Fix TCG protocol TcgDxeHashLogExtendEvent and TcgDxeLogEvent SDL issue

[mirror_edk2.git] / SecurityPkg / Tcg / TcgDxe / TcgDxe.c

diff --git a/SecurityPkg/Tcg/TcgDxe/TcgDxe.c b/SecurityPkg/Tcg/TcgDxe/TcgDxe.c
index 4b5380ba87fb5b4031ca2f4995d8f87d8b860669..5ef34d0ba20418faa3ef6498f5cdfff2e1cf6e10 100644 (file)
--- a/SecurityPkg/Tcg/TcgDxe/TcgDxe.c
+++ b/SecurityPkg/Tcg/TcgDxe/TcgDxe.c
@@ -1,6 +1,13 @@
 /** @file  \r
   This module implements TCG EFI Protocol.\r
-  \r
+ \r
+Caution: This module requires additional review when modified.\r
+This driver will have external input - TcgDxePassThroughToTpm\r
+This external input must be validated carefully to avoid security issue like\r
+buffer overflow, integer overflow.\r
+\r
+TcgDxePassThroughToTpm() will receive untrusted input and do basic validation.\r
+\r
 Copyright (c) 2005 - 2012, Intel Corporation. All rights reserved.<BR>\r
 This program and the accompanying materials \r
 are licensed and made available under the terms and conditions of the BSD License \r
@@ -23,6 +30,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 #include <Guid/HobList.h>\r
 #include <Guid/TcgEventHob.h>\r
 #include <Guid/EventGroup.h>\r
+#include <Guid/EventExitBootServiceFailed.h>\r
 #include <Protocol/DevicePath.h>\r
 #include <Protocol/TcgService.h>\r
 #include <Protocol/AcpiTable.h>\r
@@ -344,6 +352,10 @@ TcgDxeLogEvent (
 {\r
   TCG_DXE_DATA  *TcgData;\r
 \r
+  if (TCGLogData == NULL){\r
+    return EFI_INVALID_PARAMETER;\r
+  }\r
+\r
   TcgData = TCG_DXE_DATA_FROM_THIS (This);\r
   \r
   if (TcgData->BsCap.TPMDeactivatedFlag) {\r
@@ -383,6 +395,13 @@ TcgDxePassThroughToTpm (
 {\r
   TCG_DXE_DATA                      *TcgData;\r
 \r
+  if (TpmInputParameterBlock == NULL || \r
+      TpmOutputParameterBlock == NULL || \r
+      TpmInputParameterBlockSize == 0 ||\r
+      TpmOutputParameterBlockSize == 0) {\r
+    return EFI_INVALID_PARAMETER;\r
+  }\r
+\r
   TcgData = TCG_DXE_DATA_FROM_THIS (This);\r
 \r
   return TisPcExecute (\r
@@ -423,7 +442,11 @@ TcgDxeHashLogExtendEventI (
 {\r
   EFI_STATUS                        Status;\r
 \r
-  if (HashDataLen > 0) {\r
+  if (HashData == NULL && HashDataLen > 0) {\r
+    return EFI_INVALID_PARAMETER;\r
+  }\r
+\r
+  if (HashDataLen > 0 || HashData != NULL) {\r
     Status = TpmCommHashAll (\r
                HashData,\r
                (UINTN) HashDataLen,\r
@@ -483,6 +506,10 @@ TcgDxeHashLogExtendEvent (
 {\r
   TCG_DXE_DATA  *TcgData;\r
 \r
+  if (TCGLogData == NULL || EventLogLastEntry == NULL){\r
+    return EFI_INVALID_PARAMETER;\r
+  }\r
+\r
   TcgData = TCG_DXE_DATA_FROM_THIS (This);\r
   \r
   if (TcgData->BsCap.TPMDeactivatedFlag) {\r
@@ -1103,6 +1130,34 @@ OnExitBootServices (
   ASSERT_EFI_ERROR (Status);\r
 }\r
 \r
+/**\r
+  Exit Boot Services Failed Event notification handler.\r
+\r
+  Measure Failure of ExitBootServices.\r
+\r
+  @param[in]  Event     Event whose notification function is being invoked\r
+  @param[in]  Context   Pointer to the notification function's context\r
+\r
+**/\r
+VOID\r
+EFIAPI\r
+OnExitBootServicesFailed (\r
+  IN      EFI_EVENT                 Event,\r
+  IN      VOID                      *Context\r
+  )\r
+{\r
+  EFI_STATUS    Status;\r
+\r
+  //\r
+  // Measure Failure of ExitBootServices,\r
+  //\r
+  Status = TcgMeasureAction (\r
+             EFI_EXIT_BOOT_SERVICES_FAILED\r
+             );\r
+  ASSERT_EFI_ERROR (Status);\r
+\r
+}\r
+\r
 /**\r
   Get TPM Deactivated state.\r
 \r
@@ -1205,6 +1260,18 @@ DriverEntry (
                     &gEfiEventExitBootServicesGuid,\r
                     &Event\r
                     );\r
+\r
+    //\r
+    // Measure Exit Boot Service failed \r
+    //\r
+    Status = gBS->CreateEventEx (\r
+                    EVT_NOTIFY_SIGNAL,\r
+                    TPL_NOTIFY,\r
+                    OnExitBootServicesFailed,\r
+                    NULL,\r
+                    &gEventExitBootServicesFailedGuid,\r
+                    &Event\r
+                    );\r
   }\r
 \r
   //\r