diff options
| author | Javier Martinez Canillas <javierm@redhat.com> | 2020-02-18 12:03:17 +0100 |
|---|---|---|
| committer | Peter Jones <pjones@redhat.com> | 2020-07-23 20:53:24 -0400 |
| commit | 0a8f7ade76ff3eede486027eaa638181e6bed3b8 (patch) | |
| tree | 237c5e40898b9d90d537af5189acc8f02ee903fd /tpm.c | |
| parent | 89d72301aa67c82f00fe7fa4f42d7f6eb6045538 (diff) | |
| download | efi-boot-shim-0a8f7ade76ff3eede486027eaa638181e6bed3b8.tar.gz efi-boot-shim-0a8f7ade76ff3eede486027eaa638181e6bed3b8.zip | |
tpm: Include information about PE/COFF images in the TPM Event Log
The "TCG PC Client Specific Platform Firmware Profile Specification" says
that when measuring a PE/COFF image, the TCG_PCR_EVENT2 structure Event
field MUST contain a UEFI_IMAGE_LOAD_EVENT structure.
Currently an empty UEFI_IMAGE_LOAD_EVENT structure is passed so users only
have the hash of the PE/COFF image, but not information such the file path
of the binary.
Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
Upstream-commit-id: c252b9ee94c
Diffstat (limited to 'tpm.c')
| -rw-r--r-- | tpm.c | 46 |
1 files changed, 32 insertions, 14 deletions
@@ -210,21 +210,39 @@ EFI_STATUS tpm_log_event(EFI_PHYSICAL_ADDRESS buf, UINTN size, UINT8 pcr, strlen(description) + 1, 0xd, NULL); } -EFI_STATUS tpm_log_pe(EFI_PHYSICAL_ADDRESS buf, UINTN size, UINT8 *sha1hash, - UINT8 pcr) +EFI_STATUS tpm_log_pe(EFI_PHYSICAL_ADDRESS buf, UINTN size, + EFI_PHYSICAL_ADDRESS addr, EFI_DEVICE_PATH *path, + UINT8 *sha1hash, UINT8 pcr) { - EFI_IMAGE_LOAD_EVENT ImageLoad; - - // All of this is informational and forces us to do more parsing before - // we can generate it, so let's just leave it out for now - ImageLoad.ImageLocationInMemory = 0; - ImageLoad.ImageLengthInMemory = 0; - ImageLoad.ImageLinkTimeAddress = 0; - ImageLoad.LengthOfDevicePath = 0; - - return tpm_log_event_raw(buf, size, pcr, (CHAR8 *)&ImageLoad, - sizeof(ImageLoad), - EV_EFI_BOOT_SERVICES_APPLICATION, sha1hash); + EFI_IMAGE_LOAD_EVENT *ImageLoad = NULL; + EFI_STATUS efi_status; + UINTN path_size = 0; + + if (path) + path_size = DevicePathSize(path); + + ImageLoad = AllocateZeroPool(sizeof(*ImageLoad) + path_size); + if (!ImageLoad) { + perror(L"Unable to allocate image load event structure\n"); + return EFI_OUT_OF_RESOURCES; + } + + ImageLoad->ImageLocationInMemory = buf; + ImageLoad->ImageLengthInMemory = size; + ImageLoad->ImageLinkTimeAddress = addr; + + if (path_size > 0) { + CopyMem(ImageLoad->DevicePath, path, path_size); + ImageLoad->LengthOfDevicePath = path_size; + } + + efi_status = tpm_log_event_raw(buf, size, pcr, (CHAR8 *)ImageLoad, + sizeof(*ImageLoad) + path_size, + EV_EFI_BOOT_SERVICES_APPLICATION, + sha1hash); + FreePool(ImageLoad); + + return efi_status; } typedef struct { |