From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga14.intel.com (mga14.intel.com [192.55.52.115]) by mx.groups.io with SMTP id smtpd.web10.22393.1682606237058364070 for ; Thu, 27 Apr 2023 07:37:18 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=ZlkIyx/9; spf=pass (domain: intel.com, ip: 192.55.52.115, mailfrom: jiewen.yao@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1682606238; x=1714142238; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=j1bkvHNnEtdye82AFDg025yYAUen78IJ8J2GzGLpfBQ=; b=ZlkIyx/9ddoD/yMKGn56pR6HJ+YM7EspPr6Pg5u3WHRG0UnxVra8GmgR 5okRuyi4yonMuH44GhMEg61QCipsroiWbr0YVffntKFb5zvd90LpGlSRF z1J7Vb30LkQLuFd9l4ngDHgejnDOMcrTB3NyNQDe14nh6l8e/3sjVvWXO iUexSNoy+hW7kDmcotajrP8EQVACmAsaheqlUlkv5FCXDZjxq+K8gwtYF MnAoXphArUMHR9jF8eCBkaZUQE5AEe0xD6b+A+QCqtTLNPeMhE2XzntXS 2tLhs4KV9kg1W+f1mmYlxgHV3CPd7FREVpwKNEF+2r19D8XdoqTiOL5+S g==; X-IronPort-AV: E=McAfee;i="6600,9927,10693"; a="347470959" X-IronPort-AV: E=Sophos;i="5.99,230,1677571200"; d="scan'208";a="347470959" Received: from fmsmga005.fm.intel.com ([10.253.24.32]) by fmsmga103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 27 Apr 2023 07:37:15 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10693"; a="1024134990" X-IronPort-AV: E=Sophos;i="5.99,230,1677571200"; d="scan'208";a="1024134990" Received: from orsmsx601.amr.corp.intel.com ([10.22.229.14]) by fmsmga005.fm.intel.com with ESMTP; 27 Apr 2023 07:37:12 -0700 Received: from orsmsx611.amr.corp.intel.com (10.22.229.24) by ORSMSX601.amr.corp.intel.com (10.22.229.14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.23; Thu, 27 Apr 2023 07:37:12 -0700 Received: from orsedg603.ED.cps.intel.com (10.7.248.4) by orsmsx611.amr.corp.intel.com (10.22.229.24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.23 via Frontend Transport; Thu, 27 Apr 2023 07:37:12 -0700 Received: from NAM04-BN8-obe.outbound.protection.outlook.com (104.47.74.42) by edgegateway.intel.com (134.134.137.100) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.23; Thu, 27 Apr 2023 07:37:11 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=d0IPNGK0OvT1f6i9jS12gFebY73x96OvGP0yjhNHYMRs/JvKJ+LeuUhkqqeOswVCh9Zrzc3N+wAPEJ3LEK0lW381aG12lSpOqL8dyfDLfzDa4qhniWRNkqa9OToeRt0ETWC1VEZLplNGbgtY++fsMFjFc+NQozXxl4RUVb+Ks5kxgHng/+LPuVJG4ifJUahAwe83sEFMuD4pD/i6FdZXZdUdICADzyIMcBfdc6MfphxLafUBxCGoMyDVYysxXqnWeq67S7KtuvSXkEjj067h5z1WSjpozusEWwwvQCcwOQcVbIT2VelDURiK6Ytxb8qnPi8mOx85+Amtjqupc+7jCw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=eN/GadZr1rQy6Wht2XEhUiV9HJuMcgC27LN+qhhgIh0=; b=PPTHaCq3FfB0YAOJJ0PVLpub9Jx6qJW/hLTDFPjHZH/Khhpax3I675RgxD5t6qRw6GF5MtuF+B26hiJEtpo5Y958sUbhwJl0l7s4A2vRa0kBqz1j0WrJ1mGg0h8tNBFE0lozQTwOClYh9F69yYfg9feYsoUwmOPQkZI9gOxNj7JTwrctDvQqONBDNQeRxL+CR4ndS4UZ+Au6od9Trry3zKY/16UCHHaaJ1ohFHHCZikDbCtvQRyx/OuXDYAUKmajonPPmK1m7TdVIhcEr+Xqzp994EoXYLnEC2KiutLsE9Seyt52jMnFGFHx/QKIpYDTYC4ck65k927MYVlamlAmfA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none Received: from MW4PR11MB5872.namprd11.prod.outlook.com (2603:10b6:303:169::14) by SN7PR11MB8281.namprd11.prod.outlook.com (2603:10b6:806:26b::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6340.21; Thu, 27 Apr 2023 14:37:09 +0000 Received: from MW4PR11MB5872.namprd11.prod.outlook.com ([fe80::48e9:aeb0:c365:388]) by MW4PR11MB5872.namprd11.prod.outlook.com ([fe80::48e9:aeb0:c365:388%6]) with mapi id 15.20.6319.022; Thu, 27 Apr 2023 14:37:09 +0000 From: "Yao, Jiewen" To: "devel@edk2.groups.io" , "kraxel@redhat.com" CC: "Wang, Jian J" , Pawel Polawski , Oliver Steffen Subject: Re: [edk2-devel] [PATCH 1/2] SecurityPkg: add TIS sanity check (tpm2) Thread-Topic: [edk2-devel] [PATCH 1/2] SecurityPkg: add TIS sanity check (tpm2) Thread-Index: AQHZeFufzTt4WmrNSkeP3qGO14/TVa8/Orqg Date: Thu, 27 Apr 2023 14:37:09 +0000 Message-ID: References: <20230426162405.653953-1-kraxel@redhat.com> <20230426162405.653953-2-kraxel@redhat.com> In-Reply-To: <20230426162405.653953-2-kraxel@redhat.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=intel.com; x-ms-publictraffictype: Email x-ms-traffictypediagnostic: MW4PR11MB5872:EE_|SN7PR11MB8281:EE_ x-ms-office365-filtering-correlation-id: c1ef9f79-f485-47a1-174b-08db472ce1d0 x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: 0M4kZkFesU+AhXvvg1mHcWRtEMWKSa9q58ddPCYSDQ5XTrmJkAUP9Ye9ZmMqaWK2oCVmvLOZ8NxjA50uXxmDEsb2nG8yXhk04cNi8bQtlqqHmWau5c0K/UyPRXs316SGVz5Aehc7nVqFH3INF3LTJ4dSmdspDqyQn8uvO8Ok5e4obkAgDuHmqh4yU8KNfhoakJGuXGyet3SDWJ/BEydaaOdARPVKTCBQ6UKPw3s77ubr2pBiEuTSxz+y9dD7IQ54fi6rMMOr5Grids2BeAcNHqgG1kJ0L2DWm4R9ga0OgN9Crsl995o8XstM2UI4T+190cXIkWlu89y35GD3Y6k9sYvfURSUG3vKRrPwTMBEhgNeCzl9A5FfuraCb8KGlgRgZCG6HDfTegslOgnuPNCIE24D160SBxymuDNvKs8eFBf1fy6AhQgIncDsQfz1DoWCOKyYpueKDqv1m4fz9jIcB4X/xtTENcNCEesVirDUn4n5tSMKwcbke9ysMQVJQDmESurTqo07AmvYZH/u6ATiX4YSs/AsTQUkWhEGtupMDiXYs699E2o6/yuCZmUXWda+vkS7009Th9XfdUNvOp6T95BtqF7eGOQZKHK9ZAUH2bgW5idy+nOlv0vZaeSuA5H0h4podMZjCpro3bi4A6VYGw== x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:MW4PR11MB5872.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230028)(136003)(346002)(366004)(396003)(376002)(39860400002)(451199021)(66446008)(66556008)(66946007)(316002)(66476007)(19627235002)(4326008)(110136005)(54906003)(76116006)(66899021)(55016003)(5660300002)(15650500001)(82960400001)(52536014)(38070700005)(41300700001)(64756008)(8936002)(8676002)(2906002)(122000001)(38100700002)(186003)(53546011)(966005)(26005)(9686003)(6506007)(83380400001)(33656002)(86362001)(478600001)(7696005)(71200400001);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?Squ82BdavHWAofDYnKjhQeG86b9wcah3jT8Ugg0CEVYwtzJkP854aBtUGKT2?= =?us-ascii?Q?k1We9Vs6zalXp6hXCCc5SAGpBS13fVr9b5GjJWt20BBesNuJnccp/w2EmFN/?= =?us-ascii?Q?TjdF6cp7m23XgzI7thym7o8hR0QflJKyrYXKfRUSsU1coQocDPkcNmkaWN0f?= =?us-ascii?Q?PeCikn9U5a5CQycC5i30y6p9OpgF6qW9sq5tP6UNFMWiC1hQbDclUHg4RzKa?= =?us-ascii?Q?7k7T5Ru5smNoKKR9sKGa/Rb6FiuqC+IIhbxfCVjkdaBwuVV0OayN5Kwztsfi?= =?us-ascii?Q?RtM+k30e9BsOCNvMW/BToIPjlAOi1em1/fQBDuutW0585ts0jWj73Og70MZM?= =?us-ascii?Q?trnt56+QNqnaoWALncuKPb1O2prS8TYjuuyHFFTNRAysZrDW+JZOCU3X9ORn?= =?us-ascii?Q?9ZhZtaz+nH1kYExDfEaH90Hsg8fo35TfPZ81H5ESIHBeJ/jtA376KWsZfFfO?= =?us-ascii?Q?I2iPRGPGgp3Fmd96XLgUGvVWCvdHAC7LchHnkFxyC9DefPxdDtYPw0HUZdZh?= =?us-ascii?Q?rYzF2/ZQ+Lkl9prl6Ug9N7oEusvBfKuGBdF/VRoHxmjBRidvPMYNNlBF/8S2?= =?us-ascii?Q?T0GphEgsfze740FCG7lO7zzPo6hDCDFJ6l6qAoIRrV2LXSG1VXquJjkI8kBC?= =?us-ascii?Q?2Og7ZmV0ow7f/TkKVJDCYSIwSYP5dccbiFRyQV+CxeMxMCoZl9W8XetiCAX4?= =?us-ascii?Q?/npUhDUxOwLT6G2WoiXNxks26IBWwLWIyWFPkhf+b6By3wqGAZGWYD98k17a?= =?us-ascii?Q?c4uKNt42PT8m6Poa7YgvLt1YwXnAK5+/kvM2YfEuj2tgbTVY+CUTkuUyRL6b?= =?us-ascii?Q?eluRbaIJOxVCgpdm8IART8GDdCmpjeUYvgmaBGiETs/kF385lhytYFaIu9M+?= =?us-ascii?Q?HD+dDM3G4ByFa+pw6NVcnnmGxt0MZ8ZUvqaDPDVASly+7DYl6WqX2EuEbVKe?= =?us-ascii?Q?L4ih0g78nt0Ym9FI7HLG73dhHGAAIQNGFdY45WNDyGOzmFGPjIVeWsyZ7DC+?= =?us-ascii?Q?ko/KCjPBDVudOHEWz8qNnjf+evtWFKTI+JPJbqUHlUAovFL7VlcXUnY1iVc3?= =?us-ascii?Q?+ycaLNVEdrdDrtHV9MQU3dUy6hKGWvo7gL4CaVKMekbjAaTBKw7iLi1lemQw?= =?us-ascii?Q?x85+s3BpTLnGmwF8f5ZGp58KKoLMksrhK4cSfcCdUyi3lB9nnEYnHEuAGOVS?= =?us-ascii?Q?CpWPhn54U+ZAOv4P70MeYyoA3qZWfZwV1itIcM43WHBeDwDVrPk8dlIddQn8?= =?us-ascii?Q?Dd22RJWqGxlGY/hHVeNxli9bw92WWFd5OQgN1vqinHnp43Xcitb4adZBTf+f?= =?us-ascii?Q?o0OlHGLfTDC6VzOpoK5/cOOw+VcHK7F0o/etm+j9VkLenMeHAlz5EDGtXXUr?= =?us-ascii?Q?YtK8U6eA2LezbFarjafz5wGQg0HLmL11xDBexNfA1iNP9GfYFfRbk/uqBhYN?= =?us-ascii?Q?M7oQ8fBX2bRMd6fDpzfumoR6gap+/Jt7PdJYkZuhl6AJgZgmbaRp5yHQRC6a?= =?us-ascii?Q?zg87kt2OCDMwr5vx7Vmf5XU8oOmOOVIsW/s1bfu37B4WAc4frrHfp3cJEDwV?= =?us-ascii?Q?EkY540w3IMYt8+3Bh8w2l7dh+L6h7r76cWavaCX/?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: MW4PR11MB5872.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: c1ef9f79-f485-47a1-174b-08db472ce1d0 X-MS-Exchange-CrossTenant-originalarrivaltime: 27 Apr 2023 14:37:09.5166 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: +79HeZYP3B30wEPjBdGVNegUw4tRjT1znGdAO6sjyWXaxnyQxTnlQQTygF2vWAOx6c0u9qfvNLljYe76HhmZUg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN7PR11MB8281 Return-Path: jiewen.yao@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Reviewed-by: Jiewen Yao > -----Original Message----- > From: devel@edk2.groups.io On Behalf Of Gerd > Hoffmann > Sent: Thursday, April 27, 2023 12:24 AM > To: devel@edk2.groups.io > Cc: Wang, Jian J ; Pawel Polawski > ; Oliver Steffen ; Yao, > Jiewen ; Gerd Hoffmann > Subject: [edk2-devel] [PATCH 1/2] SecurityPkg: add TIS sanity check (tpm2= ) >=20 > The code blindly assumes a TIS interface is present in case both CRB and > FIFO checks fail. Check the InterfaceType for TIS instead and only > return Tpm2PtpInterfaceTis in case it matches, Tpm2PtpInterfaceMax > otherwise. >=20 > Signed-off-by: Gerd Hoffmann > --- > SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2Ptp.c | 6 +++++- > 1 file changed, 5 insertions(+), 1 deletion(-) >=20 > diff --git a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2Ptp.c > b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2Ptp.c > index 1f9ac5ab5a30..eac9f0e29941 100644 > --- a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2Ptp.c > +++ b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2Ptp.c > @@ -464,7 +464,11 @@ Tpm2GetPtpInterface ( > return Tpm2PtpInterfaceFifo; > } >=20 > - return Tpm2PtpInterfaceTis; > + if (InterfaceId.Bits.InterfaceType =3D=3D > PTP_INTERFACE_IDENTIFIER_INTERFACE_TYPE_TIS) { > + return Tpm2PtpInterfaceTis; > + } > + > + return Tpm2PtpInterfaceMax; > } >=20 > /** > -- > 2.40.0 >=20 >=20 >=20 >=20 >=20