Change ethernet drivers to be modules and measure them when they are loaded.

This is a step towards unifying the server and laptop config (issue #139)
and also makes it possible to later remove the USB modules from the
normal boot path.
This commit is contained in:
Trammell Hudson 2017-03-28 16:32:58 -04:00
parent 1475148848
commit 8384201e9c
No known key found for this signature in database
GPG Key ID: C7CFA251FF608213
4 changed files with 47 additions and 15 deletions

View File

@ -280,7 +280,7 @@ initrd_lib_install: $(initrd_bins) $(initrd_libs)
# unlikely that their device file has a different major/minor)
#
#
initrd.cpio: $(initrd_bins) $(initrd_libs) initrd_lib_install
initrd.cpio: $(initrd_bins) $(initrd_libs) initrd_lib_install linux_modules
cd ./initrd ; \
find . \
| cpio --quiet -H newc -o \
@ -289,6 +289,14 @@ initrd.cpio: $(initrd_bins) $(initrd_libs) initrd_lib_install
initrd.intermediate: initrd.cpio
linux_modules: linux.intermediate
@-mkdir initrd/lib/modules
@for mod in $(linux_modules); do \
echo "$(DATE) Installing $$mod"; \
cp -a "$(build)/$(linux_dir)/$$mod" initrd/lib/modules; \
done
# populate the coreboot initrd image from the one we built.
# 4.4 doesn't allow this, but building from head does.

View File

@ -619,9 +619,7 @@ CONFIG_NET_PTP_CLASSIFY=y
# CONFIG_L2TP is not set
# CONFIG_BRIDGE is not set
CONFIG_HAVE_NET_DSA=y
CONFIG_VLAN_8021Q=y
# CONFIG_VLAN_8021Q_GVRP is not set
# CONFIG_VLAN_8021Q_MVRP is not set
# CONFIG_VLAN_8021Q is not set
# CONFIG_DECNET is not set
# CONFIG_LLC2 is not set
# CONFIG_IPX is not set
@ -661,14 +659,7 @@ CONFIG_NET_FLOW_LIMIT=y
# CONFIG_AF_RXRPC is not set
# CONFIG_AF_KCM is not set
# CONFIG_STREAM_PARSER is not set
CONFIG_WIRELESS=y
# CONFIG_CFG80211 is not set
# CONFIG_LIB80211 is not set
#
# CFG80211 needs to be enabled for MAC80211
#
CONFIG_MAC80211_STA_HASH_MAX_SIZE=0
# CONFIG_WIRELESS is not set
# CONFIG_WIMAX is not set
# CONFIG_RFKILL is not set
# CONFIG_NET_9P is not set
@ -1028,8 +1019,8 @@ CONFIG_ETHERNET=y
# CONFIG_NET_VENDOR_HP is not set
CONFIG_NET_VENDOR_INTEL=y
# CONFIG_E100 is not set
CONFIG_E1000=y
CONFIG_E1000E=y
CONFIG_E1000=m
CONFIG_E1000E=m
CONFIG_E1000E_HWTS=y
# CONFIG_IGB is not set
# CONFIG_IGBVF is not set

29
initrd/sbin/insmod-measure.sh Executable file
View File

@ -0,0 +1,29 @@
#!/bin/sh
# extend a TPM PCR with a module and then load it
# any arguments will also be measured
die() {
echo >&2 "$@"
exit 1
}
INDEX="$1"; shift
MODULE="$1"; shift
if [ -z "$INDEX" -o -z "$MODULE" ]; then
die "Usage: $0 pcr-index module [args...]"
fi
if [ ! -r "$MODULE" ]; then
die "$MODULE: not found?"
fi
tpm extend -ix "$INDEX" -if "$MODULE" || die "$MODULE: tpm extend failed"
if [ ! -z "$@" ]; then
TMPFILE=/tmp/insmod.$$
echo "$@" > $TMPFILE
tpm extend -ix "$INDEX" -if $TMPFILE || die "$MODULE: tpm extend on arguments failed"
fi
insmod "$MODULE" "$@" || die "$MODULE: insmod failed"

View File

@ -17,6 +17,11 @@ linux_configure := \
linux_output := arch/x86/boot/bzImage
linux_config := linux.config
linux_modules := \
drivers/net/ethernet/intel/e1000/e1000.ko \
drivers/net/ethernet/intel/e1000e/e1000e.ko \
EXTRA_FLAGS := -fdebug-prefix-map=$(pwd)=heads -gno-record-gcc-switches
linux_target := \
@ -29,7 +34,6 @@ linux_target := \
KBUILD_BUILD_TIMESTAMP="1970-00-00" \
KBUILD_BUILD_VERSION=0 \
-j $(MAKE_JOBS) \
bzImage
# We cross compile linux now
linux_depends := $(musl_dep)