From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from NAM11-DM6-obe.outbound.protection.outlook.com (NAM11-DM6-obe.outbound.protection.outlook.com [40.107.223.61]) by mx.groups.io with SMTP id smtpd.web11.261.1616599514592211447 for ; Wed, 24 Mar 2021 08:25:14 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@nvidia.com header.s=selector2 header.b=gW2u3wCX; spf=permerror, err=parse error for token &{10 18 %{i}._ip.%{h}._ehlo.%{d}._spf.vali.email}: invalid domain name (domain: nvidia.com, ip: 40.107.223.61, mailfrom: jbrasen@nvidia.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=HFKlku9S4MpQjF6DH7GEXK/HK1+gx1u+I2/bYXsMycSbL4u0zLUL0dGW71Loam0y6Mx9Y4Li1mQTUg/l3kJr6St/UiSKBnXqD8Yh/n1sR1OccXjvLiPk6x68lWZych73FYMcywlczdcEc73AntUKnC0U0bRCkylYvAvX7DhWPtxyxTCaL72/3GB0Tao5eOuOB5Odq+BiIqlKndBiKEsErPUsUX5QMVBghVZQzES/MVNBqng8yro/beno+0AhbgiWQmyxpcZthNq4W89P2kCVAEdo7JqVZrvssEQRgTaPEsEEZEqSu4ebpXEnjRM57kJ48rCHkeS7hNoSE/qOSs+rcw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=cIIzUmfu7Rpg0zWRagEhYTjnica+cauVTzViBgU/nUM=; b=CjPIGwinqXDdjL/2V+yqkBE3sgq8j4kcgmS30G/J+vrdLmvI5qm0H8yask56oCDYSKWmIAFoDeCYakk45pQOQ/AckhEmOmmO/ND3ZlFDxkMWVV2Fvqwra9wiRJc8zB7j3wq17dCaNSk25TFpAuPLrIgKCecz+RduTvOjwAucLTPy2spHBiInA+7t/R2t8L/OlUrQG6Msl8w1sstdUjKbTIlZ+VQiWQLeOLASwYljKfLFZA5rET/Ulc6fg+VZriy264Zr3JNGNjiOOy8DvM6MZYrPZo9l66G6iTbTzolNGlrGY0tMAP21GpLLQyf0iZQ1RlOzqgydzRhZsoihZiSJ0g== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nvidia.com; dmarc=pass action=none header.from=nvidia.com; dkim=pass header.d=nvidia.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=cIIzUmfu7Rpg0zWRagEhYTjnica+cauVTzViBgU/nUM=; b=gW2u3wCXMyk2Qm0ZcJtbtPWPAsvFbLsZP8KrbjaFTnlWQCPEeD4MuNg/K8GWuer83riKTQaFZ5w9thTDrjNFDqwDyFVSWxNNwJqx5HilaCvvhY3Fp+fQ8aJx58iQhCpFFgzVLhXUxnqFwilvECYPzdSPjASLQaaDAXbfZLPKhfpwiWuZG5tNmoU/+1yxB+lhRSxsTnIeQmybpOrwpF49W7xoucGCrV5RYOQJr4BY4S12AUyCkM9WItxiPFmJEMTsj3fOmBBuD8m45jFAIaTstDyjDbKNGh7pTQdCMtcXaS867oUxHx4LOQ3UEAQKgZKMTxvz5CyUa/bA/BTvfIxi8Q== Received: from DM6PR12MB3340.namprd12.prod.outlook.com (2603:10b6:5:3d::24) by DM6PR12MB2681.namprd12.prod.outlook.com (2603:10b6:5:41::30) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3977.25; Wed, 24 Mar 2021 15:25:12 +0000 Received: from DM6PR12MB3340.namprd12.prod.outlook.com ([fe80::684e:5cfe:5db3:5b8f]) by DM6PR12MB3340.namprd12.prod.outlook.com ([fe80::684e:5cfe:5db3:5b8f%7]) with mapi id 15.20.3977.024; Wed, 24 Mar 2021 15:25:12 +0000 From: "Jeff Brasen" To: Laszlo Ersek , "devel@edk2.groups.io" , "bret.barkelew@microsoft.com" CC: "jian.j.wang@intel.com" , "ao.a.wu@intel.com" Subject: Re: [EXTERNAL] [edk2-devel] [PATCH 1/1] MdeModulePkg/BmpSupportLib: Allow BMP with extra data Thread-Topic: [EXTERNAL] [edk2-devel] [PATCH 1/1] MdeModulePkg/BmpSupportLib: Allow BMP with extra data Thread-Index: AQHXIAodQHGZzFyzO0CttJBNMkjws6qR120AgAErDYCAAD+V3A== Date: Wed, 24 Mar 2021 15:25:12 +0000 Message-ID: References: <70c26f78d461d1b8021462d3c3fe6eb717b19193.1616520420.git.jbrasen@nvidia.com> , In-Reply-To: Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: redhat.com; dkim=none (message not signed) header.d=none;redhat.com; dmarc=none action=none header.from=nvidia.com; x-originating-ip: [2601:281:8100:1241:4d79:4253:57e4:4cb5] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 2579125c-c8a9-468e-0daa-08d8eed904cd x-ms-traffictypediagnostic: DM6PR12MB2681: x-microsoft-antispam-prvs: x-ms-exchange-transport-forked: True x-ms-oob-tlc-oobclassifiers: OLM:10000; x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: XwVbXzEiwemwTnBks0ZLtG/3A2j5lqa/IREM2b+MAqS3mKpVOenQI+b05G64Y2xrIiJxEuzw524AdPaM/I2bNyjnnRU1MeSpGwbwV61qA2Pn2QEr9Vbc7UUuR4m5mbGwrHbf2VEKEHlJEDiPZ9OQ/2t0SnSLEXs/jsfqlCc0gq0jdEhBJGiOW1RuP3JgHoV9fkrPbac0avh3IHRwnPpFMmZ/8uKsG8P9N15gQWQQiHzD0xEGvRLbqKuXi1cFWMonx/TYgciHHJnG/My37kls5K3CpeEMy6Cz3GENzG7mzXC5hQ7wZrLGswSTkwjf/aeWswU7J9Egs5TMcgJT4etY3dvUAo6LqBcBmUog4AFDtylmaKtxkr6dJ6ciZVy/VdR4m6wPuWz/0coRb0gUEuGVWIbh7zG8QSliQ9gVjeH1pAC7D3qW9dQB5+tgs9aGMTi1iOECeJiWuyPWACTJ4lpIwU2imQFrrEMyRYPQv+hHsDbm1xyFEub/G2rPZmf7TIMrnyhr1XS58UfxfVaYDxco7fwTgoTOi60+B/DRiViEHiO17Wjer856b+HiEUACLVbVwo46vD5XkYnEx0PDXBhHUS83E/HpJos848Xh6hAFsPFb/B4Hqt6hPbgPwU7JftPnAZF+plu3CDHKBVtZqK0t0hs4TC0jEr02XlyMxnygLB9fiSrfh0qeDUjTtH755egqtrwHmVjh7VWhu5odUvoa38YVIIeteslykwu5UXmzy0kPs28VjqVGplOUNFe22Mz7 x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DM6PR12MB3340.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(136003)(366004)(376002)(346002)(396003)(39860400002)(8676002)(33656002)(83380400001)(8936002)(478600001)(166002)(186003)(45080400002)(53546011)(6506007)(19627405001)(966005)(54906003)(110136005)(52536014)(64756008)(4326008)(66446008)(66556008)(66476007)(66946007)(2906002)(7696005)(38100700001)(5660300002)(9686003)(76116006)(71200400001)(86362001)(55016002)(316002);DIR:OUT;SFP:1101; x-ms-exchange-antispam-messagedata: =?Windows-1252?Q?mKvHNXDbxMncJBPXSQ6EZE1YyXROp5jBoJjpYlk/sUHJNrUe0ISqL9CA?= =?Windows-1252?Q?EyZnZiZ7ZAlyZOg3/BT9RbWG3KRbG3cR+PgSaLT2Hfoj+OTVl/KLoV7j?= =?Windows-1252?Q?6gOAesj2wVWsGVcYQdptXZpbQ3hXBJQ7Ie6ETrw1eXGTFQIxelsgmeMV?= =?Windows-1252?Q?1fPP/24XkFfRseipWdjMQN/8Ax1iL8RwNDtw/mHKDdi0UixBF3+s9aHg?= =?Windows-1252?Q?C5Vg8eKUJE5j/bA1wcu24MSYBfRRjZFggkt+e2X6OH5rX8FaHYjFhxcy?= =?Windows-1252?Q?SKq207CfM1HhrePEFT8JXUZX1HbpZYCZNsY8Fcuov5ubFqiFWHrfSkc9?= =?Windows-1252?Q?02N5gry/GB+HRHdc7KlW0ex7RhVUhA46y3GMzy5BGDFiM40O9vl2li1g?= =?Windows-1252?Q?8o2bFmlrlf8ESMEN5ga1vt/+wv9aQA/fyr75VOiqb/XxmyuPhE7l3K1l?= =?Windows-1252?Q?oD0q4ZBLye8tLzsjZ1Zwl5IwknFMh+xrRqNbpuEp+5CPZHIuf9NDNA+s?= =?Windows-1252?Q?/aUwaXb3NhPcSFe6KziqnEgCu2LtldwCD+qfIQkxPXXk4IQeKkPD/0qm?= =?Windows-1252?Q?NK/F4Zcs8WQd35a0h3fhIjdAAoIqMxAUgbWsh57AV3asgYd10EzP+vKV?= =?Windows-1252?Q?2TZ5CwQCL9KXAJMduXCLTIxx8PuQ7tsa56sxUjHVs6oggXx7+7fHhvyt?= =?Windows-1252?Q?kWNTLIptmMZsH1Qw+bAd4acm2WMWCWaW3lGNhncXm+pSCtNOq08pzxPN?= =?Windows-1252?Q?XRprIC8jItDju4E/QsTKkitY9ZBwDOeD9/zt6Ky5V+FnUBXC3VBT0Snl?= =?Windows-1252?Q?iYFlz45G9FKRwr8VqlLCAkjJLE4p9nnvNdWIUvazl7zOxKF7f2Z0aNgt?= =?Windows-1252?Q?xnJ8oJgCR8ztjjpP6KEOuawP+xOJWBuT+r8ZeICh6xaTzmcfXWAano8r?= =?Windows-1252?Q?HxHhEnIpTafjixEjRXs2krxY4mBVm+QLSi4qapaveV5aMiVod3OiYsYe?= =?Windows-1252?Q?fZ1SxZQFyj8AxTkScvX7Z4PWriAEd0Xgb+T3I3OBt3ZhhoYbRwcWoqoe?= =?Windows-1252?Q?8KseSJE8qDmIbmJW+FLg93Ul5s9B3PSeql1mmCyL3+4WCWcJR96Lv06U?= =?Windows-1252?Q?ipWcPDTg+yM0qECiVIsK0n3R+uk5ahLHKaUKC4z4pcdoYjnN4cPrVFKf?= =?Windows-1252?Q?sdrCvufnQLeIZMCbahdADjI7kKzmtwPPD9YDeegXZ8WAwwb44plllRKF?= =?Windows-1252?Q?vTHb2teyl4iojt+7hGCWgVSNm2Iviias6WRNY/139esJzL10wRiocQer?= =?Windows-1252?Q?tAZkedaZ8c4ByNgPnvVBh7gGUCYCkLBPOeXo/k69JIwbmUr0MMAm/DLs?= =?Windows-1252?Q?N7Fcbo5oJ8OyZjZjwVYbRPDMPIII6LDhysKWxAhsDHI7BlzhUKd/pLyj?= =?Windows-1252?Q?5quaiGbNCaJngktsPZzLEEJ773YN8g6rZccwC8wDSqIBYm3Nb4BRdcHi?= =?Windows-1252?Q?qJfZ9Hho?= MIME-Version: 1.0 X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: DM6PR12MB3340.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 2579125c-c8a9-468e-0daa-08d8eed904cd X-MS-Exchange-CrossTenant-originalarrivaltime: 24 Mar 2021 15:25:12.7627 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: 1OOvhg+nq/2ExlCi1gsGN7YuiFE5U2ItvKSQBiFTaaRfKmCjUYlM93fewLFc/E9sLbcar/WoLsJ0AdH5Blg7Cg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB2681 Content-Language: en-US Content-Type: multipart/alternative; boundary="_000_DM6PR12MB33408C106C304BF5EEA64609CB639DM6PR12MB3340namp_" --_000_DM6PR12MB33408C106C304BF5EEA64609CB639DM6PR12MB3340namp_ Content-Type: text/plain; charset="Windows-1252" Content-Transfer-Encoding: quoted-printable Some of the logo files we received for the group that makes our assets like= this (not sure what tool they were created with) look like they pad the BM= P size to 8 bytes. TranslateBmpToGopBlt: invalid BmpImage... BmpHeader->Size: 0xE1038 BmpHeader->ImageOffset: 0x36 BmpImageSize: 0xE1038 DataSize: 0xE1000 TranslateBmpToGopBlt: invalid BmpImage... BmpHeader->Size: 0x2A3038 BmpHeader->ImageOffset: 0x36 BmpImageSize: 0x2A3038 DataSize: 0x2A3000 TranslateBmpToGopBlt: invalid BmpImage... BmpHeader->Size: 0x5EEC38 BmpHeader->ImageOffset: 0x36 BmpImageSize: 0x5EEC38 DataSize: 0x5EEC00 So, each of these has 2 bytes of padding at the end of the file. We could = write a tool that would do the same size recalculation in order to update t= he size in the header and remove the two bytes but it seems that this is a = valid BMP file and it doesn't seem correct that UEFI is rejecting it. I can= update the commit message with more context if needed as well. Thanks, Jeff ________________________________ From: Laszlo Ersek Sent: Wednesday, March 24, 2021 5:31 AM To: devel@edk2.groups.io ; bret.barkelew@microsoft.c= om ; Jeff Brasen Cc: jian.j.wang@intel.com ; ao.a.wu@intel.com Subject: Re: [EXTERNAL] [edk2-devel] [PATCH 1/1] MdeModulePkg/BmpSupportLi= b: Allow BMP with extra data External email: Use caution opening links or attachments On 03/23/21 18:41, Bret Barkelew via groups.io wrote: > Is this a *good* idea? > > What is considered valid extra data? If it=92s immaterial to the FW disp= laying the image, our policy has been to strip it off BEFORE adding it to t= he FW image. Not counting any potential security aspects, stripping out undisplayed portions helps with flash usage too (I think?), so at least some concrete justification in the commit message would be nice... Thanks Laszlo > > - Bret > > From: Jeff Brasen via groups.io > Sent: Tuesday, March 23, 2021 10:29 AM > To: devel@edk2.groups.io > Cc: jian.j.wang@intel.com; ao.a.wu@intel.c= om; Jeff Brasen > Subject: [EXTERNAL] [edk2-devel] [PATCH 1/1] MdeModulePkg/BmpSupportLib:= Allow BMP with extra data > > Add support for processing BMP data that contains extra data after the > image array, this data will not be parsed in anyway in the library but > images that contain this will not be rejected from processing. > > --- > MdeModulePkg/Library/BaseBmpSupportLib/BmpSupportLib.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/MdeModulePkg/Library/BaseBmpSupportLib/BmpSupportLib.c b/Md= eModulePkg/Library/BaseBmpSupportLib/BmpSupportLib.c > index 3ac31f6723d0..944d01fe7cdf 100644 > --- a/MdeModulePkg/Library/BaseBmpSupportLib/BmpSupportLib.c > +++ b/MdeModulePkg/Library/BaseBmpSupportLib/BmpSupportLib.c > @@ -213,7 +213,7 @@ TranslateBmpToGopBlt ( > > if ((BmpHeader->Size !=3D BmpImageSize) || > (BmpHeader->Size < BmpHeader->ImageOffset) || > - (BmpHeader->Size - BmpHeader->ImageOffset !=3D DataSize)) { > + (BmpHeader->Size - BmpHeader->ImageOffset < DataSize)) { > > DEBUG ((DEBUG_ERROR, "TranslateBmpToGopBlt: invalid BmpImage... \n"= )); > DEBUG ((DEBUG_ERROR, " BmpHeader->Size: 0x%x\n", BmpHeader->Size)= ); > -- > 2.25.1 > > > > > > > > >=20 > > > --_000_DM6PR12MB33408C106C304BF5EEA64609CB639DM6PR12MB3340namp_ Content-Type: text/html; charset="Windows-1252" Content-Transfer-Encoding: quoted-printable
Some of the logo files we received for the group that makes our assets lik= e this (not sure what tool they were created with) look like they pad the B= MP size to 8 bytes.

TranslateBmpToGopBlt: invalid BmpImage...
   BmpHeader->Size: 0xE1038
   BmpHeader->ImageOffset: 0x36
   BmpImageSize: 0xE1038
   DataSize: 0xE1000
TranslateBmpToGopBlt: invalid BmpImage...
   BmpHeader->Size: 0x2A3038
   BmpHeader->ImageOffset: 0x36
   BmpImageSize: 0x2A3038
   DataSize: 0x2A3000
TranslateBmpToGopBlt: invalid BmpImage...
   BmpHeader->Size: 0x5EEC38
   BmpHeader->ImageOffset: 0x36
   BmpImageSize: 0x5EEC38
   DataSize: 0x5EEC00

So, each of these has 2 bytes of padding at the end of the file. We could = write a tool that would do the same size recalculation in order to update t= he size in the header and remove the two bytes but it seems that this is a = valid BMP file and it doesn't seem correct that UEFI is rejecting it. I can update the commit message with m= ore context if needed as well.

Thanks,

Jeff

From: Laszlo Ersek <ler= sek@redhat.com>
Sent: Wednesday, March 24, 2021 5:31 AM
To: devel@edk2.groups.io <devel@edk2.groups.io>; bret.barkele= w@microsoft.com <bret.barkelew@microsoft.com>; Jeff Brasen <jbrase= n@nvidia.com>
Cc: jian.j.wang@intel.com <jian.j.wang@intel.com>; ao.a.wu@in= tel.com <ao.a.wu@intel.com>
Subject: Re: [EXTERNAL] [edk2-devel] [PATCH 1/1] MdeModulePkg/BmpSu= pportLib: Allow BMP with extra data
 
External email: Use caution opening links or atta= chments


On 03/23/21 18:41, Bret Barkelew via groups.io wrote:
> Is this a *good* idea?
>
> What is considered valid extra data? If it=92s immaterial to the FW d= isplaying the image, our policy has been to strip it off BEFORE adding it t= o the FW image.

Not counting any potential security aspects, stripping out undisplayed
portions helps with flash usage too (I think?), so at least some
concrete justification in the commit message would be nice...

Thanks
Laszlo

>
> - Bret
>
> From: Jeff Brasen via groups.io<mailto:jbrasen=3Dnvidia.com@groups.io>
> Sent: Tuesday, March 23, 2021 10:29 AM
> To: devel@edk2.groups.io<mailto:devel@edk2.groups.io>
> Cc: jian.j.wang@intel.com<mailto:jian.j.wang@intel.com>; ao.a.w= u@intel.com<mailto:ao.a.wu@intel.co= m>; Jeff Brasen<mailto:jbra= sen@nvidia.com>
> Subject: [EXTERNAL] [edk2-devel] [PATCH 1/1] MdeModulePkg/BmpSupportL= ib: Allow BMP with extra data
>
> Add support for processing BMP data that contains extra data after th= e
> image array, this data will not be parsed in anyway in the library bu= t
> images that contain this will not be rejected from processing.
>
> ---
>  MdeModulePkg/Library/BaseBmpSupportLib/BmpSupportLib.c | 2 +- >  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/MdeModulePkg/Library/BaseBmpSupportLib/BmpSupportLib.c b= /MdeModulePkg/Library/BaseBmpSupportLib/BmpSupportLib.c
> index 3ac31f6723d0..944d01fe7cdf 100644
> --- a/MdeModulePkg/Library/BaseBmpSupportLib/BmpSupportLib.c
> +++ b/MdeModulePkg/Library/BaseBmpSupportLib/BmpSupportLib.c
> @@ -213,7 +213,7 @@ TranslateBmpToGopBlt (
>
>    if ((BmpHeader->Size !=3D BmpImageSize) ||
>        (BmpHeader->Size < Bm= pHeader->ImageOffset) ||
> -      (BmpHeader->Size - BmpHeader->I= mageOffset !=3D DataSize)) {
> +      (BmpHeader->Size - BmpHeader->I= mageOffset < DataSize)) {
>
>      DEBUG ((DEBUG_ERROR, "TranslateBmp= ToGopBlt: invalid BmpImage... \n"));
>      DEBUG ((DEBUG_ERROR, "  = BmpHeader->Size: 0x%x\n", BmpHeader->Size));
> --
> 2.25.1
>
>
>
>
>
>
>
>
>
>
>
>

--_000_DM6PR12MB33408C106C304BF5EEA64609CB639DM6PR12MB3340namp_--