From 832fbc6e32012fe29f1a6c67ddc90facb43ebeee Mon Sep 17 00:00:00 2001
From: Gerd Hoffmann <kraxel@redhat.com>
Date: Thu, 27 Apr 2023 00:24:04 +0800
Subject: SecurityPkg: add TIS sanity check (tpm2)

The code blindly assumes a TIS interface is present in case both CRB and
FIFO checks fail.  Check the InterfaceType for TIS instead and only
return Tpm2PtpInterfaceTis in case it matches, Tpm2PtpInterfaceMax
otherwise.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
---
 SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2Ptp.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

(limited to 'SecurityPkg')

diff --git a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2Ptp.c b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2Ptp.c
index 1f9ac5a..eac9f0e 100644
--- a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2Ptp.c
+++ b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2Ptp.c
@@ -464,7 +464,11 @@ Tpm2GetPtpInterface (
     return Tpm2PtpInterfaceFifo;
   }
 
-  return Tpm2PtpInterfaceTis;
+  if (InterfaceId.Bits.InterfaceType == PTP_INTERFACE_IDENTIFIER_INTERFACE_TYPE_TIS) {
+    return Tpm2PtpInterfaceTis;
+  }
+
+  return Tpm2PtpInterfaceMax;
 }
 
 /**
-- 
cgit v1.1