[V5,12/12] Experimental support for taking measurements when kernel etc. are passed to Qemu

Message ID 20110520154306.332177486@linux.vnet.ibm.com
State New
Headers show

Commit Message

Stefan Berger May 20, 2011, 3:42 p.m.
This really is just for experimental purposes since there are problems
when doing something similar with a multiboot kernel.

This patch addresses the case where the user provides the kernel, initrd
and kernel command line via command line parameters to Qemu. To avoid
incorrect measurements by SeaBIOS, the setup part of the kernel needs
to be treated separately.

For SeaBIOS to be able to measure the kernel whose measurement corresponds
to the 'sha1sum <kernel file>' we need to preserve the setup part of the
kernel. Since Qemu modifies it, we store a copy of the original setup
and later retrieve it in SeaBIOS's and concat the setup and rest of the kernel
to get the correct measurement.

An alternative would be to measure the files in Qemu and make the measurements
available to SeaBIOS. This would introduce a dependency of Qemu on a sha1

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>

 hw/fw_cfg.h |    1 +
 hw/pc.c     |    8 +++++++-
 2 files changed, 8 insertions(+), 1 deletion(-)


Index: qemu-git/hw/fw_cfg.h
--- qemu-git.orig/hw/fw_cfg.h
+++ qemu-git/hw/fw_cfg.h
@@ -27,6 +27,7 @@ 
 #define FW_CFG_SETUP_SIZE       0x17
 #define FW_CFG_SETUP_DATA       0x18
 #define FW_CFG_FILE_DIR         0x19
+#define FW_CFG_SETUP_ORIG_DATA  0x1a
 #define FW_CFG_FILE_FIRST       0x20
 #define FW_CFG_FILE_SLOTS       0x10
Index: qemu-git/hw/pc.c
--- qemu-git.orig/hw/pc.c
+++ qemu-git/hw/pc.c
@@ -659,7 +659,7 @@  static void load_linux(void *fw_cfg,
     uint16_t protocol;
     int setup_size, kernel_size, initrd_size = 0, cmdline_size;
     uint32_t initrd_max;
-    uint8_t header[8192], *setup, *kernel, *initrd_data;
+    uint8_t header[8192], *setup, *kernel, *initrd_data, *setup_orig;
     target_phys_addr_t real_addr, prot_addr, cmdline_addr, initrd_addr = 0;
     FILE *f;
     char *vmode;
@@ -807,6 +807,7 @@  static void load_linux(void *fw_cfg,
     kernel_size -= setup_size;
     setup  = qemu_malloc(setup_size);
+    setup_orig = qemu_malloc(setup_size);
     kernel = qemu_malloc(kernel_size);
     fseek(f, 0, SEEK_SET);
     if (fread(setup, 1, setup_size, f) != setup_size) {
@@ -818,6 +819,9 @@  static void load_linux(void *fw_cfg,
+    memcpy(setup_orig, setup, setup_size);
     memcpy(setup, header, MIN(sizeof(header), setup_size));
     fw_cfg_add_i32(fw_cfg, FW_CFG_KERNEL_ADDR, prot_addr);
@@ -828,6 +832,8 @@  static void load_linux(void *fw_cfg,
     fw_cfg_add_i32(fw_cfg, FW_CFG_SETUP_SIZE, setup_size);
     fw_cfg_add_bytes(fw_cfg, FW_CFG_SETUP_DATA, setup, setup_size);
+    fw_cfg_add_bytes(fw_cfg, FW_CFG_SETUP_ORIG_DATA, setup_orig, setup_size);
     option_rom[nb_option_roms].name = "linuxboot.bin";
     option_rom[nb_option_roms].bootindex = 0;