case TCG2_PHYSICAL_PRESENCE_SET_PCR_BANKS:\r
Status = Tpm2GetCapabilitySupportedAndActivePcrs (&TpmHashAlgorithmBitmap, &ActivePcrBanks);\r
ASSERT_EFI_ERROR (Status);\r
+\r
+ //\r
+ // PP spec requirements:\r
+ // Firmware should check that all requested (set) hashing algorithms are supported with respective PCR banks.\r
+ // Firmware has to ensure that at least one PCR banks is active.\r
+ // If not, an error is returned and no action is taken.\r
+ //\r
+ if (CommandParameter == 0 || (CommandParameter & (~TpmHashAlgorithmBitmap)) != 0) {\r
+ DEBUG((DEBUG_ERROR, "PCR banks %x to allocate are not supported by TPM. Skip operation\n", CommandParameter));\r
+ return TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE;\r
+ }\r
+\r
Status = Tpm2PcrAllocateBanks (PlatformAuth, TpmHashAlgorithmBitmap, CommandParameter);\r
if (EFI_ERROR (Status)) {\r
return TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE;\r