[Linux-ima-user] Possible to have 'fixed' PCR values

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Good day. I had successfully extended (using TPM_Extend)  two entities in the following forms:

a) memory address in the form of hex i.e. 0x08049d49  and,
b) contents of WORD at a memory address above i.e. 0xffffffff ,

into PCR-16  and 15. 

I discovered that by running "$ cat /sys/class/misc/tpm0/device/pcrs " with both a) & b) as input, the PCR contents changes as expected, (based on how TPM_Extend works) , even if both a) and b) changes NOT . 

What I need is for the PCR-16 and 15 contents NOT to change if a) and b) remains constant when extended to PCR-16 and 15.

An example of what I require is similar to the contents of PCR 0-7, whereby the contents are fixed for a fixed system configuration, i.e. as per below.

PCR-00: 20 57 44 36 7B C6 06 BE D4 F4 69 1A DE F7 0F D9 C7 21 B0 0D 
PCR-01: A8 9F B8 F8 8C AA 95 90 E6 12 9B 63 3B 14 4A 68 51 44 90 D5 
PCR-02: A8 9F B8 F8 8C AA 95 90 E6 12 9B 63 3B 14 4A 68 51 44 90 D5 
PCR-03: A8 9F B8 F8 8C AA 95 90 E6 12 9B 63 3B 14 4A 68 51 44 90 D5 
PCR-04: AF 83 CE A3 2B 1F 7F FB F7 FA BD FC 27 68 72 45 69 1F 31 CB 
PCR-05: 0C 4C A3 E3 3A 8B 34 A2 39 9B AF 0C 96 69 56 39 80 80 02 1F 
PCR-06: A8 9F B8 F8 8C AA 95 90 E6 12 9B 63 3B 14 4A 68 51 44 90 D5 
PCR-07: A8 9F B8 F8 8C AA 95 90 E6 12 9B 63 3B 14 4A 68 51 44 90 D5 

I had read the paper : "Design & Implemenation of TCG based IMA" and "http://sourceforge.net/p/linux-ima/wiki/Home/" and have looked into vanilla kernel sources under 'ima' but have no idea how to implement what I seek or where to start off.

Aprreciate if someone could point out where I can start or point out the code segment for implementing a fixed PCR 0-7 contents?  Thanks in advance.    

Rgds
jyteh