[PATCH v3] ima_evm_utils: extended calc_bootaggr to PCRs 8 - 9

From: Maurizio cal_bootaggr should include PCRs 8-9 in non-SHA1 digests. Signed-off-by: Maurizio Drocco --- Changelog: v3: - Fixed patch description v2: - Always include PCRs 8 & 9 to non-sha1 hashes v1: - Include non-zero PCRs 8 & 9 to boot aggregates src/evmctl.c | 15 ++

[PATCH] ima_evm_utils: extended calc_bootaggr to PCRs 8 - 9

From: Maurizio cal_bootaggr should include PCRs 8-9 in non-SHA1 digests. Signed-off-by: Maurizio Drocco --- Changelog: v3: - Fixed patch description v2: - Always include PCRs 8 & 9 to non-sha1 hashes v1: - Include non-zero PCRs 8 & 9 to boot aggregates src/evmctl.c | 15 ++

[PATCH v2] ima_evm_utils: extended calc_bootaggr to PCRs 8 - 9

From: Maurizio If PCRs 8 - 9 are set (i.e. not all-zeros), cal_bootaggr should include them into the digest. Signed-off-by: Maurizio Drocco --- Changelog: v2: - Always include PCRs 8 & 9 to non-sha1 hashes v1: - Include non-zero PCRs 8 & 9 to boot aggregates src/evmct

[PATCH v4] ima: extend boot_aggregate with kernel measurements

Registers 8-9 are used to store measurements of the kernel and its command line (e.g., grub2 bootloader with tpm module enabled). IMA should include them in the boot aggregate. Registers 8-9 should be only included in non-SHA1 digests to avoid ambiguity. Signed-off-by: Maurizio Drocco

[PATCH] ima: extend boot_aggregate with kernel measurements

-SHA1 boot_aggregate digests to avoid ambiguity. Signed-off-by: Maurizio Drocco --- security/integrity/ima/ima.h| 2 +- security/integrity/ima/ima_crypto.c | 15 ++- 2 files changed, 15 insertions(+), 2 deletions(-) diff --git a/security/integrity/ima/ima.h b/security

[PATCH] ima_evm_utils: extended calc_bootaggr to PCRs 8 - 9

From: Maurizio If PCRs 8 - 9 are set (i.e. not all-zeros), cal_bootaggr should include them into the digest. Signed-off-by: Maurizio Drocco --- src/evmctl.c | 16 +++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/src/evmctl.c b/src/evmctl.c index 1d065ce..554571e

[PATCH] extend IMA boot_aggregate with kernel measurements

IMA is not considering TPM registers 8-9 when calculating the boot aggregate. When registers 8-9 are used to store measurements of the kernel and its command line (e.g., grub2 bootloader with tpm module enabled), IMA should include them in the boot aggregate. Signed-off-by: Maurizio Drocco

[PATCH] extend IMA boot_aggregate with kernel measurements

IMA is not considering TPM registers 8-9 when calculating the boot aggregate. When registers 8-9 are used to store measurements of the kernel and its command line (e.g., grub2 bootloader with tpm module enabled), IMA should include them in the boot aggregate. Signed-off-by: Maurizio Drocco

[PATCH] extend IMA boot_aggregate with kernel measurements

IMA is not considering TPM registers 8-9 when calculating the boot aggregate. When registers 8-9 are used to store measurements of the kernel and its command line (e.g., grub2 bootloader with tpm module enabled), IMA should include them in the boot aggregate. Signed-off-by: Maurizio Drocco