[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PATCH V5 12/12] Experimental support for taking measuremen
From: |
Stefan Berger |
Subject: |
[Qemu-devel] [PATCH V5 12/12] Experimental support for taking measurements when kernel etc. are passed to Qemu |
Date: |
Fri, 20 May 2011 11:42:52 -0400 |
User-agent: |
quilt/0.48-1 |
This really is just for experimental purposes since there are problems
when doing something similar with a multiboot kernel.
This patch addresses the case where the user provides the kernel, initrd
and kernel command line via command line parameters to Qemu. To avoid
incorrect measurements by SeaBIOS, the setup part of the kernel needs
to be treated separately.
For SeaBIOS to be able to measure the kernel whose measurement corresponds
to the 'sha1sum <kernel file>' we need to preserve the setup part of the
kernel. Since Qemu modifies it, we store a copy of the original setup
and later retrieve it in SeaBIOS's and concat the setup and rest of the kernel
to get the correct measurement.
An alternative would be to measure the files in Qemu and make the measurements
available to SeaBIOS. This would introduce a dependency of Qemu on a sha1
algorithm.
Signed-off-by: Stefan Berger <address@hidden>
---
hw/fw_cfg.h | 1 +
hw/pc.c | 8 +++++++-
2 files changed, 8 insertions(+), 1 deletion(-)
Index: qemu-git/hw/fw_cfg.h
===================================================================
--- qemu-git.orig/hw/fw_cfg.h
+++ qemu-git/hw/fw_cfg.h
@@ -27,6 +27,7 @@
#define FW_CFG_SETUP_SIZE 0x17
#define FW_CFG_SETUP_DATA 0x18
#define FW_CFG_FILE_DIR 0x19
+#define FW_CFG_SETUP_ORIG_DATA 0x1a
#define FW_CFG_FILE_FIRST 0x20
#define FW_CFG_FILE_SLOTS 0x10
Index: qemu-git/hw/pc.c
===================================================================
--- qemu-git.orig/hw/pc.c
+++ qemu-git/hw/pc.c
@@ -659,7 +659,7 @@ static void load_linux(void *fw_cfg,
uint16_t protocol;
int setup_size, kernel_size, initrd_size = 0, cmdline_size;
uint32_t initrd_max;
- uint8_t header[8192], *setup, *kernel, *initrd_data;
+ uint8_t header[8192], *setup, *kernel, *initrd_data, *setup_orig;
target_phys_addr_t real_addr, prot_addr, cmdline_addr, initrd_addr = 0;
FILE *f;
char *vmode;
@@ -807,6 +807,7 @@ static void load_linux(void *fw_cfg,
kernel_size -= setup_size;
setup = qemu_malloc(setup_size);
+ setup_orig = qemu_malloc(setup_size);
kernel = qemu_malloc(kernel_size);
fseek(f, 0, SEEK_SET);
if (fread(setup, 1, setup_size, f) != setup_size) {
@@ -818,6 +819,9 @@ static void load_linux(void *fw_cfg,
exit(1);
}
fclose(f);
+
+ memcpy(setup_orig, setup, setup_size);
+
memcpy(setup, header, MIN(sizeof(header), setup_size));
fw_cfg_add_i32(fw_cfg, FW_CFG_KERNEL_ADDR, prot_addr);
@@ -828,6 +832,8 @@ static void load_linux(void *fw_cfg,
fw_cfg_add_i32(fw_cfg, FW_CFG_SETUP_SIZE, setup_size);
fw_cfg_add_bytes(fw_cfg, FW_CFG_SETUP_DATA, setup, setup_size);
+ fw_cfg_add_bytes(fw_cfg, FW_CFG_SETUP_ORIG_DATA, setup_orig, setup_size);
+
option_rom[nb_option_roms].name = "linuxboot.bin";
option_rom[nb_option_roms].bootindex = 0;
nb_option_roms++;
- [Qemu-devel] [PATCH V5 00/12] Qemu Trusted Platform Module (TPM) integration, Stefan Berger, 2011/05/20
- [Qemu-devel] [PATCH V5 05/12] Add a debug register, Stefan Berger, 2011/05/20
- [Qemu-devel] [PATCH V5 03/12] Add persistent state handling to TPM TIS frontend driver, Stefan Berger, 2011/05/20
- [Qemu-devel] [PATCH V5 01/12] Support for TPM command line options, Stefan Berger, 2011/05/20
- [Qemu-devel] [PATCH V5 02/12] Add TPM (frontend) hardware interface (TPM TIS) to Qemu, Stefan Berger, 2011/05/20
- [Qemu-devel] [PATCH V5 08/12] Introduce file lock for the block layer, Stefan Berger, 2011/05/20
- [Qemu-devel] [PATCH V5 04/12] Add tpm_tis driver to build process, Stefan Berger, 2011/05/20
- [Qemu-devel] [PATCH V5 07/12] Implementation of the libtpms-based backend, Stefan Berger, 2011/05/20
- [Qemu-devel] [PATCH V5 12/12] Experimental support for taking measurements when kernel etc. are passed to Qemu,
Stefan Berger <=
- [Qemu-devel] [PATCH V5 11/12] Experimental support for block migrating TPMs state, Stefan Berger, 2011/05/20
- [Qemu-devel] [PATCH V5 06/12] Add a TPM backend skeleton implementation, Stefan Berger, 2011/05/20
- [Qemu-devel] [PATCH V5 10/12] Encrypt state blobs using AES CBC encryption, Stefan Berger, 2011/05/20
- [Qemu-devel] [PATCH V5 09/12] Add block storage support for libtpms based TPM backend, Stefan Berger, 2011/05/20