From b7d0ab73d23d367143aa40a293c6930fc19aeff2 Mon Sep 17 00:00:00 2001
From: Shrikant Temburwar <shrikant.temburwar@intel.com>
Date: Wed, 8 Nov 2023 00:39:58 +0530
Subject: [PATCH 1/3] Add support to get device serial from system BIOS table

Added support to get device serial from system BIOS table.
linux-client required elevated privileges. Use 'sudo' to execute.

Signed-off-by: Shrikant Temburwar <shrikant.temburwar@intel.com>
---
 lib/include/util.h |  3 +++
 lib/m-string.c     | 67 ++++++++++++++++++++++++++++++++++++++--------
 storage/util.c     | 57 +++++++++++++++++++++++++++++++++++++++
 3 files changed, 116 insertions(+), 11 deletions(-)

diff --git a/lib/include/util.h b/lib/include/util.h
index 0dbc1cd8..2f7bdb52 100644
--- a/lib/include/util.h
+++ b/lib/include/util.h
@@ -158,6 +158,9 @@ char *strdup_s(const char *str);
 /* Print timestamp */
 int print_timestamp(void);
 
+/* Get device serial number */
+int get_device_serial(char *str);
+
 #ifdef __cplusplus
 }
 #endif
diff --git a/lib/m-string.c b/lib/m-string.c
index 2c1a948c..d089bf4e 100644
--- a/lib/m-string.c
+++ b/lib/m-string.c
@@ -68,6 +68,14 @@ static int read_fill_modelserial(void)
 	uint8_t def_serial_sz = 0;
 	uint8_t def_model_sz = 0;
 	size_t fsize = 0;
+	int strcmp_res = -1;
+	char temp_device_serial[MAX_DEV_SERIAL_SZ];
+	uint8_t temp_serial_sz = 0;
+
+	if (memset_s(temp_device_serial, sizeof(temp_device_serial), 0) != 0) {
+		LOG(LOG_ERROR, "Memset() failed!\n");
+		goto err;
+	}
 
 	fsize = fdo_blob_size((const char *)SERIAL_FILE, FDO_SDK_RAW_DATA);
 	if ((fsize > 0) && (fsize <= MAX_DEV_SERIAL_SZ)) {
@@ -82,24 +90,61 @@ static int read_fill_modelserial(void)
 		if (fsize > MAX_DEV_SERIAL_SZ) {
 			LOG(LOG_INFO, "Serialno exceeds 255 characters. "
 				      "Defaulting it to 'abcdef'\n");
-		} else {
+		} else if (!fsize) {
 			LOG(LOG_INFO, "No serialno file present!\n");
 		}
 
-		def_serial_sz = strnlen_s(DEF_SERIAL_NO, MAX_DEV_SERIAL_SZ);
-		if (!def_serial_sz || def_serial_sz == MAX_DEV_SERIAL_SZ) {
-			LOG(LOG_ERROR, "Default serial number string isn't "
-				       "NULL terminated\n");
-			goto err;
+		ret = get_device_serial(temp_device_serial);
+		if (ret) {
+			LOG(LOG_ERROR, "Failed to get serial no. "
+				       "Defaulting it to 'abcdef'\n");
 		}
 
-		ret = strncpy_s(device_serial, MAX_DEV_SERIAL_SZ, DEF_SERIAL_NO,
-				def_serial_sz);
-		if (ret) {
-			LOG(LOG_ERROR, "Failed to get serial no\n");
-			goto err;
+		if (ret ||
+		    (!strcmp_s((char *)temp_device_serial, MAX_DEV_SERIAL_SZ,
+			       "Not Specified\n", &strcmp_res) &&
+		     !strcmp_res)) {
+			def_serial_sz =
+			    strnlen_s(DEF_SERIAL_NO, MAX_DEV_SERIAL_SZ);
+			if (!def_serial_sz ||
+			    def_serial_sz == MAX_DEV_SERIAL_SZ) {
+				LOG(LOG_ERROR,
+				    "Default serial number string isn't "
+				    "NULL terminated\n");
+				goto err;
+			}
+
+			ret = strncpy_s(device_serial, MAX_DEV_SERIAL_SZ,
+					DEF_SERIAL_NO, def_serial_sz);
+			if (ret) {
+				LOG(LOG_ERROR, "Failed to get serial no\n");
+				goto err;
+			}
+		} else {
+			temp_serial_sz =
+			    strnlen_s(temp_device_serial, MAX_DEV_SERIAL_SZ);
+			if (!temp_serial_sz ||
+			    temp_serial_sz == MAX_DEV_SERIAL_SZ) {
+				LOG(LOG_ERROR,
+				    "Default serial number string isn't "
+				    "NULL terminated\n");
+				goto err;
+			}
+
+			if (*temp_device_serial &&
+			    temp_device_serial[temp_serial_sz - 1] == '\n') {
+				temp_device_serial[temp_serial_sz - 1] = '\0';
+			}
+
+			ret = strncpy_s(device_serial, MAX_DEV_SERIAL_SZ,
+					temp_device_serial, temp_serial_sz);
+			if (ret) {
+				LOG(LOG_ERROR, "Failed to copy serial no!\n");
+				goto err;
+			}
 		}
 	}
+	LOG(LOG_DEBUG, "Device serial = %s\n", device_serial);
 
 	fsize = fdo_blob_size((const char *)MODEL_FILE, FDO_SDK_RAW_DATA);
 	if ((fsize > 0) && (fsize <= MAX_MODEL_NO_SZ)) {
diff --git a/storage/util.c b/storage/util.c
index 2b79b18a..f84f0cba 100644
--- a/storage/util.c
+++ b/storage/util.c
@@ -20,6 +20,10 @@
 #include "freertos/task.h"
 #endif
 
+#ifndef MAX_DEV_SERIAL_SZ
+#define MAX_DEV_SERIAL_SZ 255
+#endif
+
 bool file_exists(char const *filename)
 {
 	FILE *fp = NULL;
@@ -317,3 +321,56 @@ int print_timestamp(void)
 #endif
 	return 0;
 }
+
+// Get device serial number
+int get_device_serial(char *serial_buff)
+{
+	FILE *fp;
+	char *cmd = "dmidecode -s system-serial-number";
+	int out_sz;
+	char out[MAX_DEV_SERIAL_SZ];
+	int results_sz = 0;
+	int ret = -1;
+	char *results = (char *)malloc(MAX_DEV_SERIAL_SZ * sizeof(char));
+
+	if (cmd != NULL) {
+		/* Open the command for reading. */
+		fp = popen(cmd, "r");
+		if (fp != NULL) {
+
+			/* Read the output a line at a time - output it. */
+			while (fgets(out, out_sz = sizeof(out), fp) != NULL) {
+				if (strcat_s(results, MAX_DEV_SERIAL_SZ, out) !=
+				    0) {
+					LOG(LOG_ERROR, "Strcat() failed!\n");
+					goto end;
+				}
+			}
+
+			results_sz = strnlen_s(results, MAX_DEV_SERIAL_SZ);
+			if (!results_sz) {
+				goto end;
+			}
+
+			if (memcpy_s(serial_buff, results_sz, results,
+				     results_sz)) {
+				LOG(LOG_ERROR,
+				    "Failed to copy device serial contents\n");
+				goto end;
+			}
+		} else {
+			goto end;
+		}
+		ret = 0;
+	}
+end:
+	/* close */
+	if (fp) {
+		pclose(fp);
+	}
+	if (results) {
+		free(results);
+		results = NULL;
+	}
+	return ret;
+}

From f40c225a59650a514e320491ea30e4b99f1f3082 Mon Sep 17 00:00:00 2001
From: Shrikant Temburwar <shrikant.temburwar@intel.com>
Date: Fri, 10 Nov 2023 17:57:26 +0530
Subject: [PATCH 2/3] Add compile time option to get device serial number from
 system BIOS table

Signed-off-by: Shrikant Temburwar <shrikant.temburwar@intel.com>
---
 cmake/cli_input.cmake |  28 ++++++++++++
 cmake/extension.cmake |   4 ++
 lib/include/util.h    |   2 +
 lib/m-string.c        | 104 +++++++++++++++++++++++-------------------
 storage/util.c        |   2 +
 5 files changed, 93 insertions(+), 47 deletions(-)

diff --git a/cmake/cli_input.cmake b/cmake/cli_input.cmake
index fd79f0c5..181e86e5 100644
--- a/cmake/cli_input.cmake
+++ b/cmake/cli_input.cmake
@@ -30,6 +30,7 @@ set (TPM2_TCTI_TYPE tabrmd)
 set (RESALE true)
 set (REUSE true)
 set (MTLS false)
+set (GET_DEV_SERIAL false)
 
 #for CSE
 set (CSE_SHUTDOWN true)
@@ -855,3 +856,30 @@ endif()
 set(CACHED_MTLS ${MTLS} CACHE STRING "Selected MTLS")
 message("Selected MTLS ${MTLS}")
 ###########################################
+# FOR GET_DEV_SERIAL
+get_property(cached_get_dev_serial_value CACHE GET_DEV_SERIAL PROPERTY VALUE)
+
+set(get_dev_serial_cli_arg ${cached_get_dev_serial_value})
+if(get_dev_serial_cli_arg STREQUAL CACHED_GET_DEV_SERIAL)
+  unset(get_dev_serial_cli_arg)
+endif()
+
+set(get_dev_serial_app_cmake_lists ${GET_DEV_SERIAL})
+if(cached_get_dev_serial_value STREQUAL GET_DEV_SERIAL)
+  unset(get_dev_serial_app_cmake_lists)
+endif()
+
+if(DEFINED CACHED_GET_DEV_SERIAL)
+  if ((DEFINED get_dev_serial_cli_arg) AND (NOT(CACHED_GET_DEV_SERIAL STREQUAL get_dev_serial_cli_arg)))
+    message(WARNING "Need to do make pristine before cmake args can change.")
+  endif()
+  set(GET_DEV_SERIAL ${CACHED_GET_DEV_SERIAL})
+elseif(DEFINED get_dev_serial_cli_arg)
+  set(GET_DEV_SERIAL ${get_dev_serial_cli_arg})
+elseif(DEFINED get_dev_serial_app_cmake_lists)
+  set(GET_DEV_SERIAL ${get_dev_serial_app_cmake_lists})
+endif()
+
+set(CACHED_GET_DEV_SERIAL ${GET_DEV_SERIAL} CACHE STRING "Selected GET_DEV_SERIAL")
+message("Selected GET_DEV_SERIAL ${GET_DEV_SERIAL}")
+###########################################
diff --git a/cmake/extension.cmake b/cmake/extension.cmake
index a5cc5e32..152715b5 100644
--- a/cmake/extension.cmake
+++ b/cmake/extension.cmake
@@ -275,4 +275,8 @@ endif()
 if(${MTLS} STREQUAL true)
   client_sdk_compile_definitions(-DMTLS)
 endif()
+
+if(${GET_DEV_SERIAL} STREQUAL true)
+  client_sdk_compile_definitions(-DGET_DEV_SERIAL)
+endif()
 ############################################################
diff --git a/lib/include/util.h b/lib/include/util.h
index 2f7bdb52..2d2efc63 100644
--- a/lib/include/util.h
+++ b/lib/include/util.h
@@ -158,8 +158,10 @@ char *strdup_s(const char *str);
 /* Print timestamp */
 int print_timestamp(void);
 
+#if defined(GET_DEV_SERIAL)
 /* Get device serial number */
 int get_device_serial(char *str);
+#endif
 
 #ifdef __cplusplus
 }
diff --git a/lib/m-string.c b/lib/m-string.c
index d089bf4e..4a62fb5e 100644
--- a/lib/m-string.c
+++ b/lib/m-string.c
@@ -68,6 +68,8 @@ static int read_fill_modelserial(void)
 	uint8_t def_serial_sz = 0;
 	uint8_t def_model_sz = 0;
 	size_t fsize = 0;
+
+#if defined(GET_DEV_SERIAL)
 	int strcmp_res = -1;
 	char temp_device_serial[MAX_DEV_SERIAL_SZ];
 	uint8_t temp_serial_sz = 0;
@@ -77,12 +79,55 @@ static int read_fill_modelserial(void)
 		goto err;
 	}
 
+	ret = get_device_serial(temp_device_serial);
+	if (ret) {
+		LOG(LOG_ERROR, "Failed to get serial no.\n");
+	}
+
+	if (ret || (!strcmp_s((char *)temp_device_serial, MAX_DEV_SERIAL_SZ,
+			      "Not Specified\n", &strcmp_res) &&
+		    !strcmp_res)) {
+		LOG(LOG_DEBUG, "Defaulting serial num to 'abcdef'\n");
+		def_serial_sz = strnlen_s(DEF_SERIAL_NO, MAX_DEV_SERIAL_SZ);
+		if (!def_serial_sz || def_serial_sz == MAX_DEV_SERIAL_SZ) {
+			LOG(LOG_ERROR, "Default serial number string isn't "
+				       "NULL terminated\n");
+			goto err;
+		}
+
+		ret = strncpy_s(device_serial, MAX_DEV_SERIAL_SZ, DEF_SERIAL_NO,
+				def_serial_sz);
+		if (ret) {
+			LOG(LOG_ERROR, "Failed to copy serial no!\n");
+			goto err;
+		}
+	} else {
+		temp_serial_sz =
+		    strnlen_s(temp_device_serial, MAX_DEV_SERIAL_SZ);
+		if (!temp_serial_sz || temp_serial_sz == MAX_DEV_SERIAL_SZ) {
+			LOG(LOG_ERROR, "Default serial number string isn't "
+				       "NULL terminated\n");
+			goto err;
+		}
+
+		if (*temp_device_serial &&
+		    temp_device_serial[temp_serial_sz - 1] == '\n') {
+			temp_device_serial[temp_serial_sz - 1] = '\0';
+		}
+
+		ret = strncpy_s(device_serial, MAX_DEV_SERIAL_SZ,
+				temp_device_serial, temp_serial_sz);
+		if (ret) {
+			LOG(LOG_ERROR, "Failed to copy serial no!\n");
+			goto err;
+		}
+	}
+#else
 	fsize = fdo_blob_size((const char *)SERIAL_FILE, FDO_SDK_RAW_DATA);
 	if ((fsize > 0) && (fsize <= MAX_DEV_SERIAL_SZ)) {
 
 		if (fdo_blob_read((const char *)SERIAL_FILE, FDO_SDK_RAW_DATA,
 				  (uint8_t *)device_serial, fsize) <= 0) {
-
 			LOG(LOG_ERROR, "Failed to get serial no\n");
 			goto err;
 		}
@@ -94,56 +139,21 @@ static int read_fill_modelserial(void)
 			LOG(LOG_INFO, "No serialno file present!\n");
 		}
 
-		ret = get_device_serial(temp_device_serial);
-		if (ret) {
-			LOG(LOG_ERROR, "Failed to get serial no. "
-				       "Defaulting it to 'abcdef'\n");
+		def_serial_sz = strnlen_s(DEF_SERIAL_NO, MAX_DEV_SERIAL_SZ);
+		if (!def_serial_sz || def_serial_sz == MAX_DEV_SERIAL_SZ) {
+			LOG(LOG_ERROR, "Default serial number string isn't "
+				       "NULL terminated\n");
+			goto err;
 		}
 
-		if (ret ||
-		    (!strcmp_s((char *)temp_device_serial, MAX_DEV_SERIAL_SZ,
-			       "Not Specified\n", &strcmp_res) &&
-		     !strcmp_res)) {
-			def_serial_sz =
-			    strnlen_s(DEF_SERIAL_NO, MAX_DEV_SERIAL_SZ);
-			if (!def_serial_sz ||
-			    def_serial_sz == MAX_DEV_SERIAL_SZ) {
-				LOG(LOG_ERROR,
-				    "Default serial number string isn't "
-				    "NULL terminated\n");
-				goto err;
-			}
-
-			ret = strncpy_s(device_serial, MAX_DEV_SERIAL_SZ,
-					DEF_SERIAL_NO, def_serial_sz);
-			if (ret) {
-				LOG(LOG_ERROR, "Failed to get serial no\n");
-				goto err;
-			}
-		} else {
-			temp_serial_sz =
-			    strnlen_s(temp_device_serial, MAX_DEV_SERIAL_SZ);
-			if (!temp_serial_sz ||
-			    temp_serial_sz == MAX_DEV_SERIAL_SZ) {
-				LOG(LOG_ERROR,
-				    "Default serial number string isn't "
-				    "NULL terminated\n");
-				goto err;
-			}
-
-			if (*temp_device_serial &&
-			    temp_device_serial[temp_serial_sz - 1] == '\n') {
-				temp_device_serial[temp_serial_sz - 1] = '\0';
-			}
-
-			ret = strncpy_s(device_serial, MAX_DEV_SERIAL_SZ,
-					temp_device_serial, temp_serial_sz);
-			if (ret) {
-				LOG(LOG_ERROR, "Failed to copy serial no!\n");
-				goto err;
-			}
+		ret = strncpy_s(device_serial, MAX_DEV_SERIAL_SZ, DEF_SERIAL_NO,
+				def_serial_sz);
+		if (ret) {
+			LOG(LOG_ERROR, "Failed to get serial no\n");
+			goto err;
 		}
 	}
+#endif
 	LOG(LOG_DEBUG, "Device serial = %s\n", device_serial);
 
 	fsize = fdo_blob_size((const char *)MODEL_FILE, FDO_SDK_RAW_DATA);
diff --git a/storage/util.c b/storage/util.c
index f84f0cba..942f1c1a 100644
--- a/storage/util.c
+++ b/storage/util.c
@@ -322,6 +322,7 @@ int print_timestamp(void)
 	return 0;
 }
 
+#if defined(GET_DEV_SERIAL)
 // Get device serial number
 int get_device_serial(char *serial_buff)
 {
@@ -374,3 +375,4 @@ int get_device_serial(char *serial_buff)
 	}
 	return ret;
 }
+#endif
\ No newline at end of file

From fd0ac5eab2b77536d551c04b12f908a78bf4a6be Mon Sep 17 00:00:00 2001
From: Shrikant Temburwar <shrikant.temburwar@intel.com>
Date: Fri, 10 Nov 2023 18:15:18 +0530
Subject: [PATCH 3/3] Update build_conf.md

Signed-off-by: Shrikant Temburwar <shrikant.temburwar@intel.com>
---
 docs/build_conf.md | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/docs/build_conf.md b/docs/build_conf.md
index 686d4b96..49c2e368 100644
--- a/docs/build_conf.md
+++ b/docs/build_conf.md
@@ -89,7 +89,7 @@ server name in that list for SNI enablement to work as expected.
 ```
 Option to enable/disable mTLS connection:
 MTLS=true 	# mTLS connection enabled
-MTLS=false 	# mTLS connection disabled (default) 
+MTLS=false 	# mTLS connection disabled (default)
 
 Option to enable/disable Device credential resue and resale feature:
 REUSE=true            # Reuse feature enabled (default)
@@ -101,6 +101,10 @@ Option to enable/disable Error Recovery:
 RETRY=true            # Error Recovery enabled (default)
 RETRY=false           # Error Recovery disabled
 
+Option to get device serial from system BIOS table:
+GET_DEV_SERIAL=true            # get device serial enabled
+GET_DEV_SERIAL=false           # get device serial disabled (default)
+
 List of options to clean targets:
 pristine              # cleanup by remove generated files