NettetCurrently, IMA does not provide a generic function for kernel subsystems to measure their critical data. Examples of critical data in this context could be kernel in-memory r/o structures, hash of the memory structures, or data that represents a linux kernel subsystem state change.
IMA & TPM load order broken, resulting in no hardware root of …
Nettet1. nov. 2024 · Extending the protection from malicious boot attacks via Integrity Measurement Architecture (IMA) on Linux Linux systems follow a similar boot process to Windows, and with TPM attestation the protection profile can be extended to beyond boot into the kernel as well using Integrity Measurement Architecture (IMA). NettetIMA functions such as ima_match_keyring(), process_buffer_measurement(), ima_match_policy() etc. handle data specific to keyrings. Currently, these constructs are not generic to handle any func specific data. This makes it harder to extend them without code duplication. clouth areal köln
linux - How to enable and verify enforce option in IMA ( Integrity ...
Nettet14. apr. 2024 · How to configure Linux Integrity Measurement Architecture(IMA) for Raspberry Pi 4 without a TPM? Fri Apr 14, 2024 9:46 am . I am trying to enable IMA for Raspberry Pi 4 by recompiling Linux kernel. Currently I am trying to only explore this feature and do not have a TPM. NettetIntegrity Measurement Architecture (IMA) is a component of the kernel integrity subsystem. IMA aims to maintain the contents of local files. Specifically, IMA measures, stores, and appraises file hashes before they are accessed, which prevents the reading and execution of unreliable data. NettetLKML Archive on lore.kernel.org help / color / mirror / Atom feed * [PATCH v6 0/6] Add support for architecture specific IMA policies @ 2024-10-09 17:30 Nayna Jain 2024-10-09 17:30 ` [PATCH v6 1/5] x86/ima: define arch_ima_get_secureboot Nayna Jain ` (4 more replies) 0 siblings, 5 replies; 6+ messages in thread From: Nayna Jain @ 2024-10-09 … c4 zr1 wallpaper