* @brief
*/
+#include <imaevm.h>
#include <ima-evm-server.h>
#include <stdio.h>
printf(" \t\t\tThe state of IMA can be one of: dis|enf|ign|fix\n");
printf(" \t\t\tThe state of EVM can be one of: dis|ena|fix\n");
printf(" -g ima|evm\t\tGet state of IMA or EVM\n");
+ printf(" -f /path/to/file\tCheck state of file\n");
+ printf(" \t\t\tThis function doesn't use ima-evm-server.\n");
+ printf(" \t\t\tIt uses libima-evm directly - for security reason.\n");
printf(" -p\t\t\tGet policy from the kernel\n");
printf(" -l file\t\tLoad policy from the file into the kernel\n");
printf(" \t\t\tThe signature of the policy should be present in location file.sig\n");
}
+const char* file_state_to_str(int state)
+{
+ switch (state){
+ case FILE_STATE_OK: return "OK";
+ case FILE_STATE_TAMPERED: return "Tampered";
+ case FILE_STATE_UNKNOWN: return "Unknown";
+ default: return "Unknown";
+ }
+}
+
int ima_state_to_server(const char* state)
{
if (strcmp(state, "dis") == 0)
error(ret);
}
return 0;
+ case 'f':
+ i++;
+ if (i>=argc) {
+ few_args();
+ return 0;
+ }
+ ret = get_file_state(argv[i], &state);
+ if (LIB_SUCCESS != ret) {
+ error(ret);
+ return 0;
+ }
+ printf("%s\n", file_state_to_str(state));
+ return 0;
default:
inval();
return 0;