Is there an existing issue for this?
Bug Type
What packages are impacted?
MdeModulePkg
Which targets are impacted by this bug?
RELEASE, DEBUG
Current Behavior
NvmExpressMediaClear: BufferSize passed as 1 instead of block size → function is completely non-functional
Why this is a real bug:
WriteBlocks expects BufferSize in bytes. The call passes 1:
NvmeBlockIoWriteBlocks checks (BufferSize % BlockSize) != 0. Since 1 % 512 != 0 (for any standard block size ≥ 2), this always returns EFI_BAD_BUFFER_SIZE.
Consequence:
The NIST 800-88r1 media clear operation is entirely non-functional. No overwrite data is written to any sector. A caller relying on this for data sanitization receives no actual sanitization.
Why this is NOT a false positive:
The comment says "Write one sector per write" — the intent was BlockSize bytes. The EFI_BLOCK_IO_PROTOCOL specification defines BufferSize as bytes, not sectors. There is no code path where BufferSize=1 would pass the block-alignment check.
Expected Behavior
Block is overwritten
Steps To Reproduce
Trigger path:
Caller invokes NvmExpressMediaClear with valid parameters.
Inner loop calls WriteBlocks with BufferSize = 1.
NvmeBlockIoWriteBlocks returns EFI_BAD_BUFFER_SIZE.
Loop continues (no error check), every iteration fails.
Function returns last error status. No data is ever written.
Build Environment
Version Information
Urgency
High
Are you going to fix this?
I will fix it
Do you need maintainer feedback?
No maintainer feedback needed
Anything else?
Found in Project Mu microsoft/mu_basecore#1739
Is there an existing issue for this?
Bug Type
What packages are impacted?
MdeModulePkg
Which targets are impacted by this bug?
RELEASE, DEBUG
Current Behavior
NvmExpressMediaClear: BufferSize passed as 1 instead of block size → function is completely non-functional
Why this is a real bug:
WriteBlocks expects BufferSize in bytes. The call passes 1:
NvmeBlockIoWriteBlocks checks (BufferSize % BlockSize) != 0. Since 1 % 512 != 0 (for any standard block size ≥ 2), this always returns EFI_BAD_BUFFER_SIZE.
Consequence:
The NIST 800-88r1 media clear operation is entirely non-functional. No overwrite data is written to any sector. A caller relying on this for data sanitization receives no actual sanitization.
Why this is NOT a false positive:
The comment says "Write one sector per write" — the intent was BlockSize bytes. The EFI_BLOCK_IO_PROTOCOL specification defines BufferSize as bytes, not sectors. There is no code path where BufferSize=1 would pass the block-alignment check.
Expected Behavior
Block is overwritten
Steps To Reproduce
Trigger path:
Caller invokes NvmExpressMediaClear with valid parameters.
Inner loop calls WriteBlocks with BufferSize = 1.
NvmeBlockIoWriteBlocks returns EFI_BAD_BUFFER_SIZE.
Loop continues (no error check), every iteration fails.
Function returns last error status. No data is ever written.
Build Environment
Version Information
Urgency
High
Are you going to fix this?
I will fix it
Do you need maintainer feedback?
No maintainer feedback needed
Anything else?
Found in Project Mu microsoft/mu_basecore#1739