Lines Matching +full:can +full:- +full:secondary

1 # SPDX-License-Identifier: GPL-2.0-only
23 	  being measured, we can tell.
27 	  TPM hardware, so that the TPM can prove to a third party
44 	   Depending on the IMA policy, the measurement list can grow to
71 	  limited to 255 characters.  The 'ima-ng' measurement list
73 	  pathnames. The configured default template can be replaced
77 		bool "ima-ng (default)"
79 		bool "ima-sig"
84 	default "ima-ng" if IMA_NG_TEMPLATE
85 	default "ima-sig" if IMA_SIG_TEMPLATE
93 	   hash algorithm can be overwritten using the kernel command
129 	  IMA policy can now be updated multiple times.  The new rules get
155 	  <http://linux-ima.sourceforge.net>
201 	  Kernel image signatures can not be verified by the original
213 	  Kernel module signatures can only be verified by IMA-appraisal,
234 	bool "Support module-style signatures for appraisal"
243 	   The modsig keyword can be used in the IMA policy to allow a hook
247 	bool "Permit keys validly signed by a built-in, machine (if configured) or secondary"
255 	  key is validly signed by a CA cert in the system built-in,
256 	  machine (if configured), or secondary trusted keyrings. The
260 	  IMA keys to be added may be added to the system secondary keyring,
262 	  built-in, machine (if configured) or secondary trusted keyrings.
294 	bool "Require signed user-space initialization"
298 	   This option requires user-space init to be signed.