Skip to content

BdsBoot: use better device descriptions #4

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
jackpot51 merged 3 commits into from
Jan 25, 2020
Merged

BdsBoot: use better device descriptions #4

jackpot51 merged 3 commits into from
Jan 25, 2020
+1,383 −91

Conversation

@crawfxrd
Copy link
Member

@crawfxrd crawfxrd commented Jan 24, 2020
edited
Loading

Pick commits from upstream to fix device names.

Resolves: system76/firmware-open#36

crawfxrd and others added 3 commits January 24, 2020 13:37
@crawfxrd
Revert "Read device name using ComponentNameProtocol"
88adf39 
This reverts commit a45f569.
@MrChromebox @crawfxrd
GenericBdsLib: add BmBootDescription from UefiBootManagerLib
76da61a 
Copy BmBootDescription from MdeModulePkg/UefiBootManagerLib,
removing appending of serial # since it makes descriptions
unweildy.

Signed-off-by: Matt DeVillier <matt.devillier@gmail.com>
@MrChromebox @crawfxrd
BdsBoot: use better device descriptions
742b06b 
Query boot devices and obtain make/model info if
available. Prefix description with device type
for better identification.

Signed-off-by: Matt DeVillier <matt.devillier@gmail.com>
@crawfxrd crawfxrd marked this pull request as ready for review January 24, 2020 20:43
@crawfxrd crawfxrd requested a review from jackpot51 January 24, 2020 20:54
@jackpot51 jackpot51 merged commit 4827b26 into system76 Jan 25, 2020
@jackpot51 jackpot51 deleted the boot-device-name branch January 25, 2020 03:13
@crawfxrd crawfxrd mentioned this pull request Jan 27, 2020
Merged
jackpot51 pushed a commit that referenced this pull request Mar 5, 2024
@Flickdm @mergify
NetworkPkg: Ip6Dxe: SECURITY PATCH CVE-2023-45232 Patch
4df0229 
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=4537
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=4538

Bug Details:
PixieFail Bug #4
CVE-2023-45232
CVSS 7.5 : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')

Infinite loop when parsing unknown options in the Destination Options
header

PixieFail Bug #5
CVE-2023-45233
CVSS 7.5 : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')

Infinite loop when parsing a PadN option in the Destination Options
header

Change Overview:

Most importantly this change corrects the following incorrect math
and cleans up the code.

>   // It is a PadN option
>   //
> - Offset = (UINT8)(Offset + *(Option + Offset + 1) + 2);
> + OptDataLen = ((EFI_IP6_OPTION *)(Option + Offset))->Length;
> + Offset     = IP6_NEXT_OPTION_OFFSET (Offset, OptDataLen);

> case Ip6OptionSkip:
> - Offset = (UINT8)(Offset + *(Option + Offset + 1));
>   OptDataLen = ((EFI_IP6_OPTION *)(Option + Offset))->Length;
>   Offset     = IP6_NEXT_OPTION_OFFSET (Offset, OptDataLen);

Additionally, this change also corrects incorrect math where the calling
function was calculating the HDR EXT optionLen as a uint8 instead of a
uint16

> - OptionLen = (UINT8)((*Option + 1) * 8 - 2);
> + OptionLen = IP6_HDR_EXT_LEN (*Option) -
IP6_COMBINED_SIZE_OF_NEXT_HDR_AND_LEN;

Additionally this check adds additional logic to santize the incoming
data

Cc: Saloni Kasbekar <saloni.kasbekar@intel.com>
Cc: Zachary Clark-williams <zachary.clark-williams@intel.com>

Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com>
Reviewed-by: Saloni Kasbekar <saloni.kasbekar@intel.com>
crawfxrd pushed a commit that referenced this pull request Nov 19, 2024
@mergify
UefiCpuPkg/PiSmmCpuDxeSmm: Clarification for BSP & APs Sync Flow
2351165 
This patch does not impact functionality. It aims to clarify the
synchronization flow between the BSP and APs to enhance code
readability and understanding:

Steps #6 and #11 are the basic synchronization requirements for all
cases.

Steps #1 is additional requirements if the MmCpuSyncModeTradition
mode is selected.

Steps #1, #2, #3, #4, #5, #7, #8, #9, and #10 are additional
requirements if the system needs to configure the MTRR.

Steps #9 and #10 are additional requirements if the system needs to
support the mSmmDebugAgentSupport.

Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jackpot51 jackpot51 Awaiting requested review from jackpot51

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

USB devices should not have generic names

3 participants

@crawfxrd @jackpot51 @MrChromebox