diff options
| author | Javier Martinez Canillas <javierm@redhat.com> | 2020-02-18 12:03:17 +0100 |
|---|---|---|
| committer | Peter Jones <pjones@redhat.com> | 2020-07-23 20:53:24 -0400 |
| commit | 0a8f7ade76ff3eede486027eaa638181e6bed3b8 (patch) | |
| tree | 237c5e40898b9d90d537af5189acc8f02ee903fd /shim.c | |
| parent | 89d72301aa67c82f00fe7fa4f42d7f6eb6045538 (diff) | |
| download | efi-boot-shim-0a8f7ade76ff3eede486027eaa638181e6bed3b8.tar.gz efi-boot-shim-0a8f7ade76ff3eede486027eaa638181e6bed3b8.zip | |
tpm: Include information about PE/COFF images in the TPM Event Log
The "TCG PC Client Specific Platform Firmware Profile Specification" says
that when measuring a PE/COFF image, the TCG_PCR_EVENT2 structure Event
field MUST contain a UEFI_IMAGE_LOAD_EVENT structure.
Currently an empty UEFI_IMAGE_LOAD_EVENT structure is passed so users only
have the hash of the PE/COFF image, but not information such the file path
of the binary.
Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
Upstream-commit-id: c252b9ee94c
Diffstat (limited to 'shim.c')
| -rw-r--r-- | shim.c | 7 |
1 files changed, 5 insertions, 2 deletions
@@ -1274,7 +1274,9 @@ static EFI_STATUS handle_image (void *data, unsigned int datasize, #ifdef REQUIRE_TPM efi_status = #endif - tpm_log_pe((EFI_PHYSICAL_ADDRESS)(UINTN)data, datasize, sha1hash, 4); + tpm_log_pe((EFI_PHYSICAL_ADDRESS)(UINTN)data, datasize, + (EFI_PHYSICAL_ADDRESS)(UINTN)context.ImageAddress, + li->FilePath, sha1hash, 4); #ifdef REQUIRE_TPM if (efi_status != EFI_SUCCESS) { return efi_status; @@ -1788,7 +1790,8 @@ EFI_STATUS shim_verify (void *buffer, UINT32 size) #ifdef REQUIRE_TPM efi_status = #endif - tpm_log_pe((EFI_PHYSICAL_ADDRESS)(UINTN)buffer, size, sha1hash, 4); + tpm_log_pe((EFI_PHYSICAL_ADDRESS)(UINTN)buffer, size, 0, NULL, + sha1hash, 4); #ifdef REQUIRE_TPM if (EFI_ERROR(efi_status)) goto done; |