From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mga04.intel.com (mga04.intel.com [192.55.52.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 1712621D2E623 for ; Wed, 23 Aug 2017 20:02:27 -0700 (PDT) Received: from fmsmga006.fm.intel.com ([10.253.24.20]) by fmsmga104.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 23 Aug 2017 20:05:01 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.41,419,1498546800"; d="scan'208";a="143942154" Received: from fmsmsx104.amr.corp.intel.com ([10.18.124.202]) by fmsmga006.fm.intel.com with ESMTP; 23 Aug 2017 20:05:01 -0700 Received: from fmsmsx151.amr.corp.intel.com (10.18.125.4) by fmsmsx104.amr.corp.intel.com (10.18.124.202) with Microsoft SMTP Server (TLS) id 14.3.319.2; Wed, 23 Aug 2017 20:05:01 -0700 Received: from shsmsx152.ccr.corp.intel.com (10.239.6.52) by FMSMSX151.amr.corp.intel.com (10.18.125.4) with Microsoft SMTP Server (TLS) id 14.3.319.2; Wed, 23 Aug 2017 20:04:54 -0700 Received: from shsmsx102.ccr.corp.intel.com ([169.254.2.183]) by SHSMSX152.ccr.corp.intel.com ([169.254.6.93]) with mapi id 14.03.0319.002; Thu, 24 Aug 2017 11:04:53 +0800 From: "Dong, Eric" To: "Kinney, Michael D" , "edk2-devel@lists.01.org" CC: "Ni, Ruiyu" Thread-Topic: [Patch] UefiCpuPkg/MpLib: fix potential overflow issue. Thread-Index: AQHTHFnabQWnTZshtEmWtHKdiUjH5qKS0oGw Date: Thu, 24 Aug 2017 03:04:52 +0000 Message-ID: References: <1503466180-15548-1-git-send-email-eric.dong@intel.com> In-Reply-To: Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.239.127.40] MIME-Version: 1.0 Subject: Re: [Patch] UefiCpuPkg/MpLib: fix potential overflow issue. X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 24 Aug 2017 03:02:27 -0000 Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Mike,=20 Thanks for the comments, I updated the patch, please help to review the new= patch. Thanks, Eric -----Original Message----- From: Kinney, Michael D=20 Sent: Thursday, August 24, 2017 5:51 AM To: Dong, Eric ; edk2-devel@lists.01.org; Kinney, Mich= ael D Cc: Ni, Ruiyu Subject: RE: [Patch] UefiCpuPkg/MpLib: fix potential overflow issue. Hi Eric, With this patch GetPerformanceCounterProperties() is called twice. I think= you can use TimestampCounterFreq in the else clause. Also, the comment blocks are no longer correct. The original comment block= goes with the else clause, and you need a new comment block for the if sta= tement that describes the check for an overflow. Mike > -----Original Message----- > From: Dong, Eric > Sent: Tuesday, August 22, 2017 10:30 PM > To: edk2-devel@lists.01.org > Cc: Kinney, Michael D ; Ni, Ruiyu=20 > > Subject: [Patch] UefiCpuPkg/MpLib: fix potential overflow issue. >=20 > Current calculate timeout logic may have overflow if the input timeout=20 > value too large. This patch fix this potential overflow issue. >=20 > Cc: Michael Kinney > Cc: Ruiyu Ni > Contributed-under: TianoCore Contribution Agreement 1.1 > Signed-off-by: Eric Dong > --- > UefiCpuPkg/Library/MpInitLib/MpLib.c | 30 > +++++++++++++++++++++++------- > 1 file changed, 23 insertions(+), 7 deletions(-) >=20 > diff --git a/UefiCpuPkg/Library/MpInitLib/MpLib.c > b/UefiCpuPkg/Library/MpInitLib/MpLib.c > index ed1f55e..005dec4 100644 > --- a/UefiCpuPkg/Library/MpInitLib/MpLib.c > +++ b/UefiCpuPkg/Library/MpInitLib/MpLib.c > @@ -1001,6 +1001,9 @@ CalculateTimeout ( > OUT UINT64 *CurrentTime > ) > { > + UINT64 TimeoutInSeconds; > + UINT64 TimestampCounterFreq; > + > // > // Read the current value of the performance counter > // > @@ -1019,13 +1022,26 @@ CalculateTimeout ( > // in Hz. So multiply the return value with TimeoutInMicroseconds=20 > and then divide > // it by 1,000,000, to get the number of ticks for the timeout=20 > value. > // > - return DivU64x32 ( > - MultU64x64 ( > - GetPerformanceCounterProperties (NULL, NULL), > - TimeoutInMicroseconds > - ), > - 1000000 > - ); > + TimestampCounterFreq =3D GetPerformanceCounterProperties > (NULL, NULL); > + if (DivU64x64Remainder (MAX_UINT64, TimeoutInMicroseconds, > NULL) < TimestampCounterFreq) { > + // > + // Convert microseconds into seconds if direct > multiplication overflows > + // > + TimeoutInSeconds =3D DivU64x32 (TimeoutInMicroseconds, > 1000000); > + // > + // Assertion if the final tick count exceeds MAX_UINT64 > + // > + ASSERT (DivU64x64Remainder (MAX_UINT64, TimeoutInSeconds, > NULL) >=3D TimestampCounterFreq); > + return MultU64x64 (TimestampCounterFreq, > TimeoutInSeconds); > + } else { > + return DivU64x32 ( > + MultU64x64 ( > + GetPerformanceCounterProperties (NULL, NULL), Use TimestampCounterFreq instead. > + TimeoutInMicroseconds > + ), > + 1000000 > + ); > + } > } >=20 > /** > -- > 2.7.0.windows.1