tyler.durden
/
audk
mirror of https://github.com/acidanthera/audk.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

SecurityPkg: Clear LocalAuthSession content after use. 

Some commands in DxeTcg2PhysicalPresenceLib accept
AuthSession as input parameter and copy to local
command buffer. After use, this AuthSession content
should be zeroed, because there might be some secrete
there.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: "Yao, Jiewen" <jiewen.yao@intel.com>
Reviewed-by: "Zhang, Chao B" <chao.b.zhang@intel.com>
This commit is contained in:
Jiewen Yao 2016-03-09 21:52:15 -08:00 committed by Hao Wu
parent 0e47ac1535
commit c31313da22
1 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.c
View File

@ -225,7 +225,7 @@ Tpm2CommandAllocPcr (
);
DEBUG ((EFI_D_INFO, "Tpm2PcrAllocate - %r\n", Status));
if (EFI_ERROR (Status)) {
return Status;
goto Done;
}
DEBUG ((EFI_D_INFO, "AllocationSuccess - %02x\n", AllocationSuccess));
@ -233,7 +233,9 @@ Tpm2CommandAllocPcr (
DEBUG ((EFI_D_INFO, "SizeNeeded - %08x\n", SizeNeeded));
DEBUG ((EFI_D_INFO, "SizeAvailable - %08x\n", SizeAvailable));
return EFI_SUCCESS;
Done:
ZeroMem(&LocalAuthSession.hmac, sizeof(LocalAuthSession.hmac));
return Status;
}
/**
@ -264,6 +266,8 @@ Tpm2CommandChangeEps (
Status = Tpm2ChangeEPS (TPM_RH_PLATFORM, AuthSession);
DEBUG ((EFI_D_INFO, "Tpm2ChangeEPS - %r\n", Status));
ZeroMem(&LocalAuthSession.hmac, sizeof(LocalAuthSession.hmac));
return Status;
}