packages/secGear
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
secGear/0092-ima-detail-result-exclude-boot_aggregate-file.patch
xuraoqing 4b7794d24e sync patches from upstream 
Signed-off-by: xuraoqing <xuraoqing@huawei.com>
2025-03-18 20:18:49 +08:00

27 lines
1.1 KiB
Diff
Raw Blame History

From 9908ddc7947c10e0411c0b037160e320d8e83620 Mon Sep 17 00:00:00 2001
From: houmingyong <houmingyong@huawei.com>
Date: Tue, 22 Oct 2024 19:51:26 +0800
Subject: [PATCH] ima detail result exclude boot_aggregate file
---
.../attestation-service/verifier/src/virtcca/ima.rs | 3 +++
1 file changed, 3 insertions(+)
diff --git a/service/attestation/attestation-service/verifier/src/virtcca/ima.rs b/service/attestation/attestation-service/verifier/src/virtcca/ima.rs
index 2b73b46..4a9a954 100644
--- a/service/attestation/attestation-service/verifier/src/virtcca/ima.rs
+++ b/service/attestation/attestation-service/verifier/src/virtcca/ima.rs
@@ -59,6 +59,9 @@ impl ImaVerify {
EventData::ImaNg{digest, name} => (name, digest.digest),
_ => bail!("Inalid event {:?}", event),
};
+ if name == "boot_aggregate".to_string() {
+ continue;
+ }
let hex_str_digest = hex::encode(file_digest);
if ima_refs.contains(&hex_str_digest) {
ima_detail.insert(name, Value::Bool(true));
--
2.43.0
Reference in New Issue View Git Blame Copy Permalink