From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mga05.intel.com (mga05.intel.com [192.55.52.43]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 057CF81EFB for ; Tue, 24 Jan 2017 00:38:06 -0800 (PST) Received: from orsmga001.jf.intel.com ([10.7.209.18]) by fmsmga105.fm.intel.com with ESMTP; 24 Jan 2017 00:38:05 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.33,277,1477983600"; d="scan'208";a="1086618001" Received: from fmsmsx107.amr.corp.intel.com ([10.18.124.205]) by orsmga001.jf.intel.com with ESMTP; 24 Jan 2017 00:38:05 -0800 Received: from fmsmsx155.amr.corp.intel.com (10.18.116.71) by fmsmsx107.amr.corp.intel.com (10.18.124.205) with Microsoft SMTP Server (TLS) id 14.3.248.2; Tue, 24 Jan 2017 00:38:05 -0800 Received: from shsmsx152.ccr.corp.intel.com (10.239.6.52) by FMSMSX155.amr.corp.intel.com (10.18.116.71) with Microsoft SMTP Server (TLS) id 14.3.248.2; Tue, 24 Jan 2017 00:38:04 -0800 Received: from shsmsx102.ccr.corp.intel.com ([169.254.2.88]) by SHSMSX152.ccr.corp.intel.com ([169.254.6.132]) with mapi id 14.03.0248.002; Tue, 24 Jan 2017 16:38:03 +0800 From: "Zhang, Chao B" To: "Yao, Jiewen" , "Kinney, Michael D" , "edk2-devel@lists.01.org" Thread-Topic: [Patch] SecurityPkg/Tpm12CommandLib: Always check response returnCode Thread-Index: AQHSa26SX7EPtIVH5ECLER+TX2u4AqFG2DsAgACLKOA= Date: Tue, 24 Jan 2017 08:38:02 +0000 Message-ID: References: <1484072571-6580-1-git-send-email-michael.d.kinney@intel.com> <74D8A39837DF1E4DA445A8C0B3885C503A8E4C70@shsmsx102.ccr.corp.intel.com> In-Reply-To: <74D8A39837DF1E4DA445A8C0B3885C503A8E4C70@shsmsx102.ccr.corp.intel.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.239.127.40] MIME-Version: 1.0 Subject: Re: [Patch] SecurityPkg/Tpm12CommandLib: Always check response returnCode X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 24 Jan 2017 08:38:06 -0000 Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Reviewed-by : Chao Zhang -----Original Message----- From: Yao, Jiewen=20 Sent: Tuesday, January 24, 2017 4:20 PM To: Kinney, Michael D ; edk2-devel@lists.01.org Cc: Zhang, Chao B Subject: RE: [Patch] SecurityPkg/Tpm12CommandLib: Always check response ret= urnCode Reviewed-by: Jiewen.yao@intel.com > -----Original Message----- > From: Kinney, Michael D > Sent: Wednesday, January 11, 2017 2:23 AM > To: edk2-devel@lists.01.org > Cc: Zhang, Chao B ; Yao, Jiewen=20 > > Subject: [Patch] SecurityPkg/Tpm12CommandLib: Always check response=20 > returnCode >=20 > https://bugzilla.tianocore.org/show_bug.cgi?id=3D338 >=20 > Update the Tpm12CommandLib to consistently check the returnCode field=20 > of a response packet. These checks are missing from the GetCapability=20 > and SelfTest commands. The functions Tpm12ContinueSelfTest(),=20 > Tpm12GetCapabilityFlagPermanent(), and > Tpm12GetCapabilityFlagVolatile() are updated to verify that the=20 > response returnCode is not an error. >=20 > Cc: Chao Zhang > Cc: Jiewen Yao > Contributed-under: TianoCore Contribution Agreement 1.0 > Signed-off-by: Michael Kinney > --- > SecurityPkg/Library/Tpm12CommandLib/Tpm12GetCapability.c | 12 > +++++++++++- > SecurityPkg/Library/Tpm12CommandLib/Tpm12SelfTest.c | 16 > ++++++++++++++-- > 2 files changed, 25 insertions(+), 3 deletions(-) >=20 > diff --git a/SecurityPkg/Library/Tpm12CommandLib/Tpm12GetCapability.c > b/SecurityPkg/Library/Tpm12CommandLib/Tpm12GetCapability.c > index c33746a..c6eb9e1 100644 > --- a/SecurityPkg/Library/Tpm12CommandLib/Tpm12GetCapability.c > +++ b/SecurityPkg/Library/Tpm12CommandLib/Tpm12GetCapability.c > @@ -1,7 +1,7 @@ > /** @file > Implement TPM1.2 Get Capabilities related commands. >=20 > -Copyright (c) 2016, Intel Corporation. All rights reserved.
> +Copyright (c) 2016 - 2017, Intel Corporation. All rights reserved.=20 > +
> This program and the accompanying materials are licensed and made=20 > available under the terms and conditions of the BSD License which=20 > accompanies this distribution. The full text of the license may be=20 > found at @@ -79,6 +79,11 @@ Tpm12GetCapabilityFlagPermanent ( > return Status; > } >=20 > + if (SwapBytes32 (Response.Hdr.returnCode) !=3D TPM_SUCCESS) { > + DEBUG ((DEBUG_ERROR, "Tpm12GetCapabilityFlagPermanent: Response > Code error! 0x%08x\r\n", SwapBytes32 (Response.Hdr.returnCode))); > + return EFI_DEVICE_ERROR; > + } > + > ZeroMem (TpmPermanentFlags, sizeof (*TpmPermanentFlags)); > CopyMem (TpmPermanentFlags, &Response.Flags, MIN (sizeof=20 > (*TpmPermanentFlags), Response.ResponseSize)); >=20 > @@ -120,6 +125,11 @@ Tpm12GetCapabilityFlagVolatile ( > return Status; > } >=20 > + if (SwapBytes32 (Response.Hdr.returnCode) !=3D TPM_SUCCESS) { > + DEBUG ((DEBUG_ERROR, "Tpm12GetCapabilityFlagVolatile: Response=20 > + Code > error! 0x%08x\r\n", SwapBytes32 (Response.Hdr.returnCode))); > + return EFI_DEVICE_ERROR; > + } > + > ZeroMem (VolatileFlags, sizeof (*VolatileFlags)); > CopyMem (VolatileFlags, &Response.Flags, MIN (sizeof=20 > (*VolatileFlags), Response.ResponseSize)); >=20 > diff --git a/SecurityPkg/Library/Tpm12CommandLib/Tpm12SelfTest.c > b/SecurityPkg/Library/Tpm12CommandLib/Tpm12SelfTest.c > index 8e232ee..579fed7 100644 > --- a/SecurityPkg/Library/Tpm12CommandLib/Tpm12SelfTest.c > +++ b/SecurityPkg/Library/Tpm12CommandLib/Tpm12SelfTest.c > @@ -1,7 +1,7 @@ > /** @file > Implement TPM1.2 NV Self Test related commands. >=20 > -Copyright (c) 2016, Intel Corporation. All rights reserved.
> +Copyright (c) 2016 - 2017, Intel Corporation. All rights reserved.=20 > +
> (C) Copyright 2016 Hewlett Packard Enterprise Development LP
=20 > This program and the accompanying materials are licensed and made=20 > available under the terms and conditions of the BSD License @@ -16,6=20 > +16,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER=20 > EXPRESS OR IMPLIED. > #include > #include > #include > +#include > #include >=20 > /** > @@ -33,6 +34,7 @@ Tpm12ContinueSelfTest ( > VOID > ) > { > + EFI_STATUS Status; > TPM_RQU_COMMAND_HDR Command; > TPM_RSP_COMMAND_HDR Response; > UINT32 Length; > @@ -44,5 +46,15 @@ Tpm12ContinueSelfTest ( > Command.paramSize =3D SwapBytes32 (sizeof (Command)); > Command.ordinal =3D SwapBytes32 (TPM_ORD_ContinueSelfTest); > Length =3D sizeof (Response); > - return Tpm12SubmitCommand (sizeof (Command), (UINT8 *)&Command,=20 > &Length, (UINT8 *)&Response); > + Status =3D Tpm12SubmitCommand (sizeof (Command), (UINT8 *)&Command, > &Length, (UINT8 *)&Response); > + if (EFI_ERROR (Status)) { > + return Status; > + } > + > + if (SwapBytes32 (Response.returnCode) !=3D TPM_SUCCESS) { > + DEBUG ((DEBUG_ERROR, "Tpm12ContinueSelfTest: Response Code error! > 0x%08x\r\n", SwapBytes32 (Response.returnCode))); > + return EFI_DEVICE_ERROR; > + } > + > + return Status; > } > -- > 2.6.3.windows.1