> -----Original Message----- > From: Gao, Liming > Sent: Wednesday, January 25, 2017 1:58 PM > To: Wu, Hao A; Laszlo Ersek > Cc: edk2-de...@ml01.01.org > Subject: RE: [edk2] [PATCH v2 1/1] MdePkg: Refine casting expression result to > bigger size > > Hao: > For PCILIB_TO_COMMON_ADDRESS, we can't assume its usage in the > consumer code. There may be some usage in other projects. So, I suggest to > provide the safe fix. >
Hi Liming, The definition "PCILIB_TO_COMMON_ADDRESS" is defined in MdePkg/Library/BaseS3PciLib/S3PciLib.c. It will not be consumed outside. Best Regards, Hao Wu > Thanks > Liming > >-----Original Message----- > >From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of Wu, > >Hao A > >Sent: Wednesday, January 25, 2017 8:26 AM > >To: Laszlo Ersek <ler...@redhat.com> > >Cc: edk2-de...@ml01.01.org > >Subject: Re: [edk2] [PATCH v2 1/1] MdePkg: Refine casting expression result > >to bigger size > > > >> -----Original Message----- > >> From: Laszlo Ersek [mailto:ler...@redhat.com] > >> Sent: Tuesday, January 24, 2017 5:54 PM > >> To: Wu, Hao A > >> Cc: edk2-de...@ml01.01.org > >> Subject: Re: [edk2] [PATCH v2 1/1] MdePkg: Refine casting expression result > >to > >> bigger size > >> > >> On 01/24/17 08:25, Hao Wu wrote: > >> > There are cases that the operands of an expression are all with rank less > >> > than UINT64/INT64 and the result of the expression is explicitly casted > >> > to > >> > UINT64/INT64 to fit the target size. > >> > > >> > An example will be: > >> > UINT32 a,b; > >> > // a and b can be any unsigned int type with rank less than UINT64, like > >> > // UINT8, UINT16, etc. > >> > UINT64 c; > >> > c = (UINT64) (a + b); > >> > > >> > Some static code checkers may warn that the expression result might > >> > overflow within the rank of "int" (integer promotions) and the result is > >> > then cast to a bigger size. > >> > > >> > The commit refines codes by the following rules: > >> > 1). When the expression will not overflow within the rank of "int", > >> > remove > >> > the explicit type casts: > >> > c = a + b; > >> > > >> > 2). When the expression is possible to overflow the range of unsigned > >> > int/ > >> > int: > >> > c = (UINT64)a + b; > >> > > >> > Contributed-under: TianoCore Contribution Agreement 1.0 > >> > Signed-off-by: Hao Wu <hao.a...@intel.com> > >> > --- > >> > MdePkg/Library/BaseLib/String.c | 4 ++-- > >> > MdePkg/Library/BasePeCoffLib/BasePeCoff.c | 12 > >> > +++++------- > >> > MdePkg/Library/BaseS3PciLib/S3PciLib.c | 4 ++-- > >> > MdePkg/Library/SmmMemoryAllocationLib/MemoryAllocationLib.c | 4 > >++-- > >> > MdePkg/Library/UefiMemoryAllocationLib/MemoryAllocationLib.c | 4 > >++-- > >> > 5 files changed, 13 insertions(+), 15 deletions(-) > >> > > >> > diff --git a/MdePkg/Library/BaseLib/String.c > >> b/MdePkg/Library/BaseLib/String.c > >> > index e84bf50..4151e0e 100644 > >> > --- a/MdePkg/Library/BaseLib/String.c > >> > +++ b/MdePkg/Library/BaseLib/String.c > >> > @@ -586,7 +586,7 @@ InternalHexCharToUintn ( > >> > return Char - L'0'; > >> > } > >> > > >> > - return (UINTN) (10 + InternalCharToUpper (Char) - L'A'); > >> > + return (10 + InternalCharToUpper (Char) - L'A'); > >> > } > >> > > >> > /** > >> > @@ -1211,7 +1211,7 @@ InternalAsciiHexCharToUintn ( > >> > return Char - '0'; > >> > } > >> > > >> > - return (UINTN) (10 + InternalBaseLibAsciiToUpper (Char) - 'A'); > >> > + return (10 + InternalBaseLibAsciiToUpper (Char) - 'A'); > >> > } > >> > > >> > > >> > diff --git a/MdePkg/Library/BasePeCoffLib/BasePeCoff.c > >> b/MdePkg/Library/BasePeCoffLib/BasePeCoff.c > >> > index 33cad23..8d1daba 100644 > >> > --- a/MdePkg/Library/BasePeCoffLib/BasePeCoff.c > >> > +++ b/MdePkg/Library/BasePeCoffLib/BasePeCoff.c > >> > @@ -15,7 +15,7 @@ > >> > PeCoffLoaderGetPeHeader() routine will do basic check for PE/COFF > >header. > >> > PeCoffLoaderGetImageInfo() routine will do basic check for whole > >PE/COFF > >> image. > >> > > >> > - Copyright (c) 2006 - 2014, Intel Corporation. All rights reserved.<BR> > >> > + Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.<BR> > >> > Portions copyright (c) 2008 - 2009, Apple Inc. All rights > >> > reserved.<BR> > >> > This program and the accompanying materials > >> > are licensed and made available under the terms and conditions of the > >BSD > >> License > >> > @@ -703,12 +703,10 @@ PeCoffLoaderGetImageInfo ( > >> > // > >> > DebugDirectoryEntryFileOffset = 0; > >> > > >> > - SectionHeaderOffset = (UINTN)( > >> > - ImageContext->PeCoffHeaderOffset + > >> > - sizeof (UINT32) + > >> > - sizeof (EFI_IMAGE_FILE_HEADER) + > >> > - Hdr.Pe32->FileHeader.SizeOfOptionalHeader > >> > - ); > >> > + SectionHeaderOffset = ImageContext->PeCoffHeaderOffset + > >> > + sizeof (UINT32) + > >> > + sizeof (EFI_IMAGE_FILE_HEADER) + > >> > + Hdr.Pe32->FileHeader.SizeOfOptionalHeader; > >> > > >> > for (Index = 0; Index < Hdr.Pe32->FileHeader.NumberOfSections; > >Index++) > >> { > >> > // > >> > diff --git a/MdePkg/Library/BaseS3PciLib/S3PciLib.c > >> b/MdePkg/Library/BaseS3PciLib/S3PciLib.c > >> > index e29f7fe..27342b0 100644 > >> > --- a/MdePkg/Library/BaseS3PciLib/S3PciLib.c > >> > +++ b/MdePkg/Library/BaseS3PciLib/S3PciLib.c > >> > @@ -3,7 +3,7 @@ > >> > the PCI operations to be replayed during an S3 resume. This library > >> > class > >> > maps directly on top of the PciLib class. > >> > > >> > - Copyright (c) 2006 - 2012, Intel Corporation. All rights reserved.<BR> > >> > + Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.<BR> > >> > > >> > This program and the accompanying materials > >> > are licensed and made available under the terms and conditions > >> > @@ -25,7 +25,7 @@ > >> > #include <Library/S3PciLib.h> > >> > > >> > #define PCILIB_TO_COMMON_ADDRESS(Address) \ > >> > - ((UINT64) ((((UINTN) ((Address>>20) & 0xff)) << 24) + (((UINTN) > >> ((Address>>15) & 0x1f)) << 16) + (((UINTN) ((Address>>12) & 0x07)) << 8) + > >> ((UINTN) (Address & 0xfff )))) > >> > + ((((UINTN) ((Address>>20) & 0xff)) << 24) + (((UINTN) > >((Address>>15) & > >> 0x1f)) << 16) + (((UINTN) ((Address>>12) & 0x07)) << 8) + ((UINTN) > >(Address & > >> 0xfff ))) > >> > > >> > /** > >> > Saves a PCI configuration value to the boot script. > >> > >> I think this change is potentially unsafe, without auditing all uses of > >> PCILIB_TO_COMMON_ADDRESS(). In a 32-bit build, the type of the result > >> will no longer be UINT64 but UINT32, and that can cause problems in > >> several contexts. For example: > >> > >> - as an operand to the sizeof operator > >> - when it's being relied upon to cause conversion to UINT64, for example > >> another (UINT32) operand could be added to it > >> - when it is passed through a variable argument list > >> > >> It might be safe, but there's no way to tell without auditing all the > >> call sites. So let me see... > >> > >> Apparently this macro is only passed to S3BootScriptSavePciCfgWrite() as > >> second argument, within the same file, and that argument is covered by > >> the function prototype explicitly, with type UINT64. So the change > >> should be safe. > >> > > > >Thanks for the checking. I did search the whole edk2 repository for the > >reference of "PCILIB_TO_COMMON_ADDRESS" and it is only comsumed by > >the > >function you mentioned. > > > >> (I see the same macro definition and kind of invocation in > >> "QuarkPlatformPkg/Acpi/DxeSmm/AcpiSmm/AcpiSmmPlatform.c"; I didn't > >try > >> to audit that file.) > >> > >> The rest looks okay too. > >> > >> Reviewed-by: Laszlo Ersek <ler...@redhat.com> > >> > > > >Many thanks for the feedbacks and the effort for reviewing the patch. > > > >> (If you go ahead and submit a 30-part series that does this kind of > >> fixup all over the tree, please don't expect me to review it all -- I'm > >> okay reviewing OvmfPkg and ArmVirtPkg changes, but I can't take on the > >> rest. This kind of patch cannot be reviewed without consulting a really > >> wide context.) > >> > > > >I am thinking if the package level patch contains too many changes, I > >might break it into multiple module-level patches and include module > >owners/experts to help reviewing them. > > > >Best Regards, > >Hao Wu > > > >> Thanks > >> Laszlo > >> > >> > >> > diff --git > >> a/MdePkg/Library/SmmMemoryAllocationLib/MemoryAllocationLib.c > >> b/MdePkg/Library/SmmMemoryAllocationLib/MemoryAllocationLib.c > >> > index 937165a..592cced 100644 > >> > --- a/MdePkg/Library/SmmMemoryAllocationLib/MemoryAllocationLib.c > >> > +++ b/MdePkg/Library/SmmMemoryAllocationLib/MemoryAllocationLib.c > >> > @@ -12,7 +12,7 @@ > >> > allocation for the Reserved memory types are not supported and will > >> always > >> > return NULL. > >> > > >> > - Copyright (c) 2006 - 2015, Intel Corporation. All rights reserved.<BR> > >> > + Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.<BR> > >> > This program and the accompanying materials > >> > are licensed and made available under the terms and conditions of the > >BSD > >> License > >> > which accompanies this distribution. The full text of the license > >> > may be > >> found at > >> > @@ -343,7 +343,7 @@ InternalAllocateAlignedPages ( > >> > Status = gSmst->SmmFreePages (Memory, UnalignedPages); > >> > ASSERT_EFI_ERROR (Status); > >> > } > >> > - Memory = (EFI_PHYSICAL_ADDRESS) (AlignedMemory + > >> EFI_PAGES_TO_SIZE (Pages)); > >> > + Memory = AlignedMemory + EFI_PAGES_TO_SIZE (Pages); > >> > UnalignedPages = RealPages - Pages - UnalignedPages; > >> > if (UnalignedPages > 0) { > >> > // > >> > diff --git > >a/MdePkg/Library/UefiMemoryAllocationLib/MemoryAllocationLib.c > >> b/MdePkg/Library/UefiMemoryAllocationLib/MemoryAllocationLib.c > >> > index 3da5e211..3bd3aef 100644 > >> > --- a/MdePkg/Library/UefiMemoryAllocationLib/MemoryAllocationLib.c > >> > +++ b/MdePkg/Library/UefiMemoryAllocationLib/MemoryAllocationLib.c > >> > @@ -2,7 +2,7 @@ > >> > Support routines for memory allocation routines based > >> > on boot services for Dxe phase drivers. > >> > > >> > - Copyright (c) 2006 - 2015, Intel Corporation. All rights reserved.<BR> > >> > + Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.<BR> > >> > This program and the accompanying materials > >> > are licensed and made available under the terms and conditions of the > >BSD > >> License > >> > which accompanies this distribution. The full text of the license > >> > may be > >> found at > >> > @@ -216,7 +216,7 @@ InternalAllocateAlignedPages ( > >> > Status = gBS->FreePages (Memory, UnalignedPages); > >> > ASSERT_EFI_ERROR (Status); > >> > } > >> > - Memory = (EFI_PHYSICAL_ADDRESS) (AlignedMemory + > >> EFI_PAGES_TO_SIZE (Pages)); > >> > + Memory = AlignedMemory + EFI_PAGES_TO_SIZE (Pages); > >> > UnalignedPages = RealPages - Pages - UnalignedPages; > >> > if (UnalignedPages > 0) { > >> > // > >> > > > > >_______________________________________________ > >edk2-devel mailing list > >edk2-devel@lists.01.org > >https://lists.01.org/mailman/listinfo/edk2-devel _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
