Google Git
Sign in
linux / linux / kernel / git / zohar / linux-integrity / refs/tags/integrity-v5.8-fix-2
tagb2166f3db5b38fe65a99da43e30cfe9a8bbccfcf
taggerMimi Zohar <zohar@linux.ibm.com>Wed Jun 24 21:14:36 2020 -0400
object20c59ce010f84300f6c655d32db2610d3433f85c 
Include PCRs 8 & 9 in per TPM 2.0 bank boot_aggregate calculation
commit20c59ce010f84300f6c655d32db2610d3433f85c[log] [tgz]
authorMaurizio Drocco <maurizio.drocco@ibm.com>Tue Jun 23 11:57:32 2020 -0400
committerMimi Zohar <zohar@linux.ibm.com>Wed Jun 24 20:47:24 2020 -0400
tree36dc25b12cddb87b4a200819375398cf5a3917a3
parent48778464bb7d346b47157d21ffde2af6b2d39110 [diff]
ima: extend boot_aggregate with kernel measurements

Registers 8-9 are used to store measurements of the kernel and its
command line (e.g., grub2 bootloader with tpm module enabled). IMA
should include them in the boot aggregate. Registers 8-9 should be
only included in non-SHA1 digests to avoid ambiguity.

Signed-off-by: Maurizio Drocco <maurizio.drocco@ibm.com>
Reviewed-by: Bruno Meneguele <bmeneg@redhat.com>
Tested-by: Bruno Meneguele <bmeneg@redhat.com>  (TPM 1.2, TPM 2.0)
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
2 files changed
tree: 36dc25b12cddb87b4a200819375398cf5a3917a3
  1. arch/
  2. block/
  3. certs/
  4. crypto/
  5. Documentation/
  6. drivers/
  7. fs/
  8. include/
  9. init/
  10. ipc/
  11. kernel/
  12. lib/
  13. LICENSES/
  14. mm/
  15. net/
  16. samples/
  17. scripts/
  18. security/
  19. sound/
  20. tools/
  21. usr/
  22. virt/
  23. .clang-format
  24. .cocciconfig
  25. .get_maintainer.ignore
  26. .gitattributes
  27. .gitignore
  28. .mailmap
  29. COPYING
  30. CREDITS
  31. Kbuild
  32. Kconfig
  33. MAINTAINERS
  34. Makefile
  35. README