Yes, you are right. Now I got both.
I think the first time IMA wasn't really enabled properly. SO I only saw tpm0 and no ima directory under /sys/kernel/security/.
Now I see both.
Thanks for the help.
On Friday, August 5, 2011, Mimi Zohar <email@example.com> wrote:
> On Thu, 2011-08-04 at 17:56 -0700, David Li wrote:
>> Hi Mimi,
>> I used your latest test code and added ima_tcb and ima=on to the
>> kernel cmds. I still got the the same error. Any suggestions? -
>> -bash-4.1# ./ima_measure /sys/kernel/security/tpm0/binary_bios_measurements --verbose
>> ### PCR HASH TEMPLATE-NAME
>> 0 000 08 00 00 00 29 8D F1 25 B2 60 EF 64 20 1B DF 08 15 C0 03
>> 87248900926 ERROR: event name too long!
>> -bash-4.1# cat /proc/cmdline
>> initrd=initramfs-2.6.32-131.6.1.el6.cs.x86_64.img mem=8G root=xyz rw
>> ima_tcb ima=on BOOT_IMAGE=vmlinuz-2.6.32-131.6.1.el6.cs.x86_64
> Sorry, it's a bit confusing. There are two similarly named
> files /sys/kernel/security/tpm0/binary_bios_measurements
> and /sys/kernel/security/ima/binary_runtime_measurements. The input to
> ima_boot_aggregate is the first; the input to ima_measure is the latter.