verifiers: Core TPM support
Add support for performing basic TPM measurements. Right now this only supports extending PCRs statically and only on UEFI. In future we might want to have some sort of mechanism for choosing which events get logged to which PCRs, but this seems like a good default policy and we can wait to see whether anyone has a use case before adding more complexity. Signed-off-by: Matthew Garrett <mjg59@google.com> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
This commit is contained in:
		
							parent
							
								
									8d6447d496
								
							
						
					
					
						commit
						f4f4e3c715
					
				
					 17 changed files with 616 additions and 146 deletions
				
			
		|  | @ -106,9 +106,5 @@ grub_create_loader_cmdline (int argc, char *argv[], char *buf, | |||
| 
 | ||||
|   *buf = 0; | ||||
| 
 | ||||
|   grub_tpm_measure ((void *)orig_buf, grub_strlen (orig_buf), GRUB_ASCII_PCR, | ||||
| 		    "grub_kernel_cmdline", orig_buf); | ||||
|   grub_print_error(); | ||||
| 
 | ||||
|   return grub_verify_string (orig_buf, type); | ||||
| } | ||||
|  |  | |||
		Loading…
	
	Add table
		Add a link
		
	
		Reference in a new issue