Change in coreboot[master]: cpu/x86/smm: Add overflow check

List overview All Threads
Download

newer

older

Change in coreboot[master]:...

Nico Huber (Code Review)

7 Feb 2020 7 Feb '20

7:13 p.m.

Hello Kyösti Mälkki, Aaron Durbin, Arthur Heymans, cedarhouse1@comcast.net,

I'd like you to do a code review. Please visit

https://review.coreboot.org/c/coreboot/+/38763

to review the following change.

Change subject: cpu/x86/smm: Add overflow check ......................................................................

cpu/x86/smm: Add overflow check

Rather bail out than run into undefined behavior.

Change-Id: Ife26a0abed0ce6bcafe1e7cd8f499618631c4df4 Signed-off-by: Nico Huber nico.h@gmx.de --- M src/cpu/x86/smm/smm_module_loader.c 1 file changed, 2 insertions(+), 0 deletions(-)

git pull ssh://review.coreboot.org:29418/coreboot refs/changes/63/38763/1

diff --git a/src/cpu/x86/smm/smm_module_loader.c b/src/cpu/x86/smm/smm_module_loader.c index a421436..81020a4 100644 --- a/src/cpu/x86/smm/smm_module_loader.c +++ b/src/cpu/x86/smm/smm_module_loader.c @@ -202,6 +202,8 @@ /* Adjust remaining size to account for save state. */ total_save_state_size = params->per_cpu_save_state_size * params->num_concurrent_save_states; + if (total_save_state_size > size) + return -1; size -= total_save_state_size;

/* The save state size encroached over the first SMM entry point. */

Attachments:

attachment.htm (text/html — 2.9 KB)

Show replies by date

Kyösti Mälkki (Code Review)

8 Feb 8 Feb

10:26 a.m.

Kyösti Mälkki has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/38763 )

Change subject: cpu/x86/smm: Add overflow check ......................................................................

Patch Set 1:

I am not sure if rest of the code survives if SMM stub is left uninstalled. I decided to abandon x86-smm-tseg topic now, but there are some static uses of IS_ENABLED(HAVE_SMI_HANDLER) that might take bad route. Maybe even die()?

-- To view, visit https://review.coreboot.org/c/coreboot/+/38763 To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Change-Id: Ife26a0abed0ce6bcafe1e7cd8f499618631c4df4 Gerrit-Change-Number: 38763 Gerrit-PatchSet: 1 Gerrit-Owner: Nico Huber nico.h@gmx.de Gerrit-Reviewer: Aaron Durbin adurbin@chromium.org Gerrit-Reviewer: Arthur Heymans arthur@aheymans.xyz Gerrit-Reviewer: Kyösti Mälkki kyosti.malkki@gmail.com Gerrit-Reviewer: build bot (Jenkins) no-reply@coreboot.org Gerrit-Reviewer: cedarhouse1@comcast.net Gerrit-Comment-Date: Sat, 08 Feb 2020 10:26:03 +0000 Gerrit-HasComments: No Gerrit-Has-Labels: No Gerrit-MessageType: comment

Patrick Rudolph (Code Review)

12:10 p.m.

Patrick Rudolph has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/38763 )

Change subject: cpu/x86/smm: Add overflow check ......................................................................

Patch Set 1: Code-Review+2

-- To view, visit https://review.coreboot.org/c/coreboot/+/38763 To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Change-Id: Ife26a0abed0ce6bcafe1e7cd8f499618631c4df4 Gerrit-Change-Number: 38763 Gerrit-PatchSet: 1 Gerrit-Owner: Nico Huber nico.h@gmx.de Gerrit-Reviewer: Aaron Durbin adurbin@chromium.org Gerrit-Reviewer: Arthur Heymans arthur@aheymans.xyz Gerrit-Reviewer: Kyösti Mälkki kyosti.malkki@gmail.com Gerrit-Reviewer: Patrick Rudolph siro@das-labor.org Gerrit-Reviewer: build bot (Jenkins) no-reply@coreboot.org Gerrit-Reviewer: cedarhouse1@comcast.net Gerrit-Comment-Date: Sat, 08 Feb 2020 12:10:04 +0000 Gerrit-HasComments: No Gerrit-Has-Labels: Yes Gerrit-MessageType: comment

Angel Pons (Code Review)

6:22 p.m.

Angel Pons has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/38763 )

Change subject: cpu/x86/smm: Add overflow check ......................................................................

Patch Set 1: Code-Review+2

-- To view, visit https://review.coreboot.org/c/coreboot/+/38763 To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Change-Id: Ife26a0abed0ce6bcafe1e7cd8f499618631c4df4 Gerrit-Change-Number: 38763 Gerrit-PatchSet: 1 Gerrit-Owner: Nico Huber nico.h@gmx.de Gerrit-Reviewer: Aaron Durbin adurbin@chromium.org Gerrit-Reviewer: Angel Pons th3fanbus@gmail.com Gerrit-Reviewer: Arthur Heymans arthur@aheymans.xyz Gerrit-Reviewer: Kyösti Mälkki kyosti.malkki@gmail.com Gerrit-Reviewer: Patrick Rudolph siro@das-labor.org Gerrit-Reviewer: build bot (Jenkins) no-reply@coreboot.org Gerrit-Reviewer: cedarhouse1@comcast.net Gerrit-Comment-Date: Sat, 08 Feb 2020 18:22:48 +0000 Gerrit-HasComments: No Gerrit-Has-Labels: Yes Gerrit-MessageType: comment

Name of user not set (Code Review)

11:43 p.m.

cedarhouse1@comcast.net has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/38763 )

Change subject: cpu/x86/smm: Add overflow check ......................................................................

Patch Set 1: Code-Review+1

-- To view, visit https://review.coreboot.org/c/coreboot/+/38763 To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Change-Id: Ife26a0abed0ce6bcafe1e7cd8f499618631c4df4 Gerrit-Change-Number: 38763 Gerrit-PatchSet: 1 Gerrit-Owner: Nico Huber nico.h@gmx.de Gerrit-Reviewer: Aaron Durbin adurbin@chromium.org Gerrit-Reviewer: Angel Pons th3fanbus@gmail.com Gerrit-Reviewer: Arthur Heymans arthur@aheymans.xyz Gerrit-Reviewer: Kyösti Mälkki kyosti.malkki@gmail.com Gerrit-Reviewer: Patrick Rudolph siro@das-labor.org Gerrit-Reviewer: build bot (Jenkins) no-reply@coreboot.org Gerrit-Reviewer: cedarhouse1@comcast.net Gerrit-CC: Paul Menzel paulepanter@users.sourceforge.net Gerrit-Comment-Date: Sat, 08 Feb 2020 23:43:19 +0000 Gerrit-HasComments: No Gerrit-Has-Labels: Yes Gerrit-MessageType: comment

Nico Huber (Code Review)

9 Feb 9 Feb

5:49 p.m.

Nico Huber has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/38763 )

Change subject: cpu/x86/smm: Add overflow check ......................................................................

Patch Set 1:

...

I am not sure if rest of the code survives if SMM stub is left uninstalled. I decided to abandon x86-smm-tseg topic now, but there are some static uses of IS_ENABLED(HAVE_SMI_HANDLER) that might take bad route. Maybe even die()?

Not sure either, but I'm not going to test all platforms that use this code. Also, the function is full of `return -1;` in the error paths, so that's up to the caller.

-- To view, visit https://review.coreboot.org/c/coreboot/+/38763 To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Change-Id: Ife26a0abed0ce6bcafe1e7cd8f499618631c4df4 Gerrit-Change-Number: 38763 Gerrit-PatchSet: 1 Gerrit-Owner: Nico Huber nico.h@gmx.de Gerrit-Reviewer: Aaron Durbin adurbin@chromium.org Gerrit-Reviewer: Angel Pons th3fanbus@gmail.com Gerrit-Reviewer: Arthur Heymans arthur@aheymans.xyz Gerrit-Reviewer: Kyösti Mälkki kyosti.malkki@gmail.com Gerrit-Reviewer: Nico Huber nico.h@gmx.de Gerrit-Reviewer: Patrick Rudolph siro@das-labor.org Gerrit-Reviewer: build bot (Jenkins) no-reply@coreboot.org Gerrit-Reviewer: cedarhouse1@comcast.net Gerrit-CC: Paul Menzel paulepanter@users.sourceforge.net Gerrit-Comment-Date: Sun, 09 Feb 2020 17:49:46 +0000 Gerrit-HasComments: No Gerrit-Has-Labels: No Gerrit-MessageType: comment

Nico Huber (Code Review)

5:49 p.m.

Nico Huber has submitted this change. ( https://review.coreboot.org/c/coreboot/+/38763 )

Change subject: cpu/x86/smm: Add overflow check ......................................................................

cpu/x86/smm: Add overflow check

Rather bail out than run into undefined behavior.

Change-Id: Ife26a0abed0ce6bcafe1e7cd8f499618631c4df4 Signed-off-by: Nico Huber nico.h@gmx.de Reviewed-on: https://review.coreboot.org/c/coreboot/+/38763 Tested-by: build bot (Jenkins) no-reply@coreboot.org Reviewed-by: Patrick Rudolph siro@das-labor.org Reviewed-by: Angel Pons th3fanbus@gmail.com Reviewed-by: cedarhouse1@comcast.net --- M src/cpu/x86/smm/smm_module_loader.c 1 file changed, 2 insertions(+), 0 deletions(-)

Approvals: build bot (Jenkins): Verified Patrick Rudolph: Looks good to me, approved Angel Pons: Looks good to me, approved cedarhouse1@comcast.net: Looks good to me, but someone else must approve

/* The save state size encroached over the first SMM entry point. */

-- To view, visit https://review.coreboot.org/c/coreboot/+/38763 To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Change-Id: Ife26a0abed0ce6bcafe1e7cd8f499618631c4df4 Gerrit-Change-Number: 38763 Gerrit-PatchSet: 2 Gerrit-Owner: Nico Huber nico.h@gmx.de Gerrit-Reviewer: Aaron Durbin adurbin@chromium.org Gerrit-Reviewer: Angel Pons th3fanbus@gmail.com Gerrit-Reviewer: Arthur Heymans arthur@aheymans.xyz Gerrit-Reviewer: Kyösti Mälkki kyosti.malkki@gmail.com Gerrit-Reviewer: Nico Huber nico.h@gmx.de Gerrit-Reviewer: Patrick Rudolph siro@das-labor.org Gerrit-Reviewer: build bot (Jenkins) no-reply@coreboot.org Gerrit-Reviewer: cedarhouse1@comcast.net Gerrit-CC: Paul Menzel paulepanter@users.sourceforge.net Gerrit-MessageType: merged

9elements QA (Code Review)

6:26 p.m.

9elements QA has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/38763 )

Change subject: cpu/x86/smm: Add overflow check ......................................................................

Patch Set 2:

Automatic boot test returned (PASS/FAIL/TOTAL): 3/0/3 Emulation targets: EMULATION_QEMU_X86_Q35 using payload TianoCore : SUCCESS : https://lava.9esec.io/r/514 EMULATION_QEMU_X86_Q35 using payload SeaBIOS : SUCCESS : https://lava.9esec.io/r/513 EMULATION_QEMU_X86_I440FX using payload SeaBIOS : SUCCESS : https://lava.9esec.io/r/512

Please note: This test is under development and might not be accurate at all!

-- To view, visit https://review.coreboot.org/c/coreboot/+/38763 To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings Gerrit-Project: coreboot Gerrit-Branch: master Gerrit-Change-Id: Ife26a0abed0ce6bcafe1e7cd8f499618631c4df4 Gerrit-Change-Number: 38763 Gerrit-PatchSet: 2 Gerrit-Owner: Nico Huber nico.h@gmx.de Gerrit-Reviewer: Aaron Durbin adurbin@chromium.org Gerrit-Reviewer: Angel Pons th3fanbus@gmail.com Gerrit-Reviewer: Arthur Heymans arthur@aheymans.xyz Gerrit-Reviewer: Kyösti Mälkki kyosti.malkki@gmail.com Gerrit-Reviewer: Nico Huber nico.h@gmx.de Gerrit-Reviewer: Patrick Rudolph siro@das-labor.org Gerrit-Reviewer: build bot (Jenkins) no-reply@coreboot.org Gerrit-Reviewer: cedarhouse1@comcast.net Gerrit-CC: 9elements QA hardwaretestrobot@gmail.com Gerrit-CC: Paul Menzel paulepanter@users.sourceforge.net Gerrit-Comment-Date: Sun, 09 Feb 2020 18:26:15 +0000 Gerrit-HasComments: No Gerrit-Has-Labels: No Gerrit-MessageType: comment

1563

days inactive

1565

days old

coreboot-gerrit@coreboot.org

7 comments

6 participants

tags (0)

participants (6)

9elements QA (Code Review)
Angel Pons (Code Review)
Kyösti Mälkki (Code Review)
Name of user not set (Code Review)
Nico Huber (Code Review)
Patrick Rudolph (Code Review)