> >> requirements");+STATIC_ASSERT (ALIGNOF
> (__VERIFY_UINT16_ENUM_SIZE) ==
> >> sizeof (__VERIFY_UINT16_ENUM_SIZE), "Alignment of enum does not
> meet
> >> UEFI Specification Data Type requirements");+STATIC_ASSERT (ALIGNOF
> >> (__VERIFY_UINT32_ENUM_SIZE) == sizeof
> (__VERIFY_UINT32_ENUM_SIZE),
> >> "Alignment of enum does not meet UEFI
> >> Specification Data Type requirements");+ /**   Macro that returns a
> pointer
> >> to the data structure that contains a specified field of   that data structure.
> >> This is a lightweight method to hide information by placing a@@
> >> -868,6
> >> +916,46 @@ STATIC_ASSERT (sizeof (__VERIFY_UINT32_ENUM_SIZE) ==
> 4,
> >> "Size of enum does not m
> >>   **/ #define BASE_CR(Record, TYPE, Field)  ((TYPE *) ((CHAR8 *)
> >> (Record) - OFFSET_OF (TYPE, Field))) +/**+  Checks whether a value is a
> power of
> >> two.++  @param   Value  The value to check.++  @return  Whether Value
> is a
> >> power of two.+**/+#define IS_POW2(Value)  ((Value) != 0U && ((Value)
> >> &
> >> ((Value) - 1U)) == 0U)++/**+  Checks whether a value is aligned by a
> >> specified alignment.++  @param   Value      The value to check.+  @param
> >> Alignment  The alignment boundary used to check against.++  @return
> >> Whether Value is aligned by Alignment.+**/+#define IS_ALIGNED(Value,
> >> Alignment)  (((Value) & ((Alignment) - 1U)) == 0U)++/**+  Checks
> whether a
> >> pointer or address is aligned by a specified alignment.++  @param
> Address
> >> The pointer or address to check.+  @param   Alignment  The alignment
> >> boundary used to check against.++  @return  Whether Address is
> >> aligned by Alignment.+**/+#define ADDRESS_IS_ALIGNED(Address,
> >> Alignment) IS_ALIGNED ((UINTN) (Address), Alignment)++/**+
> >> Determines the addend to add to a value to round it up to the next
> boundary of+  a specified
> >> alignment.++  @param   Value      The value to round up.+  @param
> >> Alignment  The alignment boundary used to return the addend.++
> >> @return Addend to round Value up to alignment boundary
> >> Alignment.+**/+#define ALIGN_VALUE_ADDEND(Value, Alignment)
> (((Alignment) - (Value)) &
> >> ((Alignment) - 1U))+ /**   Rounds a value up to the next boundary using a
> >> specified alignment. @@ -880,7 +968,7 @@ STATIC_ASSERT (sizeof
> >> (__VERIFY_UINT32_ENUM_SIZE) == 4, "Size of enum does not m
> >>     @return  A value up to the next boundary.  **/-#define
> >> ALIGN_VALUE(Value, Alignment) ((Value) + (((Alignment) - (Value)) &
> >> ((Alignment) - 1)))+#define ALIGN_VALUE(Value, Alignment) ((Value) +
> >> ALIGN_VALUE_ADDEND (Value, Alignment))  /**   Adjust a pointer by
> adding
> >> the minimum offset required for it to be aligned on--
> >> 2.31.1
> >
> >
> >
> >
> >
> 
> 
> 
> 
> 


^ permalink raw reply	[flat|nested] 49+ messages in thread

* Re: [edk2-devel] [PATCH] StandaloneMmPkg: Support CLANGPDB X64 builds
  2021-08-08 19:39 ` [PATCH] StandaloneMmPkg: Support CLANGPDB X64 builds Marvin Häuser
@ 2021-10-11  1:04   ` Steven Shi
  0 siblings, 0 replies; 49+ messages in thread
From: Steven Shi @ 2021-10-11  1:04 UTC (permalink / raw)
  To: devel@edk2.groups.io, mhaeuser@posteo.de
  Cc: Ard Biesheuvel, Sami Mujawar, Yao, Jiewen, Supreeth Venkatesh,
	Vitaly Cheptsov

[-- Attachment #1: Type: text/plain, Size: 4600 bytes --]

Hi Marvin,

Thank you to offer a path for the CLANGPDB '-fpie' issue. I find a simpler way to only skip the '-fpie' option in CLANGPDB but keep it for all other build toolchain. It is to explicitly define the CLANGPDB build option and override the GCC family definition in the INF file. What do you think?



diff --git a/StandaloneMmPkg/Core/StandaloneMmCore.inf b/StandaloneMmPkg/Core/StandaloneMmCore.inf

[BuildOptions]

   GCC:*_*_*_CC_FLAGS = -fpie

   GCC:*_*_*_DLINK_FLAGS = -Wl,-z,text,-Bsymbolic,-pie

+  CLANGPDB:*_*_*_CC_FLAGS= -fno-pie

+  CLANGPDB:*_*_*_DLINK_FLAGS =



diff --git a/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/StandaloneMmCoreEntryPoint.inf b/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/StandaloneMmCoreEntryPoint.inf

[BuildOptions]

   GCC:*_*_*_CC_FLAGS = -fpie

+  CLANGPDB:*_*_*_CC_FLAGS= -fno-pie







Thanks

Steven Shi





> -----Original Message-----

> From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Marvin

> Häuser

> Sent: Monday, August 9, 2021 3:40 AM

> To: devel@edk2.groups.io

> Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>; Sami Mujawar

> <sami.mujawar@arm.com>; Yao, Jiewen <jiewen.yao@intel.com>; Supreeth

> Venkatesh <supreeth.venkatesh@arm.com>; Vitaly Cheptsov

> <vit9696@protonmail.com>

> Subject: [edk2-devel] [PATCH] StandaloneMmPkg: Support CLANGPDB X64

> builds

>

> Currently, the flag "-fpie" is passed for all builds with a GCC

> family toolchain, including CLANGPDB. CLANGPDB however does not

> support this flag as it generates PE/COFF files directly.

>

> As the flag is mostly required for AArch64-specific self-relocation,

> drop it for X64 builds and document the limitation to enable X64

> CLANGPDB builds of StandaloneMmCore.

>

> Cc: Ard Biesheuvel <ardb+tianocore@kernel.org<mailto:ardb+tianocore@kernel.org>>

> Cc: Sami Mujawar <sami.mujawar@arm.com<mailto:sami.mujawar@arm.com>>

> Cc: Jiewen Yao <jiewen.yao@intel.com<mailto:jiewen.yao@intel.com>>

> Cc: Supreeth Venkatesh <supreeth.venkatesh@arm.com<mailto:supreeth.venkatesh@arm.com>>

> Cc: Vitaly Cheptsov <vit9696@protonmail.com<mailto:vit9696@protonmail.com>>

> Signed-off-by: Marvin Häuser <mhaeuser@posteo.de<mailto:mhaeuser@posteo.de>>

> ---

>  StandaloneMmPkg/Core/StandaloneMmCore.inf                                         | 9

> +++++++--

>

> StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/StandaloneMmC

> oreEntryPoint.inf | 7 ++++++-

>  2 files changed, 13 insertions(+), 3 deletions(-)

>

> diff --git a/StandaloneMmPkg/Core/StandaloneMmCore.inf

> b/StandaloneMmPkg/Core/StandaloneMmCore.inf

> index 87bf6e9440a7..e3349fff29cc 100644

> --- a/StandaloneMmPkg/Core/StandaloneMmCore.inf

> +++ b/StandaloneMmPkg/Core/StandaloneMmCore.inf

> @@ -76,6 +76,11 @@ [Guids]

>    gEfiEventExitBootServicesGuid

>

>    gEfiEventReadyToBootGuid

>

>

>

> +#

>

> +# This configuration fails for CLANGPDB, which does not support PIE in the

> GCC

>

> +# sense. Such however is required for AArch64 StandaloneMmCore self-

> relocation,

>

> +# and thus the CLANGPDB toolchain is unsupported for AArch64 for this

> module.

>

> +#

>

>  [BuildOptions]

>

> -  GCC:*_*_*_CC_FLAGS = -fpie

>

> -  GCC:*_*_*_DLINK_FLAGS = -Wl,-z,text,-Bsymbolic,-pie

>

> +  GCC:*_*_AARCH64_CC_FLAGS = -fpie

>

> +  GCC:*_*_AARCH64_DLINK_FLAGS = -Wl,-z,text,-Bsymbolic,-pie

>

> diff --git

> a/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/StandaloneMm

> CoreEntryPoint.inf

> b/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/StandaloneMm

> CoreEntryPoint.inf

> index 4fa426f58ef4..dcbb082d4ab8 100644

> ---

> a/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/StandaloneMm

> CoreEntryPoint.inf

> +++

> b/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/StandaloneMm

> CoreEntryPoint.inf

> @@ -54,5 +54,10 @@ [Guids]

>  [FeaturePcd.AARCH64]

>

>    gArmTokenSpaceGuid.PcdFfaEnable

>

>

>

> +#

>

> +# This configuration fails for CLANGPDB, which does not support PIE in the

> GCC

>

> +# sense. Such however is required for AArch64 StandaloneMmCore self-

> relocation,

>

> +# and thus the CLANGPDB toolchain is unsupported for AArch64 for this

> module.

>

> +#

>

>  [BuildOptions]

>

> -  GCC:*_*_*_CC_FLAGS = -fpie

>

> +  GCC:*_*_AARCH64_CC_FLAGS = -fpie

>

> --

> 2.31.1

>

>

>

> 

>



[-- Attachment #2: Type: text/html, Size: 11327 bytes --]

^ permalink raw reply	[flat|nested] 49+ messages in thread

end of thread, other threads:[~2021-10-11  1:05 UTC | newest]

Thread overview: 49+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2021-08-08 19:39 [PATCH] ArmPkg/DefaultExceptionHandlerLib: Fix DebugImageInfoTable lookup Marvin Häuser
2021-08-08 19:39 ` [PATCH] BaseTools: Define the read-only data section name per toolchain Marvin Häuser
2021-08-08 19:39   ` [PATCH] UefiCpuPkg/BaseUefiCpuLib: Use toolchain-specific rodata section name Marvin Häuser
2021-08-08 19:39 ` [PATCH] BaseTools/tools_def: Fix CLANGPDB X64 RCPATH Marvin Häuser
2021-08-08 19:39 ` [PATCH] EmulatorPkg/Host/Unix: Drop dlopen() usage Marvin Häuser
2021-08-08 19:39 ` [PATCH] EmulatorPkg/Host/Unix: Remove unused declarations Marvin Häuser
2021-08-08 19:39 ` [PATCH] MdeModulePkg/CoreDxe: Drop caller-allocated image buffers Marvin Häuser
2021-08-08 19:39 ` [PATCH] MdeModulePkg/DxeCore: Consistent DebugImageInfoTable updates Marvin Häuser
2021-08-08 19:39   ` [PATCH] MdeModulePkg/DxeCore: Fix DebugImageInfoTable size report Marvin Häuser
2021-08-08 19:39   ` [PATCH] EmbeddedPkg/GdbStub: Check DebugImageInfoTable type safely Marvin Häuser
2021-08-08 19:39   ` [PATCH] ArmPkg/DefaultExceptionHandlerLib: " Marvin Häuser
2021-08-08 19:40   ` [PATCH] MdeModulePkg/CoreDxe: Mandatory LoadedImage for DebugImageInfoTable Marvin Häuser
2021-08-08 19:40   ` [PATCH] EmbeddedPkg/GdbStub: " Marvin Häuser
2021-08-08 19:40   ` [PATCH] ArmPkg/DefaultExceptionHandlerLib: " Marvin Häuser
2021-08-09  6:10   ` [PATCH] MdeModulePkg/DxeCore: Consistent DebugImageInfoTable updates Wu, Hao A
2021-08-09  6:15     ` Marvin Häuser
2021-08-09  6:52       ` [edk2-devel] " Wu, Hao A
2021-08-09  6:55         ` Wu, Hao A
2021-08-09  7:21         ` Marvin Häuser
2021-08-09  7:26           ` Wu, Hao A
2021-08-08 19:39 ` [PATCH] MdeModulePkg/DxeCore: Drop unnecessary pointer indirection Marvin Häuser
2021-08-08 19:39 ` [PATCH] MdeModulePkg/DxeCore: Use the correct source for fixed load address Marvin Häuser
2021-08-08 19:39 ` [PATCH] MdeModulePkg/PiSmmCore: Drop deprecated image profiling commands Marvin Häuser
2021-08-09  4:23   ` Ni, Ray
2021-08-09  5:33     ` Yao, Jiewen
2021-08-09  5:43       ` [edk2-devel] " Marvin Häuser
2021-08-08 19:39 ` [PATCH] MdeModulePkg/PiSmmIpl: Correct fixed load address bounds check Marvin Häuser
2021-08-08 19:39 ` [PATCH] MdePkg/Base.h: Introduce various alignment-related macros Marvin Häuser
2021-08-13  7:27   ` Wu, Hao A
2021-08-13  8:41     ` [edk2-devel] " Marvin Häuser
2021-08-13  8:45       ` Wu, Hao A
2021-08-08 19:39 ` [PATCH] MdePkg/BaseLib: Fix unaligned API prototypes Marvin Häuser
2021-08-08 19:39   ` [PATCH] BaseTools/CommonLib: " Marvin Häuser
2021-08-08 19:39 ` [PATCH] SecurityPkg/DxeImageVerificationLib: Always lookup SHA-256 hash in dbx Marvin Häuser
2021-08-09  0:02   ` Min Xu
2021-08-09  5:25     ` [edk2-devel] " Marvin Häuser
2021-08-09  2:48   ` Yao, Jiewen
2021-08-09  5:42     ` [edk2-devel] " Marvin Häuser
2021-08-08 19:39 ` [PATCH] SecurityPkg/DxeImageVerificationLib: Fix certificate lookup algorithm Marvin Häuser
2021-08-08 19:39   ` [PATCH] SecurityPkg/SecureBootConfigDxe: " Marvin Häuser
2021-08-08 19:39 ` [PATCH] StandaloneMmPkg/FvLib: Correct FV section data size Marvin Häuser
2021-08-08 19:39 ` [PATCH] StandaloneMmPkg/StandaloneMmCore: Drop code for traditional drivers Marvin Häuser
2021-08-08 19:39 ` [PATCH] StandaloneMmPkg/StandaloneMmCore: Drop unused fixed address feature Marvin Häuser
2021-08-08 19:39 ` [PATCH] StandaloneMmPkg: Support CLANGPDB X64 builds Marvin Häuser
2021-10-11  1:04   ` [edk2-devel] " Steven Shi
2021-08-08 19:39 ` [PATCH] UefiPayloadPkg/UefiPayloadEntry: Fix memory corruption Marvin Häuser
2021-08-09  4:20   ` Ni, Ray
2021-08-09  5:47     ` Marvin Häuser
2021-08-10 19:13   ` Guo Dong

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox