On Fri, 23 Mar 2007 12:09:50 -0400 Mimi Zohar <[EMAIL PROTECTED]> wrote:
> This is a re-release of Integrity Measurement Architecture(IMA) as a > method of providing support for the integrity service framework API > integrity_measure() call. When integrity_measure() is called, IMA > submits the measurement (hash) of the file to the TPM chip, for > inclusion in one of the chip's Platform Configuration Registers (PCR). > IMA also keeps a list of all file names and hashes that have been > submitted to the TPM, which can be viewed through securityfs. By > separately requesting a TPM_Quote from the chip, an application can > get a chip-signed value of the PCR, which, along with the list of > measurements from IMA, can be used to attest, or prove to a third > party, the validity of the hash list. (The tpm-3.2.1 package includes > example TPM applications for creating keys, and performing the > TPM_Quote operation.) > > IMA can be included or excluded in the kernel configuration. If > included in the kernel, IMA can also be enabled or disabled on the > kernel command line with evm_enable_ima=0. It breaks the ia64 build: ima_fs_cleanup: discarded in section `.exit.text' from security/built-in.o it's calling an __exit function from a non-_-exit function. I'll remove the __exit tag from ima_fs_cleanup(), but that's the wrong fix - really the caller should be fixed but it's all tangled up in a quite unnecessary inlined function. I must say that this code doesn't leave an impression of having sufficient overall quality. It needs some caring for. - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
