Hi Lachlan, > A test for verifying importing an x509 certificate into a keyring and > validating the key measurement performed by IMA is needed. I suppose you're going to send new version of this patch (rebased + fix according to Mimi's comments). IMHO that should be your last not yet merged patch. FYI: I'm planning to fix ima_tpm.sh and then implement autoloading IMA policy (when possible). Kind regards, Petr
