From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by spool.mail.gandi.net (Postfix) with ESMTPS id 02C7DAC11D6 for ; Mon, 6 Nov 2023 07:53:16 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=/DJVtqX4CRkYB2yTeil3n6SKWg07H6uoYqNOCJoDAAc=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20140610; t=1699257195; v=1; b=NvhBrD9raKyK9R7dsZtYrUHs5p1d48WMRZ86VYZKy6J7EydnD0InhS7yM2dIDb3wE2gIYRd5 n40kvWc5RLgo9Qbg5S2S1vAu52GFJttpDLqXmhJYBns+7bKUPVMGng50tuBMyfCM9YGmrWeyAVF ikmXOLmvzg+prMSzBgxtdMl0= X-Received: by 127.0.0.2 with SMTP id hPtLYY7687511xZ3MZucHLnJ; Sun, 05 Nov 2023 23:53:15 -0800 X-Received: from mgamail.intel.com (mgamail.intel.com [134.134.136.31]) by mx.groups.io with SMTP id smtpd.web11.49168.1699257184993246575 for ; Sun, 05 Nov 2023 23:53:15 -0800 X-IronPort-AV: E=McAfee;i="6600,9927,10885"; a="453535789" X-IronPort-AV: E=Sophos;i="6.03,280,1694761200"; d="scan'208";a="453535789" X-Received: from orsmga004.jf.intel.com ([10.7.209.38]) by orsmga104.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 05 Nov 2023 23:53:15 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10885"; a="885824615" X-IronPort-AV: E=Sophos;i="6.03,280,1694761200"; d="scan'208";a="885824615" X-Received: from shpfwdbuild003.ccr.corp.intel.com ([10.239.56.82]) by orsmga004.jf.intel.com with ESMTP; 05 Nov 2023 23:53:12 -0800 From: "Xu, Wei6" To: devel@edk2.groups.io Cc: Wei6 Xu , Laszlo Ersek , Ard Biesheuvel , Sami Mujawar , Ray Ni Subject: [edk2-devel] [PATCH v4 3/4] StandaloneMmPkg/Core: Fix issue that offset calculation might be wrong Date: Mon, 6 Nov 2023 15:52:58 +0800 Message-Id: In-Reply-To: References: MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,wei6.xu@intel.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: qf7cOGdkqkKVl1uxvp2VdDp7x7686176AA= Content-Transfer-Encoding: 8bit X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20140610 header.b=NvhBrD9r; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=intel.com (policy=none); spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io MmCoreFfsFindMmDriver() assumes FileHeader is EFI_FFS_FILE_HEADER. If FileHeader is an EFI_FFS_FILE_HEADER2, 'FileHeader + 1' will get a wrong section address. Use FfsFindSection to get the section directly, instead of 'FileHeader + 1' to avoid this issue. MmCoreFfsFindMmDriver() also assumes section is EFI_COMMON_SECTION_HEADER. If Section is EFI_COMMON_SECTION_HEADER2, 'Section + 1' will get a wrong wrong InnerFvHeader adress. Add section head detection and calculate the address accordingly. Cc: Laszlo Ersek Cc: Ard Biesheuvel Cc: Sami Mujawar Cc: Ray Ni Signed-off-by: Wei6 Xu --- StandaloneMmPkg/Core/FwVol.c | 29 +++++++++++++++-------------- 1 file changed, 15 insertions(+), 14 deletions(-) diff --git a/StandaloneMmPkg/Core/FwVol.c b/StandaloneMmPkg/Core/FwVol.c index c3054ef751ed..4d2b63a448e7 100644 --- a/StandaloneMmPkg/Core/FwVol.c +++ b/StandaloneMmPkg/Core/FwVol.c @@ -79,8 +79,6 @@ MmCoreFfsFindMmDriver ( UINTN DepexSize; UINTN Index; EFI_COMMON_SECTION_HEADER *Section; - VOID *SectionData; - UINTN SectionDataSize; UINT32 DstBufferSize; VOID *ScratchBuffer; UINT32 ScratchBufferSize; @@ -117,23 +115,21 @@ MmCoreFfsFindMmDriver ( break; } - Status = FfsFindSectionData ( + Status = FfsFindSection ( EFI_SECTION_GUID_DEFINED, FileHeader, - &SectionData, - &SectionDataSize + &Section ); if (EFI_ERROR (Status)) { break; } - Section = (EFI_COMMON_SECTION_HEADER *)(FileHeader + 1); - Status = ExtractGuidedSectionGetInfo ( - Section, - &DstBufferSize, - &ScratchBufferSize, - &SectionAttribute - ); + Status = ExtractGuidedSectionGetInfo ( + Section, + &DstBufferSize, + &ScratchBufferSize, + &SectionAttribute + ); if (EFI_ERROR (Status)) { break; } @@ -194,8 +190,13 @@ MmCoreFfsFindMmDriver ( goto FreeDstBuffer; } - InnerFvHeader = (VOID *)(Section + 1); - Status = MmCoreFfsFindMmDriver (InnerFvHeader, Depth + 1); + if (IS_SECTION2 (Section)) { + InnerFvHeader = (VOID *)((EFI_COMMON_SECTION_HEADER2 *)Section + 1); + } else { + InnerFvHeader = (VOID *)(Section + 1); + } + + Status = MmCoreFfsFindMmDriver (InnerFvHeader, Depth + 1); if (EFI_ERROR (Status)) { goto FreeDstBuffer; } -- 2.29.2.windows.2 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#110739): https://edk2.groups.io/g/devel/message/110739 Mute This Topic: https://groups.io/mt/102416001/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=-=-=-=-=-=-=-=-=-=-=-