Skip to content

Commit

Permalink
sbin/tpm-evt-log-utils.awk: add functions to replay PCR operations
Browse files Browse the repository at this point in the history
Expected PCRs 17 and 18 values are now printed at the end of dump for
easier comparison with real values. The latter can be read with:

cat /sys/class/tpm/tpm0/pcr-sha{1,256}/1[78]

Signed-off-by: Krystian Hebel <[email protected]>
  • Loading branch information
krystian-hebel committed Apr 17, 2024
1 parent f09ac3a commit 2cda978
Show file tree
Hide file tree
Showing 3 changed files with 49 additions and 0 deletions.
29 changes: 29 additions & 0 deletions sbin/tpm-evt-log-utils.awk
Original file line number Diff line number Diff line change
Expand Up @@ -72,3 +72,32 @@ function string_or_hex(str, len)
if (_len != len)
printf("... (event truncated to %d first bytes, was %d)\n", _len, len)
}

function replay_sha(vals, len, c, val, _i, n, arr, cmd)
{
val = sprintf("%0" len "." len "x", 0)
n = split(vals, arr, "\n")
for (_i = 1; _i < n; _i++) {
cmd = "echo " val arr[_i] " | xxd -r -p | " c " > /tmp/sha"
system(cmd)
getline val <"/tmp/sha"
close("/tmp/sha")
close(cmd)
# Drop trailing file name and newline character
val = substr(val, 1, len)
}
system("rm /tmp/sha")
print val
}

function replay_sha1(pcr)
{
printf " %d: ", pcr
replay_sha(SYMTAB["SHA1_" pcr], 40, "sha1sum")
}

function replay_sha256(pcr)
{
printf " %d: ", pcr
replay_sha(SYMTAB["SHA256_" pcr], 64, "sha256sum")
}
13 changes: 13 additions & 0 deletions sbin/tpm2-evt-log-parser.awk
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,10 @@ BEGIN {
PROCINFO["readfile"]
FIELDWIDTHS = "4 4 20 4 16 4 1 1 1 1 4 *"
ord_init()
SHA1_17 = ""
SHA1_18 = ""
SHA256_17 = ""
SHA256_18 = ""
}
{
# Header sanity checks
Expand Down Expand Up @@ -59,11 +63,20 @@ BEGIN {
$4 = substr($4, 3)
printf(" %s: ", alg_name(a[1]))
hexdump($4, a[2])
sym = alg_name(a[1]) "_" x2n($1, 4)
SYMTAB[sym] = SYMTAB[sym] hex_noprint($4, a[2]) "\n"
$4 = substr($4, a[2]+1)
}
printf(" Event: ")
string_or_hex($6, x2n($5, 4))
printf("\n\n")
$0 = substr($6, x2n($5, 4) + 1)
}
print "Expected PCR values:"
print " SHA1:"
replay_sha1(17)
replay_sha1(18)
print " SHA256:"
replay_sha256(17)
replay_sha256(18)
}
7 changes: 7 additions & 0 deletions sbin/txt-tpm1-evt-log-parser.awk
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,8 @@ BEGIN {
# Start by assuming presence of a TCG-compatible header
FIELDWIDTHS = "4 4 20 4 16 4 1 1 1 1 1 *"
ord_init()
SHA1_17 = ""
SHA1_18 = ""
}
{
# TCG header is not present on Intel systems, so do nothing if it's not
Expand Down Expand Up @@ -69,9 +71,14 @@ BEGIN {
printf(" Digests:\n")
printf(" SHA1: ")
hexdump($3, 20)
sym = "SHA1_" x2n($1, 4)
SYMTAB[sym] = SYMTAB[sym] hex_noprint($3, 20) "\n"
printf(" Event: ")
string_or_hex($5, x2n($4, 4))
printf("\n")
$0 = substr($5, x2n($4, 4) + 1)
}
print "Expected PCR values:"
replay_sha1(17)
replay_sha1(18)
}

0 comments on commit 2cda978

Please sign in to comment.