stub: measure all cmdline addons together

diff --git a/docs/TPM2_PCR_MEASUREMENTS.md b/docs/TPM2_PCR_MEASUREMENTS.md
index f2893f1344542a8f53d8c5801b50bf35b5af0b9e..f92b8a5ed5b6284f3218538f2198f4a29d7aaaf9 100644 (file)
--- a/docs/TPM2_PCR_MEASUREMENTS.md
+++ b/docs/TPM2_PCR_MEASUREMENTS.md
@@ -77,12 +77,11 @@ PE section order, as per the UKI specification, see above.
 
 ### PCR 12, `EV_IPL`, "Kernel Command Line"
 
-Might happen up to four times, for kernel command lines from:
+Might happen up to three times, for kernel command lines from:
 
  1. Passed cmdline
- 2. System cmdline add-ons (one measurement covering all add-ons combined)
- 3. Per-UKI cmdline add-ons (one measurement covering all add-ons combined)
- 2. SMBIOS cmdline
+ 2. System and per-UKI cmdline add-ons (one measurement covering all add-ons combined)
+ 3. SMBIOS cmdline
 
 → **Description** in the event log record is the literal kernel command line in
 UTF-16.

diff --git a/src/boot/efi/stub.c b/src/boot/efi/stub.c
index dd3d017cce89351333f4090d960379a4a3788804..2366dfd42b6b4e7337ad1eed0c1ee2ea229727fe 100644 (file)
--- a/src/boot/efi/stub.c
+++ b/src/boot/efi/stub.c
@@ -257,26 +257,35 @@ static EFI_STATUS load_addons_from_dir(
 }
 
 static void cmdline_append_and_measure_addons(
-                char16_t *cmdline,
+                char16_t *cmdline_global,
+                char16_t *cmdline_uki,
                 char16_t **cmdline_append,
                 bool *ret_parameters_measured) {
 
-        _cleanup_free_ char16_t *tmp = NULL;
+        _cleanup_free_ char16_t *tmp = NULL, *merged = NULL;
         bool m = false;
 
         assert(cmdline_append);
         assert(ret_parameters_measured);
 
-        mangle_stub_cmdline(cmdline);
+        if (isempty(cmdline_global) && isempty(cmdline_uki))
+                return;
+
+        merged = xasprintf("%ls%ls%ls",
+                           strempty(cmdline_global),
+                           isempty(cmdline_global) || isempty(cmdline_uki) ? u"" : u" ",
+                           strempty(cmdline_uki));
+
+        mangle_stub_cmdline(merged);
 
-        if (isempty(cmdline))
+        if (isempty(merged))
                 return;
 
-        (void) tpm_log_load_options(cmdline, &m);
+        (void) tpm_log_load_options(merged, &m);
         *ret_parameters_measured = m;
 
         tmp = TAKE_PTR(*cmdline_append);
-        *cmdline_append = xasprintf("%ls%ls%ls", strempty(tmp), isempty(tmp) ? u"" : u" ", cmdline);
+        *cmdline_append = xasprintf("%ls%ls%ls", strempty(tmp), isempty(tmp) ? u"" : u" ", merged);
 }
 
 static void dtb_install_addons(
@@ -623,13 +632,10 @@ static EFI_STATUS run(EFI_HANDLE image) {
         }
 
         /* If we have any extra command line to add via PE addons, load them now and append, and
-         * measure the additions separately, after the embedded options, but before the smbios ones,
+         * measure the additions together, after the embedded options, but before the smbios ones,
          * so that the order is reversed from "most hardcoded" to "most dynamic". The global addons are
          * loaded first, and the image-specific ones later, for the same reason. */
-        cmdline_append_and_measure_addons(cmdline_addons_global, &cmdline, &m);
-        parameters_measured = parameters_measured < 0 ? m : (parameters_measured && m);
-
-        cmdline_append_and_measure_addons(cmdline_addons_uki, &cmdline, &m);
+        cmdline_append_and_measure_addons(cmdline_addons_global, cmdline_addons_uki, &cmdline, &m);
         parameters_measured = parameters_measured < 0 ? m : (parameters_measured && m);
 
         /* SMBIOS OEM Strings data is controlled by the host admin and not covered