MdeModulePkg: Variable: Update DBT PCR[7] measure
[mirror_edk2.git] / MdeModulePkg / Universal / Variable / RuntimeDxe / Measurement.c
index 0f1cb18bac95bf04c7944ee47e8f4f2d1b266405..936b5b00a3f3bc05409f7b25aa492e739b0a5b5e 100644 (file)
@@ -242,8 +242,17 @@ SecureBootHook (
              &VariableDataSize\r
              );\r
   if (EFI_ERROR (Status)) {\r
-    VariableData     = NULL;\r
-    VariableDataSize = 0;\r
+    //\r
+    // Measure DBT only if present and not empty\r
+    //\r
+    if (StrCmp (VariableName, EFI_IMAGE_SECURITY_DATABASE2) == 0 &&\r
+        CompareGuid (VendorGuid, &gEfiImageSecurityDatabaseGuid)) {\r
+      DEBUG((DEBUG_INFO, "Skip measuring variable %s since it's deleted\n", EFI_IMAGE_SECURITY_DATABASE2));\r
+      return;\r
+    } else {\r
+      VariableData     = NULL;\r
+      VariableDataSize = 0;\r
+    }\r
   }\r
 \r
   Status = MeasureVariable (\r