From 1dae37b163e1e08e719ac06fa86b3414b4ddfb2b Mon Sep 17 00:00:00 2001 From: CoprDistGit Date: Mon, 30 Oct 2023 11:56:48 +0000 Subject: automatic import of edk2 --- ...-TPM-Fix-bugs-in-imported-PeiDxeTpmPlatfo.patch | 121 +++++++++++++++++++++ 1 file changed, 121 insertions(+) create mode 100644 0013-SecurityPkg-TPM-Fix-bugs-in-imported-PeiDxeTpmPlatfo.patch (limited to '0013-SecurityPkg-TPM-Fix-bugs-in-imported-PeiDxeTpmPlatfo.patch') diff --git a/0013-SecurityPkg-TPM-Fix-bugs-in-imported-PeiDxeTpmPlatfo.patch b/0013-SecurityPkg-TPM-Fix-bugs-in-imported-PeiDxeTpmPlatfo.patch new file mode 100644 index 0000000..e250097 --- /dev/null +++ b/0013-SecurityPkg-TPM-Fix-bugs-in-imported-PeiDxeTpmPlatfo.patch @@ -0,0 +1,121 @@ +From da8e34ff10bff3bff14c0bc5ee1f2e3f3d72428f Mon Sep 17 00:00:00 2001 +From: Stefan Berger +Date: Mon, 13 Sep 2021 22:20:58 +0800 +Subject: [PATCH 2/8] SecurityPkg/TPM: Fix bugs in imported + PeiDxeTpmPlatformHierarchyLib + +Fix some bugs in the original PeiDxeTpmPlatformHierarchyLib.c. + +Signed-off-by: Stefan Berger +Reviewed-by: Jiewen Yao +--- + .../PeiDxeTpmPlatformHierarchyLib.c | 23 +++++-------------- + .../PeiDxeTpmPlatformHierarchyLib.inf | 5 ++-- + 2 files changed, 8 insertions(+), 20 deletions(-) + +diff --git a/SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHierarchyLib.c b/SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHierarchyLib.c +index 9812ab99ab..d82a0ae1bd 100644 +--- a/SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHierarchyLib.c ++++ b/SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHierarchyLib.c +@@ -18,7 +18,6 @@ + #include + #include + #include +-#include + #include + #include + #include +@@ -27,7 +26,6 @@ + // The authorization value may be no larger than the digest produced by the hash + // algorithm used for context integrity. + // +-#define MAX_NEW_AUTHORIZATION_SIZE SHA512_DIGEST_SIZE + + UINT16 mAuthSize; + +@@ -54,7 +52,7 @@ RdRandGenerateEntropy ( + UINT8 *Ptr; + + Status = EFI_NOT_READY; +- BlockCount = Length / 64; ++ BlockCount = Length / sizeof(Seed); + Ptr = (UINT8 *)Entropy; + + // +@@ -65,10 +63,10 @@ RdRandGenerateEntropy ( + if (EFI_ERROR (Status)) { + return Status; + } +- CopyMem (Ptr, Seed, 64); ++ CopyMem (Ptr, Seed, sizeof(Seed)); + + BlockCount--; +- Ptr = Ptr + 64; ++ Ptr = Ptr + sizeof(Seed); + } + + // +@@ -78,7 +76,7 @@ RdRandGenerateEntropy ( + if (EFI_ERROR (Status)) { + return Status; + } +- CopyMem (Ptr, Seed, (Length % 64)); ++ CopyMem (Ptr, Seed, (Length % sizeof(Seed))); + + return Status; + } +@@ -164,8 +162,6 @@ RandomizePlatformAuth ( + { + EFI_STATUS Status; + UINT16 AuthSize; +- UINT8 *Rand; +- UINTN RandSize; + TPM2B_AUTH NewPlatformAuth; + + // +@@ -174,19 +170,13 @@ RandomizePlatformAuth ( + + GetAuthSize (&AuthSize); + +- ZeroMem (NewPlatformAuth.buffer, AuthSize); + NewPlatformAuth.size = AuthSize; + + // +- // Allocate one buffer to store random data. ++ // Create the random bytes in the destination buffer + // +- RandSize = MAX_NEW_AUTHORIZATION_SIZE; +- Rand = AllocatePool (RandSize); +- +- RdRandGenerateEntropy (RandSize, Rand); +- CopyMem (NewPlatformAuth.buffer, Rand, AuthSize); + +- FreePool (Rand); ++ RdRandGenerateEntropy (NewPlatformAuth.size, NewPlatformAuth.buffer); + + // + // Send Tpm2HierarchyChangeAuth command with the new Auth value +@@ -194,7 +184,6 @@ RandomizePlatformAuth ( + Status = Tpm2HierarchyChangeAuth (TPM_RH_PLATFORM, NULL, &NewPlatformAuth); + DEBUG ((DEBUG_INFO, "Tpm2HierarchyChangeAuth Result: - %r\n", Status)); + ZeroMem (NewPlatformAuth.buffer, AuthSize); +- ZeroMem (Rand, RandSize); + } + + /** +diff --git a/SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHierarchyLib.inf b/SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHierarchyLib.inf +index b7a7fb0a08..7bf666794f 100644 +--- a/SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHierarchyLib.inf ++++ b/SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHierarchyLib.inf +@@ -1,6 +1,5 @@ +-### @file +-# +-# TPM Platform Hierarchy configuration library. ++## @file ++# TPM Platform Hierarchy configuration library. + # + # This library provides functions for customizing the TPM's Platform Hierarchy + # Authorization Value (platformAuth) and Platform Hierarchy Authorization +-- +2.27.0 + -- cgit v1.2.3