Measure multiboot images and modules

grub-core/loader/i386/multiboot_mbi.c

@@ -36,6 +36,7 @@
 #include <grub/net.h>
 #include <grub/i18n.h>
 #include <grub/lib/cmdline.h>
+#include <grub/tpm.h>
 
 #ifdef GRUB_MACHINE_EFI
 #include <grub/efi/efi.h>
@@ -164,6 +165,8 @@ grub_multiboot_load (grub_file_t file, const char *filename)
       return grub_errno;
     }
 
+  grub_tpm_measure((unsigned char*)buffer, len, GRUB_KERNEL_PCR, filename);
+
   header = find_header (buffer, len);
 
   if (header == 0)

grub-core/loader/multiboot.c

@@ -42,6 +42,7 @@
 #include <grub/video.h>
 #include <grub/memory.h>
 #include <grub/i18n.h>
+#include <grub/tpm.h>
 
 GRUB_MOD_LICENSE ("GPLv3+");
 
@@ -384,6 +385,7 @@ grub_cmd_module (grub_command_t cmd __attribute__ ((unused)),
     }
 
   grub_file_close (file);
+  grub_tpm_measure (module, size, GRUB_KERNEL_PCR, argv[0]);
   return GRUB_ERR_NONE;
 }
 

grub-core/loader/multiboot_mbi2.c

@@ -36,6 +36,7 @@
 #include <grub/i18n.h>
 #include <grub/net.h>
 #include <grub/lib/cmdline.h>
+#include <grub/tpm.h>
 
 #if defined (GRUB_MACHINE_EFI)
 #include <grub/efi/efi.h>
@@ -126,6 +127,8 @@ grub_multiboot_load (grub_file_t file, const char *filename)
 
   COMPILE_TIME_ASSERT (MULTIBOOT_HEADER_ALIGN % 4 == 0);
 
+  grub_tpm_measure ((unsigned char *)buffer, len, GRUB_KERNEL_PCR, filename);
+
   header = find_header (buffer, len);
 
   if (header == 0)