diff options
Diffstat (limited to '')
-rw-r--r-- | src/analyze/analyze-pcrs.c | 2 | ||||
-rw-r--r-- | src/analyze/analyze-security.c | 4 |
2 files changed, 3 insertions, 3 deletions
diff --git a/src/analyze/analyze-pcrs.c b/src/analyze/analyze-pcrs.c index 43e415f..1c3da3f 100644 --- a/src/analyze/analyze-pcrs.c +++ b/src/analyze/analyze-pcrs.c @@ -11,7 +11,7 @@ static int get_pcr_alg(const char **ret) { assert(ret); - FOREACH_STRING(alg, "sha256", "sha1") { + FOREACH_STRING(alg, "sha256", "sha384", "sha1") { _cleanup_free_ char *p = NULL; if (asprintf(&p, "/sys/class/tpm/tpm0/pcr-%s/0", alg) < 0) diff --git a/src/analyze/analyze-security.c b/src/analyze/analyze-security.c index 75508f4..3d7b647 100644 --- a/src/analyze/analyze-security.c +++ b/src/analyze/analyze-security.c @@ -1244,8 +1244,8 @@ static const struct security_assessor security_assessor_table[] = { { .id = "CapabilityBoundingSet=~CAP_BPF", .json_field = "CapabilityBoundingSet_CAP_BPF", - .description_good = "Service may load BPF programs", - .description_bad = "Service may not load BPF programs", + .description_good = "Service may not load BPF programs", + .description_bad = "Service may load BPF programs", .url = "https://www.freedesktop.org/software/systemd/man/systemd.exec.html#CapabilityBoundingSet=", .weight = 25, .range = 1, |