The TPM PCRs are only reset on a hard reboot. In order to validate a
TPM's quote after a soft reboot (eg. kexec -e), the IMA measurement list
of the running kernel must be saved and restored on boot. This patch
serializes the IMA measurement list in the binary_runtime_measurements
format.
The TPM PCRs are only reset on a hard reboot. In order to validate a
TPM's quote after a soft reboot (eg. kexec -e), the IMA measurement list
of the running kernel must be saved and restored on boot. This patch
serializes the IMA measurement list in the binary_runtime_measurements
format.
2 matches
Mail list logo
