From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <bounce+27952+109637+7686176+12367111@groups.io>
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108])
	by spool.mail.gandi.net (Postfix) with ESMTPS id E8064740052
	for <rebecca@openfw.io>; Mon, 16 Oct 2023 13:18:26 +0000 (UTC)
DKIM-Signature: a=rsa-sha256; bh=lJpfhEacY6glV5ktzIMHl0QvF7DjcOHpQ+vas6Clcn0=;
 c=relaxed/simple; d=groups.io;
 h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding;
 s=20140610; t=1697462305; v=1;
 b=ncQ6YP8YJUuuj4EokPQPz1Ab4l+5FcFxu8a2sQN1hcf4VD5e0f8Ca/owS7uut2mS0cNCRE3m
 5xn/+aoeGje3J/0hRR7sQIPF4sGQaWzQSYBne+iIrLs5UWMMYq28XlTzzopFajSS5rND4omgdB/
 nbE8WaK+OKeP40X3lXivPOGY=
X-Received: by 127.0.0.2 with SMTP id BgY8YY7687511xVeqIPADVRM; Mon, 16 Oct 2023 06:18:25 -0700
X-Received: from mail-lj1-f173.google.com (mail-lj1-f173.google.com [209.85.208.173])
 by mx.groups.io with SMTP id smtpd.web10.123811.1697462304097235177
 for <devel@edk2.groups.io>;
 Mon, 16 Oct 2023 06:18:24 -0700
X-Received: by mail-lj1-f173.google.com with SMTP id 38308e7fff4ca-2b9338e4695so58223171fa.2
        for <devel@edk2.groups.io>; Mon, 16 Oct 2023 06:18:23 -0700 (PDT)
X-Gm-Message-State: x0OkdKfFhTIugbhXtQ3TRbO2x7686176AA=
X-Google-Smtp-Source: AGHT+IEN9sFd32PzDeZ/z2YweOOKfPEMi0vrQ+VDWC8smmWq61LmxTO1LD2S24ZV7qBW6YGh5KFHWQ==
X-Received: by 2002:a2e:2a46:0:b0:2c5:1ad0:e2ff with SMTP id q67-20020a2e2a46000000b002c51ad0e2ffmr3874781ljq.39.1697462301904;
        Mon, 16 Oct 2023 06:18:21 -0700 (PDT)
X-Received: from PC10319.67 ([82.97.198.254])
        by smtp.googlemail.com with ESMTPSA id 9-20020a2e1449000000b002ba586d27a2sm1362545lju.26.2023.10.16.06.18.21
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Mon, 16 Oct 2023 06:18:21 -0700 (PDT)
From: "Konstantin Aladyshev" <aladyshev22@gmail.com>
To: devel@edk2.groups.io
Cc: abner.chang@amd.com,
	isaac.w.oram@intel.com,
	AbdulLateef.Attar@amd.com,
	nicklew@nvidia.com,
	Konstantin Aladyshev <aladyshev22@gmail.com>
Subject: [edk2-devel] [PATCH edk2-platforms 04/10] ManageabilityPkg: Check header fields in the MCTP response
Date: Mon, 16 Oct 2023 16:18:10 +0300
Message-Id: <20231016131816.6634-5-aladyshev22@gmail.com>
In-Reply-To: <20231016131816.6634-1-aladyshev22@gmail.com>
References: <20231016131816.6634-1-aladyshev22@gmail.com>
MIME-Version: 1.0
Precedence: Bulk
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,aladyshev22@gmail.com
List-Unsubscribe-Post: List-Unsubscribe=One-Click
List-Unsubscribe: <https://edk2.groups.io/g/devel/leave/12367111/7686176/1913456212/plugh>
Content-Transfer-Encoding: quoted-printable
X-GND-Status: LEGIT
Authentication-Results: spool.mail.gandi.net;
	dkim=pass header.d=groups.io header.s=20140610 header.b=ncQ6YP8Y;
	dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=gmail.com (policy=none);
	spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io

Add checks for the MCTP header fields in the MCTP response.

Signed-off-by: Konstantin Aladyshev <aladyshev22@gmail.com>
---
 .../MctpProtocol/Common/MctpProtocolCommon.c  | 82 +++++++++++++++++++
 1 file changed, 82 insertions(+)

diff --git a/Features/ManageabilityPkg/Universal/MctpProtocol/Common/MctpPr=
otocolCommon.c b/Features/ManageabilityPkg/Universal/MctpProtocol/Common/Mc=
tpProtocolCommon.c
index e560c638d5..5844d54eb2 100644
--- a/Features/ManageabilityPkg/Universal/MctpProtocol/Common/MctpProtocolC=
ommon.c
+++ b/Features/ManageabilityPkg/Universal/MctpProtocol/Common/MctpProtocolC=
ommon.c
@@ -461,6 +461,88 @@ CommonMctpSubmitMessage (
                                                     &TransferToken=0D
                                                     );=0D
 =0D
+  MctpTransportResponseHeader =3D (MCTP_TRANSPORT_HEADER *)ResponseBuffer;=
=0D
+  if (MctpTransportResponseHeader->Bits.HeaderVersion !=3D MCTP_KCS_HEADER=
_VERSION) {=0D
+    DEBUG ((=0D
+      DEBUG_ERROR,=0D
+      "%a: Error! Response HeaderVersion (0x%02x) doesn't match MCTP_KCS_H=
EADER_VERSION (0x%02x)\n",=0D
+      __func__,=0D
+      MctpTransportResponseHeader->Bits.HeaderVersion,=0D
+      MCTP_KCS_HEADER_VERSION=0D
+      ));=0D
+    FreePool (ResponseBuffer);=0D
+    return EFI_DEVICE_ERROR;=0D
+  }=0D
+  if (MctpTransportResponseHeader->Bits.MessageTag !=3D MCTP_MESSAGE_TAG) =
{=0D
+    DEBUG ((=0D
+      DEBUG_ERROR,=0D
+      "%a: Error! Response MessageTag (0x%02x) doesn't match MCTP_MESSAGE_=
TAG (0x%02x)\n",=0D
+      __func__,=0D
+      MctpTransportResponseHeader->Bits.MessageTag,=0D
+      MCTP_MESSAGE_TAG=0D
+      ));=0D
+    FreePool (ResponseBuffer);=0D
+    return EFI_DEVICE_ERROR;=0D
+  }=0D
+  if (MctpTransportResponseHeader->Bits.TagOwner !=3D MCTP_MESSAGE_TAG_OWN=
ER_RESPONSE) {=0D
+    DEBUG ((=0D
+      DEBUG_ERROR,=0D
+      "%a: Error! Response TagOwner (0x%02x) doesn't match MCTP_MESSAGE_TA=
G_OWNER_RESPONSE (0x%02x)\n",=0D
+      __func__,=0D
+      MctpTransportResponseHeader->Bits.TagOwner,=0D
+      MCTP_MESSAGE_TAG_OWNER_RESPONSE=0D
+      ));=0D
+    FreePool (ResponseBuffer);=0D
+    return EFI_DEVICE_ERROR;=0D
+  }=0D
+  if (MctpTransportResponseHeader->Bits.SourceEndpointId !=3D MctpDestinat=
ionEndpointId) {=0D
+    DEBUG ((=0D
+      DEBUG_ERROR,=0D
+      "%a: Error! Response SrcEID (0x%02x) doesn't match sent EID (0x%02x)=
\n",=0D
+      __func__,=0D
+      MctpTransportResponseHeader->Bits.SourceEndpointId,=0D
+      MctpDestinationEndpointId=0D
+      ));=0D
+    FreePool (ResponseBuffer);=0D
+    return EFI_DEVICE_ERROR;=0D
+  }=0D
+  if (MctpTransportResponseHeader->Bits.DestinationEndpointId !=3D MctpSou=
rceEndpointId) {=0D
+    DEBUG ((=0D
+      DEBUG_ERROR,=0D
+      "%a: Error! Response DestEID (0x%02x) doesn't match local EID (0x%02=
x)\n",=0D
+      __func__,=0D
+      MctpTransportResponseHeader->Bits.DestinationEndpointId,=0D
+      MctpSourceEndpointId=0D
+      ));=0D
+    FreePool (ResponseBuffer);=0D
+    return EFI_DEVICE_ERROR;=0D
+  }=0D
+=0D
+  MctpMessageResponseHeader =3D (MCTP_MESSAGE_HEADER *)(MctpTransportRespo=
nseHeader + 1);=0D
+  if (MctpMessageResponseHeader->Bits.MessageType !=3D MctpType) {=0D
+    DEBUG ((=0D
+      DEBUG_ERROR,=0D
+      "%a: Error! Response MessageType (0x%02x) doesn't match sent Message=
Type (0x%02x)\n",=0D
+      __func__,=0D
+      MctpMessageResponseHeader->Bits.MessageType,=0D
+      MctpType=0D
+      ));=0D
+    FreePool (ResponseBuffer);=0D
+    return EFI_DEVICE_ERROR;=0D
+  }=0D
+=0D
+  if (MctpMessageResponseHeader->Bits.IntegrityCheck !=3D (UINT8)RequestDa=
taIntegrityCheck) {=0D
+    DEBUG ((=0D
+      DEBUG_ERROR,=0D
+      "%a: Error! Response IntegrityCheck (%d) doesn't match sent Integrit=
yCheck (%d)\n",=0D
+      __func__,=0D
+      MctpMessageResponseHeader->Bits.IntegrityCheck,=0D
+      (UINT8)RequestDataIntegrityCheck=0D
+      ));=0D
+    FreePool (ResponseBuffer);=0D
+    return EFI_DEVICE_ERROR;=0D
+  }=0D
+=0D
   //=0D
   // Return transfer status.=0D
   //=0D
--=20
2.34.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#109637): https://edk2.groups.io/g/devel/message/109637
Mute This Topic: https://groups.io/mt/101994942/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-