sravan/system76-edk2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
13,721 Commits 13 Branches 33 Tags
c1f9c34621fae9bec20c2b2fce134b9dba2b0ba1
Commit Graph

7 Commits

Author SHA1 Message Date
lzeng14
164a9b6752 Fix the TOCTOU issue of CommBufferSize itself for SMM communicate handler input. 
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14379 6f19259b-4bc3-4df7-8a09-765794883524
 2013-05-21 02:22:02 +00:00
lzeng14
5e5bb2a9ba 1. Fix TOCTOU issue in VariableSmm, FtwSmm, FpdtSmm, SmmCorePerformance SMM handler. For VariableSmm, pre-allocate a mVariableBufferPayload buffer with mVariableBufferPayloadSize(match with mVariableBufferPayloadSize in VariableSmmRuntimeDxe) to hold communicate buffer payload to avoid TOCTOU issue. 
2. Add check to ensure CommBufferPayloadSize not exceed mVariableBufferPayloadSize or is enough to hold function structure in VariableSmm and FtwSmm.
3. Align FtwGetLastWrite() in FaultTolerantWriteSmmDxe.c to FtwGetLastWrite() in FaultTolerantWrite.c.

Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14325 6f19259b-4bc3-4df7-8a09-765794883524
 2013-05-07 05:38:32 +00:00
lzeng14
9d00d20ed4 1. Use the check IsAddressValid() to prevent SMM communication buffer overflow in SmmVariable, FtwSmm, FpdtSmm, SmmCorePerformance and SmmBaseHelper, and add check to prevent InfoSize overflows in SmmVariableHandler. 
2. Refine the debug message.
3. Add check to make sure the input VariableName is A Null-terminated string.
4. Use local variable to hold StrSize (VariableName) to avoid duplicated StrSize calculation.

Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14317 6f19259b-4bc3-4df7-8a09-765794883524
 2013-04-25 10:49:45 +00:00
hhtian
e8c758dc92 Update header format 
Signed-off-by: Hot Tian <hot.tian@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Jeff Fan <jeff.fan@intel.com>


git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13819 6f19259b-4bc3-4df7-8a09-765794883524
 2012-10-11 04:59:05 +00:00
jyao1
32177f69c4 Add more security check for CommBuffer+CommBufferSize. 
signed off by: jiewen.yao@intel.com
reviewed by: rui.sun@intel.com
reviewed by: michael.d.kinney@intel.com

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13545 6f19259b-4bc3-4df7-8a09-765794883524
 2012-07-23 00:59:26 +00:00
li-elvin
1476a25761 RestoreLockBox in DXE with Length NULL, Buffer NULL will fail to get data from Lockbox. Fix this issue. 
Signed-off-by: li-elvin
Reviewed-by: jyao1

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12208 6f19259b-4bc3-4df7-8a09-765794883524
 2011-08-25 08:25:13 +00:00
jljusten
1c837cd545 MdeModulePkg: Add SMM LockBox 
This includes:
* LockBox protocol definition
* LockBoxLib library interface definition
* SmmLockBox GUID
* LockBoxNullLib library implementation
* 2 SmmLockBoxLib library implementations
* SmmLockBox SMM driver

Signed-off-by: jljusten
Reviewed-by: mdkinney
Reviewed-by: geekboy15a
Reviewed-by: jyao1
Reviewed-by: lgao4

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12029 6f19259b-4bc3-4df7-8a09-765794883524
 2011-07-19 20:47:28 +00:00