Revision: 19635
http://sourceforge.net/p/edk2/code/19635
Author: jyao1
Date: 2016-01-11 05:18:32 +0000 (Mon, 11 Jan 2016)
Log Message:
-----------
SecurityPkg: Clear AuthSession content after use.
Some commands in Tpm2CommandLib accept AuthSession
as input parameter and copy to local command buffer.
After use, this AuthSession content should be zeroed,
because there might be some secrete there.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: "Yao, Jiewen" <[email protected]>
Reviewed-by: "Zhang, Chao B" <[email protected]>
Modified Paths:
--------------
trunk/edk2/SecurityPkg/Library/Tpm2CommandLib/Tpm2DictionaryAttack.c
trunk/edk2/SecurityPkg/Library/Tpm2CommandLib/Tpm2EnhancedAuthorization.c
trunk/edk2/SecurityPkg/Library/Tpm2CommandLib/Tpm2Hierarchy.c
trunk/edk2/SecurityPkg/Library/Tpm2CommandLib/Tpm2Integrity.c
trunk/edk2/SecurityPkg/Library/Tpm2CommandLib/Tpm2Miscellaneous.c
trunk/edk2/SecurityPkg/Library/Tpm2CommandLib/Tpm2NVStorage.c
Modified: trunk/edk2/SecurityPkg/Library/Tpm2CommandLib/Tpm2DictionaryAttack.c
===================================================================
--- trunk/edk2/SecurityPkg/Library/Tpm2CommandLib/Tpm2DictionaryAttack.c
2016-01-11 05:15:18 UTC (rev 19634)
+++ trunk/edk2/SecurityPkg/Library/Tpm2CommandLib/Tpm2DictionaryAttack.c
2016-01-11 05:18:32 UTC (rev 19635)
@@ -1,7 +1,7 @@
/** @file
Implement TPM2 DictionaryAttack related command.
-Copyright (c) 2013, Intel Corporation. All rights reserved. <BR>
+Copyright (c) 2013 - 2016, Intel Corporation. All rights reserved. <BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD
License
which accompanies this distribution. The full text of the license may be
found at
@@ -104,19 +104,27 @@
RecvBufferSize = sizeof (RecvBuffer);
Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer,
&RecvBufferSize, (UINT8 *)&RecvBuffer);
if (EFI_ERROR (Status)) {
- return Status;
+ goto Done;
}
if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER)) {
DEBUG ((EFI_D_ERROR, "Tpm2DictionaryAttackLockReset - RecvBufferSize Error
- %x\n", RecvBufferSize));
- return EFI_DEVICE_ERROR;
+ Status = EFI_DEVICE_ERROR;
+ goto Done;
}
if (SwapBytes32(RecvBuffer.Header.responseCode) != TPM_RC_SUCCESS) {
DEBUG ((EFI_D_ERROR, "Tpm2DictionaryAttackLockReset - responseCode -
%x\n", SwapBytes32(RecvBuffer.Header.responseCode)));
- return EFI_DEVICE_ERROR;
+ Status = EFI_DEVICE_ERROR;
+ goto Done;
}
- return EFI_SUCCESS;
+Done:
+ //
+ // Clear AuthSession Content
+ //
+ ZeroMem (&SendBuffer, sizeof(SendBuffer));
+ ZeroMem (&RecvBuffer, sizeof(RecvBuffer));
+ return Status;
}
/**
@@ -187,17 +195,25 @@
RecvBufferSize = sizeof (RecvBuffer);
Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer,
&RecvBufferSize, (UINT8 *)&RecvBuffer);
if (EFI_ERROR (Status)) {
- return Status;
+ goto Done;
}
if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER)) {
DEBUG ((EFI_D_ERROR, "Tpm2DictionaryAttackParameters - RecvBufferSize
Error - %x\n", RecvBufferSize));
- return EFI_DEVICE_ERROR;
+ Status = EFI_DEVICE_ERROR;
+ goto Done;
}
if (SwapBytes32(RecvBuffer.Header.responseCode) != TPM_RC_SUCCESS) {
DEBUG ((EFI_D_ERROR, "Tpm2DictionaryAttackParameters - responseCode -
%x\n", SwapBytes32(RecvBuffer.Header.responseCode)));
- return EFI_DEVICE_ERROR;
+ Status = EFI_DEVICE_ERROR;
+ goto Done;
}
- return EFI_SUCCESS;
+Done:
+ //
+ // Clear AuthSession Content
+ //
+ ZeroMem (&SendBufferSize, sizeof(SendBufferSize));
+ ZeroMem (&RecvBuffer, sizeof(RecvBuffer));
+ return Status;
}
Modified:
trunk/edk2/SecurityPkg/Library/Tpm2CommandLib/Tpm2EnhancedAuthorization.c
===================================================================
--- trunk/edk2/SecurityPkg/Library/Tpm2CommandLib/Tpm2EnhancedAuthorization.c
2016-01-11 05:15:18 UTC (rev 19634)
+++ trunk/edk2/SecurityPkg/Library/Tpm2CommandLib/Tpm2EnhancedAuthorization.c
2016-01-11 05:18:32 UTC (rev 19635)
@@ -1,7 +1,7 @@
/** @file
Implement TPM2 EnhancedAuthorization related command.
-Copyright (c) 2014, Intel Corporation. All rights reserved. <BR>
+Copyright (c) 2014 - 2016, Intel Corporation. All rights reserved. <BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD
License
which accompanies this distribution. The full text of the license may be
found at
@@ -161,16 +161,18 @@
RecvBufferSize = sizeof (RecvBuffer);
Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer,
&RecvBufferSize, (UINT8 *)&RecvBuffer);
if (EFI_ERROR (Status)) {
- return Status;
+ goto Done;
}
if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER)) {
DEBUG ((EFI_D_ERROR, "Tpm2PolicySecret - RecvBufferSize Error - %x\n",
RecvBufferSize));
- return EFI_DEVICE_ERROR;
+ Status = EFI_DEVICE_ERROR;
+ goto Done;
}
if (SwapBytes32(RecvBuffer.Header.responseCode) != TPM_RC_SUCCESS) {
DEBUG ((EFI_D_ERROR, "Tpm2PolicySecret - responseCode - %x\n",
SwapBytes32(RecvBuffer.Header.responseCode)));
- return EFI_DEVICE_ERROR;
+ Status = EFI_DEVICE_ERROR;
+ goto Done;
}
//
@@ -189,7 +191,13 @@
Buffer += sizeof(UINT16);
CopyMem (PolicyTicket->digest.buffer, Buffer, PolicyTicket->digest.size);
- return EFI_SUCCESS;
+Done:
+ //
+ // Clear AuthSession Content
+ //
+ ZeroMem (&SendBuffer, sizeof(SendBuffer));
+ ZeroMem (&RecvBuffer, sizeof(RecvBuffer));
+ return Status;
}
/**
Modified: trunk/edk2/SecurityPkg/Library/Tpm2CommandLib/Tpm2Hierarchy.c
===================================================================
--- trunk/edk2/SecurityPkg/Library/Tpm2CommandLib/Tpm2Hierarchy.c
2016-01-11 05:15:18 UTC (rev 19634)
+++ trunk/edk2/SecurityPkg/Library/Tpm2CommandLib/Tpm2Hierarchy.c
2016-01-11 05:18:32 UTC (rev 19635)
@@ -1,7 +1,7 @@
/** @file
Implement TPM2 Hierarchy related command.
-Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved. <BR>
+Copyright (c) 2013 - 2016, Intel Corporation. All rights reserved. <BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD
License
which accompanies this distribution. The full text of the license may be
found at
@@ -186,19 +186,27 @@
RecvBufferSize = sizeof (RecvBuffer);
Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer,
&RecvBufferSize, (UINT8 *)&RecvBuffer);
if (EFI_ERROR (Status)) {
- return Status;
+ goto Done;
}
if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER)) {
DEBUG ((EFI_D_ERROR, "Tpm2SetPrimaryPolicy - RecvBufferSize Error - %x\n",
RecvBufferSize));
- return EFI_DEVICE_ERROR;
+ Status = EFI_DEVICE_ERROR;
+ goto Done;
}
if (SwapBytes32(RecvBuffer.Header.responseCode) != TPM_RC_SUCCESS) {
DEBUG ((EFI_D_ERROR, "Tpm2SetPrimaryPolicy - responseCode - %x\n",
SwapBytes32(RecvBuffer.Header.responseCode)));
- return EFI_DEVICE_ERROR;
+ Status = EFI_DEVICE_ERROR;
+ goto Done;
}
- return EFI_SUCCESS;
+Done:
+ //
+ // Clear AuthSession Content
+ //
+ ZeroMem (&SendBuffer, sizeof(SendBuffer));
+ ZeroMem (&RecvBuffer, sizeof(RecvBuffer));
+ return Status;
}
/**
@@ -246,12 +254,13 @@
ResultBufSize = sizeof(Res);
Status = Tpm2SubmitCommand (CmdSize, (UINT8 *)&Cmd, &ResultBufSize, (UINT8
*)&Res);
if (EFI_ERROR(Status)) {
- return Status;
+ goto Done;
}
if (ResultBufSize > sizeof(Res)) {
DEBUG ((EFI_D_ERROR, "Clear: Failed ExecuteCommand: Buffer Too
Small\r\n"));
- return EFI_BUFFER_TOO_SMALL;
+ Status = EFI_BUFFER_TOO_SMALL;
+ goto Done;
}
//
@@ -260,7 +269,8 @@
RespSize = SwapBytes32(Res.Header.paramSize);
if (RespSize > sizeof(Res)) {
DEBUG ((EFI_D_ERROR, "Clear: Response size too large! %d\r\n", RespSize));
- return EFI_BUFFER_TOO_SMALL;
+ Status = EFI_BUFFER_TOO_SMALL;
+ goto Done;
}
//
@@ -268,7 +278,8 @@
//
if (SwapBytes32(Res.Header.responseCode) != TPM_RC_SUCCESS) {
DEBUG ((EFI_D_ERROR, "Clear: Response Code error! 0x%08x\r\n",
SwapBytes32(Res.Header.responseCode)));
- return EFI_DEVICE_ERROR;
+ Status = EFI_DEVICE_ERROR;
+ goto Done;
}
//
@@ -276,8 +287,13 @@
//
// None
-
- return EFI_SUCCESS;
+Done:
+ //
+ // Clear AuthSession Content
+ //
+ ZeroMem (&Cmd, sizeof(Cmd));
+ ZeroMem (&Res, sizeof(Res));
+ return Status;
}
/**
@@ -332,12 +348,13 @@
ResultBufSize = sizeof(Res);
Status = Tpm2SubmitCommand (CmdSize, (UINT8 *)&Cmd, &ResultBufSize, (UINT8
*)&Res);
if (EFI_ERROR(Status)) {
- return Status;
+ goto Done;
}
if (ResultBufSize > sizeof(Res)) {
DEBUG ((EFI_D_ERROR, "ClearControl: Failed ExecuteCommand: Buffer Too
Small\r\n"));
- return EFI_BUFFER_TOO_SMALL;
+ Status = EFI_BUFFER_TOO_SMALL;
+ goto Done;
}
//
@@ -346,7 +363,8 @@
RespSize = SwapBytes32(Res.Header.paramSize);
if (RespSize > sizeof(Res)) {
DEBUG ((EFI_D_ERROR, "ClearControl: Response size too large! %d\r\n",
RespSize));
- return EFI_BUFFER_TOO_SMALL;
+ Status = EFI_BUFFER_TOO_SMALL;
+ goto Done;
}
//
@@ -354,7 +372,8 @@
//
if (SwapBytes32(Res.Header.responseCode) != TPM_RC_SUCCESS) {
DEBUG ((EFI_D_ERROR, "ClearControl: Response Code error! 0x%08x\r\n",
SwapBytes32(Res.Header.responseCode)));
- return EFI_DEVICE_ERROR;
+ Status = EFI_DEVICE_ERROR;
+ goto Done;
}
//
@@ -362,8 +381,13 @@
//
// None
-
- return EFI_SUCCESS;
+Done:
+ //
+ // Clear AuthSession Content
+ //
+ ZeroMem (&Cmd, sizeof(Cmd));
+ ZeroMem (&Res, sizeof(Res));
+ return Status;
}
/**
@@ -436,10 +460,14 @@
&ResultBufSize,
ResultBuf
);
+ if (EFI_ERROR(Status)) {
+ goto Done;
+ }
if (ResultBufSize > sizeof(Res)) {
DEBUG ((EFI_D_ERROR, "HierarchyChangeAuth: Failed ExecuteCommand: Buffer
Too Small\r\n"));
- return EFI_BUFFER_TOO_SMALL;
+ Status = EFI_BUFFER_TOO_SMALL;
+ goto Done;
}
//
@@ -448,7 +476,8 @@
RespSize = SwapBytes32(Res.Header.paramSize);
if (RespSize > sizeof(Res)) {
DEBUG ((EFI_D_ERROR, "HierarchyChangeAuth: Response size too large!
%d\r\n", RespSize));
- return EFI_BUFFER_TOO_SMALL;
+ Status = EFI_BUFFER_TOO_SMALL;
+ goto Done;
}
//
@@ -456,10 +485,17 @@
//
if (SwapBytes32(Res.Header.responseCode) != TPM_RC_SUCCESS) {
DEBUG((EFI_D_ERROR,"HierarchyChangeAuth: Response Code error! 0x%08x\r\n",
SwapBytes32(Res.Header.responseCode)));
- return EFI_DEVICE_ERROR;
+ Status = EFI_DEVICE_ERROR;
+ goto Done;
}
- return EFI_SUCCESS;
+Done:
+ //
+ // Clear AuthSession Content
+ //
+ ZeroMem (&Cmd, sizeof(Cmd));
+ ZeroMem (&Res, sizeof(Res));
+ return Status;
}
/**
@@ -522,10 +558,14 @@
&ResultBufSize,
ResultBuf
);
+ if (EFI_ERROR(Status)) {
+ goto Done;
+ }
if (ResultBufSize > sizeof(Res)) {
DEBUG ((EFI_D_ERROR, "ChangeEPS: Failed ExecuteCommand: Buffer Too
Small\r\n"));
- return EFI_BUFFER_TOO_SMALL;
+ Status = EFI_BUFFER_TOO_SMALL;
+ goto Done;
}
//
@@ -534,7 +574,8 @@
RespSize = SwapBytes32(Res.Header.paramSize);
if (RespSize > sizeof(Res)) {
DEBUG ((EFI_D_ERROR, "ChangeEPS: Response size too large! %d\r\n",
RespSize));
- return EFI_BUFFER_TOO_SMALL;
+ Status = EFI_BUFFER_TOO_SMALL;
+ goto Done;
}
//
@@ -542,10 +583,17 @@
//
if (SwapBytes32(Res.Header.responseCode) != TPM_RC_SUCCESS) {
DEBUG((EFI_D_ERROR,"ChangeEPS: Response Code error! 0x%08x\r\n",
SwapBytes32(Res.Header.responseCode)));
- return EFI_DEVICE_ERROR;
+ Status = EFI_DEVICE_ERROR;
+ goto Done;
}
- return EFI_SUCCESS;
+Done:
+ //
+ // Clear AuthSession Content
+ //
+ ZeroMem (&Cmd, sizeof(Cmd));
+ ZeroMem (&Res, sizeof(Res));
+ return Status;
}
/**
@@ -608,10 +656,14 @@
&ResultBufSize,
ResultBuf
);
+ if (EFI_ERROR(Status)) {
+ goto Done;
+ }
if (ResultBufSize > sizeof(Res)) {
DEBUG ((EFI_D_ERROR, "ChangePPS: Failed ExecuteCommand: Buffer Too
Small\r\n"));
- return EFI_BUFFER_TOO_SMALL;
+ Status = EFI_BUFFER_TOO_SMALL;
+ goto Done;
}
//
@@ -620,7 +672,8 @@
RespSize = SwapBytes32(Res.Header.paramSize);
if (RespSize > sizeof(Res)) {
DEBUG ((EFI_D_ERROR, "ChangePPS: Response size too large! %d\r\n",
RespSize));
- return EFI_BUFFER_TOO_SMALL;
+ Status = EFI_BUFFER_TOO_SMALL;
+ goto Done;
}
//
@@ -628,10 +681,17 @@
//
if (SwapBytes32(Res.Header.responseCode) != TPM_RC_SUCCESS) {
DEBUG((EFI_D_ERROR,"ChangePPS: Response Code error! 0x%08x\r\n",
SwapBytes32(Res.Header.responseCode)));
- return EFI_DEVICE_ERROR;
+ Status = EFI_DEVICE_ERROR;
+ goto Done;
}
- return EFI_SUCCESS;
+Done:
+ //
+ // Clear AuthSession Content
+ //
+ ZeroMem (&Cmd, sizeof(Cmd));
+ ZeroMem (&Res, sizeof(Res));
+ return Status;
}
/**
@@ -704,10 +764,14 @@
&ResultBufSize,
ResultBuf
);
+ if (EFI_ERROR(Status)) {
+ goto Done;
+ }
if (ResultBufSize > sizeof(Res)) {
DEBUG ((EFI_D_ERROR, "HierarchyControl: Failed ExecuteCommand: Buffer Too
Small\r\n"));
- return EFI_BUFFER_TOO_SMALL;
+ Status = EFI_BUFFER_TOO_SMALL;
+ goto Done;
}
//
@@ -716,7 +780,8 @@
RespSize = SwapBytes32(Res.Header.paramSize);
if (RespSize > sizeof(Res)) {
DEBUG ((EFI_D_ERROR, "HierarchyControl: Response size too large! %d\r\n",
RespSize));
- return EFI_BUFFER_TOO_SMALL;
+ Status = EFI_BUFFER_TOO_SMALL;
+ goto Done;
}
//
@@ -724,8 +789,15 @@
//
if (SwapBytes32(Res.Header.responseCode) != TPM_RC_SUCCESS) {
DEBUG((EFI_D_ERROR,"HierarchyControl: Response Code error! 0x%08x\r\n",
SwapBytes32(Res.Header.responseCode)));
- return EFI_DEVICE_ERROR;
+ Status = EFI_DEVICE_ERROR;
+ goto Done;
}
- return EFI_SUCCESS;
+Done:
+ //
+ // Clear AuthSession Content
+ //
+ ZeroMem (&Cmd, sizeof(Cmd));
+ ZeroMem (&Res, sizeof(Res));
+ return Status;
}
Modified: trunk/edk2/SecurityPkg/Library/Tpm2CommandLib/Tpm2Integrity.c
===================================================================
--- trunk/edk2/SecurityPkg/Library/Tpm2CommandLib/Tpm2Integrity.c
2016-01-11 05:15:18 UTC (rev 19634)
+++ trunk/edk2/SecurityPkg/Library/Tpm2CommandLib/Tpm2Integrity.c
2016-01-11 05:18:32 UTC (rev 19635)
@@ -1,7 +1,7 @@
/** @file
Implement TPM2 Integrity related command.
-Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved. <BR>
+Copyright (c) 2013 - 2016, Intel Corporation. All rights reserved. <BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD
License
which accompanies this distribution. The full text of the license may be
found at
@@ -490,10 +490,14 @@
&ResultBufSize,
ResultBuf
);
+ if (EFI_ERROR(Status)) {
+ goto Done;
+ }
if (ResultBufSize > sizeof(Res)) {
DEBUG ((EFI_D_ERROR, "Tpm2PcrAllocate: Failed ExecuteCommand: Buffer Too
Small\r\n"));
- return EFI_BUFFER_TOO_SMALL;
+ Status = EFI_BUFFER_TOO_SMALL;
+ goto Done;
}
//
@@ -502,7 +506,8 @@
RespSize = SwapBytes32(Res.Header.paramSize);
if (RespSize > sizeof(Res)) {
DEBUG ((EFI_D_ERROR, "Tpm2PcrAllocate: Response size too large! %d\r\n",
RespSize));
- return EFI_BUFFER_TOO_SMALL;
+ Status = EFI_BUFFER_TOO_SMALL;
+ goto Done;
}
//
@@ -510,7 +515,8 @@
//
if (SwapBytes32(Res.Header.responseCode) != TPM_RC_SUCCESS) {
DEBUG((EFI_D_ERROR,"Tpm2PcrAllocate: Response Code error! 0x%08x\r\n",
SwapBytes32(Res.Header.responseCode)));
- return EFI_DEVICE_ERROR;
+ Status = EFI_DEVICE_ERROR;
+ goto Done;
}
//
@@ -521,5 +527,11 @@
*SizeNeeded = SwapBytes32(Res.SizeNeeded);
*SizeAvailable = SwapBytes32(Res.SizeAvailable);
- return EFI_SUCCESS;
+Done:
+ //
+ // Clear AuthSession Content
+ //
+ ZeroMem (&Cmd, sizeof(Cmd));
+ ZeroMem (&Res, sizeof(Res));
+ return Status;
}
Modified: trunk/edk2/SecurityPkg/Library/Tpm2CommandLib/Tpm2Miscellaneous.c
===================================================================
--- trunk/edk2/SecurityPkg/Library/Tpm2CommandLib/Tpm2Miscellaneous.c
2016-01-11 05:15:18 UTC (rev 19634)
+++ trunk/edk2/SecurityPkg/Library/Tpm2CommandLib/Tpm2Miscellaneous.c
2016-01-11 05:18:32 UTC (rev 19635)
@@ -1,7 +1,7 @@
/** @file
Implement TPM2 Miscellanenous related command.
-Copyright (c) 2013, Intel Corporation. All rights reserved. <BR>
+Copyright (c) 2013 - 2016, Intel Corporation. All rights reserved. <BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD
License
which accompanies this distribution. The full text of the license may be
found at
@@ -98,17 +98,25 @@
RecvBufferSize = sizeof (RecvBuffer);
Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer,
&RecvBufferSize, (UINT8 *)&RecvBuffer);
if (EFI_ERROR (Status)) {
- return Status;
+ goto Done;
}
if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER)) {
DEBUG ((EFI_D_ERROR, "Tpm2SetAlgorithmSet - RecvBufferSize Error - %x\n",
RecvBufferSize));
- return EFI_DEVICE_ERROR;
+ Status = EFI_DEVICE_ERROR;
+ goto Done;
}
if (SwapBytes32(RecvBuffer.Header.responseCode) != TPM_RC_SUCCESS) {
DEBUG ((EFI_D_ERROR, "Tpm2SetAlgorithmSet - responseCode - %x\n",
SwapBytes32(RecvBuffer.Header.responseCode)));
- return EFI_DEVICE_ERROR;
+ Status = EFI_DEVICE_ERROR;
+ goto Done;
}
- return EFI_SUCCESS;
+Done:
+ //
+ // Clear AuthSession Content
+ //
+ ZeroMem (&SendBuffer, sizeof(SendBuffer));
+ ZeroMem (&RecvBuffer, sizeof(RecvBuffer));
+ return Status;
}
Modified: trunk/edk2/SecurityPkg/Library/Tpm2CommandLib/Tpm2NVStorage.c
===================================================================
--- trunk/edk2/SecurityPkg/Library/Tpm2CommandLib/Tpm2NVStorage.c
2016-01-11 05:15:18 UTC (rev 19634)
+++ trunk/edk2/SecurityPkg/Library/Tpm2CommandLib/Tpm2NVStorage.c
2016-01-11 05:18:32 UTC (rev 19635)
@@ -1,7 +1,7 @@
/** @file
Implement TPM2 NVStorage related command.
-Copyright (c) 2013, Intel Corporation. All rights reserved. <BR>
+Copyright (c) 2013 - 2016, Intel Corporation. All rights reserved. <BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD
License
which accompanies this distribution. The full text of the license may be
found at
@@ -347,12 +347,13 @@
RecvBufferSize = sizeof (RecvBuffer);
Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer,
&RecvBufferSize, (UINT8 *)&RecvBuffer);
if (EFI_ERROR (Status)) {
- return Status;
+ goto Done;
}
if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER)) {
DEBUG ((EFI_D_ERROR, "Tpm2NvDefineSpace - RecvBufferSize Error - %x\n",
RecvBufferSize));
- return EFI_DEVICE_ERROR;
+ Status = EFI_DEVICE_ERROR;
+ goto Done;
}
ResponseCode = SwapBytes32(RecvBuffer.Header.responseCode);
@@ -365,24 +366,37 @@
break;
case TPM_RC_SIZE + RC_NV_DefineSpace_publicInfo:
case TPM_RC_SIZE + RC_NV_DefineSpace_auth:
- return EFI_BAD_BUFFER_SIZE;
+ Status = EFI_BAD_BUFFER_SIZE;
+ break;
case TPM_RC_ATTRIBUTES:
case TPM_RC_ATTRIBUTES + RC_NV_DefineSpace_publicInfo:
- return EFI_UNSUPPORTED;
+ Status = EFI_UNSUPPORTED;
+ break;
case TPM_RC_ATTRIBUTES + RC_NV_DefineSpace_authHandle:
- return EFI_INVALID_PARAMETER;
+ Status = EFI_INVALID_PARAMETER;
+ break;
case TPM_RC_NV_DEFINED:
- return EFI_ALREADY_STARTED;
+ Status = EFI_ALREADY_STARTED;
+ break;
case TPM_RC_VALUE + RC_NV_DefineSpace_publicInfo:
case TPM_RC_VALUE + RC_NV_DefineSpace_authHandle:
- return EFI_INVALID_PARAMETER;
+ Status = EFI_INVALID_PARAMETER;
+ break;
case TPM_RC_NV_SPACE:
- return EFI_OUT_OF_RESOURCES;
+ Status = EFI_OUT_OF_RESOURCES;
+ break;
default:
- return EFI_DEVICE_ERROR;
+ Status = EFI_DEVICE_ERROR;
+ break;
}
-
- return EFI_SUCCESS;
+
+Done:
+ //
+ // Clear AuthSession Content
+ //
+ ZeroMem (&SendBuffer, sizeof(SendBuffer));
+ ZeroMem (&RecvBuffer, sizeof(RecvBuffer));
+ return Status;
}
/**
@@ -441,12 +455,13 @@
RecvBufferSize = sizeof (RecvBuffer);
Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer,
&RecvBufferSize, (UINT8 *)&RecvBuffer);
if (EFI_ERROR (Status)) {
- return Status;
+ goto Done;
}
if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER)) {
DEBUG ((EFI_D_ERROR, "Tpm2NvUndefineSpace - RecvBufferSize Error - %x\n",
RecvBufferSize));
- return EFI_DEVICE_ERROR;
+ Status = EFI_DEVICE_ERROR;
+ goto Done;
}
ResponseCode = SwapBytes32(RecvBuffer.Header.responseCode);
@@ -459,21 +474,33 @@
break;
case TPM_RC_ATTRIBUTES:
case TPM_RC_ATTRIBUTES + RC_NV_UndefineSpace_nvIndex:
- return EFI_UNSUPPORTED;
+ Status = EFI_UNSUPPORTED;
+ break;
case TPM_RC_NV_AUTHORIZATION:
- return EFI_SECURITY_VIOLATION;
+ Status = EFI_SECURITY_VIOLATION;
+ break;
case TPM_RC_HANDLE + RC_NV_UndefineSpace_nvIndex: // TPM_RC_NV_DEFINED:
- return EFI_NOT_FOUND;
+ Status = EFI_NOT_FOUND;
+ break;
case TPM_RC_HANDLE + RC_NV_UndefineSpace_authHandle: // TPM_RC_NV_DEFINED:
- return EFI_INVALID_PARAMETER;
+ Status = EFI_INVALID_PARAMETER;
+ break;
case TPM_RC_VALUE + RC_NV_UndefineSpace_authHandle:
case TPM_RC_VALUE + RC_NV_UndefineSpace_nvIndex:
- return EFI_INVALID_PARAMETER;
+ Status = EFI_INVALID_PARAMETER;
+ break;
default:
- return EFI_DEVICE_ERROR;
+ Status = EFI_DEVICE_ERROR;
+ break;
}
- return EFI_SUCCESS;
+Done:
+ //
+ // Clear AuthSession Content
+ //
+ ZeroMem (&SendBuffer, sizeof(SendBuffer));
+ ZeroMem (&RecvBuffer, sizeof(RecvBuffer));
+ return Status;
}
/**
@@ -543,12 +570,13 @@
RecvBufferSize = sizeof (RecvBuffer);
Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer,
&RecvBufferSize, (UINT8 *)&RecvBuffer);
if (EFI_ERROR (Status)) {
- return Status;
+ goto Done;
}
if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER)) {
DEBUG ((EFI_D_ERROR, "Tpm2NvRead - RecvBufferSize Error - %x\n",
RecvBufferSize));
- return EFI_DEVICE_ERROR;
+ Status = EFI_DEVICE_ERROR;
+ goto Done;
}
ResponseCode = SwapBytes32(RecvBuffer.Header.responseCode);
if (ResponseCode != TPM_RC_SUCCESS) {
@@ -559,31 +587,46 @@
// return data
break;
case TPM_RC_NV_AUTHORIZATION:
- return EFI_SECURITY_VIOLATION;
+ Status = EFI_SECURITY_VIOLATION;
+ break;
case TPM_RC_NV_LOCKED:
- return EFI_ACCESS_DENIED;
+ Status = EFI_ACCESS_DENIED;
+ break;
case TPM_RC_NV_RANGE:
- return EFI_BAD_BUFFER_SIZE;
+ Status = EFI_BAD_BUFFER_SIZE;
+ break;
case TPM_RC_NV_UNINITIALIZED:
- return EFI_NOT_READY;
+ Status = EFI_NOT_READY;
+ break;
case TPM_RC_HANDLE + RC_NV_Read_nvIndex: // TPM_RC_NV_DEFINED:
- return EFI_NOT_FOUND;
+ Status = EFI_NOT_FOUND;
+ break;
case TPM_RC_HANDLE + RC_NV_Read_authHandle: // TPM_RC_NV_DEFINED:
- return EFI_INVALID_PARAMETER;
+ Status = EFI_INVALID_PARAMETER;
+ break;
case TPM_RC_VALUE + RC_NV_Read_nvIndex:
case TPM_RC_VALUE + RC_NV_Read_authHandle:
- return EFI_INVALID_PARAMETER;
+ Status = EFI_INVALID_PARAMETER;
+ break;
case TPM_RC_BAD_AUTH + RC_NV_Read_authHandle + TPM_RC_S:
- return EFI_INVALID_PARAMETER;
+ Status = EFI_INVALID_PARAMETER;
+ break;
case TPM_RC_AUTH_UNAVAILABLE:
- return EFI_INVALID_PARAMETER;
+ Status = EFI_INVALID_PARAMETER;
+ break;
case TPM_RC_AUTH_FAIL + RC_NV_Read_authHandle + TPM_RC_S:
- return EFI_INVALID_PARAMETER;
+ Status = EFI_INVALID_PARAMETER;
+ break;
+ case TPM_RC_ATTRIBUTES + RC_NV_Read_authHandle + TPM_RC_S:
+ Status = EFI_UNSUPPORTED;
+ break;
default:
- return EFI_DEVICE_ERROR;
- case TPM_RC_ATTRIBUTES + RC_NV_Read_authHandle + TPM_RC_S:
- return EFI_UNSUPPORTED;
+ Status = EFI_DEVICE_ERROR;
+ break;
}
+ if (Status != EFI_SUCCESS) {
+ goto Done;
+ }
//
// Return the response
@@ -591,7 +634,13 @@
OutData->size = SwapBytes16 (RecvBuffer.Data.size);
CopyMem (OutData->buffer, &RecvBuffer.Data.buffer, OutData->size);
- return EFI_SUCCESS;
+Done:
+ //
+ // Clear AuthSession Content
+ //
+ ZeroMem (&SendBuffer, sizeof(SendBuffer));
+ ZeroMem (&RecvBuffer, sizeof(RecvBuffer));
+ return Status;
}
/**
@@ -661,12 +710,13 @@
RecvBufferSize = sizeof (RecvBuffer);
Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer,
&RecvBufferSize, (UINT8 *)&RecvBuffer);
if (EFI_ERROR (Status)) {
- return Status;
+ goto Done;
}
if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER)) {
DEBUG ((EFI_D_ERROR, "Tpm2NvWrite - RecvBufferSize Error - %x\n",
RecvBufferSize));
- return EFI_DEVICE_ERROR;
+ Status = EFI_DEVICE_ERROR;
+ goto Done;
}
ResponseCode = SwapBytes32(RecvBuffer.Header.responseCode);
if (ResponseCode != TPM_RC_SUCCESS) {
@@ -674,33 +724,54 @@
}
switch (ResponseCode) {
case TPM_RC_SUCCESS:
- return EFI_SUCCESS;
+ // return data
+ break;
case TPM_RC_ATTRIBUTES:
- return EFI_UNSUPPORTED;
+ Status = EFI_UNSUPPORTED;
+ break;
case TPM_RC_NV_AUTHORIZATION:
- return EFI_SECURITY_VIOLATION;
+ Status = EFI_SECURITY_VIOLATION;
+ break;
case TPM_RC_NV_LOCKED:
- return EFI_ACCESS_DENIED;
+ Status = EFI_ACCESS_DENIED;
+ break;
case TPM_RC_NV_RANGE:
- return EFI_BAD_BUFFER_SIZE;
+ Status = EFI_BAD_BUFFER_SIZE;
+ break;
case TPM_RC_HANDLE + RC_NV_Write_nvIndex: // TPM_RC_NV_DEFINED:
- return EFI_NOT_FOUND;
+ Status = EFI_NOT_FOUND;
+ break;
case TPM_RC_HANDLE + RC_NV_Write_authHandle: // TPM_RC_NV_DEFINED:
- return EFI_INVALID_PARAMETER;
+ Status = EFI_INVALID_PARAMETER;
+ break;
case TPM_RC_VALUE + RC_NV_Write_nvIndex:
case TPM_RC_VALUE + RC_NV_Write_authHandle:
- return EFI_INVALID_PARAMETER;
+ Status = EFI_INVALID_PARAMETER;
+ break;
case TPM_RC_BAD_AUTH + RC_NV_Write_authHandle + TPM_RC_S:
- return EFI_INVALID_PARAMETER;
+ Status = EFI_INVALID_PARAMETER;
+ break;
case TPM_RC_AUTH_UNAVAILABLE:
- return EFI_INVALID_PARAMETER;
+ Status = EFI_INVALID_PARAMETER;
+ break;
case TPM_RC_AUTH_FAIL + RC_NV_Write_authHandle + TPM_RC_S:
- return EFI_INVALID_PARAMETER;
+ Status = EFI_INVALID_PARAMETER;
+ break;
+ case TPM_RC_ATTRIBUTES + RC_NV_Write_authHandle + TPM_RC_S:
+ Status = EFI_UNSUPPORTED;
+ break;
default:
- return EFI_DEVICE_ERROR;
- case TPM_RC_ATTRIBUTES + RC_NV_Write_authHandle + TPM_RC_S:
- return EFI_UNSUPPORTED;
+ Status = EFI_DEVICE_ERROR;
+ break;
}
+
+Done:
+ //
+ // Clear AuthSession Content
+ //
+ ZeroMem (&SendBuffer, sizeof(SendBuffer));
+ ZeroMem (&RecvBuffer, sizeof(RecvBuffer));
+ return Status;
}
/**
@@ -759,12 +830,13 @@
RecvBufferSize = sizeof (RecvBuffer);
Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer,
&RecvBufferSize, (UINT8 *)&RecvBuffer);
if (EFI_ERROR (Status)) {
- return Status;
+ goto Done;
}
if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER)) {
DEBUG ((EFI_D_ERROR, "Tpm2NvReadLock - RecvBufferSize Error - %x\n",
RecvBufferSize));
- return EFI_DEVICE_ERROR;
+ Status = EFI_DEVICE_ERROR;
+ goto Done;
}
ResponseCode = SwapBytes32(RecvBuffer.Header.responseCode);
@@ -776,10 +848,17 @@
// return data
break;
default:
- return EFI_DEVICE_ERROR;
+ Status = EFI_DEVICE_ERROR;
+ break;
}
- return EFI_SUCCESS;
+Done:
+ //
+ // Clear AuthSession Content
+ //
+ ZeroMem (&SendBuffer, sizeof(SendBuffer));
+ ZeroMem (&RecvBuffer, sizeof(RecvBuffer));
+ return Status;
}
/**
@@ -838,12 +917,13 @@
RecvBufferSize = sizeof (RecvBuffer);
Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer,
&RecvBufferSize, (UINT8 *)&RecvBuffer);
if (EFI_ERROR (Status)) {
- return Status;
+ goto Done;
}
if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER)) {
DEBUG ((EFI_D_ERROR, "Tpm2NvWriteLock - RecvBufferSize Error - %x\n",
RecvBufferSize));
- return EFI_DEVICE_ERROR;
+ Status = EFI_DEVICE_ERROR;
+ goto Done;
}
ResponseCode = SwapBytes32(RecvBuffer.Header.responseCode);
@@ -855,10 +935,17 @@
// return data
break;
default:
- return EFI_DEVICE_ERROR;
+ Status = EFI_DEVICE_ERROR;
+ break;
}
- return EFI_SUCCESS;
+Done:
+ //
+ // Clear AuthSession Content
+ //
+ ZeroMem (&SendBuffer, sizeof(SendBuffer));
+ ZeroMem (&RecvBuffer, sizeof(RecvBuffer));
+ return Status;
}
/**
@@ -914,12 +1001,13 @@
RecvBufferSize = sizeof (RecvBuffer);
Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer,
&RecvBufferSize, (UINT8 *)&RecvBuffer);
if (EFI_ERROR (Status)) {
- return Status;
+ goto Done;
}
if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER)) {
DEBUG ((EFI_D_ERROR, "Tpm2NvGlobalWriteLock - RecvBufferSize Error -
%x\n", RecvBufferSize));
- return EFI_DEVICE_ERROR;
+ Status = EFI_DEVICE_ERROR;
+ goto Done;
}
ResponseCode = SwapBytes32(RecvBuffer.Header.responseCode);
@@ -931,8 +1019,15 @@
// return data
break;
default:
- return EFI_DEVICE_ERROR;
+ Status = EFI_DEVICE_ERROR;
+ break;
}
- return EFI_SUCCESS;
+Done:
+ //
+ // Clear AuthSession Content
+ //
+ ZeroMem (&SendBuffer, sizeof(SendBuffer));
+ ZeroMem (&RecvBuffer, sizeof(RecvBuffer));
+ return Status;
}
------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=267308311&iu=/4140
_______________________________________________
edk2-commits mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/edk2-commits
