tcgbios: Measure the GPT table

Measure and log the GPT table including LBA1 and all GPT table entries
with a non-zero Type GUID.

We follow the specification "TCG PC Client Platform Firmware Profile
Specification" for the format of what needs to be logged and measured.
See section "Event Logging" subsection "Measuring UEFI Variables" for
the UEFI_GPT_DATA structure.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>

1 files changed, 22 insertions, 0 deletions

diff --git a/slof/fs/packages/disk-label.fs b/slof/fs/packages/disk-label.fs
index 969eb00..bb64022 100644
--- a/slof/fs/packages/disk-label.fs
+++ b/slof/fs/packages/disk-label.fs
@@ -431,6 +431,27 @@ CREATE GPT-LINUX-PARTITION 10 allot
    block gpt>signature x@ GPT-SIGNATURE =
 ;
 
+\ Measure the GPT partition table by collecting its LBA1
+\ and GPT Entries and then measuring them.
+\ This function modifies 'block' and 'seek-pos'
+
+: measure-gpt-partition ( -- )
+   s" /ibm,vtpm" find-node ?dup IF
+      get-gpt-partition 0= if drop EXIT THEN
+
+      block block-size tpm-gpt-set-lba1
+
+      block gpt>num-part-entry l@-le
+      1+ 1 ?DO
+         seek-pos 0 seek drop
+         block gpt-part-size read drop
+         block gpt-part-size tpm-gpt-add-entry
+         seek-pos gpt-part-size + to seek-pos
+      LOOP
+      s" measure-gpt" rot $call-static
+   THEN
+;
+
 : load-from-gpt-prep-partition ( addr -- size )
    get-gpt-partition 0= IF false EXIT THEN
    block gpt>num-part-entry l@-le dup 0= IF false exit THEN
@@ -465,6 +486,7 @@ CREATE GPT-LINUX-PARTITION 10 allot
 ;
 
 : try-gpt-dos-partition ( -- true|false )
+   measure-gpt-partition
    get-gpt-partition 0= IF false EXIT THEN
    block gpt>num-part-entry l@-le dup 0= IF false EXIT THEN
    1+ 1 ?DO