On Thu, 2019-10-31 at 03:31:30 UTC, Mimi Zohar wrote: > From: Nayna Jain <nayna@xxxxxxxxxxxxx> > > process_buffer_measurement() is limited to measuring the kexec boot > command line. This patch makes process_buffer_measurement() more > generic, allowing it to measure other types of buffer data (e.g. > blacklisted binary hashes or key hashes). > > process_buffer_measurement() may be called directly from an IMA > hook or as an auxiliary measurement record. In both cases the buffer > measurement is based on policy. This patch modifies the function to > conditionally retrieve the policy defined PCR and template for the IMA > hook case. > > Signed-off-by: Nayna Jain <nayna@xxxxxxxxxxxxx> > [zohar@xxxxxxxxxxxxx: added comment in process_buffer_measurement()] > Signed-off-by: Mimi Zohar <zohar@xxxxxxxxxxxxx> Applied to powerpc next, thanks. https://git.kernel.org/powerpc/c/e14555e3d0e9edfad0a6840c0152f71aba97e793 cheers
