version 0.1.0

remove unused parameter
Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
2025-07-03 22:23:16 +02:00 · 2012-09-06 14:08:53 +03:00 · 2012-09-06 14:08:53 +03:00 · 2012-09-06 14:08:53 +03:00 · 2012-09-06 14:08:52 +03:00 · 2012-09-06 14:08:52 +03:00
4 changed files with 234 additions and 201 deletions
--- a/5
+++ b/5
@ -1,3 +1,8 @@
 2012-04-02  Dmitry Kasatkin  <dmitry.kasatkin@intel.com>
 	version 0.1.0
 	* Fully functional version for lastest 3.x kernels
 2011-08-24  Dmitry Kasatkin  <dmitry.kasatkin@intel.com>
 	version 0.1
--- a/12
+++ b/12
@ -1,8 +1,17 @@
 1. Generate private key
 # plain key
 openssl genrsa -out privkey_evm.pem 1024
 # encrypted key
 openssl genrsa -des3 -out privkey_evm.pem 1024
 # set password for the key
 openssl rsa -in /etc/keys/privkey_evm.pem -out privkey_evm_enc.pem -des3
 or
 openssl pkcs8 -topk8 -in /etc/keys/privkey_evm.pem -out privkey_evm_enc.pem
 2. Generate public key
 openssl rsa -pubout -in privkey_evm.pem -out pubkey_evm.pem
@ -34,6 +43,9 @@ find /lib/modules ! -name "*.ko" -type f -uid 0 -exec evmctl sign --imahash '{}'
 # security.ima needs to have signature for modules
 find /lib/modules -name "*.ko" -type f -uid 0 -exec evmctl sign --imasig '{}' \;
 # generate signatures in .sig files
 find /lib/modules -name "*.ko" -type f -uid 0 -exec evmctl -n --sigfile ima_sign '{}' \;
 8. Label filesystem in fix mode...
 ima_fix_dir.sh <dir>
--- a/configure.ac
+++ b/configure.ac
@ -33,7 +33,7 @@ AC_CHECK_HEADERS(openssl/conf.h)
 #debug support - yes for a while
 PKG_ARG_ENABLE(debug, "yes", DEBUG, [Enable Debug support])
 if test $pkg_cv_enable_debug = yes; then
-	CFLAGS="-g -O1 -Wall -Wstrict-prototypes -pipe"
+	CFLAGS="$CFLAGS -g -O1 -Wall -Wstrict-prototypes -pipe"
 else
 	CFLAGS="$CFLAGS -Wall -Wstrict-prototypes -pipe -fomit-frame-pointer"
 fi
--- a/src/evmctl.c
+++ b/src/evmctl.c
Author	SHA1	Message	Date
Dmitry Kasatkin	1e2934d9a3	version 0.1.0	2012-09-06 14:08:53 +03:00
Dmitry Kasatkin	c13fce4028	remove unused parameter Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>	2012-09-06 14:08:53 +03:00
Dmitry Kasatkin	aa2f6e9b63	Changed time_t timestamp type to uint32_t time_t is actually long and is different on 32 and 64 bit architectures. Format of the signatures should not depend on the architecture and should be the same. Changed timestamp to uint32_t like in GPG. Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>	2012-09-06 14:08:53 +03:00
Dmitry Kasatkin	ff071501d0	Added missing CFLAGS Added missing CFLAGS Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>	2012-09-06 14:08:52 +03:00
Dmitry Kasatkin	f2b486e053	Added signature write to .sig file To enable module signature verification working on file systems without extended attributes, or to be able to copy modules by methods, which does not support extended attribute copying, it is necessary to store signature in the file. This patch provides command line parameter for storing signature in .sig file. Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>	2012-09-06 14:08:52 +03:00
Dmitry Kasatkin	e3f11d343a	Change set_xattr to xattr. set_xattr changed to xattr. Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>	2012-09-06 14:08:52 +03:00
Dmitry Kasatkin	7e89de565e	Changed to conform Linux kernel coding style Changed to conform Linux kernel coding style, except 80 characters line length limit. Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>	2012-09-06 14:08:52 +03:00
Dmitry Kasatkin	e91cb01e9a	added password parameter for using encrypted keys Added password parameter for using encrypted keys. Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>	2012-09-06 14:08:52 +03:00
Dmitry Kasatkin	b0966fd243	added openssl initialization and error reporting Added openssl initialization and error reporting. Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>	2012-09-06 14:08:52 +03:00
Dmitry Kasatkin	0b197c4d30	minor fixes - error message - command info Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>	2012-09-06 14:08:52 +03:00