Blame 0083-Measure-the-kernel-commandline.patch
|
 |
2ae5c1e |
From 6bcfc6f286d099a26cc0c7a00a6458d1d7993485 Mon Sep 17 00:00:00 2001
|
|
|
b9efc54 |
From: Matthew Garrett <mjg59@coreos.com>
|
|
|
b9efc54 |
Date: Sun, 9 Aug 2015 16:32:29 -0700
|
|
|
2ae5c1e |
Subject: [PATCH 83/85] Measure the kernel commandline
|
|
|
b9efc54 |
|
|
|
b9efc54 |
Measure the kernel commandline to ensure that it hasn't been modified
|
|
|
b9efc54 |
---
|
|
|
b9efc54 |
grub-core/lib/cmdline.c | 6 +++++-
|
|
|
b9efc54 |
1 file changed, 5 insertions(+), 1 deletion(-)
|
|
|
b9efc54 |
|
|
|
b9efc54 |
diff --git a/grub-core/lib/cmdline.c b/grub-core/lib/cmdline.c
|
|
|
b9efc54 |
index 970ea86..6b56304 100644
|
|
|
b9efc54 |
--- a/grub-core/lib/cmdline.c
|
|
|
b9efc54 |
+++ b/grub-core/lib/cmdline.c
|
|
|
b9efc54 |
@@ -19,6 +19,7 @@
|
|
|
b9efc54 |
|
|
|
b9efc54 |
#include <grub/lib/cmdline.h>
|
|
|
b9efc54 |
#include <grub/misc.h>
|
|
|
b9efc54 |
+#include <grub/tpm.h>
|
|
|
b9efc54 |
|
|
|
b9efc54 |
static int
|
|
|
b9efc54 |
is_hex(char c)
|
|
|
b9efc54 |
@@ -79,7 +80,7 @@ int grub_create_loader_cmdline (int argc, char *argv[], char *buf,
|
|
|
b9efc54 |
{
|
|
|
b9efc54 |
int i, space;
|
|
|
b9efc54 |
unsigned int arg_size;
|
|
|
b9efc54 |
- char *c;
|
|
|
b9efc54 |
+ char *c, *orig = buf;
|
|
|
b9efc54 |
|
|
|
b9efc54 |
for (i = 0; i < argc; i++)
|
|
|
b9efc54 |
{
|
|
|
b9efc54 |
@@ -125,5 +126,8 @@ int grub_create_loader_cmdline (int argc, char *argv[], char *buf,
|
|
|
b9efc54 |
|
|
|
b9efc54 |
*buf = 0;
|
|
|
b9efc54 |
|
|
|
b9efc54 |
+ grub_tpm_measure ((void *)orig, grub_strlen (orig), GRUB_CMDLINE_PCR,
|
|
|
b9efc54 |
+ "Kernel Commandline");
|
|
|
b9efc54 |
+
|
|
|
b9efc54 |
return i;
|
|
|
b9efc54 |
}
|
|
|
b9efc54 |
--
|
|
|
b9efc54 |
2.5.0
|
|
|
b9efc54 |
|