sd-boot: put hashed kernel command line in a PCR of the TPM

The UEFI BIOS already hashes the contents of the loaded image, so the
initrd and the command line of the binary are recorded.

Because manually added LoadOptions are not taken into account, these
should be recorded also.

This patch logs and extends a TPM PCR register with the LoadOptions.

This feature can be enabled with configure --enable-tpm

The PCR register index can be specified with
configure --with-tpm-pcrindex=<NUM>

1 files changed, 13 insertions, 0 deletions

diff --git a/src/boot/efi/stub.c b/src/boot/efi/stub.c
index 9633bc1792..1e250f34f4 100644
--- a/src/boot/efi/stub.c
+++ b/src/boot/efi/stub.c
@@ -20,6 +20,7 @@
 #include "pefile.h"
 #include "splash.h"
 #include "util.h"
+#include "measure.h"
 
 /* magic string to find in the binary image */
 static const char __attribute__((used)) magic[] = "#### LoaderInfo: systemd-stub " VERSION " ####";
@@ -97,6 +98,18 @@ EFI_STATUS efi_main(EFI_HANDLE image, EFI_SYSTEM_TABLE *sys_table) {
                 for (i = 0; i < cmdline_len; i++)
                         line[i] = options[i];
                 cmdline = line;
+
+#ifdef SD_BOOT_LOG_TPM
+                /* Try to log any options to the TPM, escpecially manually edited options */
+                err = tpm_log_event(SD_TPM_PCR,
+                                    (EFI_PHYSICAL_ADDRESS) loaded_image->LoadOptions,
+                                    loaded_image->LoadOptionsSize, loaded_image->LoadOptions);
+                if (EFI_ERROR(err)) {
+                        Print(L"Unable to add image options measurement: %r", err);
+                        uefi_call_wrapper(BS->Stall, 1, 3 * 1000 * 1000);
+                        return err;
+                }
+#endif
         }
 
         /* export the device path this image is started from */