From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=2607:f8b0:4864:20::d44; helo=mail-io1-xd44.google.com; envelope-from=ard.biesheuvel@linaro.org; receiver=edk2-devel@lists.01.org Received: from mail-io1-xd44.google.com (mail-io1-xd44.google.com [IPv6:2607:f8b0:4864:20::d44]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id AA6D62115743C for ; Tue, 25 Sep 2018 11:30:00 -0700 (PDT) Received: by mail-io1-xd44.google.com with SMTP id l7-v6so21273860iok.6 for ; Tue, 25 Sep 2018 11:30:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=JSME66GpKhnIK96RORY2pwq6i4ixul2q4RCFMRuuXGE=; b=AFeN/oXOrra9xfxB+OhCmQmhHqememdf160idD2wVc5wM0hJvybRjfLmmyGbtzn4M+ JAwBiUEOdIcyKgWv5DzTLiBAgMD5V/ZWy9as1bqZQiBU/DvS9D6+myoqs9oiVE+XE2wD QRYXOZrIeAm188o7Zy/7bFlb8Q0H0XJIRI23E= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=JSME66GpKhnIK96RORY2pwq6i4ixul2q4RCFMRuuXGE=; b=dcHnZ50xq9KA7I+ydxiL1w5NJZO23zZhFwmiXd4370HvWi21hK/DKHwXRuz3HP7fs3 2MrQrRqKTFdLleCnxObRmvKns5N5gFlLEZ5/z/M5N96yX60c3fO3N8fiOY4lzlCefr3D eEBK2oiG6Heh+pdx4fFhZ3x4cfPEpsDY1OT49v41nK6+XRQ44AQ9b1+m2hzeEvsFPbpT yb7Cwpl7sFnYR6z3S4nLcUCbQYK65fD4Zi9pLgkFFSbz3OQHNojEAyiVf7Nf1kyZBMSY FNTZe/uYk0RuPfV69RUZ8jvxlAO4Ibwvt36mEPwqWh7z22BUXiiuTeEdfnMoWsRO8Pye vS9g== X-Gm-Message-State: ABuFfogqUb3NgS+QP4YlROOt/AZSuvh8PjARYHI7fsgGaCDr51lEaPo8 TfR1iLlo0xdeHUNcFzihDS0TCL7SaWoedaW13kCIjw== X-Google-Smtp-Source: ACcGV635HmB5czL3C/LdHYB3lq1NXgs67G/y0z8osCIb4uqVitvJrngttDmGZsfTYn7qCYQGR/VEfuDGc8FeXMG7iOI= X-Received: by 2002:a6b:3787:: with SMTP id e129-v6mr2202413ioa.60.1537900199695; Tue, 25 Sep 2018 11:29:59 -0700 (PDT) MIME-Version: 1.0 References: <1537898313-1767-1-git-send-email-mw@semihalf.com> In-Reply-To: <1537898313-1767-1-git-send-email-mw@semihalf.com> From: Ard Biesheuvel Date: Tue, 25 Sep 2018 20:29:46 +0200 Message-ID: To: Marcin Wojtas Cc: "edk2-devel@lists.01.org" , "Tian, Feng" , "Kinney, Michael D" , "Gao, Liming" , Leif Lindholm , Nadav Haklai , =?UTF-8?B?SmFuIETEhWJyb8Wb?= , Grzegorz Jaszczyk , Ruiyu Ni , fei1.wang@intel.com, "Zeng, Star" Subject: Re: [PATCH] MdeModulePkg: XhciDxe: Prevent illegal memory access in XhcSetHsee X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 25 Sep 2018 18:30:00 -0000 Content-Type: text/plain; charset="UTF-8" On Tue, 25 Sep 2018 at 19:59, Marcin Wojtas wrote: > > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1206 > > Newly added XhcSetHsee() routine reads 4 bytes into > a UINT16 variable causing issues on PCIE and NonDiscoverable > Xhci controllers. Fix that. > > Cc: Ruiyu Ni > Cc: Fei1 Wang > Cc: Star Zeng > Contributed-under: TianoCore Contribution Agreement 1.1 > Signed-off-by: Marcin Wojtas > --- > MdeModulePkg/Bus/Pci/XhciDxe/XhciReg.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/MdeModulePkg/Bus/Pci/XhciDxe/XhciReg.c b/MdeModulePkg/Bus/Pci/XhciDxe/XhciReg.c > index 89f073e..dfe5f6c 100644 > --- a/MdeModulePkg/Bus/Pci/XhciDxe/XhciReg.c > +++ b/MdeModulePkg/Bus/Pci/XhciDxe/XhciReg.c > @@ -607,7 +607,7 @@ XhcSetHsee ( > PciIo = Xhc->PciIo; > Status = PciIo->Pci.Read ( > PciIo, > - EfiPciIoWidthUint16, > + EfiPciIoWidthUint8, > PCI_COMMAND_OFFSET, > sizeof (XhciCmd), > &XhciCmd > -- > 2.7.4 > Well spotted! But I think a single read of 16 bits is more appropriate here though.