Skip to content

Commit

Permalink
Mask capability flags based on negotiated version
Browse files Browse the repository at this point in the history
Fix #2796.

Signed-off-by: Steven Bellock <[email protected]>
  • Loading branch information
steven-bellock authored and jyao1 committed Aug 16, 2024
1 parent c975e39 commit a3e5b99
Show file tree
Hide file tree
Showing 4 changed files with 59 additions and 29 deletions.
13 changes: 13 additions & 0 deletions include/internal/libspdm_common_lib.h
Original file line number Diff line number Diff line change
Expand Up @@ -1711,4 +1711,17 @@ static inline uint64_t libspdm_le_to_be_64(uint64_t value)
((value & 0xff00000000000000) >> 56));
}

/**
* Return capability flags that are masked by the negotiated SPDM version.
*
* @param spdm_context A pointer to the SPDM context.
* @param is_request_flags If true then flags are from a request message or Requester.
* If false then flags are from a response message or Responder.
* @param flags A bitmask of capability flags.
*
* @return The masked capability flags.
*/
uint32_t libspdm_mask_capability_flags(libspdm_context_t *spdm_context,
bool is_request_flags, uint32_t flags);

#endif /* SPDM_COMMON_LIB_INTERNAL_H */
35 changes: 35 additions & 0 deletions library/spdm_common_lib/libspdm_com_support.c
Original file line number Diff line number Diff line change
Expand Up @@ -331,3 +331,38 @@ bool libspdm_get_fips_mode(void)
return false;
#endif
}

uint32_t libspdm_mask_capability_flags(libspdm_context_t *spdm_context,
bool is_request_flags, uint32_t flags)
{
switch (libspdm_get_connection_version(spdm_context)) {
case SPDM_MESSAGE_VERSION_10:
if (is_request_flags) {
/* A 1.0 Requester does not have any capability flags. */
return 0;
} else {
return (flags & SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_10_MASK);
}
case SPDM_MESSAGE_VERSION_11:
if (is_request_flags) {
return (flags & SPDM_GET_CAPABILITIES_REQUEST_FLAGS_11_MASK);
} else {
return (flags & SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_11_MASK);
}
case SPDM_MESSAGE_VERSION_12:
if (is_request_flags) {
return (flags & SPDM_GET_CAPABILITIES_REQUEST_FLAGS_12_MASK);
} else {
return (flags & SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_12_MASK);
}
case SPDM_MESSAGE_VERSION_13:
if (is_request_flags) {
return (flags & SPDM_GET_CAPABILITIES_REQUEST_FLAGS_13_MASK);
} else {
return (flags & SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_13_MASK);
}
default:
LIBSPDM_ASSERT(false);
return 0;
}
}
20 changes: 5 additions & 15 deletions library/spdm_requester_lib/libspdm_req_get_capabilities.c
Original file line number Diff line number Diff line change
Expand Up @@ -247,7 +247,9 @@ static libspdm_return_t libspdm_try_get_capabilities(libspdm_context_t *spdm_con
spdm_request->header.param2 = 0;
if (spdm_request->header.spdm_version >= SPDM_MESSAGE_VERSION_11) {
spdm_request->ct_exponent = spdm_context->local_context.capability.ct_exponent;
spdm_request->flags = spdm_context->local_context.capability.flags;
spdm_request->flags =
libspdm_mask_capability_flags(spdm_context, true,
spdm_context->local_context.capability.flags);
}
if (spdm_request->header.spdm_version >= SPDM_MESSAGE_VERSION_12) {
spdm_request->data_transfer_size =
Expand Down Expand Up @@ -354,20 +356,8 @@ static libspdm_return_t libspdm_try_get_capabilities(libspdm_context_t *spdm_con
}

spdm_context->connection_info.capability.ct_exponent = spdm_response->ct_exponent;

if (spdm_response->header.spdm_version == SPDM_MESSAGE_VERSION_10) {
spdm_context->connection_info.capability.flags =
spdm_response->flags & SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_10_MASK;
} else if (spdm_response->header.spdm_version == SPDM_MESSAGE_VERSION_11) {
spdm_context->connection_info.capability.flags =
spdm_response->flags & SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_11_MASK;
} else if (spdm_response->header.spdm_version == SPDM_MESSAGE_VERSION_12) {
spdm_context->connection_info.capability.flags =
spdm_response->flags & SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_12_MASK;
} else {
spdm_context->connection_info.capability.flags =
spdm_response->flags & SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_13_MASK;
}
spdm_context->connection_info.capability.flags =
libspdm_mask_capability_flags(spdm_context, false, spdm_response->flags);

if (spdm_response->header.spdm_version >= SPDM_MESSAGE_VERSION_12) {
spdm_context->connection_info.capability.data_transfer_size =
Expand Down
20 changes: 6 additions & 14 deletions library/spdm_responder_lib/libspdm_rsp_capabilities.c
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
/**
* Copyright Notice:
* Copyright 2021-2022 DMTF. All rights reserved.
* Copyright 2021-2024 DMTF. All rights reserved.
* License: BSD 3-Clause License. For full text see link: https://github.com/DMTF/libspdm/blob/main/LICENSE.md
**/

Expand Down Expand Up @@ -247,7 +247,9 @@ libspdm_return_t libspdm_get_response_capabilities(libspdm_context_t *spdm_conte
spdm_response->header.param1 = 0;
spdm_response->header.param2 = 0;
spdm_response->ct_exponent = spdm_context->local_context.capability.ct_exponent;
spdm_response->flags = spdm_context->local_context.capability.flags;
spdm_response->flags =
libspdm_mask_capability_flags(spdm_context, false,
spdm_context->local_context.capability.flags);
if (spdm_request->header.spdm_version >= SPDM_MESSAGE_VERSION_12) {
spdm_response->data_transfer_size =
spdm_context->local_context.capability.data_transfer_size;
Expand Down Expand Up @@ -284,18 +286,8 @@ libspdm_return_t libspdm_get_response_capabilities(libspdm_context_t *spdm_conte
spdm_context->connection_info.capability.ct_exponent = 0;
}

if (spdm_response->header.spdm_version == SPDM_MESSAGE_VERSION_10) {
spdm_context->connection_info.capability.flags = 0;
} else if (spdm_response->header.spdm_version == SPDM_MESSAGE_VERSION_11) {
spdm_context->connection_info.capability.flags =
spdm_request->flags & SPDM_GET_CAPABILITIES_REQUEST_FLAGS_11_MASK;
} else if (spdm_response->header.spdm_version == SPDM_MESSAGE_VERSION_12) {
spdm_context->connection_info.capability.flags =
spdm_request->flags & SPDM_GET_CAPABILITIES_REQUEST_FLAGS_12_MASK;
} else {
spdm_context->connection_info.capability.flags =
spdm_request->flags & SPDM_GET_CAPABILITIES_REQUEST_FLAGS_13_MASK;
}
spdm_context->connection_info.capability.flags =
libspdm_mask_capability_flags(spdm_context, true, spdm_request->flags);

if (spdm_response->header.spdm_version >= SPDM_MESSAGE_VERSION_12) {
spdm_context->connection_info.capability.data_transfer_size =
Expand Down

0 comments on commit a3e5b99

Please sign in to comment.