From dec166d6b2c28d971394ebe1bc0ac70b88b575c0 Mon Sep 17 00:00:00 2001 From: Eddie James Date: Tue, 24 Oct 2023 10:43:50 -0500 Subject: bootm: Support boot measurement Add a configuration option to measure the boot through the bootm function. Add the measurement state to the booti and bootz paths as well. Signed-off-by: Eddie James Reviewed-by: Simon Glass Ilias: Added some info on Kconfig explaining this is when booting !EFI Signed-off-by: Ilias Apalodimas --- include/bootm.h | 11 +++++++++++ include/image.h | 1 + 2 files changed, 12 insertions(+) (limited to 'include') diff --git a/include/bootm.h b/include/bootm.h index c3c7336207..10a1bd65a7 100644 --- a/include/bootm.h +++ b/include/bootm.h @@ -56,6 +56,17 @@ ulong bootm_disable_interrupts(void); int bootm_find_images(int flag, int argc, char *const argv[], ulong start, ulong size); +/* + * Measure the boot images. Measurement is the process of hashing some binary + * data and storing it into secure memory, i.e. TPM PCRs. In addition, each + * measurement is logged into the platform event log such that the operating + * system can access it and perform attestation of the boot. + * + * @images: The structure containing the various images to boot (linux, + * initrd, dts, etc.) + */ +int bootm_measure(struct bootm_headers *images); + int do_bootm_states(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[], int states, struct bootm_headers *images, int boot_progress); diff --git a/include/image.h b/include/image.h index 5f85bf84a2..2e3cf839ee 100644 --- a/include/image.h +++ b/include/image.h @@ -409,6 +409,7 @@ struct bootm_headers { #define BOOTM_STATE_OS_FAKE_GO 0x00000200 /* 'Almost' run the OS */ #define BOOTM_STATE_OS_GO 0x00000400 #define BOOTM_STATE_PRE_LOAD 0x00000800 +#define BOOTM_STATE_MEASURE 0x00001000 int state; #if defined(CONFIG_LMB) && !defined(USE_HOSTCC) -- cgit v1.2.3