/** @file\r
Implement TPM2 NVStorage related command.\r
\r
-Copyright (c) 2013, Intel Corporation. All rights reserved. <BR>\r
-This program and the accompanying materials\r
-are licensed and made available under the terms and conditions of the BSD License\r
-which accompanies this distribution. The full text of the license may be found at\r
-http://opensource.org/licenses/bsd-license.php\r
-\r
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
+Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved. <BR>\r
+SPDX-License-Identifier: BSD-2-Clause-Patent\r
\r
**/\r
\r
@param[in] NvIndex The NV Index.\r
@param[out] NvPublic The public area of the index.\r
@param[out] NvName The Name of the nvIndex.\r
- \r
+\r
@retval EFI_SUCCESS Operation completed successfully.\r
@retval EFI_DEVICE_ERROR The command was unsuccessful.\r
@retval EFI_NOT_FOUND The command was returned successfully, but NvIndex is not found.\r
SendBuffer.Header.commandCode = SwapBytes32(TPM_CC_NV_ReadPublic);\r
\r
SendBuffer.NvIndex = SwapBytes32 (NvIndex);\r
- \r
+\r
SendBufferSize = (UINT32) sizeof (SendBuffer);\r
SendBuffer.Header.paramSize = SwapBytes32 (SendBufferSize);\r
\r
// Basic check\r
//\r
NvPublicSize = SwapBytes16 (RecvBuffer.NvPublic.size);\r
+ if (NvPublicSize > sizeof(TPMS_NV_PUBLIC)) {\r
+ DEBUG ((DEBUG_ERROR, "Tpm2NvReadPublic - NvPublic.size error %x\n", NvPublicSize));\r
+ return EFI_DEVICE_ERROR;\r
+ }\r
+\r
NvNameSize = SwapBytes16 (ReadUnaligned16 ((UINT16 *)((UINT8 *)&RecvBuffer + sizeof(TPM2_RESPONSE_HEADER) + sizeof(UINT16) + NvPublicSize)));\r
+ if (NvNameSize > sizeof(TPMU_NAME)){\r
+ DEBUG ((DEBUG_ERROR, "Tpm2NvReadPublic - NvNameSize error %x\n", NvNameSize));\r
+ return EFI_DEVICE_ERROR;\r
+ }\r
\r
if (RecvBufferSize != sizeof(TPM2_RESPONSE_HEADER) + sizeof(UINT16) + NvPublicSize + sizeof(UINT16) + NvNameSize) {\r
- DEBUG ((EFI_D_ERROR, "Tpm2NvReadPublic - RecvBufferSize Error - NvPublicSize %x, NvNameSize %x\n", RecvBufferSize, NvNameSize));\r
+ DEBUG ((EFI_D_ERROR, "Tpm2NvReadPublic - RecvBufferSize Error - NvPublicSize %x\n", RecvBufferSize));\r
return EFI_NOT_FOUND;\r
}\r
\r
NvPublic->nvPublic.nameAlg = SwapBytes16 (NvPublic->nvPublic.nameAlg);\r
WriteUnaligned32 ((UINT32 *)&NvPublic->nvPublic.attributes, SwapBytes32 (ReadUnaligned32 ((UINT32 *)&NvPublic->nvPublic.attributes)));\r
NvPublic->nvPublic.authPolicy.size = SwapBytes16 (NvPublic->nvPublic.authPolicy.size);\r
- Buffer = (UINT8 *)&NvPublic->nvPublic.authPolicy;\r
+ Buffer = (UINT8 *)&RecvBuffer.NvPublic.nvPublic.authPolicy;\r
Buffer += sizeof(UINT16) + NvPublic->nvPublic.authPolicy.size;\r
NvPublic->nvPublic.dataSize = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));\r
\r
- CopyMem (NvName, (UINT8 *)&RecvBuffer + sizeof(TPM2_RESPONSE_HEADER) + sizeof(UINT16) + NvPublicSize, NvNameSize);\r
+ CopyMem (NvName->name, (UINT8 *)&RecvBuffer + sizeof(TPM2_RESPONSE_HEADER) + sizeof(UINT16) + NvPublicSize + sizeof(UINT16), NvNameSize);\r
NvName->size = NvNameSize;\r
- \r
+\r
return EFI_SUCCESS;\r
}\r
\r
@param[in] AuthSession Auth Session context\r
@param[in] Auth The authorization data.\r
@param[in] NvPublic The public area of the index.\r
- \r
+\r
@retval EFI_SUCCESS Operation completed successfully.\r
@retval EFI_DEVICE_ERROR The command was unsuccessful.\r
@retval EFI_ALREADY_STARTED The command was returned successfully, but NvIndex is already defined.\r
RecvBufferSize = sizeof (RecvBuffer);\r
Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);\r
if (EFI_ERROR (Status)) {\r
- return Status;\r
+ goto Done;\r
}\r
\r
if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER)) {\r
DEBUG ((EFI_D_ERROR, "Tpm2NvDefineSpace - RecvBufferSize Error - %x\n", RecvBufferSize));\r
- return EFI_DEVICE_ERROR;\r
+ Status = EFI_DEVICE_ERROR;\r
+ goto Done;\r
}\r
\r
ResponseCode = SwapBytes32(RecvBuffer.Header.responseCode);\r
break;\r
case TPM_RC_SIZE + RC_NV_DefineSpace_publicInfo:\r
case TPM_RC_SIZE + RC_NV_DefineSpace_auth:\r
- return EFI_BAD_BUFFER_SIZE;\r
+ Status = EFI_BAD_BUFFER_SIZE;\r
+ break;\r
case TPM_RC_ATTRIBUTES:\r
case TPM_RC_ATTRIBUTES + RC_NV_DefineSpace_publicInfo:\r
- return EFI_UNSUPPORTED;\r
+ Status = EFI_UNSUPPORTED;\r
+ break;\r
case TPM_RC_ATTRIBUTES + RC_NV_DefineSpace_authHandle:\r
- return EFI_INVALID_PARAMETER;\r
+ Status = EFI_INVALID_PARAMETER;\r
+ break;\r
case TPM_RC_NV_DEFINED:\r
- return EFI_ALREADY_STARTED;\r
+ Status = EFI_ALREADY_STARTED;\r
+ break;\r
case TPM_RC_VALUE + RC_NV_DefineSpace_publicInfo:\r
case TPM_RC_VALUE + RC_NV_DefineSpace_authHandle:\r
- return EFI_INVALID_PARAMETER;\r
+ Status = EFI_INVALID_PARAMETER;\r
+ break;\r
case TPM_RC_NV_SPACE:\r
- return EFI_OUT_OF_RESOURCES;\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ break;\r
default:\r
- return EFI_DEVICE_ERROR;\r
+ Status = EFI_DEVICE_ERROR;\r
+ break;\r
}\r
- \r
- return EFI_SUCCESS;\r
+\r
+Done:\r
+ //\r
+ // Clear AuthSession Content\r
+ //\r
+ ZeroMem (&SendBuffer, sizeof(SendBuffer));\r
+ ZeroMem (&RecvBuffer, sizeof(RecvBuffer));\r
+ return Status;\r
}\r
\r
/**\r
@param[in] AuthHandle TPM_RH_OWNER or TPM_RH_PLATFORM+{PP}.\r
@param[in] NvIndex The NV Index.\r
@param[in] AuthSession Auth Session context\r
- \r
+\r
@retval EFI_SUCCESS Operation completed successfully.\r
@retval EFI_DEVICE_ERROR The command was unsuccessful.\r
@retval EFI_NOT_FOUND The command was returned successfully, but NvIndex is not found.\r
RecvBufferSize = sizeof (RecvBuffer);\r
Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);\r
if (EFI_ERROR (Status)) {\r
- return Status;\r
+ goto Done;\r
}\r
\r
if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER)) {\r
DEBUG ((EFI_D_ERROR, "Tpm2NvUndefineSpace - RecvBufferSize Error - %x\n", RecvBufferSize));\r
- return EFI_DEVICE_ERROR;\r
+ Status = EFI_DEVICE_ERROR;\r
+ goto Done;\r
}\r
\r
ResponseCode = SwapBytes32(RecvBuffer.Header.responseCode);\r
break;\r
case TPM_RC_ATTRIBUTES:\r
case TPM_RC_ATTRIBUTES + RC_NV_UndefineSpace_nvIndex:\r
- return EFI_UNSUPPORTED;\r
+ Status = EFI_UNSUPPORTED;\r
+ break;\r
case TPM_RC_NV_AUTHORIZATION:\r
- return EFI_SECURITY_VIOLATION;\r
+ Status = EFI_SECURITY_VIOLATION;\r
+ break;\r
case TPM_RC_HANDLE + RC_NV_UndefineSpace_nvIndex: // TPM_RC_NV_DEFINED:\r
- return EFI_NOT_FOUND;\r
+ Status = EFI_NOT_FOUND;\r
+ break;\r
case TPM_RC_HANDLE + RC_NV_UndefineSpace_authHandle: // TPM_RC_NV_DEFINED:\r
- return EFI_INVALID_PARAMETER;\r
+ Status = EFI_INVALID_PARAMETER;\r
+ break;\r
case TPM_RC_VALUE + RC_NV_UndefineSpace_authHandle:\r
case TPM_RC_VALUE + RC_NV_UndefineSpace_nvIndex:\r
- return EFI_INVALID_PARAMETER;\r
+ Status = EFI_INVALID_PARAMETER;\r
+ break;\r
default:\r
- return EFI_DEVICE_ERROR;\r
+ Status = EFI_DEVICE_ERROR;\r
+ break;\r
}\r
\r
- return EFI_SUCCESS;\r
+Done:\r
+ //\r
+ // Clear AuthSession Content\r
+ //\r
+ ZeroMem (&SendBuffer, sizeof(SendBuffer));\r
+ ZeroMem (&RecvBuffer, sizeof(RecvBuffer));\r
+ return Status;\r
}\r
\r
/**\r
@param[in] Size Number of bytes to read.\r
@param[in] Offset Byte offset into the area.\r
@param[in,out] OutData The data read.\r
- \r
+\r
@retval EFI_SUCCESS Operation completed successfully.\r
@retval EFI_DEVICE_ERROR The command was unsuccessful.\r
@retval EFI_NOT_FOUND The command was returned successfully, but NvIndex is not found.\r
RecvBufferSize = sizeof (RecvBuffer);\r
Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);\r
if (EFI_ERROR (Status)) {\r
- return Status;\r
+ goto Done;\r
}\r
\r
if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER)) {\r
DEBUG ((EFI_D_ERROR, "Tpm2NvRead - RecvBufferSize Error - %x\n", RecvBufferSize));\r
- return EFI_DEVICE_ERROR;\r
+ Status = EFI_DEVICE_ERROR;\r
+ goto Done;\r
}\r
ResponseCode = SwapBytes32(RecvBuffer.Header.responseCode);\r
if (ResponseCode != TPM_RC_SUCCESS) {\r
// return data\r
break;\r
case TPM_RC_NV_AUTHORIZATION:\r
- return EFI_SECURITY_VIOLATION;\r
+ Status = EFI_SECURITY_VIOLATION;\r
+ break;\r
case TPM_RC_NV_LOCKED:\r
- return EFI_ACCESS_DENIED;\r
+ Status = EFI_ACCESS_DENIED;\r
+ break;\r
case TPM_RC_NV_RANGE:\r
- return EFI_BAD_BUFFER_SIZE;\r
+ Status = EFI_BAD_BUFFER_SIZE;\r
+ break;\r
case TPM_RC_NV_UNINITIALIZED:\r
- return EFI_NOT_READY;\r
+ Status = EFI_NOT_READY;\r
+ break;\r
case TPM_RC_HANDLE + RC_NV_Read_nvIndex: // TPM_RC_NV_DEFINED:\r
- return EFI_NOT_FOUND;\r
+ Status = EFI_NOT_FOUND;\r
+ break;\r
case TPM_RC_HANDLE + RC_NV_Read_authHandle: // TPM_RC_NV_DEFINED:\r
- return EFI_INVALID_PARAMETER;\r
+ Status = EFI_INVALID_PARAMETER;\r
+ break;\r
case TPM_RC_VALUE + RC_NV_Read_nvIndex:\r
case TPM_RC_VALUE + RC_NV_Read_authHandle:\r
- return EFI_INVALID_PARAMETER;\r
+ Status = EFI_INVALID_PARAMETER;\r
+ break;\r
case TPM_RC_BAD_AUTH + RC_NV_Read_authHandle + TPM_RC_S:\r
- return EFI_INVALID_PARAMETER;\r
+ Status = EFI_INVALID_PARAMETER;\r
+ break;\r
case TPM_RC_AUTH_UNAVAILABLE:\r
- return EFI_INVALID_PARAMETER;\r
+ Status = EFI_INVALID_PARAMETER;\r
+ break;\r
case TPM_RC_AUTH_FAIL + RC_NV_Read_authHandle + TPM_RC_S:\r
- return EFI_INVALID_PARAMETER;\r
- default:\r
- return EFI_DEVICE_ERROR;\r
+ Status = EFI_INVALID_PARAMETER;\r
+ break;\r
case TPM_RC_ATTRIBUTES + RC_NV_Read_authHandle + TPM_RC_S:\r
- return EFI_UNSUPPORTED;\r
+ Status = EFI_UNSUPPORTED;\r
+ break;\r
+ default:\r
+ Status = EFI_DEVICE_ERROR;\r
+ break;\r
+ }\r
+ if (Status != EFI_SUCCESS) {\r
+ goto Done;\r
}\r
\r
//\r
// Return the response\r
//\r
OutData->size = SwapBytes16 (RecvBuffer.Data.size);\r
+ if (OutData->size > MAX_DIGEST_BUFFER) {\r
+ DEBUG ((DEBUG_ERROR, "Tpm2NvRead - OutData->size error %x\n", OutData->size));\r
+ Status = EFI_DEVICE_ERROR;\r
+ goto Done;\r
+ }\r
+\r
CopyMem (OutData->buffer, &RecvBuffer.Data.buffer, OutData->size);\r
- \r
- return EFI_SUCCESS;\r
+\r
+Done:\r
+ //\r
+ // Clear AuthSession Content\r
+ //\r
+ ZeroMem (&SendBuffer, sizeof(SendBuffer));\r
+ ZeroMem (&RecvBuffer, sizeof(RecvBuffer));\r
+ return Status;\r
}\r
\r
/**\r
@param[in] AuthSession Auth Session context\r
@param[in] InData The data to write.\r
@param[in] Offset The offset into the NV Area.\r
- \r
+\r
@retval EFI_SUCCESS Operation completed successfully.\r
@retval EFI_DEVICE_ERROR The command was unsuccessful.\r
@retval EFI_NOT_FOUND The command was returned successfully, but NvIndex is not found.\r
RecvBufferSize = sizeof (RecvBuffer);\r
Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);\r
if (EFI_ERROR (Status)) {\r
- return Status;\r
+ goto Done;\r
}\r
\r
if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER)) {\r
DEBUG ((EFI_D_ERROR, "Tpm2NvWrite - RecvBufferSize Error - %x\n", RecvBufferSize));\r
- return EFI_DEVICE_ERROR;\r
+ Status = EFI_DEVICE_ERROR;\r
+ goto Done;\r
}\r
ResponseCode = SwapBytes32(RecvBuffer.Header.responseCode);\r
if (ResponseCode != TPM_RC_SUCCESS) {\r
}\r
switch (ResponseCode) {\r
case TPM_RC_SUCCESS:\r
- return EFI_SUCCESS;\r
+ // return data\r
+ break;\r
case TPM_RC_ATTRIBUTES:\r
- return EFI_UNSUPPORTED;\r
+ Status = EFI_UNSUPPORTED;\r
+ break;\r
case TPM_RC_NV_AUTHORIZATION:\r
- return EFI_SECURITY_VIOLATION;\r
+ Status = EFI_SECURITY_VIOLATION;\r
+ break;\r
case TPM_RC_NV_LOCKED:\r
- return EFI_ACCESS_DENIED;\r
+ Status = EFI_ACCESS_DENIED;\r
+ break;\r
case TPM_RC_NV_RANGE:\r
- return EFI_BAD_BUFFER_SIZE;\r
+ Status = EFI_BAD_BUFFER_SIZE;\r
+ break;\r
case TPM_RC_HANDLE + RC_NV_Write_nvIndex: // TPM_RC_NV_DEFINED:\r
- return EFI_NOT_FOUND;\r
+ Status = EFI_NOT_FOUND;\r
+ break;\r
case TPM_RC_HANDLE + RC_NV_Write_authHandle: // TPM_RC_NV_DEFINED:\r
- return EFI_INVALID_PARAMETER;\r
+ Status = EFI_INVALID_PARAMETER;\r
+ break;\r
case TPM_RC_VALUE + RC_NV_Write_nvIndex:\r
case TPM_RC_VALUE + RC_NV_Write_authHandle:\r
- return EFI_INVALID_PARAMETER;\r
+ Status = EFI_INVALID_PARAMETER;\r
+ break;\r
case TPM_RC_BAD_AUTH + RC_NV_Write_authHandle + TPM_RC_S:\r
- return EFI_INVALID_PARAMETER;\r
+ Status = EFI_INVALID_PARAMETER;\r
+ break;\r
case TPM_RC_AUTH_UNAVAILABLE:\r
- return EFI_INVALID_PARAMETER;\r
+ Status = EFI_INVALID_PARAMETER;\r
+ break;\r
case TPM_RC_AUTH_FAIL + RC_NV_Write_authHandle + TPM_RC_S:\r
- return EFI_INVALID_PARAMETER;\r
- default:\r
- return EFI_DEVICE_ERROR;\r
+ Status = EFI_INVALID_PARAMETER;\r
+ break;\r
case TPM_RC_ATTRIBUTES + RC_NV_Write_authHandle + TPM_RC_S:\r
- return EFI_UNSUPPORTED;\r
+ Status = EFI_UNSUPPORTED;\r
+ break;\r
+ default:\r
+ Status = EFI_DEVICE_ERROR;\r
+ break;\r
}\r
+\r
+Done:\r
+ //\r
+ // Clear AuthSession Content\r
+ //\r
+ ZeroMem (&SendBuffer, sizeof(SendBuffer));\r
+ ZeroMem (&RecvBuffer, sizeof(RecvBuffer));\r
+ return Status;\r
}\r
\r
/**\r
RecvBufferSize = sizeof (RecvBuffer);\r
Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);\r
if (EFI_ERROR (Status)) {\r
- return Status;\r
+ goto Done;\r
}\r
\r
if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER)) {\r
DEBUG ((EFI_D_ERROR, "Tpm2NvReadLock - RecvBufferSize Error - %x\n", RecvBufferSize));\r
- return EFI_DEVICE_ERROR;\r
+ Status = EFI_DEVICE_ERROR;\r
+ goto Done;\r
}\r
\r
ResponseCode = SwapBytes32(RecvBuffer.Header.responseCode);\r
// return data\r
break;\r
default:\r
- return EFI_DEVICE_ERROR;\r
+ Status = EFI_DEVICE_ERROR;\r
+ break;\r
}\r
\r
- return EFI_SUCCESS;\r
+Done:\r
+ //\r
+ // Clear AuthSession Content\r
+ //\r
+ ZeroMem (&SendBuffer, sizeof(SendBuffer));\r
+ ZeroMem (&RecvBuffer, sizeof(RecvBuffer));\r
+ return Status;\r
}\r
\r
/**\r
RecvBufferSize = sizeof (RecvBuffer);\r
Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);\r
if (EFI_ERROR (Status)) {\r
- return Status;\r
+ goto Done;\r
}\r
\r
if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER)) {\r
DEBUG ((EFI_D_ERROR, "Tpm2NvWriteLock - RecvBufferSize Error - %x\n", RecvBufferSize));\r
- return EFI_DEVICE_ERROR;\r
+ Status = EFI_DEVICE_ERROR;\r
+ goto Done;\r
}\r
\r
ResponseCode = SwapBytes32(RecvBuffer.Header.responseCode);\r
// return data\r
break;\r
default:\r
- return EFI_DEVICE_ERROR;\r
+ Status = EFI_DEVICE_ERROR;\r
+ break;\r
}\r
\r
- return EFI_SUCCESS;\r
+Done:\r
+ //\r
+ // Clear AuthSession Content\r
+ //\r
+ ZeroMem (&SendBuffer, sizeof(SendBuffer));\r
+ ZeroMem (&RecvBuffer, sizeof(RecvBuffer));\r
+ return Status;\r
}\r
\r
/**\r
RecvBufferSize = sizeof (RecvBuffer);\r
Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);\r
if (EFI_ERROR (Status)) {\r
- return Status;\r
+ goto Done;\r
}\r
\r
if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER)) {\r
DEBUG ((EFI_D_ERROR, "Tpm2NvGlobalWriteLock - RecvBufferSize Error - %x\n", RecvBufferSize));\r
- return EFI_DEVICE_ERROR;\r
+ Status = EFI_DEVICE_ERROR;\r
+ goto Done;\r
}\r
\r
ResponseCode = SwapBytes32(RecvBuffer.Header.responseCode);\r
// return data\r
break;\r
default:\r
- return EFI_DEVICE_ERROR;\r
+ Status = EFI_DEVICE_ERROR;\r
+ break;\r
}\r
\r
- return EFI_SUCCESS;\r
+Done:\r
+ //\r
+ // Clear AuthSession Content\r
+ //\r
+ ZeroMem (&SendBuffer, sizeof(SendBuffer));\r
+ ZeroMem (&RecvBuffer, sizeof(RecvBuffer));\r
+ return Status;\r
}\r