AllocateCopyPool(AllocationSize, *Buffer) will copy "AllocationSize" bytes of
memory from old "Buffer" to new allocated one. If "AllocationSize" is bigger
than size of "Buffer", heap memory overflow occurs during copy.
One solution is to allocate pool first then copy the necessary bytes to new
memory. Another is using ReallocatePool instead if old buffer will be freed
on spot.
Cc: Liming Gao <liming.gao@intel.com>
Cc: Bi Dandan <dandan.bi@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Bi Dandan <dandan.bi@intel.com>
FV3 HOB was introduced by new (>= 1.5) PI spec, it is intended to
be used to propagate PEI-phase FV authentication status to DXE.
This patch is to update FwVolDxe to get the authentication status
propagated from PEI-phase to DXE by FV3 HOB when producing FV
protocol.
Cc: Liming Gao <liming.gao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
Follow PI 1.6 spec to support FFS_ATTRIB_DATA_ALIGNMENT_2 for
FFS alignment extended to support maximum 16MB.
Cc: Liming Gao <liming.gao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
There are cases that the operands of an expression are all with rank less
than UINT64/INT64 and the result of the expression is explicitly cast to
UINT64/INT64 to fit the target size.
An example will be:
UINT32 a,b;
// a and b can be any unsigned int type with rank less than UINT64, like
// UINT8, UINT16, etc.
UINT64 c;
c = (UINT64) (a + b);
Some static code checkers may warn that the expression result might
overflow within the rank of "int" (integer promotions) and the result is
then cast to a bigger size.
The commit refines codes by the following rules:
1). When the expression is possible to overflow the range of unsigned int/
int:
c = (UINT64)a + b;
2). When the expression will not overflow within the rank of "int", remove
the explicit type casts:
c = a + b;
3). When the expression will be cast to pointer of possible greater size:
UINT32 a,b;
VOID *c;
c = (VOID *)(UINTN)(a + b); --> c = (VOID *)((UINTN)a + b);
4). When one side of a comparison expression contains only operands with
rank less than UINT32:
UINT8 a;
UINT16 b;
UINTN c;
if ((UINTN)(a + b) > c) {...} --> if (((UINT32)a + b) > c) {...}
For rule 4), if we remove the 'UINTN' type cast like:
if (a + b > c) {...}
The VS compiler will complain with warning C4018 (signed/unsigned
mismatch, level 3 warning) due to promoting 'a + b' to type 'int'.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Jeff Fan <jeff.fan@intel.com>
For pointer subtraction, the result is of type "ptrdiff_t". According to
the C11 standard (Committee Draft - April 12, 2011):
"When two pointers are subtracted, both shall point to elements of the
same array object, or one past the last element of the array object; the
result is the difference of the subscripts of the two array elements. The
size of the result is implementation-defined, and its type (a signed
integer type) is ptrdiff_t defined in the <stddef.h> header. If the result
is not representable in an object of that type, the behavior is
undefined."
In our codes, there are cases that the pointer subtraction is not
performed by pointers to elements of the same array object. This might
lead to potential issues, since the behavior is undefined according to C11
standard.
Also, since the size of type "ptrdiff_t" is implementation-defined. Some
static code checkers may warn that the pointer subtraction might underflow
first and then being cast to a bigger size. For example:
UINT8 *Ptr1, *Ptr2;
UINTN PtrDiff;
...
PtrDiff = (UINTN) (Ptr1 - Ptr2);
The commit will refine the pointer subtraction expressions by casting each
pointer to UINTN first and then perform the subtraction:
PtrDiff = (UINTN) Ptr1 - (UINTN) Ptr2;
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Acked-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jeff Fan <jeff.fan@intel.com>
It is the follow up of commits 51f0ceb..9e32e97 to replace
AsciiValueToString/UnicodeValueToString with
AsciiValueToStringS/UnicodeValueToStringS.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Jeff Fan <jeff.fan@intel.com>
Use EfiEventEmptyFunction from UefiLib and remove the duplication
of event empty function.
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=298
Cc: Jeff Fan <jeff.fan@intel.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Michael Kinney <michael.d.kinney@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jeff Fan <jeff.fan@intel.com>
The IO_PROTOCOL supports Fifo types by invoking the Fifo routines in the
new BaseIoLibIntrinsic (IoLib class) library.
Cc: Jeff Fan <jeff.fan@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
Signed-off-by: Leo Duran <leo.duran@amd.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
Reviewed-by: Jeff Fan <jeff.fan@intel.com>
Some boot options may be deleted in the "Delete Boot Option page",
But the data BootOptionOrder in BmmFakeNvData may not be updated.
So when user enter the "Change Boot Order" page, we should not always
get the BootOptionOrder in BmmFakeNvData, it will result in incorrect
UI behaviors. When the Boot Options have been saved,
we should get the BootOptionOrder through function GetBootOrder.
For driver option codes need to do the same change.
This patch is to fix the issue in bugzilla:
https://bugzilla.tianocore.org/show_bug.cgi?id=39
Cc: Eric Dong <eric.dong@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Dandan Bi <dandan.bi@intel.com>
Reviewed-by: Eric Dong <eric.dong@intel.com>
Cc: Jeff Fan <jeff.fan@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jeff Fan <jeff.fan@intel.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
Instead of comparing a GUID with gZeroGuid via the CompareGuid API, the
commit uses the IsZeroGuid API to check if the given GUID is a zero GUID.
Cc: Jeff Fan <jeff.fan@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Jeff Fan <jeff.fan@intel.com>
- requried to required
Cc: Jeff Fan <jeff.fan@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Giri P Mudusuru <giri.p.mudusuru@intel.com>
Reviewed-by: Jeff Fan <jeff.fan@intel.com>
RUNTIME_MEMORY_STATUSCODE_HEADER has been moved into MdeModulePkg public header
file Include/Guid/MemoryStatusCodeRecord.h. It should be removed from the driver.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Liming Gao <liming.gao@intel.com>
Reviewed-by: Jeff Fan <jeff.fan@intel.com>
It is the follow up of 3ab41b7a32
to replace UnicodeStrToAsciiStr/AsciiStrToUnicodeStr with
UnicodeStrToAsciiStrS/AsciiStrToUnicodeStrS.
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jeff Fan <jeff.fan@intel.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jaben Carsey <jaben.carsey@intel.com>
Add gPerformanceProtocolGuid in BdsDxe.inf explicitly.
Currently, BdsDxe could build pass as it inherits
gPerformanceProtocolGuid from GenericBdsLib.inf.
Also update the usage of gPerformanceProtocolGuid in GenericBdsLib.inf.
Cc: Liming Gao <liming.gao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
The S3Ready() functional code has been moved to S3SaveStateDxe in
MdeModulePkg, the ACPI global variable related code is leaved as is
for compatibility.
PcdS3BootScriptStackSize is also moved to MdeModulePkg.
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jeff Fan <jeff.fan@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jeff Fan <jeff.fan@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Update the BDS frontpage to pull the RAM ranges from the
smbios extended size fields when applicable. The RAM calculation
also needs to take into account all the RAM ranges being provided
as many machines have multiple physical address ranges.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jeremy Linton <jeremy.linton@arm.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>
To convert these files I ran:
$ python3 BaseTools/Scripts/ConvertUni.py IntelFrameworkModulePkg
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
Reviewed-by: Michael Kinney <michael.d.kinney@intel.com>
Reviewed-by: Jeff Fan <jeff.fan@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19254 6f19259b-4bc3-4df7-8a09-765794883524
PcdSet## has no error status returned, then the caller has no idea about whether the set operation is successful or not.
PcdSet##S were added to return error status and PcdSet## APIs were put in ifndef DISABLE_NEW_DEPRECATED_INTERFACES condition.
To adopt PcdSet##S and further code development with DISABLE_NEW_DEPRECATED_INTERFACES defined, we need to Replace PcdSet## usage with PcdSet##S.
Normally, DynamicDefault PCD set is expected to be success, but DynamicHii PCD set failure is a legal case.
So for DynamicDefault, we add assert when set failure. For DynamicHii, we add logic to handle it.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Eric Dong <eric.dong@intel.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18605 6f19259b-4bc3-4df7-8a09-765794883524
Reduce reserved memory consumption by page table buffer,
then OS can have more available memory to use.
Take PhysicalAddressBits = 48 and 2MB page granularity as example,
1:1 Virtual to Physical identity mapping page table buffer needs to be
((512 + 1) * 512 + 1) * 4096 = 1075843072 bytes = 0x40201000 bytes.
When BIOS does not support long mode waking vector, only allocate
2 pages (1G page enabled) or 6 pages for 4G page table, and 8 extra
pages to handles > 4G request by page fault.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18068 6f19259b-4bc3-4df7-8a09-765794883524
This commit will resolve the issue brought by r17738.
String = AllocateCopyPool (BufferLen, L"MAC:");
The above using of AllocateCopyPool() will read contents out of the scope
of the constant string. Potential risk for the constant string allocated
at the boundary of memory region.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Qiu Shumin <shumin.qiu@intel.com>
Reviewed-by: Jeff Fan <jeff.fan@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17933 6f19259b-4bc3-4df7-8a09-765794883524
This commit will resolve the issue brought by r17737.
HelpString = AllocateCopyPool (HelpSize, L"Device Path : ");
The above using of AllocateCopyPool() will read contents out of the scope
of the constant string. Potential risk for the constant string allocated
at the boundary of memory region.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Qiu Shumin <shumin.qiu@intel.com>
Reviewed-by: Jeff Fan <jeff.fan@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17932 6f19259b-4bc3-4df7-8a09-765794883524
This commit will resolve the issue brought by r17736.
Str = AllocateCopyPool (MaxLen * sizeof (CHAR16), Str1);
The above using of AllocateCopyPool() will read contents out of the scope
of Str1. Potential risk for Str1 allocated at the boundary of memory
region.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Qiu Shumin <shumin.qiu@intel.com>
Reviewed-by: Jeff Fan <jeff.fan@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17931 6f19259b-4bc3-4df7-8a09-765794883524
This commit will resolve the issue brought by r17735.
StrCatS (StrPercent, sizeof (StrPercent) / sizeof (CHAR16), TmpStr);
The above using of StrCatS will cause ASSERT if TmpStr is longer than
StrPercent. Therefore, StrnCatS is used here to resolve the issue.
Similar scenario is for:
StrCatS (StrTotalMemory, StrTotalMemorySize / sizeof (CHAR16), TmpStr);
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Qiu Shumin <shumin.qiu@intel.com>
Reviewed-by: Jeff Fan <jeff.fan@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17930 6f19259b-4bc3-4df7-8a09-765794883524
MdeModulePkg has defined gZeroGuid in 'Guid/ZeroGuid.h', therefore, the
gZeroGuid defined in DataHubDxe is redundant.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
Reviewed-by: Jaben Carsey <jaben.carsey@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17838 6f19259b-4bc3-4df7-8a09-765794883524
Call S3Ready() whenever the first of the following occurs:
- a driver signals End-of-Dxe,
- a driver calls EFI_ACPI_S3_SAVE_PROTOCOL.S3Save().
S3Ready() already contains a static, function scope "latch" that causes it
to exit early when called for the second time or later.
(At the moment, the only platform in the edk2 tree that includes this
driver is Vlv2TbltDevicePkg. That platform does not signal End-of-Dxe
(yet).)
http://thread.gmane.org/gmane.comp.bios.tianocore.devel/16088/focus=16146
Suggested-by: Yao Jiewen <jiewen.yao@intel.com>
Cc: Yao Jiewen <jiewen.yao@intel.com>
Cc: Jeff Fan <jeff.fan@intel.com>
Cc: David Wei <david.wei@intel.com>
Cc: Tim He <tim.he@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17805 6f19259b-4bc3-4df7-8a09-765794883524
We are preparing for detaching the S3Ready() functionality from the
EFI_ACPI_S3_SAVE_PROTOCOL.S3Save() protocol member function. Instead, we
will hook the same logic to the End-of-Dxe event group.
The EFI_ACPI_S3_SAVE_PROTOCOL has another member: GetLegacyMemorySize().
According to the documenation,
This function returns the size of the legacy memory (meaning below 1 MB)
that is required during an S3 resume. Before the Framework-based
firmware transfers control to the OS, it has to transition from flat
mode into real mode in case the OS supplies only a real-mode waking
vector. This transition requires a certain amount of legacy memory.
After getting the size of legacy memory below, the caller is responsible
for allocating the legacy memory below 1 MB according to the size that
is returned. The specific implementation of allocating the legacy memory
is out of the scope of this specification.
When EFI_ACPI_S3_SAVE_PROTOCOL.S3Save() is called, the address of the
legacy memory allocated above must be passed to it, in the
LegacyMemoryAddress parameter.
In practice however:
- The S3Ready() function ignores the LegacyMemoryAddress completely.
- No code in the edk2 tree calls
EFI_ACPI_S3_SAVE_PROTOCOL.GetLegacyMemorySize(), ever.
- All callers of EFI_ACPI_S3_SAVE_PROTOCOL.S3Save() in the edk2 tree pass
a NULL LegacyMemoryAddress:
BdsLibBootViaBootOption()
[IntelFrameworkModulePkg/Library/GenericBdsLib/BdsBoot.c]
OnReadyToBoot()
[Vlv2TbltDevicePkg/AcpiPlatform/AcpiPlatform.c]
InstallReadyToLock()
[Vlv2TbltDevicePkg/Library/PlatformBdsLib/BdsPlatform.c]
BdsLibBootViaBootOption()
[Vlv2TbltDevicePkg/Override/IntelFrameworkModulePkg/Library/GenericBdsLib/BdsBoot.c]
For this reason, ASSERT() explicitly that LegacyGetS3MemorySize() is never
called, and that the LegacyMemoryAddress parameter is always NULL.
This fact is important to capture in the code, because in the End-of-Dxe
callback, no LegacyMemoryAddress parameter can be taken. So let's make it
clear that we actually don't even have any use for that parameter.
Cc: Yao Jiewen <jiewen.yao@intel.com>
Cc: Jeff Fan <jeff.fan@intel.com>
Cc: David Wei <david.wei@intel.com>
Cc: Tim He <tim.he@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17804 6f19259b-4bc3-4df7-8a09-765794883524
Display engine base on class opcode to detect whether in
front page.Now remove class/subclass and use FormsetGuid
or ClassGuid to judge whether in front page
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Dandan Bi <dandan.bi@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17590 6f19259b-4bc3-4df7-8a09-765794883524
class/subclass is the obseleted key word in VFR file. It is designed in framework HII.
After convert to UEFI HII, it is not used any longer. Now remove them from VFR
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Dandan Bi <dandan.bi@intel.com>
Reviewed-by: Eric Dong <eric.dong@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17493 6f19259b-4bc3-4df7-8a09-765794883524
Move the check of FV Header signature and file system to
GetFwVolHeader() to avoid reading the whole unexpected FvHeader.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16255 6f19259b-4bc3-4df7-8a09-765794883524