There are cases that the operands of an expression are all with rank less
than UINT64/INT64 and the result of the expression is explicitly cast to
UINT64/INT64 to fit the target size.
An example will be:
UINT32 a,b;
// a and b can be any unsigned int type with rank less than UINT64, like
// UINT8, UINT16, etc.
UINT64 c;
c = (UINT64) (a + b);
Some static code checkers may warn that the expression result might
overflow within the rank of "int" (integer promotions) and the result is
then cast to a bigger size.
The commit refines codes by the following rules:
1). When the expression is possible to overflow the range of unsigned int/
int:
c = (UINT64)a + b;
2). When the expression will not overflow within the rank of "int", remove
the explicit type casts:
c = a + b;
3). When the expression will be cast to pointer of possible greater size:
UINT32 a,b;
VOID *c;
c = (VOID *)(UINTN)(a + b); --> c = (VOID *)((UINTN)a + b);
4). When one side of a comparison expression contains only operands with
rank less than UINT32:
UINT8 a;
UINT16 b;
UINTN c;
if ((UINTN)(a + b) > c) {...} --> if (((UINT32)a + b) > c) {...}
For rule 4), if we remove the 'UINTN' type cast like:
if (a + b > c) {...}
The VS compiler will complain with warning C4018 (signed/unsigned
mismatch, level 3 warning) due to promoting 'a + b' to type 'int'.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Feng Tian <feng.tian@intel.com>
If the UEFI image is page aligned, the image code section is set to read
only and the image data section is set to non-executable.
1) This policy is applied for all UEFI image including boot service driver,
runtime driver or application.
2) This policy is applied only if the UEFI image meets the page alignment
requirement.
3) This policy is applied only if the Source UEFI image matches the
PcdImageProtectionPolicy definition.
4) This policy is not applied to the non-PE image region.
The DxeCore calls CpuArchProtocol->SetMemoryAttributes() to protect
the image. If the CpuArch protocol is not installed yet, the DxeCore
enqueues the protection request. Once the CpuArch is installed, the
DxeCore dequeues the protection request and applies policy.
Once the image is unloaded, the protection is removed automatically.
The UEFI runtime image protection is teared down at ExitBootServices(),
the runtime image code relocation need write code segment at
SetVirtualAddressMap(). We cannot assume OS/Loader has taken over
page table at that time.
NOTE: It is per-requisite that code section and data section
should not be not merged. That is same criteria for SMM/runtime driver.
We are not able to detect during BIOS boot, because
we can only get LINK warning below:
"LINK : warning LNK4254: section '.data' (C0000040) merged into
'.text' (60000020) with different attributes"
But final attribute in PE code section is same.
Cc: Star Zeng <star.zeng@intel.com>
Cc: Feng Tian <feng.tian@intel.com>
Cc: Michael Kinney <michael.d.kinney@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Jeff Fan <jeff.fan@intel.com>
Tested-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
- abstrated to abstracted
- accessibla to accessible
- addres to address
- apropriate to appropriate
- arry to array
- availabe to available
- avaliable to available
- becasue to because
- correponding to corresponding
- etablished to established
- exeuction to execution
- extensiable to extensible
- fileds to fields
- loadding to loading
- ptototypes to prototypes
- prococol protocol
- requried to required
- resoruce to resource
- runing to running
- uild to build
Cc: Star Zeng <star.zeng@intel.com>
Cc: Feng Tian <feng.tian@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Giri P Mudusuru <giri.p.mudusuru@intel.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Feng Tian <feng.tian@intel.com>
UEFI Spec HTTP Boot Device Path, after retrieving the boot resource
information, the BootURI device path node will be updated to include
the BootURI information. It means the device path on the child handle
will be updated after the LoadFile() service is called.
To handle this case, DxeCore LoadImage() service is updated as the below:
1) Get Device handle based on Device Path
2) Call LoadFile() service (GetFileBufferByFilePath() API) to get Load File Buffer.
3) Retrieve DevicePath from Device handle
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Liming Gao <liming.gao@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17799 6f19259b-4bc3-4df7-8a09-765794883524
Use if (Image->Started) condition judgement before call to
UnregisterMemoryProfileImage() in CoreUnloadAndCloseImage().
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17597 6f19259b-4bc3-4df7-8a09-765794883524
1. Update SecurityManagementLib to support SAP2 and SAP services.
2. Update SecurityStub driver to produce SAP2 and SAP protocol both.
3. Update DxeCore and SmmCore to use SAP2 and SAP service to verify Image.
4. Update DxeCore ConnectController() to use SAP2 service to check user permission.
Signed-off-by: Liming Gao <liming.gao@intel.com>
Reviewed-by: Guo Dong <dong.guo@intel.com>
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13660 6f19259b-4bc3-4df7-8a09-765794883524
1. For LoadImage() service, EFI_ACCESS_DENIED return status is added, and EFI_SECURITY_VIOLATION return status description is updated. Meanwhile, EFI_PE32_IMAGE_PROTOCOL. LoadPeImage() in MdeModulePkg is also updated to match LoadImage() service.
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@11306 6f19259b-4bc3-4df7-8a09-765794883524
EFI_SIGNATURE_16 -> SIGNATURE_16
EFI_SIGNATURE_32 -> SIGNATURE_32
EFI_SIGNATURE_64 -> SIGNATURE_64
EFI_FIELD_OFFSET -> OFFSET_OF
EFI_MAX_BIT -> MAX_BIT
EFI_MAX_ADDRESS -> MAX_ADDRESS
These macros are not defined in UEFI spec. It makes more sense to use the equivalent macros in Base.h to avoid alias.
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@7056 6f19259b-4bc3-4df7-8a09-765794883524
Hao Wu
Jiewen Yao
Gary Lin
Giri P Mudusuru
Liming Gao
Star Zeng
Eric Dong
lzeng14
lgao4
ydong10
niruiyu
mdkinney
hhtian
jchen20
rsun3
erictian
qhuang8
eric_tian
gikidy
jji4
qwang12