mirror of
https://github.com/systemd/systemd.git
synced 2024-10-26 08:55:40 +03:00
measure: introduce support for a .hwids section
This commit is contained in:
anonymix007
parent
6c123747e1
commit
dddae856c4
@ -77,7 +77,7 @@
|
||||
<option>--osrel=</option>, <option>--cmdline=</option>, <option>--initrd=</option>,
|
||||
<option>--ucode=</option>, <option>--splash=</option>, <option>--dtb=</option>,
|
||||
<option>--uname=</option>, <option>--sbat=</option>, <option>--pcrpkey=</option>,
|
||||
<option>--profile=</option>, see below. Only <option>--linux=</option> is mandatory. (Alternatively,
|
||||
<option>--profile=</option>, <option>--hwids=</option>, see below. Only <option>--linux=</option> is mandatory. (Alternatively,
|
||||
specify <option>--current</option> to use the current values of PCR register 11 instead.)</para>
|
||||
|
||||
<xi:include href="version-info.xml" xpointer="v252"/>
|
||||
@ -125,6 +125,7 @@
|
||||
<term><option>--sbat=<replaceable>PATH</replaceable></option></term>
|
||||
<term><option>--pcrpkey=<replaceable>PATH</replaceable></option></term>
|
||||
<term><option>--profile=<replaceable>PATH</replaceable></option></term>
|
||||
<term><option>--hwids=<replaceable>PATH</replaceable></option></term>
|
||||
|
||||
<listitem><para>When used with the <command>calculate</command> or <command>sign</command> verb,
|
||||
configures the files to read the unified kernel image components from. Each option corresponds with
|
||||
@ -134,7 +135,7 @@
|
||||
|
||||
<xi:include href="version-info.xml" xpointer="v252"/>
|
||||
|
||||
<para id="v257">With the exception of <option>--profile=</option>, which has been added in version
|
||||
<para id="v257">With the exception of <option>--profile=</option> and <option>--hwids=</option>, which have been added in version
|
||||
257.</para></listitem>
|
||||
</varlistentry>
|
||||
|
||||
|
||||
@ -102,6 +102,7 @@ static int help(int argc, char *argv[], void *userdata) {
|
||||
" --sbat=PATH Path to SBAT file %7$s .sbat\n"
|
||||
" --pcrpkey=PATH Path to public key for PCR signatures %7$s .pcrpkey\n"
|
||||
" --profile=PATH Path to profile file %7$s .profile\n"
|
||||
" --hwids=PATH Path to HWIDs file %7$s .hwids\n"
|
||||
"\nSee the %2$s for details.\n",
|
||||
program_invocation_short_name,
|
||||
link,
|
||||
@ -145,8 +146,9 @@ static int parse_argv(int argc, char *argv[]) {
|
||||
ARG_SBAT,
|
||||
_ARG_PCRSIG, /* the .pcrsig section is not input for signing, hence not actually an argument here */
|
||||
ARG_PCRPKEY,
|
||||
ARG_PROFILE,
|
||||
_ARG_SECTION_LAST,
|
||||
ARG_PROFILE = _ARG_SECTION_LAST,
|
||||
ARG_HWIDS = _ARG_SECTION_LAST,
|
||||
ARG_BANK,
|
||||
ARG_PRIVATE_KEY,
|
||||
ARG_PRIVATE_KEY_SOURCE,
|
||||
@ -173,6 +175,7 @@ static int parse_argv(int argc, char *argv[]) {
|
||||
{ "sbat", required_argument, NULL, ARG_SBAT },
|
||||
{ "pcrpkey", required_argument, NULL, ARG_PCRPKEY },
|
||||
{ "profile", required_argument, NULL, ARG_PROFILE },
|
||||
{ "hwids", required_argument, NULL, ARG_HWIDS },
|
||||
{ "current", no_argument, NULL, 'c' },
|
||||
{ "bank", required_argument, NULL, ARG_BANK },
|
||||
{ "tpm2-device", required_argument, NULL, ARG_TPM2_DEVICE },
|
||||
|
||||
@ -21,5 +21,6 @@ const char* const unified_sections[_UNIFIED_SECTION_MAX + 1] = {
|
||||
[UNIFIED_SECTION_PCRSIG] = ".pcrsig",
|
||||
[UNIFIED_SECTION_PCRPKEY] = ".pcrpkey",
|
||||
[UNIFIED_SECTION_PROFILE] = ".profile",
|
||||
[UNIFIED_SECTION_HWIDS] = ".hwids",
|
||||
NULL,
|
||||
};
|
||||
|
||||
@ -18,6 +18,7 @@ typedef enum UnifiedSection {
|
||||
UNIFIED_SECTION_PCRSIG,
|
||||
UNIFIED_SECTION_PCRPKEY,
|
||||
UNIFIED_SECTION_PROFILE,
|
||||
UNIFIED_SECTION_HWIDS,
|
||||
_UNIFIED_SECTION_MAX,
|
||||
} UnifiedSection;
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user