diff options
| author | Matthew Garrett <mjg59@coreos.com> | 2016-05-11 11:11:05 -0400 |
|---|---|---|
| committer | Peter Jones <pjones@redhat.com> | 2016-05-11 11:11:05 -0400 |
| commit | 964f56b310b564a3e48c034804c5d294ce5995d0 (patch) | |
| tree | 233b695d76e34f240fd5c3a52edea1d36c2ada81 /shim.c | |
| parent | dd66e12d73798d2fc6526e797c09e1ebd93e8e57 (diff) | |
| download | efi-boot-shim-964f56b310b564a3e48c034804c5d294ce5995d0.tar.gz efi-boot-shim-964f56b310b564a3e48c034804c5d294ce5995d0.zip | |
Measure state and second stage into TPM
Add support for measuring the MOK database and secure boot state into a
TPM, and do the same for the second stage loader. This avoids a hole in
TPM measurement between the firmware and the second stage loader.
Diffstat (limited to 'shim.c')
| -rw-r--r-- | shim.c | 54 |
1 files changed, 54 insertions, 0 deletions
@@ -41,6 +41,7 @@ #include "netboot.h" #include "shim_cert.h" #include "replacements.h" +#include "tpm.h" #include "ucs2.h" #include "guid.h" @@ -1663,6 +1664,10 @@ EFI_STATUS start_image(EFI_HANDLE image_handle, CHAR16 *ImagePath) } } + /* Measure the binary into the TPM */ + tpm_log_event((EFI_PHYSICAL_ADDRESS)data, datasize, 9, + (CHAR8 *)"Second stage bootloader"); + /* * We need to modify the loaded image protocol entry before running * the new binary, so back it up @@ -1733,6 +1738,42 @@ EFI_STATUS init_grub(EFI_HANDLE image_handle) } /* + * Measure some of the MOK variables into the TPM + */ +EFI_STATUS measure_mok() +{ + EFI_GUID shim_lock_guid = SHIM_LOCK_GUID; + EFI_STATUS efi_status; + UINT8 *Data = NULL; + UINTN DataSize = 0; + + efi_status = get_variable(L"MokList", &Data, &DataSize, shim_lock_guid); + if (efi_status != EFI_SUCCESS) + return efi_status; + + efi_status = tpm_log_event((EFI_PHYSICAL_ADDRESS)Data, DataSize, 14, + (CHAR8 *)"MokList"); + + FreePool(Data); + + if (efi_status != EFI_SUCCESS) + return efi_status; + + efi_status = get_variable(L"MokSBState", &Data, &DataSize, + shim_lock_guid); + + if (efi_status != EFI_SUCCESS) + return efi_status; + + efi_status = tpm_log_event((EFI_PHYSICAL_ADDRESS)Data, DataSize, 14, + (CHAR8 *)"MokSBState"); + + FreePool(Data); + + return efi_status; +} + +/* * Copy the boot-services only MokList variable to the runtime-accessible * MokListRT variable. It's not marked NV, so the OS can't modify it. */ @@ -2496,6 +2537,19 @@ efi_main (EFI_HANDLE passed_image_handle, EFI_SYSTEM_TABLE *passed_systab) debug_hook(); /* + * Measure the MOK variables + */ + efi_status = measure_mok(); + if (efi_status != EFI_SUCCESS && efi_status != EFI_NOT_FOUND) { + Print(L"Something has gone seriously wrong: %r\n", efi_status); + Print(L"Shim was unable to measure state into the TPM\n"); + systab->BootServices->Stall(5000000); + systab->RuntimeServices->ResetSystem(EfiResetShutdown, + EFI_SECURITY_VIOLATION, + 0, NULL); + } + + /* * Check whether the user has configured the system to run in * insecure mode */ |