pool/grub2
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
df62b2deb2
grub2/0008-tpm-Measure-commands.patch
Michael Chang 8e26f638e0 Accepting request 477882 from home:michael-chang:devel:tpm 
- TPM Support (FATE#315831)
  * 0001-tpm-Core-TPM-support.patch
  * 0002-tpm-Measure-kernel-initrd.patch
  * 0003-tpm-Add-BIOS-boot-measurement.patch
  * 0004-tpm-Rework-linux-command.patch
  * 0005-tpm-Rework-linux16-command.patch
  * 0006-tpm-Measure-kernel-and-initrd-on-BIOS-systems.patch
  * 0007-tpm-Measure-the-kernel-commandline.patch
  * 0008-tpm-Measure-commands.patch
  * 0009-tpm-Measure-multiboot-images-and-modules.patch
  * 0010-tpm-Fix-boot-when-there-s-no-TPM.patch
  * 0011-tpm-Fix-build-error.patch
  * 0012-tpm-Build-tpm-as-module.patch
- grub2.spec : Add grub-tpm.efi for Secure Boot

OBS-URL: https://build.opensuse.org/request/show/477882
OBS-URL: https://build.opensuse.org/package/show/Base:System/grub2?expand=0&rev=263
2017-03-09 06:19:36 +00:00

61 lines
1.9 KiB
Diff
Raw Blame History

From 959e235378adef1477d14d7546c549b7619eb5f1 Mon Sep 17 00:00:00 2001
From: Matthew Garrett <mjg59@srcf.ucam.org>
Date: Mon, 10 Aug 2015 15:27:12 -0700
Subject: [PATCH 08/11] Measure commands
Measure each command executed by grub, which includes script execution.
---
grub-core/script/execute.c | 25 +++++++++++++++++++++++--
1 file changed, 23 insertions(+), 2 deletions(-)
Index: grub-2.02~beta3/grub-core/script/execute.c
===================================================================
--- grub-2.02~beta3.orig/grub-core/script/execute.c
+++ grub-2.02~beta3/grub-core/script/execute.c
@@ -30,6 +30,7 @@
#ifdef GRUB_MACHINE_IEEE1275
#include <grub/ieee1275/ieee1275.h>
#endif
+#include <grub/tpm.h>
/* Max digits for a char is 3 (0xFF is 255), similarly for an int it
is sizeof (int) * 3, and one extra for a possible -ve sign. */
@@ -936,8 +937,9 @@ grub_script_execute_cmdline (struct grub
grub_err_t ret = 0;
grub_script_function_t func = 0;
char errnobuf[18];
- char *cmdname;
- int argc;
+ char *cmdname, *cmdstring;
+ int argc, offset = 0, cmdlen = 0;
+ unsigned int i;
char **args;
int invert;
struct grub_script_argv argv = { 0, 0, 0 };
@@ -946,6 +948,25 @@ grub_script_execute_cmdline (struct grub
if (grub_script_arglist_to_argv (cmdline->arglist, &argv) || ! argv.args[0])
return grub_errno;
+ for (i = 0; i < argv.argc; i++) {
+ cmdlen += grub_strlen (argv.args[i]) + 1;
+ }
+
+ cmdstring = grub_malloc (cmdlen);
+ if (!cmdstring)
+ {
+ return grub_error (GRUB_ERR_OUT_OF_MEMORY,
+ N_("cannot allocate command buffer"));
+ }
+
+ for (i = 0; i < argv.argc; i++) {
+ offset += grub_snprintf (cmdstring + offset, cmdlen - offset, "%s ",
+ argv.args[i]);
+ }
+ cmdstring[cmdlen-1]= '\0';
+ grub_tpm_measure ((unsigned char *)cmdstring, cmdlen, GRUB_ASCII_PCR,
+ "grub_cmd", cmdstring);
+ grub_free(cmdstring);
invert = 0;
argc = argv.argc - 1;
args = argv.args + 1;
Reference in New Issue View Git Blame Copy Permalink