[SLOF] [PATCH 10/16] Implement measurements of the master boot record

Nikunj A Dadhania nikunj at linux.vnet.ibm.com
Mon Nov 9 21:57:42 AEDT 2015 

Stefan Berger <stefanb at linux.vnet.ibm.com> writes:

> This patch adds support for measuring the boot block of the
> MBR and logging the measurement.

GPT support ?

>
> Signed-off-by: Stefan Berger <stefanb at linux.vnet.ibm.com>
> ---
>  board-js2x/slof/OF.fs          |  2 ++
>  slof/fs/packages/disk-label.fs |  6 +++++-
>  slof/fs/tpm/tpm-static.fs      | 13 +++++++++++++
>  3 files changed, 20 insertions(+), 1 deletion(-)
>
> diff --git a/board-js2x/slof/OF.fs b/board-js2x/slof/OF.fs
> index 3e37735..8e736c7 100644
> --- a/board-js2x/slof/OF.fs
> +++ b/board-js2x/slof/OF.fs

Why js2x ?

> @@ -255,6 +255,8 @@ create vpd-bootlist 4 allot
>  #include <usb/usb-static.fs>
>  320 cp
>  #include <scsi-loader.fs>
> +\\ need tpm-static for verbs in disk-labels.fs
> +#include <tpm/tpm-static.fs>
>  #include <root.fs>
>  360 cp
>  #include "tree.fs"
> diff --git a/slof/fs/packages/disk-label.fs b/slof/fs/packages/disk-label.fs
> index e034d64..f827d72 100644
> --- a/slof/fs/packages/disk-label.fs
> +++ b/slof/fs/packages/disk-label.fs
> @@ -545,7 +545,11 @@ B9E5                CONSTANT GPT-BASIC-DATA-PARTITION-2
>  \ load from a bootable partition
>  : load-from-boot-partition ( addr -- size )
>     debug-disk-label? IF ." Trying DOS boot " .s cr THEN
> -   dup load-from-dos-boot-partition ?dup 0 <> IF nip EXIT THEN
> +   dup load-from-dos-boot-partition ?dup 0 <> IF
> +      nip
> +      80 block 200 vtpm-add-bcv

what does 80 mean ?

> +      EXIT
> +   THEN
>
>     debug-disk-label? IF ." Trying CHRP boot " .s cr THEN
>     1 disk-chrp-boot !
> diff --git a/slof/fs/tpm/tpm-static.fs b/slof/fs/tpm/tpm-static.fs
> index 7954be2..bc5138a 100644
> --- a/slof/fs/tpm/tpm-static.fs
> +++ b/slof/fs/tpm/tpm-static.fs
> @@ -44,6 +44,19 @@ false VALUE vtpm-debug?
>      THEN
>  ;
>
> +: vtpm-add-bcv ( boodrv addr length -- )

                    bootdrv

> +    vtpm-available? IF
> +        tpm-add-bcv                                    ( -- errcode )
> +        vtpm-debug? IF
> +            ." VTPM: Error code from tpm-add-bootdevice-ipl: " . cr
> +        ELSE
> +            drop
> +        THEN
> +    ELSE
> +        3drop
> +    THEN
> +;
> +
>  1 CONSTANT TPM_ST_ENABLED
>  2 CONSTANT TPM_ST_ACTIVE
>  4 CONSTANT TPM_ST_OWNED
> -- 
> 1.9.3

More information about the SLOF mailing list