[Linux-ima-user] IMA measurement list layout question

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Hello all

i was thinking about remote attestation and the data that IMA makes available. 
I see in the measurement list the complete path of measured files is not 
displayed; instead only the dentry name is included. My question is about the 
reason: i know that calling the d_path() function to retrieve the complete 
path has impact in the performance, but maybe there are different motivations, 
like the fact that from the value used to extend the PCR the verificator is 
able to identify immediately the "type" of the file. For example: we suppose 
that two clients with different distributions have the same version of the libc 
but stored in different path; the verificator is able to immediately assure, 
from the digest used to extend the pcr, that the two clients have loaded the 
same file, which is a version of the libc.
Does the measurement list layout of IMA is that due to performance concerns or 
there are other motivations like this mentioned in the example?

Thanks in advance for replies.