"--pcrs" compares the re-calculate PCRs against a file containing TPM 1.2 pcrs.
"--validate" ignores ToMToU measurement violations.
"--verify" verifies the template data digest based on the template data.
Signed-off-by: Mimi Zohar <zohar@xxxxxxxxxxxxx>
---
README | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/README b/README
index 374b748c59bf..64b9da508d8d 100644
--- a/README
+++ b/README
@@ -31,7 +31,7 @@ COMMANDS
ima_sign [--sigfile] [--key key] [--pass password] file
ima_verify file
ima_hash file
- ima_measurement [--verify-sig [--key "key1, key2, ..."]] file
+ ima_measurement [--validate] [--verify] [--verify-sig [--key "key1, key2, ..."]] [--pcrs file] file
ima_fix [-t fdsxm] path
sign_hash [--key key] [--pass password]
hmac [--imahash | --imasig ] file
@@ -59,6 +59,9 @@ OPTIONS
--m32 force EVM hmac/signature for 32 bit target system
--m64 force EVM hmac/signature for 64 bit target system
--engine e preload OpenSSL engine e (such as: gost)
+ --pcrs file containing TPM 1.2 pcrs
+ --validate ignore ToMToU measurement violations
+ --verify verify the template data digest
--verify-sig verify the template data file signature
-v increase verbosity level
-h, --help display this help and exit
--
2.7.5
