Lines Matching +full:build +full:- +full:rules
1 # SPDX-License-Identifier: GPL-2.0-only
61 Disabling this option will disregard LSM based policy rules.
71 limited to 255 characters. The 'ima-ng' measurement list
77 bool "ima-ng (default)"
79 bool "ima-sig"
84 default "ima-ng" if IMA_NG_TEMPLATE
85 default "ima-sig" if IMA_SIG_TEMPLATE
129 IMA policy can now be updated multiple times. The new rules get
130 appended to the original policy. Have in mind that the rules are
142 This option allows the root user to see the current policy rules.
155 <http://linux-ima.sourceforge.net>
168 bool "IMA build time configured policy rules"
172 This option defines an IMA appraisal policy at build time, which
174 policy name on the boot command line. The build time appraisal
175 policy rules persist after loading a custom policy.
177 Depending on the rules configured, this policy may require kernel
213 Kernel module signatures can only be verified by IMA-appraisal,
234 bool "Support module-style signatures for appraisal"
247 bool "Permit keys validly signed by a built-in, machine (if configured) or secondary"
255 key is validly signed by a CA cert in the system built-in,
262 built-in, machine (if configured) or secondary trusted keyrings.
294 bool "Require signed user-space initialization"
298 This option requires user-space init to be signed.