diff options
| author | Star Zeng <star.zeng@intel.com> | 2016-12-09 14:47:03 +0800 |
|---|---|---|
| committer | Star Zeng <star.zeng@intel.com> | 2016-12-12 09:22:18 +0800 |
| commit | fcf93f786111a74ad4b081125a657c9db92d053d (patch) | |
| tree | 9891d413135a42ca8d5b3a3ce03fc8fa40dd8810 | |
| parent | 472a3f04b97983912f6f7648896aa4478b2affc4 (diff) | |
| download | edk2-fcf93f786111a74ad4b081125a657c9db92d053d.zip edk2-fcf93f786111a74ad4b081125a657c9db92d053d.tar.gz edk2-fcf93f786111a74ad4b081125a657c9db92d053d.tar.bz2 | |
MdeModulePkg VariableSmm: Do not need check CommBufferSize buffer
Current code in SmmVariableHandler() checks CommBufferSize
buffer to make sure it points to outside SMRAM in
"case SMM_VARIABLE_FUNCTION_GET_STATISTICS".
But after eaae7b33b1cf6b9f21db1636f219c2b6a8d88afd,
CommBufferSize buffer points to SMRAM that was used by
SMM core to cache CommSize from SmmCommunication protocol,
then the check will fail definitely and GET_STATISTICS
feature breaks.
In fact, do not need check CommBufferSize buffer at all
even before eaae7b33b1cf6b9f21db1636f219c2b6a8d88afd.
Before eaae7b33b1cf6b9f21db1636f219c2b6a8d88afd,
CommBufferSize buffer pointed to gSmmCorePrivate->BufferSize
that is outside SMRAM, the check will success definitely;
after eaae7b33b1cf6b9f21db1636f219c2b6a8d88afd,
CommBufferSize buffer points to local variable BufferSize
(in SMRAM) in SmmEntryPoint(), the check is not needed
definitely.
The patch is to remove the check.
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jeff Fan <jeff.fan@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
(cherry picked from commit 62016c1e898434a0326f658912b1e7e0a9c5575e)
| -rw-r--r-- | MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c | 9 |
1 files changed, 4 insertions, 5 deletions
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c index fb16af3..7fe68cb 100644 --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c @@ -696,11 +696,10 @@ SmmVariableHandler ( // It is covered by previous CommBuffer check
//
- if (!SmmIsBufferOutsideSmmValid ((EFI_PHYSICAL_ADDRESS)(UINTN)CommBufferSize, sizeof(UINTN))) {
- DEBUG ((EFI_D_ERROR, "GetStatistics: SMM communication buffer in SMRAM!\n"));
- Status = EFI_ACCESS_DENIED;
- goto EXIT;
- }
+ //
+ // Do not need to check CommBufferSize buffer as it should point to SMRAM
+ // that was used by SMM core to cache CommSize from SmmCommunication protocol.
+ //
Status = SmmVariableGetStatistics (VariableInfo, &InfoSize);
*CommBufferSize = InfoSize + SMM_VARIABLE_COMMUNICATE_HEADER_SIZE;
|