tcgbios: Measure the bootloader file read from disk

Measure the bootloader file read from disk into PCR 4 and log it with
the description 'BOOTLOADER' and the event type EV_COMPACT_HASH
(code 0xc). Since the loaded file should be an ELF file, have its size
determined and only the bytes from the ELF image measured rather than
the whole buffer that it was read into and is much bigger (0x700000
bytes).

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>

1 files changed, 18 insertions, 1 deletions

diff --git a/slof/fs/packages/disk-label.fs b/slof/fs/packages/disk-label.fs
index bb64022..661c6b0 100644
--- a/slof/fs/packages/disk-label.fs
+++ b/slof/fs/packages/disk-label.fs
@@ -452,6 +452,20 @@ CREATE GPT-LINUX-PARTITION 10 allot
    THEN
 ;
 
+\ Measure the boot loader file into PCR 4 as event type EV_COMPACT_HASH (0xc)
+
+: measure-bootloader ( data-ptr data-len -- )
+   s" /ibm,vtpm" find-node IF
+      4 -rot                    ( 4 data-ptr data-len )
+      c -rot                    ( 4 c data-ptr data-len )
+      s" BOOTLOADER"            ( 4 c data-ptr data-len desc-ptr desc-len )
+      true tpm-hash-log-extend-event-buffer   ( errcode )
+      drop
+   ELSE
+      2drop
+   THEN
+;
+
 : load-from-gpt-prep-partition ( addr -- size )
    get-gpt-partition 0= IF false EXIT THEN
    block gpt>num-part-entry l@-le dup 0= IF false exit THEN
@@ -465,7 +479,10 @@ CREATE GPT-LINUX-PARTITION 10 allot
          swap                                 ( addr blocks first-lba )
          block-size * to part-offset          ( addr blocks )
          0 0 seek drop                        ( addr blocks )
-         block-size * read                    ( size )
+         over swap                            ( addr addr blocks)
+         block-size * read                    ( addr size )
+         2dup measure-bootloader              ( addr size )
+         nip                                  ( size)
          UNLOOP EXIT
      THEN
      seek-pos gpt-part-size + to seek-pos