summaryrefslogtreecommitdiff
path: root/src/boot/efi/measure.h
diff options
context:
space:
mode:
Diffstat (limited to 'src/boot/efi/measure.h')
-rw-r--r--src/boot/efi/measure.h14
1 files changed, 14 insertions, 0 deletions
diff --git a/src/boot/efi/measure.h b/src/boot/efi/measure.h
index 33c98aaf73..7a817b22d8 100644
--- a/src/boot/efi/measure.h
+++ b/src/boot/efi/measure.h
@@ -3,6 +3,20 @@
#include <efi.h>
+/* This TPM PCR is where we extend the kernel command line and any passed credentials here. */
+#define TPM_PCR_INDEX_KERNEL_PARAMETERS 12U
+
+/* We used to write the the kernel command line/credentials into PCR 8, in systemd <= 250. Let's provide for
+ * some compatibility. (Remove in 2023!) */
+#if EFI_TPM_PCR_COMPAT
+#define TPM_PCR_INDEX_KERNEL_PARAMETERS_COMPAT 8U
+#else
+#define TPM_PCR_INDEX_KERNEL_PARAMETERS_COMPAT UINT32_MAX
+#endif
+
+/* This TPM PCR is where most Linux infrastructure extends the initrd binary images into, and so do we. */
+#define TPM_PCR_INDEX_INITRD 4U
+
#if ENABLE_TPM
BOOLEAN tpm_present(void);
View Lorry Controller Status