Most of the RVCT assembly can be reused as is for MSFT except
for CpuBreakpoint.asm, which we need to force to Arm mode.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Pete Batard <pete@akeo.ie>
Reviewed-by: Liming Gao <liming.gao@intel.com>
Today's implementation of [Ascii]StrnCpyS/[Ascii]StrnCatS calls
StrnLenS () to get the length of source string but supplies the
destination buffer size as max size.
It's a bug that may cause out-of-bound memory access.
For example:
StrnCpyS (Dest[10], 10, "hello", 6)
-> StrnLenS ("hello", 10) //< cause out-of bound memory access
In a pool guard enabled environment, when using shell to edit an
existing file which contains empty line, the page fault is met.
The patch fixes the four library functions to avoid such
out-of-bound memory access.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
When compiling with any ARM toolchain and Os, registers can get
trashed when returning for the second time from SetJump because GCC
only handles this correctly when using standard names like 'setjmp' or
'getcontext'. When different names are used you have to use the
attribute 'returns_twice' to tell gcc to be extra careful.
example:
extern int FN_NAME(void*);
void jmp_buf_set(void *jmpb, void (*f)(void))
{
if (!FN_NAME(jmpb))
f();
}
this code produces this wrong code with Os:
00000000 <jmp_buf_set>:
0: e92d4010 push {r4, lr}
4: e1a04001 mov r4, r1
8: ebfffffe bl 0 <nonstandard_setjmp>
c: e3500000 cmp r0, #0
10: 01a03004 moveq r3, r4
14: 08bd4010 popeq {r4, lr}
18: 012fff13 bxeq r3
1c: e8bd4010 pop {r4, lr}
20: e12fff1e bx lr
The generated code pushes backups of r4 and lr to the stack and then
saves all registers using nonstandard_setjmp.
Then it pops the stack and jumps to the function in r3 which is the
main problem because now the function can overwrite our register
backups on the stack.
When we return a second time from the call to nonstandard_setjmp, the
stack pointer has it's original(pushed) position and when the code
pops r4 and lr from the stack the values are not guaranteed to be the
same.
When using a standard name like setjmp or getcontext or adding
'__attribute__((returns_twice))' to nonstandard_setjmp's declaration
the code looks different:
00000000 <jmp_buf_set>:
0: e92d4007 push {r0, r1, r2, lr}
4: e58d1004 str r1, [sp, #4]
8: ebfffffe bl 0 <setjmp>
c: e3500000 cmp r0, #0
10: 059d3004 ldreq r3, [sp, #4]
14: 01a0e00f moveq lr, pc
18: 012fff13 bxeq r3
1c: e28dd00c add sp, sp, #12
20: e49de004 pop {lr} ; (ldr lr, [sp], #4)
24: e12fff1e bx lr
Here the problem is being solved by restoring r3 from the stack
without popping it.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Michael Zimmermann <sigmaepsilon92@gmail.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
The new definitions include two structures
IA32_TASK_STATE_SEGMENT
IA32_TSS_DESCRIPTOR
two macros
IA32_GDT_TYPE_TSS
IA32_GDT_ALIGNMENT
and one API
VOID
EFIAPI
AsmWriteTr (
IN UINT16 Selector
);
They're needed to setup task gate and interrupt stack table for stack switch.
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Suggested-by: Ayellet Wolman <ayellet.wolman@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Jeff Fan <vanjeff_919@hotmail.com>
Reviewed-by: Jiewen.yao@intel.com
V2:
Fix MSFT C4255 warning
V1:
Enable MSFT C4255 warning.
From MSDN:
Compiler Warning (level 4) C4255
function' : no function prototype given: converting '()' to '(void)'
The compiler did not find an explicit list of arguments to a function.
This warning is for the C compiler only.
Cc: Liming Gao <liming.gao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Bell Song <binx.song@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
CalculateCrc32() bases on the initialized mCrcTable. When CalculateCrc32()
is used, mCrcTable will take 1KB size in the image. When CalculateCrc32()
is not used, mCrcTable will not be built in the image, and no size impact.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Liming Gao <liming.gao@intel.com>
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=705
As mentioned in the above Bugzilla link by Steven, within the function
PathCleanUpDirectories(), when executing command:
"cd ."
under Shell, the input parameter 'Path' string will have string length
less than 2. Hence, it is possible for the below statement:
"if (StrCmp (Path + StrLen (Path) - 2, L"\\.") == 0) {"
to read contents before the string boundary.
This commit adds additional checks to avoid this.
Cc: Steven Shi <steven.shi@intel.com>
Cc: Michael Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
1) Replace InternalBaseLibIsNodeInList() with
InternalBaseLibIsListValid().
- The verification whether Node is within the doubly-linked List
is now done by IsNodeInList().
- Whether the list is valid is returned.
2) The comments within InsertHeadList() and InsertTailList() stated
that it is checked whether Entry is not part of the doubly-linked
list. This was not done as argument 3 of
InternalBaseLibIsNodeInList() indicated whether the check is done,
not whether to check if the node is or is not in the list. This
has been fixed by using IsNodeInList() for the ASSERTs.
V2:
- Fix IsListEmpty() to ASSERT when the passed list is invalid.
- Introduce the VERIFY_IS_NODE_IN_LIST() macro to only verify whether the
passed node is part of the list when PcdVerifyNodeInList is TRUE.
V3:
- Introduce the ASSERT_VERIFY_NODE_IN_VALID_LIST() macro which,
depending on the value of PcdVerifyNodeInList, verifies whether
SecondEntry is or is not part of the same doubly-linked list as
FirstEntry and unconditionally verifies whether the doubly-linked
list FirstEntry is part of is valid. This prevents
InternalBaseLibIsListValid() from being called twice when a
function ASSERTs via the result of IsNodeInList(), as it calls
InternalBaseLibIsListValid() already.
- Remove the VERIFY_IS_NODE_IN_LIST() macro in favor of
ASSERT_VERIFY_NODE_IN_VALID_LIST().
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Marvin Haeuser <Marvin.Haeuser@outlook.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
This patch adds IsNodeInList() to BaseLib, which verifies the given
Node is part of the doubly-linked List provided.
V2:
- Rename "List" to "FirstEntry" and "Node" to "SecondEntry" to clarify that
"FirstEntry" does not need to be the doubly-linked list's head node.
V3:
- Remove ASSERTs from IsNodeInList() which are present in
InternalBaseLibIsListValid().
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Marvin Haeuser <Marvin.Haeuser@outlook.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
The change doesn't impact the functionality.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Hao A Wu <hao.a.wu@intel.com>
There are cases that the operands of an expression are all with rank less
than UINT64/INT64 and the result of the expression is explicitly cast to
UINT64/INT64 to fit the target size.
An example will be:
UINT32 a,b;
// a and b can be any unsigned int type with rank less than UINT64, like
// UINT8, UINT16, etc.
UINT64 c;
c = (UINT64) (a + b);
Some static code checkers may warn that the expression result might
overflow within the rank of "int" (integer promotions) and the result is
then cast to a bigger size.
The commit refines codes by the following rules:
1). When the expression is possible to overflow the range of unsigned int/
int:
c = (UINT64)a + b;
2). When the expression will not overflow within the rank of "int", remove
the explicit type casts:
c = a + b;
3). When the expression will be cast to pointer of possible greater size:
UINT32 a,b;
VOID *c;
c = (VOID *)(UINTN)(a + b); --> c = (VOID *)((UINTN)a + b);
4). When one side of a comparison expression contains only operands with
rank less than UINT32:
UINT8 a;
UINT16 b;
UINTN c;
if ((UINTN)(a + b) > c) {...} --> if (((UINT32)a + b) > c) {...}
For rule 4), if we remove the 'UINTN' type cast like:
if (a + b > c) {...}
The VS compiler will complain with warning C4018 (signed/unsigned
mismatch, level 3 warning) due to promoting 'a + b' to type 'int'.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
The patch adds 4 APIs to convert ASCII string to GUID, bytes
buffer, IP v4 address and IP v6 address.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
The patch adds 4 APIs to convert Unicode string to GUID, bytes
buffer, IP v4 address and IP v6 address.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
Add the following 2 APIs:
UnicodeStrnToAsciiStrS
AsciiStrnToUnicodeStrS
These APIs are used to enhance APIs UnicodeStrToAsciiStrS and
AsciiStrToUnicodeStrS (without 'n' in names) by:
1. Adds an input parameter 'Length' to specify the maximum number of
Ascii/Unicode characters to convert.
2. Adds an output parameter 'DestinationLength' to indicate the number of
Ascii/Unicode characters successfully converted.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
For the following 8 APIs in MdePkg/BaseLib:
[Ascii]StrDecimalToUintn
[Ascii]StrDecimalToUint64
[Ascii]StrHexToUintn
[Ascii]StrHexToUint64
They will ASSERT for DEBUG build when the input string exceeds the range
of UINTN/UINT64. However, for RELEASE build, incorrect value will be
returned.
This commit refines those APIs to direcly call their enhanced counterparts
(with trailing 'S' in API names) so as to remove those exceed-range ASSERT
checks and to make those APIs to return MAX_UINTN/MAX_UINT64 instead.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Add the following 8 APIs:
[Ascii]StrDecimalToUintnS
[Ascii]StrDecimalToUint64S
[Ascii]StrHexToUintnS
[Ascii]StrHexToUint64S
These safe version APIs are used to enhance their counterpart (APIs
without trailing 'S' in function names).
These safe version APIs perform checks to the input string and will return
relative status to reflect the check result:
When the input string exceeds the range of UINTN/64, these APIs will
return RETURN_UNSUPPORTED and store MAX_UINTN/64 in the output data.
When no conversion can be performed for the input string, these APIs will
return RETURN_SUCCESS and store 0 in the output data.
The optional parameter 'EndPointer', if provided, will point to the
character that stopped the scan.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Add StrnSizeS() and AsciiStrnSizeS() APIs.
These 2 safe version APIs are used to replace StrSize() and
AsciiStrSize(). Those two APIs use similar checks as [Ascii]StrnLenS().
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
The old code incorrectly cleans path like "fs0:\abc\.\.." to
"fs0:\abc", instead of "fs0:\"
The patch fixes this bug.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Chen A Chen <chen.a.chen@intel.com>
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Jaben Carsey <jaben.carsey@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
This commit adds an addtional check in AsciiStrnCmp and StrnCmp. It
explicitly checks the end of the sting pointed by 'SecondString' to make
the code logic easier for reading and to prevent possible mis-reports by
static code checkers.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Michael Kinney <michael.d.kinney@intel.com>
This commit refines the logic for AsciiStrnLenS and StrnLenS. It makes the
logic more straightforward to prevent possible mis-reports by static code
checkers.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
https://bugzilla.tianocore.org/show_bug.cgi?id=239
When the input path for API PathRemoveLastItem() is a root path like
'fs0:\', the API will return TRUE (indicating a directory or file was
removed from the path) and modifies the path to 'fs0:'. In fact, there's
no directory or file removed in the above case.
This commit adds additional check to resolve this issue and modifies the
API's description to make it more straightforward.
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
The leading underscore (i.e. '_') before the names of some BaseLib library
API in ASM/NASM files is unnecessary. It will cause link error with GCC
tool chains.
Cc: Liming Gao <liming.gao@intel.com>
Cc: Michael Kinney <michael.d.kinney@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
Correct the typos in some files of MdePkg.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
Reviewed-by: Michael Kinney <michael.d.kinney@intel.com>
When switching to the DXE phase stack, set the frame pointer to zero so
that code walking the stack frame will not try to access stack frames
belonging to the old stack.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Leif Lindholm <leif.lindholm@linaro.org>
The original implementation only looks for very last backslash
and removes the string after that.
But when the path is like "FS0:File.txt" which doesn't contain
backslash, the function cannot work well.
The patch enhances the code to look for very last backslash or
colon to support the path which doesn't contain backslash.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Jaben Carsey <jaben.carsey@intel.com>
Reviewed-by: Tapan Shah <tapandshah@hpe.com>
BaseLib Ia32 InternalSwitchStack.S has no matched InternalSwitchStack.nasm.
Use ObjDump to verify the output object files be same.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Liming Gao <liming.gao@intel.com>
Reviewed-by: Jeff Fan <jeff.fan@intel.com>
The BaseTools/Scripts/ConvertMasmToNasm.py script was used to convert
Ia32/DisablePaging32.asm to Ia32/DisablePaging32.nasm
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
The BaseTools/Scripts/ConvertMasmToNasm.py script was used to convert
X64/ReadMsr64.asm to X64/ReadMsr64.nasm
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
The BaseTools/Scripts/ConvertMasmToNasm.py script was used to convert
X64/WriteMsr64.asm to X64/WriteMsr64.nasm
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
The BaseTools/Scripts/ConvertMasmToNasm.py script was used to convert
X64/CpuBreakpoint.asm to X64/CpuBreakpoint.nasm
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
The BaseTools/Scripts/ConvertMasmToNasm.py script was used to convert
X64/ReadEflags.asm to X64/ReadEflags.nasm
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
The BaseTools/Scripts/ConvertMasmToNasm.py script was used to convert
X64/ReadCr0.asm to X64/ReadCr0.nasm
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
The BaseTools/Scripts/ConvertMasmToNasm.py script was used to convert
X64/ReadCr2.asm to X64/ReadCr2.nasm
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
The BaseTools/Scripts/ConvertMasmToNasm.py script was used to convert
X64/ReadCr3.asm to X64/ReadCr3.nasm
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
The BaseTools/Scripts/ConvertMasmToNasm.py script was used to convert
X64/ReadCr4.asm to X64/ReadCr4.nasm
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
The BaseTools/Scripts/ConvertMasmToNasm.py script was used to convert
X64/WriteCr0.asm to X64/WriteCr0.nasm
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
The BaseTools/Scripts/ConvertMasmToNasm.py script was used to convert
X64/WriteCr2.asm to X64/WriteCr2.nasm
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
The BaseTools/Scripts/ConvertMasmToNasm.py script was used to convert
X64/WriteCr3.asm to X64/WriteCr3.nasm
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
The BaseTools/Scripts/ConvertMasmToNasm.py script was used to convert
X64/WriteCr4.asm to X64/WriteCr4.nasm
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
The BaseTools/Scripts/ConvertMasmToNasm.py script was used to convert
X64/ReadDr0.asm to X64/ReadDr0.nasm
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
The BaseTools/Scripts/ConvertMasmToNasm.py script was used to convert
X64/ReadDr1.asm to X64/ReadDr1.nasm
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
The BaseTools/Scripts/ConvertMasmToNasm.py script was used to convert
X64/ReadDr2.asm to X64/ReadDr2.nasm
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
The BaseTools/Scripts/ConvertMasmToNasm.py script was used to convert
X64/ReadDr3.asm to X64/ReadDr3.nasm
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
The BaseTools/Scripts/ConvertMasmToNasm.py script was used to convert
X64/ReadDr4.asm to X64/ReadDr4.nasm
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
The BaseTools/Scripts/ConvertMasmToNasm.py script was used to convert
X64/ReadDr5.asm to X64/ReadDr5.nasm
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
The BaseTools/Scripts/ConvertMasmToNasm.py script was used to convert
X64/ReadDr6.asm to X64/ReadDr6.nasm
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>