[PATCH] ima: Add digest_size field to ima_algo_desc structure and use to show meas.
Roberto Sassu
roberto.sassu at huaweicloud.com
Thu Feb 26 09:00:43 UTC 2026
On Wed, 2026-02-25 at 13:37 -0500, Mimi Zohar wrote:
> On Wed, 2026-02-25 at 13:53 +0100, Roberto Sassu wrote:
> > From: Roberto Sassu <roberto.sassu at huawei.com>
> >
> > Add the digest_size field to the ima_algo_desc structure to determine the
> > digest size from the correct source.
> >
> > If the hash algorithm is among allocated PCR banks, take the value from the
> > TPM bank info; if the hash algorithm is SHA1, use the predefined value; if
> > the hash algorithm is the default one but not among the PCR banks, take the
> > digest size from the crypto subsystem (the default hash algorithm is
> > checked when parsing the ima_hash= command line option).
> >
> > Finally, use the new information to correctly show the template digest in
> > ima_measurements_show() and ima_ascii_measurements_show().
> >
> > Signed-off-by: Roberto Sassu <roberto.sassu at huawei.com>
>
> Thanks, Roberto. The patch looks fine, other than the patch title. Could it be
> renamed as "ima: define and use a digest_size field in the ima_algo_desc
> structure"?
Sure, will do this and add a comment about the TPM digest size.
Thanks
Roberto
More information about the Linux-security-module-archive
mailing list