From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <chao.b.zhang@intel.com>
Received: from mga05.intel.com (mga05.intel.com [192.55.52.43])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by ml01.01.org (Postfix) with ESMTPS id 057CF81EFB
 for <edk2-devel@lists.01.org>; Tue, 24 Jan 2017 00:38:06 -0800 (PST)
Received: from orsmga001.jf.intel.com ([10.7.209.18])
 by fmsmga105.fm.intel.com with ESMTP; 24 Jan 2017 00:38:05 -0800
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.33,277,1477983600"; d="scan'208";a="1086618001"
Received: from fmsmsx107.amr.corp.intel.com ([10.18.124.205])
 by orsmga001.jf.intel.com with ESMTP; 24 Jan 2017 00:38:05 -0800
Received: from fmsmsx155.amr.corp.intel.com (10.18.116.71) by
 fmsmsx107.amr.corp.intel.com (10.18.124.205) with Microsoft SMTP Server (TLS)
 id 14.3.248.2; Tue, 24 Jan 2017 00:38:05 -0800
Received: from shsmsx152.ccr.corp.intel.com (10.239.6.52) by
 FMSMSX155.amr.corp.intel.com (10.18.116.71) with Microsoft SMTP Server (TLS)
 id 14.3.248.2; Tue, 24 Jan 2017 00:38:04 -0800
Received: from shsmsx102.ccr.corp.intel.com ([169.254.2.88]) by
 SHSMSX152.ccr.corp.intel.com ([169.254.6.132]) with mapi id 14.03.0248.002;
 Tue, 24 Jan 2017 16:38:03 +0800
From: "Zhang, Chao B" <chao.b.zhang@intel.com>
To: "Yao, Jiewen" <jiewen.yao@intel.com>, "Kinney, Michael D"
 <michael.d.kinney@intel.com>, "edk2-devel@lists.01.org"
 <edk2-devel@lists.01.org>
Thread-Topic: [Patch] SecurityPkg/Tpm12CommandLib: Always check response
 returnCode
Thread-Index: AQHSa26SX7EPtIVH5ECLER+TX2u4AqFG2DsAgACLKOA=
Date: Tue, 24 Jan 2017 08:38:02 +0000
Message-ID: <FF72C7E4248F3C4E9BDF19D4918E90F2494F8F71@shsmsx102.ccr.corp.intel.com>
References: <1484072571-6580-1-git-send-email-michael.d.kinney@intel.com>
 <74D8A39837DF1E4DA445A8C0B3885C503A8E4C70@shsmsx102.ccr.corp.intel.com>
In-Reply-To: <74D8A39837DF1E4DA445A8C0B3885C503A8E4C70@shsmsx102.ccr.corp.intel.com>
Accept-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-originating-ip: [10.239.127.40]
MIME-Version: 1.0
Subject: Re: [Patch] SecurityPkg/Tpm12CommandLib: Always check response returnCode
X-BeenThere: edk2-devel@lists.01.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: EDK II Development  <edk2-devel.lists.01.org>
List-Unsubscribe: <https://lists.01.org/mailman/options/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=unsubscribe>
List-Archive: <http://lists.01.org/pipermail/edk2-devel/>
List-Post: <mailto:edk2-devel@lists.01.org>
List-Help: <mailto:edk2-devel-request@lists.01.org?subject=help>
List-Subscribe: <https://lists.01.org/mailman/listinfo/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=subscribe>
X-List-Received-Date: Tue, 24 Jan 2017 08:38:06 -0000
Content-Language: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

Reviewed-by : Chao Zhang <chao.b.zhang@intel.com>

-----Original Message-----
From: Yao, Jiewen=20
Sent: Tuesday, January 24, 2017 4:20 PM
To: Kinney, Michael D <michael.d.kinney@intel.com>; edk2-devel@lists.01.org
Cc: Zhang, Chao B <chao.b.zhang@intel.com>
Subject: RE: [Patch] SecurityPkg/Tpm12CommandLib: Always check response ret=
urnCode

Reviewed-by: Jiewen.yao@intel.com

> -----Original Message-----
> From: Kinney, Michael D
> Sent: Wednesday, January 11, 2017 2:23 AM
> To: edk2-devel@lists.01.org
> Cc: Zhang, Chao B <chao.b.zhang@intel.com>; Yao, Jiewen=20
> <jiewen.yao@intel.com>
> Subject: [Patch] SecurityPkg/Tpm12CommandLib: Always check response=20
> returnCode
>=20
> https://bugzilla.tianocore.org/show_bug.cgi?id=3D338
>=20
> Update the Tpm12CommandLib to consistently check the returnCode field=20
> of a response packet.  These checks are missing from the GetCapability=20
> and SelfTest commands.  The functions Tpm12ContinueSelfTest(),=20
> Tpm12GetCapabilityFlagPermanent(), and
> Tpm12GetCapabilityFlagVolatile() are updated to verify that the=20
> response returnCode is not an error.
>=20
> Cc: Chao Zhang <chao.b.zhang@intel.com>
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> Contributed-under: TianoCore Contribution Agreement 1.0
> Signed-off-by: Michael Kinney <michael.d.kinney@intel.com>
> ---
>  SecurityPkg/Library/Tpm12CommandLib/Tpm12GetCapability.c | 12
> +++++++++++-
>  SecurityPkg/Library/Tpm12CommandLib/Tpm12SelfTest.c      | 16
> ++++++++++++++--
>  2 files changed, 25 insertions(+), 3 deletions(-)
>=20
> diff --git a/SecurityPkg/Library/Tpm12CommandLib/Tpm12GetCapability.c
> b/SecurityPkg/Library/Tpm12CommandLib/Tpm12GetCapability.c
> index c33746a..c6eb9e1 100644
> --- a/SecurityPkg/Library/Tpm12CommandLib/Tpm12GetCapability.c
> +++ b/SecurityPkg/Library/Tpm12CommandLib/Tpm12GetCapability.c
> @@ -1,7 +1,7 @@
>  /** @file
>    Implement TPM1.2 Get Capabilities related commands.
>=20
> -Copyright (c) 2016, Intel Corporation. All rights reserved. <BR>
> +Copyright (c) 2016 - 2017, Intel Corporation. All rights reserved.=20
> +<BR>
>  This program and the accompanying materials  are licensed and made=20
> available under the terms and conditions of the BSD License  which=20
> accompanies this distribution.  The full text of the license may be=20
> found at @@ -79,6 +79,11 @@ Tpm12GetCapabilityFlagPermanent (
>      return Status;
>    }
>=20
> +  if (SwapBytes32 (Response.Hdr.returnCode) !=3D TPM_SUCCESS) {
> +    DEBUG ((DEBUG_ERROR, "Tpm12GetCapabilityFlagPermanent: Response
> Code error! 0x%08x\r\n", SwapBytes32 (Response.Hdr.returnCode)));
> +    return EFI_DEVICE_ERROR;
> +  }
> +
>    ZeroMem (TpmPermanentFlags, sizeof (*TpmPermanentFlags));
>    CopyMem (TpmPermanentFlags, &Response.Flags, MIN (sizeof=20
> (*TpmPermanentFlags), Response.ResponseSize));
>=20
> @@ -120,6 +125,11 @@ Tpm12GetCapabilityFlagVolatile (
>      return Status;
>    }
>=20
> +  if (SwapBytes32 (Response.Hdr.returnCode) !=3D TPM_SUCCESS) {
> +    DEBUG ((DEBUG_ERROR, "Tpm12GetCapabilityFlagVolatile: Response=20
> + Code
> error! 0x%08x\r\n", SwapBytes32 (Response.Hdr.returnCode)));
> +    return EFI_DEVICE_ERROR;
> +  }
> +
>    ZeroMem (VolatileFlags, sizeof (*VolatileFlags));
>    CopyMem (VolatileFlags, &Response.Flags, MIN (sizeof=20
> (*VolatileFlags), Response.ResponseSize));
>=20
> diff --git a/SecurityPkg/Library/Tpm12CommandLib/Tpm12SelfTest.c
> b/SecurityPkg/Library/Tpm12CommandLib/Tpm12SelfTest.c
> index 8e232ee..579fed7 100644
> --- a/SecurityPkg/Library/Tpm12CommandLib/Tpm12SelfTest.c
> +++ b/SecurityPkg/Library/Tpm12CommandLib/Tpm12SelfTest.c
> @@ -1,7 +1,7 @@
>  /** @file
>    Implement TPM1.2 NV Self Test related commands.
>=20
> -Copyright (c) 2016, Intel Corporation. All rights reserved. <BR>
> +Copyright (c) 2016 - 2017, Intel Corporation. All rights reserved.=20
> +<BR>
>  (C) Copyright 2016 Hewlett Packard Enterprise Development LP<BR> =20
> This program and the accompanying materials  are licensed and made=20
> available under the terms and conditions of the BSD License @@ -16,6=20
> +16,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER=20
> EXPRESS OR IMPLIED.
>  #include <PiPei.h>
>  #include <Library/Tpm12CommandLib.h>
>  #include <Library/BaseLib.h>
> +#include <Library/DebugLib.h>
>  #include <Library/Tpm12DeviceLib.h>
>=20
>  /**
> @@ -33,6 +34,7 @@ Tpm12ContinueSelfTest (
>    VOID
>    )
>  {
> +  EFI_STATUS           Status;
>    TPM_RQU_COMMAND_HDR  Command;
>    TPM_RSP_COMMAND_HDR  Response;
>    UINT32               Length;
> @@ -44,5 +46,15 @@ Tpm12ContinueSelfTest (
>    Command.paramSize =3D SwapBytes32 (sizeof (Command));
>    Command.ordinal   =3D SwapBytes32 (TPM_ORD_ContinueSelfTest);
>    Length =3D sizeof (Response);
> -  return Tpm12SubmitCommand (sizeof (Command), (UINT8 *)&Command,=20
> &Length, (UINT8 *)&Response);
> +  Status =3D Tpm12SubmitCommand (sizeof (Command), (UINT8 *)&Command,
> &Length, (UINT8 *)&Response);
> +  if (EFI_ERROR (Status)) {
> +    return Status;
> +  }
> +
> +  if (SwapBytes32 (Response.returnCode) !=3D TPM_SUCCESS) {
> +    DEBUG ((DEBUG_ERROR, "Tpm12ContinueSelfTest: Response Code error!
> 0x%08x\r\n", SwapBytes32 (Response.returnCode)));
> +    return EFI_DEVICE_ERROR;
> +  }
> +
> +  return Status;
>  }
> --
> 2.6.3.windows.1