From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga04.intel.com (mga04.intel.com [192.55.52.120]) by mx.groups.io with SMTP id smtpd.web11.3243.1631236646099011543 for ; Thu, 09 Sep 2021 18:17:26 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@intel.onmicrosoft.com header.s=selector2-intel-onmicrosoft-com header.b=nfSsICYu; spf=pass (domain: intel.com, ip: 192.55.52.120, mailfrom: jiewen.yao@intel.com) X-IronPort-AV: E=McAfee;i="6200,9189,10102"; a="219099023" X-IronPort-AV: E=Sophos;i="5.85,282,1624345200"; d="scan'208";a="219099023" Received: from fmsmga004.fm.intel.com ([10.253.24.48]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 09 Sep 2021 18:17:24 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.85,282,1624345200"; d="scan'208";a="525817290" Received: from orsmsx603.amr.corp.intel.com ([10.22.229.16]) by fmsmga004.fm.intel.com with ESMTP; 09 Sep 2021 18:17:24 -0700 Received: from orsmsx612.amr.corp.intel.com (10.22.229.25) by ORSMSX603.amr.corp.intel.com (10.22.229.16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2242.12; Thu, 9 Sep 2021 18:17:23 -0700 Received: from orsmsx604.amr.corp.intel.com (10.22.229.17) by ORSMSX612.amr.corp.intel.com (10.22.229.25) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2242.12; Thu, 9 Sep 2021 18:17:23 -0700 Received: from orsedg603.ED.cps.intel.com (10.7.248.4) by orsmsx604.amr.corp.intel.com (10.22.229.17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2242.12 via Frontend Transport; Thu, 9 Sep 2021 18:17:23 -0700 Received: from NAM04-BN8-obe.outbound.protection.outlook.com (104.47.74.41) by edgegateway.intel.com (134.134.137.100) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2242.12; Thu, 9 Sep 2021 18:17:22 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ee7tcOj9HZ7AfFb1ZO3TV8tVKkMuSGXFES1FzhIGuPZj7St3vrNnWydg199YUvUKGudGWSZXQ9kH7GAvb6XvaX0VF/AoPkgLThfg5nQi85So2B3IGiB7HbKOeZRz9t5FR8IetZDtR4yCNaIoCxSVYdY6Ii8Ldo58p3cXT08s0oNgdyDV+dbUXuMQEFLkigm2yC3huGrVOvJ4eIHxTQMFTx7KH51Re5J6E45BEuf082rs09s7Jhzody2JLZhPTnXXkBMooxCe0j8U6w+FUN0wHMdUDoLNdpGT06XrSybXKob4jDRhi0vEekTPkIqHtTCi7v9JihwRn4noTz5WyasLJw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=M3I62KjX/fUfO/GbZnJYPZlyQnIZhgiCfowsHc/c1K8=; b=L2PMHO4WkUsho9P2VQF9uOBRI+qgjf7z80cbSYwZ9FcVLXwAi0O5VY/GUDFFgqpWx3q11kBpAYkyWUd7DmDt8PlXEstNDd3IHb5FjvyMpg//J2UTc12Vv5traJ94qUNy1/Lzzi3R/k98kdT/oxUFxRjqWnB6iu752Zh5WVhrMECtBxfZayoiIEx2prtWnDXLP6+zZEgwit1Fqkjy97eouS2wu/YFbFPCCJOIEl4wlFWa92U47Lo7XCLb6/rBVB3c5oFSqW44QhhwlKdavpC8DVlMzgWqb6mtlWwYTjyUZbPdB0YESk+grLps+qMkMODA2opRctE9PN3sNk65v1hLFA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=intel.onmicrosoft.com; s=selector2-intel-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=M3I62KjX/fUfO/GbZnJYPZlyQnIZhgiCfowsHc/c1K8=; b=nfSsICYu0ZvxWZ1U2laCyrIXBNXDpue12/2sve3vbfWN/XWzsBLSNfREoXebUXgvceve6gsrUMMp2IY2WrEcCVk1vh+lZRCJX3UXI/8a/q4xk136iwkpn0YJG7+le0yiRvZMnZzfuQtHDwTxUGQMnGlj8B1jWTz6+qVnimY6O+E= Received: from PH0PR11MB4885.namprd11.prod.outlook.com (2603:10b6:510:35::14) by PH0PR11MB5110.namprd11.prod.outlook.com (2603:10b6:510:3f::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4500.16; Fri, 10 Sep 2021 01:17:21 +0000 Received: from PH0PR11MB4885.namprd11.prod.outlook.com ([fe80::754e:42e9:16cd:1306]) by PH0PR11MB4885.namprd11.prod.outlook.com ([fe80::754e:42e9:16cd:1306%7]) with mapi id 15.20.4500.017; Fri, 10 Sep 2021 01:17:21 +0000 From: "Yao, Jiewen" To: "devel@edk2.groups.io" , "bobm@nvidia.com" CC: "Wang, Jian J" , "Lu, XiaoyuX" , "Jiang, Guomin" Subject: Re: [edk2-devel] [PATCH] CryptoPkg/BaseCryptLib: Eliminate extra buffer copy in Pkcs7Verify() Thread-Topic: [edk2-devel] [PATCH] CryptoPkg/BaseCryptLib: Eliminate extra buffer copy in Pkcs7Verify() Thread-Index: AQHXm4KMn+C42+TXikSnYpRE0USrJ6ub+VzQgACSYZA= Date: Fri, 10 Sep 2021 01:17:21 +0000 Message-ID: References: <169F43F2EBFB154A.19159@groups.io> In-Reply-To: Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: dlp-version: 11.5.1.3 dlp-product: dlpe-windows dlp-reaction: no-action authentication-results: edk2.groups.io; dkim=none (message not signed) header.d=none;edk2.groups.io; dmarc=none action=none header.from=intel.com; x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: a863d59c-3ce1-49f1-df7d-08d973f8bd68 x-ms-traffictypediagnostic: PH0PR11MB5110: x-ms-exchange-transport-forked: True x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:9508; x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: 6TazTHOTqowTUcHkeLctvk6O6Wd87tQxNis/hipXj3aTtNVT2ha8gsxUykCvuOMf8IDVmQyOIxVakxJnSrEZvX6jI3+wwaQBEGbkIRKg5Z6JAgNFNw3zy1JCxIAzfjgqCko23ycoHXgehWhIV9PPmU+DlbZsBDzHX4ieIrcLqxtAfWPman7DIHpQbAvPkhSTA5bSWhVhLssDeZ3S5i3VGPA/SmA196O3rk6wVIhvavWAGGEGBwEK+AKOYm1xookdCUFaWDhJMoRod9WwjBxUKRy62OX9U4+wEzmUCO4MDxEe1dqwCP53k9g0aqEac2JrWuKFIRqGsgaZ59NL95kZy/i8yArGvyiaoyALsfJGVngnZpfPeiKKfAeswEaDqpn+XUElhB0exyd5VESMbe4tOf4YbU53dFg2ZDr7VTaSnNuG5ZrM/lHjq0PerQFJc5DH20/tlabpAq1NFJut0GRir4blnUKfhK2F/E3D/FFJD3P4svaQfKiCcg/jybMUK8mKdXVQ5pBTyYU2OZBJTfia/cGiyRh7GgH7VdQuSgXvL7o4iIWIsnDYaN6XkewjN5iGePhbWgQr8rTakUaiRLFX/WCm7yYbqVPu2lcSu0aS/5kg1DiFG+IREfHUmxeY7GEkIXsbkUyHlQZ9B4DrCl4NzijGZ/9NeimTZLKpJvmFwRmJzoPIxqV1LJw5eDVssK+NlOPSpi8sIn8E3s02g/q8+jEBwbP0NkPjLkp/9k7crU+fHCZDmvE2HOtq7Nz7Zuw3xbLuQgDsllAH+UJXvMSOSVzUE7S84btsbHZHjAgZBihFKecOoV8RK421YQ3SIfh4z0DF9Q/nSfJTN9KiJfgw3Q== x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:PH0PR11MB4885.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(396003)(136003)(39860400002)(376002)(346002)(366004)(8936002)(76116006)(478600001)(33656002)(83380400001)(66946007)(55016002)(122000001)(6506007)(5660300002)(110136005)(86362001)(966005)(53546011)(52536014)(71200400001)(9686003)(66556008)(8676002)(64756008)(38100700002)(2906002)(186003)(66446008)(107886003)(26005)(54906003)(4326008)(66476007)(316002)(38070700005)(7696005);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?GG+xdESJF9BvlqtVtKI/6CVTd3R+3yhXFI7nsGglYxIeFMKPAopJae8zz0H0?= =?us-ascii?Q?H1QyivCxWx81I4IIEsAIx4xGxnswNyoh1ruT6TwsZYofXwJ0G121bKMUB85w?= =?us-ascii?Q?TS4W/0CzJUoYDR/bpxZ+BkZ8yyG6fRkPe4+xtVtRW1BsSoD43E4uxBrva0Ak?= =?us-ascii?Q?t3UJiPy1PZwbhn3L9g0sUsNZ+j04jb/KjVvf/IBq/RIIqy1NPSo6YjBMJbLR?= =?us-ascii?Q?+yvxhyfbwleZ5fdaPSCZ5vMEQU43+10PhLS2pvmvlCI0SfJmRkv3qOLf9vG4?= =?us-ascii?Q?R+iO9fIOMnR4q9eJ53nCdZYOaJEdtqbYVQzxczZE2n/dzbP19T+VWg30ihL+?= =?us-ascii?Q?Y865dMoNp7w4LuqUlpDAy+LYRSJUwEXnD+0CH1+D8uM3qGyx+442/HcaPiXe?= =?us-ascii?Q?h90KS5klWnf9j9i0v7WRbSHtWXA3xVnDoWfKvzxqGeq6b6PpdcvVe76a77P7?= =?us-ascii?Q?sotGTkl0OwUBP23Nus84z45roOp//HfDBwHAdQGYXHQOr14yjQ2Hx1ZJilA0?= =?us-ascii?Q?3Z/UQXbnT7jfM0xxg2CRKnrMGAl31eKqjS39oaFZfAoflSvZvylYA7lvn/m2?= =?us-ascii?Q?C2mJf1pXwjkG5tixohIBKZup/MWWZiABosabJsRczwoEiLtGu82ETkyahSrC?= =?us-ascii?Q?VzJqxx8TQiAY+LDJQOWSKXjIjGF1Cg3qPaLuFwkBfUHRVH0Jqk8bmGDDdrmv?= =?us-ascii?Q?Ih80vVGclji0ptyzXtsk7LmohWmBT7/44TSy0G4OllnGxQT7VhJODumqA7Nd?= =?us-ascii?Q?Iln8fSSJupASMqV5x2yvH3eBiiqSU9i+Zmt4hLhNWfUxHKP+O+eXFzMXLCfc?= =?us-ascii?Q?cJ8/Kv1aqWNJm1AG2NbnPnRHQiH1sGqcFnxMPPIJVaMQu9+bs9Wbm3z4jn1d?= =?us-ascii?Q?hxlumqfr0X4GTXntK91dkXUFXLDRTJutUNYH0mWL0ANVI4HHJqsHCAo0WEJz?= =?us-ascii?Q?yY1ZWJTrLxXiTK6qwX16QcOHLSUtXwF5Pe99dp0TZx4PEu0MC5kEsM39GbPo?= =?us-ascii?Q?PRF+RAxAd7xkxcEYYNAeANcC7Ck7YRV7szAp7CeU5og3JEALtP+y638pDUhM?= =?us-ascii?Q?WqRsToNb6T73nhXg76oDPlMr+M8+gwGo1qFmaaGcALdaofvGyajoCOudmHwP?= =?us-ascii?Q?0e9n6Vk0HlKIZiQQiUeOsNK6IfR4SfsLNQdyq5PXO12X0QAcgLWphkFANVad?= =?us-ascii?Q?mVRZmAk9YiFqzvznnwN/IRzCId2G+QfKTZ3HHawxSP3m2zvKrLCfQJX48d0J?= =?us-ascii?Q?8wdR3LKO0MAkgYo5/2Q8o2PQMUXeY0seXiEDUzkoo9fFqlWpLAB2izXhGC3A?= =?us-ascii?Q?xlgezcyK1sZSSYeo4EALAFLK?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: PH0PR11MB4885.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: a863d59c-3ce1-49f1-df7d-08d973f8bd68 X-MS-Exchange-CrossTenant-originalarrivaltime: 10 Sep 2021 01:17:21.4992 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: +1f/ZZOGRP9Fc2/fZNNblEyJ3Lyvd0QNqwjeGOS1FL4fFl/Ipp4im/TxSXcAHIv09EU7FU3M/cGHxbY/qQRHPw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR11MB5110 Return-Path: jiewen.yao@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Seems good one. Would you please follow process? 1) Submit Bugzilla https://bugzilla.tianocore.org/ 2) Add all reviewers with Cc: in the patch. Please also share the information on what test has been done for this chang= e. Thank you Yao Jiewen > -----Original Message----- > From: devel@edk2.groups.io On Behalf Of Bob > Morgan via groups.io > Sent: Friday, September 10, 2021 12:34 AM > To: devel@edk2.groups.io; Bob Morgan > Cc: Yao, Jiewen ; Wang, Jian J ; > Lu, XiaoyuX ; Jiang, Guomin > Subject: Re: [edk2-devel] [PATCH] CryptoPkg/BaseCryptLib: Eliminate extra > buffer copy in Pkcs7Verify() >=20 > Hi, Any feedback or status update on this? >=20 > Thanks, >=20 > -bob >=20 > -----Original Message----- > From: devel@edk2.groups.io On Behalf Of Bob > Morgan via groups.io > Sent: Friday, August 27, 2021 2:07 PM > To: devel@edk2.groups.io > Cc: jiewen.yao@intel.com; jian.j.wang@intel.com; xiaoyux.lu@intel.com; > guomin.jiang@intel.com; Bob Morgan > Subject: [edk2-devel] [PATCH] CryptoPkg/BaseCryptLib: Eliminate extra buf= fer > copy in Pkcs7Verify() >=20 > External email: Use caution opening links or attachments >=20 >=20 > Create a read-only openSSL BIO wrapper for the existing input buffer pass= ed to > Pkcs7Verify() instead of copying the buffer into an empty writable BIO wh= ich > causes memory allocations within openSSL. >=20 > Signed-off-by: Bob Morgan > --- > CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyCommon.c | 6 +----- > 1 file changed, 1 insertion(+), 5 deletions(-) >=20 > diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyCommon.c > b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyCommon.c > index d99597d181..8eda98f7b2 100644 > --- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyCommon.c > +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyCommon.c > @@ -864,15 +864,11 @@ Pkcs7Verify ( > // For generic PKCS#7 handling, InData may be NULL if the content is p= resent > // in PKCS#7 structure. So ignore NULL checking here. > // > - DataBio =3D BIO_new (BIO_s_mem ()); > + DataBio =3D BIO_new_mem_buf (InData, (int) DataLength); > if (DataBio =3D=3D NULL) { > goto _Exit; > } >=20 > - if (BIO_write (DataBio, InData, (int) DataLength) <=3D 0) { > - goto _Exit; > - } > - > // > // Allow partial certificate chains, terminated by a non-self-signed b= ut > // still trusted intermediate certificate. Also disable time checks. > -- > 2.17.1 >=20 >=20 >=20 >=20 >=20 >=20 >=20 >=20 >=20 >=20