Commit c004703e authored by Jeremy Linton's avatar Jeremy Linton Committed by Ard Biesheuvel
Browse files

efi/libstub: measure initrd to PCR9 independent of source 



Currently the initrd is only measured if it can be loaded using the
INITRD_MEDIA_GUID, if we are loading it from a path provided via the
command line it is never measured. Lets move the check down a couple
lines so the measurement happens independent of the source.

Signed-off-by: default avatarJeremy Linton <jeremy.linton@arm.com>
Reviewed-by: default avatarIlias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: default avatarArd Biesheuvel <ardb@kernel.org>
parent ade7ccba

drivers/firmware/efi/libstub/efi-stub-helper.c

+5 −4
Original line number Diff line number Diff line
@@ -620,10 +620,6 @@ efi_status_t efi_load_initrd(efi_loaded_image_t *image, 
	status = efi_load_initrd_dev_path(&initrd, hard_limit);

	if (status == EFI_SUCCESS) {

		efi_info("Loaded initrd from LINUX_EFI_INITRD_MEDIA_GUID device path\n");

		if (initrd.size > 0 &&

		    efi_measure_tagged_event(initrd.base, initrd.size,

					     EFISTUB_EVT_INITRD) == EFI_SUCCESS)

			efi_info("Measured initrd data into PCR 9\n");

	} else if (status == EFI_NOT_FOUND) {

		status = efi_load_initrd_cmdline(image, &initrd, soft_limit,

						 hard_limit);
@@ -636,6 +632,11 @@ efi_status_t efi_load_initrd(efi_loaded_image_t *image, 
	if (status != EFI_SUCCESS)

		goto failed;



	if (initrd.size > 0 &&

	    efi_measure_tagged_event(initrd.base, initrd.size,

				     EFISTUB_EVT_INITRD) == EFI_SUCCESS)

		efi_info("Measured initrd data into PCR 9\n");



	status = efi_bs_call(allocate_pool, EFI_LOADER_DATA, sizeof(initrd),

			     (void **)&tbl);

	if (status != EFI_SUCCESS)