Spec URL: <spec info here> SRPM URL: <srpm info here> Description: This feature will enable measuring files present on the OS at the time of boot. These measurements will extend upon those done by Intel TXT and Tboot earlier in the boot process. In addition to measuring these paths, it would be possible to attest (locally or remotely) these measurements against a good known whitelist to provide boot time integrity. Measurements constitute file hashes. We can potentially measure any file having a path on the OS at the time of boot and store those measurements in the TPM. These values are compared against a known whitelist to guarantee boot time integrity of OS components. In order to remotely attest these measurements, the user would need an Attestation server and a host trust agent installed (open-sourced already). For measurements without remote attestation, no other component is required. Please note : All measurements are done by an initrd hook. Existing initrd will be modified to add our measurement agent hook for this to work. Fedora Account System Username: srk892
(In reply to Saurabh Kulkarni from comment #0) > Spec URL: <spec info here> > SRPM URL: <srpm info here> > Links ?
yeah, saurabh, please read over the Fedora package review process before opening a bugzilla: https://fedoraproject.org/wiki/Package_Review_Process
Hi Neil, sorry about that. All we have now is the working code that can be downloaded from github and built. We do not have an RPM yet. We are, however, working toward that.
ok, but the point of a fedora review is having your code packaged as an rpm so that we can review the code and its packaging. I'm closing this. Please re-open it when you're ready to try including it in fedora.