[SLOF] [PATCH 3/3] tcgbios: Measure the bootloader file read from disk
Stefan Berger
stefanb at linux.vnet.ibm.com
Fri Mar 27 07:20:54 AEDT 2020
From: Stefan Berger <stefanb at linux.ibm.com>
Measure the bootloader file read from disk into PCR 4 and log it with
the description 'BOOTLOADER' and the event type EV_COMPACT_HASH
(code 0xc). Since the loaded file should be an ELF file, have its size
determined and only the bytes from the ELF image measured rather than
the whole buffer that it was read into and is much bigger (0x700000).
Signed-off-by: Stefan Berger <stefanb at linux.ibm.com>
---
slof/fs/packages/disk-label.fs | 19 ++++++++++++++++++-
1 file changed, 18 insertions(+), 1 deletion(-)
diff --git a/slof/fs/packages/disk-label.fs b/slof/fs/packages/disk-label.fs
index bb64022..d7b6418 100644
--- a/slof/fs/packages/disk-label.fs
+++ b/slof/fs/packages/disk-label.fs
@@ -452,6 +452,20 @@ CREATE GPT-LINUX-PARTITION 10 allot
THEN
;
+\ Measure the boot loader file into PCR 4 as event type EV_COMPACT_HASH (0xc)
+
+: measure-file ( data-ptr data-len -- )
+ s" /ibm,vtpm" find-node IF
+ 4 -rot ( 4 data-ptr data-len )
+ c -rot ( 4 c data-ptr data-len )
+ s" BOOTLOADER" ( 4 c data-ptr data-len desc-ptr desc-len )
+ true tpm-hash-log-extend-event-file ( rc )
+ drop
+ ELSE
+ 2drop
+ THEN
+;
+
: load-from-gpt-prep-partition ( addr -- size )
get-gpt-partition 0= IF false EXIT THEN
block gpt>num-part-entry l at -le dup 0= IF false exit THEN
@@ -465,7 +479,10 @@ CREATE GPT-LINUX-PARTITION 10 allot
swap ( addr blocks first-lba )
block-size * to part-offset ( addr blocks )
0 0 seek drop ( addr blocks )
- block-size * read ( size )
+ over -rot ( addr addr blocks)
+ block-size * read ( addr size )
+ 2dup measure-file ( addr size )
+ nip ( size)
UNLOOP EXIT
THEN
seek-pos gpt-part-size + to seek-pos
--
2.24.1
More information about the SLOF
mailing list