From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by spool.mail.gandi.net (Postfix) with ESMTPS id 5C70CAC1260 for ; Fri, 12 Jan 2024 12:11:45 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=AjhX7Hvfzz+mG7Kho1/9IFo8GSkwglJBnnUza40EHKw=; c=relaxed/simple; d=groups.io; h=MIME-Version:References:In-Reply-To:From:Date:Message-ID:Subject:To:Cc:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Type; s=20140610; t=1705061504; v=1; b=xPqYTVRaAFY1iF/6Z+KiBHBfveWj+Rpw0iqp43grcE5w4Ygp4XOxJh2hu0PDd1d8M9Td/ROB WK4rI5z/xWljBeMY9IOPUiC0UHUQUatJYEwd9q+idXjr2UGdR/4soQo6ovfwR0upLl33MUjzd0m /AsbuX7J9sfrCk9euzgmQ9m8= X-Received: by 127.0.0.2 with SMTP id 59CcYY7687511xsG7GZ1FCYK; Fri, 12 Jan 2024 04:11:44 -0800 X-Received: from ams.source.kernel.org (ams.source.kernel.org [145.40.68.75]) by mx.groups.io with SMTP id smtpd.web11.5608.1705061503303320658 for ; Fri, 12 Jan 2024 04:11:43 -0800 X-Received: from smtp.kernel.org (transwarp.subspace.kernel.org [100.75.92.58]) by ams.source.kernel.org (Postfix) with ESMTP id 15989B822AA for ; Fri, 12 Jan 2024 12:11:41 +0000 (UTC) X-Received: by smtp.kernel.org (Postfix) with ESMTPSA id 6C010C43390 for ; Fri, 12 Jan 2024 12:11:40 +0000 (UTC) X-Received: by mail-lj1-f172.google.com with SMTP id 38308e7fff4ca-2ccbc328744so77743841fa.3 for ; Fri, 12 Jan 2024 04:11:40 -0800 (PST) X-Gm-Message-State: QX34nHGDdAuWlUNpzgOtap37x7686176AA= X-Google-Smtp-Source: AGHT+IFFztq2d7dbE0yaQ0l+At3izoMmeEr4iKYP8tGW7fav3nCpxIGy3GdFzDs/nOyXSwcpEN2nzSIl1bqQEg1Rh98= X-Received: by 2002:a2e:840f:0:b0:2cc:a5ae:f122 with SMTP id z15-20020a2e840f000000b002cca5aef122mr625996ljg.78.1705061498598; Fri, 12 Jan 2024 04:11:38 -0800 (PST) MIME-Version: 1.0 References: <20240112113754.14710-1-kraxel@redhat.com> <20240112113754.14710-2-kraxel@redhat.com> In-Reply-To: <20240112113754.14710-2-kraxel@redhat.com> From: "Ard Biesheuvel" Date: Fri, 12 Jan 2024 13:11:26 +0100 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [edk2-devel] [PATCH 1/4] OvmfPkg/VirtNorFlashDxe: fix shadowbuffer reads To: Gerd Hoffmann Cc: devel@edk2.groups.io, Laszlo Ersek , Jiewen Yao , oliver@redhat.com Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,ardb@kernel.org List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: Content-Type: text/plain; charset="UTF-8" X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20140610 header.b=xPqYTVRa; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=kernel.org (policy=none); spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io On Fri, 12 Jan 2024 at 12:38, Gerd Hoffmann wrote: > > In some cases (specifically when the flash update region is > small but crosses a multiple of P30_MAX_BUFFER_SIZE_IN_BYTES) > NorFlashWriteSingleBlock reads only one instead of two > P30_MAX_BUFFER_SIZE_IN_BYTES blocks into the shadow buffer. > > That leads to random crap being written to the second block, > which in turn can corrupt both the variable store and the > FTW work space. One observed corruption pattern is finding > 0xaf (aka PcdDebugClearMemoryValue) right after the last > entry in the FTW log. This should have been 0xff. > > This patch fixes the calculation. > > Signed-off-by: Gerd Hoffmann Thanks a lot for taking the time to track this down and fix it. Reviewed-by: Ard Biesheuvel > --- > OvmfPkg/VirtNorFlashDxe/VirtNorFlash.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/OvmfPkg/VirtNorFlashDxe/VirtNorFlash.c b/OvmfPkg/VirtNorFlashDxe/VirtNorFlash.c > index 1afd60ce66eb..cdc809d75e3d 100644 > --- a/OvmfPkg/VirtNorFlashDxe/VirtNorFlash.c > +++ b/OvmfPkg/VirtNorFlashDxe/VirtNorFlash.c > @@ -566,7 +566,7 @@ NorFlashWriteSingleBlock ( > Instance, > Lba, > Offset & ~BOUNDARY_OF_32_WORDS, > - (*NumBytes | BOUNDARY_OF_32_WORDS) + 1, > + (((Offset & BOUNDARY_OF_32_WORDS) + *NumBytes) | BOUNDARY_OF_32_WORDS) + 1, > Instance->ShadowBuffer > ); > if (EFI_ERROR (Status)) { > -- > 2.43.0 > -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#113726): https://edk2.groups.io/g/devel/message/113726 Mute This Topic: https://groups.io/mt/103680932/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=-=-=-=-=-=-=-=-=-=-=-