Re: [Linux-ima-user] a question about IMA

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

On Sat, 2009-09-12 at 13:25 +0800, zhangkai108 wrote:
> hello,
>      I am doing some experiments with IMA, now I meet a problem about
> verifying the measurement list. I verify the measurement list like
> what the IMA INSTALL document said:
>        SHA1_Init(&c);
>        SHA1_Update(&c, PCR, SHA_DIGEST_LENGTH); /* PCR = SHA(PCR ||
> MEASUREMENT) */
>        SHA1_Update(&c, hex, SHA_DIGEST_LENGTH);
>        SHA1_Final(PCR, &c);
>      However, the value of PCR is not equal with the value of PCR10.
> Then, I calculate the measurement list using the TPM_Extend command
> like this:
>       unsigned char extend_cmd[] = {0, TPM_TAG_RQU_COMMAND,
>              0, 0, 0, 34,
>              0, 0, 0, TPM_ORD_Extend,
>              0, 0, 0, 11,
>              hex[0],hex[1],hex[2],hex[3],hex[4],hex[5],
>              hex[6],hex[7],hex[8],hex[9],hex[10],hex[11],
> 
> hex[12],hex[13],hex[14],hex[15],hex[16],hex[17],hex[18],hex[19]};
>       Now the value of PCR11 is equal with the value of PCR, but they
> are not equal with the value of PCR10.
>      would you like to explain this for me? Thank you.

Could you please supply some additional information, such as which
kernel you're running?  You also might want to check out the website
http://linux-ima.sourceforge.net/, which contains information on
enabling IMA in the kernel and verifying the measurement list.

Mimi