[LTP] [PATCH v3 0/4] TPM 2.0 fixes in IMA tests
Mimi Zohar
zohar@linux.ibm.com
Tue Sep 29 23:56:15 CEST 2020
Hi Petr,
On Tue, 2020-09-29 at 18:53 +0200, Petr Vorel wrote:
> Hi Mimi, Lakshmi,
>
> sorry for late version. FYI Cyril is planning to release LTP tomorrow evening,
> thus To get it into this release require review and testing till tomorrow lunch
> or something.
> Thus understand if you don't have time for it.
>
> NOTE: crazy support for old versions was important to get support for older SLES
> versions.
Thank you so much for updating the ima_tpm.sh test. Of all the
comments, it would be nice to re-verify the measurement list with "
--ignore-violations" to provide more context. Anyone running with just
the ima_policy=tcb, would have violations. You should be able to test
that yourself with the logs, PCRs, and directions, I sent you.
In terms of supporting the "ima" template, I think it would only be for
old, existing systems, but then I doubt they would be running ltp.
The "boot_aggregate" to "sha1" change works on a system with TPM 1.2.
Mimi
More information about the ltp
mailing list