File 0008-tpm-Measure-commands.patch of Package grub2.14515

From 959e235378adef1477d14d7546c549b7619eb5f1 Mon Sep 17 00:00:00 2001
From: Matthew Garrett <mjg59@srcf.ucam.org>
Date: Mon, 10 Aug 2015 15:27:12 -0700
Subject: [PATCH 08/11] Measure commands

Measure each command executed by grub, which includes script execution.
---
 grub-core/script/execute.c | 25 +++++++++++++++++++++++--
 1 file changed, 23 insertions(+), 2 deletions(-)

Index: grub-2.02~beta3/grub-core/script/execute.c
===================================================================
--- grub-2.02~beta3.orig/grub-core/script/execute.c
+++ grub-2.02~beta3/grub-core/script/execute.c
@@ -30,6 +30,7 @@
 #ifdef GRUB_MACHINE_IEEE1275
 #include <grub/ieee1275/ieee1275.h>
 #endif
+#include <grub/tpm.h>
 
 /* Max digits for a char is 3 (0xFF is 255), similarly for an int it
    is sizeof (int) * 3, and one extra for a possible -ve sign.  */
@@ -936,8 +937,9 @@ grub_script_execute_cmdline (struct grub
   grub_err_t ret = 0;
   grub_script_function_t func = 0;
   char errnobuf[18];
-  char *cmdname;
-  int argc;
+  char *cmdname, *cmdstring;
+  int argc, offset = 0, cmdlen = 0;
+  unsigned int i;
   char **args;
   int invert;
   struct grub_script_argv argv = { 0, 0, 0 };
@@ -946,6 +948,25 @@ grub_script_execute_cmdline (struct grub
   if (grub_script_arglist_to_argv (cmdline->arglist, &argv) || ! argv.args[0])
     return grub_errno;
 
+  for (i = 0; i < argv.argc; i++) {
+	  cmdlen += grub_strlen (argv.args[i]) + 1;
+  }
+
+  cmdstring = grub_malloc (cmdlen);
+  if (!cmdstring)
+  {
+	  return grub_error (GRUB_ERR_OUT_OF_MEMORY,
+			     N_("cannot allocate command buffer"));
+  }
+
+  for (i = 0; i < argv.argc; i++) {
+	  offset += grub_snprintf (cmdstring + offset, cmdlen - offset, "%s ",
+				   argv.args[i]);
+  }
+  cmdstring[cmdlen-1]= '\0';
+  grub_tpm_measure ((unsigned char *)cmdstring, cmdlen, GRUB_ASCII_PCR,
+		    "grub_cmd", cmdstring);
+  grub_free(cmdstring);
   invert = 0;
   argc = argv.argc - 1;
   args = argv.args + 1;
openSUSE Build Service is sponsored by