From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga02.intel.com (mga02.intel.com [134.134.136.20]) by mx.groups.io with SMTP id smtpd.web10.13149.1688612232743031927 for ; Wed, 05 Jul 2023 19:57:12 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=j7BkmghQ; spf=pass (domain: intel.com, ip: 134.134.136.20, mailfrom: isaac.w.oram@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1688612232; x=1720148232; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=LoP/BxHQ+BJ1+LtDXxOTV3dxxfrXv7kN8W5DrWWT5uo=; b=j7BkmghQC6HJPTJPayEkpOp+PYQ4fpLKFsV2JWK9ibR6/xZspIJ5D/VF XRHEZtAkVO9tQXj/TJspSb15pbcTyGOv138CW36ZXrf9wBQzcYD7ijpAK qyoagKUKUBv6qI9fLL8deRUecScA9Q3Bc55HtF0//FyXU6jp5zpgHWwor 6yQT/cyyUEtq1fm0dQVz9pkMVzu203NQVL/dUCGqWuzZXvss9GuzdDf8Q tQ6QvBrCbU+J2Im45gKdr7RFmwWLg86ZrjmWY6g4jilGnbRQZfaw5ssGg DGW9k65KX8E5GczMkYoCXkWv37nyjYUqNsEUD5cu5SqP1uN8E4nZJ5bLx w==; X-IronPort-AV: E=McAfee;i="6600,9927,10762"; a="353328754" X-IronPort-AV: E=Sophos;i="6.01,184,1684825200"; d="scan'208";a="353328754" Received: from fmsmga004.fm.intel.com ([10.253.24.48]) by orsmga101.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 05 Jul 2023 19:57:12 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10762"; a="789377099" X-IronPort-AV: E=Sophos;i="6.01,184,1684825200"; d="scan'208";a="789377099" Received: from orsmsx603.amr.corp.intel.com ([10.22.229.16]) by fmsmga004.fm.intel.com with ESMTP; 05 Jul 2023 19:57:11 -0700 Received: from orsmsx611.amr.corp.intel.com (10.22.229.24) by ORSMSX603.amr.corp.intel.com (10.22.229.16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Wed, 5 Jul 2023 19:57:10 -0700 Received: from orsmsx610.amr.corp.intel.com (10.22.229.23) by ORSMSX611.amr.corp.intel.com (10.22.229.24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Wed, 5 Jul 2023 19:57:10 -0700 Received: from ORSEDG601.ED.cps.intel.com (10.7.248.6) by orsmsx610.amr.corp.intel.com (10.22.229.23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27 via Frontend Transport; Wed, 5 Jul 2023 19:57:10 -0700 Received: from NAM10-DM6-obe.outbound.protection.outlook.com (104.47.58.109) by edgegateway.intel.com (134.134.137.102) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.27; Wed, 5 Jul 2023 19:57:10 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Iw/0wG1zETdo8PpJJF3nRvq3V9ErAVEp0RxTewuGar9UOSCVSrJOe112REILOMXlErMNNdjoAoYiNzn9iuzj0ZrvfM0GQ0lS4LQM1buDyJcR+eo9ZE5jtrwrLoSqDYkprlLCNra2gJoITkXRwRpa7n+R081e06HyRRDB4ky6amHPuqZ2g8k7HjaOFW6jZf63RCYp76G0iLfMRB5SODgFWhfS+SlgHRp/HcVuDSyt7tOnAl0YcBPvrjsm5rbFTDCLSD/ShVt5+iVXFL9X69MfTWTnJyjamU6yuz6klmGig2y2wB0P/Lmbv5XBGYayS7Y1iQstzzLfQZEGJsP3CUK0rw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=sbKI0mdTKIkpyeIltuCNcUZC106nOU6itqBOxWwF0Wg=; b=dZn2HIXF44lsfntIFJLYkYZSLmVr8fZBy1tCMWE2ma1M0xsNGOvDE3UdE0HfWW0LZzc+ZHXo3+IUJ0XazsVHsy6CJBnSRigvTG+RiyFUO2wfbQCs60YkLV1xrla+NYOeXAiBd4UNcbWK4r2afA1M1Qaq1iMoFpUcjdlpOaJ60EihQX8wAIZWfMeulXp9uOTxgMOF7pVErK0y5o1BA1P2e/fptRnIMYlDIEGjDuFPq15sIu9s5eP/KX2qKnHEHqrt/uZPRn9FJv2cTIMLY4Fq8AugSE9sWDFOsP8J1iTpm5oALDMCOcKra4oyYDVaGXrxFzzzfHBYcHLFR+EgUu7XIA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none Received: from SA1PR11MB5801.namprd11.prod.outlook.com (2603:10b6:806:23d::13) by PH0PR11MB5174.namprd11.prod.outlook.com (2603:10b6:510:3b::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6565.17; Thu, 6 Jul 2023 02:57:07 +0000 Received: from SA1PR11MB5801.namprd11.prod.outlook.com ([fe80::ba9b:b98b:c9f2:b32]) by SA1PR11MB5801.namprd11.prod.outlook.com ([fe80::ba9b:b98b:c9f2:b32%7]) with mapi id 15.20.6565.016; Thu, 6 Jul 2023 02:57:07 +0000 From: "Isaac Oram" To: "devel@edk2.groups.io" , "mikuback@linux.microsoft.com" CC: "Chiu, Chasel" , "Desimone, Nathaniel L" , "Gao, Liming" , "Dong, Eric" , "Lautner, Kenneth" Subject: Re: [edk2-devel] [edk2-platforms][PATCH v1 1/1] MinPlatformPkg: Add Mem Type Info variable validity checks Thread-Topic: [edk2-devel] [edk2-platforms][PATCH v1 1/1] MinPlatformPkg: Add Mem Type Info variable validity checks Thread-Index: AQHZr61MfedgLkOczUeFlhSCPDXCza+sC5jw Date: Thu, 6 Jul 2023 02:57:07 +0000 Message-ID: References: <20230706015726.269-1-mikuback@linux.microsoft.com> In-Reply-To: <20230706015726.269-1-mikuback@linux.microsoft.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=intel.com; x-ms-publictraffictype: Email x-ms-traffictypediagnostic: SA1PR11MB5801:EE_|PH0PR11MB5174:EE_ x-ms-office365-filtering-correlation-id: 7474863d-d371-4c4b-13cd-08db7dccaf78 x-ld-processed: 46c98d88-e344-4ed4-8496-4ed7712e255d,ExtAddr x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: UODVd8paq8ogAqWnvQWi7YB1WKgvcLJLDVa4rsMMKPE/hTLw8gyzOP8bjVlmaHe38UmXgqNGDehyz1NeH7Qh3j+uR3xk2zmVOX+4ZoVRJxleeJsXvCNXo79c6mU9Vs60VvidZSUnHSXjJ4mmWoSlyYYuYDdIv1hPqB5vA4FKOSlGVZPmJWN8GfefPkxIoyLYgkfQdPr/I7hcd+5/+0IF5bydQ5PV/cSG7QdKBi5bujTTE67s1TZK4S/1kKGyQtH4JTtBELr14BIerhpZt87HMTBx7ypZ7LjL699NAD5cLmsV+u/xvl+zjZPv8CFRPuBNTkE2uzxZuMNIsEsHvLDC3EdlNBrMyEsVhkq2nM7hzHWDlh2pq7x457ikpKH6P5J7ofVOcZ7pRDh43/SX5Byi82tRWNyaASN47PCT6ywFrkYuK+kLMaX2/Xob0PPJocVR1t6pfka9/I+SuUimqCshD1bxUJ9V0M7Sn+3lJ8RMCQRdA6PnmcH1hjA9j8qDkgIDiW3M8HwCtyI5+DzGZt4BUK6fZO2uqlcC7VHm+24oIEqxpmwv7sy6C9EjGRJjKT9ibHrphRoltrQ759k0K4tAF7nwF58nuuyNu/fDKip7UioB9deLvuOLeeMtDakrinfEZgZL26dGDHxLFZjQJM9DSw== x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:SA1PR11MB5801.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230028)(346002)(376002)(136003)(39860400002)(396003)(366004)(451199021)(5660300002)(8676002)(8936002)(41300700001)(316002)(2906002)(66899021)(83380400001)(52536014)(122000001)(76116006)(82960400001)(110136005)(4326008)(55016003)(64756008)(66946007)(66446008)(66476007)(38100700002)(66556008)(53546011)(86362001)(186003)(6506007)(38070700005)(9686003)(7696005)(54906003)(26005)(478600001)(33656002)(966005)(71200400001);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?n3X+d+6Pt1IZIUEbDRU3eyE1hqgW5WkE/026YIXvMNlBsgDSP2KRXiJeSkCP?= =?us-ascii?Q?SNsJrR8QdxCgnreHiwFyU03DFFGUsVm8D0JWXRT3R8PezJM8TMaHtD+oYvUq?= =?us-ascii?Q?/klhRyPn0kqEniWuWSzZvIx+7ZvkRdzxxn31npw94J5ZWxR2IJKEAnSvy4WB?= =?us-ascii?Q?9TctnSj5KWAea4CtOf3KyGf48/yp8i+/HxDdmDv7qVUS0pddbB84avSgKQSx?= =?us-ascii?Q?R9qSogYoskwN6IsMc2AzM0fwr7ZYywtdf0g/yOH5+Q26ONiQL9lpzXKfA51R?= =?us-ascii?Q?vat2eigpTNNV+b2iEHJ90zh7RRwg0XnoEx0MkYkhorsu9UehJOHvOT07wGhH?= =?us-ascii?Q?CQkIF6nTtsOfUE98CBTqfMCq3jzABlwc3H/UmXJIQ/xQfaqekILrUkz3vvJp?= =?us-ascii?Q?5KQSpYfXo9rg4fEXl/R0sqVarSMT/RgnDGpY5CFy1+yldmSJOnQzMPdz5Ptr?= =?us-ascii?Q?Bh+PqzAkqOBFIJcJG/rsFkG2cMmvhe/3VW4F2mVLP3vvZ7AY6ouQyiRKRbsv?= =?us-ascii?Q?RtXLckXT8wp70MCIbHsFep63NoirMtGYvU/fyqQzqO+CYZJdEBZRYfeUQQfV?= =?us-ascii?Q?PnnhypI661xyxVFLX/Ci2VN8sMCPT3lJIcSHguXjXaebtQv1NBWhaJCne6VS?= =?us-ascii?Q?1UO/aFKkFpoaKwMG96NuLNo/TdevkSZZubLwsvAFM77lDUfc1rruUReEyN7H?= =?us-ascii?Q?btOWfbLwSJvGjo8BIwsPpgwdE7uUMNFVPxkT6dwHeN74PETq8ghVMfnMt50I?= =?us-ascii?Q?8FUs8yu5VeeYV59M39hG+ja0mOUoByEc0KeAfVY682Tat/ptNYzbKysl0o/S?= =?us-ascii?Q?mqtiS0gArekkV2vbPGAtfa0NUcTABnh9W5uRy3j2okWIQLMbcsLLDA/bgvrd?= =?us-ascii?Q?gbMISdrozhJYixVdcjY/3FnvUkxCePRtmY0Qvq0zbPdrgwxUnMQgJ+MhCd8z?= =?us-ascii?Q?a9UOYYV8AmpSqVTYZq6X2pNJJfAjCeuXYZnc0GccNjWeiTpHDM7WhmxWwV4u?= =?us-ascii?Q?RpnAxGWcawka/rpm/9sycf+6sv5ht+2xLIN7k5YM13aMI7BbuZ2a4Ebqv5Zt?= =?us-ascii?Q?Q0rm24kl5gYrHSzPUh7jwdEbvK2v+HcMykiEsN7zrAMEwJqvcYr+8V6dydob?= =?us-ascii?Q?4/XcUiWWAc88P3hykukiLxyAzLoOPcd+UJ1YKsrIS7iypLdT+xIMZsq+FvFv?= =?us-ascii?Q?Ih4Bc4oB1J0wY2DwY/8J2m3HOipSpmjoUyecrcISkMN10F3QIJhM0ZvsXcuR?= =?us-ascii?Q?6wN/BH6UcYO8VxCZOoHzmXgJOb9YgbfudkhC0ruJeV8VtkFT9yjC4UykfIjf?= =?us-ascii?Q?MH+91AfAdbFiSDPX+Z0mkFetdGlR9SLKJbs6Yw6TifQsf6DDzQZc/6t2Wa65?= =?us-ascii?Q?Z+IiYyqw3FCEwyC44cRQuxRt0yl8kXNIl1CwNP+VzYhygNJJUG6SM0am/6zr?= =?us-ascii?Q?/pZfto0lmeizueZ3pakN8kbRHmdl/EYp4QOPAvFmRhVHWLF4sIVTs8ZCMMRA?= =?us-ascii?Q?XsL84YLHrFlCgQF0/CsBqbCBW0intkEwU+ICMpp1oW3KxXutgmmtr2u2LUmU?= =?us-ascii?Q?V6x03856hOdtMrNE80cJOTwpNpjLjPeLQxae+mHP?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: SA1PR11MB5801.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 7474863d-d371-4c4b-13cd-08db7dccaf78 X-MS-Exchange-CrossTenant-originalarrivaltime: 06 Jul 2023 02:57:07.3234 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: qqm66rBnOfaJHBQFg+Shft5mgSzeMbbRc+Yjb6LUZZp4UWYzVTb5IDzzuVYoK2/SMKcoCX4yA3WxzRTW9Xrglg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR11MB5174 Return-Path: isaac.w.oram@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Reviewed-by: Isaac Oram -----Original Message----- From: devel@edk2.groups.io On Behalf Of Michael Kuba= cki Sent: Wednesday, July 5, 2023 6:57 PM To: devel@edk2.groups.io Cc: Chiu, Chasel ; Desimone, Nathaniel L ; Oram, Isaac W ; Gao, Liming = ; Dong, Eric ; Lautner, Kenn= eth Subject: [edk2-devel] [edk2-platforms][PATCH v1 1/1] MinPlatformPkg: Add Me= m Type Info variable validity checks From: Michael Kubacki Adds some sanity checks around the Memory Type Information data restored fr= om the `EFI_MEMORY_TYPE_INFORMATION_VARIABLE_NAME` UEFI variable. This is particularly useful when the structures that the data was saved aga= inst have changed in the latest firmware image. For example, `EfiUnaccepted= MemoryType` was added to `EFI_MEMORY_TYPE` in edk2 commit `502c01c`. This incremented `EfiMaxMemoryType` by `1`. That change was first released in the `edk2-stable202211` stable tag. Firmware performing an update across those stable tags may encounter issues= depending on code implementation for handling `EfiMaxMemoryType` as a term= inating loop value. This change checks the size and max memory type saved i= n the UEFI variable to determine whether it is better to start from the def= aults and rebuild the UEFI variable data on the current boot. Cc: Chasel Chiu Cc: Nate DeSimone Cc: Isaac Oram Cc: Liming Gao Cc: Eric Dong Co-authored-by: Ken Lautner Signed-off-by: Michael Kubacki --- Platform/Intel/MinPlatformPkg/PlatformInit/PlatformInitPei/PlatformInitPre= Mem.c | 32 +++++++++++++++++--- 1 file changed, 28 insertions(+), 4 deletions(-) diff --git a/Platform/Intel/MinPlatformPkg/PlatformInit/PlatformInitPei/Pla= tformInitPreMem.c b/Platform/Intel/MinPlatformPkg/PlatformInit/PlatformInit= Pei/PlatformInitPreMem.c index d8c96b52f4b3..bc97711a02f6 100644 --- a/Platform/Intel/MinPlatformPkg/PlatformInit/PlatformInitPei/PlatformIn= itPreMem.c +++ b/Platform/Intel/MinPlatformPkg/PlatformInit/PlatformInitPei/Platfor +++ mInitPreMem.c @@ -164,18 +164,22 @@ BuildMemoryTypeInformation ( EFI_STATUS Status; EFI_PEI_READ_ONLY_VARIABLE2_PPI *VariableServices; UINTN DataSize; + UINTN Index; EFI_MEMORY_TYPE_INFORMATION MemoryData[EfiMaxMemoryType + 1]; =20 // // Locate system configuration variable // - Status =3D PeiServicesLocatePpi( + Status =3D PeiServicesLocatePpi ( &gEfiPeiReadOnlyVariable2PpiGuid, // GUID 0, // INSTANCE NULL, // EFI_PEI_PPI_DESCRIPTOR (VOID **) &VariableServices // PPI ); - ASSERT_EFI_ERROR(Status); + if (EFI_ERROR (Status)) { + ASSERT_EFI_ERROR (Status); + return; + } =20 DataSize =3D sizeof (MemoryData); Status =3D VariableServices->GetVariable ( @@ -186,9 +190,29 @@ BuildMem= oryTypeInformation ( &DataSize, &MemoryData ); - if (EFI_ERROR(Status)) { + if (!EFI_ERROR (Status)) { + if (DataSize % sizeof (EFI_MEMORY_TYPE_INFORMATION) !=3D 0) { + DEBUG ((DEBUG_ERROR, "The UEFI Memory Type Information variable size= is inconsistent with this build.\n")); + Status =3D EFI_COMPROMISED_DATA; + } else { + // Loop through all except the last one and make sure it seems reaso= nable + for (Index =3D 0; Index < ((DataSize / sizeof (EFI_MEMORY_TYPE_INFOR= MATION)) - 1); Index++) { + if (MemoryData[Index].Type >=3D EfiMaxMemoryType) { + DEBUG ((DEBUG_ERROR, "UEFI Memory Type Information variable has = an invalid memory type.\n")); + Status =3D EFI_COMPROMISED_DATA; + } + } + // The last entry must be MaxMemoryType with size 0 + if ((MemoryData[Index].Type !=3D EfiMaxMemoryType) || (MemoryData[In= dex].NumberOfPages !=3D 0)) { + DEBUG ((DEBUG_ERROR, "UEFI Memory Type Information variable contai= ns an invalid last entry.\n")); + Status =3D EFI_COMPROMISED_DATA; + } + } + } + + if (EFI_ERROR (Status)) { DataSize =3D sizeof (mDefaultMemoryTypeInformation); - CopyMem(MemoryData, mDefaultMemoryTypeInformation, DataSize); + CopyMem (MemoryData, mDefaultMemoryTypeInformation, DataSize); } =20 /// -- 2.41.0.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D Groups.io Links: You receive all messages sent to this group. View/Reply Online (#106670): https://edk2.groups.io/g/devel/message/106670 Mute This Topic: https://groups.io/mt/99978201/1492418 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [isaac.w.oram@intel.com] -=3D-=3D-=3D-=3D-=3D-=3D