diff options
| author | Lennart Poettering <lennart@poettering.net> | 2022-07-27 10:58:29 +0200 |
|---|---|---|
| committer | Lennart Poettering <lennart@poettering.net> | 2022-08-02 10:28:49 +0200 |
| commit | 6017eee9ce495d0b12cfe2f6f7569a0808cd672d (patch) | |
| tree | 1c042b2ed876e10035174820373930ccb14fa5d9 /src/fundamental | |
| parent | aa323c090750408fc008bfcdc538d8cf54d15180 (diff) | |
| download | systemd-6017eee9ce495d0b12cfe2f6f7569a0808cd672d.tar.gz | |
boot: move unified kernel PE section definitions into 'fundamental' code
Le's share this code between userspace and uefispace. This is useful
later when pre-measuring expected PCRs from userspace.
Diffstat (limited to 'src/fundamental')
| -rw-r--r-- | src/fundamental/meson.build | 1 | ||||
| -rw-r--r-- | src/fundamental/tpm-pcr.c | 15 | ||||
| -rw-r--r-- | src/fundamental/tpm-pcr.h | 14 |
3 files changed, 30 insertions, 0 deletions
diff --git a/src/fundamental/meson.build b/src/fundamental/meson.build index a4383f6a27..3810d6b456 100644 --- a/src/fundamental/meson.build +++ b/src/fundamental/meson.build @@ -17,6 +17,7 @@ fundamental_source_paths = files( 'efivars-fundamental.c', 'sha256.c', 'string-util-fundamental.c', + 'tpm-pcr.c', ) # for libbasic diff --git a/src/fundamental/tpm-pcr.c b/src/fundamental/tpm-pcr.c new file mode 100644 index 0000000000..97b3c7b9d2 --- /dev/null +++ b/src/fundamental/tpm-pcr.c @@ -0,0 +1,15 @@ +/* SPDX-License-Identifier: LGPL-2.1-or-later */ + +#include <stddef.h> + +#include "tpm-pcr.h" + +const char* const unified_sections[_UNIFIED_SECTION_MAX + 1] = { + [UNIFIED_SECTION_LINUX] = ".linux", + [UNIFIED_SECTION_OSREL] = ".osrel", + [UNIFIED_SECTION_CMDLINE] = ".cmdline", + [UNIFIED_SECTION_INITRD] = ".initrd", + [UNIFIED_SECTION_SPLASH] = ".splash", + [UNIFIED_SECTION_DTB] = ".dtb", + NULL, +}; diff --git a/src/fundamental/tpm-pcr.h b/src/fundamental/tpm-pcr.h index 6e8b25934b..fb0774f70d 100644 --- a/src/fundamental/tpm-pcr.h +++ b/src/fundamental/tpm-pcr.h @@ -22,3 +22,17 @@ /* This TPM PCR is where we extend the initrd sysext images into which we pass to the booted kernel */ #define TPM_PCR_INDEX_INITRD_SYSEXTS 13U + +/* List of PE sections that have special meaning for us in unified kernels. This is the canonical order in + * which we measure the sections into TPM PCR 11 (see above). PLEASE DO NOT REORDER! */ +typedef enum UnifiedSection { + UNIFIED_SECTION_LINUX, + UNIFIED_SECTION_OSREL, + UNIFIED_SECTION_CMDLINE, + UNIFIED_SECTION_INITRD, + UNIFIED_SECTION_SPLASH, + UNIFIED_SECTION_DTB, + _UNIFIED_SECTION_MAX, +} UnifiedSection; + +extern const char* const unified_sections[_UNIFIED_SECTION_MAX + 1]; |