From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mga03.intel.com (mga03.intel.com [134.134.136.65]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id E0EAC21D492CA for ; Thu, 14 Sep 2017 04:26:12 -0700 (PDT) Received: from fmsmga005.fm.intel.com ([10.253.24.32]) by orsmga103.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 14 Sep 2017 04:29:11 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.42,392,1500966000"; d="scan'208";a="151255071" Received: from shwdeopenpsi068.ccr.corp.intel.com ([10.239.9.31]) by fmsmga005.fm.intel.com with ESMTP; 14 Sep 2017 04:29:10 -0700 From: Star Zeng To: edk2-devel@lists.01.org Cc: Star Zeng , Jiewen Yao , Chasel Chiu Date: Thu, 14 Sep 2017 19:29:07 +0800 Message-Id: <1505388547-5292-1-git-send-email-star.zeng@intel.com> X-Mailer: git-send-email 2.7.0.windows.1 Subject: [PATCH] MdeModulePkg SmbiosMeasurementDxe: Skip measurement for OEM type X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 14 Sep 2017 11:26:13 -0000 The generic driver has no way to know whether an OEM type should be filtered or not. This patch is to update the code to skip measurement for OEM type and platform code can measure it by self if required. Cc: Jiewen Yao Cc: Chasel Chiu Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Star Zeng --- .../SmbiosMeasurementDxe/SmbiosMeasurementDxe.c | 54 +++++++++++++--------- .../SmbiosMeasurementDxe/SmbiosMeasurementDxe.inf | 5 +- 2 files changed, 34 insertions(+), 25 deletions(-) diff --git a/MdeModulePkg/Universal/SmbiosMeasurementDxe/SmbiosMeasurementDxe.c b/MdeModulePkg/Universal/SmbiosMeasurementDxe/SmbiosMeasurementDxe.c index bc5e7464e133..4a3e99aefd0f 100644 --- a/MdeModulePkg/Universal/SmbiosMeasurementDxe/SmbiosMeasurementDxe.c +++ b/MdeModulePkg/Universal/SmbiosMeasurementDxe/SmbiosMeasurementDxe.c @@ -1,7 +1,7 @@ /** @file This driver measures SMBIOS table to TPM. -Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.
+Copyright (c) 2015 - 2017, Intel Corporation. All rights reserved.
This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at @@ -277,30 +277,38 @@ FilterSmbiosEntry ( DEBUG ((EFI_D_INFO, "Smbios Table (Type - %d):\n", ((SMBIOS_STRUCTURE *)TableEntry)->Type)); DEBUG_CODE (InternalDumpHex (TableEntry, TableEntrySize);); - FilterStruct = GetFilterStructByType (((SMBIOS_STRUCTURE *)TableEntry)->Type); - if (FilterStruct != NULL) { - if (FilterStruct->Filter == NULL || FilterStruct->FilterCount == 0) { - // zero all table entries, except header - ZeroMem ((UINT8 *)TableEntry + sizeof(SMBIOS_STRUCTURE), TableEntrySize - sizeof(SMBIOS_STRUCTURE)); - } else { - Filter = FilterStruct->Filter; - for (Index = 0; Index < FilterStruct->FilterCount; Index++) { - if (((SMBIOS_STRUCTURE *) TableEntry)->Length >= (Filter[Index].Offset + Filter[Index].Size)) { - // - // The field is present in the SMBIOS entry. - // - if ((Filter[Index].Flags & SMBIOS_FILTER_TABLE_FLAG_IS_STRING) != 0) { - CopyMem (&StringId, (UINT8 *)TableEntry + Filter[Index].Offset, sizeof(StringId)); - if (StringId != 0) { - // set ' ' for string field - String = GetSmbiosStringById (TableEntry, StringId, &StringLen); - ASSERT (String != NULL); - //DEBUG ((EFI_D_INFO,"StrId(0x%x)-%a(%d)\n", StringId, String, StringLen)); - SetMem (String, StringLen, ' '); + // + // Skip measurement for OEM types. + // + if (((SMBIOS_STRUCTURE *)TableEntry)->Type >= SMBIOS_OEM_BEGIN) { + // zero all table fields, except header + ZeroMem ((UINT8 *)TableEntry + sizeof(SMBIOS_STRUCTURE), TableEntrySize - sizeof(SMBIOS_STRUCTURE)); + } else { + FilterStruct = GetFilterStructByType (((SMBIOS_STRUCTURE *)TableEntry)->Type); + if (FilterStruct != NULL) { + if (FilterStruct->Filter == NULL || FilterStruct->FilterCount == 0) { + // zero all table fields, except header + ZeroMem ((UINT8 *)TableEntry + sizeof(SMBIOS_STRUCTURE), TableEntrySize - sizeof(SMBIOS_STRUCTURE)); + } else { + Filter = FilterStruct->Filter; + for (Index = 0; Index < FilterStruct->FilterCount; Index++) { + if (((SMBIOS_STRUCTURE *) TableEntry)->Length >= (Filter[Index].Offset + Filter[Index].Size)) { + // + // The field is present in the SMBIOS entry. + // + if ((Filter[Index].Flags & SMBIOS_FILTER_TABLE_FLAG_IS_STRING) != 0) { + CopyMem (&StringId, (UINT8 *)TableEntry + Filter[Index].Offset, sizeof(StringId)); + if (StringId != 0) { + // set ' ' for string field + String = GetSmbiosStringById (TableEntry, StringId, &StringLen); + ASSERT (String != NULL); + //DEBUG ((EFI_D_INFO,"StrId(0x%x)-%a(%d)\n", StringId, String, StringLen)); + SetMem (String, StringLen, ' '); + } } + // zero non-string field + ZeroMem ((UINT8 *)TableEntry + Filter[Index].Offset, Filter[Index].Size); } - // zero non-string field - ZeroMem ((UINT8 *)TableEntry + Filter[Index].Offset, Filter[Index].Size); } } } diff --git a/MdeModulePkg/Universal/SmbiosMeasurementDxe/SmbiosMeasurementDxe.inf b/MdeModulePkg/Universal/SmbiosMeasurementDxe/SmbiosMeasurementDxe.inf index c5a779cca7fe..5d3aa67f7c8b 100644 --- a/MdeModulePkg/Universal/SmbiosMeasurementDxe/SmbiosMeasurementDxe.inf +++ b/MdeModulePkg/Universal/SmbiosMeasurementDxe/SmbiosMeasurementDxe.inf @@ -7,10 +7,11 @@ # such as clock registers, and system unique information, such as # asset numbers or serial numbers, MUST NOT be measured into PCR [1], # or any other PCR. -# +# The OEM types are skipped and platform code can measure them by self if required. +# # A platform may use its own policy to filter some fields in SMBIOS table. # -# Copyright (c) 2015, Intel Corporation. All rights reserved.
+# Copyright (c) 2015 - 2017, Intel Corporation. All rights reserved.
# # This program and the accompanying materials # are licensed and made available under the terms and conditions of the BSD License -- 2.7.0.windows.1