From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from list by lists.gnu.org with archive (Exim 4.71) id 1camOM-0007fP-BL for mharc-grub-devel@gnu.org; Mon, 06 Feb 2017 11:43:50 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:33119) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1camOJ-0007fI-TD for grub-devel@gnu.org; Mon, 06 Feb 2017 11:43:48 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1camOJ-0001ix-2x for grub-devel@gnu.org; Mon, 06 Feb 2017 11:43:47 -0500 Received: from cavan.codon.org.uk ([2a00:1098:0:80:1000:c:0:1]:54590) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1camOI-0001dS-Rs for grub-devel@gnu.org; Mon, 06 Feb 2017 11:43:47 -0500 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=codon.org.uk; s=63138784; h=In-Reply-To:Content-Type:MIME-Version:References:Message-ID:Subject:To:From:Date; bh=dLrTIMhx/0Xgybkr4o0wCkBROw1Q/areZcpGL75W0Dg=; b=nmfkF7NQSAnOuPVjVAKZE6aPDqWiu6OSlk6JsuMlL6sHkoQhMuPL0GlW8rv7SWisD3l01es1HxYkAvUOTYfmIK0We9+PU9F1nMdYw/4+dO5+TNvYzcOYE43k5YgUo+HKaUwThpEJt354WaQOt2x4ZjQEgO2Vfg1CSx/UKkv6IeA=; Received: from mjg59 by cavan.codon.org.uk with local (Exim 4.80) (envelope-from ) id 1camOA-0001OA-Ca for grub-devel@gnu.org; Mon, 06 Feb 2017 16:43:38 +0000 Date: Mon, 6 Feb 2017 16:43:38 +0000 From: Matthew Garrett To: The development of GNU GRUB Subject: Re: Support for TPM measurements on UEFI systems Message-ID: <20170206164338.GA4484@srcf.ucam.org> References: <20170124003828.24762-1-mjg59@coreos.com> <20170204212359.GA11656@srcf.ucam.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.21 (2010-09-15) X-SA-Exim-Connect-IP: X-SA-Exim-Mail-From: mjg59@cavan.codon.org.uk X-SA-Exim-Scanned: No (on cavan.codon.org.uk); SAEximRunCond expanded to false X-detected-operating-system: by eggs.gnu.org: GNU/Linux 3.x X-Received-From: 2a00:1098:0:80:1000:c:0:1 X-BeenThere: grub-devel@gnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: The development of GNU GRUB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Feb 2017 16:43:48 -0000 On Sun, Feb 05, 2017 at 01:28:20PM +0000, Vladimir 'phcoder' Serbinenko wrote: > See verify.h for the interface. Obviously if you need changes in the API, > please say. I think that's a starting point, but it doesn't seem sufficient for some of the cases I care about. For instance, measuring boot state isn't just about the files that are read - we also need to measure the commands that grub runs and the command line passed to the kernel, for instance. Ideally we'd also have more context available in order to make a better decision about which PCR to measure something into, but I can't think of a good way to do that simply by hooking open. That also seems to make it difficult to implement a handler that should only be verifying some objects - for instance, a UEFI secure boot handler only wants to verify the kernel (or something that's chainloaded) and ignore everything else. -- Matthew Garrett | mjg59@srcf.ucam.org