grub2/0007-tpm-Measure-the-kernel-commandline.patch
Michael Chang 8e26f638e0 Accepting request 477882 from home:michael-chang:devel:tpm
- TPM Support (FATE#315831)
  * 0001-tpm-Core-TPM-support.patch
  * 0002-tpm-Measure-kernel-initrd.patch
  * 0003-tpm-Add-BIOS-boot-measurement.patch
  * 0004-tpm-Rework-linux-command.patch
  * 0005-tpm-Rework-linux16-command.patch
  * 0006-tpm-Measure-kernel-and-initrd-on-BIOS-systems.patch
  * 0007-tpm-Measure-the-kernel-commandline.patch
  * 0008-tpm-Measure-commands.patch
  * 0009-tpm-Measure-multiboot-images-and-modules.patch
  * 0010-tpm-Fix-boot-when-there-s-no-TPM.patch
  * 0011-tpm-Fix-build-error.patch
  * 0012-tpm-Build-tpm-as-module.patch
- grub2.spec : Add grub-tpm.efi for Secure Boot

OBS-URL: https://build.opensuse.org/request/show/477882
OBS-URL: https://build.opensuse.org/package/show/Base:System/grub2?expand=0&rev=263
2017-03-09 06:19:36 +00:00

44 lines
1.1 KiB
Diff

From aa88827e5b6ca073d0a67e86c5d6581445de988b Mon Sep 17 00:00:00 2001
From: Matthew Garrett <mjg59@coreos.com>
Date: Sun, 9 Aug 2015 16:32:29 -0700
Subject: [PATCH 07/11] Measure the kernel commandline
Measure the kernel commandline to ensure that it hasn't been modified
---
grub-core/lib/cmdline.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/grub-core/lib/cmdline.c b/grub-core/lib/cmdline.c
index d5e10ee..3791f3a 100644
--- a/grub-core/lib/cmdline.c
+++ b/grub-core/lib/cmdline.c
@@ -19,6 +19,7 @@
#include <grub/lib/cmdline.h>
#include <grub/misc.h>
+#include <grub/tpm.h>
static unsigned int check_arg (char *c, int *has_space)
{
@@ -67,7 +68,7 @@ int grub_create_loader_cmdline (int argc, char *argv[], char *buf,
{
int i, space;
unsigned int arg_size;
- char *c;
+ char *c, *orig = buf;
for (i = 0; i < argc; i++)
{
@@ -104,5 +105,8 @@ int grub_create_loader_cmdline (int argc, char *argv[], char *buf,
*buf = 0;
+ grub_tpm_measure ((void *)orig, grub_strlen (orig), GRUB_ASCII_PCR,
+ "grub_kernel_cmdline", orig);
+
return i;
}
--
1.8.5.6