From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga11.intel.com (mga11.intel.com [192.55.52.93]) by mx.groups.io with SMTP id smtpd.web10.43891.1671514450064177428 for ; Mon, 19 Dec 2022 21:34:10 -0800 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=nklun78i; spf=pass (domain: intel.com, ip: 192.55.52.93, mailfrom: jiewen.yao@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1671514450; x=1703050450; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=fXREPrnnbcBVkDVZeoL3OFeE/Io1EFjLOpi0FtZ2rNo=; b=nklun78iqNYVRE82sxgqIZ4A3bD4wj9dkVEVlRKiGD2B1Hlfj80p4RlM bvj3Gn40ZXTfjQ/AD+/wTh+M0Z/JNvK0yWW/wYifQM8ZUuI/eysmvxtE5 qHyAIxDCVh6xr+vZjkVrIFTwqVGoXClN30eWcvDILgxY5kdFyYKfHnDZ5 EZGaJqgyRlOXSYGzO6J48D4j5UPJgxwjS5RFLv6/1HPcbpTEvJzZjYJmk Kk8AYgzFM4SDYwZeP4lDT4619hW1Qkw88wxkwK/MLtoqHpYal8CT4HmH3 7Z8m0BqBugiy2gNhEKQZ25aK9xYPG8UcYvh9yfSrP1h3Ydjuj0keiAKTD w==; X-IronPort-AV: E=McAfee;i="6500,9779,10566"; a="317169164" X-IronPort-AV: E=Sophos;i="5.96,258,1665471600"; d="scan'208";a="317169164" Received: from orsmga004.jf.intel.com ([10.7.209.38]) by fmsmga102.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 19 Dec 2022 21:34:09 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6500,9779,10566"; a="775167993" X-IronPort-AV: E=Sophos;i="5.96,258,1665471600"; d="scan'208";a="775167993" Received: from fmsmsx601.amr.corp.intel.com ([10.18.126.81]) by orsmga004.jf.intel.com with ESMTP; 19 Dec 2022 21:34:05 -0800 Received: from fmsmsx612.amr.corp.intel.com (10.18.126.92) by fmsmsx601.amr.corp.intel.com (10.18.126.81) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.16; Mon, 19 Dec 2022 21:34:03 -0800 Received: from fmsmsx602.amr.corp.intel.com (10.18.126.82) by fmsmsx612.amr.corp.intel.com (10.18.126.92) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.16; Mon, 19 Dec 2022 21:34:03 -0800 Received: from fmsedg601.ED.cps.intel.com (10.1.192.135) by fmsmsx602.amr.corp.intel.com (10.18.126.82) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.16 via Frontend Transport; Mon, 19 Dec 2022 21:34:03 -0800 Received: from NAM11-CO1-obe.outbound.protection.outlook.com (104.47.56.173) by edgegateway.intel.com (192.55.55.70) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.16; Mon, 19 Dec 2022 21:34:03 -0800 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=e3ZcBaJfu4TfEIP7p6Z7JGltBGM8MF2ToiHZesKQVoJKwpE1NcMxDJXeLwDU3yrFUa7bLYBeb/nYuSGI6jjU2anlMC4m3KZFm+HEWdwzwoihyFzoV/jN2+tlFvk0J/6xnh8luK8a9YIqxwdUSd22OO28rGK9hU0JCzrJ3R0940rh00qn0FztP95d4ytKLyQW1qSOOSk2LRh+Z7p1hnLjh4oG8kCwM7UzlqPGx1IgZXvahjb+kyh9n0uAPGHGWNrRwJUXnBLzdVykMWAC3w/EqvQW5W1JLeAy8+0lALX5sbBIT5ax/nHs/Ea+FMZE+6RRahz5mupAijuS2f6zMxjAAg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=KX9uLLMv6+yxroANqhZA5aHCPTt/yuqwYWURkCdKumg=; b=HXJhNz/Rwn+eytHj7azsKyxQlzsHN/aAK4zC93rH1UP46M+tmw/JbtuyO6g4AK6E2LZN0g4jZsZ1Q5AeUHSV4QI+aO7Ki7zx99l/daeRbhQXtmasesj0IwjBBKZHH1+V3nXtohhDX33bylnNTuWt8u+Zu/z3R8p1dqAfSDzumBDdu+FqDFYhFHGMpAaDCXfr8JZCaHx94GVATbwhxCeE6GJiVkVbPI6DlU3X1aY4wNt7OT8t5+ILi2a/SiQJ12fxqVdnVc8P7KqQKvWAyf5AT3ma7Q80shhrz3j8K5pDGlZ1zPBVAJ9GLJ2aH7Lbp79GGlM8HxHrKW8/KH0n9y7d6g== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none Received: from MW4PR11MB5872.namprd11.prod.outlook.com (2603:10b6:303:169::14) by DS0PR11MB6541.namprd11.prod.outlook.com (2603:10b6:8:d3::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5924.16; Tue, 20 Dec 2022 05:34:00 +0000 Received: from MW4PR11MB5872.namprd11.prod.outlook.com ([fe80::5f56:1bdc:2eae:c041]) by MW4PR11MB5872.namprd11.prod.outlook.com ([fe80::5f56:1bdc:2eae:c041%8]) with mapi id 15.20.5924.016; Tue, 20 Dec 2022 05:34:00 +0000 From: "Yao, Jiewen" To: "devel@edk2.groups.io" , "Yao, Jiewen" , "Lee, Chun-Yi" CC: "Xu, Min M" , Gerd Hoffmann , "Tom Lendacky" , James Bottomley , "Aktas, Erdem" , "Lee, Chun-Yi" Subject: Re: [edk2-devel] [PATCH v2] OvmfPkg/PlatformInitLib: Fix integrity checking failed of NvVarStore in some cases Thread-Topic: [edk2-devel] [PATCH v2] OvmfPkg/PlatformInitLib: Fix integrity checking failed of NvVarStore in some cases Thread-Index: AQHZEJbIsLy//RV+80m2n9Ozk9GWPq5xarbQgATdVQA= Date: Tue, 20 Dec 2022 05:34:00 +0000 Message-ID: References: <20221215142723.9788-1-jlee@suse.com> <1731765A81E3FBB0.6436@groups.io> In-Reply-To: <1731765A81E3FBB0.6436@groups.io> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=intel.com; x-ms-publictraffictype: Email x-ms-traffictypediagnostic: MW4PR11MB5872:EE_|DS0PR11MB6541:EE_ x-ms-office365-filtering-correlation-id: 5c8874d4-7fd2-4e1c-c2cc-08dae24bcc7c x-ld-processed: 46c98d88-e344-4ed4-8496-4ed7712e255d,ExtAddr x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: vCWI2YazwDSkL3lNgnuTVvZTLGCOcZ6qZxtI+/eEOvvwxM0ItQ752nhCYHYDMIvAucJV1/hDfVkCDnMm54HusVPh3Mr3aQmLRvR0QQxis4BmOZ6yJU9WHIt34r1oQYdNTVEELSV2mzU9UE23yGhuej0MXY1BTuqE+JFalJN6/H8KwPRpoklMYi7YL4wv79AOUiHjB97GRI8yFS5U1rDwGsIlhb59ubh8MnCRRdOwmZJ/GyB+N4FB8lUts2mz5j7Xh0lYnab/+RTiCjqiAaE/nCtGm+Vjb/2oAYMMdPDNmIzclNo5CK7e2StFhn9T5azhoinEp5uQp1nlQHqo6yUON35Kfcs4TEuNFurZ/8GrJZl1fNuQ8dlnLzp5LMP99nYoJ3VnlPyNDK6iL2ZuREbR3Gct3jWYd6ICWtwftcEjl7c/v54oyhehZUdVMDf+65IpBI0xHNEpsKGNeqEQA5Rl3ir6nBjt427FbXRiJhFmeB54Ji5vFYozyZx6FZqUMKHteU3YoDwC/XHoo3ISd+ZFUB8wMojSsEh+ew7zVGtlR8k9mxEzSITCZXEcIM1fN6IpxFa7GwQ3gg6g/jivQCg+O4CNmrhVcPYLZrKdvpyWxIpgRqJwfdlmNJiLbbqhtvIXEW2+BIEkgn9XSu3FO45gMaqbn7DuFeXKNWcm9efsjh39zDsvIgWw0EhHRQJdIVnX/NhUrLUwYnQ02MhsERFCkI3yQpr+NBRbFxyn4jMGu5g3p2LUHDCztc+1yfHU1rQP9oSEVZ47oonlic0QbCy2qA== x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:MW4PR11MB5872.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230022)(6029001)(366004)(396003)(376002)(346002)(39860400002)(136003)(451199015)(966005)(478600001)(71200400001)(7696005)(66899015)(64756008)(66476007)(66556008)(66446008)(76116006)(26005)(9686003)(186003)(55016003)(66946007)(6506007)(86362001)(316002)(110136005)(54906003)(38070700005)(82960400001)(38100700002)(8676002)(4326008)(41300700001)(122000001)(83380400001)(2906002)(8936002)(52536014)(33656002)(53546011)(5660300002);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?kOqZ5dH8K8k0+LaRisDX++UDP6izJqjGc8nnPbRbinj0Y6w3jtIQqOC6k60u?= =?us-ascii?Q?tJfItKFCb7YnaT+K3GNG/kFJ/K1OlG6kLa677irn1pY7EDPtEHynSu2zRDud?= =?us-ascii?Q?T05i6sWLpV4LB9/82Qxw4qoNEps6ulHH12mOzCqwnbqf48xCQ3HZLQkdwkA+?= =?us-ascii?Q?6cDPUQ5x1XwWaBbCBeR37L+DgTqtHs1sz4KhKHpI4/guamH0tR2MZoS4eJqp?= =?us-ascii?Q?FkD344b0IVNG+PVWXqwiC9FztE6KblaJ6WQKMQO60Z03WLfNdpfPC/t+oJMY?= =?us-ascii?Q?XCSKwpTake+BxoQZXrM6GDxR0ZYkMDyNfeHrEt/t/2ZY7WrwPv4pWnvezoLG?= =?us-ascii?Q?h1dx6TBqAJnhtpRLyQoo/hy3A34tmWth7wvsznzgbAmoS1quzTwXDjwT/etP?= =?us-ascii?Q?amqM3EIfA4Hlj2Vc+HkGiuFW3U0IcOnkiYaXl9nW3qCcRdYe2RQMvdjEh1FD?= =?us-ascii?Q?jWQ2WRcvUsUNq1cuB9oKMkmP1DhjgMAiYUM05KCOh7U9srkyNmekp9ZhkIpH?= =?us-ascii?Q?HFke927rWQDXV5xxTbRukMJR5RXNWnCThGqQ9iLAwYI5b+Ya25/W+gYekxys?= =?us-ascii?Q?5v+qjNYeRjbolw2U0Gnu7iAZqznZ+7q6YU8acMNwCpRbHbt554i059JAIEZc?= =?us-ascii?Q?cbsA9RzNnfYXN3d+EpZz8xW0uFsM3Klz74n+PFyX/SJTT7lFAHVRci/2FTFi?= =?us-ascii?Q?rPqhh6SIzpySXtWAAg2IaS8sm/V6H9a64DDvQrlO5MSRnJKfXpAisEKJEh5k?= =?us-ascii?Q?H50H2zPKWKce04wwX3j85mgttw+7NeuL5ZMspn23OePOpX4rhliKCibAf6xp?= =?us-ascii?Q?YENvRuzbGDGyXjBgsEwRSsVJ6KqiqBGwfQDdXwwqUSR1TNn8FhdXN9ElI4LL?= =?us-ascii?Q?6RF+rXFCQzJt9fsXV+I4j4cXdj7qnhzhoErB6o4IuehCd6ezHiHunwZKTQso?= =?us-ascii?Q?kwTXQadi52HQNtMF50F8yTPZAdsBlByCxjSlkzN2hzLoX89Asrx7dadUFYtl?= =?us-ascii?Q?oTk1ObZQWlQ/aFryG56OCbcZ5pFeyhBL8Iejj1sJQnwxZyMEKfFC3laAbcaX?= =?us-ascii?Q?8LbOXZO9ibO4GlMqSn7oU2gO02oPmI9HMhQcz+l8EW1ko4zwY/F9FFwig12m?= =?us-ascii?Q?+XBZvto146CP92KRgcFzv0e5dkOO/45SHTE8SELWIc6FizKFG9UA5cg6jD9B?= =?us-ascii?Q?xOJcpR88m0oyrEiNn4guhIOjrfr3SvTczBrd1QKlm7Dkw2Qt/19Kgk+vGIUu?= =?us-ascii?Q?5C6uxMQr+ir3USRK3BhKZg0AjGwShWIirUylB17+FzWUsChx6Ar7CxrjLoLr?= =?us-ascii?Q?dm/laUS5sw/dYUs3yF2AE2dgWUqE3iH0TyzFLtHZ0VW38npZsw0/i2ZB0WZu?= =?us-ascii?Q?ii60dOYfaEQTBur0zx6X+M8R8SK1IOYhWgZzM1ypcKh2ZHn3DvdHXYfK45wb?= =?us-ascii?Q?8xIYxJTzYPbdcU5FGWMbBxH9IHfPGCdyTzvpfxNV5ulRkW/ZaP5dcM6sYAYt?= =?us-ascii?Q?IKy9TrWOr0t0QA059gkGYnzBdYAx3aS7Xc9fABhqr7oGrDtD2H02foPvHJtC?= =?us-ascii?Q?4pZsv/DCYoRK0GBds4IHB9mDCN5gtafengmZdx6O?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: MW4PR11MB5872.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 5c8874d4-7fd2-4e1c-c2cc-08dae24bcc7c X-MS-Exchange-CrossTenant-originalarrivaltime: 20 Dec 2022 05:34:00.7030 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: L1ODGQ2XfbNGDLl5vFQCNEPzRQzrN1p5EFNg+9DcBR6ZzPjJrs8LA4weFIQ+mPaAXsBj5klU6kaN/Ypnl8FmMQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DS0PR11MB6541 Return-Path: jiewen.yao@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Merged https://github.com/tianocore/edk2/pull/3797 with minor format fix. > -----Original Message----- > From: devel@edk2.groups.io On Behalf Of Yao, > Jiewen > Sent: Saturday, December 17, 2022 11:18 AM > To: Lee, Chun-Yi ; devel@edk2.groups.io > Cc: Xu, Min M ; Gerd Hoffmann > ; Tom Lendacky ; James > Bottomley ; Aktas, Erdem ; > Lee, Chun-Yi > Subject: Re: [edk2-devel] [PATCH v2] OvmfPkg/PlatformInitLib: Fix integri= ty > checking failed of NvVarStore in some cases >=20 > Thanks for the fix. > Reviewed-by: Jiewen Yao >=20 > Question: Have you run tiano CI by yourself, before submit the patch? >=20 >=20 >=20 > > -----Original Message----- > > From: Lee, Chun-Yi > > Sent: Thursday, December 15, 2022 10:27 PM > > To: devel@edk2.groups.io > > Cc: Xu, Min M ; Gerd Hoffmann > > ; Yao, Jiewen ; Tom > Lendacky > > ; James Bottomley ; > > Aktas, Erdem ; Lee, Chun-Yi > > Subject: [PATCH v2] OvmfPkg/PlatformInitLib: Fix integrity checking fai= led of > > NvVarStore in some cases > > > > In the commit 4f173db8b4 "OvmfPkg/PlatformInitLib: Add functions for > > EmuVariableNvStore", it introduced a PlatformValidateNvVarStore() > function > > for checking the integrity of NvVarStore. > > > > In some cases when the VariableHeader->StartId is VARIABLE_DATA, the > > VariableHeader->State is not just one of the four primary states: > > VAR_IN_DELETED_TRANSITION, VAR_DELETED, VAR_HEADER_VALID_ONLY, > > VAR_ADDED. > > The state may combined two or three states, e.g. > > > > 0x3C =3D (VAR_IN_DELETED_TRANSITION & VAR_ADDED) & VAR_DELETED > > or > > 0x3D =3D VAR_ADDED & VAR_DELETED > > > > When the variable store has those variables, system booting/rebooting w= ill > > hangs in a ASSERT: > > > > NvVarStore Variable header State was invalid. > > ASSERT > > /mnt/working/source_code- > > git/edk2/OvmfPkg/Library/PlatformInitLib/Platform.c(819): > > ((BOOLEAN)(0=3D=3D1)) > > > > Adding more log to UpdateVariable() and PlatformValidateNvVarStore(), > we > > saw some variables which have 0x3C or 0x3D state in store. > > e.g. > > > > UpdateVariable(), VariableName=3DBootOrder > > L1871, State=3D0000003F <-- VAR_ADDED > > State &=3D VAR_DELETED=3D0000003D > > FlushHobVariableToFlash(), VariableName=3DBootOrder > > ... > > UpdateVariable(), VariableName=3DInitialAttemptOrder > > L1977, State=3D0000003F > > State &=3D VAR_IN_DELETED_TRANSITION=3D0000003E > > L2376, State=3D0000003E > > State &=3D VAR_DELETED=3D0000003C > > FlushHobVariableToFlash(), VariableName=3DInitialAttemptOrder > > ... > > UpdateVariable(), VariableName=3DConIn > > L1977, State=3D0000003F > > State &=3D VAR_IN_DELETED_TRANSITION=3D0000003E > > L2376, State=3D0000003E > > State &=3D VAR_DELETED=3D0000003C > > FlushHobVariableToFlash(), VariableName=3DConIn > > ... > > > > So, only allowing the four primary states is not enough. This patch cha= nges > > the falid states list (Follow Jiewen Yao's suggestion): > > > > 1. VAR_HEADER_VALID_ONLY (0x7F) > > - Header added (*) > > 2. VAR_ADDED (0x3F) > > - Header + data added > > 3. VAR_ADDED & VAR_IN_DELETED_TRANSITION (0x3E) > > - marked as deleted, but still valid, before new data is added. (*) > > 4. VAR_ADDED & VAR_IN_DELETED_TRANSITION & VAR_DELETED (0x3C) > > - deleted, after new data is added. > > 5. VAR_ADDED & VAR_DELETED (0x3D) > > - deleted directly, without new data. > > (*) means to support surprise shutdown. > > > > And removed (VAR_IN_DELETED_TRANSITION) and (VAR_DELETED) > because > > they are > > invalid states. > > > > v2: > > Follow Jiewen Yao's suggestion to add the following valid states: > > VAR_ADDED & VAR_DELETED (0x3D) > > VAR_ADDED & VAR_IN_DELETED_TRANSITION (0x3E) > > VAR_ADDED & VAR_IN_DELETED_TRANSITION & VAR_DELETED > > (0x3C) > > and removed the following invalid states: > > VAR_IN_DELETED_TRANSITION > > VAR_DELETED > > > > Signed-off-by: "Lee, Chun-Yi" > > --- > > OvmfPkg/Library/PlatformInitLib/Platform.c | 9 +++++---- > > 1 file changed, 5 insertions(+), 4 deletions(-) > > > > diff --git a/OvmfPkg/Library/PlatformInitLib/Platform.c > > b/OvmfPkg/Library/PlatformInitLib/Platform.c > > index 77f22de046..6963c47e0b 100644 > > --- a/OvmfPkg/Library/PlatformInitLib/Platform.c > > +++ b/OvmfPkg/Library/PlatformInitLib/Platform.c > > @@ -702,10 +702,11 @@ PlatformValidateNvVarStore ( > > > > VariableOffset =3D NvVarStoreHeader->Size - sizeof > > (VARIABLE_STORE_HEADER); > > } else { > > - if (!((VariableHeader->State =3D=3D VAR_IN_DELETED_TRANSITION) |= | > > - (VariableHeader->State =3D=3D VAR_DELETED) || > > - (VariableHeader->State =3D=3D VAR_HEADER_VALID_ONLY) || > > - (VariableHeader->State =3D=3D VAR_ADDED))) > > + if (!((VariableHeader->State =3D=3D VAR_HEADER_VALID_ONLY) || > > + (VariableHeader->State =3D=3D VAR_ADDED) || > > + (VariableHeader->State =3D=3D (VAR_ADDED & VAR_DELETED)) || > > + (VariableHeader->State =3D=3D (VAR_ADDED & > > VAR_IN_DELETED_TRANSITION)) || > > + (VariableHeader->State =3D=3D (VAR_ADDED & > > VAR_IN_DELETED_TRANSITION & VAR_DELETED)))) > > { > > DEBUG ((DEBUG_ERROR, "NvVarStore Variable header State was > > invalid.\n")); > > return FALSE; > > -- > > 2.35.3 >=20 >=20 >=20 >=20 >=20