Lines Matching full:rules
7 * - initialize default measure policy rules
207 /* An array of architecture specific rules */
359 * lsm rules can change in ima_lsm_copy_rule()
424 * The LSM policy can be reloaded, leaving the IMA LSM based rules referring
425 * to the old, stale LSM policy. Update the IMA LSM based rules to reflect
580 * we need to differentiate between calling hooks, for hook specific rules.
742 const char * const *rules; in ima_init_arch_policy() local
750 /* Get number of rules */ in ima_init_arch_policy()
751 for (rules = arch_rules; *rules != NULL; rules++) in ima_init_arch_policy()
759 /* Convert each policy string rules to struct ima_rule_entry format */ in ima_init_arch_policy()
760 for (rules = arch_rules, i = 0; *rules != NULL; rules++) { in ima_init_arch_policy()
764 result = strlcpy(rule, *rules, sizeof(rule)); in ima_init_arch_policy()
781 * ima_init_policy - initialize the default measure rules.
790 /* if !ima_policy, we load NO default rules */ in ima_init_policy()
811 * and appraise rules requiring file signatures for both the initial in ima_init_policy()
812 * and custom policies, prior to other appraise rules. in ima_init_policy()
823 * Insert the builtin "secure_boot" policy rules requiring file in ima_init_policy()
824 * signatures, prior to other appraise rules. in ima_init_policy()
831 * Insert the build time appraise rules requiring file signatures in ima_init_policy()
833 * rules. As the secure boot rules includes all of the build time in ima_init_policy()
834 * rules, include either one or the other set of rules, but not both. in ima_init_policy()
854 /* Make sure we have a valid policy, at least containing some rules. */
863 * ima_update_policy - update default_rules with new measure rules
865 * Called on file .release to update the default rules with a complete new
870 * Policy rules are never deleted so ima_policy_flag gets zeroed only once when
884 * IMA architecture specific policy rules are specified in ima_update_policy()
887 * architecture specific rules stored as an array. in ima_update_policy()