Re: [PATCH 0/7] ima: carry the measurement list across kexec

On Thu, 2016-08-11 at 17:38 +1000, Balbir Singh wrote: > > On 09/08/16 22:36, Mimi Zohar wrote: > > On Tue, 2016-08-09 at 15:19 +1000, Balbir Singh wrote: > >> > >> On 04/08/16 22:24, Mimi Zohar wrote: > >>> The TPM PCRs are only reset on a hard reboot. In order to validate a > >>> TPM's quote

Re: [PATCH 0/7] ima: carry the measurement list across kexec

On Thu, 2016-08-11 at 17:38 +1000, Balbir Singh wrote: > > On 09/08/16 22:36, Mimi Zohar wrote: > > On Tue, 2016-08-09 at 15:19 +1000, Balbir Singh wrote: > >> > >> On 04/08/16 22:24, Mimi Zohar wrote: > >>> The TPM PCRs are only reset on a hard reboot. In order to validate a > >>> TPM's quote

Re: [PATCH 0/7] ima: carry the measurement list across kexec

On 09/08/16 22:36, Mimi Zohar wrote: > On Tue, 2016-08-09 at 15:19 +1000, Balbir Singh wrote: >> >> On 04/08/16 22:24, Mimi Zohar wrote: >>> The TPM PCRs are only reset on a hard reboot. In order to validate a >>> TPM's quote after a soft reboot (eg. kexec -e), the IMA measurement list >>> of

Re: [PATCH 0/7] ima: carry the measurement list across kexec

On 09/08/16 22:36, Mimi Zohar wrote: > On Tue, 2016-08-09 at 15:19 +1000, Balbir Singh wrote: >> >> On 04/08/16 22:24, Mimi Zohar wrote: >>> The TPM PCRs are only reset on a hard reboot. In order to validate a >>> TPM's quote after a soft reboot (eg. kexec -e), the IMA measurement list >>> of

Re: [PATCH 0/7] ima: carry the measurement list across kexec

On Tue, 2016-08-09 at 15:19 +1000, Balbir Singh wrote: > > On 04/08/16 22:24, Mimi Zohar wrote: > > The TPM PCRs are only reset on a hard reboot. In order to validate a > > TPM's quote after a soft reboot (eg. kexec -e), the IMA measurement list > > of the running kernel must be saved and then

Re: [PATCH 0/7] ima: carry the measurement list across kexec

On Tue, 2016-08-09 at 15:19 +1000, Balbir Singh wrote: > > On 04/08/16 22:24, Mimi Zohar wrote: > > The TPM PCRs are only reset on a hard reboot. In order to validate a > > TPM's quote after a soft reboot (eg. kexec -e), the IMA measurement list > > of the running kernel must be saved and then

Re: [PATCH 0/7] ima: carry the measurement list across kexec

On 04/08/16 22:24, Mimi Zohar wrote: > The TPM PCRs are only reset on a hard reboot. In order to validate a > TPM's quote after a soft reboot (eg. kexec -e), the IMA measurement list > of the running kernel must be saved and then restored on the subsequent > boot. > > The existing securityfs

Re: [PATCH 0/7] ima: carry the measurement list across kexec

On 04/08/16 22:24, Mimi Zohar wrote: > The TPM PCRs are only reset on a hard reboot. In order to validate a > TPM's quote after a soft reboot (eg. kexec -e), the IMA measurement list > of the running kernel must be saved and then restored on the subsequent > boot. > > The existing securityfs

[PATCH 0/7] ima: carry the measurement list across kexec

The TPM PCRs are only reset on a hard reboot. In order to validate a TPM's quote after a soft reboot (eg. kexec -e), the IMA measurement list of the running kernel must be saved and then restored on the subsequent boot. The existing securityfs binary_runtime_measurements file conveniently

[PATCH 0/7] ima: carry the measurement list across kexec

The TPM PCRs are only reset on a hard reboot. In order to validate a TPM's quote after a soft reboot (eg. kexec -e), the IMA measurement list of the running kernel must be saved and then restored on the subsequent boot. The existing securityfs binary_runtime_measurements file conveniently