Commit Graph

1829 Commits

Author SHA1 Message Date
Sean Brogan d7a09cb86a MdePkg/BaseSafeIntLib: Add SafeIntLib class and instance
https://bugzilla.tianocore.org/show_bug.cgi?id=798

SafeIntLib provides helper functions to prevent integer overflow
during type conversion, addition, subtraction, and multiplication.

Conversion Functions
====================
* Converting from a signed type to an unsigned type of the same
  size, or vice-versa.
* Converting to a smaller type that could possibly overflow.
* Converting from a signed type to a larger unsigned type.

Unsigned Addition, Subtraction, Multiplication
===============================================
* Unsigned integer math functions protect from overflow and
  underflow (in case of subtraction).

Signed Addition, Subtraction, Multiplication
============================================
* Strongly consider using unsigned numbers.
* Signed numbers are often used where unsigned numbers should
  be used. For example file sizes and array indices should always
  be unsigned. Subtracting a larger positive signed number from a
  smaller positive signed number with SafeInt32Sub() will succeed,
  producing a negative number, that then must not be used as an
  array index (but can occasionally be used as a pointer index.)
  Similarly for adding a larger magnitude negative number to a
  smaller magnitude positive number.
* SafeIntLib does not protect you from such errors. It tells you
  if your integer operations overflowed, not if you are doing the
  right thing with your non-overflowed integers.
* Likewise you can overflow a buffer with a non-overflowed
  unsigned index.

Based on content from the following branch/commits:
https://github.com/Microsoft/MS_UEFI/tree/share/MsCapsuleSupport
21ef3a321c
ca516b1a61
33bab4031a

Cc: Sean Brogan <sean.brogan@microsoft.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Sean Brogan <sean.brogan@microsoft.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
2018-01-25 09:42:20 -08:00
M1cha 2117989c26 MdePkg/BaseLib: add attribute 'RETURNS_TWICE' to SetJump
When compiling with any ARM toolchain and Os, registers can get
trashed when returning for the second time from SetJump because GCC
only handles this correctly when using standard names like 'setjmp' or
'getcontext'. When different names are used you have to use the
attribute 'returns_twice' to tell gcc to be extra careful.

example:
extern int  FN_NAME(void*);

void jmp_buf_set(void *jmpb, void (*f)(void))
{
  if (!FN_NAME(jmpb))
    f();
}

this code produces this wrong code with Os:
00000000 <jmp_buf_set>:
   0: e92d4010 push {r4, lr}
   4: e1a04001 mov r4, r1
   8: ebfffffe bl 0 <nonstandard_setjmp>
   c: e3500000 cmp r0, #0
  10: 01a03004 moveq r3, r4
  14: 08bd4010 popeq {r4, lr}
  18: 012fff13 bxeq r3
  1c: e8bd4010 pop {r4, lr}
  20: e12fff1e bx lr

The generated code pushes backups of r4 and lr to the stack and then
saves all registers using nonstandard_setjmp.
Then it pops the stack and jumps to the function in r3 which is the
main problem because now the function can overwrite our register
backups on the stack.
When we return a second time from the call to nonstandard_setjmp, the
stack pointer has it's original(pushed) position and when the code
pops r4 and lr from the stack the values are not guaranteed to be the
same.

When using a standard name like setjmp or getcontext or adding
'__attribute__((returns_twice))' to nonstandard_setjmp's declaration
the code looks different:

00000000 <jmp_buf_set>:
   0: e92d4007 push {r0, r1, r2, lr}
   4: e58d1004 str r1, [sp, #4]
   8: ebfffffe bl 0 <setjmp>
   c: e3500000 cmp r0, #0
  10: 059d3004 ldreq r3, [sp, #4]
  14: 01a0e00f moveq lr, pc
  18: 012fff13 bxeq r3
  1c: e28dd00c add sp, sp, #12
  20: e49de004 pop {lr} ; (ldr lr, [sp], #4)
  24: e12fff1e bx lr

Here the problem is being solved by restoring r3 from the stack
without popping it.

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Michael Zimmermann <sigmaepsilon92@gmail.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
2018-01-10 11:42:17 +08:00
Wang, Jian J 701e8cc29a MdePkg/BasePrintLib: Fix incomplete print output
This is caused by previous patch which tried to fix string over-read,
which breaks UEFI menu rendering: the following

/------------------------------------------------------------------------------\
|                               Device Manager                                 |
\------------------------------------------------------------------------------/

is rendered as

/\
|                               Device Manager                                 |
\/.0                                                 2.00 GHz

(the spurious digits are SMBIOS data from the home screen)

The problem appears to be that the CHAR16 value of BOXDRAW_HORIZONTAL
equals 0x2500, which means that testing ArgumentString[] != '\0'
(which tests the low byte only) will yield FALSE and terminate the
loop prematurely.

Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Liming Gao <liming.gao@intel.com>
2018-01-02 16:31:19 +08:00
Jian J Wang 6805854a73 MdePkg/BasePrintLib: Fix error in Precision position calculation
Due to a potential hole in the stop condition of loop, the two continuous
access to ArgumentString (index, index+1) inside the loop might cause the
string ending character ('\0') and the byte after it to be read.

Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
2017-12-28 11:12:07 +08:00
Jian J Wang 364a54742f MdePkg/BaseLib: Add stack switch related definitions for IA32
The new definitions include two structures

  IA32_TASK_STATE_SEGMENT
  IA32_TSS_DESCRIPTOR

two macros

  IA32_GDT_TYPE_TSS
  IA32_GDT_ALIGNMENT

and one API

  VOID
  EFIAPI
  AsmWriteTr (
    IN UINT16 Selector
    );

They're needed to setup task gate and interrupt stack table for stack switch.

Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Suggested-by: Ayellet Wolman <ayellet.wolman@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Jeff Fan <vanjeff_919@hotmail.com>
Reviewed-by: Jiewen.yao@intel.com
2017-12-08 14:38:48 +08:00
Song, BinX 50de6bfb30 MdePkg: Fix MSFT C4255 warning
V2:
Fix MSFT C4255 warning
V1:
Enable MSFT C4255 warning.

From MSDN:
Compiler Warning (level 4) C4255
function' : no function prototype given: converting '()' to '(void)'
The compiler did not find an explicit list of arguments to a function.
This warning is for the C compiler only.

Cc: Liming Gao <liming.gao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Bell Song <binx.song@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
2017-11-14 18:18:48 +08:00
Zhang, Chao B 403170bbef MdePkg: Deprecate EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS
Mark EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS as deprecated. Also update
some function descriptors accordingly.

Cc: Long Qin <qin.long@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by: Long Qin <qin.long@intel.com>
2017-11-01 22:25:18 +08:00
Star Zeng 5450086c52 MdePkg HobLib: Add BuildFv3Hob API
Add BuildFv3Hob API in HobLib.h and implement the API
in HobLib instances PeiHobLib, DxeHobLib and DxeCoreHobLib.

Cc: Liming Gao <liming.gao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
2017-10-10 20:54:32 +08:00
Liming Gao 4008463de3 MdePkg: Correct BaseS3PciSegmentLib module name to match its uni file
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Liming Gao <liming.gao@intel.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
2017-10-10 18:10:17 +08:00
Liming Gao 0a8e6f7971 MdePkg BaseLib: Add new API CalculateCrc32()
CalculateCrc32() bases on the initialized mCrcTable. When CalculateCrc32()
is used, mCrcTable will take 1KB size in the image. When CalculateCrc32()
is not used, mCrcTable will not be built in the image, and no size impact.

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Liming Gao <liming.gao@intel.com>
2017-10-10 18:10:15 +08:00
Hao Wu ea0b15067c MdePkg/PrintLib: Fix possible negative value left shift
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=702

Within function InternalPrintLibSPrintMarker(), possible left shift of a
negative value is found in:
"(*(ArgumentString + 1) << 8)"

which involves undefined behavior.

Since '*(ArgumentString + 1)' is of type CONST CHAR8 (signed), it will be
promoted to type int (signed) during the left shift operation. If
'*(ArgumentString + 1)' is a negative value, the behavior will be
undefined.

According to the C11 spec, Section 6.5.7:
> 4 The result of E1 << E2 is E1 left-shifted E2 bit positions; vacated
>   bits are filled with zeros. If E1 has an unsigned type, the value
>   of the result is E1 * 2^E2 , reduced modulo one more than the
>   maximum value representable in the result type. If E1 has a signed
>   type and nonnegative value, and E1 * 2^E2 is representable in the
>   result type, then that is the resulting value; otherwise, the
>   behavior is undefined.

This commit explicitly cast '*(ArgumentString + 1)' with UINT8 to resolve
this issue.

Cc: Steven Shi <steven.shi@intel.com>
Cc: Michael Kinney <michael.d.kinney@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
2017-09-29 16:14:17 +08:00
Hao Wu 9fdf31789a MdePkg/BaseLib: Avoid reading content beyond string boundary
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=705

As mentioned in the above Bugzilla link by Steven, within the function
PathCleanUpDirectories(), when executing command:
"cd ."

under Shell, the input parameter 'Path' string will have string length
less than 2. Hence, it is possible for the below statement:
"if (StrCmp (Path + StrLen (Path) - 2, L"\\.") == 0) {"

to read contents before the string boundary.

This commit adds additional checks to avoid this.

Cc: Steven Shi <steven.shi@intel.com>
Cc: Michael Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
2017-09-21 14:06:28 +08:00
Laszlo Ersek 98a4d04e8f MdePkg/BaseIoLibIntrinsic: fix SEV (=unrolled) variants of IoWriteFifoXX()
In commit b6d11d7c46 ("MdePkg: BaseIoLibIntrinsic (IoLib class)
library", 2017-04-12), the MOV instructions in the write loops were
probably copied from the read loops. However, the operand order was not
adjusted.

As a result, the IoWriteFifoXX() routines, when invoked in SEV guests, now
overwrite the source buffer with value 0x01 / 0x0001 / 0x00000001 -- the
SevNoRepIo() function returns value 1 in EAX, in SEV guests --, and write
the same value to the target IO port.

Fix this by putting the target operand (AL / AX / EAX) first, and the
source operand (BYTE / WORD / DWORD [ESI/RSI]) second.

Cc: Brijesh Singh <brijesh.singh@amd.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Fixes: b6d11d7c46
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
Reviewed-by: Brijesh Singh <brijesh.singh@amd.com>
2017-09-11 22:28:05 +02:00
Ruiyu Ni 7d8e8474f9 MdePkg/PciSegmentLibSegmentInfo: fix typo in PciSegmentBitFieldAnd*()
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
2017-09-06 10:43:53 +08:00
Star Zeng c2ab95806b MdePkg PeiMemoryAllocationLib: Update InternalAllocateAlignedPages
Update InternalAllocateAlignedPages to use PeiServicesFreePages.

Let the InternalAllocateAlignedPages in PeiMemoryAllocationLib use
same algorithm with InternalAllocateAlignedPages in
UefiMemoryAllocationLib.

Cc: Liming Gao <liming.gao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
2017-09-04 13:45:47 +08:00
Star Zeng 2132ef05c4 MdePkg PeiMemoryAllocationLib: Update Free(Aligned)Pages
Update Free(Aligned)Pages to use PeiServicesFreePages.

Cc: Liming Gao <liming.gao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
2017-09-04 13:45:47 +08:00
Star Zeng 3f315ecd9a MdePkg PeiServicesLib: Add PeiServicesFreePages
Add PeiServicesFreePages and update
comments for PeiServicesAllocatePages.

Cc: Liming Gao <liming.gao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
2017-09-04 13:45:46 +08:00
Ruiyu Ni a2285a8963 MdePkg/S3PciSegmentLib: Add S3PciSegmentLib class and instance.
The patch adds the new library class S3PciSegmentLib to carry out
PCI configuration and enable the PCI operations to be replayed during
an S3 resume. This library class maps directly on top of the
PciSegmentLib class.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
2017-08-28 16:47:05 +08:00
Ruiyu Ni 5c9bb86f17 MdePkg/PciSegmentLib: Add instances that consumes PciSegmentInfoLib
The patch adds two PciSegmentLib instances that consumes
PciSegmentInfoLib to provide multiple segments PCI configuration
access.

BasePciSegmentLibSegmentInfo instance is a BASE library.
DxeRuntimePciSegmentLibSegmentInfo instance is to be linked with
runtime drivers to provide not only boot time but also runtime
PCI configuration access.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
2017-08-28 16:47:04 +08:00
Ruiyu Ni e457c1f65d MdePkg/PciSegmentInfoLib: Add PciSegmentInfoLib class and instance.
The patch adds PciSegmentInfoLib library class which is used
by PciSegmentLib (commit in next patch) to support multiple
segment PCI configuration access.

BasePciSegmentInfoLibNull instance is added but it shouldn't be
used by any real platform.
Any single segment platform that wants to use PciSegmentLib could
use BasePciSegmentLibPci instance.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
2017-08-28 16:47:04 +08:00
Ruiyu Ni ebdde8ff26 MdePkg/PciSegmentLib: Fix typo in function header comments
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
2017-08-28 16:47:03 +08:00
Marvin.Haeuser@outlook.com 9062381a8c MdePkg/BaseLib: Update internal LinkedList verifications.
1) Replace InternalBaseLibIsNodeInList() with
   InternalBaseLibIsListValid().
   - The verification whether Node is within the doubly-linked List
     is now done by IsNodeInList().
   - Whether the list is valid is returned.

2) The comments within InsertHeadList() and InsertTailList() stated
   that it is checked whether Entry is not part of the doubly-linked
   list. This was not done as argument 3 of
   InternalBaseLibIsNodeInList() indicated whether the check is done,
   not whether to check if the node is or is not in the list. This
   has been fixed by using IsNodeInList() for the ASSERTs.

V2:
  - Fix IsListEmpty() to ASSERT when the passed list is invalid.
  - Introduce the VERIFY_IS_NODE_IN_LIST() macro to only verify whether the
    passed node is part of the list when PcdVerifyNodeInList is TRUE.

V3:
  - Introduce the ASSERT_VERIFY_NODE_IN_VALID_LIST() macro which,
    depending on the value of PcdVerifyNodeInList, verifies whether
    SecondEntry is or is not part of the same doubly-linked list as
    FirstEntry and unconditionally verifies whether the doubly-linked
    list FirstEntry is part of is valid. This prevents
    InternalBaseLibIsListValid() from being called twice when a
    function ASSERTs via the result of IsNodeInList(), as it calls
    InternalBaseLibIsListValid() already.
  - Remove the VERIFY_IS_NODE_IN_LIST() macro in favor of
    ASSERT_VERIFY_NODE_IN_VALID_LIST().

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Marvin Haeuser <Marvin.Haeuser@outlook.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
2017-08-16 16:55:32 +08:00
Marvin.Haeuser@outlook.com d0aef615ac MdePkg/BaseLib: Add IsNodeInList() function.
This patch adds IsNodeInList() to BaseLib, which verifies the given
Node is part of the doubly-linked List provided.

V2:
  - Rename "List" to "FirstEntry" and "Node" to "SecondEntry" to clarify that
    "FirstEntry" does not need to be the doubly-linked list's head node.

V3:
  - Remove ASSERTs from IsNodeInList() which are present in
    InternalBaseLibIsListValid().

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Marvin Haeuser <Marvin.Haeuser@outlook.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
2017-08-16 16:55:30 +08:00
Jiaxin Wu 9b9d0655c1 MdePkg/UefiDevicePathLib: Add DevPathFromTextDns and DevPathToTextDns libraries
V3:
* Fix the bug in DevPathFromTextDns()

V2:
* Add no IP instance case check.

Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
2017-08-14 13:18:23 +08:00
Andrew Fish 9169c6e818 MdePkg: Fix Xcode 9 Beta treating 32-bit left shift as undefined
Bug: https://bugzilla.tianocore.org/show_bug.cgi?id=635

Cc: Liming Gao <liming.gao@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Andrew Fish <afish@apple.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
2017-08-11 08:47:00 +08:00
Star Zeng 357c48258e MdePkg DxeHstiLib: Fix memory leak issue
The Hsti returned from InternalHstiFindAip() and temporally
allocated NewHsti need to be freed after used.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
2017-07-18 10:35:36 +08:00
Ruiyu Ni ff5623e990 MdePkg/DevicePath: Add BluetoothLe device path node support
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Hao A Wu <hao.a.wu@intel.com>
2017-06-07 08:46:20 +08:00
Star Zeng 7b5d848dbf MdePkg SmmIoLib: Use NULL pointer check instead of useless Status check
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=587

The Status check in "if (!EFI_ERROR (Status))" condition is useless,
it should be NULL pointer check. And this patch also fixes a typo
"continous" to "continuous".

Cc: Jiewen Yao <jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
2017-06-06 09:07:10 +08:00
Star Zeng 1a0ad70ee1 MdePkg SmmMemLib: Remove ASSERT in SmmIsBufferOutsideSmmValid
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=577

Currently the SmmIsBufferOutsideSmmValid() function in SmmMemLib.c will
ASSERT in certain conditions. Since this function is a "test" function,
it should not be making decisions on how to handle a failure.
Handling a failure should be left to the caller.

This patch is to remove ASSERT(FALSE) at line 178 of SmmMemLib.c.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Bret Barkelew <bret.barkelew@microsoft.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
2017-06-06 09:07:09 +08:00
Hao Wu b1d4b9651e MdePkg/BasePrintLib: Avoid reading content beyond the format string
https://bugzilla.tianocore.org/show_bug.cgi?id=567

In function BasePrintLibSPrintMarker(), when processing ASCII format
strings, if the format string walker pointer 'Format' is pointing at the
end of the format string (i.e. '\0'), the following expression:
*(Format + 1)
will read an undefined value.

Though this value won't affect the functionality, since it will be masked
by variable 'FormatMask':
(*(Format + 1) << 8)) & FormatMask
(FormatMask is 0xff for ASCII format string)

This commit adds additional logic to avoid reading undefined content.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
2017-06-01 08:46:31 +08:00
Hao Wu 4fc8277133 MdePkg/DevicePathLib: Reverse the byte order of BD_ADDR for Bluetooth
For the following two functions:
DevPathFromTextBluetooth()
DevPathToTextBluetooth()

The Bluetooth device address "UINT8  Address[6]" is displayed with the
order from Address[5] to Address[0]. This commit reverses the order.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
2017-05-31 10:28:41 +08:00
Star Zeng d7b96017cc MdePkg DxeServicesLib: Handle potential NULL FvHandle
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=514

The FvHandle input to InternalGetSectionFromFv() may be NULL,
then ASSERT will appear. It is because the LoadedImage->DeviceHandle
returned from InternalImageHandleToFvHandle() may be NULL.
For example for DxeCore, there is LoadedImage protocol installed
for it, but the LoadedImage->DeviceHandle could not be initialized
before the FV2 (contain DxeCore) protocol is installed.

This patch is to update InternalGetSectionFromFv() to return
EFI_NOT_FOUND directly for NULL FvHandle.

Cc: Liming Gao <liming.gao@intel.com>
Cc: Michael Kinney <michael.d.kinney@intel.com>
Cc: Michael Turner <Michael.Turner@microsoft.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
2017-05-08 08:57:03 +08:00
Jiewen Yao f932073831 MdePkg/SmmIoLib: Add sample instance.
The sample instance check if IO resource is valid
one defined in GCD.
A platform may choose add more check to exclude some
other IO resource.

Cc: Jeff Fan <jeff.fan@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
Reviewed-by: Jeff Fan <jeff.fan@intel.com>
2017-04-26 09:22:20 +08:00
Jeff Fan 9e981317be PeCoffGetEntryPointLib: Fix spelling issue
*Serach* should be *Search*

Cc: Liming Gao <liming.gao@intel.com>
Cc: Feng Tian <feng.tian@intel.com>
Cc: Michael Kinney <michael.d.kinney@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jeff Fan <jeff.fan@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
2017-04-26 08:58:18 +08:00
Hao Wu 458cd568b6 MdePkg/UefiLib: Avoid mis-calculate of graphic console size
The commit adds check in function InternalPrintGraphic() to ensure that
the expression:

Blt->Width * Blt->Height * sizeof (EFI_GRAPHICS_OUTPUT_BLT_PIXEL)

will not overflow in the UINTN range.

The commit also adds an explicit UINT32 type cast for 'Blt->Width' to
avoid possible overflow in the int range for:

Blt->Width * Blt->Height

Since both Blt->Width and Blt->Height are of type UINT16. They will be
promoted to int (signed) first, and then perform the multiplication
operation. If the result of multiplication between Blt->Width and
Blt->Height exceeds the range of type int, a potential incorrect size will
be passed into function AllocateZeroPool().

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
2017-04-14 13:16:05 +08:00
Leo Duran b6d11d7c46 MdePkg: BaseIoLibIntrinsic (IoLib class) library
This patch adds an SEV-specific .INF and corresponding assembly
files, to unroll REP INSx/OUTSx on IoRead/WriteFifo#() routines
when the SEV feature is enabled under a hypervisor environment.

The new .INF only supports the IA32 and X64 architectures.

Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
Signed-off-by: Leo Duran <leo.duran@amd.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
2017-04-13 13:16:00 +08:00
Jeff Fan 412e9dea4b MdePkg/PeCoffGetEntryPointLib: Add PeCoffSerachImageBase()
This new API only works on DEBUG build. It will search the PE/COFF image base
forward the input address in this PE/COFF image and returns it.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Michael Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jeff Fan <jeff.fan@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
2017-04-07 09:43:36 +08:00
Hao Wu 973f8862f2 MdePkg: Convert files to CRLF line ending
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
2017-04-06 15:43:27 +08:00
Jiaxin Wu 7571a1c191 MdePkg/UefiDevicePathLib: Refine the DevPathFromTextiSCSI protocol parsing
For current iSCSI protocol parsing, UINT16 truncation may be happened. Since
the Spec already have declaimed that 0 is TCP Protocol and 1+ is reserved, the
parsing can be refined as below:

  if (StrCmp (ProtocolStr, L"TCP") == 0) {
    ISCSIDevPath->NetworkProtocol = 0;
  } else {
    //
    // Undefined and reserved.
    //
    ISCSIDevPath->NetworkProtocol = 1;
  }

Cc: Warner Losh <imp@bsdimp.com>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Warner Losh <imp@bsdimp.com>
2017-03-30 11:32:24 +08:00
Ruiyu Ni 647636e175 MdePkg/DevicePathLib: Fix FromText bug for multi-instance devicepath
UefiDevicePathLibConvertTextToDevicePath correctly detects when it
has hit a ',' splicing together multiple paths. However, the code
that tries to cope with it:
{code}
if (IsInstanceEnd) {
  DeviceNode = (EFI_DEVICE_PATH_PROTOCOL *) AllocatePool (
                                   END_DEVICE_PATH_LENGTH);
  ASSERT (DeviceNode != NULL);
  SetDevicePathEndNode (DeviceNode);

  NewDevicePath = AppendDevicePathNode (DevicePath, DeviceNode);
  FreePool (DevicePath);
  FreePool (DeviceNode);
  DevicePath = NewDevicePath;
}
{code}
causes a problem. The END node that's appended it the node for the
entire list. So when the node is appended in AppendDevicePathNode,
it winds up disappearing. This leads to the path
'PciRoot(0x0),PciRoot(0x0)' parsing as if 'PciRoot(0x0)/PciRoot(0x0)'
were specified. These are two very different things.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Warner Losh <imp@bsdimp.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
2017-03-23 13:11:32 +08:00
Jiaxin Wu 2d67f2bae3 MdePkg/UefiDevicePathLib: Fix the wrong MAC address length
Network interface type should be checked before the conversion between
text device path node and MAC device path. Otherwise, the MAC text string
can't be converted to the representation of a device node, which leads to
the series failure of network HII configuration(e.g. IP, VLAN, HTTP Boot
configuration in Network Device List).

Cc: Liming Gao <liming.gao@intel.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
2017-03-15 15:01:39 +08:00
Jiewen Yao 091e902bd3 MdePkg/SmiHandlerProfile: Add Context support in Unregister
The reason is that we observe that a platform may use same Handler
for different context.

In order to support Unregister such handler, we have to input
context information as well.

Cc: Jeff Fan <jeff.fan@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Bret Barkelew <Bret.Barkelew@microsoft.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Jeff Fan <jeff.fan@intel.com>
Reviewed-by: Feng Tian <feng.tian@intel.com>
2017-03-13 16:04:11 +08:00
Hao Wu 5923ef9217 MdePkg/BasePrintLib: Refine the comment for AsciiValueToStringS API
The commit refines the comment description for PrintLib API
AsciiValueToStringS.

This API will not ASSERT when the input/output parameter 'Buffer' is not
aligned on a 16-bit boundary.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
2017-03-13 11:09:23 +08:00
Ruiyu Ni 5b0ce08a3e MdePkg/SafeString.c: Fix code to be more readable
The change doesn't impact the functionality.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Hao A Wu <hao.a.wu@intel.com>
2017-03-07 13:14:17 +08:00
Hao Wu 95ba3d92dc MdePkg: Refine casting expression result to bigger size
There are cases that the operands of an expression are all with rank less
than UINT64/INT64 and the result of the expression is explicitly cast to
UINT64/INT64 to fit the target size.

An example will be:
UINT32 a,b;
// a and b can be any unsigned int type with rank less than UINT64, like
// UINT8, UINT16, etc.
UINT64 c;
c = (UINT64) (a + b);

Some static code checkers may warn that the expression result might
overflow within the rank of "int" (integer promotions) and the result is
then cast to a bigger size.

The commit refines codes by the following rules:
1). When the expression is possible to overflow the range of unsigned int/
int:
c = (UINT64)a + b;

2). When the expression will not overflow within the rank of "int", remove
the explicit type casts:
c = a + b;

3). When the expression will be cast to pointer of possible greater size:
UINT32 a,b;
VOID *c;
c = (VOID *)(UINTN)(a + b); --> c = (VOID *)((UINTN)a + b);

4). When one side of a comparison expression contains only operands with
rank less than UINT32:
UINT8 a;
UINT16 b;
UINTN c;
if ((UINTN)(a + b) > c) {...} --> if (((UINT32)a + b) > c) {...}

For rule 4), if we remove the 'UINTN' type cast like:
if (a + b > c) {...}
The VS compiler will complain with warning C4018 (signed/unsigned
mismatch, level 3 warning) due to promoting 'a + b' to type 'int'.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2017-03-06 14:18:45 +08:00
Hao Wu 342fdb6eaa MdePkg/BasePrintLib: Add deprecated flag for APIs [A|U]ValueToString
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
2017-03-02 09:59:21 +08:00
Ruiyu Ni 96d3713578 MdePkg/UefiDevicePathLib: Use BaseLib string conversion services
Update UefiDevicePathLib to use StrToGuid/StrHexToBytes
/StrToIpv4Address/StrToIpv6Address provided by BaseLib.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
2017-02-28 11:30:33 +08:00
Ruiyu Ni fb4dd857c1 MdePkg/BaseLib: Add AsciiStrToGuid/HexToBytes/ToIpv[4/6]Address
The patch adds 4 APIs to convert ASCII string to GUID, bytes
buffer, IP v4 address and IP v6 address.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
2017-02-28 11:30:33 +08:00
Ruiyu Ni 36396ea2e3 MdePkg/BaseLib: Add StrToGuid/StrHexToBytes/StrToIpv[4/6]Address
The patch adds 4 APIs to convert Unicode string to GUID, bytes
buffer, IP v4 address and IP v6 address.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
2017-02-28 11:30:32 +08:00
Ruiyu Ni 83451aea74 MdePkg/UefiDevicePathLib: Rename StrToGuid to avoid link failure
Since the next patch will add StrToGuid in BaseLib, renaming the
internal function StrToGuid to DevicePathLibStrToGuid to avoid
link failure.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
2017-02-28 11:30:32 +08:00