diff options
| author | Aniket_Surekar <Aniket.Surekar@Dell.com> | 2024-11-14 21:27:15 +0530 |
|---|---|---|
| committer | mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> | 2024-12-06 01:45:22 +0000 |
| commit | 333e9638ad29828f4cac64ad966b0e7f8c9b0c66 (patch) | |
| tree | b8a92c8e0a82956afb72147a8a0c3d5fa2e1b708 | |
| parent | e8668d2dee2f001a053d9e50f431e2f1f8165b8b (diff) | |
| download | edk2-333e9638ad29828f4cac64ad966b0e7f8c9b0c66.tar.gz | |
MdeModulePkg/Bus/Pci: Fix Descriptor Misalignment in USB Config Handling
The issue with locating the expected interface and endpoint descriptors
arises because `configDesc` (USB_CONFIG_DESCRIPTOR) and `IfDesc`
(USB_INTERFACE_DESCRIPTOR) are incremented by structure size rather than
by actual descriptor length.
Specifically:
- `configDesc` should be incremented by its actual length.
- `IfDesc` should be incremented by its actual length.
This incorrect increment causes misalignment, preventing access to the
subsequent interface and endpoint descriptors.
[Suggested Solution]
Update the code to increment the pointers by the actual descriptor lengths,
ensuring proper access to all descriptors in the USB configuration.
Signed-off-by: Aniket Surekar <Aniket.Surekar@Dell.com>
| -rw-r--r-- | MdeModulePkg/Bus/Pci/XhciDxe/XhciSched.c | 12 | ||||
| -rw-r--r-- | MdeModulePkg/Bus/Pci/XhciPei/XhciSched.c | 8 |
2 files changed, 10 insertions, 10 deletions
diff --git a/MdeModulePkg/Bus/Pci/XhciDxe/XhciSched.c b/MdeModulePkg/Bus/Pci/XhciDxe/XhciSched.c index 3caa060f35..fe48a72121 100644 --- a/MdeModulePkg/Bus/Pci/XhciDxe/XhciSched.c +++ b/MdeModulePkg/Bus/Pci/XhciDxe/XhciSched.c @@ -2848,7 +2848,7 @@ XhcInitializeEndpointContext ( MaxDci = 1;
}
- EpDesc = (USB_ENDPOINT_DESCRIPTOR *)(IfDesc + 1);
+ EpDesc = (USB_ENDPOINT_DESCRIPTOR *)((UINTN)IfDesc + IfDesc->Length);
for (EpIndex = 0; EpIndex < NumEp; EpIndex++) {
while (EpDesc->DescriptorType != USB_DESC_TYPE_ENDPOINT) {
EpDesc = (USB_ENDPOINT_DESCRIPTOR *)((UINTN)EpDesc + EpDesc->Length);
@@ -3051,7 +3051,7 @@ XhcInitializeEndpointContext64 ( MaxDci = 1;
}
- EpDesc = (USB_ENDPOINT_DESCRIPTOR *)(IfDesc + 1);
+ EpDesc = (USB_ENDPOINT_DESCRIPTOR *)((UINTN)IfDesc + IfDesc->Length);
for (EpIndex = 0; EpIndex < NumEp; EpIndex++) {
while (EpDesc->DescriptorType != USB_DESC_TYPE_ENDPOINT) {
EpDesc = (USB_ENDPOINT_DESCRIPTOR *)((UINTN)EpDesc + EpDesc->Length);
@@ -3260,7 +3260,7 @@ XhcSetConfigCmd ( MaxDci = 0;
- IfDesc = (USB_INTERFACE_DESCRIPTOR *)(ConfigDesc + 1);
+ IfDesc = (USB_INTERFACE_DESCRIPTOR *)((UINTN)ConfigDesc + ConfigDesc->Length);
for (Index = 0; Index < ConfigDesc->NumInterfaces; Index++) {
while ((IfDesc->DescriptorType != USB_DESC_TYPE_INTERFACE) || (IfDesc->AlternateSetting != 0)) {
IfDesc = (USB_INTERFACE_DESCRIPTOR *)((UINTN)IfDesc + IfDesc->Length);
@@ -3353,7 +3353,7 @@ XhcSetConfigCmd64 ( MaxDci = 0;
- IfDesc = (USB_INTERFACE_DESCRIPTOR *)(ConfigDesc + 1);
+ IfDesc = (USB_INTERFACE_DESCRIPTOR *)((UINTN)ConfigDesc + ConfigDesc->Length);
for (Index = 0; Index < ConfigDesc->NumInterfaces; Index++) {
while ((IfDesc->DescriptorType != USB_DESC_TYPE_INTERFACE) || (IfDesc->AlternateSetting != 0)) {
IfDesc = (USB_INTERFACE_DESCRIPTOR *)((UINTN)IfDesc + IfDesc->Length);
@@ -3644,7 +3644,7 @@ XhcSetInterface ( IfDescActive = NULL;
IfDescSet = NULL;
- IfDesc = (USB_INTERFACE_DESCRIPTOR *)(ConfigDesc + 1);
+ IfDesc = (USB_INTERFACE_DESCRIPTOR *)((UINTN)ConfigDesc + ConfigDesc->Length);
while ((UINTN)IfDesc < ((UINTN)ConfigDesc + ConfigDesc->TotalLength)) {
if ((IfDesc->DescriptorType == USB_DESC_TYPE_INTERFACE) && (IfDesc->Length >= sizeof (USB_INTERFACE_DESCRIPTOR))) {
if (IfDesc->InterfaceNumber == (UINT8)Request->Index) {
@@ -3851,7 +3851,7 @@ XhcSetInterface64 ( IfDescActive = NULL;
IfDescSet = NULL;
- IfDesc = (USB_INTERFACE_DESCRIPTOR *)(ConfigDesc + 1);
+ IfDesc = (USB_INTERFACE_DESCRIPTOR *)((UINTN)ConfigDesc + ConfigDesc->Length);
while ((UINTN)IfDesc < ((UINTN)ConfigDesc + ConfigDesc->TotalLength)) {
if ((IfDesc->DescriptorType == USB_DESC_TYPE_INTERFACE) && (IfDesc->Length >= sizeof (USB_INTERFACE_DESCRIPTOR))) {
if (IfDesc->InterfaceNumber == (UINT8)Request->Index) {
diff --git a/MdeModulePkg/Bus/Pci/XhciPei/XhciSched.c b/MdeModulePkg/Bus/Pci/XhciPei/XhciSched.c index c956e45907..158749b53c 100644 --- a/MdeModulePkg/Bus/Pci/XhciPei/XhciSched.c +++ b/MdeModulePkg/Bus/Pci/XhciPei/XhciSched.c @@ -1748,7 +1748,7 @@ XhcPeiSetConfigCmd ( MaxDci = 0;
- IfDesc = (USB_INTERFACE_DESCRIPTOR *)(ConfigDesc + 1);
+ IfDesc = (USB_INTERFACE_DESCRIPTOR *)((UINTN)ConfigDesc + ConfigDesc->Length);
for (Index = 0; Index < ConfigDesc->NumInterfaces; Index++) {
while ((IfDesc->DescriptorType != USB_DESC_TYPE_INTERFACE) || (IfDesc->AlternateSetting != 0)) {
IfDesc = (USB_INTERFACE_DESCRIPTOR *)((UINTN)IfDesc + IfDesc->Length);
@@ -1759,7 +1759,7 @@ XhcPeiSetConfigCmd ( MaxDci = 1;
}
- EpDesc = (USB_ENDPOINT_DESCRIPTOR *)(IfDesc + 1);
+ EpDesc = (USB_ENDPOINT_DESCRIPTOR *)((UINTN)IfDesc + IfDesc->Length);
for (EpIndex = 0; EpIndex < NumEp; EpIndex++) {
while (EpDesc->DescriptorType != USB_DESC_TYPE_ENDPOINT) {
EpDesc = (USB_ENDPOINT_DESCRIPTOR *)((UINTN)EpDesc + EpDesc->Length);
@@ -1974,7 +1974,7 @@ XhcPeiSetConfigCmd64 ( MaxDci = 0;
- IfDesc = (USB_INTERFACE_DESCRIPTOR *)(ConfigDesc + 1);
+ IfDesc = (USB_INTERFACE_DESCRIPTOR *)((UINTN)ConfigDesc + ConfigDesc->Length);
for (Index = 0; Index < ConfigDesc->NumInterfaces; Index++) {
while ((IfDesc->DescriptorType != USB_DESC_TYPE_INTERFACE) || (IfDesc->AlternateSetting != 0)) {
IfDesc = (USB_INTERFACE_DESCRIPTOR *)((UINTN)IfDesc + IfDesc->Length);
@@ -1985,7 +1985,7 @@ XhcPeiSetConfigCmd64 ( MaxDci = 1;
}
- EpDesc = (USB_ENDPOINT_DESCRIPTOR *)(IfDesc + 1);
+ EpDesc = (USB_ENDPOINT_DESCRIPTOR *)((UINTN)IfDesc + IfDesc->Length);
for (EpIndex = 0; EpIndex < NumEp; EpIndex++) {
while (EpDesc->DescriptorType != USB_DESC_TYPE_ENDPOINT) {
EpDesc = (USB_ENDPOINT_DESCRIPTOR *)((UINTN)EpDesc + EpDesc->Length);
|