SecurityPkg/Tcg: Correct buffer valid check func

For SMM, the SMM Handlers is to validate the buffer outside MMRAM
including the Primary & NonPrimary buffer.

For MM, the MM Handlers do not need to validate the Primary buffer
if it is passed from MmCore through the MmiHandler() parameter.
Return TRUE directly in this case. But need to validate NonPrimary
buffer that outside MMRAM.

Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: Hongbin1 Zhang <hongbin1.zhang@intel.com>
Cc: Wei6 Xu <wei6.xu@intel.com>
Cc: Dun Tan <dun.tan@intel.com>
Cc: Yuanhao Xie <yuanhao.xie@intel.com>

SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.c

@@ -73,15 +73,27 @@ TpmNvsCommunciate (
     return EFI_ACCESS_DENIED;
   }
 
-  if (!IsBufferOutsideMmValid ((UINTN)CommBuffer, TempCommBufferSize)) {
+  CommParams = (TPM_NVS_MM_COMM_BUFFER *)CommBuffer;
+
+  //
+  // The Primary Buffer validation
+  //
+  if (!Tcg2IsPrimaryBufferValid ((UINTN)CommBuffer, TempCommBufferSize)) {
     DEBUG ((DEBUG_ERROR, "[%a] - MM Communication buffer in invalid location!\n", __func__));
     return EFI_ACCESS_DENIED;
   }
 
+  //
+  // The NonPrimary Buffer validation
+  //
+  if (!Tcg2IsNonPrimaryBufferValid (CommParams->TargetAddress, EFI_PAGES_TO_SIZE (EFI_SIZE_TO_PAGES (sizeof (TCG_NVS))))) {
+    DEBUG ((DEBUG_ERROR, "[%a] - MM NonPrimary buffer pointed from Communication buffer in invalid location!\n", __func__));
+    return EFI_ACCESS_DENIED;
+  }
+
   //
   // Farm out the job to individual functions based on what was requested.
   //
-  CommParams = (TPM_NVS_MM_COMM_BUFFER *)CommBuffer;
   Status = EFI_SUCCESS;
   switch (CommParams->Function) {
     case TpmNvsMmExchangeInfo:

SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.h

@@ -55,16 +55,35 @@ Tcg2NotifyMmReady (
   );
 
 /**
-  This function is an abstraction layer for implementation specific Mm buffer validation routine.
+  This function is for the Primary Buffer validation routine.
+  The Primary Buffer is the communication buffer requested from
+  Communicate protocol/PPI.
 
   @param Buffer  The buffer start address to be checked.
   @param Length  The buffer length to be checked.
 
-  @retval TRUE  This buffer is valid per processor architecture and not overlap with SMRAM.
-  @retval FALSE This buffer is not valid per processor architecture or overlap with SMRAM.
+  @retval TRUE  This buffer is valid.
+  @retval FALSE This buffer is not valid.
 **/
 BOOLEAN
-IsBufferOutsideMmValid (
+Tcg2IsPrimaryBufferValid (
+  IN EFI_PHYSICAL_ADDRESS  Buffer,
+  IN UINT64                Length
+  );
+
+/**
+  This function is for the NonPrimary Buffer validation routine.
+  The NonPrimary Buffer is the buffer which might be pointed from the
+  communication buffer.
+
+  @param Buffer  The buffer start address to be checked.
+  @param Length  The buffer length to be checked.
+
+  @retval TRUE  This buffer is valid.
+  @retval FALSE This buffer is not valid.
+**/
+BOOLEAN
+Tcg2IsNonPrimaryBufferValid (
   IN EFI_PHYSICAL_ADDRESS  Buffer,
   IN UINT64                Length
   );

SecurityPkg/Tcg/Tcg2Smm/Tcg2StandaloneMm.c

@@ -31,16 +31,38 @@ Tcg2NotifyMmReady (
 }
 
 /**
-  This function is an abstraction layer for implementation specific Mm buffer validation routine.
+  This function is for the Primary Buffer validation routine.
+  The Primary Buffer is the communication buffer requested from
+  Communicate protocol/PPI.
 
   @param Buffer  The buffer start address to be checked.
   @param Length  The buffer length to be checked.
 
-  @retval TRUE  This buffer is valid per processor architecture and not overlap with SMRAM.
-  @retval FALSE This buffer is not valid per processor architecture or overlap with SMRAM.
+  @retval TRUE  This buffer is valid.
+  @retval FALSE This buffer is not valid.
 **/
 BOOLEAN
-IsBufferOutsideMmValid (
+Tcg2IsPrimaryBufferValid (
+  IN EFI_PHYSICAL_ADDRESS  Buffer,
+  IN UINT64                Length
+  )
+{
+  return TRUE;
+}
+
+/**
+  This function is for the Secondary Buffer validation routine.
+  The Secondary Buffer is the buffer which is pointed from the
+  communication buffer.
+
+  @param Buffer  The buffer start address to be checked.
+  @param Length  The buffer length to be checked.
+
+  @retval TRUE  This buffer is valid.
+  @retval FALSE This buffer is not valid.
+**/
+BOOLEAN
+Tcg2IsNonPrimaryBufferValid (
   IN EFI_PHYSICAL_ADDRESS  Buffer,
   IN UINT64                Length
   )

SecurityPkg/Tcg/Tcg2Smm/Tcg2TraditionalMm.c

@@ -41,7 +41,9 @@ Tcg2NotifyMmReady (
 }
 
 /**
-  This function is an abstraction layer for implementation specific Mm buffer validation routine.
+  This function is for the Primary Buffer validation routine.
+  The Primary Buffer is the communication buffer requested from
+  Communicate protocol/PPI.
 
   @param Buffer  The buffer start address to be checked.
   @param Length  The buffer length to be checked.
@@ -50,7 +52,27 @@ Tcg2NotifyMmReady (
   @retval FALSE This buffer is not valid per processor architecture or overlap with SMRAM.
 **/
 BOOLEAN
-IsBufferOutsideMmValid (
+Tcg2IsPrimaryBufferValid (
+  IN EFI_PHYSICAL_ADDRESS  Buffer,
+  IN UINT64                Length
+  )
+{
+  return SmmIsBufferOutsideSmmValid (Buffer, Length);
+}
+
+/**
+  This function is for the NonPrimary Buffer validation routine.
+  The NonPrimary Buffer is the buffer which is pointed from the
+  communication buffer.
+
+  @param Buffer  The buffer start address to be checked.
+  @param Length  The buffer length to be checked.
+
+  @retval TRUE  This buffer is valid.
+  @retval FALSE This buffer is not valid.
+**/
+BOOLEAN
+Tcg2IsNonPrimaryBufferValid (
   IN EFI_PHYSICAL_ADDRESS  Buffer,
   IN UINT64                Length
   )