Hi Till,

currently the sysfs interface for /sys/kernel/security/ima/measurereq does not return the measured value.

You could simply call 'sha1sum' on linux systems to get the sha1 of the file if you need the hash value, which should be identical to the measurement. This might be easier than scanning the measurement list.

Would this work in your case?

Reiner



"Till Bentz" <till@onyxus.de>
Sent by: till.bentz@googlemail.com

08/20/2007 09:49 AM
Please respond to
till@onyxus.de

To
Reiner Sailer/Watson/IBM@IBMUS
cc
linux-ima-user@lists.sourceforge.net
Subject
Re: [Linux-ima-user] measurement request





Hi Reiner,

On 8/20/07, Reiner Sailer <sailer@us.ibm.com> wrote:

Hi Till,


two quick questions to clarify:


i) are you talking about a user-space measurement request ?


Yes. (Via writing to /ima/measurereq)


ii) what do you mean with 'result' of the measurement request (sha1 of the measured file, the new PCR, or ...) ?

I'd like to get the sha1 of the measured file.


Greetings
Reiner



"Till Bentz" <till@onyxus.de>
Sent by:
linux-ima-user-bounces@lists.sourceforge.net

08/20/2007 09:27 AM
Please respond to
till@onyxus.de


To
linux-ima-user@lists.sourceforge.net
cc
Subject
[Linux-ima-user] measurement request







Hello,

I was wondering if there is a possibility that I issue a measurement request and get the result of that request as a return value, so I can work with it without parsing the measurement list beforehand.

Thanks.

--
MfG
Till

**********************************************
    Der Benutzer ist eine nicht zu      
tolerierende Quelle der Unsicherheit

********************************************** -------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems?  Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >>  
http://get.splunk.com/_______________________________________________
Linux-ima-user mailing list

Linux-ima-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-ima-user




--
MfG
 Till

**********************************************
     Der Benutzer ist eine nicht zu      
 tolerierende Quelle der Unsicherheit
**********************************************