[Skiboot] [PATCH 2/3] libstb/stb.c: measure the IMA_CATALOG partition
Stewart Smith
stewart at linux.vnet.ibm.com
Wed Sep 20 16:20:13 AEST 2017
Claudio Carvalho <cclaudio at linux.vnet.ibm.com> writes:
> This maps a PCR number for the IMA_CATALOG partition so that it can be
> measured (extended to the mapped PCR).
>
> Signed-off-by: Claudio Carvalho <cclaudio at linux.vnet.ibm.com>
> ---
> libstb/stb.c | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/libstb/stb.c b/libstb/stb.c
> index eab04eb..15aa682 100644
> --- a/libstb/stb.c
> +++ b/libstb/stb.c
> @@ -58,6 +58,7 @@ static struct {
> enum resource_id id;
> TPM_Pcr pcr;
> } resources[] = {
> + { RESOURCE_ID_IMA_CATALOG, PCR_4 },
> { RESOURCE_ID_KERNEL, PCR_4 },
> { RESOURCE_ID_CAPP, PCR_2 },
Any reason why PCR4 rather than PCR2?
The IMA_CATALOG seems more like CAPP than KERNEL, as in, bits of
data/microcode rather than other firmware component.
--
Stewart Smith
OPAL Architect, IBM.
More information about the Skiboot
mailing list