Use SmmMemLib to check communication buffer.
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: "Yao, Jiewen" <jiewen.yao@intel.com> Reviewed-by: "Gao, Liming" <liming.gao@intel.com> Reviewed-by: "Fan, Jeff" <jeff.fan@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16694 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
@@ -1,7 +1,7 @@
|
||||
/** @file
|
||||
Support routines for memory allocation routines based on SMM Core internal functions.
|
||||
|
||||
Copyright (c) 2006 - 2014, Intel Corporation. All rights reserved.<BR>
|
||||
Copyright (c) 2006 - 2015, Intel Corporation. All rights reserved.<BR>
|
||||
This program and the accompanying materials
|
||||
are licensed and made available under the terms and conditions of the BSD License
|
||||
which accompanies this distribution. The full text of the license may be found at
|
||||
@@ -936,3 +936,28 @@ FreePool (
|
||||
ASSERT_EFI_ERROR (Status);
|
||||
}
|
||||
|
||||
/**
|
||||
The constructor function calls SmmInitializeMemoryServices to initialize memory in SMRAM.
|
||||
|
||||
@param ImageHandle The firmware allocated handle for the EFI image.
|
||||
@param SystemTable A pointer to the EFI System Table.
|
||||
|
||||
@retval EFI_SUCCESS The constructor always returns EFI_SUCCESS.
|
||||
|
||||
**/
|
||||
EFI_STATUS
|
||||
EFIAPI
|
||||
PiSmmCoreMemoryAllocationLibConstructor (
|
||||
IN EFI_HANDLE ImageHandle,
|
||||
IN EFI_SYSTEM_TABLE *SystemTable
|
||||
)
|
||||
{
|
||||
SMM_CORE_PRIVATE_DATA *SmmCorePrivate;
|
||||
|
||||
SmmCorePrivate = (SMM_CORE_PRIVATE_DATA *)ImageHandle;
|
||||
//
|
||||
// Initialize memory service using free SMRAM
|
||||
//
|
||||
SmmInitializeMemoryServices (SmmCorePrivate->SmramRangeCount, SmmCorePrivate->SmramRanges);
|
||||
return EFI_SUCCESS;
|
||||
}
|
||||
|
@@ -4,7 +4,7 @@
|
||||
# for memory allocation instead of using SMM System Table servces in an indirect way.
|
||||
# It is assumed that this library instance must be linked with SMM Cre in this package.
|
||||
#
|
||||
# Copyright (c) 2010 - 2014, Intel Corporation. All rights reserved.<BR>
|
||||
# Copyright (c) 2010 - 2015, Intel Corporation. All rights reserved.<BR>
|
||||
#
|
||||
# This program and the accompanying materials
|
||||
# are licensed and made available under the terms and conditions of the BSD License
|
||||
@@ -24,7 +24,8 @@
|
||||
VERSION_STRING = 1.0
|
||||
PI_SPECIFICATION_VERSION = 0x0001000A
|
||||
LIBRARY_CLASS = MemoryAllocationLib|SMM_CORE
|
||||
|
||||
CONSTRUCTOR = PiSmmCoreMemoryAllocationLibConstructor
|
||||
|
||||
#
|
||||
# The following information is for reference only and not required by the build tools.
|
||||
#
|
||||
|
@@ -4,7 +4,7 @@
|
||||
This header file borrows the PiSmmCore Memory Allocation services as the primitive
|
||||
for memory allocation.
|
||||
|
||||
Copyright (c) 2008 - 2010, Intel Corporation. All rights reserved.<BR>
|
||||
Copyright (c) 2008 - 2015, Intel Corporation. All rights reserved.<BR>
|
||||
This program and the accompanying materials
|
||||
are licensed and made available under the terms and conditions of the BSD License
|
||||
which accompanies this distribution. The full text of the license may be found at
|
||||
@@ -18,6 +18,39 @@
|
||||
#ifndef _PI_SMM_CORE_MEMORY_ALLOCATION_SERVICES_H_
|
||||
#define _PI_SMM_CORE_MEMORY_ALLOCATION_SERVICES_H_
|
||||
|
||||
typedef struct {
|
||||
UINTN Signature;
|
||||
///
|
||||
/// The ImageHandle passed into the entry point of the SMM IPL. This ImageHandle
|
||||
/// is used by the SMM Core to fill in the ParentImageHandle field of the Loaded
|
||||
/// Image Protocol for each SMM Driver that is dispatched by the SMM Core.
|
||||
///
|
||||
EFI_HANDLE SmmIplImageHandle;
|
||||
///
|
||||
/// The number of SMRAM ranges passed from the SMM IPL to the SMM Core. The SMM
|
||||
/// Core uses these ranges of SMRAM to initialize the SMM Core memory manager.
|
||||
///
|
||||
UINTN SmramRangeCount;
|
||||
///
|
||||
/// A table of SMRAM ranges passed from the SMM IPL to the SMM Core. The SMM
|
||||
/// Core uses these ranges of SMRAM to initialize the SMM Core memory manager.
|
||||
///
|
||||
EFI_SMRAM_DESCRIPTOR *SmramRanges;
|
||||
} SMM_CORE_PRIVATE_DATA;
|
||||
|
||||
/**
|
||||
Called to initialize the memory service.
|
||||
|
||||
@param SmramRangeCount Number of SMRAM Regions
|
||||
@param SmramRanges Pointer to SMRAM Descriptors
|
||||
|
||||
**/
|
||||
VOID
|
||||
SmmInitializeMemoryServices (
|
||||
IN UINTN SmramRangeCount,
|
||||
IN EFI_SMRAM_DESCRIPTOR *SmramRanges
|
||||
);
|
||||
|
||||
/**
|
||||
Allocates pages from the memory map.
|
||||
|
||||
|
@@ -16,7 +16,7 @@
|
||||
|
||||
SmmPerformanceHandlerEx(), SmmPerformanceHandler() will receive untrusted input and do basic validation.
|
||||
|
||||
Copyright (c) 2011 - 2013, Intel Corporation. All rights reserved.<BR>
|
||||
Copyright (c) 2011 - 2015, Intel Corporation. All rights reserved.<BR>
|
||||
This program and the accompanying materials
|
||||
are licensed and made available under the terms and conditions of the BSD License
|
||||
which accompanies this distribution. The full text of the license may be found at
|
||||
@@ -51,9 +51,6 @@ BOOLEAN mPerformanceMeasurementEnabled;
|
||||
|
||||
SPIN_LOCK mSmmPerfLock;
|
||||
|
||||
EFI_SMRAM_DESCRIPTOR *mSmramRanges;
|
||||
UINTN mSmramRangeCount;
|
||||
|
||||
//
|
||||
// Interfaces for SMM Performance Protocol.
|
||||
//
|
||||
@@ -450,60 +447,6 @@ GetGauge (
|
||||
return EFI_SUCCESS;
|
||||
}
|
||||
|
||||
/**
|
||||
This function check if the address is in SMRAM.
|
||||
|
||||
@param Buffer the buffer address to be checked.
|
||||
@param Length the buffer length to be checked.
|
||||
|
||||
@retval TRUE this address is in SMRAM.
|
||||
@retval FALSE this address is NOT in SMRAM.
|
||||
**/
|
||||
BOOLEAN
|
||||
IsAddressInSmram (
|
||||
IN EFI_PHYSICAL_ADDRESS Buffer,
|
||||
IN UINT64 Length
|
||||
)
|
||||
{
|
||||
UINTN Index;
|
||||
|
||||
for (Index = 0; Index < mSmramRangeCount; Index ++) {
|
||||
if (((Buffer >= mSmramRanges[Index].CpuStart) && (Buffer < mSmramRanges[Index].CpuStart + mSmramRanges[Index].PhysicalSize)) ||
|
||||
((mSmramRanges[Index].CpuStart >= Buffer) && (mSmramRanges[Index].CpuStart < Buffer + Length))) {
|
||||
return TRUE;
|
||||
}
|
||||
}
|
||||
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
/**
|
||||
This function check if the address refered by Buffer and Length is valid.
|
||||
|
||||
@param Buffer the buffer address to be checked.
|
||||
@param Length the buffer length to be checked.
|
||||
|
||||
@retval TRUE this address is valid.
|
||||
@retval FALSE this address is NOT valid.
|
||||
**/
|
||||
BOOLEAN
|
||||
IsAddressValid (
|
||||
IN UINTN Buffer,
|
||||
IN UINTN Length
|
||||
)
|
||||
{
|
||||
if (Buffer > (MAX_ADDRESS - Length)) {
|
||||
//
|
||||
// Overflow happen
|
||||
//
|
||||
return FALSE;
|
||||
}
|
||||
if (IsAddressInSmram ((EFI_PHYSICAL_ADDRESS)Buffer, (UINT64)Length)) {
|
||||
return FALSE;
|
||||
}
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
/**
|
||||
Communication service SMI Handler entry.
|
||||
|
||||
@@ -560,7 +503,7 @@ SmmPerformanceHandlerEx (
|
||||
return EFI_SUCCESS;
|
||||
}
|
||||
|
||||
if (!IsAddressValid ((UINTN)CommBuffer, TempCommBufferSize)) {
|
||||
if (!SmmIsBufferOutsideSmmValid ((UINTN)CommBuffer, TempCommBufferSize)) {
|
||||
DEBUG ((EFI_D_ERROR, "SmmPerformanceHandlerEx: SMM communcation data buffer in SMRAM or overflow!\n"));
|
||||
return EFI_SUCCESS;
|
||||
}
|
||||
@@ -587,7 +530,7 @@ SmmPerformanceHandlerEx (
|
||||
// Sanity check
|
||||
//
|
||||
DataSize = NumberOfEntries * sizeof(GAUGE_DATA_ENTRY_EX);
|
||||
if (!IsAddressValid ((UINTN)GaugeDataEx, DataSize)) {
|
||||
if (!SmmIsBufferOutsideSmmValid ((UINTN)GaugeDataEx, DataSize)) {
|
||||
DEBUG ((EFI_D_ERROR, "SmmPerformanceHandlerEx: SMM Performance Data buffer in SMRAM or overflow!\n"));
|
||||
Status = EFI_ACCESS_DENIED;
|
||||
break;
|
||||
@@ -669,7 +612,7 @@ SmmPerformanceHandler (
|
||||
return EFI_SUCCESS;
|
||||
}
|
||||
|
||||
if (!IsAddressValid ((UINTN)CommBuffer, TempCommBufferSize)) {
|
||||
if (!SmmIsBufferOutsideSmmValid ((UINTN)CommBuffer, TempCommBufferSize)) {
|
||||
DEBUG ((EFI_D_ERROR, "SmmPerformanceHandler: SMM communcation data buffer in SMRAM or overflow!\n"));
|
||||
return EFI_SUCCESS;
|
||||
}
|
||||
@@ -696,7 +639,7 @@ SmmPerformanceHandler (
|
||||
// Sanity check
|
||||
//
|
||||
DataSize = NumberOfEntries * sizeof(GAUGE_DATA_ENTRY);
|
||||
if (!IsAddressValid ((UINTN)GaugeData, DataSize)) {
|
||||
if (!SmmIsBufferOutsideSmmValid ((UINTN)GaugeData, DataSize)) {
|
||||
DEBUG ((EFI_D_ERROR, "SmmPerformanceHandler: SMM Performance Data buffer in SMRAM or overflow!\n"));
|
||||
Status = EFI_ACCESS_DENIED;
|
||||
break;
|
||||
@@ -741,9 +684,6 @@ InitializeSmmCorePerformanceLib (
|
||||
{
|
||||
EFI_STATUS Status;
|
||||
EFI_HANDLE Handle;
|
||||
EFI_SMM_ACCESS2_PROTOCOL *SmmAccess;
|
||||
UINTN Size;
|
||||
|
||||
|
||||
//
|
||||
// Initialize spin lock
|
||||
@@ -755,28 +695,6 @@ InitializeSmmCorePerformanceLib (
|
||||
mGaugeData = AllocateZeroPool (sizeof (GAUGE_DATA_HEADER) + (sizeof (GAUGE_DATA_ENTRY_EX) * mMaxGaugeRecords));
|
||||
ASSERT (mGaugeData != NULL);
|
||||
|
||||
//
|
||||
// Get SMRAM information
|
||||
//
|
||||
Status = gBS->LocateProtocol (&gEfiSmmAccess2ProtocolGuid, NULL, (VOID **)&SmmAccess);
|
||||
ASSERT_EFI_ERROR (Status);
|
||||
|
||||
Size = 0;
|
||||
Status = SmmAccess->GetCapabilities (SmmAccess, &Size, NULL);
|
||||
ASSERT (Status == EFI_BUFFER_TOO_SMALL);
|
||||
|
||||
Status = gSmst->SmmAllocatePool (
|
||||
EfiRuntimeServicesData,
|
||||
Size,
|
||||
(VOID **)&mSmramRanges
|
||||
);
|
||||
ASSERT_EFI_ERROR (Status);
|
||||
|
||||
Status = SmmAccess->GetCapabilities (SmmAccess, &Size, mSmramRanges);
|
||||
ASSERT_EFI_ERROR (Status);
|
||||
|
||||
mSmramRangeCount = Size / sizeof (EFI_SMRAM_DESCRIPTOR);
|
||||
|
||||
//
|
||||
// Install the protocol interfaces.
|
||||
//
|
||||
|
@@ -8,7 +8,7 @@
|
||||
# This library is mainly used by SMM Core to start performance logging to ensure that
|
||||
# SMM Performance and PerformanceEx Protocol are installed at the very beginning of SMM phase.
|
||||
#
|
||||
# Copyright (c) 2011 - 2014, Intel Corporation. All rights reserved.<BR>
|
||||
# Copyright (c) 2011 - 2015, Intel Corporation. All rights reserved.<BR>
|
||||
# This program and the accompanying materials
|
||||
# are licensed and made available under the terms and conditions of the BSD License
|
||||
# which accompanies this distribution. The full text of the license may be found at
|
||||
@@ -56,6 +56,7 @@
|
||||
DebugLib
|
||||
SynchronizationLib
|
||||
SmmServicesTableLib
|
||||
SmmMemLib
|
||||
|
||||
[Protocols]
|
||||
gEfiSmmBase2ProtocolGuid ## CONSUMES
|
||||
|
@@ -4,7 +4,7 @@
|
||||
This header file holds the prototypes of the SMM Performance and PerformanceEx Protocol published by this
|
||||
library instance at its constructor.
|
||||
|
||||
Copyright (c) 2011 - 2012, Intel Corporation. All rights reserved.<BR>
|
||||
Copyright (c) 2011 - 2015, Intel Corporation. All rights reserved.<BR>
|
||||
This program and the accompanying materials
|
||||
are licensed and made available under the terms and conditions of the BSD License
|
||||
which accompanies this distribution. The full text of the license may be found at
|
||||
@@ -32,6 +32,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
|
||||
#include <Library/UefiBootServicesTableLib.h>
|
||||
#include <Library/MemoryAllocationLib.h>
|
||||
#include <Library/SynchronizationLib.h>
|
||||
#include <Library/SmmMemLib.h>
|
||||
|
||||
#include <Protocol/SmmBase2.h>
|
||||
#include <Protocol/SmmAccess2.h>
|
||||
|
Reference in New Issue
Block a user