From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-pj1-f43.google.com (mail-pj1-f43.google.com [209.85.216.43]) by mx.groups.io with SMTP id smtpd.web08.56058.1638816413626894671 for ; Mon, 06 Dec 2021 10:46:53 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20210112 header.b=B49gy7Fx; spf=pass (domain: gmail.com, ip: 209.85.216.43, mailfrom: kuqin12@gmail.com) Received: by mail-pj1-f43.google.com with SMTP id n15-20020a17090a160f00b001a75089daa3so21467pja.1 for ; Mon, 06 Dec 2021 10:46:53 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=message-id:date:mime-version:user-agent:subject:content-language:to :cc:references:from:in-reply-to:content-transfer-encoding; bh=CiF/aWM76QvXDw4g6dQV0xS4sIqDfrBBQLbsn2HTUiA=; b=B49gy7FxYNWp4GY00SBIG/oog7yMddV38zUBT8TKxPKeJqWWGfTdPN+JRFwLxZUoaA xDVrXA6rCUcoIO534TP8MdrXLuV4Z7VqJM2Nk+4DqWq6HTi0v3Fi0fOq9z+Ryp7a6xhX bVgzwuNKQ7gegmnsTDJn6cFm9PzNJ3ezbm0Ch9DYCGlQ2d3WibWKmI/1LdmhgkYt0at5 XxLCRfYFaZA7yMwENy1dTZA/auewvQgLlfHUufIUF1NRaolPyzy6was1dHK6qU+Y16Ot IOSUfUWT4n8f7NH+Ln4s7k2zamfUUjJK81HKV0pTib01VAVyav5Ng3pk15sBM4zqv9zJ B6Rw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:message-id:date:mime-version:user-agent:subject :content-language:to:cc:references:from:in-reply-to :content-transfer-encoding; bh=CiF/aWM76QvXDw4g6dQV0xS4sIqDfrBBQLbsn2HTUiA=; b=GYg2ixVyF5wYDNpVEh+pS2PupFVZy8f8gTzUF75Hv2MTSgS7IlhrcoYtpZj+iCsY4U DLY8NSz2j7qkwd3MWDOA8vzfiiolRGoXxRvJu9l39i3aURFCaYcbjVcPAVRZ483Fbhbn qQRss9PPn7gAAu0c3QGJQlFdAN6cm7/98IYPOkjbyAzINBVoTejm0Bor7Ho1ngKYJHwp sXxpO6XFOmnCFZwouzdNL6ANbvPwMASv0a1QiJh4UkcAKNf7bBhox0F5phbbM1ROaYDa Y5b+XzPplRYjxDuvcTjcNe7BL0+r4JJuH4RZSidb8UyxIvOuyeAyr/mvOzZUkL7woA/L PNcQ== X-Gm-Message-State: AOAM530EB7GhrKxe0pJKmySyco+oXq/orenrneIpkF72PbmaG7knTUgU 7feJ3uTtweFubVTJV10NFq4= X-Google-Smtp-Source: ABdhPJyMRehLlW1ISYaiJkRpGsyfoP8HDsIQt+XTlC9xD5W6sgfTW1KzT+TLu9GyT9XEGng+WykzIQ== X-Received: by 2002:a17:902:be06:b0:142:5a21:9e8a with SMTP id r6-20020a170902be0600b001425a219e8amr45321935pls.17.1638816413223; Mon, 06 Dec 2021 10:46:53 -0800 (PST) Return-Path: Received: from [192.168.1.18] ([50.35.70.63]) by smtp.gmail.com with ESMTPSA id f3sm12944628pfg.167.2021.12.06.10.46.52 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 06 Dec 2021 10:46:52 -0800 (PST) Message-ID: Date: Mon, 6 Dec 2021 10:46:53 -0800 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Thunderbird/91.3.2 Subject: Re: [edk2-devel] [PATCH v1 0/2] MM communicate functionality in variable policy To: Ard Biesheuvel Cc: edk2-devel-groups-io , Jian J Wang , Liming Gao , Hao A Wu , Leif Lindholm , Ard Biesheuvel , Bret Barkelew , Michael Kubacki References: <16BC2C06E438B403.26361@groups.io> <6fcb7f10-c113-1c9d-2b4d-264b81ed6ad1@gmail.com> From: "Kun Qin" In-Reply-To: Content-Language: en-US Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Thanks for the information, Ard. I just meant to plan ahead so that I can work on the feedback for these patches, if any. I can ping back the thread again once the stable tag is created. Regards, Kun On 12/06/2021 10:41, Ard Biesheuvel wrote: > On Mon, 6 Dec 2021 at 19:35, Kun Qin wrote: >> >> Hi ArmPkg and MdeModulePkg maintainers, >> >> It has been a week since the patches were sent. Could you please review >> the changes and let me know if there is any feedback? Any input is >> appreciated. >> > > As far as I know, we are still in hard freeze for the upcoming stable tag. > >> >> On 11/29/2021 16:39, Kun Qin via groups.io wrote: >>> REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3709 >>> REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3751 >>> >>> Currently, setups with variable policy operations used together with MM >>> communicate from ArmPkg could fail with `EFI_INVALID_PARAMETER`. This was >>> due to the errors from 2 following aspects: >>> >>> 1. For variable policy implementations in MdeModulePkg, the DXE runtime >>> agent would communicate to MM to disable, register or query policies. >>> However, during these operations, the MessageLength calculation is >>> including MM communicate header. This could lead to MM agent read data >>> across the given buffer boundary and/or trigger other errors. >>> >>> 2. On the other hand, current MM communicate routine from ArmPkg would >>> fail the function if the input message length does not equal to input >>> buffer size. >>> >>> As defined in PI specification, the `CommSize`, when as input, should >>> stand for "The size of the data buffer being passed in", which would mean >>> the maximal number of bytes `CommBuffer` can hold. In turn, the value of >>> this input parameter can be used for MM handlers to determine whether the >>> output data is too large to fit in this buffer. Enforcing the incoming >>> buffer to hold exactly the number of used bytes mismatches with the PI >>> spec description. >>> >>> This change fix MessageLength field calculation from variable policy and >>> updated input argument inspections from MM communicate routine in ArmPkg >>> to match PI spec descriptions. >>> >>> Patch v1 branch: https://github.com/kuqin12/edk2/tree/mm_communicate_check >>> >>> Cc: Jian J Wang >>> Cc: Liming Gao >>> Cc: Hao A Wu >>> Cc: Leif Lindholm >>> Cc: Ard Biesheuvel >>> Cc: Bret Barkelew >>> Cc: Michael Kubacki >>> >>> Kun Qin (2): >>> MdeModulePkg: VariableSmmRuntimeDxe: Fix Variable Policy Message >>> Length >>> ArmPkg: MmCommunicationDxe: Update MM communicate input arguments >>> checks >>> >>> ArmPkg/Drivers/MmCommunicationDxe/MmCommunication.c | 44 ++++++++++++-------- >>> MdeModulePkg/Universal/Variable/RuntimeDxe/VariablePolicySmmDxe.c | 10 ++--- >>> 2 files changed, 32 insertions(+), 22 deletions(-) >>>