loader: Add arm64 verity

Signed-off-by: Geoff Levand <geoff@infradead.org>
This commit is contained in:
Geoff Levand 2017-01-25 14:54:46 -08:00
parent c9bd29e124
commit dc2eaa5855
2 changed files with 13 additions and 2 deletions

View file

@ -32,6 +32,8 @@
#include <grub/i18n.h> #include <grub/i18n.h>
#include <grub/lib/cmdline.h> #include <grub/lib/cmdline.h>
#include <grub/verity-hash.h>
GRUB_MOD_LICENSE ("GPLv3+"); GRUB_MOD_LICENSE ("GPLv3+");
static grub_dl_t my_mod; static grub_dl_t my_mod;
@ -297,7 +299,8 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)),
grub_dprintf ("linux", "kernel @ %p\n", kernel_addr); grub_dprintf ("linux", "kernel @ %p\n", kernel_addr);
cmdline_size = grub_loader_cmdline_size (argc, argv) + sizeof (LINUX_IMAGE); cmdline_size = grub_loader_cmdline_size (argc, argv) + sizeof (LINUX_IMAGE)
+ VERITY_CMDLINE_LENGTH;
linux_args = grub_malloc (cmdline_size); linux_args = grub_malloc (cmdline_size);
if (!linux_args) if (!linux_args)
{ {
@ -311,6 +314,7 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)),
if (grub_errno == GRUB_ERR_NONE) if (grub_errno == GRUB_ERR_NONE)
{ {
grub_pass_verity_hash (kernel_addr, linux_args, cmdline_size);
grub_loader_set (grub_linux_boot, grub_linux_unload, 0); grub_loader_set (grub_linux_boot, grub_linux_unload, 0);
loaded = 1; loaded = 1;
} }

View file

@ -4,7 +4,14 @@
#define VERITY_ARG_LENGTH (sizeof (VERITY_ARG) - 1) #define VERITY_ARG_LENGTH (sizeof (VERITY_ARG) - 1)
#define VERITY_HASH_LENGTH 64 #define VERITY_HASH_LENGTH 64
#define VERITY_CMDLINE_LENGTH ((VERITY_ARG_LENGTH)+(VERITY_HASH_LENGTH)) #define VERITY_CMDLINE_LENGTH ((VERITY_ARG_LENGTH)+(VERITY_HASH_LENGTH))
#define VERITY_HASH_OFFSET 0x40
#if defined(__aarch64__)
# define VERITY_HASH_OFFSET 512
#elif defined(__i386__)
# define VERITY_HASH_OFFSET 0x40
#else
# error Unsupported arch
#endif
/** /**