sravan/system76-edk2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

StandaloneMmPkg/Core: Limit FwVol encapsulation section recursion

Browse Source 
MmCoreFfsFindMmDriver() is called recursively for encapsulation sections.
Currently this recursion is not limited. Introduce a new PCD
(fixed-at-build, or patchable-in-module), and make MmCoreFfsFindMmDriver()
track the section nesting depth against that PCD.

Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Sami Mujawar <sami.mujawar@arm.com>
Cc: Ray Ni <ray.ni@intel.com>
Signed-off-by: Wei6 Xu <wei6.xu@intel.com>
Reviewed-by: Ray Ni <ray.ni@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
This commit is contained in:
Wei6 Xu
2023-10-30 10:20:48 +08:00
committed by mergify[bot]
parent 74daeded0c
commit c012284048
6 changed files with 49 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
StandaloneMmPkg/Core/FwVol.c
View File

@@ -48,6 +48,9 @@ FvIsBeingProcessed (
MM driver and return its PE32 image.
@param [in] FwVolHeader Pointer to memory mapped FV
@param [in] Depth Nesting depth of encapsulation sections. Callers
different from MmCoreFfsFindMmDriver() are
responsible for passing in a zero Depth.
@retval EFI_SUCCESS Success.
@retval EFI_INVALID_PARAMETER Invalid parameter.
@@ -55,11 +58,15 @@ FvIsBeingProcessed (
@retval EFI_OUT_OF_RESOURCES Out of resources.
@retval EFI_VOLUME_CORRUPTED Firmware volume is corrupted.
@retval EFI_UNSUPPORTED Operation not supported.
@retval EFI_ABORTED Recursion aborted because Depth has been
greater than or equal to
PcdFwVolMmMaxEncapsulationDepth.
**/
EFI_STATUS
MmCoreFfsFindMmDriver (
IN EFI_FIRMWARE_VOLUME_HEADER *FwVolHeader
IN EFI_FIRMWARE_VOLUME_HEADER *FwVolHeader,
IN UINT32 Depth
)
{
EFI_STATUS Status;
@@ -84,6 +91,11 @@ MmCoreFfsFindMmDriver (
DEBUG ((DEBUG_INFO, "MmCoreFfsFindMmDriver - 0x%x\n", FwVolHeader));
if (Depth >= PcdGet32 (PcdFwVolMmMaxEncapsulationDepth)) {
DEBUG ((DEBUG_ERROR, "%a: recursion aborted due to nesting depth\n", __func__));
return EFI_ABORTED;
}
if (FvHasBeenProcessed (FwVolHeader)) {
return EFI_SUCCESS;
}
@@ -172,7 +184,7 @@ MmCoreFfsFindMmDriver (
}
InnerFvHeader = (VOID *)(Section + 1);
Status = MmCoreFfsFindMmDriver (InnerFvHeader);
Status = MmCoreFfsFindMmDriver (InnerFvHeader, Depth + 1);
if (EFI_ERROR (Status)) {
goto FreeDstBuffer;
}