From patchwork Fri Sep  3 01:55:50 2021
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Masahisa Kojima <masahisa.kojima@linaro.org>
X-Patchwork-Id: 506465
Delivered-To: patch@linaro.org
Received: by 2002:a02:8629:0:0:0:0:0 with SMTP id e38csp594274jai;
 Thu, 2 Sep 2021 18:54:33 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJytv8mZM5I7WZZ6zSUXDkfhLsfSXRY4pDnoPsaao5gtDcO+L8jsP2pQpPHM7gyn7y8ROB4n
X-Received: by 2002:a17:906:401:: with SMTP id
 d1mr1373864eja.242.1630634072961; 
 Thu, 02 Sep 2021 18:54:32 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1630634072; cv=none;
 d=google.com; s=arc-20160816;
 b=jnuQx73scuWXaeJR8iFJx1xHbWUFLPADtHDPOY1vIoBIBsf//dDE0hAsBXxmiohsvn
 k/iLk63ByHkhWnXrbweLx82NBcgqqdyggLSA//3hpPUjTVxyx+0SmaUYCBMNa6/xiUaC
 5+NUlZAGd9uaAmL4OJNhXsEuxEwW884XXjBmJaUyHiRy0TlEwonmmgNJ1Su72CfqaYyC
 o9W2AgygOvwwZ0hsYpeU70ajgRdkUkO80BTgInGJHEm0TtO2263+gMmk5wqB6IRcUkl7
 /h8xvBJGbDnzHCOrDTw7zgT0vp5uVOfV9kdY3SZn5Xho81AmCbx1Lz+YpUZU86SWBAvn
 mVCg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816; 
 h=sender:errors-to:list-subscribe:list-help:list-post:list-archive
 :list-unsubscribe:list-id:precedence:references:in-reply-to
 :message-id:date:subject:to:from:dkim-signature;
 bh=XWm2AHWkdNfzHEIgoqeaGUPAq7pjx5308HIvRUvqoXE=;
 b=bty8wsCgDSO8l7RnXrwSCxNBAhgbqgG6QybgUHGUfBosz3aIFEiJrwwTOhM7/ZYEXa
 pWi6gWneT2V2RdV+FKifohgnqyEXXuKbnubm04E5JCCG/qtsf8iEMwfuwpg+QtEe0LlW
 1sJwBCdBfCbUON67Upb+Ti0SjPuYSkyBiaiglFtZZfaibBLz6H+mMbiY6f5fTHQCUd1V
 61dfbbJy8nHm7AiHA1xYVTHv5Xy6/r83CHBJ9TKdh9+2Pe5yHq3KJ3g8EvXepQ5rse9B
 Sme1jZS7fh1NA1vJXXmGimQFJ9lev636xY+r3jEYWaO0pZszogZ78jngm1BKJH+GtKLf
 k+7A==
ARC-Authentication-Results: i=1; mx.google.com;
 dkim=pass header.i=@linaro.org header.s=google header.b=OXXpufNa;
 spf=pass (google.com: domain of u-boot-bounces@lists.denx.de
 designates 85.214.62.61 as permitted sender)
 smtp.mailfrom=u-boot-bounces@lists.denx.de; 
 dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Return-Path: <u-boot-bounces@lists.denx.de>
Received: from phobos.denx.de (phobos.denx.de. [85.214.62.61])
 by mx.google.com with ESMTPS id
 z5si3610744ejl.639.2021.09.02.18.54.32
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Thu, 02 Sep 2021 18:54:32 -0700 (PDT)
Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de
 designates 85.214.62.61 as permitted sender)
 client-ip=85.214.62.61; 
Authentication-Results: mx.google.com;
 dkim=pass header.i=@linaro.org header.s=google header.b=OXXpufNa;
 spf=pass (google.com: domain of u-boot-bounces@lists.denx.de
 designates 85.214.62.61 as permitted sender)
 smtp.mailfrom=u-boot-bounces@lists.denx.de; 
 dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Received: from h2850616.stratoserver.net (localhost [IPv6:::1])
 by phobos.denx.de (Postfix) with ESMTP id 87D1E82BB2;
 Fri,  3 Sep 2021 03:54:19 +0200 (CEST)
Authentication-Results: phobos.denx.de;
 dmarc=pass (p=none dis=none) header.from=linaro.org
Authentication-Results: phobos.denx.de;
 spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de
Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key;
 unprotected) header.d=linaro.org header.i=@linaro.org
 header.b="OXXpufNa"; dkim-atps=neutral
Received: by phobos.denx.de (Postfix, from userid 109)
 id C1B31834F1; Fri,  3 Sep 2021 03:54:14 +0200 (CEST)
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de
X-Spam-Level: 
X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED,
 DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS
 autolearn=ham autolearn_force=no version=3.4.2
Received: from mail-pl1-x62d.google.com (mail-pl1-x62d.google.com
 [IPv6:2607:f8b0:4864:20::62d])
 (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits))
 (No client certificate requested)
 by phobos.denx.de (Postfix) with ESMTPS id B218A834F1
 for <u-boot@lists.denx.de>; Fri,  3 Sep 2021 03:54:10 +0200 (CEST)
Authentication-Results: phobos.denx.de;
 dmarc=pass (p=none dis=none) header.from=linaro.org
Authentication-Results: phobos.denx.de;
 spf=pass smtp.mailfrom=masahisa.kojima@linaro.org
Received: by mail-pl1-x62d.google.com with SMTP id k17so2366008pls.0
 for <u-boot@lists.denx.de>; Thu, 02 Sep 2021 18:54:10 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; 
 h=from:to:subject:date:message-id:in-reply-to:references;
 bh=XWm2AHWkdNfzHEIgoqeaGUPAq7pjx5308HIvRUvqoXE=;
 b=OXXpufNahuwRUWFgmofmeOfVIPGMOkSc81x4BvPeTBN7T/ZCn3pJMFgNuHunSAKuJZ
 NWPwanoHahfGun6GsjlBuJmzvM/rR7iF9FanUZMWAx6MosRE2BE+TYa8xGJyUT2H6sqa
 wDsajX0iwr/vcWb9GtmWZwGTeOnJMKsZ9gaaDnmMi+76eVKHLcFPj/muyVVksYawTrpM
 723HCpVLe9r1KIu6xKDtOwyY04ja3MZk+JWLahNeCntZnxGUy9+3agWKMF17m84qy0vg
 vLoTSCCfyRALUjF62L8aFanTz5PWTZoQdfPurrRu8IpxbVHxYOSqtSn5EOpfxZeAE+ri
 EprQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to
 :references;
 bh=XWm2AHWkdNfzHEIgoqeaGUPAq7pjx5308HIvRUvqoXE=;
 b=skK3cV58hnYX/aWyctTLO49jmN6fc2BDKU7tbPIk2XSe5VKZZrTGukzFbQfAg626ID
 Hd7ibQIlyLlG1APmL64PgzkrpUtWlC+0OAADGBvUChigDfeSxADVaFlqNZZhBvRBFymz
 NF4V2bCCaPjqm9GLemImpi8T6nsX6dJqpZfWVXULLRuogH3yqwQwOCLxUKKXMdH3T8G8
 TcA6DdT/BDkTtFnW62WYMtKizHc2lv6WK8mdEqm0+mh9f98o95t9rzWJY26JjUeFnpKQ
 j73x03w3XxwGy/pXpUcY+/uByEjkq6Y5YHJIUJh11Xu7VDF+o/8EqIsMmaWa/klsw/yr
 N2rA==
X-Gm-Message-State: AOAM532/k0Xtu9dJ++L4+ZJU5d9lDVm1HrvJbW1gByfSUwv9I9J/3e1o
 hDnc1AHvFItUfYg61bovHwMKfMdp8G+0UiNO
X-Received: by 2002:a17:90a:a087:: with SMTP id
 r7mr7250474pjp.84.1630634049035; 
 Thu, 02 Sep 2021 18:54:09 -0700 (PDT)
Received: from localhost.localdomain ([2400:2411:502:a100:82fa:5bff:fe4b:26b1])
 by smtp.gmail.com with ESMTPSA id
 g37sm4182198pgl.94.2021.09.02.18.54.07
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Thu, 02 Sep 2021 18:54:08 -0700 (PDT)
From: Masahisa Kojima <masahisa.kojima@linaro.org>
To: Heinrich Schuchardt <xypron.glpk@gmx.de>,
 Alexander Graf <agraf@csgraf.de>, 
 Ilias Apalodimas <ilias.apalodimas@linaro.org>,
 Simon Glass <sjg@chromium.org>,
 AKASHI Takahiro <takahiro.akashi@linaro.org>, u-boot@lists.denx.de
Subject: [PATCH 1/3] efi_loader: add missing parameter check for
 EFI_TCG2_PROTOCOL api
Date: Fri,  3 Sep 2021 10:55:50 +0900
Message-Id: <20210903015552.17180-2-masahisa.kojima@linaro.org>
X-Mailer: git-send-email 2.17.1
In-Reply-To: <20210903015552.17180-1-masahisa.kojima@linaro.org>
References: <20210903015552.17180-1-masahisa.kojima@linaro.org>
X-BeenThere: u-boot@lists.denx.de
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: U-Boot discussion <u-boot.lists.denx.de>
List-Unsubscribe: <https://lists.denx.de/options/u-boot>,
 <mailto:u-boot-request@lists.denx.de?subject=unsubscribe>
List-Archive: <https://lists.denx.de/pipermail/u-boot/>
List-Post: <mailto:u-boot@lists.denx.de>
List-Help: <mailto:u-boot-request@lists.denx.de?subject=help>
List-Subscribe: <https://lists.denx.de/listinfo/u-boot>,
 <mailto:u-boot-request@lists.denx.de?subject=subscribe>
Errors-To: u-boot-bounces@lists.denx.de
Sender: "U-Boot" <u-boot-bounces@lists.denx.de>
X-Virus-Scanned: clamav-milter 0.103.2 at phobos.denx.de
X-Virus-Status: Clean

TCG EFI Protocol Specification defines the required parameter
checking and return value for each API.
This commit adds the missing parameter check and
fixes the wrong return value to comply the specification.

Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
---
 lib/efi_loader/efi_tcg2.c | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

-- 
2.17.1
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>

diff --git a/lib/efi_loader/efi_tcg2.c b/lib/efi_loader/efi_tcg2.c
index 35e69b9112..c4e9f61fd6 100644
--- a/lib/efi_loader/efi_tcg2.c
+++ b/lib/efi_loader/efi_tcg2.c
@@ -708,6 +708,18 @@ efi_tcg2_get_eventlog(struct efi_tcg2_protocol *this,
 	EFI_ENTRY("%p, %u, %p, %p,  %p", this, log_format, event_log_location,
 		  event_log_last_entry, event_log_truncated);
 
+	if (!this || !event_log_location || !event_log_last_entry ||
+	    !event_log_truncated) {
+		ret = EFI_INVALID_PARAMETER;
+		goto out;
+	}
+
+	/* Only support TPMV2 */
+	if (log_format != TCG2_EVENT_LOG_FORMAT_TCG_2) {
+		ret = EFI_INVALID_PARAMETER;
+		goto out;
+	}
+
 	ret = platform_get_tpm2_device(&dev);
 	if (ret != EFI_SUCCESS) {
 		event_log_location = NULL;
@@ -965,6 +977,7 @@ efi_tcg2_hash_log_extend_event(struct efi_tcg2_protocol *this, u64 flags,
 				   data_to_hash_len, (void **)&nt);
 		if (ret != EFI_SUCCESS) {
 			log_err("Not a valid PE-COFF file\n");
+			ret = EFI_UNSUPPORTED;
 			goto out;
 		}
 		ret = tcg2_hash_pe_image((void *)(uintptr_t)data_to_hash,
@@ -1038,9 +1051,15 @@ efi_tcg2_get_active_pcr_banks(struct efi_tcg2_protocol *this,
 {
 	efi_status_t ret;
 
+	if (!this || !active_pcr_banks) {
+		ret = EFI_INVALID_PARAMETER;
+		goto out;
+	}
+
 	EFI_ENTRY("%p, %p", this, active_pcr_banks);
 	ret = __get_active_pcr_banks(active_pcr_banks);
 
+out:
 	return EFI_EXIT(ret);
 }