github.com/xyproto/u-root@v6.0.1-0.20200302025726-5528e0c77a3c+incompatible/pkg/securelaunch/measurement/storage.go (about) 1 // Copyright 2019 the u-root Authors. All rights reserved 2 // Use of this source code is governed by a BSD-style 3 // license that can be found in the LICENSE file. 4 5 package measurement 6 7 import ( 8 "encoding/json" 9 "fmt" 10 "io" 11 "log" 12 "os" 13 14 slaunch "github.com/u-root/u-root/pkg/securelaunch" 15 "github.com/u-root/u-root/pkg/securelaunch/tpm" 16 ) 17 18 /* describes the "storage" portion of policy file */ 19 type StorageCollector struct { 20 Type string `json:"type"` 21 Paths []string `json:"paths"` 22 } 23 24 /* 25 * NewStorageCollector extracts the "storage" portion from the policy file. 26 * initializes a new StorageCollector structure. 27 * returns error if unmarshalling of StorageCollector fails 28 */ 29 func NewStorageCollector(config []byte) (Collector, error) { 30 slaunch.Debug("New Storage Collector initialized\n") 31 var sc = new(StorageCollector) 32 err := json.Unmarshal(config, &sc) 33 if err != nil { 34 return nil, err 35 } 36 return sc, nil 37 } 38 39 /* 40 * measureStorageDevice reads the disk path input by user, 41 * and then extends the pcr with it. 42 * 43 * Hashing of buffer is handled by tpm package. 44 * - tpmHandle - tpm device where measurements are stored. 45 * - blkDevicePath - string e.g /dev/sda 46 * returns 47 * - error if Reading the block device fails. 48 */ 49 func measureStorageDevice(tpmHandle io.ReadWriteCloser, blkDevicePath string) error { 50 51 log.Printf("Storage Collector: Measuring block device %s\n", blkDevicePath) 52 file, err := os.Open(blkDevicePath) 53 if err != nil { 54 return fmt.Errorf("couldn't open disk=%s err=%v", blkDevicePath, err) 55 } 56 57 return tpm.ExtendPCRDebug(tpmHandle, pcr, file) 58 } 59 60 /* 61 * Collect satisfies Collector Interface. It loops over all storage paths provided 62 * by user and calls measureStorageDevice for each storage path. storage path is of 63 * form /dev/sda. measureStorageDevice in turn calls tpm 64 * package which further hashes this buffer and extends pcr. 65 */ 66 func (s *StorageCollector) Collect(tpmHandle io.ReadWriteCloser) error { 67 68 for _, inputVal := range s.Paths { 69 err := measureStorageDevice(tpmHandle, inputVal) // inputVal is blkDevicePath e.g /dev/sda 70 if err != nil { 71 log.Printf("Storage Collector: input = %s, err = %v", inputVal, err) 72 return err 73 } 74 } 75 76 return nil 77 }