]> git.proxmox.com Git - mirror_edk2.git/blob - MdeModulePkg/Universal/Acpi/FirmwarePerformanceDataTableSmm/FirmwarePerformanceSmm.c
projects / mirror_edk2.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Fix the TOCTOU issue of CommBufferSize itself for SMM communicate handler input.
[mirror_edk2.git] / MdeModulePkg / Universal / Acpi / FirmwarePerformanceDataTableSmm / FirmwarePerformanceSmm.c
1 /** @file
2 This module collects performance data for SMM driver boot records and S3 Suspend Performance Record.
3
4 This module registers report status code listener to collect performance data
5 for SMM driver boot records and S3 Suspend Performance Record.
6
7 Caution: This module requires additional review when modified.
8 This driver will have external input - communicate buffer in SMM mode.
9 This external input must be validated carefully to avoid security issue like
10 buffer overflow, integer overflow.
11
12 FpdtSmiHandler() will receive untrusted input and do basic validation.
13
14 Copyright (c) 2011 - 2013, Intel Corporation. All rights reserved.<BR>
15 This program and the accompanying materials
16 are licensed and made available under the terms and conditions of the BSD License
17 which accompanies this distribution. The full text of the license may be found at
18 http://opensource.org/licenses/bsd-license.php
19
20 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
21 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
22
23 **/
24
25 #include <PiSmm.h>
26
27 #include <Protocol/SmmReportStatusCodeHandler.h>
28 #include <Protocol/SmmAccess2.h>
29
30 #include <Guid/FirmwarePerformance.h>
31
32 #include <Library/SmmServicesTableLib.h>
33 #include <Library/BaseLib.h>
34 #include <Library/DebugLib.h>
35 #include <Library/TimerLib.h>
36 #include <Library/LockBoxLib.h>
37 #include <Library/PcdLib.h>
38 #include <Library/BaseMemoryLib.h>
39 #include <Library/MemoryAllocationLib.h>
40 #include <Library/UefiBootServicesTableLib.h>
41 #include <Library/SynchronizationLib.h>
42
43 #define EXTENSION_RECORD_SIZE 0x1000
44
45 EFI_SMM_RSC_HANDLER_PROTOCOL *mRscHandlerProtocol = NULL;
46 UINT64 mSuspendStartTime = 0;
47 BOOLEAN mS3SuspendLockBoxSaved = FALSE;
48 UINT32 mBootRecordSize = 0;
49 UINT32 mBootRecordMaxSize = 0;
50 UINT8 *mBootRecordBuffer = NULL;
51
52 EFI_SMRAM_DESCRIPTOR *mSmramRanges;
53 UINTN mSmramRangeCount;
54 SPIN_LOCK mSmmFpdtLock;
55 BOOLEAN mSmramIsOutOfResource = FALSE;
56
57 /**
58 Report status code listener for SMM. This is used to record the performance
59 data for S3 Suspend Start and S3 Suspend End in FPDT.
60
61 @param[in] CodeType Indicates the type of status code being reported.
62 @param[in] Value Describes the current status of a hardware or software entity.
63 This included information about the class and subclass that is used to
64 classify the entity as well as an operation.
65 @param[in] Instance The enumeration of a hardware or software entity within
66 the system. Valid instance numbers start with 1.
67 @param[in] CallerId This optional parameter may be used to identify the caller.
68 This parameter allows the status code driver to apply different rules to
69 different callers.
70 @param[in] Data This optional parameter may be used to pass additional data.
71
72 @retval EFI_SUCCESS Status code is what we expected.
73 @retval EFI_UNSUPPORTED Status code not supported.
74
75 **/
76 EFI_STATUS
77 EFIAPI
78 FpdtStatusCodeListenerSmm (
79 IN EFI_STATUS_CODE_TYPE CodeType,
80 IN EFI_STATUS_CODE_VALUE Value,
81 IN UINT32 Instance,
82 IN EFI_GUID *CallerId,
83 IN EFI_STATUS_CODE_DATA *Data
84 )
85 {
86 EFI_STATUS Status;
87 UINT64 CurrentTime;
88 EFI_ACPI_5_0_FPDT_S3_SUSPEND_RECORD S3SuspendRecord;
89 UINT8 *NewRecordBuffer;
90
91 //
92 // Check whether status code is what we are interested in.
93 //
94 if ((CodeType & EFI_STATUS_CODE_TYPE_MASK) != EFI_PROGRESS_CODE) {
95 return EFI_UNSUPPORTED;
96 }
97
98 //
99 // Collect one or more Boot records in boot time
100 //
101 if (Data != NULL && CompareGuid (&Data->Type, &gEfiFirmwarePerformanceGuid)) {
102 AcquireSpinLock (&mSmmFpdtLock);
103
104 if (mBootRecordSize + Data->Size > mBootRecordMaxSize) {
105 //
106 // Try to allocate big SMRAM data to store Boot record.
107 //
108 if (mSmramIsOutOfResource) {
109 ReleaseSpinLock (&mSmmFpdtLock);
110 return EFI_OUT_OF_RESOURCES;
111 }
112 NewRecordBuffer = ReallocatePool (mBootRecordSize, mBootRecordSize + Data->Size + EXTENSION_RECORD_SIZE, mBootRecordBuffer);
113 if (NewRecordBuffer == NULL) {
114 ReleaseSpinLock (&mSmmFpdtLock);
115 mSmramIsOutOfResource = TRUE;
116 return EFI_OUT_OF_RESOURCES;
117 }
118 mBootRecordBuffer = NewRecordBuffer;
119 mBootRecordMaxSize = mBootRecordSize + Data->Size + EXTENSION_RECORD_SIZE;
120 }
121 //
122 // Save boot record into the temp memory space.
123 //
124 CopyMem (mBootRecordBuffer + mBootRecordSize, Data + 1, Data->Size);
125 mBootRecordSize += Data->Size;
126
127 ReleaseSpinLock (&mSmmFpdtLock);
128 return EFI_SUCCESS;
129 }
130
131 if ((Value != PcdGet32 (PcdProgressCodeS3SuspendStart)) &&
132 (Value != PcdGet32 (PcdProgressCodeS3SuspendEnd))) {
133 return EFI_UNSUPPORTED;
134 }
135
136 //
137 // Retrieve current time.
138 //
139 CurrentTime = GetTimeInNanoSecond (GetPerformanceCounter ());
140
141 if (Value == PcdGet32 (PcdProgressCodeS3SuspendStart)) {
142 //
143 // S3 Suspend started, record the performance data and return.
144 //
145 mSuspendStartTime = CurrentTime;
146 return EFI_SUCCESS;
147 }
148
149 //
150 // We are going to S3 sleep, record S3 Suspend End performance data.
151 //
152 S3SuspendRecord.SuspendStart = mSuspendStartTime;
153 S3SuspendRecord.SuspendEnd = CurrentTime;
154
155 //
156 // Save S3 suspend performance data to lock box, it will be used by Firmware Performance PEIM.
157 //
158 if (!mS3SuspendLockBoxSaved) {
159 Status = SaveLockBox (
160 &gEfiFirmwarePerformanceGuid,
161 &S3SuspendRecord,
162 sizeof (EFI_ACPI_5_0_FPDT_S3_SUSPEND_RECORD)
163 );
164 ASSERT_EFI_ERROR (Status);
165
166 mS3SuspendLockBoxSaved = TRUE;
167 } else {
168 Status = UpdateLockBox (
169 &gEfiFirmwarePerformanceGuid,
170 0,
171 &S3SuspendRecord,
172 sizeof (EFI_ACPI_5_0_FPDT_S3_SUSPEND_RECORD)
173 );
174 ASSERT_EFI_ERROR (Status);
175 }
176
177 return EFI_SUCCESS;
178 }
179
180 /**
181 This function check if the address is in SMRAM.
182
183 @param Buffer the buffer address to be checked.
184 @param Length the buffer length to be checked.
185
186 @retval TRUE this address is in SMRAM.
187 @retval FALSE this address is NOT in SMRAM.
188 **/
189 BOOLEAN
190 InternalIsAddressInSmram (
191 IN EFI_PHYSICAL_ADDRESS Buffer,
192 IN UINT64 Length
193 )
194 {
195 UINTN Index;
196
197 for (Index = 0; Index < mSmramRangeCount; Index ++) {
198 if (((Buffer >= mSmramRanges[Index].CpuStart) && (Buffer < mSmramRanges[Index].CpuStart + mSmramRanges[Index].PhysicalSize)) ||
199 ((mSmramRanges[Index].CpuStart >= Buffer) && (mSmramRanges[Index].CpuStart < Buffer + Length))) {
200 return TRUE;
201 }
202 }
203
204 return FALSE;
205 }
206
207 /**
208 This function check if the address refered by Buffer and Length is valid.
209
210 @param Buffer the buffer address to be checked.
211 @param Length the buffer length to be checked.
212
213 @retval TRUE this address is valid.
214 @retval FALSE this address is NOT valid.
215 **/
216 BOOLEAN
217 InternalIsAddressValid (
218 IN UINTN Buffer,
219 IN UINTN Length
220 )
221 {
222 if (Buffer > (MAX_ADDRESS - Length)) {
223 //
224 // Overflow happen
225 //
226 return FALSE;
227 }
228 if (InternalIsAddressInSmram ((EFI_PHYSICAL_ADDRESS)Buffer, (UINT64)Length)) {
229 return FALSE;
230 }
231 return TRUE;
232 }
233
234 /**
235 Communication service SMI Handler entry.
236
237 This SMI handler provides services for report SMM boot records.
238
239 Caution: This function may receive untrusted input.
240 Communicate buffer and buffer size are external input, so this function will do basic validation.
241
242 @param[in] DispatchHandle The unique handle assigned to this handler by SmiHandlerRegister().
243 @param[in] RegisterContext Points to an optional handler context which was specified when the
244 handler was registered.
245 @param[in, out] CommBuffer A pointer to a collection of data in memory that will
246 be conveyed from a non-SMM environment into an SMM environment.
247 @param[in, out] CommBufferSize The size of the CommBuffer.
248
249 @retval EFI_SUCCESS The interrupt was handled and quiesced. No other handlers
250 should still be called.
251 @retval EFI_WARN_INTERRUPT_SOURCE_QUIESCED The interrupt has been quiesced but other handlers should
252 still be called.
253 @retval EFI_WARN_INTERRUPT_SOURCE_PENDING The interrupt is still pending and other handlers should still
254 be called.
255 @retval EFI_INTERRUPT_PENDING The interrupt could not be quiesced.
256
257 **/
258 EFI_STATUS
259 EFIAPI
260 FpdtSmiHandler (
261 IN EFI_HANDLE DispatchHandle,
262 IN CONST VOID *RegisterContext,
263 IN OUT VOID *CommBuffer,
264 IN OUT UINTN *CommBufferSize
265 )
266 {
267 EFI_STATUS Status;
268 SMM_BOOT_RECORD_COMMUNICATE *SmmCommData;
269 UINTN BootRecordSize;
270 VOID *BootRecordData;
271 UINTN TempCommBufferSize;
272
273 //
274 // If input is invalid, stop processing this SMI
275 //
276 if (CommBuffer == NULL || CommBufferSize == NULL) {
277 return EFI_SUCCESS;
278 }
279
280 TempCommBufferSize = *CommBufferSize;
281
282 if(TempCommBufferSize < sizeof (SMM_BOOT_RECORD_COMMUNICATE)) {
283 return EFI_SUCCESS;
284 }
285
286 if (!InternalIsAddressValid ((UINTN)CommBuffer, TempCommBufferSize)) {
287 DEBUG ((EFI_D_ERROR, "FpdtSmiHandler: SMM communication data buffer in SMRAM or overflow!\n"));
288 return EFI_SUCCESS;
289 }
290
291 SmmCommData = (SMM_BOOT_RECORD_COMMUNICATE*)CommBuffer;
292
293 Status = EFI_SUCCESS;
294
295 switch (SmmCommData->Function) {
296 case SMM_FPDT_FUNCTION_GET_BOOT_RECORD_SIZE :
297 SmmCommData->BootRecordSize = mBootRecordSize;
298 break;
299
300 case SMM_FPDT_FUNCTION_GET_BOOT_RECORD_DATA :
301 BootRecordData = SmmCommData->BootRecordData;
302 BootRecordSize = SmmCommData->BootRecordSize;
303 if (BootRecordData == NULL || BootRecordSize < mBootRecordSize) {
304 Status = EFI_INVALID_PARAMETER;
305 break;
306 }
307
308 //
309 // Sanity check
310 //
311 SmmCommData->BootRecordSize = mBootRecordSize;
312 if (!InternalIsAddressValid ((UINTN)BootRecordData, mBootRecordSize)) {
313 DEBUG ((EFI_D_ERROR, "FpdtSmiHandler: SMM Data buffer in SMRAM or overflow!\n"));
314 Status = EFI_ACCESS_DENIED;
315 break;
316 }
317
318 CopyMem (
319 (UINT8*)BootRecordData,
320 mBootRecordBuffer,
321 mBootRecordSize
322 );
323 break;
324
325 default:
326 Status = EFI_UNSUPPORTED;
327 }
328
329 SmmCommData->ReturnStatus = Status;
330
331 return EFI_SUCCESS;
332 }
333
334 /**
335 The module Entry Point of the Firmware Performance Data Table SMM driver.
336
337 @param[in] ImageHandle The firmware allocated handle for the EFI image.
338 @param[in] SystemTable A pointer to the EFI System Table.
339
340 @retval EFI_SUCCESS The entry point is executed successfully.
341 @retval Other Some error occurs when executing this entry point.
342
343 **/
344 EFI_STATUS
345 EFIAPI
346 FirmwarePerformanceSmmEntryPoint (
347 IN EFI_HANDLE ImageHandle,
348 IN EFI_SYSTEM_TABLE *SystemTable
349 )
350 {
351 EFI_STATUS Status;
352 EFI_HANDLE Handle;
353 EFI_SMM_ACCESS2_PROTOCOL *SmmAccess;
354 UINTN Size;
355
356 //
357 // Initialize spin lock
358 //
359 InitializeSpinLock (&mSmmFpdtLock);
360
361 //
362 // Get SMM Report Status Code Handler Protocol.
363 //
364 Status = gSmst->SmmLocateProtocol (
365 &gEfiSmmRscHandlerProtocolGuid,
366 NULL,
367 (VOID **) &mRscHandlerProtocol
368 );
369 ASSERT_EFI_ERROR (Status);
370
371 //
372 // Register report status code listener for BootRecords and S3 Suspend Start and End.
373 //
374 Status = mRscHandlerProtocol->Register (FpdtStatusCodeListenerSmm);
375 ASSERT_EFI_ERROR (Status);
376
377 //
378 // Get SMRAM information
379 //
380 Status = gBS->LocateProtocol (&gEfiSmmAccess2ProtocolGuid, NULL, (VOID **)&SmmAccess);
381 ASSERT_EFI_ERROR (Status);
382
383 Size = 0;
384 Status = SmmAccess->GetCapabilities (SmmAccess, &Size, NULL);
385 ASSERT (Status == EFI_BUFFER_TOO_SMALL);
386
387 Status = gSmst->SmmAllocatePool (
388 EfiRuntimeServicesData,
389 Size,
390 (VOID **)&mSmramRanges
391 );
392 ASSERT_EFI_ERROR (Status);
393
394 Status = SmmAccess->GetCapabilities (SmmAccess, &Size, mSmramRanges);
395 ASSERT_EFI_ERROR (Status);
396
397 mSmramRangeCount = Size / sizeof (EFI_SMRAM_DESCRIPTOR);
398
399 //
400 // Register SMI handler.
401 //
402 Handle = NULL;
403 Status = gSmst->SmiHandlerRegister (FpdtSmiHandler, &gEfiFirmwarePerformanceGuid, &Handle);
404 ASSERT_EFI_ERROR (Status);
405
406 return Status;
407 }
EFI Development Kit II mirror for PVE