From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga11.intel.com (mga11.intel.com [192.55.52.93]) by mx.groups.io with SMTP id smtpd.web10.36405.1669876001074078488 for ; Wed, 30 Nov 2022 22:26:41 -0800 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=kGqYfwfH; spf=pass (domain: intel.com, ip: 192.55.52.93, mailfrom: jiewen.yao@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1669876001; x=1701412001; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=eWiAV3c9gciy3pURxWllhVeVk/oR+jIwu4rnjDgq0FQ=; b=kGqYfwfHArcWSGfLjG8QFEDB6C55OVBW4/HF6dtH2U4oFXkwymItqy4+ Ta99PU6CLFxHzKiEk53MRTF/nsdhlVnZPDPnTcKhl3KjJ2KZjuw2IsbnH j16Pul2umbA8fOGMwvAKiaS9htAvEVe0e4AA1264HBIbNBXbRnoNHaarD aZEBfTBkj34cyAJFWNmFHYH1/157TIauVauN1ebCJJA1q5LgOBlS2JLNN xpwbJPIvr/Dd/rBV2tFyqIaTVf1e59Rfe4xkcUFwGDAfHMk0dVuXzkTjZ VDIi7HSvjx8zC/W4Z6jcBv85ra5GBB2TebDT3yBXB/LyjUmpfjKs/xKq3 A==; X-IronPort-AV: E=McAfee;i="6500,9779,10547"; a="313230198" X-IronPort-AV: E=Sophos;i="5.96,207,1665471600"; d="scan'208";a="313230198" Received: from orsmga008.jf.intel.com ([10.7.209.65]) by fmsmga102.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 30 Nov 2022 22:26:40 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6500,9779,10547"; a="675312134" X-IronPort-AV: E=Sophos;i="5.96,207,1665471600"; d="scan'208";a="675312134" Received: from fmsmsx602.amr.corp.intel.com ([10.18.126.82]) by orsmga008.jf.intel.com with ESMTP; 30 Nov 2022 22:26:39 -0800 Received: from fmsmsx611.amr.corp.intel.com (10.18.126.91) by fmsmsx602.amr.corp.intel.com (10.18.126.82) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.16; Wed, 30 Nov 2022 22:26:39 -0800 Received: from fmsmsx610.amr.corp.intel.com (10.18.126.90) by fmsmsx611.amr.corp.intel.com (10.18.126.91) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.16; Wed, 30 Nov 2022 22:26:38 -0800 Received: from fmsedg602.ED.cps.intel.com (10.1.192.136) by fmsmsx610.amr.corp.intel.com (10.18.126.90) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.16 via Frontend Transport; Wed, 30 Nov 2022 22:26:38 -0800 Received: from NAM11-BN8-obe.outbound.protection.outlook.com (104.47.58.169) by edgegateway.intel.com (192.55.55.71) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.16; Wed, 30 Nov 2022 22:26:38 -0800 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=MUUsIR6QXjkwzzQXcyza+zBDBFsxH4HfaDddxv+fI1g+wa1c/LlzaP+5PzvZh9uua0UZtG372zM1axdNPYD7sbozj7y/tthizowcfL4yBGAsE9swcDR7V19ul6PwZwXpFt1kjizWvlrDb63AQVOS/Yp/9KYpfLVw6wXkhOzRdFZ+orv82/w6xw8Q6lwJFisMzKgs1JWnXcjZWlHrl1l1ahwSxuo32dopgXX3bNgqpf5u7pQVYCBrtIQnwPhbLIa1mJUHQTQ38ltnPB7oHzPR9EYZft7IZPN9t7K4iHlW72ogUYKWccDfYLCJu2Ey2MyxKwdB42t93fdYQ3BAAKYClA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=rBIHG6njTqAC4Lg6DSZ8RGMJc2E1BizfF/hdFT7sFxE=; b=XfOLWp+nMr5VBLnB7WL91y9uO1GeoOwZTHNfL3nEIUMRcLFi7nWQ7D3RL10fMMHoFrzVLlpLeT66d1APeHW36omXZMB8iOMUgsRzS1vja31HAKDlVRsWHCP99BQoJNKIDEcei7UaHMvnd2IGRpV97Lrt3y4wc/nexILIscJ4jLCpplhLmBzWSzF1RegZNpxVLVNYKn6Ugp1UNpzPV69Bv0PVbkT3BeBkk7Wg8k27DvcaTUL4RChzZqjCvR5zucpW+7sRk0Tov68umtYssZ0v8A7FaMRzPUVnmieH6ChzuDzVfYeCEy9Gu9wGcukQijntTu2emweufaMPEs/CYPNvBA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none Received: from MW4PR11MB5872.namprd11.prod.outlook.com (2603:10b6:303:169::14) by DM6PR11MB4691.namprd11.prod.outlook.com (2603:10b6:5:2a6::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5857.23; Thu, 1 Dec 2022 06:26:35 +0000 Received: from MW4PR11MB5872.namprd11.prod.outlook.com ([fe80::e9dd:f205:1970:4edb]) by MW4PR11MB5872.namprd11.prod.outlook.com ([fe80::e9dd:f205:1970:4edb%9]) with mapi id 15.20.5857.023; Thu, 1 Dec 2022 06:26:35 +0000 From: "Yao, Jiewen" To: "Xu, Min M" , "devel@edk2.groups.io" CC: "Aktas, Erdem" , James Bottomley , Gerd Hoffmann , Tom Lendacky Subject: Re: [PATCH V1 1/1] OvmfPkg/PlatformInitLib: Add check to NvVarStoreFV HeaderLength Thread-Topic: [PATCH V1 1/1] OvmfPkg/PlatformInitLib: Add check to NvVarStoreFV HeaderLength Thread-Index: AQHZAi3+i9HnFeWUqUWN2mB2zeVZfa5Yl0pA Date: Thu, 1 Dec 2022 06:26:35 +0000 Message-ID: References: <20221127070014.479-1-min.m.xu@intel.com> In-Reply-To: <20221127070014.479-1-min.m.xu@intel.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=intel.com; x-ms-publictraffictype: Email x-ms-traffictypediagnostic: MW4PR11MB5872:EE_|DM6PR11MB4691:EE_ x-ms-office365-filtering-correlation-id: 9fe93bd7-b53e-4e11-4a73-08dad364ff25 x-ld-processed: 46c98d88-e344-4ed4-8496-4ed7712e255d,ExtAddr x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: bG9bEGx60zSkkCdnchu8G3YdcPIKr3o9c1XqXDx6OFf2OoQPD7Hr86/bTbOEPvhBjPHGW7gJBLMYdk5ZpT+c0LdzqXldHSuECxNU1sXOE4c6hLZ1RtU1VQQOuO8J7+lhWx0LTGH/fDaYM7sBTTOXwDUz1Vx5/jgxGFloqlcVCGtxsZuFszAlIcX57zU37wlegJMpkazvsiXvCEek61+K04tVJcnv1+bG6y73Gv3EM+/ryKMa8v/VYQG2Pq4sPJQ3zp9erFChQQTz1WP6oYOtoOPgQTAnQrqaVx3InTkvCFQkwoX19plRCuGVBatDSnw6hK3O2esVrp/NzuEIkY1vopQB8lUccwmWTsKAbWfjkkX7ko6ZAnW3INesPFt0oYCnzRhqrvdNp/PMgN8M0hvtMEEDef8eDC2/rlmhFG5kpfUts2vwqmCGWU81R/MwPQLiifVKgpdSWJphFK55FcMeL1bLWiksVd+LTFlAO3fuFcu0DOnEh7rZ4rf1wbaaLiZdeKIsCkDug+UcU0n9Ec74Iu6wV6/T/f2inDhzDwbiGicLAvkMs3psiM2wMQkn/5WsfkX0xe6FyrN6B9qUV9xUVX4qPiNf45FKrq8BQkMLD9VZ9DPEZi9kxzhlEItoAsPTCiP8QziT4ZF/Uh0yUIj7K47F3b8qYWpe/NeBJ6QC9I+VXaCPnYS97GAuz1/soV2K5ojh/c48He2ce8EVAq4vHQ== x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:MW4PR11MB5872.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230022)(6029001)(396003)(346002)(39860400002)(136003)(366004)(376002)(451199015)(82960400001)(38070700005)(55016003)(33656002)(86362001)(6506007)(38100700002)(316002)(54906003)(110136005)(41300700001)(64756008)(71200400001)(2906002)(66946007)(4326008)(66476007)(5660300002)(8936002)(76116006)(66446008)(52536014)(66556008)(478600001)(26005)(7696005)(83380400001)(9686003)(8676002)(122000001)(186003)(53546011);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?/TZeCRjrfFWfs+RZcmgB1MG7ApBe8WqiIxSAYlkCz8pg8+ArwRoFngPuK0hL?= =?us-ascii?Q?sqboK5jx4HLMEjYH6tgXpTgfPLh+230Lj3w0rZdQMpWQUw6SHw8mdvJRZSSB?= =?us-ascii?Q?83bWrVuuV4Z8gVxNJ+e0IGGbwryk8sBgP11o8wVKQ9q1JtulJpSMdiE+B1LH?= =?us-ascii?Q?eex9wePXprT2PIJhLZTKhq1qkub5nUoDwkh95wQhbB0rvUR8tIANMzZ5osHI?= =?us-ascii?Q?jCjIitEKaPQsyeEq423qDc2dDMMgW9eEiulW570jT5NVDPEw/7G1Bv74ElVt?= =?us-ascii?Q?45sTcrC0dA3MKBErdQE8TD1w4ucxtQwkATkqsBMcUegVU68/8SbB5STxf4Pe?= =?us-ascii?Q?zFIGmPhsFOfWNt2H36C8h5K8jN03z4lEO4Kmu+CyU/+5TteN2s807rZ2Odd4?= =?us-ascii?Q?dZ4WKngaZz8FpiRYNH3bz82GVHUQh/MrBo4Tv6o0PoVRe+AkqYAc4h3i80Po?= =?us-ascii?Q?esOTJQp+EQnBsSLHuvvIPLQmAisJ20HJgA85x0LXGpk2QHdLBlbX77g6lz1q?= =?us-ascii?Q?MJ1/WCdUx4W+8+D5yhZQSAwuQCQYJutDp/tU1iJT8MMbJMssZhaJ4GzyXi6F?= =?us-ascii?Q?pHcjwuCYS+q6xegfQ/w4Hhgkgedoe8xscb49YhX354Rg+UeJbLCPUQ32La8b?= =?us-ascii?Q?QOgcUpqnTrwZzApMAovjwv925t2jJEwfJL74OLJkLeGsQGkpnwoYOTqCNCeN?= =?us-ascii?Q?BtHRxRE9Eqe7LagvPhIsyxFby1IRe+4By/X8KPtxjxbIFVBc6xjALYdmV/uH?= =?us-ascii?Q?NoN+NknAXvIhiwWNVK1j7JLweGSKKa3vEXYpJh42ucJ9GNNDqI/QX8YsV3Wp?= =?us-ascii?Q?rGWHBVL6MhkeWMNB3BP6guaQ4pToXcokEoxTa3x2io1Sl65JZnkAtsxO1gGT?= =?us-ascii?Q?TNzFz9mf4AgNtFPHCPsx8lzIOJ+jWuEQ1f4QiOoKjgFmqr16ssq495YyTNi/?= =?us-ascii?Q?da9GE9H9CDWswdhDPewufuW73Sbt50EsFJaHc55owrJF4G8XM5NdogmPF+xM?= =?us-ascii?Q?6CJ/uNuzYoS7KQ6coRJBP/ZrB9z8AFDKe44+5avjoynh8e6BqfRlxQri0W6D?= =?us-ascii?Q?fQ4gqSFraGgEkfJb0kWq7AFS+RGUY4TDpDWNlc6+2ZNpvWBkYXWAi94f+MDm?= =?us-ascii?Q?OAprhub425sGvbxouQ6rrfJr/SOXl5ptlnJDYvUnF4qBmzpOQmUvfkzaY33d?= =?us-ascii?Q?92HTa/bylFAwjSRwglbM4hby0AIpy2CmV4ueIcrHWn7ji4HMO/Le7eQkBVKu?= =?us-ascii?Q?LUZSzLf5UutAsAuf34tOxk0refCMnXAiGU8iJHITRYyJgM+rtqcU2BycVY5w?= =?us-ascii?Q?4CZFTldImDE7H5x3rnr/B6kyKA79mDTvKgfOPlo1SLl5iX3//BCJpz4qN4rq?= =?us-ascii?Q?9fB5MDLOdEnplCsm7usDGj8NiwcdPbRCZVLyLaNILGBcoN5vSvIlL/XUfuIH?= =?us-ascii?Q?PeXX8dsCz0k/t7p0Kc5PskpMzs/kTTM/zzYxM3tNfCV4od9N/JwnD0CAlVwj?= =?us-ascii?Q?WiG+zr9wDHq57VkijB3xMJwJBOIntSWdPruETiGpDhoWuceNWZoQRESGHTgx?= =?us-ascii?Q?TwXwCbnWDRal1NhC/GJAuk67GXGXPQ1x2orQLZ6d?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: MW4PR11MB5872.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 9fe93bd7-b53e-4e11-4a73-08dad364ff25 X-MS-Exchange-CrossTenant-originalarrivaltime: 01 Dec 2022 06:26:35.7014 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: KyofKQXWI7mxAw0iXumTxyWLp7sbRLzEQz4p+TEsWAFUTNsi9fBBMWFAFS5AMXNcM8XcY/Ksqm7ZkoqF45JUsQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR11MB4691 Return-Path: jiewen.yao@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Reviewed-by: Jiewen Yao > -----Original Message----- > From: Xu, Min M > Sent: Sunday, November 27, 2022 3:00 PM > To: devel@edk2.groups.io > Cc: Xu, Min M ; Aktas, Erdem > ; James Bottomley ; Yao, > Jiewen ; Gerd Hoffmann ; > Tom Lendacky > Subject: [PATCH V1 1/1] OvmfPkg/PlatformInitLib: Add check to > NvVarStoreFV HeaderLength >=20 > From: Min M Xu >=20 > There should be a check that the FV HeaderLength cannot be an odd > number. Otherwise in the following CalculateSum16 there would be an > ASSERT. >=20 > In ValidateFvHeader@QemuFlashFvbServicesRuntimeDxe/FwBlockServices.c > there a is similar check to the FwVolHeader->HeaderLength. >=20 > Cc: Erdem Aktas > Cc: James Bottomley > Cc: Jiewen Yao > Cc: Gerd Hoffmann > Cc: Tom Lendacky > Signed-off-by: Min Xu > --- > OvmfPkg/Library/PlatformInitLib/Platform.c | 1 + > 1 file changed, 1 insertion(+) >=20 > diff --git a/OvmfPkg/Library/PlatformInitLib/Platform.c > b/OvmfPkg/Library/PlatformInitLib/Platform.c > index 2582689ffe35..77f22de046f2 100644 > --- a/OvmfPkg/Library/PlatformInitLib/Platform.c > +++ b/OvmfPkg/Library/PlatformInitLib/Platform.c > @@ -653,6 +653,7 @@ PlatformValidateNvVarStore ( > (!CompareGuid (&FvHdrGUID, &NvVarStoreFvHeader->FileSystemGuid)) > || > (NvVarStoreFvHeader->Signature !=3D EFI_FVH_SIGNATURE) || > (NvVarStoreFvHeader->Attributes !=3D 0x4feff) || > + ((NvVarStoreFvHeader->HeaderLength & 0x01) !=3D 0) || > (NvVarStoreFvHeader->Revision !=3D EFI_FVH_REVISION) || > (NvVarStoreFvHeader->FvLength !=3D NvVarStoreSize) > ) > -- > 2.29.2.windows.2