Menu
▾
▴
linux-ima-user
|
From: Micka <mic...@gm...> - 2017-06-08 08:56:12
|
Hi, I would like to know what boot aggregate measure means ? I have a problem, my PCR 10 is changing every time I reboot my device: 10 ddee6404dc3bd4ee300406cd93181c5a2187b59b ima-ng sha1:9797edf8d9eed36b1cf92547816a51c8af4e45ee boot_aggregate I have only activated: ima_audit=1 Michael Musset, |
|
From: Nayna <na...@li...> - 2017-06-09 13:43:33
|
On 06/08/2017 02:25 PM, Micka wrote: > Hi, > > I would like to know what boot aggregate measure means ? It is an aggregated hash of PCRS 0-7. > > I have a problem, my PCR 10 is changing every time I reboot my device: > > 10 ddee6404dc3bd4ee300406cd93181c5a2187b59b ima-ng > sha1:9797edf8d9eed36b1cf92547816a51c8af4e45ee boot_aggregate > You can verify your boot_aggregate by using the test scripts from package ltp-ima-standalone-v2.tar.gz as available on: https://sourceforge.net/projects/linux-ima/ Steps to use it are specified in below link: http://linux-ima.sourceforge.net/linux-ima-measurements.html Thanks & Regards, - Nayna > I have only activated: ima_audit=1 > > Michael Musset, > > > ------------------------------------------------------------------------------ > Check out the vibrant tech community on one of the world's most > engaging tech sites, Slashdot.org! http://sdm.link/slashdot > > > > _______________________________________________ > Linux-ima-user mailing list > Lin...@li... > https://lists.sourceforge.net/lists/listinfo/linux-ima-user > |
|
From: Nayna <na...@li...> - 2017-06-12 06:06:14
|
On 06/10/2017 03:39 PM, Micka wrote:
> Thx, but my PCRS 0-7 are set to zero for the moment. I don't have yet a
> secure boot. Is it the secure boot that provide the PCRS 0-7?
>
Trusted boot will provide PCRS 0-7.
Did you try to execute the ima-tests which I shared and verified ?
Thanks & Regards,
- Nayna
>
> Micka,
>
> Le ven. 9 juin 2017 à 15:43, Nayna <na...@li...
> <mailto:na...@li...>> a écrit :
>
>
>
> On 06/08/2017 02:25 PM, Micka wrote:
> > Hi,
> >
> > I would like to know what boot aggregate measure means ?
>
> It is an aggregated hash of PCRS 0-7.
>
> >
> > I have a problem, my PCR 10 is changing every time I reboot my
> device:
> >
> > 10 ddee6404dc3bd4ee300406cd93181c5a2187b59b ima-ng
> > sha1:9797edf8d9eed36b1cf92547816a51c8af4e45ee boot_aggregate
> >
>
> You can verify your boot_aggregate by using the test scripts from
> package ltp-ima-standalone-v2.tar.gz as available on:
> https://sourceforge.net/projects/linux-ima/
>
> Steps to use it are specified in below link:
> http://linux-ima.sourceforge.net/linux-ima-measurements.html
>
> Thanks & Regards,
> - Nayna
>
> > I have only activated: ima_audit=1
> >
> > Michael Musset,
> >
> >
> >
> ------------------------------------------------------------------------------
> > Check out the vibrant tech community on one of the world's most
> > engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> >
> >
> >
> > _______________________________________________
> > Linux-ima-user mailing list
> > Lin...@li...
> <mailto:Lin...@li...>
> > https://lists.sourceforge.net/lists/listinfo/linux-ima-user
> >
>
|
|
From: Micka <mic...@gm...> - 2017-06-12 07:37:03
|
I just compiled the tools, but I don't have this folder : /sys/kernel/security/tpm0 I have the folder: /sys/class/tpm/tpm0/ I'm working with the kernel 4.4 . I tried also : ./ima_boot_aggregate /sys/kernel/security/ima/binary_runtime_measurements 010 dc3bd4ee300406cd93181c5a2187b59b06000000 Error event too longPCR-00: 0000000000000000000000000000000000000000 PCR-01: 0000000000000000000000000000000000000000 PCR-02: 0000000000000000000000000000000000000000 PCR-03: 0000000000000000000000000000000000000000 PCR-04: 0000000000000000000000000000000000000000 PCR-05: 0000000000000000000000000000000000000000 PCR-06: 0000000000000000000000000000000000000000 PCR-07: 0000000000000000000000000000000000000000 boot_aggregate:9797edf8d0eed36b1cf92547816051c8af4e45ee Le lun. 12 juin 2017 à 08:06, Nayna <na...@li...> a écrit : > > > On 06/10/2017 03:39 PM, Micka wrote: > > Thx, but my PCRS 0-7 are set to zero for the moment. I don't have yet a > > secure boot. Is it the secure boot that provide the PCRS 0-7? > > > > Trusted boot will provide PCRS 0-7. > Did you try to execute the ima-tests which I shared and verified ? > > Thanks & Regards, > - Nayna > > > > > Micka, > > > > Le ven. 9 juin 2017 à 15:43, Nayna <na...@li... > > <mailto:na...@li...>> a écrit : > > > > > > > > On 06/08/2017 02:25 PM, Micka wrote: > > > Hi, > > > > > > I would like to know what boot aggregate measure means ? > > > > It is an aggregated hash of PCRS 0-7. > > > > > > > > I have a problem, my PCR 10 is changing every time I reboot my > > device: > > > > > > 10 ddee6404dc3bd4ee300406cd93181c5a2187b59b ima-ng > > > sha1:9797edf8d9eed36b1cf92547816a51c8af4e45ee boot_aggregate > > > > > > > You can verify your boot_aggregate by using the test scripts from > > package ltp-ima-standalone-v2.tar.gz as available on: > > https://sourceforge.net/projects/linux-ima/ > > > > Steps to use it are specified in below link: > > http://linux-ima.sourceforge.net/linux-ima-measurements.html > > > > Thanks & Regards, > > - Nayna > > > > > I have only activated: ima_audit=1 > > > > > > Michael Musset, > > > > > > > > > > > > ------------------------------------------------------------------------------ > > > Check out the vibrant tech community on one of the world's most > > > engaging tech sites, Slashdot.org! http://sdm.link/slashdot > > > > > > > > > > > > _______________________________________________ > > > Linux-ima-user mailing list > > > Lin...@li... > > <mailto:Lin...@li...> > > > https://lists.sourceforge.net/lists/listinfo/linux-ima-user > > > > > > > |
|
From: Micka <mic...@gm...> - 2017-06-12 13:16:53
|
I found out why I don't have TPM folder in the security folder : #if defined <http://elixir.free-electrons.com/linux/v4.8.17/ident/defined>(CONFIG_TCG_IBMVTPM) || defined <http://elixir.free-electrons.com/linux/v4.8.17/ident/defined>(CONFIG_TCG_IBMVTPM_MODULE) || \ defined <http://elixir.free-electrons.com/linux/v4.8.17/ident/defined>(CONFIG_ACPI)extern struct dentry **tpm_bios_log_setup <http://elixir.free-electrons.com/linux/v4.8.17/ident/tpm_bios_log_setup>(const char *);extern void tpm_bios_log_teardown <http://elixir.free-electrons.com/linux/v4.8.17/ident/tpm_bios_log_teardown>(struct dentry **);#elsestatic inline struct dentry **tpm_bios_log_setup <http://elixir.free-electrons.com/linux/v4.8.17/ident/tpm_bios_log_setup>(const char *name){ return NULL;}static inline void tpm_bios_log_teardown <http://elixir.free-electrons.com/linux/v4.8.17/ident/tpm_bios_log_teardown>(struct dentry **dir <http://elixir.free-electrons.com/linux/v4.8.17/ident/dir>){}#endif I wonder why other TPM can't use this feature ? Le lun. 12 juin 2017 à 09:36, Micka <mic...@gm...> a écrit : > I just compiled the tools, but I don't have this folder : > > /sys/kernel/security/tpm0 > > > I have the folder: > > /sys/class/tpm/tpm0/ > > I'm working with the kernel 4.4 . > > I tried also : > > ./ima_boot_aggregate /sys/kernel/security/ima/binary_runtime_measurements > 010 dc3bd4ee300406cd93181c5a2187b59b06000000 > Error event too longPCR-00: 0000000000000000000000000000000000000000 > PCR-01: 0000000000000000000000000000000000000000 > PCR-02: 0000000000000000000000000000000000000000 > PCR-03: 0000000000000000000000000000000000000000 > PCR-04: 0000000000000000000000000000000000000000 > PCR-05: 0000000000000000000000000000000000000000 > PCR-06: 0000000000000000000000000000000000000000 > PCR-07: 0000000000000000000000000000000000000000 > boot_aggregate:9797edf8d0eed36b1cf92547816051c8af4e45ee > > > Le lun. 12 juin 2017 à 08:06, Nayna <na...@li...> a écrit : > >> >> >> On 06/10/2017 03:39 PM, Micka wrote: >> > Thx, but my PCRS 0-7 are set to zero for the moment. I don't have yet a >> > secure boot. Is it the secure boot that provide the PCRS 0-7? >> > >> >> Trusted boot will provide PCRS 0-7. >> Did you try to execute the ima-tests which I shared and verified ? >> >> Thanks & Regards, >> - Nayna >> >> > >> > Micka, >> > >> > Le ven. 9 juin 2017 à 15:43, Nayna <na...@li... >> > <mailto:na...@li...>> a écrit : >> > >> > >> > >> > On 06/08/2017 02:25 PM, Micka wrote: >> > > Hi, >> > > >> > > I would like to know what boot aggregate measure means ? >> > >> > It is an aggregated hash of PCRS 0-7. >> > >> > > >> > > I have a problem, my PCR 10 is changing every time I reboot my >> > device: >> > > >> > > 10 ddee6404dc3bd4ee300406cd93181c5a2187b59b ima-ng >> > > sha1:9797edf8d9eed36b1cf92547816a51c8af4e45ee boot_aggregate >> > > >> > >> > You can verify your boot_aggregate by using the test scripts from >> > package ltp-ima-standalone-v2.tar.gz as available on: >> > https://sourceforge.net/projects/linux-ima/ >> > >> > Steps to use it are specified in below link: >> > http://linux-ima.sourceforge.net/linux-ima-measurements.html >> > >> > Thanks & Regards, >> > - Nayna >> > >> > > I have only activated: ima_audit=1 >> > > >> > > Michael Musset, >> > > >> > > >> > > >> > >> ------------------------------------------------------------------------------ >> > > Check out the vibrant tech community on one of the world's most >> > > engaging tech sites, Slashdot.org! http://sdm.link/slashdot >> > > >> > > >> > > >> > > _______________________________________________ >> > > Linux-ima-user mailing list >> > > Lin...@li... >> > <mailto:Lin...@li...> >> > > https://lists.sourceforge.net/lists/listinfo/linux-ima-user >> > > >> > >> >> |
|
From: Nayna <na...@li...> - 2017-06-13 09:16:26
|
On 06/12/2017 06:46 PM, Micka wrote: > I found out why I don't have TPM folder in the security folder : > > #if defined > <http://elixir.free-electrons.com/linux/v4.8.17/ident/defined>(CONFIG_TCG_IBMVTPM) > || defined > <http://elixir.free-electrons.com/linux/v4.8.17/ident/defined>(CONFIG_TCG_IBMVTPM_MODULE) > || \ > defined > <http://elixir.free-electrons.com/linux/v4.8.17/ident/defined>(CONFIG_ACPI) > extern struct dentry **tpm_bios_log_setup > <http://elixir.free-electrons.com/linux/v4.8.17/ident/tpm_bios_log_setup>(const char *); > extern void tpm_bios_log_teardown > <http://elixir.free-electrons.com/linux/v4.8.17/ident/tpm_bios_log_teardown>(struct dentry **); > #else > static inline struct dentry **tpm_bios_log_setup > <http://elixir.free-electrons.com/linux/v4.8.17/ident/tpm_bios_log_setup>(const char *name) > { > return NULL; > } > static inline void tpm_bios_log_teardown > <http://elixir.free-electrons.com/linux/v4.8.17/ident/tpm_bios_log_teardown>(struct dentry **dir <http://elixir.free-electrons.com/linux/v4.8.17/ident/dir>) > { > } > #endif > > I wonder why other TPM can't use this feature ? > > What version of TPM are you using ? TPM 1.2 or TPM 2.0 ? Thanks & Regards, - Nayna > > Le lun. 12 juin 2017 à 09:36, Micka <mic...@gm... > <mailto:mic...@gm...>> a écrit : > > I just compiled the tools, but I don't have this folder : > > /sys/kernel/security/tpm0 > > > I have the folder: > > /sys/class/tpm/tpm0/ > > I'm working with the kernel 4.4 . > > I tried also : > > ./ima_boot_aggregate > /sys/kernel/security/ima/binary_runtime_measurements > 010 dc3bd4ee300406cd93181c5a2187b59b06000000 > Error event too longPCR-00: 0000000000000000000000000000000000000000 > PCR-01: 0000000000000000000000000000000000000000 > PCR-02: 0000000000000000000000000000000000000000 > PCR-03: 0000000000000000000000000000000000000000 > PCR-04: 0000000000000000000000000000000000000000 > PCR-05: 0000000000000000000000000000000000000000 > PCR-06: 0000000000000000000000000000000000000000 > PCR-07: 0000000000000000000000000000000000000000 > boot_aggregate:9797edf8d0eed36b1cf92547816051c8af4e45ee > > > Le lun. 12 juin 2017 à 08:06, Nayna <na...@li... > <mailto:na...@li...>> a écrit : > > > > On 06/10/2017 03:39 PM, Micka wrote: > > Thx, but my PCRS 0-7 are set to zero for the moment. I don't > have yet a > > secure boot. Is it the secure boot that provide the PCRS 0-7? > > > > Trusted boot will provide PCRS 0-7. > Did you try to execute the ima-tests which I shared and verified ? > > Thanks & Regards, > - Nayna > > > > > Micka, > > > > Le ven. 9 juin 2017 à 15:43, Nayna <na...@li... > <mailto:na...@li...> > > <mailto:na...@li... > <mailto:na...@li...>>> a écrit : > > > > > > > > On 06/08/2017 02:25 PM, Micka wrote: > > > Hi, > > > > > > I would like to know what boot aggregate measure means ? > > > > It is an aggregated hash of PCRS 0-7. > > > > > > > > I have a problem, my PCR 10 is changing every time I > reboot my > > device: > > > > > > 10 ddee6404dc3bd4ee300406cd93181c5a2187b59b ima-ng > > > sha1:9797edf8d9eed36b1cf92547816a51c8af4e45ee > boot_aggregate > > > > > > > You can verify your boot_aggregate by using the test > scripts from > > package ltp-ima-standalone-v2.tar.gz as available on: > > https://sourceforge.net/projects/linux-ima/ > > > > Steps to use it are specified in below link: > > http://linux-ima.sourceforge.net/linux-ima-measurements.html > > > > Thanks & Regards, > > - Nayna > > > > > I have only activated: ima_audit=1 > > > > > > Michael Musset, > > > > > > > > > > > > ------------------------------------------------------------------------------ > > > Check out the vibrant tech community on one of the > world's most > > > engaging tech sites, Slashdot.org! > http://sdm.link/slashdot > > > > > > > > > > > > _______________________________________________ > > > Linux-ima-user mailing list > > > Lin...@li... > <mailto:Lin...@li...> > > <mailto:Lin...@li... > <mailto:Lin...@li...>> > > > > https://lists.sourceforge.net/lists/listinfo/linux-ima-user > > > > > > |
|
From: Micka <mic...@gm...> - 2017-06-13 09:50:19
|
TPM 1.2 , I'm going to add a secure boot. Le mar. 13 juin 2017 à 11:16, Nayna <na...@li...> a écrit : > On 06/12/2017 06:46 PM, Micka wrote: > > I found out why I don't have TPM folder in the security folder : > > > > #if defined > > <http://elixir.free-electrons.com/linux/v4.8.17/ident/defined > >(CONFIG_TCG_IBMVTPM) > > || defined > > <http://elixir.free-electrons.com/linux/v4.8.17/ident/defined > >(CONFIG_TCG_IBMVTPM_MODULE) > > || \ > > defined > > <http://elixir.free-electrons.com/linux/v4.8.17/ident/defined > >(CONFIG_ACPI) > > extern struct dentry **tpm_bios_log_setup > > <http://elixir.free-electrons.com/linux/v4.8.17/ident/tpm_bios_log_setup>(const > char *); > > extern void tpm_bios_log_teardown > > < > http://elixir.free-electrons.com/linux/v4.8.17/ident/tpm_bios_log_teardown>(struct > dentry **); > > #else > > static inline struct dentry **tpm_bios_log_setup > > <http://elixir.free-electrons.com/linux/v4.8.17/ident/tpm_bios_log_setup>(const > char *name) > > { > > return NULL; > > } > > static inline void tpm_bios_log_teardown > > < > http://elixir.free-electrons.com/linux/v4.8.17/ident/tpm_bios_log_teardown>(struct > dentry **dir <http://elixir.free-electrons.com/linux/v4.8.17/ident/dir>) > > { > > } > > #endif > > > > I wonder why other TPM can't use this feature ? > > > > > > What version of TPM are you using ? TPM 1.2 or TPM 2.0 ? > > Thanks & Regards, > - Nayna > > > > > Le lun. 12 juin 2017 à 09:36, Micka <mic...@gm... > > <mailto:mic...@gm...>> a écrit : > > > > I just compiled the tools, but I don't have this folder : > > > > /sys/kernel/security/tpm0 > > > > > > I have the folder: > > > > /sys/class/tpm/tpm0/ > > > > I'm working with the kernel 4.4 . > > > > I tried also : > > > > ./ima_boot_aggregate > > /sys/kernel/security/ima/binary_runtime_measurements > > 010 dc3bd4ee300406cd93181c5a2187b59b06000000 > > Error event too longPCR-00: 0000000000000000000000000000000000000000 > > PCR-01: 0000000000000000000000000000000000000000 > > PCR-02: 0000000000000000000000000000000000000000 > > PCR-03: 0000000000000000000000000000000000000000 > > PCR-04: 0000000000000000000000000000000000000000 > > PCR-05: 0000000000000000000000000000000000000000 > > PCR-06: 0000000000000000000000000000000000000000 > > PCR-07: 0000000000000000000000000000000000000000 > > boot_aggregate:9797edf8d0eed36b1cf92547816051c8af4e45ee > > > > > > Le lun. 12 juin 2017 à 08:06, Nayna <na...@li... > > <mailto:na...@li...>> a écrit : > > > > > > > > On 06/10/2017 03:39 PM, Micka wrote: > > > Thx, but my PCRS 0-7 are set to zero for the moment. I don't > > have yet a > > > secure boot. Is it the secure boot that provide the PCRS 0-7? > > > > > > > Trusted boot will provide PCRS 0-7. > > Did you try to execute the ima-tests which I shared and verified > ? > > > > Thanks & Regards, > > - Nayna > > > > > > > > Micka, > > > > > > Le ven. 9 juin 2017 à 15:43, Nayna <na...@li... > > <mailto:na...@li...> > > > <mailto:na...@li... > > <mailto:na...@li...>>> a écrit : > > > > > > > > > > > > On 06/08/2017 02:25 PM, Micka wrote: > > > > Hi, > > > > > > > > I would like to know what boot aggregate measure means > ? > > > > > > It is an aggregated hash of PCRS 0-7. > > > > > > > > > > > I have a problem, my PCR 10 is changing every time I > > reboot my > > > device: > > > > > > > > 10 ddee6404dc3bd4ee300406cd93181c5a2187b59b ima-ng > > > > sha1:9797edf8d9eed36b1cf92547816a51c8af4e45ee > > boot_aggregate > > > > > > > > > > You can verify your boot_aggregate by using the test > > scripts from > > > package ltp-ima-standalone-v2.tar.gz as available on: > > > https://sourceforge.net/projects/linux-ima/ > > > > > > Steps to use it are specified in below link: > > > http://linux-ima.sourceforge.net/linux-ima-measurements.html > > > > > > Thanks & Regards, > > > - Nayna > > > > > > > I have only activated: ima_audit=1 > > > > > > > > Michael Musset, > > > > > > > > > > > > > > > > > > ------------------------------------------------------------------------------ > > > > Check out the vibrant tech community on one of the > > world's most > > > > engaging tech sites, Slashdot.org! > > http://sdm.link/slashdot > > > > > > > > > > > > > > > > _______________________________________________ > > > > Linux-ima-user mailing list > > > > Lin...@li... > > <mailto:Lin...@li...> > > > <mailto:Lin...@li... > > <mailto:Lin...@li...>> > > > > > > https://lists.sourceforge.net/lists/listinfo/linux-ima-user > > > > > > > > > > > |
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X