From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from hqnvemgate24.nvidia.com (hqnvemgate24.nvidia.com [216.228.121.143]) by mx.groups.io with SMTP id smtpd.web10.10577.1601342006478200930 for ; Mon, 28 Sep 2020 18:13:26 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@nvidia.com header.s=n1 header.b=hzEwRP8w; spf=permerror, err=parse error for token &{10 18 %{i}._ip.%{h}._ehlo.%{d}._spf.vali.email}: invalid domain name (domain: nvidia.com, ip: 216.228.121.143, mailfrom: jbobek@nvidia.com) Received: from hqmail.nvidia.com (Not Verified[216.228.121.13]) by hqnvemgate24.nvidia.com (using TLS: TLSv1.2, AES256-SHA) id ; Mon, 28 Sep 2020 18:11:45 -0700 Received: from titan.vdiclient.nvidia.com (10.124.1.5) by HQMAIL107.nvidia.com (172.20.187.13) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Tue, 29 Sep 2020 01:13:17 +0000 From: jbobek@nvidia.com To: CC: Harry Liebel , Olivier Martin , Liming Gao , Jeff Brasen , Ashish Singhal Subject: [PATCH 0/1] MdePkg/BaseLib: AArch64 SetJump/LongJump bugfix Date: Mon, 28 Sep 2020 19:12:57 -0600 Message-ID: X-Mailer: git-send-email 2.28.0 MIME-Version: 1.0 Return-Path: jbobek@nvidia.com X-Originating-IP: [10.124.1.5] X-ClientProxiedBy: HQMAIL111.nvidia.com (172.20.187.18) To HQMAIL107.nvidia.com (172.20.187.13) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nvidia.com; s=n1; t=1601341905; bh=/M/DDMD+n/zHlspXQfWhivwyPpdTJxrVDOJEKUBAt2Y=; h=From:To:CC:Subject:Date:Message-ID:X-Mailer:MIME-Version: Content-Transfer-Encoding:Content-Type:X-Originating-IP: X-ClientProxiedBy; b=hzEwRP8wlMtGwYkIoIeJ75JiB+4YR+8S9Smj6qTn53U2VdAYdD2J94hPint26COjP yMGBt6qV/Kz3qpuh6X2HTmd31YKMPWJyff55PCJme34mWDovURAQ/0EXGSnQys6PGn hTTeWGvNmDmF5wqar/F7/ICc31BWsytcueYqehfqOUf6RNPsGSPe2NxA8KV43ct+96 U3lLv/ZGCpyqZ4vhDGY/y4znOKPqL+Mv3BQvW1/7Zh7zr39bT1Kats84mcxl3n1pJy wkvwj1aI6iZdKd1aiZv4eYnHDz8c6FIk3//ZsaFf/nu58rXMqxC949vEtdemE2Qpop 5XVBVo6J5wZjQ== Content-Transfer-Encoding: quoted-printable Content-Type: text/plain Hi all, I have recently discovered a bug in the BaseLib's implementation of SetJump and LongJump; the offsets listed in the assembly files are 8 bytes off, causing the functions to read/write 8 bytes past the end of the jump buffer. More details can be found in the commit message. I must admit I am a bit surprised this has not bee caught before, especially since the original implementation dates some 7 years back; if there is something obvious that I am missing, please let me know. Also, I am cc'ing all the people who signed off or reviewed the original commit. Note that this is my first contribution to EDK-II; I have tried to follow the guidelines as closely as possible, but if there is still something wrong with formatting etc., let me know and I shall submit a v2 with the issues fixed. That being said, I did run PatchCheck.py and it reported no errors. Cheers! -Jan Bobek Jan Bobek (1): MdePkg/BaseLib: Fix invalid memory access in AArch64 SetJump/LongJump MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.S | 8 ++++---- MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.asm | 8 ++++---- 2 files changed, 8 insertions(+), 8 deletions(-) --=20 2.28.0