]> git.proxmox.com Git - mirror_edk2.git/blob - SecurityPkg/Library/Tpm2CommandLib/Tpm2Hierarchy.c
projects / mirror_edk2.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Add TPM2 implementation.
[mirror_edk2.git] / SecurityPkg / Library / Tpm2CommandLib / Tpm2Hierarchy.c
1 /** @file
2 Implement TPM2 Hierarchy related command.
3
4 Copyright (c) 2013, Intel Corporation. All rights reserved. <BR>
5 This program and the accompanying materials
6 are licensed and made available under the terms and conditions of the BSD License
7 which accompanies this distribution. The full text of the license may be found at
8 http://opensource.org/licenses/bsd-license.php
9
10 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
11 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
12
13 **/
14
15 #include <IndustryStandard/UefiTcgPlatform.h>
16 #include <Library/Tpm2CommandLib.h>
17 #include <Library/Tpm2DeviceLib.h>
18 #include <Library/BaseMemoryLib.h>
19 #include <Library/BaseLib.h>
20 #include <Library/DebugLib.h>
21
22 #pragma pack(1)
23
24 typedef struct {
25 TPM2_COMMAND_HEADER Header;
26 TPMI_RH_CLEAR AuthHandle;
27 UINT32 AuthorizationSize;
28 TPMS_AUTH_COMMAND AuthSession;
29 } TPM2_CLEAR_COMMAND;
30
31 typedef struct {
32 TPM2_RESPONSE_HEADER Header;
33 UINT32 ParameterSize;
34 TPMS_AUTH_RESPONSE AuthSession;
35 } TPM2_CLEAR_RESPONSE;
36
37 typedef struct {
38 TPM2_COMMAND_HEADER Header;
39 TPMI_RH_CLEAR AuthHandle;
40 UINT32 AuthorizationSize;
41 TPMS_AUTH_COMMAND AuthSession;
42 TPMI_YES_NO Disable;
43 } TPM2_CLEAR_CONTROL_COMMAND;
44
45 typedef struct {
46 TPM2_RESPONSE_HEADER Header;
47 UINT32 ParameterSize;
48 TPMS_AUTH_RESPONSE AuthSession;
49 } TPM2_CLEAR_CONTROL_RESPONSE;
50
51 typedef struct {
52 TPM2_COMMAND_HEADER Header;
53 TPMI_RH_HIERARCHY_AUTH AuthHandle;
54 UINT32 AuthorizationSize;
55 TPMS_AUTH_COMMAND AuthSession;
56 TPM2B_AUTH NewAuth;
57 } TPM2_HIERARCHY_CHANGE_AUTH_COMMAND;
58
59 typedef struct {
60 TPM2_RESPONSE_HEADER Header;
61 UINT32 ParameterSize;
62 TPMS_AUTH_RESPONSE AuthSession;
63 } TPM2_HIERARCHY_CHANGE_AUTH_RESPONSE;
64
65 typedef struct {
66 TPM2_COMMAND_HEADER Header;
67 TPMI_RH_PLATFORM AuthHandle;
68 UINT32 AuthorizationSize;
69 TPMS_AUTH_COMMAND AuthSession;
70 } TPM2_CHANGE_EPS_COMMAND;
71
72 typedef struct {
73 TPM2_RESPONSE_HEADER Header;
74 UINT32 ParameterSize;
75 TPMS_AUTH_RESPONSE AuthSession;
76 } TPM2_CHANGE_EPS_RESPONSE;
77
78 typedef struct {
79 TPM2_COMMAND_HEADER Header;
80 TPMI_RH_PLATFORM AuthHandle;
81 UINT32 AuthorizationSize;
82 TPMS_AUTH_COMMAND AuthSession;
83 } TPM2_CHANGE_PPS_COMMAND;
84
85 typedef struct {
86 TPM2_RESPONSE_HEADER Header;
87 UINT32 ParameterSize;
88 TPMS_AUTH_RESPONSE AuthSession;
89 } TPM2_CHANGE_PPS_RESPONSE;
90
91 typedef struct {
92 TPM2_COMMAND_HEADER Header;
93 TPMI_RH_HIERARCHY AuthHandle;
94 UINT32 AuthorizationSize;
95 TPMS_AUTH_COMMAND AuthSession;
96 TPMI_RH_HIERARCHY Hierarchy;
97 TPMI_YES_NO State;
98 } TPM2_HIERARCHY_CONTROL_COMMAND;
99
100 typedef struct {
101 TPM2_RESPONSE_HEADER Header;
102 UINT32 ParameterSize;
103 TPMS_AUTH_RESPONSE AuthSession;
104 } TPM2_HIERARCHY_CONTROL_RESPONSE;
105
106 #pragma pack()
107
108 /**
109 This command removes all TPM context associated with a specific Owner.
110
111 @param[in] AuthHandle TPM_RH_LOCKOUT or TPM_RH_PLATFORM+{PP}
112 @param[in] AuthSession Auth Session context
113
114 @retval EFI_SUCCESS Operation completed successfully.
115 @retval EFI_DEVICE_ERROR Unexpected device behavior.
116 **/
117 EFI_STATUS
118 EFIAPI
119 Tpm2Clear (
120 IN TPMI_RH_CLEAR AuthHandle,
121 IN TPMS_AUTH_COMMAND *AuthSession OPTIONAL
122 )
123 {
124 EFI_STATUS Status;
125 TPM2_CLEAR_COMMAND Cmd;
126 TPM2_CLEAR_RESPONSE Res;
127 UINT32 ResultBufSize;
128 UINT32 CmdSize;
129 UINT32 RespSize;
130 UINT8 *Buffer;
131 UINT32 SessionInfoSize;
132
133 Cmd.Header.tag = SwapBytes16(TPM_ST_SESSIONS);
134 Cmd.Header.commandCode = SwapBytes32(TPM_CC_Clear);
135 Cmd.AuthHandle = SwapBytes32(AuthHandle);
136
137 //
138 // Add in Auth session
139 //
140 Buffer = (UINT8 *)&Cmd.AuthSession;
141
142 // sessionInfoSize
143 SessionInfoSize = CopyAuthSessionCommand (AuthSession, Buffer);
144 Buffer += SessionInfoSize;
145 Cmd.AuthorizationSize = SwapBytes32(SessionInfoSize);
146
147 CmdSize = (UINT32)(Buffer - (UINT8 *)&Cmd);
148 Cmd.Header.paramSize = SwapBytes32(CmdSize);
149
150 ResultBufSize = sizeof(Res);
151 Status = Tpm2SubmitCommand (CmdSize, (UINT8 *)&Cmd, &ResultBufSize, (UINT8 *)&Res);
152 if (EFI_ERROR(Status)) {
153 return Status;
154 }
155
156 if (ResultBufSize > sizeof(Res)) {
157 DEBUG ((EFI_D_ERROR, "Clear: Failed ExecuteCommand: Buffer Too Small\r\n"));
158 return EFI_BUFFER_TOO_SMALL;
159 }
160
161 //
162 // Validate response headers
163 //
164 RespSize = SwapBytes32(Res.Header.paramSize);
165 if (RespSize > sizeof(Res)) {
166 DEBUG ((EFI_D_ERROR, "Clear: Response size too large! %d\r\n", RespSize));
167 return EFI_BUFFER_TOO_SMALL;
168 }
169
170 //
171 // Fail if command failed
172 //
173 if (SwapBytes32(Res.Header.responseCode) != TPM_RC_SUCCESS) {
174 DEBUG ((EFI_D_ERROR, "Clear: Response Code error! 0x%08x\r\n", SwapBytes32(Res.Header.responseCode)));
175 return EFI_DEVICE_ERROR;
176 }
177
178 //
179 // Unmarshal the response
180 //
181
182 // None
183
184 return EFI_SUCCESS;
185 }
186
187 /**
188 Disables and enables the execution of TPM2_Clear().
189
190 @param[in] AuthHandle TPM_RH_LOCKOUT or TPM_RH_PLATFORM+{PP}
191 @param[in] AuthSession Auth Session context
192 @param[in] Disable YES if the disableOwnerClear flag is to be SET,
193 NO if the flag is to be CLEAR.
194
195 @retval EFI_SUCCESS Operation completed successfully.
196 @retval EFI_DEVICE_ERROR Unexpected device behavior.
197 **/
198 EFI_STATUS
199 EFIAPI
200 Tpm2ClearControl (
201 IN TPMI_RH_CLEAR AuthHandle,
202 IN TPMS_AUTH_COMMAND *AuthSession, OPTIONAL
203 IN TPMI_YES_NO Disable
204 )
205 {
206 EFI_STATUS Status;
207 TPM2_CLEAR_CONTROL_COMMAND Cmd;
208 TPM2_CLEAR_CONTROL_RESPONSE Res;
209 UINT32 ResultBufSize;
210 UINT32 CmdSize;
211 UINT32 RespSize;
212 UINT8 *Buffer;
213 UINT32 SessionInfoSize;
214
215 Cmd.Header.tag = SwapBytes16(TPM_ST_SESSIONS);
216 Cmd.Header.commandCode = SwapBytes32(TPM_CC_ClearControl);
217 Cmd.AuthHandle = SwapBytes32(AuthHandle);
218
219 //
220 // Add in Auth session
221 //
222 Buffer = (UINT8 *)&Cmd.AuthSession;
223
224 // sessionInfoSize
225 SessionInfoSize = CopyAuthSessionCommand (AuthSession, Buffer);
226 Buffer += SessionInfoSize;
227 Cmd.AuthorizationSize = SwapBytes32(SessionInfoSize);
228
229 // disable
230 *(UINT8 *)Buffer = Disable;
231 Buffer += sizeof(UINT8);
232
233 CmdSize = (UINT32)(Buffer - (UINT8 *)&Cmd);
234 Cmd.Header.paramSize = SwapBytes32(CmdSize);
235
236 ResultBufSize = sizeof(Res);
237 Status = Tpm2SubmitCommand (CmdSize, (UINT8 *)&Cmd, &ResultBufSize, (UINT8 *)&Res);
238 if (EFI_ERROR(Status)) {
239 return Status;
240 }
241
242 if (ResultBufSize > sizeof(Res)) {
243 DEBUG ((EFI_D_ERROR, "ClearControl: Failed ExecuteCommand: Buffer Too Small\r\n"));
244 return EFI_BUFFER_TOO_SMALL;
245 }
246
247 //
248 // Validate response headers
249 //
250 RespSize = SwapBytes32(Res.Header.paramSize);
251 if (RespSize > sizeof(Res)) {
252 DEBUG ((EFI_D_ERROR, "ClearControl: Response size too large! %d\r\n", RespSize));
253 return EFI_BUFFER_TOO_SMALL;
254 }
255
256 //
257 // Fail if command failed
258 //
259 if (SwapBytes32(Res.Header.responseCode) != TPM_RC_SUCCESS) {
260 DEBUG ((EFI_D_ERROR, "ClearControl: Response Code error! 0x%08x\r\n", SwapBytes32(Res.Header.responseCode)));
261 return EFI_DEVICE_ERROR;
262 }
263
264 //
265 // Unmarshal the response
266 //
267
268 // None
269
270 return EFI_SUCCESS;
271 }
272
273 /**
274 This command allows the authorization secret for a hierarchy or lockout to be changed using the current
275 authorization value as the command authorization.
276
277 @param[in] AuthHandle TPM_RH_LOCKOUT, TPM_RH_ENDORSEMENT, TPM_RH_OWNER or TPM_RH_PLATFORM+{PP}
278 @param[in] AuthSession Auth Session context
279 @param[in] NewAuth New authorization secret
280
281 @retval EFI_SUCCESS Operation completed successfully.
282 @retval EFI_DEVICE_ERROR Unexpected device behavior.
283 **/
284 EFI_STATUS
285 EFIAPI
286 Tpm2HierarchyChangeAuth (
287 IN TPMI_RH_HIERARCHY_AUTH AuthHandle,
288 IN TPMS_AUTH_COMMAND *AuthSession,
289 IN TPM2B_AUTH *NewAuth
290 )
291 {
292 EFI_STATUS Status;
293 TPM2_HIERARCHY_CHANGE_AUTH_COMMAND Cmd;
294 TPM2_HIERARCHY_CHANGE_AUTH_RESPONSE Res;
295 UINT32 CmdSize;
296 UINT32 RespSize;
297 UINT8 *Buffer;
298 UINT32 SessionInfoSize;
299 UINT8 *ResultBuf;
300 UINT32 ResultBufSize;
301
302 //
303 // Construct command
304 //
305 Cmd.Header.tag = SwapBytes16(TPM_ST_SESSIONS);
306 Cmd.Header.paramSize = SwapBytes32(sizeof(Cmd));
307 Cmd.Header.commandCode = SwapBytes32(TPM_CC_HierarchyChangeAuth);
308 Cmd.AuthHandle = SwapBytes32(AuthHandle);
309
310 //
311 // Add in Auth session
312 //
313 Buffer = (UINT8 *)&Cmd.AuthSession;
314
315 // sessionInfoSize
316 SessionInfoSize = CopyAuthSessionCommand (AuthSession, Buffer);
317 Buffer += SessionInfoSize;
318 Cmd.AuthorizationSize = SwapBytes32(SessionInfoSize);
319
320 // New Authorization size
321 WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16(NewAuth->size));
322 Buffer += sizeof(UINT16);
323
324 // New Authorizeation
325 CopyMem(Buffer, NewAuth->buffer, NewAuth->size);
326 Buffer += NewAuth->size;
327
328 CmdSize = (UINT32)(Buffer - (UINT8 *)&Cmd);
329 Cmd.Header.paramSize = SwapBytes32(CmdSize);
330
331 ResultBuf = (UINT8 *) &Res;
332 ResultBufSize = sizeof(Res);
333
334 //
335 // Call the TPM
336 //
337 Status = Tpm2SubmitCommand (
338 CmdSize,
339 (UINT8 *)&Cmd,
340 &ResultBufSize,
341 ResultBuf
342 );
343
344 if (ResultBufSize > sizeof(Res)) {
345 DEBUG ((EFI_D_ERROR, "HierarchyChangeAuth: Failed ExecuteCommand: Buffer Too Small\r\n"));
346 return EFI_BUFFER_TOO_SMALL;
347 }
348
349 //
350 // Validate response headers
351 //
352 RespSize = SwapBytes32(Res.Header.paramSize);
353 if (RespSize > sizeof(Res)) {
354 DEBUG ((EFI_D_ERROR, "HierarchyChangeAuth: Response size too large! %d\r\n", RespSize));
355 return EFI_BUFFER_TOO_SMALL;
356 }
357
358 //
359 // Fail if command failed
360 //
361 if (SwapBytes32(Res.Header.responseCode) != TPM_RC_SUCCESS) {
362 DEBUG((EFI_D_ERROR,"HierarchyChangeAuth: Response Code error! 0x%08x\r\n", SwapBytes32(Res.Header.responseCode)));
363 return EFI_DEVICE_ERROR;
364 }
365
366 return EFI_SUCCESS;
367 }
368
369 /**
370 This replaces the current EPS with a value from the RNG and sets the Endorsement hierarchy controls to
371 their default initialization values.
372
373 @param[in] AuthHandle TPM_RH_PLATFORM+{PP}
374 @param[in] AuthSession Auth Session context
375
376 @retval EFI_SUCCESS Operation completed successfully.
377 @retval EFI_DEVICE_ERROR Unexpected device behavior.
378 **/
379 EFI_STATUS
380 EFIAPI
381 Tpm2ChangeEPS (
382 IN TPMI_RH_PLATFORM AuthHandle,
383 IN TPMS_AUTH_COMMAND *AuthSession
384 )
385 {
386 EFI_STATUS Status;
387 TPM2_CHANGE_EPS_COMMAND Cmd;
388 TPM2_CHANGE_EPS_RESPONSE Res;
389 UINT32 CmdSize;
390 UINT32 RespSize;
391 UINT8 *Buffer;
392 UINT32 SessionInfoSize;
393 UINT8 *ResultBuf;
394 UINT32 ResultBufSize;
395
396 //
397 // Construct command
398 //
399 Cmd.Header.tag = SwapBytes16(TPM_ST_SESSIONS);
400 Cmd.Header.paramSize = SwapBytes32(sizeof(Cmd));
401 Cmd.Header.commandCode = SwapBytes32(TPM_CC_ChangeEPS);
402 Cmd.AuthHandle = SwapBytes32(AuthHandle);
403
404 //
405 // Add in Auth session
406 //
407 Buffer = (UINT8 *)&Cmd.AuthSession;
408
409 // sessionInfoSize
410 SessionInfoSize = CopyAuthSessionCommand (AuthSession, Buffer);
411 Buffer += SessionInfoSize;
412 Cmd.AuthorizationSize = SwapBytes32(SessionInfoSize);
413
414 CmdSize = (UINT32)(Buffer - (UINT8 *)&Cmd);
415 Cmd.Header.paramSize = SwapBytes32(CmdSize);
416
417 ResultBuf = (UINT8 *) &Res;
418 ResultBufSize = sizeof(Res);
419
420 //
421 // Call the TPM
422 //
423 Status = Tpm2SubmitCommand (
424 CmdSize,
425 (UINT8 *)&Cmd,
426 &ResultBufSize,
427 ResultBuf
428 );
429
430 if (ResultBufSize > sizeof(Res)) {
431 DEBUG ((EFI_D_ERROR, "ChangeEPS: Failed ExecuteCommand: Buffer Too Small\r\n"));
432 return EFI_BUFFER_TOO_SMALL;
433 }
434
435 //
436 // Validate response headers
437 //
438 RespSize = SwapBytes32(Res.Header.paramSize);
439 if (RespSize > sizeof(Res)) {
440 DEBUG ((EFI_D_ERROR, "ChangeEPS: Response size too large! %d\r\n", RespSize));
441 return EFI_BUFFER_TOO_SMALL;
442 }
443
444 //
445 // Fail if command failed
446 //
447 if (SwapBytes32(Res.Header.responseCode) != TPM_RC_SUCCESS) {
448 DEBUG((EFI_D_ERROR,"ChangeEPS: Response Code error! 0x%08x\r\n", SwapBytes32(Res.Header.responseCode)));
449 return EFI_DEVICE_ERROR;
450 }
451
452 return EFI_SUCCESS;
453 }
454
455 /**
456 This replaces the current PPS with a value from the RNG and sets platformPolicy to the default
457 initialization value (the Empty Buffer).
458
459 @param[in] AuthHandle TPM_RH_PLATFORM+{PP}
460 @param[in] AuthSession Auth Session context
461
462 @retval EFI_SUCCESS Operation completed successfully.
463 @retval EFI_DEVICE_ERROR Unexpected device behavior.
464 **/
465 EFI_STATUS
466 EFIAPI
467 Tpm2ChangePPS (
468 IN TPMI_RH_PLATFORM AuthHandle,
469 IN TPMS_AUTH_COMMAND *AuthSession
470 )
471 {
472 EFI_STATUS Status;
473 TPM2_CHANGE_PPS_COMMAND Cmd;
474 TPM2_CHANGE_PPS_RESPONSE Res;
475 UINT32 CmdSize;
476 UINT32 RespSize;
477 UINT8 *Buffer;
478 UINT32 SessionInfoSize;
479 UINT8 *ResultBuf;
480 UINT32 ResultBufSize;
481
482 //
483 // Construct command
484 //
485 Cmd.Header.tag = SwapBytes16(TPM_ST_SESSIONS);
486 Cmd.Header.paramSize = SwapBytes32(sizeof(Cmd));
487 Cmd.Header.commandCode = SwapBytes32(TPM_CC_ChangePPS);
488 Cmd.AuthHandle = SwapBytes32(AuthHandle);
489
490 //
491 // Add in Auth session
492 //
493 Buffer = (UINT8 *)&Cmd.AuthSession;
494
495 // sessionInfoSize
496 SessionInfoSize = CopyAuthSessionCommand (AuthSession, Buffer);
497 Buffer += SessionInfoSize;
498 Cmd.AuthorizationSize = SwapBytes32(SessionInfoSize);
499
500 CmdSize = (UINT32)(Buffer - (UINT8 *)&Cmd);
501 Cmd.Header.paramSize = SwapBytes32(CmdSize);
502
503 ResultBuf = (UINT8 *) &Res;
504 ResultBufSize = sizeof(Res);
505
506 //
507 // Call the TPM
508 //
509 Status = Tpm2SubmitCommand (
510 CmdSize,
511 (UINT8 *)&Cmd,
512 &ResultBufSize,
513 ResultBuf
514 );
515
516 if (ResultBufSize > sizeof(Res)) {
517 DEBUG ((EFI_D_ERROR, "ChangePPS: Failed ExecuteCommand: Buffer Too Small\r\n"));
518 return EFI_BUFFER_TOO_SMALL;
519 }
520
521 //
522 // Validate response headers
523 //
524 RespSize = SwapBytes32(Res.Header.paramSize);
525 if (RespSize > sizeof(Res)) {
526 DEBUG ((EFI_D_ERROR, "ChangePPS: Response size too large! %d\r\n", RespSize));
527 return EFI_BUFFER_TOO_SMALL;
528 }
529
530 //
531 // Fail if command failed
532 //
533 if (SwapBytes32(Res.Header.responseCode) != TPM_RC_SUCCESS) {
534 DEBUG((EFI_D_ERROR,"ChangePPS: Response Code error! 0x%08x\r\n", SwapBytes32(Res.Header.responseCode)));
535 return EFI_DEVICE_ERROR;
536 }
537
538 return EFI_SUCCESS;
539 }
540
541 /**
542 This command enables and disables use of a hierarchy.
543
544 @param[in] AuthHandle TPM_RH_ENDORSEMENT, TPM_RH_OWNER or TPM_RH_PLATFORM+{PP}
545 @param[in] AuthSession Auth Session context
546 @param[in] Hierarchy Hierarchy of the enable being modified
547 @param[in] State YES if the enable should be SET,
548 NO if the enable should be CLEAR
549
550 @retval EFI_SUCCESS Operation completed successfully.
551 @retval EFI_DEVICE_ERROR Unexpected device behavior.
552 **/
553 EFI_STATUS
554 EFIAPI
555 Tpm2HierarchyControl (
556 IN TPMI_RH_HIERARCHY AuthHandle,
557 IN TPMS_AUTH_COMMAND *AuthSession,
558 IN TPMI_RH_HIERARCHY Hierarchy,
559 IN TPMI_YES_NO State
560 )
561 {
562 EFI_STATUS Status;
563 TPM2_HIERARCHY_CONTROL_COMMAND Cmd;
564 TPM2_HIERARCHY_CONTROL_RESPONSE Res;
565 UINT32 CmdSize;
566 UINT32 RespSize;
567 UINT8 *Buffer;
568 UINT32 SessionInfoSize;
569 UINT8 *ResultBuf;
570 UINT32 ResultBufSize;
571
572 //
573 // Construct command
574 //
575 Cmd.Header.tag = SwapBytes16(TPM_ST_SESSIONS);
576 Cmd.Header.paramSize = SwapBytes32(sizeof(Cmd));
577 Cmd.Header.commandCode = SwapBytes32(TPM_CC_HierarchyControl);
578 Cmd.AuthHandle = SwapBytes32(AuthHandle);
579
580 //
581 // Add in Auth session
582 //
583 Buffer = (UINT8 *)&Cmd.AuthSession;
584
585 // sessionInfoSize
586 SessionInfoSize = CopyAuthSessionCommand (AuthSession, Buffer);
587 Buffer += SessionInfoSize;
588 Cmd.AuthorizationSize = SwapBytes32(SessionInfoSize);
589
590 WriteUnaligned32 ((UINT32 *)Buffer, SwapBytes32(Hierarchy));
591 Buffer += sizeof(UINT32);
592
593 *(UINT8 *)Buffer = State;
594 Buffer += sizeof(UINT8);
595
596 CmdSize = (UINT32)(Buffer - (UINT8 *)&Cmd);
597 Cmd.Header.paramSize = SwapBytes32(CmdSize);
598
599 ResultBuf = (UINT8 *) &Res;
600 ResultBufSize = sizeof(Res);
601
602 //
603 // Call the TPM
604 //
605 Status = Tpm2SubmitCommand (
606 CmdSize,
607 (UINT8 *)&Cmd,
608 &ResultBufSize,
609 ResultBuf
610 );
611
612 if (ResultBufSize > sizeof(Res)) {
613 DEBUG ((EFI_D_ERROR, "HierarchyControl: Failed ExecuteCommand: Buffer Too Small\r\n"));
614 return EFI_BUFFER_TOO_SMALL;
615 }
616
617 //
618 // Validate response headers
619 //
620 RespSize = SwapBytes32(Res.Header.paramSize);
621 if (RespSize > sizeof(Res)) {
622 DEBUG ((EFI_D_ERROR, "HierarchyControl: Response size too large! %d\r\n", RespSize));
623 return EFI_BUFFER_TOO_SMALL;
624 }
625
626 //
627 // Fail if command failed
628 //
629 if (SwapBytes32(Res.Header.responseCode) != TPM_RC_SUCCESS) {
630 DEBUG((EFI_D_ERROR,"HierarchyControl: Response Code error! 0x%08x\r\n", SwapBytes32(Res.Header.responseCode)));
631 return EFI_DEVICE_ERROR;
632 }
633
634 return EFI_SUCCESS;
635 }
EFI Development Kit II mirror for PVE