From d6b42ed7ed1b0c4584097f0d76798cff74c96379 Mon Sep 17 00:00:00 2001
From: Gerd Hoffmann <kraxel@redhat.com>
Date: Thu, 27 Apr 2023 00:24:05 +0800
Subject: SecurityPkg: add TIS sanity check (tpm12)

The code blindly assumes a TIS interface is present in case both CRB and
FIFO checks fail.  Check the InterfaceType for TIS instead and only
return PtpInterfaceTis in case it matches, PtpInterfaceMax otherwise.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
---
 SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12Tis.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12Tis.c b/SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12Tis.c
index 51f4359128..d2b79a2740 100644
--- a/SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12Tis.c
+++ b/SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12Tis.c
@@ -91,7 +91,11 @@ Tpm12GetPtpInterface (
     return PtpInterfaceFifo;
   }
 
-  return PtpInterfaceTis;
+  if (InterfaceId.Bits.InterfaceType == PTP_INTERFACE_IDENTIFIER_INTERFACE_TYPE_TIS) {
+    return PtpInterfaceTis;
+  }
+
+  return PtpInterfaceMax;
 }
 
 /**
-- 
cgit v1.2.3