ExternalVendorCode/HIRS
1
0
Fork 0
mirror of https://github.com/nsacyber/HIRS.git synced 2025-01-18 02:39:56 +00:00
Code Issues Actions 6 Packages Projects Releases Wiki Activity

Updated the ignore OS events check with the last rule for #404

Browse Source
This commit is contained in:
Cyrus 2021-11-01 09:35:36 -04:00
parent fe617ea948
commit e82de12341
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
HIRS_Utils/src/main/java/hirs/data/persist/PCRPolicy.java
View File

@ -44,6 +44,7 @@ public final class PCRPolicy extends Policy {
private static final String EVT_EFI_BOOT = "EV_EFI_BOOT_SERVICES_APPLICATION";
private static final String EVT_EFI_VAR = "EV_EFI_VARIABLE_BOOT";
private static final String EVT_EFI_GPT = "EV_EFI_GPT_EVENT";
private static final String EVT_EFI_CFG = "EV_EFI_VARIABLE_DRIVER_CONFIG";
@Column(nullable = false)
private boolean enableIgnoreIma = false;
@ -142,8 +143,10 @@ public final class PCRPolicy extends Policy {
if (enableIgnoreOsEvt && (tpe.getEventTypeStr().contains(EVT_EFI_BOOT)
|| tpe.getEventTypeStr().contains(EVT_EFI_GPT)
|| tpe.getEventTypeStr().contains(EVT_EFI_VAR))) {
// need to also look at #3
LOGGER.info(String.format("OS Evt Ignored -> %s", tpe));
} else if (enableIgnoreOsEvt && (tpe.getEventTypeStr().contains(EVT_EFI_CFG)
&& tpe.getEventContentStr().contains("SecureBoot"))) {
LOGGER.info(String.format("OS Evt Config Ignored -> %s", tpe));
} else {
if (!eventValueMap.containsKey(tpe.getEventDigestStr())) {
tpmPcrEvents.add(tpe);