From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <star.zeng@intel.com>
Received: from mga03.intel.com (mga03.intel.com [134.134.136.65])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by ml01.01.org (Postfix) with ESMTPS id 7FEA4821ED
 for <edk2-devel@lists.01.org>; Fri,  3 Mar 2017 06:11:32 -0800 (PST)
Received: from fmsmga004.fm.intel.com ([10.253.24.48])
 by orsmga103.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384;
 03 Mar 2017 06:11:32 -0800
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.35,237,1484035200"; d="scan'208";a="231905497"
Received: from fmsmsx106.amr.corp.intel.com ([10.18.124.204])
 by fmsmga004.fm.intel.com with ESMTP; 03 Mar 2017 06:11:31 -0800
Received: from fmsmsx116.amr.corp.intel.com (10.18.116.20) by
 FMSMSX106.amr.corp.intel.com (10.18.124.204) with Microsoft SMTP Server (TLS)
 id 14.3.248.2; Fri, 3 Mar 2017 06:11:31 -0800
Received: from shsmsx104.ccr.corp.intel.com (10.239.4.70) by
 fmsmsx116.amr.corp.intel.com (10.18.116.20) with Microsoft SMTP Server (TLS)
 id 14.3.248.2; Fri, 3 Mar 2017 06:11:31 -0800
Received: from shsmsx102.ccr.corp.intel.com ([169.254.2.88]) by
 SHSMSX104.ccr.corp.intel.com ([10.239.4.70]) with mapi id 14.03.0248.002;
 Fri, 3 Mar 2017 22:11:29 +0800
From: "Zeng, Star" <star.zeng@intel.com>
To: "Zhang, Chao B" <chao.b.zhang@intel.com>, "edk2-devel@lists.01.org"
 <edk2-devel@lists.01.org>
CC: "Yao, Jiewen" <jiewen.yao@intel.com>, "Zeng, Star" <star.zeng@intel.com>
Thread-Topic: [PATCH 2/2] MdeModulePkg: Variable: Update DBT PCR[7] measure
Thread-Index: AQHSk/mYlBoEW4Rjkku1+qxoaa9OdqGDKAQQ
Date: Fri, 3 Mar 2017 14:11:28 +0000
Message-ID: <0C09AFA07DD0434D9E2A0C6AEB0483103B82EB67@shsmsx102.ccr.corp.intel.com>
References: <20170303083836.37112-1-chao.b.zhang@intel.com>
 <20170303083836.37112-2-chao.b.zhang@intel.com>
In-Reply-To: <20170303083836.37112-2-chao.b.zhang@intel.com>
Accept-Language: zh-CN, en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-originating-ip: [10.239.127.40]
MIME-Version: 1.0
Subject: Re: [PATCH 2/2] MdeModulePkg: Variable: Update DBT PCR[7] measure
X-BeenThere: edk2-devel@lists.01.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: EDK II Development  <edk2-devel.lists.01.org>
List-Unsubscribe: <https://lists.01.org/mailman/options/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=unsubscribe>
List-Archive: <http://lists.01.org/pipermail/edk2-devel/>
List-Post: <mailto:edk2-devel@lists.01.org>
List-Help: <mailto:edk2-devel-request@lists.01.org?subject=help>
List-Subscribe: <https://lists.01.org/mailman/listinfo/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=subscribe>
X-List-Received-Date: Fri, 03 Mar 2017 14:11:32 -0000
Content-Language: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

Reviewed-by: Star Zeng <star.zeng@intel.com>

-----Original Message-----
From: Zhang, Chao B=20
Sent: Friday, March 3, 2017 4:39 PM
To: edk2-devel@lists.01.org
Cc: Zeng, Star <star.zeng@intel.com>; Yao, Jiewen <jiewen.yao@intel.com>; Z=
hang, Chao B <chao.b.zhang@intel.com>
Subject: [PATCH 2/2] MdeModulePkg: Variable: Update DBT PCR[7] measure

Measure DBT into PCR[7] when it is updated between initial measure if prese=
nt and not empty. by following TCG PC Client PFP 00.49 Previous patch for P=
CR[7] DBT part is overrode.
dc9bd6ed281fcba5358f3004632bdbda968be1e5

Cc: Star Zeng <star.zeng@intel.com>
Cc: Yao Jiewen <jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
---
 MdeModulePkg/Universal/Variable/RuntimeDxe/Measurement.c | 13 +++++++++++-=
-
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/Measurement.c b/Mde=
ModulePkg/Universal/Variable/RuntimeDxe/Measurement.c
index 0f1cb18..936b5b0 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/Measurement.c
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/Measurement.c
@@ -242,8 +242,17 @@ SecureBootHook (
              &VariableDataSize
              );
   if (EFI_ERROR (Status)) {
-    VariableData     =3D NULL;
-    VariableDataSize =3D 0;
+    //
+    // Measure DBT only if present and not empty
+    //
+    if (StrCmp (VariableName, EFI_IMAGE_SECURITY_DATABASE2) =3D=3D 0 &&
+        CompareGuid (VendorGuid, &gEfiImageSecurityDatabaseGuid)) {
+      DEBUG((DEBUG_INFO, "Skip measuring variable %s since it's deleted\n"=
, EFI_IMAGE_SECURITY_DATABASE2));
+      return;
+    } else {
+      VariableData     =3D NULL;
+      VariableDataSize =3D 0;
+    }
   }
=20
   Status =3D MeasureVariable (
--
1.9.5.msysgit.1