From 6c9db8b25c57a37dc30f9e6dbf08d95f7dfae183 Mon Sep 17 00:00:00 2001
From: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Date: Mon, 29 Jan 2024 13:19:37 +0100
Subject: [PATCH] keylime-agent.conf: Allow setting event logs paths

This introduces the 'ima_ml_path' and 'measuredboot_ml_path' options to
set the IMA measurement log and Measured Boot event log, respectively.

This also bumps the configuration version to 2.2 as new options were
added.

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
---
 keylime-agent.conf | 17 ++++++++++++++++-
 1 file changed, 16 insertions(+), 1 deletion(-)

diff --git a/keylime-agent.conf b/keylime-agent.conf
index c71c1845..5c422b4b 100644
--- a/keylime-agent.conf
+++ b/keylime-agent.conf
@@ -11,7 +11,7 @@
 # The configuration file version
 #
 # To override, set KEYLIME_AGENT_VERSION environment variable.
-version = "2.1"
+version = "2.2"
 
 # The agent's UUID.
 # If you set this to "generate", Keylime will create a random UUID.
@@ -298,3 +298,18 @@ run_as = "keylime:tss"
 # variable.
 agent_data_path = "default"
 
+# Path from where the agent will read the IMA measurement log.
+#
+# If set as "default", Keylime will use the default path:
+# The default path is /sys/kernel/security/ima/ascii_runtime_measurements
+# If set as a relative path, it will be considered from the root path "/".
+# If set as an absolute path, it will use it without changes
+ima_ml_path = "default"
+
+# Path from where the agent will read the measured boot event log.
+#
+# If set as "default", Keylime will use the default path:
+# The default path is /sys/kernel/security/tpm0/binary_boot_measurements
+# If set as a relative path, it will be considered from the root path "/".
+# If set as an absolute path, it will use it without changes
+measuredboot_ml_path = "default"