Hi Lakshmi, On Thu, 2020-11-12 at 12:39 -0800, Lakshmi Ramasubramanian wrote: > The default IMA template used for all policy rules is the value set > for CONFIG_IMA_DEFAULT_TEMPLATE if the policy rule does not specify > a template. The default IMA template for buffer measurements should be > 'ima-buf' - so that the measured buffer is correctly included in the IMA > measurement log entry. > > With the default template format, buffer measurements are added to > the measurement list, but do not include the buffer data, making it > difficult, if not impossible, to validate. Including 'ima-buf' > template records in the measurement list by default, should not impact > existing attestation servers without 'ima-buf' template support. > > Initialize a global 'ima-buf' template and select that template, > by default, for buffer measurements. > > Signed-off-by: Lakshmi Ramasubramanian <nramas@xxxxxxxxxxxxxxxxxxx> Thanks! It's now queued in next-integrity-testing. Mimi
