efi_loader: fix efi_tcg2_hash_log_extend_event() parameter check

TCG EFI Protocol Specification defines that PCRIndex parameter
passed from caller must be 0 to 23.
TPM2_MAX_PCRS is currently used to check the range of PCRIndex,
but TPM2_MAX_PCRS is tpm2 device dependent and may have larger value.
This commit newly adds EFI_TCG2_MAX_PCR_INDEX macro, it is used to
check the range of PCRIndex parameter.

Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
Acked-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>

diff --git a/include/efi_tcg2.h b/include/efi_tcg2.h
index a8c43e415f386e56c42c5ed7524641831e7da127..c99384fb005d89d81a999d5740bc6d44de977a5f 100644 (file)
--- a/include/efi_tcg2.h
+++ b/include/efi_tcg2.h
@@ -28,6 +28,8 @@
 #define EFI_TCG2_EXTEND_ONLY 0x0000000000000001
 #define PE_COFF_IMAGE 0x0000000000000010
 
+#define EFI_TCG2_MAX_PCR_INDEX 23
+
 /* Algorithm Registry */
 #define EFI_TCG2_BOOT_HASH_ALG_SHA1    0x00000001
 #define EFI_TCG2_BOOT_HASH_ALG_SHA256  0x00000002

diff --git a/lib/efi_loader/efi_tcg2.c b/lib/efi_loader/efi_tcg2.c
index c4e9f61fd6d6b20bc3872d92cd955f650c1a7d13..b268a02976c2969f504f56472049c961cf3eb285 100644 (file)
--- a/lib/efi_loader/efi_tcg2.c
+++ b/lib/efi_loader/efi_tcg2.c
@@ -958,7 +958,7 @@ efi_tcg2_hash_log_extend_event(struct efi_tcg2_protocol *this, u64 flags,
                goto out;
        }
 
-       if (efi_tcg_event->header.pcr_index > TPM2_MAX_PCRS) {
+       if (efi_tcg_event->header.pcr_index > EFI_TCG2_MAX_PCR_INDEX) {
                ret = EFI_INVALID_PARAMETER;
                goto out;
        }