Re: [Linux-ima-user] boot aggregate measure

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

I just compiled the tools, but I don't have this folder :

/sys/kernel/security/tpm0

I have the folder:

/sys/class/tpm/tpm0/

I'm working with the kernel 4.4 .

I tried also :

./ima_boot_aggregate /sys/kernel/security/ima/binary_runtime_measurements
010 dc3bd4ee300406cd93181c5a2187b59b06000000
Error event too longPCR-00: 0000000000000000000000000000000000000000
PCR-01: 0000000000000000000000000000000000000000
PCR-02: 0000000000000000000000000000000000000000
PCR-03: 0000000000000000000000000000000000000000
PCR-04: 0000000000000000000000000000000000000000
PCR-05: 0000000000000000000000000000000000000000
PCR-06: 0000000000000000000000000000000000000000
PCR-07: 0000000000000000000000000000000000000000
boot_aggregate:9797edf8d0eed36b1cf92547816051c8af4e45ee

Le lun. 12 juin 2017 à 08:06, Nayna <na...@li...> a écrit :

>
>
> On 06/10/2017 03:39 PM, Micka wrote:
> > Thx, but my PCRS 0-7 are set to zero for the moment. I don't have yet a
> > secure boot. Is it the secure boot that provide the PCRS 0-7?
> >
>
> Trusted boot will provide PCRS 0-7.
> Did you try to execute the ima-tests which I shared and verified ?
>
> Thanks & Regards,
>        - Nayna
>
> >
> > Micka,
> >
> > Le ven. 9 juin 2017 à 15:43, Nayna <na...@li...
> > <mailto:na...@li...>> a écrit :
> >
> >
> >
> >     On 06/08/2017 02:25 PM, Micka wrote:
> >      > Hi,
> >      >
> >      > I would like to know what boot aggregate measure means ?
> >
> >     It is an aggregated hash of PCRS 0-7.
> >
> >      >
> >      > I have a problem, my PCR 10 is changing every time I reboot my
> >     device:
> >      >
> >      > 10 ddee6404dc3bd4ee300406cd93181c5a2187b59b ima-ng
> >      > sha1:9797edf8d9eed36b1cf92547816a51c8af4e45ee boot_aggregate
> >      >
> >
> >     You can verify your boot_aggregate by using the test scripts from
> >     package ltp-ima-standalone-v2.tar.gz as available on:
> >     https://sourceforge.net/projects/linux-ima/
> >
> >     Steps to use it are specified in below link:
> >     http://linux-ima.sourceforge.net/linux-ima-measurements.html
> >
> >     Thanks & Regards,
> >           - Nayna
> >
> >      > I have only activated: ima_audit=1
> >      >
> >      > Michael Musset,
> >      >
> >      >
> >      >
> >
>  ------------------------------------------------------------------------------
> >      > Check out the vibrant tech community on one of the world's most
> >      > engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> >      >
> >      >
> >      >
> >      > _______________________________________________
> >      > Linux-ima-user mailing list
> >      > Lin...@li...
> >     <mailto:Lin...@li...>
> >      > https://lists.sourceforge.net/lists/listinfo/linux-ima-user
> >      >
> >
>
>