diff options
author | Eric Richter <erichte@linux.vnet.ibm.com> | 2016-06-01 20:14:03 +0200 |
---|---|---|
committer | Mimi Zohar <zohar@linux.vnet.ibm.com> | 2016-06-30 07:14:21 +0200 |
commit | 14b1da85bbe9a59c5e01123a06dea4c4758a6db9 (patch) | |
tree | 1a61fea1cd6101588305467af50337d414420b4f /security/integrity/ima/ima_init.c | |
parent | ima: extend ima_get_action() to return the policy pcr (diff) | |
download | linux-14b1da85bbe9a59c5e01123a06dea4c4758a6db9.tar.xz linux-14b1da85bbe9a59c5e01123a06dea4c4758a6db9.zip |
ima: include pcr for each measurement log entry
The IMA measurement list entries include the Kconfig defined PCR value.
This patch defines a new ima_template_entry field for including the PCR
as specified in the policy rule.
Signed-off-by: Eric Richter <erichte@linux.vnet.ibm.com>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Diffstat (limited to 'security/integrity/ima/ima_init.c')
-rw-r--r-- | security/integrity/ima/ima_init.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/security/integrity/ima/ima_init.c b/security/integrity/ima/ima_init.c index 5d679a685616..32912bd54ead 100644 --- a/security/integrity/ima/ima_init.c +++ b/security/integrity/ima/ima_init.c @@ -79,7 +79,8 @@ static int __init ima_add_boot_aggregate(void) } result = ima_store_template(entry, violation, NULL, - boot_aggregate_name); + boot_aggregate_name, + CONFIG_IMA_MEASURE_PCR_IDX); if (result < 0) { ima_free_template_entry(entry); audit_cause = "store_entry"; |