* [PATCH ima-evm-utils 2/3] Don't run tsspcrread on systems without TPM
@ 2020-06-18 18:50 Petr Vorel
2020-06-18 18:50 ` [RFC PATCH ima-evm-utils 3/3] logging: Print also LOG_INFO messages Petr Vorel
0 siblings, 1 reply; 2+ messages in thread
From: Petr Vorel @ 2020-06-18 18:50 UTC (permalink / raw)
To: linux-integrity; +Cc: Petr Vorel, Mimi Zohar
as we don't have any algorithm:
./src/evmctl ima_boot_aggregate
sh: -c: line 0: syntax error near unexpected token `('
sh: -c: line 0: `tsspcrread -halg (null) -ha 0 -ns 2> /dev/null'
sh: -c: line 0: syntax error near unexpected token `('
sh: -c: line 0: `tsspcrread -halg (null) -ha 0 -ns 2> /dev/null'
errno: No such file or directory (2)
Now it just prints:
errno: No such file or directory (2)
Fixes: dc00c92 ("ima-evm-utils: calculate the per TPM bank
boot_aggregate")
Signed-off-by: Petr Vorel <pvorel@suse.cz>
---
Hi Mimi,
not really sure if this is a best place to handle the problem.
Kind regards,
Petr
src/evmctl.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/src/evmctl.c b/src/evmctl.c
index 94ec56b..03eeb6e 100644
--- a/src/evmctl.c
+++ b/src/evmctl.c
@@ -1796,6 +1796,12 @@ static int read_tpm_banks(int num_banks, struct tpm_bank_info *bank)
for (i = 0; i < num_banks; i++) {
err = 0;
for (j = 0; j < NUM_PCRS && !err; j++) {
+ if (!bank[i].algo_name) {
+ log_debug("No algo_name for PCR: %d\n", i);
+ bank[i].supported = 0;
+ continue;
+ }
+
err = tpm2_pcr_read(bank[i].algo_name, j,
bank[i].pcr[j], bank[i].digest_size,
&errmsg);
--
2.27.0
^ permalink raw reply related [flat|nested] 2+ messages in thread
* [RFC PATCH ima-evm-utils 3/3] logging: Print also LOG_INFO messages
2020-06-18 18:50 [PATCH ima-evm-utils 2/3] Don't run tsspcrread on systems without TPM Petr Vorel
@ 2020-06-18 18:50 ` Petr Vorel
0 siblings, 0 replies; 2+ messages in thread
From: Petr Vorel @ 2020-06-18 18:50 UTC (permalink / raw)
To: linux-integrity; +Cc: Petr Vorel, Mimi Zohar
as some errors are using it, e.g. in previous fix
just errno would be printed:
./src/evmctl ima_boot_aggregate
Failed to read any TPM PCRs
errno: No such file or directory (2)
Signed-off-by: Petr Vorel <pvorel@suse.cz>
---
Hi Mimi,
Just attempt to do quick fix. I guess reconsidering levels as code has
changed would be better, but require more work.
Kind regards,
Petr
src/libimaevm.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/libimaevm.c b/src/libimaevm.c
index 683cfb8..4bcce13 100644
--- a/src/libimaevm.c
+++ b/src/libimaevm.c
@@ -82,7 +82,7 @@ static const char *const pkey_hash_algo_kern[PKEY_HASH__LAST] = {
};
struct libimaevm_params imaevm_params = {
- .verbose = LOG_INFO - 1,
+ .verbose = LOG_INFO,
.x509 = 1,
.hash_algo = "sha1",
};
--
2.27.0
^ permalink raw reply related [flat|nested] 2+ messages in thread
end of thread, other threads:[~2020-06-18 18:50 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-06-18 18:50 [PATCH ima-evm-utils 2/3] Don't run tsspcrread on systems without TPM Petr Vorel
2020-06-18 18:50 ` [RFC PATCH ima-evm-utils 3/3] logging: Print also LOG_INFO messages Petr Vorel
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).