diff options
| author | Jeff Fan <jeff.fan@intel.com> | 2016-11-18 10:46:43 +0800 |
|---|---|---|
| committer | Jeff Fan <jeff.fan@intel.com> | 2016-11-23 21:11:40 +0800 |
| commit | 1103519ed74d465cd902c083fa5ddeaa778102ef (patch) | |
| tree | 055a142261b1f0325c78365e850724f9dbb5f7a2 | |
| parent | abcc3904c96613f7a552131fda764152834bf580 (diff) | |
| download | edk2-1103519ed74d465cd902c083fa5ddeaa778102ef.tar.gz | |
MdeModulePkg/PiSmmCore: Cache CommunicationBuffer info before using it
gSmmCorePrivate->CommunicationBuffer and gSmmCorePrivate->BufferSize locate at
runtime memory region. That means they could be modified by non-SMM code during
runtime.
We should cache them into SMM local variables before we verify them. After
verification, we should use the cached ones directly instead of the ones in
gSmmCorePrivate.
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Feng Tian <feng.tian@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jeff Fan <jeff.fan@intel.com>
(cherry picked from commit eaae7b33b1cf6b9f21db1636f219c2b6a8d88afd)
| -rw-r--r-- | MdeModulePkg/Core/PiSmmCore/PiSmmCore.c | 16 |
1 files changed, 10 insertions, 6 deletions
diff --git a/MdeModulePkg/Core/PiSmmCore/PiSmmCore.c b/MdeModulePkg/Core/PiSmmCore/PiSmmCore.c index 5210548110..cd2f6f956f 100644 --- a/MdeModulePkg/Core/PiSmmCore/PiSmmCore.c +++ b/MdeModulePkg/Core/PiSmmCore/PiSmmCore.c @@ -292,6 +292,8 @@ SmmEntryPoint ( EFI_STATUS Status;
EFI_SMM_COMMUNICATE_HEADER *CommunicateHeader;
BOOLEAN InLegacyBoot;
+ VOID *CommunicationBuffer;
+ UINTN BufferSize;
PERF_START (NULL, "SMM", NULL, 0) ;
@@ -319,30 +321,32 @@ SmmEntryPoint ( // Check to see if this is a Synchronous SMI sent through the SMM Communication
// Protocol or an Asynchronous SMI
//
- if (gSmmCorePrivate->CommunicationBuffer != NULL) {
+ CommunicationBuffer = gSmmCorePrivate->CommunicationBuffer;
+ BufferSize = gSmmCorePrivate->BufferSize;
+ if (CommunicationBuffer != NULL) {
//
// Synchronous SMI for SMM Core or request from Communicate protocol
//
- if (!SmmIsBufferOutsideSmmValid ((UINTN)gSmmCorePrivate->CommunicationBuffer, gSmmCorePrivate->BufferSize)) {
+ if (!SmmIsBufferOutsideSmmValid ((UINTN)CommunicationBuffer, BufferSize)) {
//
// If CommunicationBuffer is not in valid address scope, return EFI_INVALID_PARAMETER
//
gSmmCorePrivate->CommunicationBuffer = NULL;
gSmmCorePrivate->ReturnStatus = EFI_INVALID_PARAMETER;
} else {
- CommunicateHeader = (EFI_SMM_COMMUNICATE_HEADER *)gSmmCorePrivate->CommunicationBuffer;
- gSmmCorePrivate->BufferSize -= OFFSET_OF (EFI_SMM_COMMUNICATE_HEADER, Data);
+ CommunicateHeader = (EFI_SMM_COMMUNICATE_HEADER *)CommunicationBuffer;
+ BufferSize -= OFFSET_OF (EFI_SMM_COMMUNICATE_HEADER, Data);
Status = SmiManage (
&CommunicateHeader->HeaderGuid,
NULL,
CommunicateHeader->Data,
- &gSmmCorePrivate->BufferSize
+ &BufferSize
);
//
// Update CommunicationBuffer, BufferSize and ReturnStatus
// Communicate service finished, reset the pointer to CommBuffer to NULL
//
- gSmmCorePrivate->BufferSize += OFFSET_OF (EFI_SMM_COMMUNICATE_HEADER, Data);
+ gSmmCorePrivate->BufferSize = BufferSize + OFFSET_OF (EFI_SMM_COMMUNICATE_HEADER, Data);
gSmmCorePrivate->CommunicationBuffer = NULL;
gSmmCorePrivate->ReturnStatus = (Status == EFI_SUCCESS) ? EFI_SUCCESS : EFI_NOT_FOUND;
}
|