SecurityPkg: Clear LocalAuthSession content after use.

Some commands in DxeTcg2PhysicalPresenceLib accept
AuthSession as input parameter and copy to local
command buffer. After use, this AuthSession content
should be zeroed, because there might be some secrete
there.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: "Yao, Jiewen" <jiewen.yao@intel.com>
Reviewed-by: "Zhang, Chao B" <chao.b.zhang@intel.com>
This commit is contained in:
Jiewen Yao 2016-03-09 21:52:15 -08:00 committed by Hao Wu
parent 0e47ac1535
commit c31313da22
1 changed files with 6 additions and 2 deletions

View File

@ -225,7 +225,7 @@ Tpm2CommandAllocPcr (
); );
DEBUG ((EFI_D_INFO, "Tpm2PcrAllocate - %r\n", Status)); DEBUG ((EFI_D_INFO, "Tpm2PcrAllocate - %r\n", Status));
if (EFI_ERROR (Status)) { if (EFI_ERROR (Status)) {
return Status; goto Done;
} }
DEBUG ((EFI_D_INFO, "AllocationSuccess - %02x\n", AllocationSuccess)); DEBUG ((EFI_D_INFO, "AllocationSuccess - %02x\n", AllocationSuccess));
@ -233,7 +233,9 @@ Tpm2CommandAllocPcr (
DEBUG ((EFI_D_INFO, "SizeNeeded - %08x\n", SizeNeeded)); DEBUG ((EFI_D_INFO, "SizeNeeded - %08x\n", SizeNeeded));
DEBUG ((EFI_D_INFO, "SizeAvailable - %08x\n", SizeAvailable)); DEBUG ((EFI_D_INFO, "SizeAvailable - %08x\n", SizeAvailable));
return EFI_SUCCESS; Done:
ZeroMem(&LocalAuthSession.hmac, sizeof(LocalAuthSession.hmac));
return Status;
} }
/** /**
@ -264,6 +266,8 @@ Tpm2CommandChangeEps (
Status = Tpm2ChangeEPS (TPM_RH_PLATFORM, AuthSession); Status = Tpm2ChangeEPS (TPM_RH_PLATFORM, AuthSession);
DEBUG ((EFI_D_INFO, "Tpm2ChangeEPS - %r\n", Status)); DEBUG ((EFI_D_INFO, "Tpm2ChangeEPS - %r\n", Status));
ZeroMem(&LocalAuthSession.hmac, sizeof(LocalAuthSession.hmac));
return Status; return Status;
} }