[edk2-devel] BZ-4482 Feature Request

2023-06-15 Thread Demeter, Miki 
I see that no one has looked at this yet

https://bugzilla.tianocore.org/show_bug.cgi?id=4482

Is it possible to have someone look into upgrading openssl 1.1.1t to 1.1.1u to 
hopefully make the 202308 stable tag relese

-miki

--
Miki Demeter (she/her/Miki)
Security Researcher / FW Developer
Tianocore Community Manager
FST
Intel Corporation

Portland Women in Tech Best Speaker
miki.deme...@intel.com
503.712.8030 (office)
971.248.0123 (cell)



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#106119): https://edk2.groups.io/g/devel/message/106119
Mute This Topic: https://groups.io/mt/99553504/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: 
https://edk2.groups.io/g/devel/leave/9847357/21656/1706620634/xyzzy 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [edk2-docs] edk2-docs.gitbook.io offline

2023-05-01 Thread Demeter, Miki 
If you find ones on the CVE website. Please file a BZ report and list the CVE# 
and the corrected link. I can update CVEs to reflect the correct links

-miki

--
Miki Demeter (she/her/Miki)
Security Researcher / FW Developer
FST
Intel Corporation

Co-Chair, Network of Intel African-Ancestry(NIA) - Oregon
NIA-Oregon

Portland Women in Tech Best Speaker


From: devel@edk2.groups.io  on behalf of Rebecca Cran 

Date: Friday, April 28, 2023 at 6:02 AM
To: devel@edk2.groups.io , Kinney, Michael D 
, jolly_thomp...@xitroo.com 

Subject: Re: [edk2-devel] [edk2-docs] edk2-docs.gitbook.io offline
On 4/27/23 10:31, Michael D Kinney wrote:
>
> Hello,
>
> All docs were migrated to github tianocore-docs organization about 3
> years ago.
>
> https://github.com/tianocore-docs
>
> The following 2 wiki page has links to all the documents
>
> https://tianocore-docs.github.io/
>
> https://github.com/tianocore/tianocore.github.io/wiki/EDK-II-Draft-Specification
>
> The docs in gitbook.io were out of date, so they have now been
> disabled, so please update your links.
>
> If there are any document that are missing from these pages, please
> let us know.
>
Hopefully the gitbook.io results will drop off Google soon.

It's a shame we can't do a HTTP 301 redirect for the old gitbook.io
links, because pages such as
https://www.cve.org/CVERecord?id=CVE-2019-0160 are unlikely to be updated.


The pages on tianocore-docs.github.io have an empty 'description' header
which is probably why both the gitbook.io and github source files are
higher in the results.

I'll see if it's possible to fix that.




EDK II Platform Description (DSC) File Specification ·
GitBook





--

Rebecca Cran







-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#103825): https://edk2.groups.io/g/devel/message/103825
Mute This Topic: https://groups.io/mt/98539178/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: 
https://edk2.groups.io/g/devel/leave/9847357/21656/1706620634/xyzzy 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH v1 0/1] Define security policy in SECURITY.md file for repository

2023-03-27 Thread Demeter, Miki 
Ack

Need to get this acked by others in infosec too


--
Miki Demeter (she/her/Miki)
Security Researcher / FW Developer
FST
Intel Corporation

Co-Chair, Network of Intel African-Ancestry(NIA) - Oregon
NIA-Oregon<https://intel.sharepoint.com/sites/NIA>

Portland Women in Tech Best Speaker
miki.deme...@intel.com<mailto:miki.deme...@intel.com>
503.712.8030 (office)
971.248.0123 (cell)


From: Kun Qin 
Date: Thursday, March 9, 2023 at 1:44 PM
To: devel@edk2.groups.io 
Cc: Andrew Fish , Leif Lindholm , 
Kinney, Michael D , Demeter, Miki 
, Sean Brogan 
Subject: [PATCH v1 0/1] Define security policy in SECURITY.md file for 
repository
This change added a markdown file as a policy guideline for Tianocore EDK2
community to handle security sensitive reports.

Patch v1 branch: https://github.com/kuqin12/edk2/tree/patch-1

Cc: Andrew Fish 
Cc: Leif Lindholm 
Cc: Michael D Kinney 
Cc: Miki Demeter 
Cc: Sean Brogan 

Sean Brogan (1):
  Define security policy in SECURITY.md file for repository

 SECURITY.md | 33 
 1 file changed, 33 insertions(+)
 create mode 100644 SECURITY.md

--
2.37.1.windows.1


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#101985): https://edk2.groups.io/g/devel/message/101985
Mute This Topic: https://groups.io/mt/97504489/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: 
https://edk2.groups.io/g/devel/leave/9847357/21656/1706620634/xyzzy 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH v2] CryptoPkg/OpensslLib: Upgrade OpenSSL to 1.1.1t

2023-03-10 Thread Demeter, Miki 
Thank you all.

--
Miki Demeter (she/her/Miki)
Security Researcher / FW Developer
FST
Intel Corporation

Co-Chair, Network of Intel African-Ancestry(NIA) - Oregon
NIA-Oregon

Portland Women in Tech Best Speaker
miki.deme...@intel.com
503.712.8030 (office)
971.248.0123 (cell)


From: devel@edk2.groups.io  on behalf of Yao, Jiewen 

Date: Thursday, March 9, 2023 at 9:58 PM
To: Sheng, W , devel@edk2.groups.io 
Cc: Wang, Jian J , Lu, Xiaoyu1 , 
Jiang, Guomin 
Subject: Re: [edk2-devel] [PATCH v2] CryptoPkg/OpensslLib: Upgrade OpenSSL to 
1.1.1t
Merged https://github.com/tianocore/edk2/pull/4128

> -Original Message-
> From: Sheng, W 
> Sent: Tuesday, February 28, 2023 10:44 AM
> To: devel@edk2.groups.io
> Cc: Wang, Jian J ; Yao, Jiewen
> ; Lu, Xiaoyu1 ; Jiang,
> Guomin 
> Subject: [PATCH v2] CryptoPkg/OpensslLib: Upgrade OpenSSL to 1.1.1t
>
> Upgrade openssl to 1.1.1t
> Pick up bugfixes from the latest openssl release.
>
> Cc: Jian J Wang 
> Cc: Jiewen Yao 
> Cc: Xiaoyu Lu 
> Cc: Guomin Jiang 
> Signed-off-by: Sheng Wei 
> ---
>  CryptoPkg/Library/OpensslLib/OpensslLib.inf  | 1 +
>  CryptoPkg/Library/OpensslLib/OpensslLibAccel.inf | 1 +
>  CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf| 1 +
>  CryptoPkg/Library/OpensslLib/OpensslLibFull.inf  | 1 +
>  CryptoPkg/Library/OpensslLib/OpensslLibFullAccel.inf | 1 +
>  CryptoPkg/Library/OpensslLib/openssl | 2 +-
>  6 files changed, 6 insertions(+), 1 deletion(-)
>
> diff --git a/CryptoPkg/Library/OpensslLib/OpensslLib.inf
> b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
> index 60c6c24b0a..1474df8125 100644
> --- a/CryptoPkg/Library/OpensslLib/OpensslLib.inf
> +++ b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
> @@ -162,6 +162,7 @@
>$(OPENSSL_PATH)/crypto/bn/bn_srp.c
>
>$(OPENSSL_PATH)/crypto/bn/bn_word.c
>
>$(OPENSSL_PATH)/crypto/bn/bn_x931p.c
>
> +  $(OPENSSL_PATH)/crypto/bn/rsa_sup_mul.c
>
>$(OPENSSL_PATH)/crypto/buffer/buf_err.c
>
>$(OPENSSL_PATH)/crypto/buffer/buffer.c
>
>$(OPENSSL_PATH)/crypto/cmac/cm_ameth.c
>
> diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibAccel.inf
> b/CryptoPkg/Library/OpensslLib/OpensslLibAccel.inf
> index 103ef7bda2..3c5f6d5d17 100644
> --- a/CryptoPkg/Library/OpensslLib/OpensslLibAccel.inf
> +++ b/CryptoPkg/Library/OpensslLib/OpensslLibAccel.inf
> @@ -163,6 +163,7 @@
>$(OPENSSL_PATH)/crypto/bn/bn_srp.c
>
>$(OPENSSL_PATH)/crypto/bn/bn_word.c
>
>$(OPENSSL_PATH)/crypto/bn/bn_x931p.c
>
> +  $(OPENSSL_PATH)/crypto/bn/rsa_sup_mul.c
>
>$(OPENSSL_PATH)/crypto/buffer/buf_err.c
>
>$(OPENSSL_PATH)/crypto/buffer/buffer.c
>
>$(OPENSSL_PATH)/crypto/cmac/cm_ameth.c
>
> diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
> b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
> index c4eaea888c..a9adb94720 100644
> --- a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
> +++ b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
> @@ -163,6 +163,7 @@
>$(OPENSSL_PATH)/crypto/bn/bn_srp.c
>
>$(OPENSSL_PATH)/crypto/bn/bn_word.c
>
>$(OPENSSL_PATH)/crypto/bn/bn_x931p.c
>
> +  $(OPENSSL_PATH)/crypto/bn/rsa_sup_mul.c
>
>$(OPENSSL_PATH)/crypto/buffer/buf_err.c
>
>$(OPENSSL_PATH)/crypto/buffer/buffer.c
>
>$(OPENSSL_PATH)/crypto/cmac/cm_ameth.c
>
> diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibFull.inf
> b/CryptoPkg/Library/OpensslLib/OpensslLibFull.inf
> index 309e43055c..4c2cbe9cf7 100644
> --- a/CryptoPkg/Library/OpensslLib/OpensslLibFull.inf
> +++ b/CryptoPkg/Library/OpensslLib/OpensslLibFull.inf
> @@ -167,6 +167,7 @@
>$(OPENSSL_PATH)/crypto/bn/bn_srp.c
>
>$(OPENSSL_PATH)/crypto/bn/bn_word.c
>
>$(OPENSSL_PATH)/crypto/bn/bn_x931p.c
>
> +  $(OPENSSL_PATH)/crypto/bn/rsa_sup_mul.c
>
>$(OPENSSL_PATH)/crypto/buffer/buf_err.c
>
>$(OPENSSL_PATH)/crypto/buffer/buffer.c
>
>$(OPENSSL_PATH)/crypto/cmac/cm_ameth.c
>
> diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibFullAccel.inf
> b/CryptoPkg/Library/OpensslLib/OpensslLibFullAccel.inf
> index 4b79bd..591c57fdc2 100644
> --- a/CryptoPkg/Library/OpensslLib/OpensslLibFullAccel.inf
> +++ b/CryptoPkg/Library/OpensslLib/OpensslLibFullAccel.inf
> @@ -168,6 +168,7 @@
>$(OPENSSL_PATH)/crypto/bn/bn_srp.c
>
>$(OPENSSL_PATH)/crypto/bn/bn_word.c
>
>$(OPENSSL_PATH)/crypto/bn/bn_x931p.c
>
> +  $(OPENSSL_PATH)/crypto/bn/rsa_sup_mul.c
>
>$(OPENSSL_PATH)/crypto/buffer/buf_err.c
>
>$(OPENSSL_PATH)/crypto/buffer/buffer.c
>
>$(OPENSSL_PATH)/crypto/cmac/cm_ameth.c
>
> diff --git a/CryptoPkg/Library/OpensslLib/openssl
> b/CryptoPkg/Library/OpensslLib/openssl
> index 129058165d..830bf8e1e4 16
> --- a/CryptoPkg/Library/OpensslLib/openssl
> +++ b/CryptoPkg/Library/OpensslLib/openssl
> @@ -1 +1 @@
> -Subproject commit 129058165d195e43a0ad10111b0c2e29bdf65980
> +Subproject commit 830bf8e1e4749ad65c51b6a1d0d769ae689404ba
> --
> 2.26.2.windows.1







-=-=-=-=-=-=-=-=-=-=-=-
Groups.io

[edk2-devel] RFC Proposed Security Process Changes

2023-03-01 Thread Demeter, Miki 
Hello everyone,

Submitted for the community to evaluate and provide any feedback. We are 
looking to move to GitHub Security Reporting and Security advisories. This 
makes some minor changes to the Security reporting process and a big shift for 
the Security advisories. Please take a moment to provide any feedback. We will 
be selectively using the procedure below for some trial runs and will report 
and changes or omissions that may be found in the proposed process.

Process for GHSA – provided by Miki Demeter



  *   Private Vulnerability Reporting – Reporter makes a probable security issue
 *   If security issue only GHSR – Security Policy to describe the 
procedure to report security issue (Sean B)
  *   Validate that it is a security issue - Infosec Team will determine if 
this is a security issue. This may require the enlistment of subject matter 
experts – If not deemed security issue ask reporter to submit Bugzilla.
 *   If the issue is a security issue
*   GHSA Created - Infosec Team creates the GHSA
*   Add infosec team – Infosec add the team members, Maintainers, 
reviewers and submitter (need Infosec team group)
*   CVSS Scoring - Infosec Team with assistance from submitter set the 
CVSS Score
*   Assign CWEs - Infosec Team assigns appropriate CWEs
*   Allocate CVE # - Infosec Team allocates CVE# to reference issue
*   Add private fork - Infosec Team creates private fork for patch work 
to be completed
 *   Embargo period established - Infosec Team establishes the embargo time 
period
 *   Proposed Patch created or exists – OwnerAll discussion at the GHSA 
patch level not file patch level)
*   Maintainers, Reviewers and Infosec Team – All parties evaluate patch
*   Validate Fix complete  - Infosec Team
*   Level of Testing required to consider complete - infosec Team 
defines the level of testing necessary to validate.
 *   Embargo Period Ends
 *   GHSA PR Created - Publicly Visible at this point
*   Merged within 1 day
 *   CVE Details Updated – Infosec team updates CVE Detail information and 
submits to Mitre and make public






# Security Policy - Provided by Sean Brogan

Tianocore Edk2 is an open source firmware project that is leveraged by and 
combined into other projects to build the firmware for a given product. We 
build and maintain edk2 knowing that there are many downstream repositories and 
projects that derive or inherit significant code from this project. But, that 
said, in the firmware ecosystem there is a lot of variation and 
differentiation, and the license in this project allows flexibility for use 
without contribution back to Edk2. Therefore, any issues found here may or may 
not exist in products derived from Edk2.

## Supported Versions

Due to the usage model we generally only supply fixes to the master branch. If 
requested, we may generate a release branch from a stable tag (up to one 
release back) and apply patches but given our downstream consumption model this 
is generally not necessary.

## Reporting a Vulnerability

Please do not report security vulnerabilities through public GitHub issues or 
bugzilla.

Instead please use Github Private vulnerability reporting, which is enabled for 
the edk2 repository.

This process is well documented by github in their 
documentation[here].

This process will allow us to privately discuss the issue, collaborate on a 
solution, and then disclose the vulnerability.

## Preferred Languages

We prefer all communications to be in English.

## Policy

Tianocore Edk2 follows the principle of Coordinated Vulnerability Disclosure.
More information is available here:

* [ISO/IEC 29147:2018 on Vulnerability 
Disclosure]
* [The CERT Guide to Coordinated Vulnerability 
Disclosure

--
Miki Demeter (she/her/Miki)
Security Researcher / FW Developer
FST
Intel Corporation

Co-Chair, Network of Intel African-Ancestry(NIA) - Oregon
NIA-Oregon

Portland Women in Tech Best Speaker
miki.deme...@intel.com
503.712.8030 (office)
971.248.0123 (cell)



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#100608): https://edk2.groups.io/g/devel/message/100608
Mute This Topic: https://groups.io/mt/97323839/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: 
https://edk2.groups.io/g/devel/leave/9847357/21656/1706620634/xyzzy 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [IMPORTANT] February Release Reviews and Merges

2023-02-09 Thread Demeter, Miki 
Received. I will be incontact

-miki

--
Miki Demeter (she/her/Miki)
Security Researcher / FW Developer
FST
Intel Corporation

Co-Chair, Network of Intel African-Ancestry(NIA) - Oregon
NIA-Oregon<https://intel.sharepoint.com/sites/NIA>

Portland Women in Tech Best Speaker
miki.deme...@intel.com<mailto:miki.deme...@intel.com>
503.712.8030 (office)
971.248.0123 (cell)


From: devel@edk2.groups.io  on behalf of Chang, Abner via 
groups.io 
Date: Wednesday, February 8, 2023 at 9:12 PM
To: Demeter, Miki , devel@edk2.groups.io 

Cc: Attar, AbdulLateef (Abdul Lateef) 
Subject: Re: [edk2-devel] [IMPORTANT] February Release Reviews and Merges
[AMD Official Use Only - General]

Hi Miki,
Here is a submission waiting for maintainer/reviewer's review.
https://edk2.groups.io/g/devel/message/98927 (Adds AmdSmmCpuFeaturesLib for AMD 
Family)

Thanks
Abner


> -Original Message-
> From: disc...@edk2.groups.io  On Behalf Of Demeter,
> Miki via groups.io
> Sent: Thursday, February 9, 2023 8:20 AM
> To: devel@edk2.groups.io; annou...@edk2.groups.io; disc...@edk2.groups.io
> Subject: [edk2-discuss] [IMPORTANT] February Release Reviews and Merges
>
> Caution: This message originated from an External Source. Use proper caution
> when opening attachments, clicking links, or responding.
>
>
> Important Information About the February Release
>
> The Stewards are aware there has been an issue with getting patches reviewed
> and/or merged in a timely manner. The stewards are considering a delay to the
> February release to allow for these issues to be addressed.
>
> Please take the time to validate that your submissions to the email list fall 
> into
> one of the two categories please contact me directly immediately and CC the
> mailing list
>
> [1] You have patches submitted to the mailing list requesting review with no
> response
>
> [2] You have patches submitted to the mailing list that have been reviewed but
> not merged for the February release
>
>
> Thank you
>
> --
> Miki Demeter (she/her/Miki)
> Security Researcher / FW Developer
> FST
> Intel Corporation
>
> Co-Chair, Network of Intel African-Ancestry(NIA) - Oregon NIA-
> Oregon<https://intel.sharepoint.com/sites/NIA>
>
> Portland Women in Tech Best Speaker
> miki.deme...@intel.com<mailto:miki.deme...@intel.com>
>
>
>
>
>






-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#99914): https://edk2.groups.io/g/devel/message/99914
Mute This Topic: https://groups.io/mt/96843583/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: 
https://edk2.groups.io/g/devel/leave/9847357/21656/1706620634/xyzzy 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [Patch v4] MdeModulePkg/PiSmmCoreSmmEntryPoint underflow(CVE-2021-38578)

2022-10-31 Thread Demeter, Miki 
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3387



Added use of SafeIntLib to validate values are not causing overflows or

underflows in user controlled values when calculating buffer sizes.



Signed-off-by: Miki Demeter 

Reviewed-by: Michael D Kinney 

Cc: Jian J Wang 

Cc: Liming Gao 

---

 MdeModulePkg/Core/PiSmmCore/PiSmmCore.c   | 41 ++-

 MdeModulePkg/Core/PiSmmCore/PiSmmCore.h   |  1 +

 MdeModulePkg/Core/PiSmmCore/PiSmmCore.inf |  1 +

 MdeModulePkg/Core/PiSmmCore/PiSmmIpl.c| 31 +

 MdeModulePkg/Core/PiSmmCore/PiSmmIpl.inf  |  1 +

 5 files changed, 60 insertions(+), 15 deletions(-)



diff --git a/MdeModulePkg/Core/PiSmmCore/PiSmmCore.c 
b/MdeModulePkg/Core/PiSmmCore/PiSmmCore.c

index 9e5c6cbe33..875c7c0258 100644

--- a/MdeModulePkg/Core/PiSmmCore/PiSmmCore.c

+++ b/MdeModulePkg/Core/PiSmmCore/PiSmmCore.c

@@ -610,6 +610,7 @@ SmmEndOfS3ResumeHandler (

   @param[in] Size2  Size of Buff2



   @retval TRUE  Buffers overlap in memory.

+  @retval TRUE  Math error. Prevents potential math over and 
underflows.

   @retval FALSE Buffer doesn't overlap.



 **/

@@ -621,11 +622,24 @@ InternalIsBufferOverlapped (

   IN UINTN  Size2

   )

 {

+  UINTNEnd1;

+  UINTNEnd2;

+  BOOLEAN  IsOverUnderflow1;

+  BOOLEAN  IsOverUnderflow2;

+

+  // Check for over or underflow

+  IsOverUnderflow1 = EFI_ERROR (SafeUintnAdd ((UINTN)Buff1, Size1, ));

+  IsOverUnderflow2 = EFI_ERROR (SafeUintnAdd ((UINTN)Buff2, Size2, ));

+

+  if (IsOverUnderflow1 || IsOverUnderflow2) {

+return TRUE;

+  }

+

   //

   // If buff1's end is less than the start of buff2, then it's ok.

   // Also, if buff1's start is beyond buff2's end, then it's ok.

   //

-  if (((Buff1 + Size1) <= Buff2) || (Buff1 >= (Buff2 + Size2))) {

+  if ((End1 <= (UINTN)Buff2) || ((UINTN)Buff1 >= End2)) {

 return FALSE;

   }



@@ -651,6 +665,7 @@ SmmEntryPoint (

   EFI_SMM_COMMUNICATE_HEADER  *CommunicateHeader;

   BOOLEAN InLegacyBoot;

   BOOLEAN IsOverlapped;

+  BOOLEAN IsOverUnderflow;

   VOID*CommunicationBuffer;

   UINTN   BufferSize;



@@ -699,23 +714,31 @@ SmmEntryPoint (

(UINT8 *)gSmmCorePrivate,

sizeof (*gSmmCorePrivate)

);

-  if (!SmmIsBufferOutsideSmmValid ((UINTN)CommunicationBuffer, BufferSize) 
|| IsOverlapped) {

+  //

+  // Check for over or underflows

+  //

+  IsOverUnderflow = EFI_ERROR (SafeUintnSub (BufferSize, OFFSET_OF 
(EFI_SMM_COMMUNICATE_HEADER, Data), ));

+

+  if (!SmmIsBufferOutsideSmmValid ((UINTN)CommunicationBuffer, BufferSize) 
||

+  IsOverlapped || IsOverUnderflow)

+  {

 //

 // If CommunicationBuffer is not in valid address scope,

 // or there is overlap between gSmmCorePrivate and CommunicationBuffer,

+// or there is over or underflow,

 // return EFI_INVALID_PARAMETER

 //

 gSmmCorePrivate->CommunicationBuffer = NULL;

 gSmmCorePrivate->ReturnStatus= EFI_ACCESS_DENIED;

   } else {

 CommunicateHeader = (EFI_SMM_COMMUNICATE_HEADER *)CommunicationBuffer;

-BufferSize   -= OFFSET_OF (EFI_SMM_COMMUNICATE_HEADER, Data);

-Status= SmiManage (

-  >HeaderGuid,

-  NULL,

-  CommunicateHeader->Data,

-  

-  );

+// BufferSize was updated by the SafeUintnSub() call above.

+Status = SmiManage (

+   >HeaderGuid,

+   NULL,

+   CommunicateHeader->Data,

+   

+   );

 //

 // Update CommunicationBuffer, BufferSize and ReturnStatus

 // Communicate service finished, reset the pointer to CommBuffer to 
NULL

diff --git a/MdeModulePkg/Core/PiSmmCore/PiSmmCore.h 
b/MdeModulePkg/Core/PiSmmCore/PiSmmCore.h

index 71422b9dfc..b8a490a8c3 100644

--- a/MdeModulePkg/Core/PiSmmCore/PiSmmCore.h

+++ b/MdeModulePkg/Core/PiSmmCore/PiSmmCore.h

@@ -54,6 +54,7 @@

 #include 

 #include 

 #include 

+#include 



 #include "PiSmmCorePrivateData.h"

 #include "HeapGuard.h"

diff --git a/MdeModulePkg/Core/PiSmmCore/PiSmmCore.inf 
b/MdeModulePkg/Core/PiSmmCore/PiSmmCore.inf

index c8bfae3860..3df44b38f1 100644

--- a/MdeModulePkg/Core/PiSmmCore/PiSmmCore.inf

+++ b/MdeModulePkg/Core/PiSmmCore/PiSmmCore.inf

@@ -60,6 +60,7 @@

   PerformanceLib

   HobLib

   SmmMemLib

+  SafeIntLib



 [Protocols]

   gEfiDxeSmmReadyToLockProtocolGuid ## UNDEFINED # 
SmiHandlerRegister

diff --git a/MdeModulePkg/Core/PiSmmCore/PiSmmIpl.c 
b/MdeModulePkg/Core/PiSmmCore/PiSmmIpl.c

index 4f00cebaf5..fbba868fd0 100644

---

Re: [edk2-devel] Building EDK2 without Azure Pipelines

2022-07-01 Thread Demeter, Miki 
Hi G

Instructions for Building EDK II on Linux and Windows can be found here:

https://github.com/tianocore/tianocore.github.io/wiki/Getting-Started-with-EDK-II

-miki


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#90979): https://edk2.groups.io/g/devel/message/90979
Mute This Topic: https://groups.io/mt/92108784/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] TianoCore Community Meeting 20220505 APAC/NAMO

2022-05-06 Thread Demeter, Miki 
**Highlights:**
- Coverity update from Felix
- GSOC – 7 Prospects going through ranking and rating  Should know near the end 
of May.


# Meeting Minutes:

1) **Event Updates (_5 minutes]**
- **No Event Updates **

2) [**Stable Tag Updates (_5 minutes_)**
- Soft Freeze - 2022-05-9
- Hard freeze - 2022-05-16
- 2022- Release – 2022-05-30
 -** Stable Tag 20220225 released **

3) **Stewards Download (_20 minutes_)**
- No stewards update Monthly meeting was cancelled this month

-**Coverity Status**
- Coverity update – Felix is working on Coverity
-- issues trying to find some middle ground for who fixes issues – Maintainers 
may have to step up
-- Open Coverity only allows one week scan per week – Can’t make developers 
wait for a week to scan patches


-** Bugzilla Status **
- Still Need developers to update issues Bug Scrubs working through issues


4) **Opens (_30 minutes_)**
-  No Opens

** AR:  ** Miki to send rajnish chauhan [7:48 PM] rajnish chauhan (Guest)
rajnis...@gmail.com


Next meeting will be back on the on the first Thursday of the month.


--
Miki Demeter (she/her/Miki)
Security Researcher / FW Developer
FST
Intel Corporation

Co-Chair, Network of Intel African-Ancestry(NIA) - Oregon
NIA-Oregon

Portland Women in Tech Best Speaker
miki.deme...@intel.com
503.712.8030 (office)
971.248.0123 (cell)



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#89556): https://edk2.groups.io/g/devel/message/89556
Mute This Topic: https://groups.io/mt/90934214/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] TianoCore Community Meeting EMEA/NAMO 20220506

2022-05-05 Thread Demeter, Miki 
# TianoCore Community Meeting


**Highlights:**
- Coverity update from Felix

# Meeting Minutes:

1) **Event Updates (_5 minutes]**
- **No Event Updates **

2) [**Stable Tag Updates (_5 minutes_)**
- Soft Freeze - 2022-
- Hard freeze - 2022-
- 2022- Release
 -** Stable Tag 20220225 released **

3) **Stewards Download (_20 minutes_)**
- No stewards update Monthly meeting was cancelled this month

-**Coverity Status**
- Coverity update – Felix is working on Coverity
-- issues trying to find some middle ground for who fixes issues – Maintainers 
may have to step up
-- Open Coverity only allows one week scan per week – Can’t make developers 
wait for a week to scan patches


-** Bugzilla Status **
- Still Need developers to update issues Bug Scrubs working through issues


4) **Opens (_30 minutes_)**
-  No Opens

**AR: None**

Next meeting will be back on the on the first Thursday of the month.



--
Miki Demeter (she/her/Miki)
Security Researcher / FW Developer
FST
Intel Corporation

Co-Chair, Network of Intel African-Ancestry(NIA) - Oregon
NIA-Oregon

Portland Women in Tech Best Speaker
miki.deme...@intel.com
503.712.8030 (office)
971.248.0123 (cell)



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#89545): https://edk2.groups.io/g/devel/message/89545
Mute This Topic: https://groups.io/mt/90914907/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] TianoCore Community Meeting 20220407 APAC/NAMO

2022-04-07 Thread Demeter, Miki 
**Highlights:**
- GSOC Need Additional Mentors more is better
- Bugzilla Status update – Devs still need to update status (ongoing issue)
- UEFI Summit switched to Virtual only
- Question to the community Concerns about additional dependencies? See 
Comments in Stewards Download

# Meeting Minutes:

1) **Event Updates (_5 minutes]**
- **UEFI Summit switched to Virtual only**

2) [**Stable Tag Updates (_5 minutes_)**
- Soft Freeze - 2022-
- Hard freeze - 2022-
- 2022- Release
 -** Stable Tag 20220225 released **

3) **Stewards Download (_20 minutes_)**
-**Coverity Status**
-- No Updates
- Raised topic number of dependencies on external services (git sub-modules, 
tools VS, iasm, nasm, Python, pip module)
-- CI tools (spell check has a dependency on node package manager)
-- Stewards responsible to validate whether new dependencies are appropriate.
-- Developer helper tools (don’t affect CI builds)
-- Question to the community Concerns about additional dependencies
- **Comments** – We can’t afford to maintain our own set of tools. Dependencies 
allow us to leverage tools we don’t have time to build


-** Bugzilla Status**
- Still Need developers to update issues - Bug Scrubs working through issues


4) **Opens (_30 minutes_)**
- Brian Johnson concerned about the way build system has become too complex 
need to simplify, possibly a docker image to help
-- git submodules are complex and not well liked
- Rebecka helping Andrew to get the GDB scripts rebased and checked in waiting 
on a few more reviews.
- Rajnish – A way to run CI/CD Locally - 
https://github.com/tianocore/edk2/tree/master/.pytool#running-ci-locally
- Sean Brogan – Our RFC process needs to be reworked to be better involved. – 
Look at they way Rust utilizes github.
- Nate Desimone – 2 students want to add Rust support to edk2 not enough 
skilled Mentors
- Kevin Davis & Sean Brogan – PE file python module leverage the existing 
library - https://pypi.org/project/pefile/
- Sean Brogan suggests a larger community discussion on Rust

**AR: Miki reach out to Felix for update on (Coverity)**
**AR: Forward info on UEFI Summit-  
brian.john...@hpe.com, 
rajnish.s.chau...@dell.com **

Next meeting will be back on the on the first Thursday of the month.

--
Miki Demeter (she/her)
Security Researcher
IPAS GO
Intel Corporation

Portland Women in Tech Best Speaker 2019
miki.deme...@intel.com



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#88571): https://edk2.groups.io/g/devel/message/88571
Mute This Topic: https://groups.io/mt/90328594/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] TianoCore Community Meeting 20220407 EMEA/NAMO

2022-04-07 Thread Demeter, Miki 
# TianoCore Community Meeting


**Highlights:**
- GSOC Need Additional Primary Mentors???
- Bugzilla Status update – Devs still need to update status (ongoing issue)
- UEFI Summit switched to Virtual only
- Question to the community Concerns about additional dependencies?

# Meeting Minutes:

1) **Event Updates (_5 minutes]**
- **UEFI Summit switched to Virtual only**

2) [**Stable Tag Updates (_5 minutes_)**
- Soft Freeze - 2022-
- Hard freeze - 2022-
- 2022- Release
 -** Stable Tag 20220225 released **

3) **Stewards Download (_20 minutes_)**
-**Coverity Status**
-- No Updates
- Raised topic number of dependencies on external services (git sub-modules, 
tools VS, iasm, nasm, Python, pip module)
-- CI tools (spell check has a dependency on node package manager)
-- Stewards responsible to validate whether new dependencies are appropriate.
-- Developer helper tools (don’t affect CI builds)
-- Question to the community Concerns about additional dependencies


-** Bugzilla Status **
- Still Need developers to update issues Bug Scrubs working through issues


4) **Opens (_30 minutes_)**
- Brian Johnson concerned about the way build system has become too complex 
need to simplify, possibly a docker image to help
-- git submodules are complex and not well liked
- Rebecka helping Andrew to get the GDB scripts rebased and checked in waiting 
on a few more reviews.
- Rajnish – A way to run CI/CD Locally - 
https://github.com/tianocore/edk2/tree/master/.pytool#running-ci-locally

**AR: Miki reach out to Nate(GSOC) and Felix (Coverity)**
**AR: Forward info on UEFI Summit-  
brian.john...@hpe.com, 
rajnish.s.chau...@dell.com **

Next meeting will be back on the on the first Thursday of the month.


--
Miki Demeter (she/her)
Security Researcher
IPAS GO
Intel Corporation

Portland Women in Tech Best Speaker 2019
miki.deme...@intel.com



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#88546): https://edk2.groups.io/g/devel/message/88546
Mute This Topic: https://groups.io/mt/90317261/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] February - TianoCore Community Meeting

2022-02-10 Thread Demeter, Miki 
# TianoCore Community Meeting
 
 
**Highlights:**
- GSOC Call for Mentors Mid-May thru Mid-August (few hours per week) 
- Andrew’s GDB scripts Committed.  Discussed in Stewards Meeting Needs to be 
re-submitted to BaseTools
- Suggestion for new community meeting focusing on CI and BaseTools
- Bugzilla Status update - Devs need to update status 

# Meeting Minutes:
 
1) **Event Updates (_5 minutes]**
- **UEFI Summit shifting to Virtual Event**
- Call for presenters out now
 
2) [**Stable Tag Updates (_5 minutes_)**
- Soft Freeze now - 2022-02-07
- Hard freeze - 2022-02-11
- 2022-02-25 Release
 
 
3) **Stewards Download (_20 minutes_)**
-** Compiler intrinsics **
- Would be nice to submit small set of intrinsics for compilers supported to 
make developer experience better
- Community ask to find people to support the major compilers supported to help 
push forward
-**GDB Debugger script - See opens**
-**Path to move from BaseTools** 
-**Suggestion for new community meeting focusing on CI and BaseTools **
- Supportive by stewards that this would be beneficial
-** Bugzilla Status **
- Need developers to update issues 

4) **Opens (_30 minutes_)**
- Andrew’s GDB scripts Committed.  Discussed in Stewards Meeting Needs to be 
resubmitted to BaseTools
- GSOC Call for Mentors Mid-May thru Mid-August (few hours per week)
- GSOC Projects https://github.com/tianocore/tianocore.github.io/wiki/Tasks  
Make Suggestion Adds and Deletes (
- Run new version of Open Coverity (mid February time frame) to see if it 
reduces False Positives. (Felix and Michael)


Next meeting will be back on the on the normal day .


-- 
Miki Demeter (she/her)
Intel Corporation
 
Co-Chair, Network of Intel African-Ancestry(NIA) - Oregon
NIA-Oregon 

 
Portland Women in Tech Best Speaker 2019




-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#86573): https://edk2.groups.io/g/devel/message/86573
Mute This Topic: https://groups.io/mt/8908/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-