mirror of
https://github.com/linuxboot/heads.git
synced 2024-12-18 20:47:55 +00:00
40c34453df
Exception: scripts sourcing/calls within etc/ash_functions continues to use old TRACE functions until we switch to bash completely getting rid of ash. This would mean getting rid of legacy boards (flash + legacy boards which do not have enough space for bash in flash boards) once and for all. Signed-off-by: Thierry Laurion <insurgo@riseup.net>
52 lines
1.2 KiB
Bash
Executable File
52 lines
1.2 KiB
Bash
Executable File
#!/bin/bash
|
|
# extend a TPM PCR with a module and then load it
|
|
# any arguments will also be measured.
|
|
# The default PCR to be extended is 5, but can be
|
|
# overridden with the MODULE_PCR environment variable
|
|
|
|
. /etc/functions
|
|
|
|
TRACE_FUNC
|
|
|
|
MODULE="$1"; shift
|
|
|
|
if [ -z "$MODULE_PCR" ]; then
|
|
MODULE_PCR=5
|
|
fi
|
|
|
|
|
|
if [ -z "$MODULE" ]; then
|
|
die "Usage: $0 module [args...]"
|
|
fi
|
|
|
|
if [ ! -r "$MODULE" ]; then
|
|
die "$MODULE: not found?"
|
|
fi
|
|
|
|
if [ ! -r /sys/class/tpm/tpm0/pcrs -o ! -x /bin/tpm ]; then
|
|
if [ ! -c /dev/tpmrm0 -o ! -x /bin/tpm2 ]; then
|
|
tpm_missing=1
|
|
fi
|
|
fi
|
|
|
|
if [ -z "$tpm_missing" ]; then
|
|
DEBUG "Extending TPM PCR $MODULE_PCR with $MODULE prior of usage"
|
|
tpmr extend -ix "$MODULE_PCR" -if "$MODULE" \
|
|
|| die "$MODULE: tpm extend failed"
|
|
fi
|
|
|
|
if [ ! -z "$*" -a -z "$tpm_missing" ]; then
|
|
DEBUG "Extending TPM PCR $MODULE_PCR with $*"
|
|
TMPFILE=/tmp/insmod.$$
|
|
echo "$@" > $TMPFILE
|
|
DEBUG "Extending TPM PCR $MODULE_PCR with $MODULE prior of usage"
|
|
tpmr extend -ix "$MODULE_PCR" -if $TMPFILE \
|
|
|| die "$MODULE: tpm extend on arguments failed"
|
|
fi
|
|
|
|
# Since we have replaced the real insmod, we must invoke
|
|
# the busybox insmod via the original executable
|
|
DEBUG "Loading $MODULE with busybox insmod"
|
|
busybox insmod "$MODULE" "$@" \
|
|
|| die "$MODULE: insmod failed"
|