diff --git a/fix_efi_measure.patch b/fix_efi_measure.patch new file mode 100644 index 0000000..333b378 --- /dev/null +++ b/fix_efi_measure.patch @@ -0,0 +1,213 @@ +From 9489d98463a596ec8e4ba9f1f4a2b2af91c0968b Mon Sep 17 00:00:00 2001 +From: Alberto Planas +Date: Wed, 10 Jan 2024 15:32:07 +0100 +Subject: [PATCH 1/6] Print the measured kernel + +The debug output can be missleading, as print information about the +current event log, but not about the measured element, that can be +different as in the kernel case. + +Signed-off-by: Alberto Planas +--- + src/efi-application.c | 6 ++++++ + 1 file changed, 6 insertions(+) + +diff --git a/src/efi-application.c b/src/efi-application.c +index 3e80083..2fd33ec 100644 +--- a/src/efi-application.c ++++ b/src/efi-application.c +@@ -292,6 +292,12 @@ __tpm_event_efi_bsa_rehash(const tpm_event_t *ev, const tpm_parsed_event_t *pars + + /* The next boot can have a different kernel */ + if (sdb_is_kernel(evspec->efi_application) && ctx->boot_entry) { ++ /* TODO: the parsed data type did not change, so all ++ * the description correspond to the current event ++ * log, and not the asset that has been measured. The ++ * debug output can then be missleading. ++ */ ++ debug("Measuring %s\n", ctx->boot_entry->image_path); + new_application = ctx->boot_entry->image_path; + if (new_application) { + evspec_clone = *evspec; + +From d8d97a3c233e326e0b1836b77fa08f483ea8f410 Mon Sep 17 00:00:00 2001 +From: Alberto Planas +Date: Wed, 10 Jan 2024 15:51:45 +0100 +Subject: [PATCH 2/6] Rename variable to cmdline + +Signed-off-by: Alberto Planas +--- + src/eventlog.c | 15 ++++++++------- + 1 file changed, 8 insertions(+), 7 deletions(-) + +diff --git a/src/eventlog.c b/src/eventlog.c +index 4277d42..377f4d6 100644 +--- a/src/eventlog.c ++++ b/src/eventlog.c +@@ -790,8 +790,8 @@ static const tpm_evdigest_t * + __tpm_event_systemd_rehash(const tpm_event_t *ev, const tpm_parsed_event_t *parsed, tpm_event_log_rehash_ctx_t *ctx) + { + const uapi_boot_entry_t *boot_entry = ctx->boot_entry; +- char initrd[2048]; +- char initrd_utf16[4096]; ++ char cmdline[2048]; ++ char cmdline_utf16[4096]; + unsigned int len; + + /* If no --next-kernel option was given, do not rehash anything */ +@@ -804,15 +804,16 @@ __tpm_event_systemd_rehash(const tpm_event_t *ev, const tpm_parsed_event_t *pars + } + + debug("Next boot entry expected from: %s %s\n", boot_entry->title, boot_entry->version? : ""); +- snprintf(initrd, sizeof(initrd), "initrd=%s %s", ++ snprintf(cmdline, sizeof(cmdline), "initrd=%s %s", + path_unix2dos(boot_entry->initrd_path), + boot_entry->options? : ""); ++ debug("Measuring Kernel command line: %s\n", cmdline); + +- len = (strlen(initrd) + 1) << 1; +- assert(len <= sizeof(initrd_utf16)); +- __convert_to_utf16le(initrd, strlen(initrd) + 1, initrd_utf16, len); ++ len = (strlen(cmdline) + 1) << 1; ++ assert(len <= sizeof(cmdline_utf16)); ++ __convert_to_utf16le(cmdline, strlen(cmdline) + 1, cmdline_utf16, len); + +- return digest_compute(ctx->algo, initrd_utf16, len); ++ return digest_compute(ctx->algo, cmdline_utf16, len); + } + + /* + +From 4f8e3f4760ff7fe97df1e6af569d049e30f3ee06 Mon Sep 17 00:00:00 2001 +From: Alberto Planas +Date: Wed, 10 Jan 2024 15:55:41 +0100 +Subject: [PATCH 3/6] Add debug output for initrd + +Signed-off-by: Alberto Planas +--- + src/eventlog.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/src/eventlog.c b/src/eventlog.c +index 377f4d6..3574a4d 100644 +--- a/src/eventlog.c ++++ b/src/eventlog.c +@@ -877,6 +877,7 @@ __tpm_event_tag_initrd_rehash(const tpm_event_t *ev, const tpm_parsed_event_t *p + } + + debug("Next boot entry expected from: %s %s\n", boot_entry->title, boot_entry->version? : ""); ++ debug("Measuring initrd: %s\n", boot_entry->initrd_path); + return runtime_digest_efi_file(ctx->algo, boot_entry->initrd_path); + } + + +From 90ee8dab9d972b741bc0c27a04a872afbecdef82 Mon Sep 17 00:00:00 2001 +From: Alberto Planas +Date: Wed, 10 Jan 2024 18:54:04 +0100 +Subject: [PATCH 4/6] Add debug output during extension + +Signed-off-by: Alberto Planas +--- + src/oracle.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/src/oracle.c b/src/oracle.c +index 1cafafc..0afd910 100644 +--- a/src/oracle.c ++++ b/src/oracle.c +@@ -366,6 +366,7 @@ pcr_bank_extend_register(tpm_pcr_bank_t *bank, unsigned int pcr_index, const tpm + static void + predictor_extend_hash(struct predictor *pred, unsigned int pcr_index, const tpm_evdigest_t *d) + { ++ debug("Extend PCR#%d: %s\n", pcr_index, digest_print(d)); + pcr_bank_extend_register(&pred->prediction, pcr_index, d); + } + + +From 5133fe6f3c00a41aee362a51621a278dd472497e Mon Sep 17 00:00:00 2001 +From: Alberto Planas +Date: Thu, 11 Jan 2024 14:09:03 +0100 +Subject: [PATCH 5/6] Update the EFI image info before rehash + +If the new EFI image is in a new place, the image information stored in +the parsed event should be updated, so the rehash will use this +information instead of the one from the event log. + +Signed-off-by: Alberto Planas +--- + src/efi-application.c | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +diff --git a/src/efi-application.c b/src/efi-application.c +index 2fd33ec..842bca6 100644 +--- a/src/efi-application.c ++++ b/src/efi-application.c +@@ -40,7 +40,7 @@ + */ + static const tpm_evdigest_t * __tpm_event_efi_bsa_rehash(const tpm_event_t *, const tpm_parsed_event_t *, tpm_event_log_rehash_ctx_t *); + static bool __tpm_event_efi_bsa_extract_location(tpm_parsed_event_t *parsed); +-static bool __tpm_event_efi_bsa_inspect_image(tpm_parsed_event_t *parsed); ++static bool __tpm_event_efi_bsa_inspect_image(struct efi_bsa_event *evspec); + + static void + __tpm_event_efi_bsa_destroy(tpm_parsed_event_t *parsed) +@@ -111,7 +111,7 @@ __tpm_event_parse_efi_bsa(tpm_event_t *ev, tpm_parsed_event_t *parsed, buffer_t + assign_string(&ctx->efi_partition, evspec->efi_partition); + else + assign_string(&evspec->efi_partition, ctx->efi_partition); +- __tpm_event_efi_bsa_inspect_image(parsed); ++ __tpm_event_efi_bsa_inspect_image(evspec); + } + + return true; +@@ -150,9 +150,8 @@ __tpm_event_efi_bsa_extract_location(tpm_parsed_event_t *parsed) + } + + static bool +-__tpm_event_efi_bsa_inspect_image(tpm_parsed_event_t *parsed) ++__tpm_event_efi_bsa_inspect_image(struct efi_bsa_event *evspec) + { +- struct efi_bsa_event *evspec = &parsed->efi_bsa_event; + char path[PATH_MAX]; + const char *display_name; + buffer_t *img_data; +@@ -302,6 +301,7 @@ __tpm_event_efi_bsa_rehash(const tpm_event_t *ev, const tpm_parsed_event_t *pars + if (new_application) { + evspec_clone = *evspec; + evspec_clone.efi_application = strdup(new_application); ++ __tpm_event_efi_bsa_inspect_image(&evspec_clone); + evspec = &evspec_clone; + } + } + +From 93cbe02ca05297c638b1ac7f32b3da3a6cd2f684 Mon Sep 17 00:00:00 2001 +From: Alberto Planas +Date: Thu, 11 Jan 2024 14:35:07 +0100 +Subject: [PATCH 6/6] Bump version to 0.5.5 + +Signed-off-by: Alberto Planas +--- + configure | 2 +- + microconf/version | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/configure b/configure +index 1dccbdc..854cc0a 100755 +--- a/configure ++++ b/configure +@@ -12,7 +12,7 @@ + # Invoke with --help for a description of options + # + # microconf:begin +-# version 0.5.4 ++# version 0.5.5 + # require libtss2 + # require json + # disable debug-authenticode +diff --git a/microconf/version b/microconf/version +index 7e913d9..591473f 100644 +--- a/microconf/version ++++ b/microconf/version +@@ -1 +1 @@ +-uc_version=0.5.4 ++uc_version=0.5.5 diff --git a/pcr-oracle.changes b/pcr-oracle.changes index 41c6959..5cbf6e3 100644 --- a/pcr-oracle.changes +++ b/pcr-oracle.changes @@ -1,3 +1,8 @@ +------------------------------------------------------------------- +Fri Jan 12 07:28:55 UTC 2024 - Alberto Planas Dominguez + +- Add fix_efi_measure.patch to fix the measurement of EFI binaries + ------------------------------------------------------------------- Fri Dec 8 07:17:35 UTC 2023 - Gary Ching-Pang Lin diff --git a/pcr-oracle.spec b/pcr-oracle.spec index 2949abd..199c673 100644 --- a/pcr-oracle.spec +++ b/pcr-oracle.spec @@ -1,7 +1,7 @@ # # spec file for package pcr-oracle # -# Copyright (c) 2023 SUSE LLC +# Copyright (c) 2024 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -25,6 +25,8 @@ License: GPL-2.0-only Group: System/Boot URL: https://github.com/okirch/pcr-oracle Source: %{name}-%{version}.tar.xz +# PATCH-FIX-UPSTREAM fix_efi_measure.patch gh#okirch/pcr-oracle!47 +Patch0: fix_efi_measure.patch BuildRequires: libopenssl-devel >= 0.9.8 BuildRequires: tpm2-0-tss-devel >= 2.4.0 Requires: libtss2-tcti-device0