Use SmmMemLib to check communication buffer.
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: "Yao, Jiewen" <jiewen.yao@intel.com> Reviewed-by: "Gao, Liming" <liming.gao@intel.com> Reviewed-by: "Fan, Jeff" <jeff.fan@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16694 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
@@ -85,11 +85,6 @@ SMM_CORE_SMI_HANDLERS mSmmCoreSmiHandlers[] = {
|
||||
UINTN mFullSmramRangeCount;
|
||||
EFI_SMRAM_DESCRIPTOR *mFullSmramRanges;
|
||||
|
||||
//
|
||||
// Maximum support address used to check input CommunicationBuffer
|
||||
//
|
||||
UINTN mMaximumSupportAddress = 0;
|
||||
|
||||
/**
|
||||
Place holder function until all the SMM System Table Service are available.
|
||||
|
||||
@@ -279,76 +274,6 @@ SmmEndOfDxeHandler (
|
||||
return Status;
|
||||
}
|
||||
|
||||
/**
|
||||
Caculate and save the maximum support address.
|
||||
|
||||
**/
|
||||
VOID
|
||||
CaculateMaximumSupportAddress (
|
||||
VOID
|
||||
)
|
||||
{
|
||||
VOID *Hob;
|
||||
UINT32 RegEax;
|
||||
UINT8 PhysicalAddressBits;
|
||||
|
||||
//
|
||||
// Get physical address bits supported.
|
||||
//
|
||||
Hob = GetFirstHob (EFI_HOB_TYPE_CPU);
|
||||
if (Hob != NULL) {
|
||||
PhysicalAddressBits = ((EFI_HOB_CPU *) Hob)->SizeOfMemorySpace;
|
||||
} else {
|
||||
AsmCpuid (0x80000000, &RegEax, NULL, NULL, NULL);
|
||||
if (RegEax >= 0x80000008) {
|
||||
AsmCpuid (0x80000008, &RegEax, NULL, NULL, NULL);
|
||||
PhysicalAddressBits = (UINT8) RegEax;
|
||||
} else {
|
||||
PhysicalAddressBits = 36;
|
||||
}
|
||||
}
|
||||
//
|
||||
// IA-32e paging translates 48-bit linear addresses to 52-bit physical addresses.
|
||||
//
|
||||
ASSERT (PhysicalAddressBits <= 52);
|
||||
if (PhysicalAddressBits > 48) {
|
||||
PhysicalAddressBits = 48;
|
||||
}
|
||||
|
||||
//
|
||||
// Save the maximum support address in one global variable
|
||||
//
|
||||
mMaximumSupportAddress = (UINTN) (LShiftU64 (1, PhysicalAddressBits) - 1);
|
||||
DEBUG ((EFI_D_INFO, "mMaximumSupportAddress = 0x%lx\n", mMaximumSupportAddress));
|
||||
}
|
||||
|
||||
/**
|
||||
Check if input buffer is in valid address scope or not.
|
||||
|
||||
@param[in] Pointer Pointer to the input buffer.
|
||||
@param[in] BufferSize Input buffer size in bytes.
|
||||
|
||||
@retval TRUE The input buffer is in valid address scope.
|
||||
@retval FALSE The input buffer is not in valid address scope.
|
||||
|
||||
**/
|
||||
BOOLEAN
|
||||
IsValidPointer (
|
||||
IN VOID *Pointer,
|
||||
IN UINTN BufferSize
|
||||
)
|
||||
{
|
||||
if ((UINTN) Pointer > mMaximumSupportAddress) {
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
if (BufferSize > (mMaximumSupportAddress - (UINTN) Pointer)) {
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
/**
|
||||
The main entry point to SMM Foundation.
|
||||
|
||||
@@ -398,7 +323,7 @@ SmmEntryPoint (
|
||||
//
|
||||
// Synchronous SMI for SMM Core or request from Communicate protocol
|
||||
//
|
||||
if (!IsValidPointer (gSmmCorePrivate->CommunicationBuffer, gSmmCorePrivate->BufferSize)) {
|
||||
if (!SmmIsBufferOutsideSmmValid ((UINTN)gSmmCorePrivate->CommunicationBuffer, gSmmCorePrivate->BufferSize)) {
|
||||
//
|
||||
// If CommunicationBuffer is not in valid address scope, return EFI_INVALID_PARAMETER
|
||||
//
|
||||
@@ -484,9 +409,10 @@ SmmMain (
|
||||
gSmmCorePrivate->SmmEntryPoint = SmmEntryPoint;
|
||||
|
||||
//
|
||||
// Initialize memory service using free SMRAM
|
||||
// No need to initialize memory service.
|
||||
// It is done in constructor of PiSmmCoreMemoryAllocationLib(),
|
||||
// so that the library linked with PiSmmCore can use AllocatePool() in constuctor.
|
||||
//
|
||||
SmmInitializeMemoryServices (gSmmCorePrivate->SmramRangeCount, gSmmCorePrivate->SmramRanges);
|
||||
|
||||
SmramProfileInit ();
|
||||
|
||||
@@ -512,10 +438,5 @@ SmmMain (
|
||||
|
||||
RegisterSmramProfileHandler ();
|
||||
|
||||
//
|
||||
// Caculate and save maximum support address used in SmmEntryPoint().
|
||||
//
|
||||
CaculateMaximumSupportAddress ();
|
||||
|
||||
return EFI_SUCCESS;
|
||||
}
|
||||
|
@@ -51,6 +51,7 @@
|
||||
#include <Library/PerformanceLib.h>
|
||||
#include <Library/TimerLib.h>
|
||||
#include <Library/HobLib.h>
|
||||
#include <Library/SmmMemLib.h>
|
||||
|
||||
#include "PiSmmCorePrivateData.h"
|
||||
|
||||
|
@@ -1,7 +1,7 @@
|
||||
## @file
|
||||
# This module provide an SMM CIS compliant implementation of SMM Core.
|
||||
#
|
||||
# Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
|
||||
# Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.<BR>
|
||||
#
|
||||
# This program and the accompanying materials
|
||||
# are licensed and made available under the terms and conditions of the BSD License
|
||||
@@ -60,6 +60,7 @@
|
||||
PerformanceLib
|
||||
TimerLib
|
||||
HobLib
|
||||
SmmMemLib
|
||||
|
||||
[Protocols]
|
||||
gEfiDxeSmmReadyToLockProtocolGuid ## UNDEFINED # SmiHandlerRegister
|
||||
|
@@ -1,7 +1,7 @@
|
||||
/** @file
|
||||
Support routines for SMRAM profile.
|
||||
|
||||
Copyright (c) 2014, Intel Corporation. All rights reserved.<BR>
|
||||
Copyright (c) 2014 - 2015, Intel Corporation. All rights reserved.<BR>
|
||||
This program and the accompanying materials
|
||||
are licensed and made available under the terms and conditions of the BSD License
|
||||
which accompanies this distribution. The full text of the license may be found at
|
||||
@@ -1175,61 +1175,6 @@ SmramProfileReadyToLock (
|
||||
|
||||
////////////////////
|
||||
|
||||
/**
|
||||
This function check if the address is in SMRAM.
|
||||
|
||||
@param Buffer the buffer address to be checked.
|
||||
@param Length the buffer length to be checked.
|
||||
|
||||
@retval TRUE this address is in SMRAM.
|
||||
@retval FALSE this address is NOT in SMRAM.
|
||||
|
||||
**/
|
||||
BOOLEAN
|
||||
InternalIsAddressInSmram (
|
||||
IN PHYSICAL_ADDRESS Buffer,
|
||||
IN UINT64 Length
|
||||
)
|
||||
{
|
||||
UINTN Index;
|
||||
|
||||
for (Index = 0; Index < mFullSmramRangeCount; Index ++) {
|
||||
if (((Buffer >= mFullSmramRanges[Index].CpuStart) && (Buffer < mFullSmramRanges[Index].CpuStart + mFullSmramRanges[Index].PhysicalSize)) ||
|
||||
((mFullSmramRanges[Index].CpuStart >= Buffer) && (mFullSmramRanges[Index].CpuStart < Buffer + Length))) {
|
||||
return TRUE;
|
||||
}
|
||||
}
|
||||
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
/**
|
||||
This function check if the address refered by Buffer and Length is valid.
|
||||
|
||||
@param Buffer the buffer address to be checked.
|
||||
@param Length the buffer length to be checked.
|
||||
|
||||
@retval TRUE this address is valid.
|
||||
@retval FALSE this address is NOT valid.
|
||||
**/
|
||||
BOOLEAN
|
||||
InternalIsAddressValid (
|
||||
IN UINTN Buffer,
|
||||
IN UINTN Length
|
||||
)
|
||||
{
|
||||
if (Buffer > (MAX_ADDRESS - Length)) {
|
||||
//
|
||||
// Overflow happen
|
||||
//
|
||||
return FALSE;
|
||||
}
|
||||
if (InternalIsAddressInSmram ((PHYSICAL_ADDRESS) Buffer, (UINT64)Length)) {
|
||||
return FALSE;
|
||||
}
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
/**
|
||||
Get SMRAM profile data size.
|
||||
|
||||
@@ -1485,7 +1430,7 @@ SmramProfileHandlerGetData (
|
||||
//
|
||||
// Sanity check
|
||||
//
|
||||
if (!InternalIsAddressValid ((UINTN) SmramProfileGetData.ProfileBuffer, (UINTN) ProfileSize)) {
|
||||
if (!SmmIsBufferOutsideSmmValid ((UINTN) SmramProfileGetData.ProfileBuffer, (UINTN) ProfileSize)) {
|
||||
DEBUG ((EFI_D_ERROR, "SmramProfileHandlerGetData: SMM ProfileBuffer in SMRAM or overflow!\n"));
|
||||
SmramProfileParameterGetData->ProfileSize = ProfileSize;
|
||||
SmramProfileParameterGetData->Header.ReturnStatus = (UINT64) (INT64) (INTN) EFI_ACCESS_DENIED;
|
||||
@@ -1610,7 +1555,7 @@ SmramProfileHandler (
|
||||
return EFI_SUCCESS;
|
||||
}
|
||||
|
||||
if (mSmramReadyToLock && !InternalIsAddressValid ((UINTN)CommBuffer, TempCommBufferSize)) {
|
||||
if (mSmramReadyToLock && !SmmIsBufferOutsideSmmValid ((UINTN)CommBuffer, TempCommBufferSize)) {
|
||||
DEBUG ((EFI_D_ERROR, "SmramProfileHandler: SMM communication buffer in SMRAM or overflow!\n"));
|
||||
return EFI_SUCCESS;
|
||||
}
|
||||
|
Reference in New Issue
Block a user