From 164c51ff2b3dfff79660820dcbbee8a1d3b2d1c6 Mon Sep 17 00:00:00 2001
From: Mimi Zohar <zohar@linux.ibm.com>
Date: Wed, 3 Jul 2019 09:19:41 -0400
Subject: [PATCH] ima-evm-utils: support template "buf" field

Other than the "boot-aggregate" measurement entry in the IMA
measuremeent list, all other measurements are of file data.  Kernel
support was recently added to support measuring the kexec boot command
line buffer, which is stored in a new template field named 'buf'.

This patch adds support for a new template named "ima-buf", defined as
"d-ng|n-ng|buf".

Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
---
 src/evmctl.c | 20 ++++++++++++++++++--
 1 file changed, 18 insertions(+), 2 deletions(-)

diff --git a/src/evmctl.c b/src/evmctl.c
index f604663..a6d07c9 100644
--- a/src/evmctl.c
+++ b/src/evmctl.c
@@ -1443,8 +1443,8 @@ void ima_ng_show(struct template_entry *entry)
 {
 	uint8_t *fieldp = entry->template;
 	uint32_t field_len;
-	int total_len = entry->template_len, digest_len, len, sig_len;
-	uint8_t *digest, *sig = NULL;
+	int total_len = entry->template_len, digest_len, len, sig_len, fbuf_len;
+	uint8_t *digest, *sig = NULL, *fbuf = NULL;
 	char *algo, *path;
 	int found;
 	int err;
@@ -1484,6 +1484,18 @@ void ima_ng_show(struct template_entry *entry)
 			sig = fieldp;
 			sig_len = field_len;
 
+			/* move to next field */
+			fieldp += field_len;
+			total_len -= field_len;
+		}
+	} else if (!strcmp(entry->name, "ima-buf")) {
+		field_len = *(uint32_t *)fieldp;
+		fieldp += sizeof(field_len);
+		total_len -= sizeof(field_len);
+		if (field_len) {
+			fbuf = fieldp;
+			fbuf_len = field_len;
+
 			/* move to next field */
 			fieldp += field_len;
 			total_len -= field_len;
@@ -1497,6 +1509,10 @@ void ima_ng_show(struct template_entry *entry)
 		log_info(" %s %s", entry->name, algo);
 		log_dump_n(digest, digest_len);
 		log_info(" %s", path);
+		if (fbuf) {
+			log_info(" ");
+			log_dump_n(fbuf, fbuf_len);
+		}
 	}
 
 	if (sig) {