SecurityPkg/SecTpmMeasurementLib: Fix OverFlow Coverity issue

CC_MR_INDEX_0_MRTD indicates the MRTD register. This register is NOT extendable in TDVF. So the return value of TdxMeasurementMapPcrToMrIndex must be checked. Cc: Jiewen Yao <jiewen.yao@intel.com> Signed-off-by: Ceping Sun <cepingx.sun@intel.com>
author: Ceping Sun <cepingx.sun@intel.com> 2025-07-01 02:01:50 -0400
committer: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> 2025-07-02 07:41:33 +0000
commit: 7c40bc06a9d3da504c7046303c767d38fda3a1fe (patch)
tree: 1aeb706d71b31774dc1677ce70939823ae32f98a
parent: d49364779c53f0aba2fd445345c8999d548f6a90 (diff)
download: edk2-7c40bc06a9d3da504c7046303c767d38fda3a1fe.zip
edk2-7c40bc06a9d3da504c7046303c767d38fda3a1fe.tar.gz
edk2-7c40bc06a9d3da504c7046303c767d38fda3a1fe.tar.bz2
1 files changed, 2 insertions, 1 deletions
diff --git a/SecurityPkg/Library/SecTpmMeasurementLib/IntelTdx.c b/SecurityPkg/Library/SecTpmMeasurementLib/IntelTdx.c
index 95d69ed..08e1915 100644
--- a/SecurityPkg/Library/SecTpmMeasurementLib/IntelTdx.c
+++ b/SecurityPkg/Library/SecTpmMeasurementLib/IntelTdx.c
@@ -58,7 +58,8 @@ TdxHashLogExtendEvent (
   }
 
   MrIndex = TdxMeasurementMapPcrToMrIndex (PcrIndex);
-  if (MrIndex == CC_MR_INDEX_INVALID) {
+  // MRTD is NOT extendable in TDVF.
+  if ((MrIndex == CC_MR_INDEX_INVALID) || (MrIndex == CC_MR_INDEX_0_MRTD)) {
     return EFI_INVALID_PARAMETER;
   }
author	Ceping Sun <cepingx.sun@intel.com>	2025-07-01 02:01:50 -0400
committer	mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>	2025-07-02 07:41:33 +0000
commit	7c40bc06a9d3da504c7046303c767d38fda3a1fe (patch)
tree	1aeb706d71b31774dc1677ce70939823ae32f98a
parent	d49364779c53f0aba2fd445345c8999d548f6a90 (diff)
download	edk2-7c40bc06a9d3da504c7046303c767d38fda3a1fe.zip edk2-7c40bc06a9d3da504c7046303c767d38fda3a1fe.tar.gz edk2-7c40bc06a9d3da504c7046303c767d38fda3a1fe.tar.bz2