diff options
| author | Star Zeng <star.zeng@intel.com> | 2016-12-09 14:47:03 +0800 |
|---|---|---|
| committer | Star Zeng <star.zeng@intel.com> | 2016-12-12 09:38:14 +0800 |
| commit | e71ee2151fa5acabfb944f60898ae8132cf39811 (patch) | |
| tree | f3fcb9a77ed3de5785d162b527df20b631378670 | |
| parent | 52e7754ed0a1edd5fa853fa52c37ec9fb1d06a5f (diff) | |
| download | edk2-e71ee2151fa5acabfb944f60898ae8132cf39811.tar.gz | |
MdeModulePkg VariableSmm: Do not need check CommBufferSize buffer
Current code in SmmVariableHandler() checks CommBufferSize
buffer to make sure it points to outside SMRAM in
"case SMM_VARIABLE_FUNCTION_GET_STATISTICS".
But after eaae7b33b1cf6b9f21db1636f219c2b6a8d88afd,
CommBufferSize buffer points to SMRAM that was used by
SMM core to cache CommSize from SmmCommunication protocol,
then the check will fail definitely and GET_STATISTICS
feature breaks.
In fact, do not need check CommBufferSize buffer at all
even before eaae7b33b1cf6b9f21db1636f219c2b6a8d88afd.
Before eaae7b33b1cf6b9f21db1636f219c2b6a8d88afd,
CommBufferSize buffer pointed to gSmmCorePrivate->BufferSize
that is outside SMRAM, the check will success definitely;
after eaae7b33b1cf6b9f21db1636f219c2b6a8d88afd,
CommBufferSize buffer points to local variable BufferSize
(in SMRAM) in SmmEntryPoint(), the check is not needed
definitely.
The patch is to remove the check.
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jeff Fan <jeff.fan@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
(cherry picked from commit 62016c1e898434a0326f658912b1e7e0a9c5575e)
| -rw-r--r-- | MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c | 11 |
1 files changed, 5 insertions, 6 deletions
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c index 35c9e20ed1..7bd18620d2 100644 --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c @@ -15,7 +15,7 @@ VariableServiceSetVariable(), VariableServiceQueryVariableInfo(), ReclaimForOS(),
SmmVariableGetStatistics() should also do validation based on its own knowledge.
-Copyright (c) 2010 - 2013, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2010 - 2016, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -652,11 +652,10 @@ SmmVariableHandler ( // It is covered by previous CommBuffer check
//
- if (!SmmIsBufferOutsideSmmValid ((EFI_PHYSICAL_ADDRESS)(UINTN)CommBufferSize, sizeof(UINTN))) {
- DEBUG ((EFI_D_ERROR, "GetStatistics: SMM communication buffer in SMRAM!\n"));
- Status = EFI_ACCESS_DENIED;
- goto EXIT;
- }
+ //
+ // Do not need to check CommBufferSize buffer as it should point to SMRAM
+ // that was used by SMM core to cache CommSize from SmmCommunication protocol.
+ //
Status = SmmVariableGetStatistics (VariableInfo, &InfoSize);
*CommBufferSize = InfoSize + SMM_VARIABLE_COMMUNICATE_HEADER_SIZE;
|