Re: [Linux-ima-user] no ima or tpm0 measurements

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

On 25 September 2013 16:52, Mimi Zohar <zo...@li...> wrote:

> On Wed, 2013-09-25 at 14:33 +0200, Nicolae Paladi wrote:
> > Hi,
> >
> > I'm using a CentOS 6.4 platform with the 2.6.32 kernel;
> >
> > I boot with the following arguments:
> >
> > ro root=/dev/mapper/myhost-root rd_NO_LUKS rd_LVM_LV=myhost/root
> > LANG=en_US.UTF-8  KEYBOARDTYPE=pc KEYTABLE=sv-latin1 rd_NO_MD
> SYSFONT=lata
> > rcyrheb-sun16 ima_tcb ima=on crashkernel=129M@0M rd_NO_DM rhgb quiet
> >
> > tpm_version show the following:
> >  TPM 1.2 Version Info:
> > Chip Version:        1.2.8.28
> > Spec Level:          2
> > Errata Revision:     3
> > TPM Vendor ID:       STM
> > TPM Version:         01010000
> >
> >
> > However, there is no output in the /sys/kernel/security/ directory;
> > The BIOS settings are correct since there WAS an expected output when
> > I was running on a Ubuntu platform.
> >
> > Am I badly missing something here? Or is this a bug?
> >
> > Thank you,
> > /Nico
>
> Make sure the TPM is builtin, not as a module, and IMA,EVM are enabled.
>
> IMA is enabled, as far as I see:

cat /usr/src/kernels/2.6.32-358.118.1.openstack.el6.x86_64/.config | grep
CONFIG_IMA
CONFIG_IMA=y
CONFIG_IMA_MEASURE_PCR_IDX=10
CONFIG_IMA_AUDIT=y
CONFIG_IMA_LSM_RULES=y

How can I see that the TPM is 'builtin'? The machine was shipped with the
TPM, it's a dell rack server;

Mimi
>