[PATCH v14 4/8] bootm: Support boot measurement
Ilias Apalodimas
ilias.apalodimas at linaro.org
Wed Oct 25 14:41:36 CEST 2023
On Tue, 24 Oct 2023 at 18:44, Eddie James <eajames at linux.ibm.com> wrote:
>
> Add a configuration option to measure the boot through the bootm
> function. Add the measurement state to the booti and bootz paths
> as well.
>
> Signed-off-by: Eddie James <eajames at linux.ibm.com>
> Reviewed-by: Simon Glass <sjg at chromium.org>
> ---
> Changes since v8:
> - Added a configuration option to select to ignore any existing
> event log. This would only be selected for systems that know
> that U-Boot is the first stage bootloader. This is necessary
> because the reserved memory region may persist through resets
> and so U-Boot attempts to append to the previous boot's log.
>
> Changes since v6:
> - Added comment for bootm_measure
> - Fixed line length in bootm_measure
>
> boot/Kconfig | 32 +++++++++++++++++++++
> boot/bootm.c | 74 +++++++++++++++++++++++++++++++++++++++++++++++++
> cmd/booti.c | 1 +
> cmd/bootm.c | 2 ++
> cmd/bootz.c | 1 +
> include/bootm.h | 11 ++++++++
> include/image.h | 1 +
> 7 files changed, 122 insertions(+)
>
> diff --git a/boot/Kconfig b/boot/Kconfig
> index a01e6cb8aa..abbc72f4cf 100644
> --- a/boot/Kconfig
> +++ b/boot/Kconfig
> @@ -685,6 +685,38 @@ config LEGACY_IMAGE_FORMAT
> loaded. If a board needs the legacy image format support in this
> case, enable it here.
>
> +config MEASURED_BOOT
> + bool "Measure boot images and configuration to TPM and event log"
> + depends on HASH && TPM_V2
I know Simon reviewed this already, but don't we need to add !EFI here?
UEFI already supports measurements via the TCG protocol implementation.
But since EFI is 'default y' nowadays anyone minds if I change the
help & bool messages during merge?
Something along the lines of
bool "Measure boot images and configuration to TPM and event log when
booting without EFI"
[...]
Thanks
/Ilias
More information about the U-Boot
mailing list