tyler.durden/audk
1
0
Fork 0
mirror of https://github.com/acidanthera/audk.git synced 2025-07-28 16:14:04 +02:00
Code Issues Packages Projects Releases Wiki Activity

MdeModulePkg/Bus/Pci: Fix Descriptor Misalignment in USB Config Handling

Browse Source 
The issue with locating the expected interface and endpoint descriptors
arises because `configDesc` (USB_CONFIG_DESCRIPTOR) and `IfDesc`
(USB_INTERFACE_DESCRIPTOR) are incremented by structure size rather than
by actual descriptor length.

Specifically:
  - `configDesc` should be incremented by its actual length.
  - `IfDesc` should be incremented by its actual length.

This incorrect increment causes misalignment, preventing access to the
subsequent interface and endpoint descriptors.

[Suggested Solution]
Update the code to increment the pointers by the actual descriptor lengths,
ensuring proper access to all descriptors in the USB configuration.

Signed-off-by: Aniket Surekar <Aniket.Surekar@Dell.com>
This commit is contained in:
Aniket_Surekar 2024-11-14 21:27:15 +05:30 committed by mergify[bot]
parent e8668d2dee
commit 333e9638ad
2 changed files with 10 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
MdeModulePkg/Bus/Pci/XhciDxe/XhciSched.c
View File

@ -2848,7 +2848,7 @@ XhcInitializeEndpointContext (
MaxDci = 1; MaxDci = 1;
} }
EpDesc = (USB_ENDPOINT_DESCRIPTOR *)(IfDesc + 1); EpDesc = (USB_ENDPOINT_DESCRIPTOR *)((UINTN)IfDesc + IfDesc->Length);
for (EpIndex = 0; EpIndex < NumEp; EpIndex++) { for (EpIndex = 0; EpIndex < NumEp; EpIndex++) {
while (EpDesc->DescriptorType != USB_DESC_TYPE_ENDPOINT) { while (EpDesc->DescriptorType != USB_DESC_TYPE_ENDPOINT) {
EpDesc = (USB_ENDPOINT_DESCRIPTOR *)((UINTN)EpDesc + EpDesc->Length); EpDesc = (USB_ENDPOINT_DESCRIPTOR *)((UINTN)EpDesc + EpDesc->Length);
@ -3051,7 +3051,7 @@ XhcInitializeEndpointContext64 (
MaxDci = 1; MaxDci = 1;
} }
EpDesc = (USB_ENDPOINT_DESCRIPTOR *)(IfDesc + 1); EpDesc = (USB_ENDPOINT_DESCRIPTOR *)((UINTN)IfDesc + IfDesc->Length);
for (EpIndex = 0; EpIndex < NumEp; EpIndex++) { for (EpIndex = 0; EpIndex < NumEp; EpIndex++) {
while (EpDesc->DescriptorType != USB_DESC_TYPE_ENDPOINT) { while (EpDesc->DescriptorType != USB_DESC_TYPE_ENDPOINT) {
EpDesc = (USB_ENDPOINT_DESCRIPTOR *)((UINTN)EpDesc + EpDesc->Length); EpDesc = (USB_ENDPOINT_DESCRIPTOR *)((UINTN)EpDesc + EpDesc->Length);
@ -3260,7 +3260,7 @@ XhcSetConfigCmd (
MaxDci = 0; MaxDci = 0;
IfDesc = (USB_INTERFACE_DESCRIPTOR *)(ConfigDesc + 1); IfDesc = (USB_INTERFACE_DESCRIPTOR *)((UINTN)ConfigDesc + ConfigDesc->Length);
for (Index = 0; Index < ConfigDesc->NumInterfaces; Index++) { for (Index = 0; Index < ConfigDesc->NumInterfaces; Index++) {
while ((IfDesc->DescriptorType != USB_DESC_TYPE_INTERFACE) || (IfDesc->AlternateSetting != 0)) { while ((IfDesc->DescriptorType != USB_DESC_TYPE_INTERFACE) || (IfDesc->AlternateSetting != 0)) {
IfDesc = (USB_INTERFACE_DESCRIPTOR *)((UINTN)IfDesc + IfDesc->Length); IfDesc = (USB_INTERFACE_DESCRIPTOR *)((UINTN)IfDesc + IfDesc->Length);
@ -3353,7 +3353,7 @@ XhcSetConfigCmd64 (
MaxDci = 0; MaxDci = 0;
IfDesc = (USB_INTERFACE_DESCRIPTOR *)(ConfigDesc + 1); IfDesc = (USB_INTERFACE_DESCRIPTOR *)((UINTN)ConfigDesc + ConfigDesc->Length);
for (Index = 0; Index < ConfigDesc->NumInterfaces; Index++) { for (Index = 0; Index < ConfigDesc->NumInterfaces; Index++) {
while ((IfDesc->DescriptorType != USB_DESC_TYPE_INTERFACE) || (IfDesc->AlternateSetting != 0)) { while ((IfDesc->DescriptorType != USB_DESC_TYPE_INTERFACE) || (IfDesc->AlternateSetting != 0)) {
IfDesc = (USB_INTERFACE_DESCRIPTOR *)((UINTN)IfDesc + IfDesc->Length); IfDesc = (USB_INTERFACE_DESCRIPTOR *)((UINTN)IfDesc + IfDesc->Length);
@ -3644,7 +3644,7 @@ XhcSetInterface (
IfDescActive = NULL; IfDescActive = NULL;
IfDescSet = NULL; IfDescSet = NULL;
IfDesc = (USB_INTERFACE_DESCRIPTOR *)(ConfigDesc + 1); IfDesc = (USB_INTERFACE_DESCRIPTOR *)((UINTN)ConfigDesc + ConfigDesc->Length);
while ((UINTN)IfDesc < ((UINTN)ConfigDesc + ConfigDesc->TotalLength)) { while ((UINTN)IfDesc < ((UINTN)ConfigDesc + ConfigDesc->TotalLength)) {
if ((IfDesc->DescriptorType == USB_DESC_TYPE_INTERFACE) && (IfDesc->Length >= sizeof (USB_INTERFACE_DESCRIPTOR))) { if ((IfDesc->DescriptorType == USB_DESC_TYPE_INTERFACE) && (IfDesc->Length >= sizeof (USB_INTERFACE_DESCRIPTOR))) {
if (IfDesc->InterfaceNumber == (UINT8)Request->Index) { if (IfDesc->InterfaceNumber == (UINT8)Request->Index) {
@ -3851,7 +3851,7 @@ XhcSetInterface64 (
IfDescActive = NULL; IfDescActive = NULL;
IfDescSet = NULL; IfDescSet = NULL;
IfDesc = (USB_INTERFACE_DESCRIPTOR *)(ConfigDesc + 1); IfDesc = (USB_INTERFACE_DESCRIPTOR *)((UINTN)ConfigDesc + ConfigDesc->Length);
while ((UINTN)IfDesc < ((UINTN)ConfigDesc + ConfigDesc->TotalLength)) { while ((UINTN)IfDesc < ((UINTN)ConfigDesc + ConfigDesc->TotalLength)) {
if ((IfDesc->DescriptorType == USB_DESC_TYPE_INTERFACE) && (IfDesc->Length >= sizeof (USB_INTERFACE_DESCRIPTOR))) { if ((IfDesc->DescriptorType == USB_DESC_TYPE_INTERFACE) && (IfDesc->Length >= sizeof (USB_INTERFACE_DESCRIPTOR))) {
if (IfDesc->InterfaceNumber == (UINT8)Request->Index) { if (IfDesc->InterfaceNumber == (UINT8)Request->Index) {

8
MdeModulePkg/Bus/Pci/XhciPei/XhciSched.c
View File

@ -1748,7 +1748,7 @@ XhcPeiSetConfigCmd (
MaxDci = 0; MaxDci = 0;
IfDesc = (USB_INTERFACE_DESCRIPTOR *)(ConfigDesc + 1); IfDesc = (USB_INTERFACE_DESCRIPTOR *)((UINTN)ConfigDesc + ConfigDesc->Length);
for (Index = 0; Index < ConfigDesc->NumInterfaces; Index++) { for (Index = 0; Index < ConfigDesc->NumInterfaces; Index++) {
while ((IfDesc->DescriptorType != USB_DESC_TYPE_INTERFACE) || (IfDesc->AlternateSetting != 0)) { while ((IfDesc->DescriptorType != USB_DESC_TYPE_INTERFACE) || (IfDesc->AlternateSetting != 0)) {
IfDesc = (USB_INTERFACE_DESCRIPTOR *)((UINTN)IfDesc + IfDesc->Length); IfDesc = (USB_INTERFACE_DESCRIPTOR *)((UINTN)IfDesc + IfDesc->Length);
@ -1759,7 +1759,7 @@ XhcPeiSetConfigCmd (
MaxDci = 1; MaxDci = 1;
} }
EpDesc = (USB_ENDPOINT_DESCRIPTOR *)(IfDesc + 1); EpDesc = (USB_ENDPOINT_DESCRIPTOR *)((UINTN)IfDesc + IfDesc->Length);
for (EpIndex = 0; EpIndex < NumEp; EpIndex++) { for (EpIndex = 0; EpIndex < NumEp; EpIndex++) {
while (EpDesc->DescriptorType != USB_DESC_TYPE_ENDPOINT) { while (EpDesc->DescriptorType != USB_DESC_TYPE_ENDPOINT) {
EpDesc = (USB_ENDPOINT_DESCRIPTOR *)((UINTN)EpDesc + EpDesc->Length); EpDesc = (USB_ENDPOINT_DESCRIPTOR *)((UINTN)EpDesc + EpDesc->Length);
@ -1974,7 +1974,7 @@ XhcPeiSetConfigCmd64 (
MaxDci = 0; MaxDci = 0;
IfDesc = (USB_INTERFACE_DESCRIPTOR *)(ConfigDesc + 1); IfDesc = (USB_INTERFACE_DESCRIPTOR *)((UINTN)ConfigDesc + ConfigDesc->Length);
for (Index = 0; Index < ConfigDesc->NumInterfaces; Index++) { for (Index = 0; Index < ConfigDesc->NumInterfaces; Index++) {
while ((IfDesc->DescriptorType != USB_DESC_TYPE_INTERFACE) || (IfDesc->AlternateSetting != 0)) { while ((IfDesc->DescriptorType != USB_DESC_TYPE_INTERFACE) || (IfDesc->AlternateSetting != 0)) {
IfDesc = (USB_INTERFACE_DESCRIPTOR *)((UINTN)IfDesc + IfDesc->Length); IfDesc = (USB_INTERFACE_DESCRIPTOR *)((UINTN)IfDesc + IfDesc->Length);
@ -1985,7 +1985,7 @@ XhcPeiSetConfigCmd64 (
MaxDci = 1; MaxDci = 1;
} }
EpDesc = (USB_ENDPOINT_DESCRIPTOR *)(IfDesc + 1); EpDesc = (USB_ENDPOINT_DESCRIPTOR *)((UINTN)IfDesc + IfDesc->Length);
for (EpIndex = 0; EpIndex < NumEp; EpIndex++) { for (EpIndex = 0; EpIndex < NumEp; EpIndex++) {
while (EpDesc->DescriptorType != USB_DESC_TYPE_ENDPOINT) { while (EpDesc->DescriptorType != USB_DESC_TYPE_ENDPOINT) {
EpDesc = (USB_ENDPOINT_DESCRIPTOR *)((UINTN)EpDesc + EpDesc->Length); EpDesc = (USB_ENDPOINT_DESCRIPTOR *)((UINTN)EpDesc + EpDesc->Length);