SecurityPkg: add TIS sanity check (tpm12)

The code blindly assumes a TIS interface is present in case both CRB and
FIFO checks fail.  Check the InterfaceType for TIS instead and only
return PtpInterfaceTis in case it matches, PtpInterfaceMax otherwise.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>

diff --git a/SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12Tis.c b/SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12Tis.c
index 51f43591287af64a27b39490492d2c4b56e722e2..d2b79a2740845db3fe09b18f6c8972e785ba6611 100644 (file)
--- a/SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12Tis.c
+++ b/SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12Tis.c
@@ -91,7 +91,11 @@ Tpm12GetPtpInterface (
     return PtpInterfaceFifo;\r
   }\r
 \r
-  return PtpInterfaceTis;\r
+  if (InterfaceId.Bits.InterfaceType == PTP_INTERFACE_IDENTIFIER_INTERFACE_TYPE_TIS) {\r
+    return PtpInterfaceTis;\r
+  }\r
+\r
+  return PtpInterfaceMax;\r
 }\r
 \r
 /**\r