REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594
V3: Fix build issue when DiSABLE_SHA1_DEPRECATED_INTERFACES is defined. Percolate the #ifndef DiSABLE_SHA1_DEPRECATED_INTERFACES to all the Sha1 functions. Replace AllocatePool() with AllocatePages() and FreePool() with FreePages() because FreePool() is not supported in PEI phase. FreePool() does not free the allocated pool in PEI phase causing a memory leak. V1: RPMC confidentiality feature requires HMAC-SHA256 support during SMM phase. This allows the protected variable's data to be encrypted in the SPI flash. PEI phase requires AES. AllocatePool is replaced by AllocatePages because the memory allocated by AllocatePool cannot be freed in PEI phase. This is causing a memory leak error when running this new feature. Cc: Jiewen Yao <jiewen....@intel.com> Cc: Jian J Wang <jian.j.w...@intel.com> Cc: Xiaoyu Lu <xiaoyux...@intel.com> Cc: Guomin Jiang <guomin.ji...@intel.com> Cc: Nishant C Mistry <nishant.c.mis...@intel.com> Signed-off-by: Jian J Wang <jian.j.w...@intel.com> Signed-off-by: Nishant C Mistry <nishant.c.mis...@intel.com> Signed-off-by: Judah Vang <judah.v...@intel.com> --- CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf | 2 +- CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf | 2 +- CryptoPkg/Library/BaseCryptLib/SysCall/BaseMemAllocation.c | 11 ++++++----- CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c | 14 +++++++++++++- 4 files changed, 21 insertions(+), 8 deletions(-) diff --git a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf index 01de27e03747..40728af37822 100644 --- a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf +++ b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf @@ -43,7 +43,7 @@ [Sources] Hash/CryptParallelHashNull.c Hmac/CryptHmacSha256.c Kdf/CryptHkdf.c - Cipher/CryptAesNull.c + Cipher/CryptAes.c Pk/CryptRsaBasic.c Pk/CryptRsaExtNull.c Pk/CryptPkcs1OaepNull.c diff --git a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf index 91a171509540..706b527338f0 100644 --- a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf +++ b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf @@ -43,7 +43,7 @@ [Sources] Hash/CryptCShake256.c Hash/CryptParallelHash.c Hmac/CryptHmacSha256.c - Kdf/CryptHkdfNull.c + Kdf/CryptHkdf.c Cipher/CryptAes.c Pk/CryptRsaBasic.c Pk/CryptRsaExtNull.c diff --git a/CryptoPkg/Library/BaseCryptLib/SysCall/BaseMemAllocation.c b/CryptoPkg/Library/BaseCryptLib/SysCall/BaseMemAllocation.c index b7bed15c18df..d77e1f7de5e3 100644 --- a/CryptoPkg/Library/BaseCryptLib/SysCall/BaseMemAllocation.c +++ b/CryptoPkg/Library/BaseCryptLib/SysCall/BaseMemAllocation.c @@ -2,13 +2,14 @@ Base Memory Allocation Routines Wrapper for Crypto library over OpenSSL during PEI & DXE phases. -Copyright (c) 2009 - 2017, Intel Corporation. All rights reserved.<BR> +Copyright (c) 2009 - 2022, Intel Corporation. All rights reserved.<BR> SPDX-License-Identifier: BSD-2-Clause-Patent **/ #include <CrtLibSupport.h> #include <Library/MemoryAllocationLib.h> +#include <Library/BaseCryptLib.h> // // Extra header to record the memory buffer size from malloc routine. @@ -41,7 +42,7 @@ malloc ( // NewSize = (UINTN)(size) + CRYPTMEM_OVERHEAD; - Data = AllocatePool (NewSize); + Data = AllocatePages (EFI_SIZE_TO_PAGES (NewSize)); if (Data != NULL) { PoolHdr = (CRYPTMEM_HEAD *)Data; // @@ -73,7 +74,7 @@ realloc ( VOID *Data; NewSize = (UINTN)size + CRYPTMEM_OVERHEAD; - Data = AllocatePool (NewSize); + Data = AllocatePages (EFI_SIZE_TO_PAGES (NewSize)); if (Data != NULL) { NewPoolHdr = (CRYPTMEM_HEAD *)Data; NewPoolHdr->Signature = CRYPTMEM_HEAD_SIGNATURE; @@ -90,7 +91,7 @@ realloc ( // Duplicate the buffer content. // CopyMem ((VOID *)(NewPoolHdr + 1), ptr, MIN (OldSize, size)); - FreePool ((VOID *)OldPoolHdr); + FreePages (((VOID *)OldPoolHdr), EFI_SIZE_TO_PAGES (OldSize)); } return (VOID *)(NewPoolHdr + 1); @@ -117,6 +118,6 @@ free ( if (ptr != NULL) { PoolHdr = (CRYPTMEM_HEAD *)ptr - 1; ASSERT (PoolHdr->Signature == CRYPTMEM_HEAD_SIGNATURE); - FreePool (PoolHdr); + FreePages (((VOID *)PoolHdr), EFI_SIZE_TO_PAGES (PoolHdr->Size)); } } diff --git a/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c b/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c index f9796b215865..ede9fa8c09ec 100644 --- a/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c +++ b/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c @@ -6,7 +6,7 @@ This API, when called, will calculate the Hash using the hashing algorithm specified by PcdHashApiLibPolicy. - Copyright (c) 2020, Intel Corporation. All rights reserved.<BR> + Copyright (c) 2020-2022, Intel Corporation. All rights reserved.<BR> SPDX-License-Identifier: BSD-2-Clause-Patent **/ @@ -33,9 +33,11 @@ HashApiGetContextSize ( ) { switch (PcdGet32 (PcdHashApiLibPolicy)) { + #ifndef DISABLE_SHA1_DEPRECATED_INTERFACES case HASH_ALG_SHA1: return Sha1GetContextSize (); break; + #endif case HASH_ALG_SHA256: return Sha256GetContextSize (); @@ -75,9 +77,11 @@ HashApiInit ( ) { switch (PcdGet32 (PcdHashApiLibPolicy)) { + #ifndef DISABLE_SHA1_DEPRECATED_INTERFACES case HASH_ALG_SHA1: return Sha1Init (HashContext); break; + #endif case HASH_ALG_SHA256: return Sha256Init (HashContext); @@ -119,9 +123,11 @@ HashApiDuplicate ( ) { switch (PcdGet32 (PcdHashApiLibPolicy)) { + #ifndef DISABLE_SHA1_DEPRECATED_INTERFACES case HASH_ALG_SHA1: return Sha1Duplicate (HashContext, NewHashContext); break; + #endif case HASH_ALG_SHA256: return Sha256Duplicate (HashContext, NewHashContext); @@ -165,9 +171,11 @@ HashApiUpdate ( ) { switch (PcdGet32 (PcdHashApiLibPolicy)) { + #ifndef DISABLE_SHA1_DEPRECATED_INTERFACES case HASH_ALG_SHA1: return Sha1Update (HashContext, DataToHash, DataToHashLen); break; + #endif case HASH_ALG_SHA256: return Sha256Update (HashContext, DataToHash, DataToHashLen); @@ -209,9 +217,11 @@ HashApiFinal ( ) { switch (PcdGet32 (PcdHashApiLibPolicy)) { + #ifndef DISABLE_SHA1_DEPRECATED_INTERFACES case HASH_ALG_SHA1: return Sha1Final (HashContext, Digest); break; + #endif case HASH_ALG_SHA256: return Sha256Final (HashContext, Digest); @@ -255,9 +265,11 @@ HashApiHashAll ( ) { switch (PcdGet32 (PcdHashApiLibPolicy)) { + #ifndef DISABLE_SHA1_DEPRECATED_INTERFACES case HASH_ALG_SHA1: return Sha1HashAll (DataToHash, DataToHashLen, Digest); break; + #endif case HASH_ALG_SHA256: return Sha256HashAll (DataToHash, DataToHashLen, Digest); -- 2.35.1.windows.2 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#90372): https://edk2.groups.io/g/devel/message/90372 Mute This Topic: https://groups.io/mt/91640201/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-