ima_store_measurement

函数名称：ma_store_measurement - store file measurement* Create an "ima" template and then store the template by calling* ima_store_template

函数原型：void ima_store_measurement(struct integrity_iint_cache *iint, struct file *file, const unsigned char *filename, struct evm_ima_xattr_data *xattr_value, int xattr_len, const struct modsig *modsig, int pcr, struct ima_template_desc *template_desc)

返回类型：void

参数：

类型	参数	名称
struct integrity_iint_cache *	iint
struct file *	file
const unsigned char *	filename
struct evm_ima_xattr_data *	xattr_value
int	xattr_len
const struct modsig *	modsig
int	pcr
struct ima_template_desc *	template_desc

299

op[]等于"add_template_measure"

300

audit_cause[]等于"ENOMEM"

301

result等于负ENOMEM

302

inode等于file_inode(file)

304

struct ima_event_data event_data = {iint = iint, file = file, filename = filename, xattr_value = xattr_value, xattr_len = xattr_len, modsig = modsig}

310

violation等于0

318

如果measured_pcrs按位与0x1左移pcr位且非modsig则返回

321

result等于ma_alloc_init_template - create and initialize a new template entry

322

如果result小于0则

323

integrity_audit_msg(PCR invalidation msgs , inode, filename, op, audit_cause, result, 0)

325

返回

328

result等于ma_store_template - store ima template measurements* Calculate the hash of a template entry, add the template entry* to an ordered list of measurement entries maintained inside the kernel,* and also update the aggregate integrity value (maintained inside

329

如果非result或result恒等于负EEXIST的值且非f_flags按位与O_DIRECT的值则

330

flags或等于IMA_MEASURED

331

measured_pcrs或等于0x1左移pcr位

333

如果result小于0则ma_free_template_entry - free an existing template entry

**调用者**
名称	描述
process_measurement

源代码转换工具开放的插件接口	X
支持：c/c++/esqlc/java Oracle/Informix/Mysql 插件可实现：逻辑报告代码生成和批量转换代码