#!/bin/bash
set -e -o pipefail
. /etc/functions

# CBFS extraction and measurement
#  This extraction and measurement cannot be suppressed by quiet mode, since 
#   config.user is not yet loaded at this point.
#  To suppress this output, set CONFIG_QUIET_MODE=y needs be be set in /etc/config
#   which is defined at build time under board configuration file to be part of initrd.cpio
#  This script is called from initrd/init so really early in the boot process to put files in place in initramfs

TRACE_FUNC

# Update initrd with CBFS files
if [ -z "$CONFIG_PCR" ]; then
	CONFIG_PCR=7
fi

# Load individual files
cbfsfiles=`cbfs -t 50 -l 2>/dev/null | grep "^heads/initrd/"`

for cbfsname in `echo $cbfsfiles`; do
	filename=${cbfsname:12}
	if [ ! -z "$filename" ]; then
		mkdir -p `dirname $filename` \
		|| die "$filename: mkdir failed"
		INFO "Extracting CBFS file $cbfsname into $filename"
		cbfs -t 50 $CBFS_ARG -r $cbfsname > "$filename" \
		|| die "$filename: cbfs file read failed"
		if [ "$CONFIG_TPM" = "y" ]; then
			TRACE_FUNC
			INFO "TPM: Extending PCR[$CONFIG_PCR] with filename $filename and then its content"
			# Measure both the filename and its content.  This
			# ensures that renaming files or pivoting file content
			# will still affect the resulting PCR measurement.
			tpmr extend -ix "$CONFIG_PCR" -ic "$filename"
			tpmr extend -ix "$CONFIG_PCR" -if "$filename" \
			|| die "$filename: tpm extend failed"
		fi
	fi
done