[LTP] [LTP v4 4/5] IMA: Add a test to verify measurement of certificate imported into a keyring
Mimi Zohar
zohar@linux.ibm.com
Fri Aug 28 13:00:37 CEST 2020
On Fri, 2020-08-28 at 08:05 +0200, Petr Vorel wrote:
> Hi Mimi,
>
> > Thanks, Petr. This works properly. To remove the "hack", would
> > require running the test from "ima", not "ima/tests", but that would
> > require fixing how ima_setup.sh is called. It also would still
> > require setting TST_DATAROOT to TST_DATAROOT/$TST_ID.
> Let's keep it and suppose people run tests from ima/tests.
> This needs to be fixed on LTP side, I have it on my TODO list.
Sure
>
> Anything else?
> After that I'll work on ima_tpm.sh and after on policy automatic loading.
> BTW there are also plans for reboot support [1] [2], that could be used as
> workaround for configuration without CONFIG_IMA_READ_POLICY=y and
> CONFIG_IMA_WRITE_POLICY=y.
>
> [1] http://lists.linux.it/pipermail/ltp/2020-August/018636.html
> [2] http://lists.linux.it/pipermail/ltp/2020-August/018658.html
Sounds good!
Reviewed-by: Mimi Zohar <zohar@linux.ibm.com> for the entire patch set.
thanks,
Mimi
More information about the ltp
mailing list