ima: extend boot_aggregate with kernel measurements
Registers 8-9 are used to store measurements of the kernel and its
command line (e.g., grub2 bootloader with tpm module enabled). IMA
should include them in the boot aggregate. Registers 8-9 should be
only included in non-SHA1 digests to avoid ambiguity.
Signed-off-by: Maurizio Drocco <maurizio.drocco@ibm.com> Reviewed-by: Bruno Meneguele <bmeneg@redhat.com> Tested-by: Bruno Meneguele <bmeneg@redhat.com> (TPM 1.2, TPM 2.0) Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
projects / kernel.git / commit