fido-device-onboard · shrikant1407 · Nov 13, 2023 · Nov 7, 2023 · Nov 10, 2023 · Nov 10, 2023
diff --git a/cmake/cli_input.cmake b/cmake/cli_input.cmake
@@ -30,6 +30,7 @@ set (TPM2_TCTI_TYPE tabrmd)
 set (RESALE true)
 set (REUSE true)
 set (MTLS false)
+set (GET_DEV_SERIAL false)
 
 #for CSE
 set (CSE_SHUTDOWN true)
@@ -855,3 +856,30 @@ endif()
 set(CACHED_MTLS ${MTLS} CACHE STRING "Selected MTLS")
 message("Selected MTLS ${MTLS}")
 ###########################################
+# FOR GET_DEV_SERIAL
+get_property(cached_get_dev_serial_value CACHE GET_DEV_SERIAL PROPERTY VALUE)
+
+set(get_dev_serial_cli_arg ${cached_get_dev_serial_value})
+if(get_dev_serial_cli_arg STREQUAL CACHED_GET_DEV_SERIAL)
+  unset(get_dev_serial_cli_arg)
+endif()
+
+set(get_dev_serial_app_cmake_lists ${GET_DEV_SERIAL})
+if(cached_get_dev_serial_value STREQUAL GET_DEV_SERIAL)
+  unset(get_dev_serial_app_cmake_lists)
+endif()
+
+if(DEFINED CACHED_GET_DEV_SERIAL)
+  if ((DEFINED get_dev_serial_cli_arg) AND (NOT(CACHED_GET_DEV_SERIAL STREQUAL get_dev_serial_cli_arg)))
+    message(WARNING "Need to do make pristine before cmake args can change.")
+  endif()
+  set(GET_DEV_SERIAL ${CACHED_GET_DEV_SERIAL})
+elseif(DEFINED get_dev_serial_cli_arg)
+  set(GET_DEV_SERIAL ${get_dev_serial_cli_arg})
+elseif(DEFINED get_dev_serial_app_cmake_lists)
+  set(GET_DEV_SERIAL ${get_dev_serial_app_cmake_lists})
+endif()
+
+set(CACHED_GET_DEV_SERIAL ${GET_DEV_SERIAL} CACHE STRING "Selected GET_DEV_SERIAL")
+message("Selected GET_DEV_SERIAL ${GET_DEV_SERIAL}")
+###########################################
diff --git a/cmake/extension.cmake b/cmake/extension.cmake
@@ -275,4 +275,8 @@ endif()
 if(${MTLS} STREQUAL true)
   client_sdk_compile_definitions(-DMTLS)
 endif()
+
+if(${GET_DEV_SERIAL} STREQUAL true)
+  client_sdk_compile_definitions(-DGET_DEV_SERIAL)
+endif()
 ############################################################
diff --git a/docs/build_conf.md b/docs/build_conf.md
@@ -89,7 +89,7 @@ server name in that list for SNI enablement to work as expected.
 ```
 Option to enable/disable mTLS connection:
 MTLS=true 	# mTLS connection enabled
-MTLS=false 	# mTLS connection disabled (default) 
+MTLS=false 	# mTLS connection disabled (default)
 
 Option to enable/disable Device credential resue and resale feature:
 REUSE=true            # Reuse feature enabled (default)
@@ -101,6 +101,10 @@ Option to enable/disable Error Recovery:
 RETRY=true            # Error Recovery enabled (default)
 RETRY=false           # Error Recovery disabled
 
+Option to get device serial from system BIOS table:
+GET_DEV_SERIAL=true            # get device serial enabled
+GET_DEV_SERIAL=false           # get device serial disabled (default)
+
 List of options to clean targets:
 pristine              # cleanup by remove generated files
 

diff --git a/lib/include/util.h b/lib/include/util.h
@@ -158,6 +158,11 @@ char *strdup_s(const char *str);
 /* Print timestamp */
 int print_timestamp(void);
 
+#if defined(GET_DEV_SERIAL)
+/* Get device serial number */
+int get_device_serial(char *str);
+#endif
+
 #ifdef __cplusplus
 }
 #endif

diff --git a/lib/m-string.c b/lib/m-string.c
@@ -69,20 +69,73 @@ static int read_fill_modelserial(void)
 	uint8_t def_model_sz = 0;
 	size_t fsize = 0;
 
+#if defined(GET_DEV_SERIAL)
+	int strcmp_res = -1;
+	char temp_device_serial[MAX_DEV_SERIAL_SZ];
+	uint8_t temp_serial_sz = 0;
+
+	if (memset_s(temp_device_serial, sizeof(temp_device_serial), 0) != 0) {
+		LOG(LOG_ERROR, "Memset() failed!\n");
+		goto err;
+	}
+
+	ret = get_device_serial(temp_device_serial);
+	if (ret) {
+		LOG(LOG_ERROR, "Failed to get serial no.\n");
+	}
+
+	if (ret || (!strcmp_s((char *)temp_device_serial, MAX_DEV_SERIAL_SZ,
+			      "Not Specified\n", &strcmp_res) &&
+		    !strcmp_res)) {
+		LOG(LOG_DEBUG, "Defaulting serial num to 'abcdef'\n");
+		def_serial_sz = strnlen_s(DEF_SERIAL_NO, MAX_DEV_SERIAL_SZ);
+		if (!def_serial_sz || def_serial_sz == MAX_DEV_SERIAL_SZ) {
+			LOG(LOG_ERROR, "Default serial number string isn't "
+				       "NULL terminated\n");
+			goto err;
+		}
+
+		ret = strncpy_s(device_serial, MAX_DEV_SERIAL_SZ, DEF_SERIAL_NO,
+				def_serial_sz);
+		if (ret) {
+			LOG(LOG_ERROR, "Failed to copy serial no!\n");
+			goto err;
+		}
+	} else {
+		temp_serial_sz =
+		    strnlen_s(temp_device_serial, MAX_DEV_SERIAL_SZ);
+		if (!temp_serial_sz || temp_serial_sz == MAX_DEV_SERIAL_SZ) {
+			LOG(LOG_ERROR, "Default serial number string isn't "
+				       "NULL terminated\n");
+			goto err;
+		}
+
+		if (*temp_device_serial &&
+		    temp_device_serial[temp_serial_sz - 1] == '\n') {
+			temp_device_serial[temp_serial_sz - 1] = '\0';
+		}
+
+		ret = strncpy_s(device_serial, MAX_DEV_SERIAL_SZ,
+				temp_device_serial, temp_serial_sz);
+		if (ret) {
+			LOG(LOG_ERROR, "Failed to copy serial no!\n");
+			goto err;
+		}
+	}
+#else
 	fsize = fdo_blob_size((const char *)SERIAL_FILE, FDO_SDK_RAW_DATA);
 	if ((fsize > 0) && (fsize <= MAX_DEV_SERIAL_SZ)) {
 
 		if (fdo_blob_read((const char *)SERIAL_FILE, FDO_SDK_RAW_DATA,
 				  (uint8_t *)device_serial, fsize) <= 0) {
-
 			LOG(LOG_ERROR, "Failed to get serial no\n");
 			goto err;
 		}
 	} else {
 		if (fsize > MAX_DEV_SERIAL_SZ) {
 			LOG(LOG_INFO, "Serialno exceeds 255 characters. "
 				      "Defaulting it to 'abcdef'\n");
-		} else {
+		} else if (!fsize) {
 			LOG(LOG_INFO, "No serialno file present!\n");
 		}
 
@@ -100,6 +153,8 @@ static int read_fill_modelserial(void)
 			goto err;
 		}
 	}
+#endif
+	LOG(LOG_DEBUG, "Device serial = %s\n", device_serial);
 
 	fsize = fdo_blob_size((const char *)MODEL_FILE, FDO_SDK_RAW_DATA);
 	if ((fsize > 0) && (fsize <= MAX_MODEL_NO_SZ)) {

diff --git a/storage/util.c b/storage/util.c
@@ -20,6 +20,10 @@
 #include "freertos/task.h"
 #endif
 
+#ifndef MAX_DEV_SERIAL_SZ
+#define MAX_DEV_SERIAL_SZ 255
+#endif
+
 bool file_exists(char const *filename)
 {
 	FILE *fp = NULL;
@@ -317,3 +321,58 @@ int print_timestamp(void)
 #endif
 	return 0;
 }
+
+#if defined(GET_DEV_SERIAL)
+// Get device serial number
+int get_device_serial(char *serial_buff)
+{
+	FILE *fp;
+	char *cmd = "dmidecode -s system-serial-number";
+	int out_sz;
+	char out[MAX_DEV_SERIAL_SZ];
+	int results_sz = 0;
+	int ret = -1;
+	char *results = (char *)malloc(MAX_DEV_SERIAL_SZ * sizeof(char));
+
+	if (cmd != NULL) {
+		/* Open the command for reading. */
+		fp = popen(cmd, "r");
+		if (fp != NULL) {
+
+			/* Read the output a line at a time - output it. */
+			while (fgets(out, out_sz = sizeof(out), fp) != NULL) {
+				if (strcat_s(results, MAX_DEV_SERIAL_SZ, out) !=
+				    0) {
+					LOG(LOG_ERROR, "Strcat() failed!\n");
+					goto end;
+				}
+			}
+
+			results_sz = strnlen_s(results, MAX_DEV_SERIAL_SZ);
+			if (!results_sz) {
+				goto end;
+			}
+
+			if (memcpy_s(serial_buff, results_sz, results,
+				     results_sz)) {
+				LOG(LOG_ERROR,
+				    "Failed to copy device serial contents\n");
+				goto end;
+			}
+		} else {
+			goto end;
+		}
+		ret = 0;
+	}
+end:
+	/* close */
+	if (fp) {
+		pclose(fp);
+	}
+	if (results) {
+		free(results);
+		results = NULL;
+	}
+	return ret;
+}
+#endif