Categorygithub.com/canonical/tcglog-parser

modulepackage

0.0.0-20240726104243-6363e875afc6

Repository: https://github.com/canonical/tcglog-parser.git

Documentation: pkg.go.dev

# README

TCG Log Parser

This repository contains a go library for parsing TCG event logs. Also included is a simple command line tool that prints details of log entries to the console.

Relevant specifications

# Packages

tcglog-check

No description provided by the author

tcglog-dump

No description provided by the author

# Functions

ComputeEFIGPTDataDigest

ComputeEFIGPTDataDigest computes a UEFI_GPT_DATA digest from the supplied data.

ComputeEFIVariableDataDigest

ComputeEFIVariableDataDigest computes the EFI_VARIABLE_DATA digest associated with the supplied parameters.

ComputeEventDigest

ComputeEventDigest computes the digest associated with the supplied event data bytes, for events where the digest is a tagged hash of the event data.

ComputeSeparatorEventDigest

ComputeSeparatorEventDigest computes the digest associated with the separator event.

ComputeStringEventDigest

ComputeStringEventDigest computes the digest associated with the supplied string, for events where the data is not informative.

ComputeSystemdEFIStubCommandlineDigest

ComputeSystemdEFIStubCommandlineDigest computes the digest measured by the systemd EFI stub linux loader for the specified kernel commandline.

NewErrorSeparatorEventData

No description provided by the author

NewLogForTesting

NewLogForTesting creates a new log instance from the supplied list of events.

ReadEvent

No description provided by the author

ReadEventCryptoAgile

No description provided by the author

ReadLog

ReadLog reads an event log read from r using the supplied options.

# Constants

EventTypeAction

EV_ACTION.

EventTypeCompactHash

EV_COMPACT_HASH.

EventTypeCPUMicrocode

EV_CPU_MICROCODE.

EventTypeEFIAction

EV_EFI_ACTION.

EventTypeEFIBootServicesApplication

EV_EFI_BOOT_SERVICES_APPLICATION.

EventTypeEFIBootServicesDriver

EV_EFI_BOOT_SERVICES_DRIVER.

EventTypeEFIEventBase

EV_EFI_EVENT_BASE.

EventTypeEFIGPTEvent

EV_EFI_GPT_EVENT.

EventTypeEFIGPTEvent2

EV_EFI_GPT_EVENT2.

EventTypeEFIHandoffTables

EV_EFI_HANDOFF_TABLES.

EventTypeEFIHandoffTables2

EV_EFI_HANDOFF_TABLES2.

EventTypeEFIHCRTMEvent

EV_EFI_HCRTM_EVENT.

EventTypeEFIPlatformFirmwareBlob

EV_EFI_PLATFORM_FIRMWARE_BLOB.

EventTypeEFIPlatformFirmwareBlob2

EV_EFI_PLATFORM_FIRMWARE_BLOB2.

EventTypeEFIRuntimeServicesDriver

EV_EFI_RUNTIME_SERVICES_DRIVER.

EventTypeEFISPDMDeviceAuthority

EV_EFI_SPDM_DEVICE_AUTHORITY.

EventTypeEFISPDMDevicePolicy

EV_EFI_SPDM_DEVICE_POLICY.

EventTypeEFISPDMFirmwareBlob

EV_EFI_SPDM_FIRMWARE_BLOB.

EventTypeEFISPDMFirmwareConfig

EV_EFI_SPDM_FIRMWARE_CONFIG.

EventTypeEFIVariableAuthority

EV_EFI_VARIABLE_AUTHORITY.

EventTypeEFIVariableBoot

EV_EFI_VARIABLE_BOOT.

EventTypeEFIVariableBoot2

EV_EFI_VARIABLE_BOOT2.

EventTypeEFIVariableDriverConfig

EV_EFI_VARIABLE_DRIVER_CONFIG.

EventTypeEventTag

EV_EVENT_TAG.

EventTypeIPL

EV_IPL.

EventTypeIPLPartitionData

EV_IPL_PARTITION_DATA.

EventTypeNoAction

EV_NO_ACTION.

EventTypeNonhostCode

EV_NONHOST_CODE.

EventTypeNonhostConfig

EV_NONHOST_CONFIG.

EventTypeNonhostInfo

EV_NONHOST_INFO.

EventTypeOmitBootDeviceEvents

EV_OMIT_BOOT_DEVICE_EVENTS.

EventTypePlatformConfigFlags

EV_PLATFORM_CONFIG_FLAGS.

EventTypePostCode

EV_POST_CODE.

EventTypePostCode2

EV_POST_CODE2.

EventTypePrebootCert

EV_PREBOOT_CERT.

EventTypeSCRTMContents

EV_S_CRTM_CONTENTS.

EventTypeSCRTMVersion

EV_S_CRTM_VERSION.

EventTypeSeparator

EV_SEPARATOR.

EventTypeTableOfDevices

EV_TABLE_OF_DEVICES.

GrubCmd

GrubCmd indicates that the data measured by GRUB is associated with a GRUB command.

KernelCmdline

KernelCmdline indicates that the data measured by GRUB is associated with a kernel commandline.

LocatorTypeDevicePath

No description provided by the author

LocatorTypeRaw

No description provided by the author

LocatorTypeURI

No description provided by the author

LocatorTypeVariable

No description provided by the author

PlatformTypeBIOS

No description provided by the author

PlatformTypeEFI

No description provided by the author

PlatformTypeUnknown

No description provided by the author

SeparatorEventAltNormalValue

No description provided by the author

SeparatorEventErrorValue

No description provided by the author

SeparatorEventNormalValue

No description provided by the author

# Variables

DMAProtectionDisabled

No description provided by the author

EFICallingEFIApplicationEvent

No description provided by the author

EFIExitBootServicesFailedEvent

No description provided by the author

EFIExitBootServicesInvocationEvent

No description provided by the author

EFIExitBootServicesSucceededEvent

No description provided by the author

EFIReturningFromEFIApplicationEvent

No description provided by the author

FirmwareDebuggerEvent

No description provided by the author

# Structs

EFIConfigurationTable

EFIConfigurationTable corresponds to UEFI_CONFIGURATION_TABLE.

EFIGPTData

EFIGPTData corresponds to UEFI_GPT_DATA and is the event data for EV_EFI_GPT_EVENT and EV_EFI_GPT_EVENT2 events.

EFIHandoffTablePointers

EFIHandoffTablePointers corresponds to UEFI_HANDOFF_TABLE_POINTERS and is the event data for EV_EFI_HANDOFF_TABLES events.

EFIHandoffTablePointers2

EFIHandoffTablePointers2 corresponds to UEFI_HANDOFF_TABLE_POINTERS2 and is the event data for EV_EFI_HANDOFF_TABLES2 events.

EFIImageLoadEvent

EFIImageLoadEvent corresponds to UEFI_IMAGE_LOAD_EVENT and is informative.

EFIPlatformFirmwareBlob

EFIPlatformFirmwareBlob corresponds to UEFI_PLATFORM_FIRMWARE_BLOB and is the event data for EV_EFI_PLATFORM_FIRMWARE_BLOB and some EV_POST_CODE events.

EFIPlatformFirmwareBlob2

EFIPlatformFirmwareBlob2 corresponds to UEFI_PLATFORM_FIRMWARE_BLOB2 and is the event data for EV_EFI_PLATFORM_FIRMWARE_BLOB2 and some EV_POST_CODE2 events.

EFISpecIdEventAlgorithmSize

EFISpecIdEventAlgorithmSize represents a digest algorithm and its length and corresponds to the TCG_EfiSpecIdEventAlgorithmSize type.

EFIVariableData

EFIVariableData corresponds to the EFI_VARIABLE_DATA type and is the event data associated with the measurement of an EFI variable.

Event

Event corresponds to a single event in an event log.

GrubStringEventData

GrubStringEventData represents the data associated with an event measured by GRUB.

Log

Log corresponds to a parsed event log.

LogOptions

LogOptions allows the behaviour of Log to be controlled.

SeparatorEventData

SeparatorEventData is the event data associated with a EV_SEPARATOR event.

SP800_155_PlatformIdEventData

SP800_155_PlatformIdEventData corresponds to the event data for a SP800-155 Event EV_NO_ACTION event.

SP800_155_PlatformIdEventData2

SP800_155_PlatformIdEventData2 corresponds to the event data for a SP800-155 Event2 EV_NO_ACTION event.

SP800_155_PlatformIdEventData3

SP800_155_PlatformIdEventData3 corresponds to the event data for a SP800-155 Event3 EV_NO_ACTION event.

Spec

Spec corresponds to the TCG specification that an event log conforms to.

SpecIdEvent00

SpecIdEvent00 corresponds to the TCG_PCClientSpecIdEventStruct type and is the event data for a Specification ID Version EV_NO_ACTION event for BIOS platforms.

SpecIdEvent02

SpecIdEvent02 corresponds to the TCG_EfiSpecIdEventStruct type and is the event data for a Specification ID Version EV_NO_ACTION event on EFI platforms for TPM family 1.2.

SpecIdEvent03

SpecIdEvent03 corresponds to the TCG_EfiSpecIdEvent type and is the event data for a Specification ID Version EV_NO_ACTION event on EFI platforms for TPM family 2.0.

StartupLocalityEventData

StartupLocalityEventData is the event data for a StartupLocality EV_NO_ACTION event.

SystemdEFIStubCommandline

SystemdEFIStubCommandline represents a kernel commandline measured by the systemd EFI stub linux loader.

TaggedEvent

TaggedEvent corresponds to TCG_PCClientTaggedEvent.