PEL: registry: Add message for integrity audit event
Add a new informational log message for when the kernel records an audit
event of type Integrity. These events are related to the Integrity
Measurement Architecture (IMA) functionality in the BMC, and would help
the user to be aware of any activity related to IMA, such as attempts to
execute unsigned binaries.
Change-Id: Idcc20cf46de6c5ecee85990fb21983afb14e7b48
Signed-off-by: Adriana Kobylak <anoo@us.ibm.com>
diff --git a/extensions/openpower-pels/registry/message_registry.json b/extensions/openpower-pels/registry/message_registry.json
index 6b8fc2b..0bfb5d5 100644
--- a/extensions/openpower-pels/registry/message_registry.json
+++ b/extensions/openpower-pels/registry/message_registry.json
@@ -5910,6 +5910,27 @@
},
{
+ "Name": "xyz.openbmc_project.Software.Version.Info.IntegrityEvent",
+ "Subsystem": "bmc_firmware",
+ "ComponentID": "0x3600",
+ "Severity": "non_error",
+ "SRC": {
+ "ReasonCode": "0x360C",
+ "Words6To9": {}
+ },
+ "Documentation": {
+ "Description": "An audit event of type Integrity was recorded",
+ "Message": "An audit event of type Integrity was recorded",
+ "Notes": [
+ "The Linux Integrity Measurement Architecture (IMA) on the",
+ "BMC has detected a potential integrity violation, such as",
+ "the attempt to execute an unsigned binary. Refer to the",
+ "User Data section for details."
+ ]
+ }
+ },
+
+ {
"Name": "xyz.openbmc_project.PLDM.Error.findDumpObjPath.GetManagedObjectsFail",
"Subsystem": "bmc_firmware",
"ComponentID": "0x6000",