SecurityPkg: Clear AuthSession content after use.
Some commands in Tpm2CommandLib accept AuthSession as input parameter and copy to local command buffer. After use, this AuthSession content should be zeroed, because there might be some secrete there. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: "Yao, Jiewen" <jiewen.yao@intel.com> Reviewed-by: "Zhang, Chao B" <chao.b.zhang@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19635 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
Yao, Jiewen
jyao1
parent
f1e95ab817
commit
7ae130da85
@ -1,7 +1,7 @@
|
|||||||
/** @file
|
/** @file
|
||||||
Implement TPM2 DictionaryAttack related command.
|
Implement TPM2 DictionaryAttack related command.
|
||||||
|
|
||||||
Copyright (c) 2013, Intel Corporation. All rights reserved. <BR>
|
Copyright (c) 2013 - 2016, Intel Corporation. All rights reserved. <BR>
|
||||||
This program and the accompanying materials
|
This program and the accompanying materials
|
||||||
are licensed and made available under the terms and conditions of the BSD License
|
are licensed and made available under the terms and conditions of the BSD License
|
||||||
which accompanies this distribution. The full text of the license may be found at
|
which accompanies this distribution. The full text of the license may be found at
|
||||||
@ -104,19 +104,27 @@ Tpm2DictionaryAttackLockReset (
|
|||||||
RecvBufferSize = sizeof (RecvBuffer);
|
RecvBufferSize = sizeof (RecvBuffer);
|
||||||
Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
|
Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
|
||||||
if (EFI_ERROR (Status)) {
|
if (EFI_ERROR (Status)) {
|
||||||
return Status;
|
goto Done;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER)) {
|
if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER)) {
|
||||||
DEBUG ((EFI_D_ERROR, "Tpm2DictionaryAttackLockReset - RecvBufferSize Error - %x\n", RecvBufferSize));
|
DEBUG ((EFI_D_ERROR, "Tpm2DictionaryAttackLockReset - RecvBufferSize Error - %x\n", RecvBufferSize));
|
||||||
return EFI_DEVICE_ERROR;
|
Status = EFI_DEVICE_ERROR;
|
||||||
|
goto Done;
|
||||||
}
|
}
|
||||||
if (SwapBytes32(RecvBuffer.Header.responseCode) != TPM_RC_SUCCESS) {
|
if (SwapBytes32(RecvBuffer.Header.responseCode) != TPM_RC_SUCCESS) {
|
||||||
DEBUG ((EFI_D_ERROR, "Tpm2DictionaryAttackLockReset - responseCode - %x\n", SwapBytes32(RecvBuffer.Header.responseCode)));
|
DEBUG ((EFI_D_ERROR, "Tpm2DictionaryAttackLockReset - responseCode - %x\n", SwapBytes32(RecvBuffer.Header.responseCode)));
|
||||||
return EFI_DEVICE_ERROR;
|
Status = EFI_DEVICE_ERROR;
|
||||||
|
goto Done;
|
||||||
}
|
}
|
||||||
|
|
||||||
return EFI_SUCCESS;
|
Done:
|
||||||
|
//
|
||||||
|
// Clear AuthSession Content
|
||||||
|
//
|
||||||
|
ZeroMem (&SendBuffer, sizeof(SendBuffer));
|
||||||
|
ZeroMem (&RecvBuffer, sizeof(RecvBuffer));
|
||||||
|
return Status;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -187,17 +195,25 @@ Tpm2DictionaryAttackParameters (
|
|||||||
RecvBufferSize = sizeof (RecvBuffer);
|
RecvBufferSize = sizeof (RecvBuffer);
|
||||||
Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
|
Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
|
||||||
if (EFI_ERROR (Status)) {
|
if (EFI_ERROR (Status)) {
|
||||||
return Status;
|
goto Done;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER)) {
|
if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER)) {
|
||||||
DEBUG ((EFI_D_ERROR, "Tpm2DictionaryAttackParameters - RecvBufferSize Error - %x\n", RecvBufferSize));
|
DEBUG ((EFI_D_ERROR, "Tpm2DictionaryAttackParameters - RecvBufferSize Error - %x\n", RecvBufferSize));
|
||||||
return EFI_DEVICE_ERROR;
|
Status = EFI_DEVICE_ERROR;
|
||||||
|
goto Done;
|
||||||
}
|
}
|
||||||
if (SwapBytes32(RecvBuffer.Header.responseCode) != TPM_RC_SUCCESS) {
|
if (SwapBytes32(RecvBuffer.Header.responseCode) != TPM_RC_SUCCESS) {
|
||||||
DEBUG ((EFI_D_ERROR, "Tpm2DictionaryAttackParameters - responseCode - %x\n", SwapBytes32(RecvBuffer.Header.responseCode)));
|
DEBUG ((EFI_D_ERROR, "Tpm2DictionaryAttackParameters - responseCode - %x\n", SwapBytes32(RecvBuffer.Header.responseCode)));
|
||||||
return EFI_DEVICE_ERROR;
|
Status = EFI_DEVICE_ERROR;
|
||||||
|
goto Done;
|
||||||
}
|
}
|
||||||
|
|
||||||
return EFI_SUCCESS;
|
Done:
|
||||||
|
//
|
||||||
|
// Clear AuthSession Content
|
||||||
|
//
|
||||||
|
ZeroMem (&SendBufferSize, sizeof(SendBufferSize));
|
||||||
|
ZeroMem (&RecvBuffer, sizeof(RecvBuffer));
|
||||||
|
return Status;
|
||||||
}
|
}
|
||||||
|
|||||||
@ -1,7 +1,7 @@
|
|||||||
/** @file
|
/** @file
|
||||||
Implement TPM2 EnhancedAuthorization related command.
|
Implement TPM2 EnhancedAuthorization related command.
|
||||||
|
|
||||||
Copyright (c) 2014, Intel Corporation. All rights reserved. <BR>
|
Copyright (c) 2014 - 2016, Intel Corporation. All rights reserved. <BR>
|
||||||
This program and the accompanying materials
|
This program and the accompanying materials
|
||||||
are licensed and made available under the terms and conditions of the BSD License
|
are licensed and made available under the terms and conditions of the BSD License
|
||||||
which accompanies this distribution. The full text of the license may be found at
|
which accompanies this distribution. The full text of the license may be found at
|
||||||
@ -161,16 +161,18 @@ Tpm2PolicySecret (
|
|||||||
RecvBufferSize = sizeof (RecvBuffer);
|
RecvBufferSize = sizeof (RecvBuffer);
|
||||||
Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
|
Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
|
||||||
if (EFI_ERROR (Status)) {
|
if (EFI_ERROR (Status)) {
|
||||||
return Status;
|
goto Done;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER)) {
|
if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER)) {
|
||||||
DEBUG ((EFI_D_ERROR, "Tpm2PolicySecret - RecvBufferSize Error - %x\n", RecvBufferSize));
|
DEBUG ((EFI_D_ERROR, "Tpm2PolicySecret - RecvBufferSize Error - %x\n", RecvBufferSize));
|
||||||
return EFI_DEVICE_ERROR;
|
Status = EFI_DEVICE_ERROR;
|
||||||
|
goto Done;
|
||||||
}
|
}
|
||||||
if (SwapBytes32(RecvBuffer.Header.responseCode) != TPM_RC_SUCCESS) {
|
if (SwapBytes32(RecvBuffer.Header.responseCode) != TPM_RC_SUCCESS) {
|
||||||
DEBUG ((EFI_D_ERROR, "Tpm2PolicySecret - responseCode - %x\n", SwapBytes32(RecvBuffer.Header.responseCode)));
|
DEBUG ((EFI_D_ERROR, "Tpm2PolicySecret - responseCode - %x\n", SwapBytes32(RecvBuffer.Header.responseCode)));
|
||||||
return EFI_DEVICE_ERROR;
|
Status = EFI_DEVICE_ERROR;
|
||||||
|
goto Done;
|
||||||
}
|
}
|
||||||
|
|
||||||
//
|
//
|
||||||
@ -189,7 +191,13 @@ Tpm2PolicySecret (
|
|||||||
Buffer += sizeof(UINT16);
|
Buffer += sizeof(UINT16);
|
||||||
CopyMem (PolicyTicket->digest.buffer, Buffer, PolicyTicket->digest.size);
|
CopyMem (PolicyTicket->digest.buffer, Buffer, PolicyTicket->digest.size);
|
||||||
|
|
||||||
return EFI_SUCCESS;
|
Done:
|
||||||
|
//
|
||||||
|
// Clear AuthSession Content
|
||||||
|
//
|
||||||
|
ZeroMem (&SendBuffer, sizeof(SendBuffer));
|
||||||
|
ZeroMem (&RecvBuffer, sizeof(RecvBuffer));
|
||||||
|
return Status;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|||||||
@ -1,7 +1,7 @@
|
|||||||
/** @file
|
/** @file
|
||||||
Implement TPM2 Hierarchy related command.
|
Implement TPM2 Hierarchy related command.
|
||||||
|
|
||||||
Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved. <BR>
|
Copyright (c) 2013 - 2016, Intel Corporation. All rights reserved. <BR>
|
||||||
This program and the accompanying materials
|
This program and the accompanying materials
|
||||||
are licensed and made available under the terms and conditions of the BSD License
|
are licensed and made available under the terms and conditions of the BSD License
|
||||||
which accompanies this distribution. The full text of the license may be found at
|
which accompanies this distribution. The full text of the license may be found at
|
||||||
@ -186,19 +186,27 @@ Tpm2SetPrimaryPolicy (
|
|||||||
RecvBufferSize = sizeof (RecvBuffer);
|
RecvBufferSize = sizeof (RecvBuffer);
|
||||||
Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
|
Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
|
||||||
if (EFI_ERROR (Status)) {
|
if (EFI_ERROR (Status)) {
|
||||||
return Status;
|
goto Done;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER)) {
|
if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER)) {
|
||||||
DEBUG ((EFI_D_ERROR, "Tpm2SetPrimaryPolicy - RecvBufferSize Error - %x\n", RecvBufferSize));
|
DEBUG ((EFI_D_ERROR, "Tpm2SetPrimaryPolicy - RecvBufferSize Error - %x\n", RecvBufferSize));
|
||||||
return EFI_DEVICE_ERROR;
|
Status = EFI_DEVICE_ERROR;
|
||||||
|
goto Done;
|
||||||
}
|
}
|
||||||
if (SwapBytes32(RecvBuffer.Header.responseCode) != TPM_RC_SUCCESS) {
|
if (SwapBytes32(RecvBuffer.Header.responseCode) != TPM_RC_SUCCESS) {
|
||||||
DEBUG ((EFI_D_ERROR, "Tpm2SetPrimaryPolicy - responseCode - %x\n", SwapBytes32(RecvBuffer.Header.responseCode)));
|
DEBUG ((EFI_D_ERROR, "Tpm2SetPrimaryPolicy - responseCode - %x\n", SwapBytes32(RecvBuffer.Header.responseCode)));
|
||||||
return EFI_DEVICE_ERROR;
|
Status = EFI_DEVICE_ERROR;
|
||||||
|
goto Done;
|
||||||
}
|
}
|
||||||
|
|
||||||
return EFI_SUCCESS;
|
Done:
|
||||||
|
//
|
||||||
|
// Clear AuthSession Content
|
||||||
|
//
|
||||||
|
ZeroMem (&SendBuffer, sizeof(SendBuffer));
|
||||||
|
ZeroMem (&RecvBuffer, sizeof(RecvBuffer));
|
||||||
|
return Status;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -246,12 +254,13 @@ Tpm2Clear (
|
|||||||
ResultBufSize = sizeof(Res);
|
ResultBufSize = sizeof(Res);
|
||||||
Status = Tpm2SubmitCommand (CmdSize, (UINT8 *)&Cmd, &ResultBufSize, (UINT8 *)&Res);
|
Status = Tpm2SubmitCommand (CmdSize, (UINT8 *)&Cmd, &ResultBufSize, (UINT8 *)&Res);
|
||||||
if (EFI_ERROR(Status)) {
|
if (EFI_ERROR(Status)) {
|
||||||
return Status;
|
goto Done;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (ResultBufSize > sizeof(Res)) {
|
if (ResultBufSize > sizeof(Res)) {
|
||||||
DEBUG ((EFI_D_ERROR, "Clear: Failed ExecuteCommand: Buffer Too Small\r\n"));
|
DEBUG ((EFI_D_ERROR, "Clear: Failed ExecuteCommand: Buffer Too Small\r\n"));
|
||||||
return EFI_BUFFER_TOO_SMALL;
|
Status = EFI_BUFFER_TOO_SMALL;
|
||||||
|
goto Done;
|
||||||
}
|
}
|
||||||
|
|
||||||
//
|
//
|
||||||
@ -260,7 +269,8 @@ Tpm2Clear (
|
|||||||
RespSize = SwapBytes32(Res.Header.paramSize);
|
RespSize = SwapBytes32(Res.Header.paramSize);
|
||||||
if (RespSize > sizeof(Res)) {
|
if (RespSize > sizeof(Res)) {
|
||||||
DEBUG ((EFI_D_ERROR, "Clear: Response size too large! %d\r\n", RespSize));
|
DEBUG ((EFI_D_ERROR, "Clear: Response size too large! %d\r\n", RespSize));
|
||||||
return EFI_BUFFER_TOO_SMALL;
|
Status = EFI_BUFFER_TOO_SMALL;
|
||||||
|
goto Done;
|
||||||
}
|
}
|
||||||
|
|
||||||
//
|
//
|
||||||
@ -268,7 +278,8 @@ Tpm2Clear (
|
|||||||
//
|
//
|
||||||
if (SwapBytes32(Res.Header.responseCode) != TPM_RC_SUCCESS) {
|
if (SwapBytes32(Res.Header.responseCode) != TPM_RC_SUCCESS) {
|
||||||
DEBUG ((EFI_D_ERROR, "Clear: Response Code error! 0x%08x\r\n", SwapBytes32(Res.Header.responseCode)));
|
DEBUG ((EFI_D_ERROR, "Clear: Response Code error! 0x%08x\r\n", SwapBytes32(Res.Header.responseCode)));
|
||||||
return EFI_DEVICE_ERROR;
|
Status = EFI_DEVICE_ERROR;
|
||||||
|
goto Done;
|
||||||
}
|
}
|
||||||
|
|
||||||
//
|
//
|
||||||
@ -276,8 +287,13 @@ Tpm2Clear (
|
|||||||
//
|
//
|
||||||
|
|
||||||
// None
|
// None
|
||||||
|
Done:
|
||||||
return EFI_SUCCESS;
|
//
|
||||||
|
// Clear AuthSession Content
|
||||||
|
//
|
||||||
|
ZeroMem (&Cmd, sizeof(Cmd));
|
||||||
|
ZeroMem (&Res, sizeof(Res));
|
||||||
|
return Status;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -332,12 +348,13 @@ Tpm2ClearControl (
|
|||||||
ResultBufSize = sizeof(Res);
|
ResultBufSize = sizeof(Res);
|
||||||
Status = Tpm2SubmitCommand (CmdSize, (UINT8 *)&Cmd, &ResultBufSize, (UINT8 *)&Res);
|
Status = Tpm2SubmitCommand (CmdSize, (UINT8 *)&Cmd, &ResultBufSize, (UINT8 *)&Res);
|
||||||
if (EFI_ERROR(Status)) {
|
if (EFI_ERROR(Status)) {
|
||||||
return Status;
|
goto Done;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (ResultBufSize > sizeof(Res)) {
|
if (ResultBufSize > sizeof(Res)) {
|
||||||
DEBUG ((EFI_D_ERROR, "ClearControl: Failed ExecuteCommand: Buffer Too Small\r\n"));
|
DEBUG ((EFI_D_ERROR, "ClearControl: Failed ExecuteCommand: Buffer Too Small\r\n"));
|
||||||
return EFI_BUFFER_TOO_SMALL;
|
Status = EFI_BUFFER_TOO_SMALL;
|
||||||
|
goto Done;
|
||||||
}
|
}
|
||||||
|
|
||||||
//
|
//
|
||||||
@ -346,7 +363,8 @@ Tpm2ClearControl (
|
|||||||
RespSize = SwapBytes32(Res.Header.paramSize);
|
RespSize = SwapBytes32(Res.Header.paramSize);
|
||||||
if (RespSize > sizeof(Res)) {
|
if (RespSize > sizeof(Res)) {
|
||||||
DEBUG ((EFI_D_ERROR, "ClearControl: Response size too large! %d\r\n", RespSize));
|
DEBUG ((EFI_D_ERROR, "ClearControl: Response size too large! %d\r\n", RespSize));
|
||||||
return EFI_BUFFER_TOO_SMALL;
|
Status = EFI_BUFFER_TOO_SMALL;
|
||||||
|
goto Done;
|
||||||
}
|
}
|
||||||
|
|
||||||
//
|
//
|
||||||
@ -354,7 +372,8 @@ Tpm2ClearControl (
|
|||||||
//
|
//
|
||||||
if (SwapBytes32(Res.Header.responseCode) != TPM_RC_SUCCESS) {
|
if (SwapBytes32(Res.Header.responseCode) != TPM_RC_SUCCESS) {
|
||||||
DEBUG ((EFI_D_ERROR, "ClearControl: Response Code error! 0x%08x\r\n", SwapBytes32(Res.Header.responseCode)));
|
DEBUG ((EFI_D_ERROR, "ClearControl: Response Code error! 0x%08x\r\n", SwapBytes32(Res.Header.responseCode)));
|
||||||
return EFI_DEVICE_ERROR;
|
Status = EFI_DEVICE_ERROR;
|
||||||
|
goto Done;
|
||||||
}
|
}
|
||||||
|
|
||||||
//
|
//
|
||||||
@ -362,8 +381,13 @@ Tpm2ClearControl (
|
|||||||
//
|
//
|
||||||
|
|
||||||
// None
|
// None
|
||||||
|
Done:
|
||||||
return EFI_SUCCESS;
|
//
|
||||||
|
// Clear AuthSession Content
|
||||||
|
//
|
||||||
|
ZeroMem (&Cmd, sizeof(Cmd));
|
||||||
|
ZeroMem (&Res, sizeof(Res));
|
||||||
|
return Status;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -436,10 +460,14 @@ Tpm2HierarchyChangeAuth (
|
|||||||
&ResultBufSize,
|
&ResultBufSize,
|
||||||
ResultBuf
|
ResultBuf
|
||||||
);
|
);
|
||||||
|
if (EFI_ERROR(Status)) {
|
||||||
|
goto Done;
|
||||||
|
}
|
||||||
|
|
||||||
if (ResultBufSize > sizeof(Res)) {
|
if (ResultBufSize > sizeof(Res)) {
|
||||||
DEBUG ((EFI_D_ERROR, "HierarchyChangeAuth: Failed ExecuteCommand: Buffer Too Small\r\n"));
|
DEBUG ((EFI_D_ERROR, "HierarchyChangeAuth: Failed ExecuteCommand: Buffer Too Small\r\n"));
|
||||||
return EFI_BUFFER_TOO_SMALL;
|
Status = EFI_BUFFER_TOO_SMALL;
|
||||||
|
goto Done;
|
||||||
}
|
}
|
||||||
|
|
||||||
//
|
//
|
||||||
@ -448,7 +476,8 @@ Tpm2HierarchyChangeAuth (
|
|||||||
RespSize = SwapBytes32(Res.Header.paramSize);
|
RespSize = SwapBytes32(Res.Header.paramSize);
|
||||||
if (RespSize > sizeof(Res)) {
|
if (RespSize > sizeof(Res)) {
|
||||||
DEBUG ((EFI_D_ERROR, "HierarchyChangeAuth: Response size too large! %d\r\n", RespSize));
|
DEBUG ((EFI_D_ERROR, "HierarchyChangeAuth: Response size too large! %d\r\n", RespSize));
|
||||||
return EFI_BUFFER_TOO_SMALL;
|
Status = EFI_BUFFER_TOO_SMALL;
|
||||||
|
goto Done;
|
||||||
}
|
}
|
||||||
|
|
||||||
//
|
//
|
||||||
@ -456,10 +485,17 @@ Tpm2HierarchyChangeAuth (
|
|||||||
//
|
//
|
||||||
if (SwapBytes32(Res.Header.responseCode) != TPM_RC_SUCCESS) {
|
if (SwapBytes32(Res.Header.responseCode) != TPM_RC_SUCCESS) {
|
||||||
DEBUG((EFI_D_ERROR,"HierarchyChangeAuth: Response Code error! 0x%08x\r\n", SwapBytes32(Res.Header.responseCode)));
|
DEBUG((EFI_D_ERROR,"HierarchyChangeAuth: Response Code error! 0x%08x\r\n", SwapBytes32(Res.Header.responseCode)));
|
||||||
return EFI_DEVICE_ERROR;
|
Status = EFI_DEVICE_ERROR;
|
||||||
|
goto Done;
|
||||||
}
|
}
|
||||||
|
|
||||||
return EFI_SUCCESS;
|
Done:
|
||||||
|
//
|
||||||
|
// Clear AuthSession Content
|
||||||
|
//
|
||||||
|
ZeroMem (&Cmd, sizeof(Cmd));
|
||||||
|
ZeroMem (&Res, sizeof(Res));
|
||||||
|
return Status;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -522,10 +558,14 @@ Tpm2ChangeEPS (
|
|||||||
&ResultBufSize,
|
&ResultBufSize,
|
||||||
ResultBuf
|
ResultBuf
|
||||||
);
|
);
|
||||||
|
if (EFI_ERROR(Status)) {
|
||||||
|
goto Done;
|
||||||
|
}
|
||||||
|
|
||||||
if (ResultBufSize > sizeof(Res)) {
|
if (ResultBufSize > sizeof(Res)) {
|
||||||
DEBUG ((EFI_D_ERROR, "ChangeEPS: Failed ExecuteCommand: Buffer Too Small\r\n"));
|
DEBUG ((EFI_D_ERROR, "ChangeEPS: Failed ExecuteCommand: Buffer Too Small\r\n"));
|
||||||
return EFI_BUFFER_TOO_SMALL;
|
Status = EFI_BUFFER_TOO_SMALL;
|
||||||
|
goto Done;
|
||||||
}
|
}
|
||||||
|
|
||||||
//
|
//
|
||||||
@ -534,7 +574,8 @@ Tpm2ChangeEPS (
|
|||||||
RespSize = SwapBytes32(Res.Header.paramSize);
|
RespSize = SwapBytes32(Res.Header.paramSize);
|
||||||
if (RespSize > sizeof(Res)) {
|
if (RespSize > sizeof(Res)) {
|
||||||
DEBUG ((EFI_D_ERROR, "ChangeEPS: Response size too large! %d\r\n", RespSize));
|
DEBUG ((EFI_D_ERROR, "ChangeEPS: Response size too large! %d\r\n", RespSize));
|
||||||
return EFI_BUFFER_TOO_SMALL;
|
Status = EFI_BUFFER_TOO_SMALL;
|
||||||
|
goto Done;
|
||||||
}
|
}
|
||||||
|
|
||||||
//
|
//
|
||||||
@ -542,10 +583,17 @@ Tpm2ChangeEPS (
|
|||||||
//
|
//
|
||||||
if (SwapBytes32(Res.Header.responseCode) != TPM_RC_SUCCESS) {
|
if (SwapBytes32(Res.Header.responseCode) != TPM_RC_SUCCESS) {
|
||||||
DEBUG((EFI_D_ERROR,"ChangeEPS: Response Code error! 0x%08x\r\n", SwapBytes32(Res.Header.responseCode)));
|
DEBUG((EFI_D_ERROR,"ChangeEPS: Response Code error! 0x%08x\r\n", SwapBytes32(Res.Header.responseCode)));
|
||||||
return EFI_DEVICE_ERROR;
|
Status = EFI_DEVICE_ERROR;
|
||||||
|
goto Done;
|
||||||
}
|
}
|
||||||
|
|
||||||
return EFI_SUCCESS;
|
Done:
|
||||||
|
//
|
||||||
|
// Clear AuthSession Content
|
||||||
|
//
|
||||||
|
ZeroMem (&Cmd, sizeof(Cmd));
|
||||||
|
ZeroMem (&Res, sizeof(Res));
|
||||||
|
return Status;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -608,10 +656,14 @@ Tpm2ChangePPS (
|
|||||||
&ResultBufSize,
|
&ResultBufSize,
|
||||||
ResultBuf
|
ResultBuf
|
||||||
);
|
);
|
||||||
|
if (EFI_ERROR(Status)) {
|
||||||
|
goto Done;
|
||||||
|
}
|
||||||
|
|
||||||
if (ResultBufSize > sizeof(Res)) {
|
if (ResultBufSize > sizeof(Res)) {
|
||||||
DEBUG ((EFI_D_ERROR, "ChangePPS: Failed ExecuteCommand: Buffer Too Small\r\n"));
|
DEBUG ((EFI_D_ERROR, "ChangePPS: Failed ExecuteCommand: Buffer Too Small\r\n"));
|
||||||
return EFI_BUFFER_TOO_SMALL;
|
Status = EFI_BUFFER_TOO_SMALL;
|
||||||
|
goto Done;
|
||||||
}
|
}
|
||||||
|
|
||||||
//
|
//
|
||||||
@ -620,7 +672,8 @@ Tpm2ChangePPS (
|
|||||||
RespSize = SwapBytes32(Res.Header.paramSize);
|
RespSize = SwapBytes32(Res.Header.paramSize);
|
||||||
if (RespSize > sizeof(Res)) {
|
if (RespSize > sizeof(Res)) {
|
||||||
DEBUG ((EFI_D_ERROR, "ChangePPS: Response size too large! %d\r\n", RespSize));
|
DEBUG ((EFI_D_ERROR, "ChangePPS: Response size too large! %d\r\n", RespSize));
|
||||||
return EFI_BUFFER_TOO_SMALL;
|
Status = EFI_BUFFER_TOO_SMALL;
|
||||||
|
goto Done;
|
||||||
}
|
}
|
||||||
|
|
||||||
//
|
//
|
||||||
@ -628,10 +681,17 @@ Tpm2ChangePPS (
|
|||||||
//
|
//
|
||||||
if (SwapBytes32(Res.Header.responseCode) != TPM_RC_SUCCESS) {
|
if (SwapBytes32(Res.Header.responseCode) != TPM_RC_SUCCESS) {
|
||||||
DEBUG((EFI_D_ERROR,"ChangePPS: Response Code error! 0x%08x\r\n", SwapBytes32(Res.Header.responseCode)));
|
DEBUG((EFI_D_ERROR,"ChangePPS: Response Code error! 0x%08x\r\n", SwapBytes32(Res.Header.responseCode)));
|
||||||
return EFI_DEVICE_ERROR;
|
Status = EFI_DEVICE_ERROR;
|
||||||
|
goto Done;
|
||||||
}
|
}
|
||||||
|
|
||||||
return EFI_SUCCESS;
|
Done:
|
||||||
|
//
|
||||||
|
// Clear AuthSession Content
|
||||||
|
//
|
||||||
|
ZeroMem (&Cmd, sizeof(Cmd));
|
||||||
|
ZeroMem (&Res, sizeof(Res));
|
||||||
|
return Status;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -704,10 +764,14 @@ Tpm2HierarchyControl (
|
|||||||
&ResultBufSize,
|
&ResultBufSize,
|
||||||
ResultBuf
|
ResultBuf
|
||||||
);
|
);
|
||||||
|
if (EFI_ERROR(Status)) {
|
||||||
|
goto Done;
|
||||||
|
}
|
||||||
|
|
||||||
if (ResultBufSize > sizeof(Res)) {
|
if (ResultBufSize > sizeof(Res)) {
|
||||||
DEBUG ((EFI_D_ERROR, "HierarchyControl: Failed ExecuteCommand: Buffer Too Small\r\n"));
|
DEBUG ((EFI_D_ERROR, "HierarchyControl: Failed ExecuteCommand: Buffer Too Small\r\n"));
|
||||||
return EFI_BUFFER_TOO_SMALL;
|
Status = EFI_BUFFER_TOO_SMALL;
|
||||||
|
goto Done;
|
||||||
}
|
}
|
||||||
|
|
||||||
//
|
//
|
||||||
@ -716,7 +780,8 @@ Tpm2HierarchyControl (
|
|||||||
RespSize = SwapBytes32(Res.Header.paramSize);
|
RespSize = SwapBytes32(Res.Header.paramSize);
|
||||||
if (RespSize > sizeof(Res)) {
|
if (RespSize > sizeof(Res)) {
|
||||||
DEBUG ((EFI_D_ERROR, "HierarchyControl: Response size too large! %d\r\n", RespSize));
|
DEBUG ((EFI_D_ERROR, "HierarchyControl: Response size too large! %d\r\n", RespSize));
|
||||||
return EFI_BUFFER_TOO_SMALL;
|
Status = EFI_BUFFER_TOO_SMALL;
|
||||||
|
goto Done;
|
||||||
}
|
}
|
||||||
|
|
||||||
//
|
//
|
||||||
@ -724,8 +789,15 @@ Tpm2HierarchyControl (
|
|||||||
//
|
//
|
||||||
if (SwapBytes32(Res.Header.responseCode) != TPM_RC_SUCCESS) {
|
if (SwapBytes32(Res.Header.responseCode) != TPM_RC_SUCCESS) {
|
||||||
DEBUG((EFI_D_ERROR,"HierarchyControl: Response Code error! 0x%08x\r\n", SwapBytes32(Res.Header.responseCode)));
|
DEBUG((EFI_D_ERROR,"HierarchyControl: Response Code error! 0x%08x\r\n", SwapBytes32(Res.Header.responseCode)));
|
||||||
return EFI_DEVICE_ERROR;
|
Status = EFI_DEVICE_ERROR;
|
||||||
|
goto Done;
|
||||||
}
|
}
|
||||||
|
|
||||||
return EFI_SUCCESS;
|
Done:
|
||||||
|
//
|
||||||
|
// Clear AuthSession Content
|
||||||
|
//
|
||||||
|
ZeroMem (&Cmd, sizeof(Cmd));
|
||||||
|
ZeroMem (&Res, sizeof(Res));
|
||||||
|
return Status;
|
||||||
}
|
}
|
||||||
|
|||||||
@ -1,7 +1,7 @@
|
|||||||
/** @file
|
/** @file
|
||||||
Implement TPM2 Integrity related command.
|
Implement TPM2 Integrity related command.
|
||||||
|
|
||||||
Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved. <BR>
|
Copyright (c) 2013 - 2016, Intel Corporation. All rights reserved. <BR>
|
||||||
This program and the accompanying materials
|
This program and the accompanying materials
|
||||||
are licensed and made available under the terms and conditions of the BSD License
|
are licensed and made available under the terms and conditions of the BSD License
|
||||||
which accompanies this distribution. The full text of the license may be found at
|
which accompanies this distribution. The full text of the license may be found at
|
||||||
@ -490,10 +490,14 @@ Tpm2PcrAllocate (
|
|||||||
&ResultBufSize,
|
&ResultBufSize,
|
||||||
ResultBuf
|
ResultBuf
|
||||||
);
|
);
|
||||||
|
if (EFI_ERROR(Status)) {
|
||||||
|
goto Done;
|
||||||
|
}
|
||||||
|
|
||||||
if (ResultBufSize > sizeof(Res)) {
|
if (ResultBufSize > sizeof(Res)) {
|
||||||
DEBUG ((EFI_D_ERROR, "Tpm2PcrAllocate: Failed ExecuteCommand: Buffer Too Small\r\n"));
|
DEBUG ((EFI_D_ERROR, "Tpm2PcrAllocate: Failed ExecuteCommand: Buffer Too Small\r\n"));
|
||||||
return EFI_BUFFER_TOO_SMALL;
|
Status = EFI_BUFFER_TOO_SMALL;
|
||||||
|
goto Done;
|
||||||
}
|
}
|
||||||
|
|
||||||
//
|
//
|
||||||
@ -502,7 +506,8 @@ Tpm2PcrAllocate (
|
|||||||
RespSize = SwapBytes32(Res.Header.paramSize);
|
RespSize = SwapBytes32(Res.Header.paramSize);
|
||||||
if (RespSize > sizeof(Res)) {
|
if (RespSize > sizeof(Res)) {
|
||||||
DEBUG ((EFI_D_ERROR, "Tpm2PcrAllocate: Response size too large! %d\r\n", RespSize));
|
DEBUG ((EFI_D_ERROR, "Tpm2PcrAllocate: Response size too large! %d\r\n", RespSize));
|
||||||
return EFI_BUFFER_TOO_SMALL;
|
Status = EFI_BUFFER_TOO_SMALL;
|
||||||
|
goto Done;
|
||||||
}
|
}
|
||||||
|
|
||||||
//
|
//
|
||||||
@ -510,7 +515,8 @@ Tpm2PcrAllocate (
|
|||||||
//
|
//
|
||||||
if (SwapBytes32(Res.Header.responseCode) != TPM_RC_SUCCESS) {
|
if (SwapBytes32(Res.Header.responseCode) != TPM_RC_SUCCESS) {
|
||||||
DEBUG((EFI_D_ERROR,"Tpm2PcrAllocate: Response Code error! 0x%08x\r\n", SwapBytes32(Res.Header.responseCode)));
|
DEBUG((EFI_D_ERROR,"Tpm2PcrAllocate: Response Code error! 0x%08x\r\n", SwapBytes32(Res.Header.responseCode)));
|
||||||
return EFI_DEVICE_ERROR;
|
Status = EFI_DEVICE_ERROR;
|
||||||
|
goto Done;
|
||||||
}
|
}
|
||||||
|
|
||||||
//
|
//
|
||||||
@ -521,5 +527,11 @@ Tpm2PcrAllocate (
|
|||||||
*SizeNeeded = SwapBytes32(Res.SizeNeeded);
|
*SizeNeeded = SwapBytes32(Res.SizeNeeded);
|
||||||
*SizeAvailable = SwapBytes32(Res.SizeAvailable);
|
*SizeAvailable = SwapBytes32(Res.SizeAvailable);
|
||||||
|
|
||||||
return EFI_SUCCESS;
|
Done:
|
||||||
|
//
|
||||||
|
// Clear AuthSession Content
|
||||||
|
//
|
||||||
|
ZeroMem (&Cmd, sizeof(Cmd));
|
||||||
|
ZeroMem (&Res, sizeof(Res));
|
||||||
|
return Status;
|
||||||
}
|
}
|
||||||
|
|||||||
@ -1,7 +1,7 @@
|
|||||||
/** @file
|
/** @file
|
||||||
Implement TPM2 Miscellanenous related command.
|
Implement TPM2 Miscellanenous related command.
|
||||||
|
|
||||||
Copyright (c) 2013, Intel Corporation. All rights reserved. <BR>
|
Copyright (c) 2013 - 2016, Intel Corporation. All rights reserved. <BR>
|
||||||
This program and the accompanying materials
|
This program and the accompanying materials
|
||||||
are licensed and made available under the terms and conditions of the BSD License
|
are licensed and made available under the terms and conditions of the BSD License
|
||||||
which accompanies this distribution. The full text of the license may be found at
|
which accompanies this distribution. The full text of the license may be found at
|
||||||
@ -98,17 +98,25 @@ Tpm2SetAlgorithmSet (
|
|||||||
RecvBufferSize = sizeof (RecvBuffer);
|
RecvBufferSize = sizeof (RecvBuffer);
|
||||||
Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
|
Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
|
||||||
if (EFI_ERROR (Status)) {
|
if (EFI_ERROR (Status)) {
|
||||||
return Status;
|
goto Done;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER)) {
|
if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER)) {
|
||||||
DEBUG ((EFI_D_ERROR, "Tpm2SetAlgorithmSet - RecvBufferSize Error - %x\n", RecvBufferSize));
|
DEBUG ((EFI_D_ERROR, "Tpm2SetAlgorithmSet - RecvBufferSize Error - %x\n", RecvBufferSize));
|
||||||
return EFI_DEVICE_ERROR;
|
Status = EFI_DEVICE_ERROR;
|
||||||
|
goto Done;
|
||||||
}
|
}
|
||||||
if (SwapBytes32(RecvBuffer.Header.responseCode) != TPM_RC_SUCCESS) {
|
if (SwapBytes32(RecvBuffer.Header.responseCode) != TPM_RC_SUCCESS) {
|
||||||
DEBUG ((EFI_D_ERROR, "Tpm2SetAlgorithmSet - responseCode - %x\n", SwapBytes32(RecvBuffer.Header.responseCode)));
|
DEBUG ((EFI_D_ERROR, "Tpm2SetAlgorithmSet - responseCode - %x\n", SwapBytes32(RecvBuffer.Header.responseCode)));
|
||||||
return EFI_DEVICE_ERROR;
|
Status = EFI_DEVICE_ERROR;
|
||||||
|
goto Done;
|
||||||
}
|
}
|
||||||
|
|
||||||
return EFI_SUCCESS;
|
Done:
|
||||||
|
//
|
||||||
|
// Clear AuthSession Content
|
||||||
|
//
|
||||||
|
ZeroMem (&SendBuffer, sizeof(SendBuffer));
|
||||||
|
ZeroMem (&RecvBuffer, sizeof(RecvBuffer));
|
||||||
|
return Status;
|
||||||
}
|
}
|
||||||
|
|||||||
@ -1,7 +1,7 @@
|
|||||||
/** @file
|
/** @file
|
||||||
Implement TPM2 NVStorage related command.
|
Implement TPM2 NVStorage related command.
|
||||||
|
|
||||||
Copyright (c) 2013, Intel Corporation. All rights reserved. <BR>
|
Copyright (c) 2013 - 2016, Intel Corporation. All rights reserved. <BR>
|
||||||
This program and the accompanying materials
|
This program and the accompanying materials
|
||||||
are licensed and made available under the terms and conditions of the BSD License
|
are licensed and made available under the terms and conditions of the BSD License
|
||||||
which accompanies this distribution. The full text of the license may be found at
|
which accompanies this distribution. The full text of the license may be found at
|
||||||
@ -347,12 +347,13 @@ Tpm2NvDefineSpace (
|
|||||||
RecvBufferSize = sizeof (RecvBuffer);
|
RecvBufferSize = sizeof (RecvBuffer);
|
||||||
Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
|
Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
|
||||||
if (EFI_ERROR (Status)) {
|
if (EFI_ERROR (Status)) {
|
||||||
return Status;
|
goto Done;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER)) {
|
if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER)) {
|
||||||
DEBUG ((EFI_D_ERROR, "Tpm2NvDefineSpace - RecvBufferSize Error - %x\n", RecvBufferSize));
|
DEBUG ((EFI_D_ERROR, "Tpm2NvDefineSpace - RecvBufferSize Error - %x\n", RecvBufferSize));
|
||||||
return EFI_DEVICE_ERROR;
|
Status = EFI_DEVICE_ERROR;
|
||||||
|
goto Done;
|
||||||
}
|
}
|
||||||
|
|
||||||
ResponseCode = SwapBytes32(RecvBuffer.Header.responseCode);
|
ResponseCode = SwapBytes32(RecvBuffer.Header.responseCode);
|
||||||
@ -365,24 +366,37 @@ Tpm2NvDefineSpace (
|
|||||||
break;
|
break;
|
||||||
case TPM_RC_SIZE + RC_NV_DefineSpace_publicInfo:
|
case TPM_RC_SIZE + RC_NV_DefineSpace_publicInfo:
|
||||||
case TPM_RC_SIZE + RC_NV_DefineSpace_auth:
|
case TPM_RC_SIZE + RC_NV_DefineSpace_auth:
|
||||||
return EFI_BAD_BUFFER_SIZE;
|
Status = EFI_BAD_BUFFER_SIZE;
|
||||||
|
break;
|
||||||
case TPM_RC_ATTRIBUTES:
|
case TPM_RC_ATTRIBUTES:
|
||||||
case TPM_RC_ATTRIBUTES + RC_NV_DefineSpace_publicInfo:
|
case TPM_RC_ATTRIBUTES + RC_NV_DefineSpace_publicInfo:
|
||||||
return EFI_UNSUPPORTED;
|
Status = EFI_UNSUPPORTED;
|
||||||
|
break;
|
||||||
case TPM_RC_ATTRIBUTES + RC_NV_DefineSpace_authHandle:
|
case TPM_RC_ATTRIBUTES + RC_NV_DefineSpace_authHandle:
|
||||||
return EFI_INVALID_PARAMETER;
|
Status = EFI_INVALID_PARAMETER;
|
||||||
|
break;
|
||||||
case TPM_RC_NV_DEFINED:
|
case TPM_RC_NV_DEFINED:
|
||||||
return EFI_ALREADY_STARTED;
|
Status = EFI_ALREADY_STARTED;
|
||||||
|
break;
|
||||||
case TPM_RC_VALUE + RC_NV_DefineSpace_publicInfo:
|
case TPM_RC_VALUE + RC_NV_DefineSpace_publicInfo:
|
||||||
case TPM_RC_VALUE + RC_NV_DefineSpace_authHandle:
|
case TPM_RC_VALUE + RC_NV_DefineSpace_authHandle:
|
||||||
return EFI_INVALID_PARAMETER;
|
Status = EFI_INVALID_PARAMETER;
|
||||||
|
break;
|
||||||
case TPM_RC_NV_SPACE:
|
case TPM_RC_NV_SPACE:
|
||||||
return EFI_OUT_OF_RESOURCES;
|
Status = EFI_OUT_OF_RESOURCES;
|
||||||
|
break;
|
||||||
default:
|
default:
|
||||||
return EFI_DEVICE_ERROR;
|
Status = EFI_DEVICE_ERROR;
|
||||||
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
return EFI_SUCCESS;
|
Done:
|
||||||
|
//
|
||||||
|
// Clear AuthSession Content
|
||||||
|
//
|
||||||
|
ZeroMem (&SendBuffer, sizeof(SendBuffer));
|
||||||
|
ZeroMem (&RecvBuffer, sizeof(RecvBuffer));
|
||||||
|
return Status;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -441,12 +455,13 @@ Tpm2NvUndefineSpace (
|
|||||||
RecvBufferSize = sizeof (RecvBuffer);
|
RecvBufferSize = sizeof (RecvBuffer);
|
||||||
Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
|
Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
|
||||||
if (EFI_ERROR (Status)) {
|
if (EFI_ERROR (Status)) {
|
||||||
return Status;
|
goto Done;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER)) {
|
if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER)) {
|
||||||
DEBUG ((EFI_D_ERROR, "Tpm2NvUndefineSpace - RecvBufferSize Error - %x\n", RecvBufferSize));
|
DEBUG ((EFI_D_ERROR, "Tpm2NvUndefineSpace - RecvBufferSize Error - %x\n", RecvBufferSize));
|
||||||
return EFI_DEVICE_ERROR;
|
Status = EFI_DEVICE_ERROR;
|
||||||
|
goto Done;
|
||||||
}
|
}
|
||||||
|
|
||||||
ResponseCode = SwapBytes32(RecvBuffer.Header.responseCode);
|
ResponseCode = SwapBytes32(RecvBuffer.Header.responseCode);
|
||||||
@ -459,21 +474,33 @@ Tpm2NvUndefineSpace (
|
|||||||
break;
|
break;
|
||||||
case TPM_RC_ATTRIBUTES:
|
case TPM_RC_ATTRIBUTES:
|
||||||
case TPM_RC_ATTRIBUTES + RC_NV_UndefineSpace_nvIndex:
|
case TPM_RC_ATTRIBUTES + RC_NV_UndefineSpace_nvIndex:
|
||||||
return EFI_UNSUPPORTED;
|
Status = EFI_UNSUPPORTED;
|
||||||
|
break;
|
||||||
case TPM_RC_NV_AUTHORIZATION:
|
case TPM_RC_NV_AUTHORIZATION:
|
||||||
return EFI_SECURITY_VIOLATION;
|
Status = EFI_SECURITY_VIOLATION;
|
||||||
|
break;
|
||||||
case TPM_RC_HANDLE + RC_NV_UndefineSpace_nvIndex: // TPM_RC_NV_DEFINED:
|
case TPM_RC_HANDLE + RC_NV_UndefineSpace_nvIndex: // TPM_RC_NV_DEFINED:
|
||||||
return EFI_NOT_FOUND;
|
Status = EFI_NOT_FOUND;
|
||||||
|
break;
|
||||||
case TPM_RC_HANDLE + RC_NV_UndefineSpace_authHandle: // TPM_RC_NV_DEFINED:
|
case TPM_RC_HANDLE + RC_NV_UndefineSpace_authHandle: // TPM_RC_NV_DEFINED:
|
||||||
return EFI_INVALID_PARAMETER;
|
Status = EFI_INVALID_PARAMETER;
|
||||||
|
break;
|
||||||
case TPM_RC_VALUE + RC_NV_UndefineSpace_authHandle:
|
case TPM_RC_VALUE + RC_NV_UndefineSpace_authHandle:
|
||||||
case TPM_RC_VALUE + RC_NV_UndefineSpace_nvIndex:
|
case TPM_RC_VALUE + RC_NV_UndefineSpace_nvIndex:
|
||||||
return EFI_INVALID_PARAMETER;
|
Status = EFI_INVALID_PARAMETER;
|
||||||
|
break;
|
||||||
default:
|
default:
|
||||||
return EFI_DEVICE_ERROR;
|
Status = EFI_DEVICE_ERROR;
|
||||||
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
return EFI_SUCCESS;
|
Done:
|
||||||
|
//
|
||||||
|
// Clear AuthSession Content
|
||||||
|
//
|
||||||
|
ZeroMem (&SendBuffer, sizeof(SendBuffer));
|
||||||
|
ZeroMem (&RecvBuffer, sizeof(RecvBuffer));
|
||||||
|
return Status;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -543,12 +570,13 @@ Tpm2NvRead (
|
|||||||
RecvBufferSize = sizeof (RecvBuffer);
|
RecvBufferSize = sizeof (RecvBuffer);
|
||||||
Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
|
Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
|
||||||
if (EFI_ERROR (Status)) {
|
if (EFI_ERROR (Status)) {
|
||||||
return Status;
|
goto Done;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER)) {
|
if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER)) {
|
||||||
DEBUG ((EFI_D_ERROR, "Tpm2NvRead - RecvBufferSize Error - %x\n", RecvBufferSize));
|
DEBUG ((EFI_D_ERROR, "Tpm2NvRead - RecvBufferSize Error - %x\n", RecvBufferSize));
|
||||||
return EFI_DEVICE_ERROR;
|
Status = EFI_DEVICE_ERROR;
|
||||||
|
goto Done;
|
||||||
}
|
}
|
||||||
ResponseCode = SwapBytes32(RecvBuffer.Header.responseCode);
|
ResponseCode = SwapBytes32(RecvBuffer.Header.responseCode);
|
||||||
if (ResponseCode != TPM_RC_SUCCESS) {
|
if (ResponseCode != TPM_RC_SUCCESS) {
|
||||||
@ -559,30 +587,45 @@ Tpm2NvRead (
|
|||||||
// return data
|
// return data
|
||||||
break;
|
break;
|
||||||
case TPM_RC_NV_AUTHORIZATION:
|
case TPM_RC_NV_AUTHORIZATION:
|
||||||
return EFI_SECURITY_VIOLATION;
|
Status = EFI_SECURITY_VIOLATION;
|
||||||
|
break;
|
||||||
case TPM_RC_NV_LOCKED:
|
case TPM_RC_NV_LOCKED:
|
||||||
return EFI_ACCESS_DENIED;
|
Status = EFI_ACCESS_DENIED;
|
||||||
|
break;
|
||||||
case TPM_RC_NV_RANGE:
|
case TPM_RC_NV_RANGE:
|
||||||
return EFI_BAD_BUFFER_SIZE;
|
Status = EFI_BAD_BUFFER_SIZE;
|
||||||
|
break;
|
||||||
case TPM_RC_NV_UNINITIALIZED:
|
case TPM_RC_NV_UNINITIALIZED:
|
||||||
return EFI_NOT_READY;
|
Status = EFI_NOT_READY;
|
||||||
|
break;
|
||||||
case TPM_RC_HANDLE + RC_NV_Read_nvIndex: // TPM_RC_NV_DEFINED:
|
case TPM_RC_HANDLE + RC_NV_Read_nvIndex: // TPM_RC_NV_DEFINED:
|
||||||
return EFI_NOT_FOUND;
|
Status = EFI_NOT_FOUND;
|
||||||
|
break;
|
||||||
case TPM_RC_HANDLE + RC_NV_Read_authHandle: // TPM_RC_NV_DEFINED:
|
case TPM_RC_HANDLE + RC_NV_Read_authHandle: // TPM_RC_NV_DEFINED:
|
||||||
return EFI_INVALID_PARAMETER;
|
Status = EFI_INVALID_PARAMETER;
|
||||||
|
break;
|
||||||
case TPM_RC_VALUE + RC_NV_Read_nvIndex:
|
case TPM_RC_VALUE + RC_NV_Read_nvIndex:
|
||||||
case TPM_RC_VALUE + RC_NV_Read_authHandle:
|
case TPM_RC_VALUE + RC_NV_Read_authHandle:
|
||||||
return EFI_INVALID_PARAMETER;
|
Status = EFI_INVALID_PARAMETER;
|
||||||
|
break;
|
||||||
case TPM_RC_BAD_AUTH + RC_NV_Read_authHandle + TPM_RC_S:
|
case TPM_RC_BAD_AUTH + RC_NV_Read_authHandle + TPM_RC_S:
|
||||||
return EFI_INVALID_PARAMETER;
|
Status = EFI_INVALID_PARAMETER;
|
||||||
|
break;
|
||||||
case TPM_RC_AUTH_UNAVAILABLE:
|
case TPM_RC_AUTH_UNAVAILABLE:
|
||||||
return EFI_INVALID_PARAMETER;
|
Status = EFI_INVALID_PARAMETER;
|
||||||
|
break;
|
||||||
case TPM_RC_AUTH_FAIL + RC_NV_Read_authHandle + TPM_RC_S:
|
case TPM_RC_AUTH_FAIL + RC_NV_Read_authHandle + TPM_RC_S:
|
||||||
return EFI_INVALID_PARAMETER;
|
Status = EFI_INVALID_PARAMETER;
|
||||||
default:
|
break;
|
||||||
return EFI_DEVICE_ERROR;
|
|
||||||
case TPM_RC_ATTRIBUTES + RC_NV_Read_authHandle + TPM_RC_S:
|
case TPM_RC_ATTRIBUTES + RC_NV_Read_authHandle + TPM_RC_S:
|
||||||
return EFI_UNSUPPORTED;
|
Status = EFI_UNSUPPORTED;
|
||||||
|
break;
|
||||||
|
default:
|
||||||
|
Status = EFI_DEVICE_ERROR;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
if (Status != EFI_SUCCESS) {
|
||||||
|
goto Done;
|
||||||
}
|
}
|
||||||
|
|
||||||
//
|
//
|
||||||
@ -591,7 +634,13 @@ Tpm2NvRead (
|
|||||||
OutData->size = SwapBytes16 (RecvBuffer.Data.size);
|
OutData->size = SwapBytes16 (RecvBuffer.Data.size);
|
||||||
CopyMem (OutData->buffer, &RecvBuffer.Data.buffer, OutData->size);
|
CopyMem (OutData->buffer, &RecvBuffer.Data.buffer, OutData->size);
|
||||||
|
|
||||||
return EFI_SUCCESS;
|
Done:
|
||||||
|
//
|
||||||
|
// Clear AuthSession Content
|
||||||
|
//
|
||||||
|
ZeroMem (&SendBuffer, sizeof(SendBuffer));
|
||||||
|
ZeroMem (&RecvBuffer, sizeof(RecvBuffer));
|
||||||
|
return Status;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -661,12 +710,13 @@ Tpm2NvWrite (
|
|||||||
RecvBufferSize = sizeof (RecvBuffer);
|
RecvBufferSize = sizeof (RecvBuffer);
|
||||||
Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
|
Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
|
||||||
if (EFI_ERROR (Status)) {
|
if (EFI_ERROR (Status)) {
|
||||||
return Status;
|
goto Done;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER)) {
|
if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER)) {
|
||||||
DEBUG ((EFI_D_ERROR, "Tpm2NvWrite - RecvBufferSize Error - %x\n", RecvBufferSize));
|
DEBUG ((EFI_D_ERROR, "Tpm2NvWrite - RecvBufferSize Error - %x\n", RecvBufferSize));
|
||||||
return EFI_DEVICE_ERROR;
|
Status = EFI_DEVICE_ERROR;
|
||||||
|
goto Done;
|
||||||
}
|
}
|
||||||
ResponseCode = SwapBytes32(RecvBuffer.Header.responseCode);
|
ResponseCode = SwapBytes32(RecvBuffer.Header.responseCode);
|
||||||
if (ResponseCode != TPM_RC_SUCCESS) {
|
if (ResponseCode != TPM_RC_SUCCESS) {
|
||||||
@ -674,33 +724,54 @@ Tpm2NvWrite (
|
|||||||
}
|
}
|
||||||
switch (ResponseCode) {
|
switch (ResponseCode) {
|
||||||
case TPM_RC_SUCCESS:
|
case TPM_RC_SUCCESS:
|
||||||
return EFI_SUCCESS;
|
// return data
|
||||||
|
break;
|
||||||
case TPM_RC_ATTRIBUTES:
|
case TPM_RC_ATTRIBUTES:
|
||||||
return EFI_UNSUPPORTED;
|
Status = EFI_UNSUPPORTED;
|
||||||
|
break;
|
||||||
case TPM_RC_NV_AUTHORIZATION:
|
case TPM_RC_NV_AUTHORIZATION:
|
||||||
return EFI_SECURITY_VIOLATION;
|
Status = EFI_SECURITY_VIOLATION;
|
||||||
|
break;
|
||||||
case TPM_RC_NV_LOCKED:
|
case TPM_RC_NV_LOCKED:
|
||||||
return EFI_ACCESS_DENIED;
|
Status = EFI_ACCESS_DENIED;
|
||||||
|
break;
|
||||||
case TPM_RC_NV_RANGE:
|
case TPM_RC_NV_RANGE:
|
||||||
return EFI_BAD_BUFFER_SIZE;
|
Status = EFI_BAD_BUFFER_SIZE;
|
||||||
|
break;
|
||||||
case TPM_RC_HANDLE + RC_NV_Write_nvIndex: // TPM_RC_NV_DEFINED:
|
case TPM_RC_HANDLE + RC_NV_Write_nvIndex: // TPM_RC_NV_DEFINED:
|
||||||
return EFI_NOT_FOUND;
|
Status = EFI_NOT_FOUND;
|
||||||
|
break;
|
||||||
case TPM_RC_HANDLE + RC_NV_Write_authHandle: // TPM_RC_NV_DEFINED:
|
case TPM_RC_HANDLE + RC_NV_Write_authHandle: // TPM_RC_NV_DEFINED:
|
||||||
return EFI_INVALID_PARAMETER;
|
Status = EFI_INVALID_PARAMETER;
|
||||||
|
break;
|
||||||
case TPM_RC_VALUE + RC_NV_Write_nvIndex:
|
case TPM_RC_VALUE + RC_NV_Write_nvIndex:
|
||||||
case TPM_RC_VALUE + RC_NV_Write_authHandle:
|
case TPM_RC_VALUE + RC_NV_Write_authHandle:
|
||||||
return EFI_INVALID_PARAMETER;
|
Status = EFI_INVALID_PARAMETER;
|
||||||
|
break;
|
||||||
case TPM_RC_BAD_AUTH + RC_NV_Write_authHandle + TPM_RC_S:
|
case TPM_RC_BAD_AUTH + RC_NV_Write_authHandle + TPM_RC_S:
|
||||||
return EFI_INVALID_PARAMETER;
|
Status = EFI_INVALID_PARAMETER;
|
||||||
|
break;
|
||||||
case TPM_RC_AUTH_UNAVAILABLE:
|
case TPM_RC_AUTH_UNAVAILABLE:
|
||||||
return EFI_INVALID_PARAMETER;
|
Status = EFI_INVALID_PARAMETER;
|
||||||
|
break;
|
||||||
case TPM_RC_AUTH_FAIL + RC_NV_Write_authHandle + TPM_RC_S:
|
case TPM_RC_AUTH_FAIL + RC_NV_Write_authHandle + TPM_RC_S:
|
||||||
return EFI_INVALID_PARAMETER;
|
Status = EFI_INVALID_PARAMETER;
|
||||||
default:
|
break;
|
||||||
return EFI_DEVICE_ERROR;
|
|
||||||
case TPM_RC_ATTRIBUTES + RC_NV_Write_authHandle + TPM_RC_S:
|
case TPM_RC_ATTRIBUTES + RC_NV_Write_authHandle + TPM_RC_S:
|
||||||
return EFI_UNSUPPORTED;
|
Status = EFI_UNSUPPORTED;
|
||||||
|
break;
|
||||||
|
default:
|
||||||
|
Status = EFI_DEVICE_ERROR;
|
||||||
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Done:
|
||||||
|
//
|
||||||
|
// Clear AuthSession Content
|
||||||
|
//
|
||||||
|
ZeroMem (&SendBuffer, sizeof(SendBuffer));
|
||||||
|
ZeroMem (&RecvBuffer, sizeof(RecvBuffer));
|
||||||
|
return Status;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -759,12 +830,13 @@ Tpm2NvReadLock (
|
|||||||
RecvBufferSize = sizeof (RecvBuffer);
|
RecvBufferSize = sizeof (RecvBuffer);
|
||||||
Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
|
Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
|
||||||
if (EFI_ERROR (Status)) {
|
if (EFI_ERROR (Status)) {
|
||||||
return Status;
|
goto Done;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER)) {
|
if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER)) {
|
||||||
DEBUG ((EFI_D_ERROR, "Tpm2NvReadLock - RecvBufferSize Error - %x\n", RecvBufferSize));
|
DEBUG ((EFI_D_ERROR, "Tpm2NvReadLock - RecvBufferSize Error - %x\n", RecvBufferSize));
|
||||||
return EFI_DEVICE_ERROR;
|
Status = EFI_DEVICE_ERROR;
|
||||||
|
goto Done;
|
||||||
}
|
}
|
||||||
|
|
||||||
ResponseCode = SwapBytes32(RecvBuffer.Header.responseCode);
|
ResponseCode = SwapBytes32(RecvBuffer.Header.responseCode);
|
||||||
@ -776,10 +848,17 @@ Tpm2NvReadLock (
|
|||||||
// return data
|
// return data
|
||||||
break;
|
break;
|
||||||
default:
|
default:
|
||||||
return EFI_DEVICE_ERROR;
|
Status = EFI_DEVICE_ERROR;
|
||||||
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
return EFI_SUCCESS;
|
Done:
|
||||||
|
//
|
||||||
|
// Clear AuthSession Content
|
||||||
|
//
|
||||||
|
ZeroMem (&SendBuffer, sizeof(SendBuffer));
|
||||||
|
ZeroMem (&RecvBuffer, sizeof(RecvBuffer));
|
||||||
|
return Status;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -838,12 +917,13 @@ Tpm2NvWriteLock (
|
|||||||
RecvBufferSize = sizeof (RecvBuffer);
|
RecvBufferSize = sizeof (RecvBuffer);
|
||||||
Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
|
Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
|
||||||
if (EFI_ERROR (Status)) {
|
if (EFI_ERROR (Status)) {
|
||||||
return Status;
|
goto Done;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER)) {
|
if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER)) {
|
||||||
DEBUG ((EFI_D_ERROR, "Tpm2NvWriteLock - RecvBufferSize Error - %x\n", RecvBufferSize));
|
DEBUG ((EFI_D_ERROR, "Tpm2NvWriteLock - RecvBufferSize Error - %x\n", RecvBufferSize));
|
||||||
return EFI_DEVICE_ERROR;
|
Status = EFI_DEVICE_ERROR;
|
||||||
|
goto Done;
|
||||||
}
|
}
|
||||||
|
|
||||||
ResponseCode = SwapBytes32(RecvBuffer.Header.responseCode);
|
ResponseCode = SwapBytes32(RecvBuffer.Header.responseCode);
|
||||||
@ -855,10 +935,17 @@ Tpm2NvWriteLock (
|
|||||||
// return data
|
// return data
|
||||||
break;
|
break;
|
||||||
default:
|
default:
|
||||||
return EFI_DEVICE_ERROR;
|
Status = EFI_DEVICE_ERROR;
|
||||||
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
return EFI_SUCCESS;
|
Done:
|
||||||
|
//
|
||||||
|
// Clear AuthSession Content
|
||||||
|
//
|
||||||
|
ZeroMem (&SendBuffer, sizeof(SendBuffer));
|
||||||
|
ZeroMem (&RecvBuffer, sizeof(RecvBuffer));
|
||||||
|
return Status;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -914,12 +1001,13 @@ Tpm2NvGlobalWriteLock (
|
|||||||
RecvBufferSize = sizeof (RecvBuffer);
|
RecvBufferSize = sizeof (RecvBuffer);
|
||||||
Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
|
Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
|
||||||
if (EFI_ERROR (Status)) {
|
if (EFI_ERROR (Status)) {
|
||||||
return Status;
|
goto Done;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER)) {
|
if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER)) {
|
||||||
DEBUG ((EFI_D_ERROR, "Tpm2NvGlobalWriteLock - RecvBufferSize Error - %x\n", RecvBufferSize));
|
DEBUG ((EFI_D_ERROR, "Tpm2NvGlobalWriteLock - RecvBufferSize Error - %x\n", RecvBufferSize));
|
||||||
return EFI_DEVICE_ERROR;
|
Status = EFI_DEVICE_ERROR;
|
||||||
|
goto Done;
|
||||||
}
|
}
|
||||||
|
|
||||||
ResponseCode = SwapBytes32(RecvBuffer.Header.responseCode);
|
ResponseCode = SwapBytes32(RecvBuffer.Header.responseCode);
|
||||||
@ -931,8 +1019,15 @@ Tpm2NvGlobalWriteLock (
|
|||||||
// return data
|
// return data
|
||||||
break;
|
break;
|
||||||
default:
|
default:
|
||||||
return EFI_DEVICE_ERROR;
|
Status = EFI_DEVICE_ERROR;
|
||||||
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
return EFI_SUCCESS;
|
Done:
|
||||||
|
//
|
||||||
|
// Clear AuthSession Content
|
||||||
|
//
|
||||||
|
ZeroMem (&SendBuffer, sizeof(SendBuffer));
|
||||||
|
ZeroMem (&RecvBuffer, sizeof(RecvBuffer));
|
||||||
|
return Status;
|
||||||
}
|
}
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user