Lines Matching +full:build +full:- +full:rules
1 # SPDX-License-Identifier: GPL-2.0-only
60 Disabling this option will disregard LSM based policy rules.
71 limited to 255 characters. The 'ima-ng' measurement list
78 bool "ima-ng (default)"
80 bool "ima-sig"
87 default "ima-ng" if IMA_NG_TEMPLATE
88 default "ima-sig" if IMA_SIG_TEMPLATE
135 IMA policy can now be updated multiple times. The new rules get
136 appended to the original policy. Have in mind that the rules are
149 This option allows the root user to see the current policy rules.
163 <http://linux-ima.sourceforge.net>
176 bool "IMA build time configured policy rules"
180 This option defines an IMA appraisal policy at build time, which
182 policy name on the boot command line. The build time appraisal
183 policy rules persist after loading a custom policy.
185 Depending on the rules configured, this policy may require kernel
221 Kernel module signatures can only be verified by IMA-appraisal,
242 bool "Support module-style signatures for appraisal"
267 bool "Permit keys validly signed by a built-in or secondary CA cert (EXPERIMENTAL)"
275 key is validly signed by a CA cert in the system built-in or
281 built-in or secondary trusted keyrings.
313 bool "Require signed user-space initialization"
317 This option requires user-space init to be signed.