tyler.durden
/
audk
mirror of https://github.com/acidanthera/audk.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

MdeModulePkg: Variable: Update DBT PCR[7] measure 

Measure DBT into PCR[7] when it is updated between initial measure
if present and not empty. by following TCG PC Client PFP 00.49
Previous patch for PCR[7] DBT part is overrode.
dc9bd6ed28

Cc: Star Zeng <star.zeng@intel.com>
Cc: Yao Jiewen <jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>
This commit is contained in:
Zhang, Chao B 2017-03-03 13:59:57 +08:00
parent 400b0940c8
commit 588bb5ae52
1 changed files with 11 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
MdeModulePkg/Universal/Variable/RuntimeDxe/Measurement.c
View File

@ -242,8 +242,17 @@ SecureBootHook (
&VariableDataSize
);
if (EFI_ERROR (Status)) {
VariableData = NULL;
VariableDataSize = 0;
//
// Measure DBT only if present and not empty
//
if (StrCmp (VariableName, EFI_IMAGE_SECURITY_DATABASE2) == 0 &&
CompareGuid (VendorGuid, &gEfiImageSecurityDatabaseGuid)) {
DEBUG((DEBUG_INFO, "Skip measuring variable %s since it's deleted\n", EFI_IMAGE_SECURITY_DATABASE2));
return;
} else {
VariableData = NULL;
VariableDataSize = 0;
}
}
Status = MeasureVariable (