summaryrefslogtreecommitdiffstats
path: root/security/integrity/ima/ima_init.c
diff options
context:
space:
mode:
authorEric Richter <erichte@linux.vnet.ibm.com>2016-06-01 20:14:03 +0200
committerMimi Zohar <zohar@linux.vnet.ibm.com>2016-06-30 07:14:21 +0200
commit14b1da85bbe9a59c5e01123a06dea4c4758a6db9 (patch)
tree1a61fea1cd6101588305467af50337d414420b4f /security/integrity/ima/ima_init.c
parentima: extend ima_get_action() to return the policy pcr (diff)
downloadlinux-14b1da85bbe9a59c5e01123a06dea4c4758a6db9.tar.xz
linux-14b1da85bbe9a59c5e01123a06dea4c4758a6db9.zip
ima: include pcr for each measurement log entry
The IMA measurement list entries include the Kconfig defined PCR value. This patch defines a new ima_template_entry field for including the PCR as specified in the policy rule. Signed-off-by: Eric Richter <erichte@linux.vnet.ibm.com> Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Diffstat (limited to 'security/integrity/ima/ima_init.c')
-rw-r--r--security/integrity/ima/ima_init.c3
1 files changed, 2 insertions, 1 deletions
diff --git a/security/integrity/ima/ima_init.c b/security/integrity/ima/ima_init.c
index 5d679a685616..32912bd54ead 100644
--- a/security/integrity/ima/ima_init.c
+++ b/security/integrity/ima/ima_init.c
@@ -79,7 +79,8 @@ static int __init ima_add_boot_aggregate(void)
}
result = ima_store_template(entry, violation, NULL,
- boot_aggregate_name);
+ boot_aggregate_name,
+ CONFIG_IMA_MEASURE_PCR_IDX);
if (result < 0) {
ima_free_template_entry(entry);
audit_cause = "store_entry";