mirrors/u-boot
1
0
Fork 0
mirror of https://source.denx.de/u-boot/u-boot.git synced 2025-11-28 22:21:49 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

efi_loader: fix efi_tcg2_hash_log_extend_event() parameter check

Browse Source 
TCG EFI Protocol Specification defines that PCRIndex parameter
passed from caller must be 0 to 23.
TPM2_MAX_PCRS is currently used to check the range of PCRIndex,
but TPM2_MAX_PCRS is tpm2 device dependent and may have larger value.
This commit newly adds EFI_TCG2_MAX_PCR_INDEX macro, it is used to
check the range of PCRIndex parameter.

Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
Acked-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
This commit is contained in:
Masahisa Kojima 2021-09-03 10:55:52 +09:00 committed by Heinrich Schuchardt
parent db3ed2cf9c
commit 538c0f2d37
2 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
include/efi_tcg2.h
View File

@ -28,6 +28,8 @@
#define EFI_TCG2_EXTEND_ONLY 0x0000000000000001 #define EFI_TCG2_EXTEND_ONLY 0x0000000000000001
#define PE_COFF_IMAGE 0x0000000000000010 #define PE_COFF_IMAGE 0x0000000000000010
#define EFI_TCG2_MAX_PCR_INDEX 23
/* Algorithm Registry */ /* Algorithm Registry */
#define EFI_TCG2_BOOT_HASH_ALG_SHA1 0x00000001 #define EFI_TCG2_BOOT_HASH_ALG_SHA1 0x00000001
#define EFI_TCG2_BOOT_HASH_ALG_SHA256 0x00000002 #define EFI_TCG2_BOOT_HASH_ALG_SHA256 0x00000002

2
lib/efi_loader/efi_tcg2.c
View File

@ -958,7 +958,7 @@ efi_tcg2_hash_log_extend_event(struct efi_tcg2_protocol *this, u64 flags,
goto out; goto out;
} }
if (efi_tcg_event->header.pcr_index > TPM2_MAX_PCRS) { if (efi_tcg_event->header.pcr_index > EFI_TCG2_MAX_PCR_INDEX) {
ret = EFI_INVALID_PARAMETER; ret = EFI_INVALID_PARAMETER;
goto out; goto out;
} }