Re: [edk2] [Patch] SecurityPkg/Tpm12CommandLib: Always check response returnCode

Tue, 24 Jan 2017 00:38:48 -0800 

Reviewed-by : Chao Zhang <chao.b.zh...@intel.com>

-----Original Message-----
From: Yao, Jiewen 
Sent: Tuesday, January 24, 2017 4:20 PM
To: Kinney, Michael D <michael.d.kin...@intel.com>; edk2-devel@lists.01.org
Cc: Zhang, Chao B <chao.b.zh...@intel.com>
Subject: RE: [Patch] SecurityPkg/Tpm12CommandLib: Always check response 
returnCode

Reviewed-by: jiewen....@intel.com

> -----Original Message-----
> From: Kinney, Michael D
> Sent: Wednesday, January 11, 2017 2:23 AM
> To: edk2-devel@lists.01.org
> Cc: Zhang, Chao B <chao.b.zh...@intel.com>; Yao, Jiewen 
> <jiewen....@intel.com>
> Subject: [Patch] SecurityPkg/Tpm12CommandLib: Always check response 
> returnCode
> 
> https://bugzilla.tianocore.org/show_bug.cgi?id=338
> 
> Update the Tpm12CommandLib to consistently check the returnCode field 
> of a response packet.  These checks are missing from the GetCapability 
> and SelfTest commands.  The functions Tpm12ContinueSelfTest(), 
> Tpm12GetCapabilityFlagPermanent(), and
> Tpm12GetCapabilityFlagVolatile() are updated to verify that the 
> response returnCode is not an error.
> 
> Cc: Chao Zhang <chao.b.zh...@intel.com>
> Cc: Jiewen Yao <jiewen....@intel.com>
> Contributed-under: TianoCore Contribution Agreement 1.0
> Signed-off-by: Michael Kinney <michael.d.kin...@intel.com>
> ---
>  SecurityPkg/Library/Tpm12CommandLib/Tpm12GetCapability.c | 12
> +++++++++++-
>  SecurityPkg/Library/Tpm12CommandLib/Tpm12SelfTest.c      | 16
> ++++++++++++++--
>  2 files changed, 25 insertions(+), 3 deletions(-)
> 
> diff --git a/SecurityPkg/Library/Tpm12CommandLib/Tpm12GetCapability.c
> b/SecurityPkg/Library/Tpm12CommandLib/Tpm12GetCapability.c
> index c33746a..c6eb9e1 100644
> --- a/SecurityPkg/Library/Tpm12CommandLib/Tpm12GetCapability.c
> +++ b/SecurityPkg/Library/Tpm12CommandLib/Tpm12GetCapability.c
> @@ -1,7 +1,7 @@
>  /** @file
>    Implement TPM1.2 Get Capabilities related commands.
> 
> -Copyright (c) 2016, Intel Corporation. All rights reserved. <BR>
> +Copyright (c) 2016 - 2017, Intel Corporation. All rights reserved. 
> +<BR>
>  This program and the accompanying materials  are licensed and made 
> available under the terms and conditions of the BSD License  which 
> accompanies this distribution.  The full text of the license may be 
> found at @@ -79,6 +79,11 @@ Tpm12GetCapabilityFlagPermanent (
>      return Status;
>    }
> 
> +  if (SwapBytes32 (Response.Hdr.returnCode) != TPM_SUCCESS) {
> +    DEBUG ((DEBUG_ERROR, "Tpm12GetCapabilityFlagPermanent: Response
> Code error! 0x%08x\r\n", SwapBytes32 (Response.Hdr.returnCode)));
> +    return EFI_DEVICE_ERROR;
> +  }
> +
>    ZeroMem (TpmPermanentFlags, sizeof (*TpmPermanentFlags));
>    CopyMem (TpmPermanentFlags, &Response.Flags, MIN (sizeof 
> (*TpmPermanentFlags), Response.ResponseSize));
> 
> @@ -120,6 +125,11 @@ Tpm12GetCapabilityFlagVolatile (
>      return Status;
>    }
> 
> +  if (SwapBytes32 (Response.Hdr.returnCode) != TPM_SUCCESS) {
> +    DEBUG ((DEBUG_ERROR, "Tpm12GetCapabilityFlagVolatile: Response 
> + Code
> error! 0x%08x\r\n", SwapBytes32 (Response.Hdr.returnCode)));
> +    return EFI_DEVICE_ERROR;
> +  }
> +
>    ZeroMem (VolatileFlags, sizeof (*VolatileFlags));
>    CopyMem (VolatileFlags, &Response.Flags, MIN (sizeof 
> (*VolatileFlags), Response.ResponseSize));
> 
> diff --git a/SecurityPkg/Library/Tpm12CommandLib/Tpm12SelfTest.c
> b/SecurityPkg/Library/Tpm12CommandLib/Tpm12SelfTest.c
> index 8e232ee..579fed7 100644
> --- a/SecurityPkg/Library/Tpm12CommandLib/Tpm12SelfTest.c
> +++ b/SecurityPkg/Library/Tpm12CommandLib/Tpm12SelfTest.c
> @@ -1,7 +1,7 @@
>  /** @file
>    Implement TPM1.2 NV Self Test related commands.
> 
> -Copyright (c) 2016, Intel Corporation. All rights reserved. <BR>
> +Copyright (c) 2016 - 2017, Intel Corporation. All rights reserved. 
> +<BR>
>  (C) Copyright 2016 Hewlett Packard Enterprise Development LP<BR>  
> This program and the accompanying materials  are licensed and made 
> available under the terms and conditions of the BSD License @@ -16,6 
> +16,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER 
> EXPRESS OR IMPLIED.
>  #include <PiPei.h>
>  #include <Library/Tpm12CommandLib.h>
>  #include <Library/BaseLib.h>
> +#include <Library/DebugLib.h>
>  #include <Library/Tpm12DeviceLib.h>
> 
>  /**
> @@ -33,6 +34,7 @@ Tpm12ContinueSelfTest (
>    VOID
>    )
>  {
> +  EFI_STATUS           Status;
>    TPM_RQU_COMMAND_HDR  Command;
>    TPM_RSP_COMMAND_HDR  Response;
>    UINT32               Length;
> @@ -44,5 +46,15 @@ Tpm12ContinueSelfTest (
>    Command.paramSize = SwapBytes32 (sizeof (Command));
>    Command.ordinal   = SwapBytes32 (TPM_ORD_ContinueSelfTest);
>    Length = sizeof (Response);
> -  return Tpm12SubmitCommand (sizeof (Command), (UINT8 *)&Command, 
> &Length, (UINT8 *)&Response);
> +  Status = Tpm12SubmitCommand (sizeof (Command), (UINT8 *)&Command,
> &Length, (UINT8 *)&Response);
> +  if (EFI_ERROR (Status)) {
> +    return Status;
> +  }
> +
> +  if (SwapBytes32 (Response.returnCode) != TPM_SUCCESS) {
> +    DEBUG ((DEBUG_ERROR, "Tpm12ContinueSelfTest: Response Code error!
> 0x%08x\r\n", SwapBytes32 (Response.returnCode)));
> +    return EFI_DEVICE_ERROR;
> +  }
> +
> +  return Status;
>  }
> --
> 2.6.3.windows.1

_______________________________________________
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Reply via email to