mirror of
https://git.proxmox.com/git/mirror_ubuntu-kernels.git
synced 2025-12-02 13:18:12 +00:00
f046fff8bc
In an effort to ensure the initrd observed and used by the OS is the same one that was meant to be loaded, which is difficult to guarantee otherwise, let's measure the initrd if the EFI stub and specifically the newly introduced LOAD_FILE2 protocol was used. Modify the initrd loading sequence so that the contents of the initrd are measured into PCR9. Note that the patch is currently using EV_EVENT_TAG to create the eventlog entry instead of EV_IPL. According to the TCP PC Client specification this is used for PCRs defined for OS and application usage. Co-developed-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Link: https://lore.kernel.org/r/20211119114745.1560453-5-ilias.apalodimas@linaro.org [ardb: add braces to initializer of tagged_event_data] Link: https://github.com/ClangBuiltLinux/linux/issues/1547 Signed-off-by: Ard Biesheuvel <ardb@kernel.org> |
||
|---|---|---|
| .. | ||
| alignedmem.c | ||
| arm32-stub.c | ||
| arm64-stub.c | ||
| efi-stub-helper.c | ||
| efi-stub.c | ||
| efistub.h | ||
| fdt.c | ||
| file.c | ||
| gop.c | ||
| Makefile | ||
| mem.c | ||
| pci.c | ||
| random.c | ||
| randomalloc.c | ||
| relocate.c | ||
| riscv-stub.c | ||
| secureboot.c | ||
| skip_spaces.c | ||
| string.c | ||
| tpm.c | ||
| vsprintf.c | ||
| x86-stub.c | ||