On Thu, Oct 31, 2019 at 08:27:47AM -0700, Lakshmi Ramasubramanian wrote:
On 10/31/19 2:10 AM, Sasha Levin wrote:
Hi Sasha,
On Wed, Oct 30, 2019 at 06:19:02PM -0700, Lakshmi Ramasubramanian wrote:
Asymmetric keys used for verifying file signatures or certificates
are currently not included in the IMA measurement list.
This patch defines a new IMA hook namely ima_post_key_create_or_update()
to measure asymmetric keys.
Signed-off-by: Lakshmi Ramasubramanian <nramas@xxxxxxxxxxxxxxxxxxx>
What are the prerequisites for this patch?
I built this patch set on kernel v5.3
I applied the following patch provided by Nayna Jain@IBM and then
added my changes:
[PATCH v9 5/8] ima: make process_buffer_measurement() generic
$ git checkout v5.3
HEAD is now at 4d856f72c10ec Linux 5.3
$ git am ~/incoming/_PATCH_v9_5-8_ima_make_process_buffer_measurement__generic.patch
Applying: ima: make process_buffer_measurement() generic
error: patch failed: security/integrity/ima/ima.h:217
error: security/integrity/ima/ima.h: patch does not apply
What am I missing?
--
Thanks,
Sasha
