From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <jiewen.yao@intel.com>
Received: from mga09.intel.com (mga09.intel.com [134.134.136.24])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by ml01.01.org (Postfix) with ESMTPS id 855F181EFB
 for <edk2-devel@lists.01.org>; Tue, 24 Jan 2017 00:19:41 -0800 (PST)
Received: from orsmga004.jf.intel.com ([10.7.209.38])
 by orsmga102.jf.intel.com with ESMTP; 24 Jan 2017 00:19:41 -0800
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.33,277,1477983600"; d="scan'208";a="51841690"
Received: from fmsmsx103.amr.corp.intel.com ([10.18.124.201])
 by orsmga004.jf.intel.com with ESMTP; 24 Jan 2017 00:19:41 -0800
Received: from shsmsx101.ccr.corp.intel.com (10.239.4.153) by
 FMSMSX103.amr.corp.intel.com (10.18.124.201) with Microsoft SMTP Server (TLS)
 id 14.3.248.2; Tue, 24 Jan 2017 00:19:40 -0800
Received: from shsmsx102.ccr.corp.intel.com ([169.254.2.88]) by
 SHSMSX101.ccr.corp.intel.com ([169.254.1.177]) with mapi id 14.03.0248.002;
 Tue, 24 Jan 2017 16:19:38 +0800
From: "Yao, Jiewen" <jiewen.yao@intel.com>
To: "Kinney, Michael D" <michael.d.kinney@intel.com>,
 "edk2-devel@lists.01.org" <edk2-devel@lists.01.org>
CC: "Zhang, Chao B" <chao.b.zhang@intel.com>
Thread-Topic: [Patch] SecurityPkg/Tpm12CommandLib: Always check response
 returnCode
Thread-Index: AQHSa26SgXLOXA5UoEqqXV+E8alY/KFHXkoQ
Date: Tue, 24 Jan 2017 08:19:38 +0000
Message-ID: <74D8A39837DF1E4DA445A8C0B3885C503A8E4C70@shsmsx102.ccr.corp.intel.com>
References: <1484072571-6580-1-git-send-email-michael.d.kinney@intel.com>
In-Reply-To: <1484072571-6580-1-git-send-email-michael.d.kinney@intel.com>
Accept-Language: zh-CN, en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-originating-ip: [10.239.127.40]
MIME-Version: 1.0
Subject: Re: [Patch] SecurityPkg/Tpm12CommandLib: Always check response returnCode
X-BeenThere: edk2-devel@lists.01.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: EDK II Development  <edk2-devel.lists.01.org>
List-Unsubscribe: <https://lists.01.org/mailman/options/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=unsubscribe>
List-Archive: <http://lists.01.org/pipermail/edk2-devel/>
List-Post: <mailto:edk2-devel@lists.01.org>
List-Help: <mailto:edk2-devel-request@lists.01.org?subject=help>
List-Subscribe: <https://lists.01.org/mailman/listinfo/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=subscribe>
X-List-Received-Date: Tue, 24 Jan 2017 08:19:41 -0000
Content-Language: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

Reviewed-by: Jiewen.yao@intel.com

> -----Original Message-----
> From: Kinney, Michael D
> Sent: Wednesday, January 11, 2017 2:23 AM
> To: edk2-devel@lists.01.org
> Cc: Zhang, Chao B <chao.b.zhang@intel.com>; Yao, Jiewen
> <jiewen.yao@intel.com>
> Subject: [Patch] SecurityPkg/Tpm12CommandLib: Always check response
> returnCode
>=20
> https://bugzilla.tianocore.org/show_bug.cgi?id=3D338
>=20
> Update the Tpm12CommandLib to consistently check the returnCode
> field of a response packet.  These checks are missing from the
> GetCapability and SelfTest commands.  The functions
> Tpm12ContinueSelfTest(), Tpm12GetCapabilityFlagPermanent(), and
> Tpm12GetCapabilityFlagVolatile() are updated to verify that the
> response returnCode is not an error.
>=20
> Cc: Chao Zhang <chao.b.zhang@intel.com>
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> Contributed-under: TianoCore Contribution Agreement 1.0
> Signed-off-by: Michael Kinney <michael.d.kinney@intel.com>
> ---
>  SecurityPkg/Library/Tpm12CommandLib/Tpm12GetCapability.c | 12
> +++++++++++-
>  SecurityPkg/Library/Tpm12CommandLib/Tpm12SelfTest.c      | 16
> ++++++++++++++--
>  2 files changed, 25 insertions(+), 3 deletions(-)
>=20
> diff --git a/SecurityPkg/Library/Tpm12CommandLib/Tpm12GetCapability.c
> b/SecurityPkg/Library/Tpm12CommandLib/Tpm12GetCapability.c
> index c33746a..c6eb9e1 100644
> --- a/SecurityPkg/Library/Tpm12CommandLib/Tpm12GetCapability.c
> +++ b/SecurityPkg/Library/Tpm12CommandLib/Tpm12GetCapability.c
> @@ -1,7 +1,7 @@
>  /** @file
>    Implement TPM1.2 Get Capabilities related commands.
>=20
> -Copyright (c) 2016, Intel Corporation. All rights reserved. <BR>
> +Copyright (c) 2016 - 2017, Intel Corporation. All rights reserved. <BR>
>  This program and the accompanying materials
>  are licensed and made available under the terms and conditions of the BS=
D
> License
>  which accompanies this distribution.  The full text of the license may b=
e found
> at
> @@ -79,6 +79,11 @@ Tpm12GetCapabilityFlagPermanent (
>      return Status;
>    }
>=20
> +  if (SwapBytes32 (Response.Hdr.returnCode) !=3D TPM_SUCCESS) {
> +    DEBUG ((DEBUG_ERROR, "Tpm12GetCapabilityFlagPermanent: Response
> Code error! 0x%08x\r\n", SwapBytes32 (Response.Hdr.returnCode)));
> +    return EFI_DEVICE_ERROR;
> +  }
> +
>    ZeroMem (TpmPermanentFlags, sizeof (*TpmPermanentFlags));
>    CopyMem (TpmPermanentFlags, &Response.Flags, MIN (sizeof
> (*TpmPermanentFlags), Response.ResponseSize));
>=20
> @@ -120,6 +125,11 @@ Tpm12GetCapabilityFlagVolatile (
>      return Status;
>    }
>=20
> +  if (SwapBytes32 (Response.Hdr.returnCode) !=3D TPM_SUCCESS) {
> +    DEBUG ((DEBUG_ERROR, "Tpm12GetCapabilityFlagVolatile: Response Code
> error! 0x%08x\r\n", SwapBytes32 (Response.Hdr.returnCode)));
> +    return EFI_DEVICE_ERROR;
> +  }
> +
>    ZeroMem (VolatileFlags, sizeof (*VolatileFlags));
>    CopyMem (VolatileFlags, &Response.Flags, MIN (sizeof (*VolatileFlags),
> Response.ResponseSize));
>=20
> diff --git a/SecurityPkg/Library/Tpm12CommandLib/Tpm12SelfTest.c
> b/SecurityPkg/Library/Tpm12CommandLib/Tpm12SelfTest.c
> index 8e232ee..579fed7 100644
> --- a/SecurityPkg/Library/Tpm12CommandLib/Tpm12SelfTest.c
> +++ b/SecurityPkg/Library/Tpm12CommandLib/Tpm12SelfTest.c
> @@ -1,7 +1,7 @@
>  /** @file
>    Implement TPM1.2 NV Self Test related commands.
>=20
> -Copyright (c) 2016, Intel Corporation. All rights reserved. <BR>
> +Copyright (c) 2016 - 2017, Intel Corporation. All rights reserved. <BR>
>  (C) Copyright 2016 Hewlett Packard Enterprise Development LP<BR>
>  This program and the accompanying materials
>  are licensed and made available under the terms and conditions of the BS=
D
> License
> @@ -16,6 +16,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND,
> EITHER EXPRESS OR IMPLIED.
>  #include <PiPei.h>
>  #include <Library/Tpm12CommandLib.h>
>  #include <Library/BaseLib.h>
> +#include <Library/DebugLib.h>
>  #include <Library/Tpm12DeviceLib.h>
>=20
>  /**
> @@ -33,6 +34,7 @@ Tpm12ContinueSelfTest (
>    VOID
>    )
>  {
> +  EFI_STATUS           Status;
>    TPM_RQU_COMMAND_HDR  Command;
>    TPM_RSP_COMMAND_HDR  Response;
>    UINT32               Length;
> @@ -44,5 +46,15 @@ Tpm12ContinueSelfTest (
>    Command.paramSize =3D SwapBytes32 (sizeof (Command));
>    Command.ordinal   =3D SwapBytes32 (TPM_ORD_ContinueSelfTest);
>    Length =3D sizeof (Response);
> -  return Tpm12SubmitCommand (sizeof (Command), (UINT8 *)&Command,
> &Length, (UINT8 *)&Response);
> +  Status =3D Tpm12SubmitCommand (sizeof (Command), (UINT8 *)&Command,
> &Length, (UINT8 *)&Response);
> +  if (EFI_ERROR (Status)) {
> +    return Status;
> +  }
> +
> +  if (SwapBytes32 (Response.returnCode) !=3D TPM_SUCCESS) {
> +    DEBUG ((DEBUG_ERROR, "Tpm12ContinueSelfTest: Response Code error!
> 0x%08x\r\n", SwapBytes32 (Response.returnCode)));
> +    return EFI_DEVICE_ERROR;
> +  }
> +
> +  return Status;
>  }
> --
> 2.6.3.windows.1