From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <bounce+27952+109912+7686176+12367111@groups.io>
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108])
	by spool.mail.gandi.net (Postfix) with ESMTPS id D7E66740054
	for <rebecca@openfw.io>; Mon, 23 Oct 2023 13:05:23 +0000 (UTC)
DKIM-Signature: a=rsa-sha256; bh=jDD2oznuhS1cQrYp9Djhk5pvUdhPzBhvaP51SWBnetU=;
 c=relaxed/simple; d=groups.io;
 h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding;
 s=20140610; t=1698066322; v=1;
 b=v4gOQFKB/leWrXSEgWQxJvYo3cK2vlylLJwmNt8z4akStNuktCOSP1eP0W5FqKI9D+W0fhg/
 rd+jrYR1LK46tnc4F4A3oCDUGnvGfYlC4XCL2+THEEbRchXsfNvZZSr36N5GdHWsazIuCzkjldx
 svo1ExBMiF7fuxbbyalP8/B8=
X-Received: by 127.0.0.2 with SMTP id EQCnYY7687511xQhbmOQFHm2; Mon, 23 Oct 2023 06:05:22 -0700
X-Received: from mail-lf1-f44.google.com (mail-lf1-f44.google.com [209.85.167.44])
 by mx.groups.io with SMTP id smtpd.web11.120283.1698066321141455304
 for <devel@edk2.groups.io>;
 Mon, 23 Oct 2023 06:05:21 -0700
X-Received: by mail-lf1-f44.google.com with SMTP id 2adb3069b0e04-507a55302e0so4412857e87.0
        for <devel@edk2.groups.io>; Mon, 23 Oct 2023 06:05:20 -0700 (PDT)
X-Gm-Message-State: Ho5gRQDativHpfPIhOAJzWJjx7686176AA=
X-Google-Smtp-Source: AGHT+IEgPPoiRqFEPj/TI1uLxDDfwJv3rRtJgP3oxFhJMc+8qHodLq9L6znLRsP3xnc5G82bGLGY1Q==
X-Received: by 2002:a2e:8718:0:b0:2c1:9a8b:f67 with SMTP id m24-20020a2e8718000000b002c19a8b0f67mr6996096lji.1.1698066318949;
        Mon, 23 Oct 2023 06:05:18 -0700 (PDT)
X-Received: from PC10319.67 ([82.97.198.254])
        by smtp.googlemail.com with ESMTPSA id r11-20020a2e994b000000b002b9e0d19644sm1550081ljj.106.2023.10.23.06.05.17
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Mon, 23 Oct 2023 06:05:18 -0700 (PDT)
From: "Konstantin Aladyshev" <aladyshev22@gmail.com>
To: devel@edk2.groups.io
Cc: abner.chang@amd.com,
	AbdulLateef.Attar@amd.com,
	nicklew@nvidia.com,
	Konstantin Aladyshev <aladyshev22@gmail.com>
Subject: [edk2-devel] [PATCH edk2-platforms v3 04/16] ManageabilityPkg: Check header fields in the MCTP response
Date: Mon, 23 Oct 2023 16:04:59 +0300
Message-Id: <20231023130511.4521-5-aladyshev22@gmail.com>
In-Reply-To: <20231023130511.4521-1-aladyshev22@gmail.com>
References: <20231023130511.4521-1-aladyshev22@gmail.com>
MIME-Version: 1.0
Precedence: Bulk
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,aladyshev22@gmail.com
List-Unsubscribe-Post: List-Unsubscribe=One-Click
List-Unsubscribe: <https://edk2.groups.io/g/devel/leave/12367111/7686176/1913456212/plugh>
Content-Transfer-Encoding: quoted-printable
X-GND-Status: LEGIT
Authentication-Results: spool.mail.gandi.net;
	dkim=pass header.d=groups.io header.s=20140610 header.b=v4gOQFKB;
	dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=gmail.com (policy=none);
	spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io

Add checks for the MCTP header fields in the MCTP response.

Signed-off-by: Konstantin Aladyshev <aladyshev22@gmail.com>
---
 .../MctpProtocol/Common/MctpProtocolCommon.c  | 82 +++++++++++++++++++
 1 file changed, 82 insertions(+)

diff --git a/Features/ManageabilityPkg/Universal/MctpProtocol/Common/MctpPr=
otocolCommon.c b/Features/ManageabilityPkg/Universal/MctpProtocol/Common/Mc=
tpProtocolCommon.c
index e560c638d5..5844d54eb2 100644
--- a/Features/ManageabilityPkg/Universal/MctpProtocol/Common/MctpProtocolC=
ommon.c
+++ b/Features/ManageabilityPkg/Universal/MctpProtocol/Common/MctpProtocolC=
ommon.c
@@ -461,6 +461,88 @@ CommonMctpSubmitMessage (
                                                     &TransferToken=0D
                                                     );=0D
 =0D
+  MctpTransportResponseHeader =3D (MCTP_TRANSPORT_HEADER *)ResponseBuffer;=
=0D
+  if (MctpTransportResponseHeader->Bits.HeaderVersion !=3D MCTP_KCS_HEADER=
_VERSION) {=0D
+    DEBUG ((=0D
+      DEBUG_ERROR,=0D
+      "%a: Error! Response HeaderVersion (0x%02x) doesn't match MCTP_KCS_H=
EADER_VERSION (0x%02x)\n",=0D
+      __func__,=0D
+      MctpTransportResponseHeader->Bits.HeaderVersion,=0D
+      MCTP_KCS_HEADER_VERSION=0D
+      ));=0D
+    FreePool (ResponseBuffer);=0D
+    return EFI_DEVICE_ERROR;=0D
+  }=0D
+  if (MctpTransportResponseHeader->Bits.MessageTag !=3D MCTP_MESSAGE_TAG) =
{=0D
+    DEBUG ((=0D
+      DEBUG_ERROR,=0D
+      "%a: Error! Response MessageTag (0x%02x) doesn't match MCTP_MESSAGE_=
TAG (0x%02x)\n",=0D
+      __func__,=0D
+      MctpTransportResponseHeader->Bits.MessageTag,=0D
+      MCTP_MESSAGE_TAG=0D
+      ));=0D
+    FreePool (ResponseBuffer);=0D
+    return EFI_DEVICE_ERROR;=0D
+  }=0D
+  if (MctpTransportResponseHeader->Bits.TagOwner !=3D MCTP_MESSAGE_TAG_OWN=
ER_RESPONSE) {=0D
+    DEBUG ((=0D
+      DEBUG_ERROR,=0D
+      "%a: Error! Response TagOwner (0x%02x) doesn't match MCTP_MESSAGE_TA=
G_OWNER_RESPONSE (0x%02x)\n",=0D
+      __func__,=0D
+      MctpTransportResponseHeader->Bits.TagOwner,=0D
+      MCTP_MESSAGE_TAG_OWNER_RESPONSE=0D
+      ));=0D
+    FreePool (ResponseBuffer);=0D
+    return EFI_DEVICE_ERROR;=0D
+  }=0D
+  if (MctpTransportResponseHeader->Bits.SourceEndpointId !=3D MctpDestinat=
ionEndpointId) {=0D
+    DEBUG ((=0D
+      DEBUG_ERROR,=0D
+      "%a: Error! Response SrcEID (0x%02x) doesn't match sent EID (0x%02x)=
\n",=0D
+      __func__,=0D
+      MctpTransportResponseHeader->Bits.SourceEndpointId,=0D
+      MctpDestinationEndpointId=0D
+      ));=0D
+    FreePool (ResponseBuffer);=0D
+    return EFI_DEVICE_ERROR;=0D
+  }=0D
+  if (MctpTransportResponseHeader->Bits.DestinationEndpointId !=3D MctpSou=
rceEndpointId) {=0D
+    DEBUG ((=0D
+      DEBUG_ERROR,=0D
+      "%a: Error! Response DestEID (0x%02x) doesn't match local EID (0x%02=
x)\n",=0D
+      __func__,=0D
+      MctpTransportResponseHeader->Bits.DestinationEndpointId,=0D
+      MctpSourceEndpointId=0D
+      ));=0D
+    FreePool (ResponseBuffer);=0D
+    return EFI_DEVICE_ERROR;=0D
+  }=0D
+=0D
+  MctpMessageResponseHeader =3D (MCTP_MESSAGE_HEADER *)(MctpTransportRespo=
nseHeader + 1);=0D
+  if (MctpMessageResponseHeader->Bits.MessageType !=3D MctpType) {=0D
+    DEBUG ((=0D
+      DEBUG_ERROR,=0D
+      "%a: Error! Response MessageType (0x%02x) doesn't match sent Message=
Type (0x%02x)\n",=0D
+      __func__,=0D
+      MctpMessageResponseHeader->Bits.MessageType,=0D
+      MctpType=0D
+      ));=0D
+    FreePool (ResponseBuffer);=0D
+    return EFI_DEVICE_ERROR;=0D
+  }=0D
+=0D
+  if (MctpMessageResponseHeader->Bits.IntegrityCheck !=3D (UINT8)RequestDa=
taIntegrityCheck) {=0D
+    DEBUG ((=0D
+      DEBUG_ERROR,=0D
+      "%a: Error! Response IntegrityCheck (%d) doesn't match sent Integrit=
yCheck (%d)\n",=0D
+      __func__,=0D
+      MctpMessageResponseHeader->Bits.IntegrityCheck,=0D
+      (UINT8)RequestDataIntegrityCheck=0D
+      ));=0D
+    FreePool (ResponseBuffer);=0D
+    return EFI_DEVICE_ERROR;=0D
+  }=0D
+=0D
   //=0D
   // Return transfer status.=0D
   //=0D
--=20
2.34.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#109912): https://edk2.groups.io/g/devel/message/109912
Mute This Topic: https://groups.io/mt/102134652/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-