From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-pj1-f44.google.com (mail-pj1-f44.google.com [209.85.216.44]) by mx.groups.io with SMTP id smtpd.web11.14934.1639419823807894373 for ; Mon, 13 Dec 2021 10:23:43 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20210112 header.b=KQ0s1k5W; spf=pass (domain: gmail.com, ip: 209.85.216.44, mailfrom: kuqin12@gmail.com) Received: by mail-pj1-f44.google.com with SMTP id gx15-20020a17090b124f00b001a695f3734aso14089495pjb.0 for ; Mon, 13 Dec 2021 10:23:43 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=message-id:date:mime-version:user-agent:subject:content-language:to :cc:references:from:in-reply-to:content-transfer-encoding; bh=5RJX0jr8s2W6b3wbYvG+JoQcQA19hx4mk2i/cMW4BeQ=; b=KQ0s1k5Ww2XMpWcXj6x8Gb4ZOCwDoF+76JQOnW1eb12mJjqLvO/XaQCbdbLbjDnwag FaSjPdKeMqu5A+TVI7PJ9YT1ZVcsrOqiRm8CT8yNJEHmBJ8VXF9YkgZm3MJG+s2We5q5 uks++67XokQBWASX/ugYXUoq7ddimqj+Ma2ECO7PQVD5bhSdT9u2c834H3M/WswMR5HK KJh2uE5b0c0b7qbt7h1SOEbUBi5IiuCBhec4MZrybClEkekmSIWNLYxvw419RfPQCCME MtM77HLjT0YYENor+/t9hnM4DEJ+yyx0zXOJARSN72qAXXB4w8YG3R2DKjcqTrPOBK22 /Qgw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:message-id:date:mime-version:user-agent:subject :content-language:to:cc:references:from:in-reply-to :content-transfer-encoding; bh=5RJX0jr8s2W6b3wbYvG+JoQcQA19hx4mk2i/cMW4BeQ=; b=3MOLtHk2W5Dat4o4sD0CweaEZx7PYHoR2q/vjVkU6I+hVWbkwdvf5ZlGpXZ51Nl5X4 silWCohI/5X3mdkio73opyvXVY90bYP65MVHw4acu3akZCVENHm0D2Zmssqa8fX0nB47 X6/9vpUrKtypbg6EfCMVF6QCxix8HZ3x4bbQOvnAsgMzXjZUl4Esr9QDN6DgdlNgbWUe wpzWvQdHy8xBqFWB4BSLqDLypBKpbvZOCFfE73EH5L/elCllXiRaVdJMW+blUgfI6NHt BtoGxaKBgAT7SeSTiH2BesdFGP2esk7BDY7mOAs6gm6XpZPRAz3aFv9ja64VgeLVrKIa nkuw== X-Gm-Message-State: AOAM532/hVGX57ITBcii0MsTBjkiBiE2a0kucot78HWW2LIQWqdJudw5 4xfN+W1HZJKn9JjvDOoudQI= X-Google-Smtp-Source: ABdhPJxChWQmi/yy/weB52HA3meXcX6fk8tprSdpIIFNww0KPR/FC0aKCmOZlgA7uZ5NfEfYXYTIuQ== X-Received: by 2002:a17:902:db01:b0:141:ea12:2176 with SMTP id m1-20020a170902db0100b00141ea122176mr348764plx.44.1639419823376; Mon, 13 Dec 2021 10:23:43 -0800 (PST) Return-Path: Received: from [192.168.1.18] ([50.35.70.63]) by smtp.gmail.com with ESMTPSA id y128sm12433279pfb.181.2021.12.13.10.23.42 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 13 Dec 2021 10:23:42 -0800 (PST) Message-ID: Date: Mon, 13 Dec 2021 10:23:42 -0800 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Thunderbird/91.4.0 Subject: Re: [edk2-devel] [PATCH v1 0/2] MM communicate functionality in variable policy To: Ard Biesheuvel Cc: edk2-devel-groups-io , Jian J Wang , Liming Gao , Hao A Wu , Leif Lindholm , Ard Biesheuvel , Bret Barkelew , Michael Kubacki References: <16BC2C06E438B403.26361@groups.io> <6fcb7f10-c113-1c9d-2b4d-264b81ed6ad1@gmail.com> From: "Kun Qin" In-Reply-To: Content-Language: en-US Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Hi ArmPkg and MdeModulePkg maintainers, Now that the hard freeze is lifted, could you please provide some feedback on these patches when you have a chance? Thanks in advance. Regards, Kun On 12/06/2021 10:41, Ard Biesheuvel wrote: > On Mon, 6 Dec 2021 at 19:35, Kun Qin wrote: >> >> Hi ArmPkg and MdeModulePkg maintainers, >> >> It has been a week since the patches were sent. Could you please review >> the changes and let me know if there is any feedback? Any input is >> appreciated. >> > > As far as I know, we are still in hard freeze for the upcoming stable tag. > >> >> On 11/29/2021 16:39, Kun Qin via groups.io wrote: >>> REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3709 >>> REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3751 >>> >>> Currently, setups with variable policy operations used together with MM >>> communicate from ArmPkg could fail with `EFI_INVALID_PARAMETER`. This was >>> due to the errors from 2 following aspects: >>> >>> 1. For variable policy implementations in MdeModulePkg, the DXE runtime >>> agent would communicate to MM to disable, register or query policies. >>> However, during these operations, the MessageLength calculation is >>> including MM communicate header. This could lead to MM agent read data >>> across the given buffer boundary and/or trigger other errors. >>> >>> 2. On the other hand, current MM communicate routine from ArmPkg would >>> fail the function if the input message length does not equal to input >>> buffer size. >>> >>> As defined in PI specification, the `CommSize`, when as input, should >>> stand for "The size of the data buffer being passed in", which would mean >>> the maximal number of bytes `CommBuffer` can hold. In turn, the value of >>> this input parameter can be used for MM handlers to determine whether the >>> output data is too large to fit in this buffer. Enforcing the incoming >>> buffer to hold exactly the number of used bytes mismatches with the PI >>> spec description. >>> >>> This change fix MessageLength field calculation from variable policy and >>> updated input argument inspections from MM communicate routine in ArmPkg >>> to match PI spec descriptions. >>> >>> Patch v1 branch: https://github.com/kuqin12/edk2/tree/mm_communicate_check >>> >>> Cc: Jian J Wang >>> Cc: Liming Gao >>> Cc: Hao A Wu >>> Cc: Leif Lindholm >>> Cc: Ard Biesheuvel >>> Cc: Bret Barkelew >>> Cc: Michael Kubacki >>> >>> Kun Qin (2): >>> MdeModulePkg: VariableSmmRuntimeDxe: Fix Variable Policy Message >>> Length >>> ArmPkg: MmCommunicationDxe: Update MM communicate input arguments >>> checks >>> >>> ArmPkg/Drivers/MmCommunicationDxe/MmCommunication.c | 44 ++++++++++++-------- >>> MdeModulePkg/Universal/Variable/RuntimeDxe/VariablePolicySmmDxe.c | 10 ++--- >>> 2 files changed, 32 insertions(+), 22 deletions(-) >>>