X-Git-Url: https://git.proxmox.com/?p=mirror_edk2.git;a=blobdiff_plain;f=SecurityPkg%2FLibrary%2FDxeTcgPhysicalPresenceLib%2FDxeTcgPhysicalPresenceLib.c;h=5316e5b785ce3126eb8eca7b2e85ad0c22d69023;hp=515b0a5d7231ef5cd43505d5f4c9f1ee346df60b;hb=dc204d5a0fd64d1ccbc90ebea827e7ad73b71f4d;hpb=90eaa3c1e022e2b676da65cb41aa66136a18b4ea

diff --git a/SecurityPkg/Library/DxeTcgPhysicalPresenceLib/DxeTcgPhysicalPresenceLib.c b/SecurityPkg/Library/DxeTcgPhysicalPresenceLib/DxeTcgPhysicalPresenceLib.c
index 515b0a5d72..5316e5b785 100644
--- a/SecurityPkg/Library/DxeTcgPhysicalPresenceLib/DxeTcgPhysicalPresenceLib.c
+++ b/SecurityPkg/Library/DxeTcgPhysicalPresenceLib/DxeTcgPhysicalPresenceLib.c
@@ -2,6 +2,12 @@
 
   Execute pending TPM requests from OS or BIOS and Lock TPM.
 
+  Caution: This module requires additional review when modified.
+  This driver will have external input - variable.
+  This external input must be validated carefully to avoid security issue.
+
+  ExecutePendingTpmRequest() will receive untrusted input and do validation.
+
 Copyright (c) 2006 - 2012, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials 
 are licensed and made available under the terms and conditions of the BSD License 
@@ -882,6 +888,10 @@ UserConfirm (
 /**
   Check and execute the requested physical presence command.
 
+  Caution: This function may receive untrusted input.
+  TcgPpData variable is external input, so this function will validate
+  its data structure to be valid value.
+
   @param[in] TcgProtocol          EFI TCG Protocol instance. 
   @param[in] TcgPpData            Point to the physical presence NV variable.