On 02/23/18 14:23, [email protected] wrote:
> From: Marc-André Lureau <[email protected]>
>
> Without this hack, GetNextHob() loops infinitely with the next patch.
> I don't understand the reason.
>
> The loop is triggered by the GetFirstGuidHob (&gTpmErrorHobGuid) call.
>
> CC: Laszlo Ersek <[email protected]>
> CC: Stefan Berger <[email protected]>
> Contributed-under: TianoCore Contribution Agreement 1.0
> Signed-off-by: Marc-André Lureau <[email protected]>
> ---
> MdePkg/Library/PeiHobLib/HobLib.c | 4 ++++
> 1 file changed, 4 insertions(+)
>
> diff --git a/MdePkg/Library/PeiHobLib/HobLib.c
> b/MdePkg/Library/PeiHobLib/HobLib.c
> index 5c0eeb992f..ed3c5fbd6d 100644
> --- a/MdePkg/Library/PeiHobLib/HobLib.c
> +++ b/MdePkg/Library/PeiHobLib/HobLib.c
> @@ -89,6 +89,10 @@ GetNextHob (
> if (Hob.Header->HobType == Type) {
> return Hob.Raw;
> }
> + if (GET_HOB_LENGTH (HobStart) == 0) {
> + DEBUG ((DEBUG_INFO, "FIXME: GetNextHob length == 0"));
> + return NULL;
> + }
> Hob.Raw = GET_NEXT_HOB (Hob);
> }
> return NULL;
>
Strange. The HobLength field is supposed to include the size of the HOB header,
so it should never be zero.
Furthermore, the PEI core initializes the HOB list; it should be terminated
with an End-of-HOB-List HOB:
PeiCore() [MdeModulePkg/Core/Pei/PeiMain/PeiMain.c]
InitializeMemoryServices()
[MdeModulePkg/Core/Pei/Memory/MemoryServices.c]
PeiCoreBuildHobHandoffInfoTable() [MdeModulePkg/Core/Pei/Hob/Hob.c]
I tried to reproduce this issue by:
- applying patches 1, 2, and 4
- in function PeimEntryMA(), file "SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c", moving
the GetFirstGuidHob (&gTpmErrorHobGuid) call to the top of the function.
It didn't hang for me.
Laszlo
