Topics

[PATCH v4 1/2] SecurityPkg/Tpm2CommandLib: add a new function


Qi Zhang
 

From: "Zhang, Qi" <qi1.zhang@...>

Tpm2GetCapabilityIsCommandImplemented

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2793

check if the commad is supported by comparing the command code with
command index.

Cc: Jiewen Yao <jiewen.yao@...>
Cc: Jian J Wang <jian.j.wang@...>
Cc: Chao Zhang <chao.b.zhang@...>
Cc: Rahul Kumar <rahul1.kumar@...>
Signed-off-by: Qi Zhang <qi1.zhang@...>
---
SecurityPkg/Include/Library/Tpm2CommandLib.h | 16 ++++++++
.../Library/Tpm2CommandLib/Tpm2Capability.c | 40 +++++++++++++++++++
2 files changed, 56 insertions(+)

diff --git a/SecurityPkg/Include/Library/Tpm2CommandLib.h b/SecurityPkg/Inc=
lude/Library/Tpm2CommandLib.h
index ce381e786b..ee8eb62295 100644
--- a/SecurityPkg/Include/Library/Tpm2CommandLib.h
+++ b/SecurityPkg/Include/Library/Tpm2CommandLib.h
@@ -790,6 +790,22 @@ Tpm2GetCapabilityAlgorithmSet (
OUT UINT32 *AlgorithmSet=0D
);=0D
=0D
+/**=0D
+ This function will query if the command is supported.=0D
+=0D
+ @param[In] Command TPM_CC command starts from TPM_CC_FIRST.=0D
+ @param[out] IsCmdImpl The command is supported or not.=0D
+=0D
+ @retval EFI_SUCCESS Operation completed successfully.=0D
+ @retval EFI_DEVICE_ERROR The command was unsuccessful.=0D
+**/=0D
+EFI_STATUS=0D
+EFIAPI=0D
+Tpm2GetCapabilityIsCommandImplemented (=0D
+ IN TPM_CC Command,=0D
+ OUT BOOLEAN *IsCmdImpl=0D
+ );=0D
+=0D
/**=0D
This command is used to check to see if specific combinations of algorit=
hm parameters are supported.=0D
=0D
diff --git a/SecurityPkg/Library/Tpm2CommandLib/Tpm2Capability.c b/Security=
Pkg/Library/Tpm2CommandLib/Tpm2Capability.c
index 85b11c7715..17c0c3a151 100644
--- a/SecurityPkg/Library/Tpm2CommandLib/Tpm2Capability.c
+++ b/SecurityPkg/Library/Tpm2CommandLib/Tpm2Capability.c
@@ -39,6 +39,8 @@ typedef struct {
=0D
#pragma pack()=0D
=0D
+#define TPMA_CC_COMMANDINDEX_MASK 0x2000FFFF=0D
+=0D
/**=0D
This command returns various information regarding the TPM and its curre=
nt state.=0D
=0D
@@ -628,6 +630,44 @@ Tpm2GetCapabilityAlgorithmSet (
return EFI_SUCCESS;=0D
}=0D
=0D
+/**=0D
+ This function will query if the command is supported.=0D
+=0D
+ @param[In] Command TPM_CC command starts from TPM_CC_FIRST.=0D
+ @param[out] IsCmdImpl The command is supported or not.=0D
+=0D
+ @retval EFI_SUCCESS Operation completed successfully.=0D
+ @retval EFI_DEVICE_ERROR The command was unsuccessful.=0D
+**/=0D
+EFI_STATUS=0D
+EFIAPI=0D
+Tpm2GetCapabilityIsCommandImplemented (=0D
+ IN TPM_CC Command,=0D
+ OUT BOOLEAN *IsCmdImpl=0D
+ )=0D
+{=0D
+ TPMS_CAPABILITY_DATA TpmCap;=0D
+ TPMI_YES_NO MoreData;=0D
+ EFI_STATUS Status;=0D
+ UINT32 Attribute;=0D
+=0D
+ Status =3D Tpm2GetCapability (=0D
+ TPM_CAP_COMMANDS,=0D
+ Command,=0D
+ 1,=0D
+ &MoreData,=0D
+ &TpmCap=0D
+ );=0D
+ if (EFI_ERROR (Status)) {=0D
+ return Status;=0D
+ }=0D
+=0D
+ CopyMem (&Attribute, &TpmCap.data.command.commandAttributes[0], sizeof (=
UINT32));=0D
+ *IsCmdImpl =3D (Command =3D=3D (SwapBytes32(Attribute) & TPMA_CC_COMMAND=
INDEX_MASK));=0D
+=0D
+ return EFI_SUCCESS;=0D
+}=0D
+=0D
/**=0D
This command is used to check to see if specific combinations of algorit=
hm parameters are supported.=0D
=0D
--=20
2.26.2.windows.1


Wang, Jian J
 

Reviewed-by: Jian J Wang <jian.j.wang@...>

Regards,
Jian

-----Original Message-----
From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Qi Zhang
Sent: Tuesday, July 28, 2020 4:21 PM
To: devel@edk2.groups.io
Cc: Zhang, Qi1 <qi1.zhang@...>; Yao, Jiewen <jiewen.yao@...>;
Wang, Jian J <jian.j.wang@...>; Chao Zhang <chao.b.zhang@...>;
Kumar, Rahul1 <rahul1.kumar@...>
Subject: [edk2-devel] [PATCH v4 1/2] SecurityPkg/Tpm2CommandLib: add a new
function

From: "Zhang, Qi" <qi1.zhang@...>

Tpm2GetCapabilityIsCommandImplemented

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2793

check if the commad is supported by comparing the command code with
command index.

Cc: Jiewen Yao <jiewen.yao@...>
Cc: Jian J Wang <jian.j.wang@...>
Cc: Chao Zhang <chao.b.zhang@...>
Cc: Rahul Kumar <rahul1.kumar@...>
Signed-off-by: Qi Zhang <qi1.zhang@...>
---
SecurityPkg/Include/Library/Tpm2CommandLib.h | 16 ++++++++
.../Library/Tpm2CommandLib/Tpm2Capability.c | 40 +++++++++++++++++++
2 files changed, 56 insertions(+)

diff --git a/SecurityPkg/Include/Library/Tpm2CommandLib.h
b/SecurityPkg/Include/Library/Tpm2CommandLib.h
index ce381e786b..ee8eb62295 100644
--- a/SecurityPkg/Include/Library/Tpm2CommandLib.h
+++ b/SecurityPkg/Include/Library/Tpm2CommandLib.h
@@ -790,6 +790,22 @@ Tpm2GetCapabilityAlgorithmSet (
OUT UINT32 *AlgorithmSet

);



+/**

+ This function will query if the command is supported.

+

+ @param[In] Command TPM_CC command starts from TPM_CC_FIRST.

+ @param[out] IsCmdImpl The command is supported or not.

+

+ @retval EFI_SUCCESS Operation completed successfully.

+ @retval EFI_DEVICE_ERROR The command was unsuccessful.

+**/

+EFI_STATUS

+EFIAPI

+Tpm2GetCapabilityIsCommandImplemented (

+ IN TPM_CC Command,

+ OUT BOOLEAN *IsCmdImpl

+ );

+

/**

This command is used to check to see if specific combinations of algorithm
parameters are supported.



diff --git a/SecurityPkg/Library/Tpm2CommandLib/Tpm2Capability.c
b/SecurityPkg/Library/Tpm2CommandLib/Tpm2Capability.c
index 85b11c7715..17c0c3a151 100644
--- a/SecurityPkg/Library/Tpm2CommandLib/Tpm2Capability.c
+++ b/SecurityPkg/Library/Tpm2CommandLib/Tpm2Capability.c
@@ -39,6 +39,8 @@ typedef struct {


#pragma pack()



+#define TPMA_CC_COMMANDINDEX_MASK 0x2000FFFF

+

/**

This command returns various information regarding the TPM and its current
state.



@@ -628,6 +630,44 @@ Tpm2GetCapabilityAlgorithmSet (
return EFI_SUCCESS;

}



+/**

+ This function will query if the command is supported.

+

+ @param[In] Command TPM_CC command starts from TPM_CC_FIRST.

+ @param[out] IsCmdImpl The command is supported or not.

+

+ @retval EFI_SUCCESS Operation completed successfully.

+ @retval EFI_DEVICE_ERROR The command was unsuccessful.

+**/

+EFI_STATUS

+EFIAPI

+Tpm2GetCapabilityIsCommandImplemented (

+ IN TPM_CC Command,

+ OUT BOOLEAN *IsCmdImpl

+ )

+{

+ TPMS_CAPABILITY_DATA TpmCap;

+ TPMI_YES_NO MoreData;

+ EFI_STATUS Status;

+ UINT32 Attribute;

+

+ Status = Tpm2GetCapability (

+ TPM_CAP_COMMANDS,

+ Command,

+ 1,

+ &MoreData,

+ &TpmCap

+ );

+ if (EFI_ERROR (Status)) {

+ return Status;

+ }

+

+ CopyMem (&Attribute, &TpmCap.data.command.commandAttributes[0],
sizeof (UINT32));

+ *IsCmdImpl = (Command == (SwapBytes32(Attribute) &
TPMA_CC_COMMANDINDEX_MASK));

+

+ return EFI_SUCCESS;

+}

+

/**

This command is used to check to see if specific combinations of algorithm
parameters are supported.



--
2.26.2.windows.1


-=-=-=-=-=-=
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#63392): https://edk2.groups.io/g/devel/message/63392
Mute This Topic: https://groups.io/mt/75840053/1768734
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [jian.j.wang@...]
-=-=-=-=-=-=