From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mga09.intel.com (mga09.intel.com [134.134.136.24]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 855F181EFB for ; Tue, 24 Jan 2017 00:19:41 -0800 (PST) Received: from orsmga004.jf.intel.com ([10.7.209.38]) by orsmga102.jf.intel.com with ESMTP; 24 Jan 2017 00:19:41 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.33,277,1477983600"; d="scan'208";a="51841690" Received: from fmsmsx103.amr.corp.intel.com ([10.18.124.201]) by orsmga004.jf.intel.com with ESMTP; 24 Jan 2017 00:19:41 -0800 Received: from shsmsx101.ccr.corp.intel.com (10.239.4.153) by FMSMSX103.amr.corp.intel.com (10.18.124.201) with Microsoft SMTP Server (TLS) id 14.3.248.2; Tue, 24 Jan 2017 00:19:40 -0800 Received: from shsmsx102.ccr.corp.intel.com ([169.254.2.88]) by SHSMSX101.ccr.corp.intel.com ([169.254.1.177]) with mapi id 14.03.0248.002; Tue, 24 Jan 2017 16:19:38 +0800 From: "Yao, Jiewen" To: "Kinney, Michael D" , "edk2-devel@lists.01.org" CC: "Zhang, Chao B" Thread-Topic: [Patch] SecurityPkg/Tpm12CommandLib: Always check response returnCode Thread-Index: AQHSa26SgXLOXA5UoEqqXV+E8alY/KFHXkoQ Date: Tue, 24 Jan 2017 08:19:38 +0000 Message-ID: <74D8A39837DF1E4DA445A8C0B3885C503A8E4C70@shsmsx102.ccr.corp.intel.com> References: <1484072571-6580-1-git-send-email-michael.d.kinney@intel.com> In-Reply-To: <1484072571-6580-1-git-send-email-michael.d.kinney@intel.com> Accept-Language: zh-CN, en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.239.127.40] MIME-Version: 1.0 Subject: Re: [Patch] SecurityPkg/Tpm12CommandLib: Always check response returnCode X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 24 Jan 2017 08:19:41 -0000 Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Reviewed-by: Jiewen.yao@intel.com > -----Original Message----- > From: Kinney, Michael D > Sent: Wednesday, January 11, 2017 2:23 AM > To: edk2-devel@lists.01.org > Cc: Zhang, Chao B ; Yao, Jiewen > > Subject: [Patch] SecurityPkg/Tpm12CommandLib: Always check response > returnCode >=20 > https://bugzilla.tianocore.org/show_bug.cgi?id=3D338 >=20 > Update the Tpm12CommandLib to consistently check the returnCode > field of a response packet. These checks are missing from the > GetCapability and SelfTest commands. The functions > Tpm12ContinueSelfTest(), Tpm12GetCapabilityFlagPermanent(), and > Tpm12GetCapabilityFlagVolatile() are updated to verify that the > response returnCode is not an error. >=20 > Cc: Chao Zhang > Cc: Jiewen Yao > Contributed-under: TianoCore Contribution Agreement 1.0 > Signed-off-by: Michael Kinney > --- > SecurityPkg/Library/Tpm12CommandLib/Tpm12GetCapability.c | 12 > +++++++++++- > SecurityPkg/Library/Tpm12CommandLib/Tpm12SelfTest.c | 16 > ++++++++++++++-- > 2 files changed, 25 insertions(+), 3 deletions(-) >=20 > diff --git a/SecurityPkg/Library/Tpm12CommandLib/Tpm12GetCapability.c > b/SecurityPkg/Library/Tpm12CommandLib/Tpm12GetCapability.c > index c33746a..c6eb9e1 100644 > --- a/SecurityPkg/Library/Tpm12CommandLib/Tpm12GetCapability.c > +++ b/SecurityPkg/Library/Tpm12CommandLib/Tpm12GetCapability.c > @@ -1,7 +1,7 @@ > /** @file > Implement TPM1.2 Get Capabilities related commands. >=20 > -Copyright (c) 2016, Intel Corporation. All rights reserved.
> +Copyright (c) 2016 - 2017, Intel Corporation. All rights reserved.
> This program and the accompanying materials > are licensed and made available under the terms and conditions of the BS= D > License > which accompanies this distribution. The full text of the license may b= e found > at > @@ -79,6 +79,11 @@ Tpm12GetCapabilityFlagPermanent ( > return Status; > } >=20 > + if (SwapBytes32 (Response.Hdr.returnCode) !=3D TPM_SUCCESS) { > + DEBUG ((DEBUG_ERROR, "Tpm12GetCapabilityFlagPermanent: Response > Code error! 0x%08x\r\n", SwapBytes32 (Response.Hdr.returnCode))); > + return EFI_DEVICE_ERROR; > + } > + > ZeroMem (TpmPermanentFlags, sizeof (*TpmPermanentFlags)); > CopyMem (TpmPermanentFlags, &Response.Flags, MIN (sizeof > (*TpmPermanentFlags), Response.ResponseSize)); >=20 > @@ -120,6 +125,11 @@ Tpm12GetCapabilityFlagVolatile ( > return Status; > } >=20 > + if (SwapBytes32 (Response.Hdr.returnCode) !=3D TPM_SUCCESS) { > + DEBUG ((DEBUG_ERROR, "Tpm12GetCapabilityFlagVolatile: Response Code > error! 0x%08x\r\n", SwapBytes32 (Response.Hdr.returnCode))); > + return EFI_DEVICE_ERROR; > + } > + > ZeroMem (VolatileFlags, sizeof (*VolatileFlags)); > CopyMem (VolatileFlags, &Response.Flags, MIN (sizeof (*VolatileFlags), > Response.ResponseSize)); >=20 > diff --git a/SecurityPkg/Library/Tpm12CommandLib/Tpm12SelfTest.c > b/SecurityPkg/Library/Tpm12CommandLib/Tpm12SelfTest.c > index 8e232ee..579fed7 100644 > --- a/SecurityPkg/Library/Tpm12CommandLib/Tpm12SelfTest.c > +++ b/SecurityPkg/Library/Tpm12CommandLib/Tpm12SelfTest.c > @@ -1,7 +1,7 @@ > /** @file > Implement TPM1.2 NV Self Test related commands. >=20 > -Copyright (c) 2016, Intel Corporation. All rights reserved.
> +Copyright (c) 2016 - 2017, Intel Corporation. All rights reserved.
> (C) Copyright 2016 Hewlett Packard Enterprise Development LP
> This program and the accompanying materials > are licensed and made available under the terms and conditions of the BS= D > License > @@ -16,6 +16,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, > EITHER EXPRESS OR IMPLIED. > #include > #include > #include > +#include > #include >=20 > /** > @@ -33,6 +34,7 @@ Tpm12ContinueSelfTest ( > VOID > ) > { > + EFI_STATUS Status; > TPM_RQU_COMMAND_HDR Command; > TPM_RSP_COMMAND_HDR Response; > UINT32 Length; > @@ -44,5 +46,15 @@ Tpm12ContinueSelfTest ( > Command.paramSize =3D SwapBytes32 (sizeof (Command)); > Command.ordinal =3D SwapBytes32 (TPM_ORD_ContinueSelfTest); > Length =3D sizeof (Response); > - return Tpm12SubmitCommand (sizeof (Command), (UINT8 *)&Command, > &Length, (UINT8 *)&Response); > + Status =3D Tpm12SubmitCommand (sizeof (Command), (UINT8 *)&Command, > &Length, (UINT8 *)&Response); > + if (EFI_ERROR (Status)) { > + return Status; > + } > + > + if (SwapBytes32 (Response.returnCode) !=3D TPM_SUCCESS) { > + DEBUG ((DEBUG_ERROR, "Tpm12ContinueSelfTest: Response Code error! > 0x%08x\r\n", SwapBytes32 (Response.returnCode))); > + return EFI_DEVICE_ERROR; > + } > + > + return Status; > } > -- > 2.6.3.windows.1