sd-boot: put hashed kernel command line in a PCR of the TPM

The UEFI BIOS already hashes the contents of the loaded image, so the
initrd and the command line of the binary are recorded.

Because manually added LoadOptions are not taken into account, these
should be recorded also.

This patch logs and extends a TPM PCR register with the LoadOptions.

This feature can be enabled with configure --enable-tpm

The PCR register index can be specified with
configure --with-tpm-pcrindex=<NUM>

1 files changed, 13 insertions, 0 deletions

diff --git a/src/boot/efi/boot.c b/src/boot/efi/boot.c
index 893980071f..30c1ead1aa 100644
--- a/src/boot/efi/boot.c
+++ b/src/boot/efi/boot.c
@@ -22,6 +22,7 @@
 #include "linux.h"
 #include "pefile.h"
 #include "util.h"
+#include "measure.h"
 
 #ifndef EFI_OS_INDICATIONS_BOOT_TO_FW_UI
 #define EFI_OS_INDICATIONS_BOOT_TO_FW_UI 0x0000000000000001ULL
@@ -1644,6 +1645,18 @@ static EFI_STATUS image_start(EFI_HANDLE parent_image, const Config *config, con
                 }
                 loaded_image->LoadOptions = options;
                 loaded_image->LoadOptionsSize = (StrLen(loaded_image->LoadOptions)+1) * sizeof(CHAR16);
+
+#ifdef SD_BOOT_LOG_TPM
+                /* Try to log any options to the TPM, escpecially to catch manually edited options */
+                err = tpm_log_event(SD_TPM_PCR,
+                                    (EFI_PHYSICAL_ADDRESS) loaded_image->LoadOptions,
+                                    loaded_image->LoadOptionsSize, loaded_image->LoadOptions);
+                if (EFI_ERROR(err)) {
+                        Print(L"Unable to add image options measurement: %r", err);
+                        uefi_call_wrapper(BS->Stall, 1, 3 * 1000 * 1000);
+                        return err;
+                }
+#endif
         }
 
         efivar_set_time_usec(L"LoaderTimeExecUSec", 0);