Lines Matching +full:build +full:- +full:rules
1 # SPDX-License-Identifier: GPL-2.0-only
60 Disabling this option will disregard LSM based policy rules.
70 limited to 255 characters. The 'ima-ng' measurement list
76 bool "ima-ng (default)"
78 bool "ima-sig"
83 default "ima-ng" if IMA_NG_TEMPLATE
84 default "ima-sig" if IMA_SIG_TEMPLATE
128 IMA policy can now be updated multiple times. The new rules get
129 appended to the original policy. Have in mind that the rules are
141 This option allows the root user to see the current policy rules.
154 <http://linux-ima.sourceforge.net>
167 bool "IMA build time configured policy rules"
171 This option defines an IMA appraisal policy at build time, which
173 policy name on the boot command line. The build time appraisal
174 policy rules persist after loading a custom policy.
176 Depending on the rules configured, this policy may require kernel
212 Kernel module signatures can only be verified by IMA-appraisal,
233 bool "Support module-style signatures for appraisal"
246 bool "Permit keys validly signed by a built-in, machine (if configured) or secondary"
254 key is validly signed by a CA cert in the system built-in,
261 built-in, machine (if configured) or secondary trusted keyrings.
293 bool "Require signed user-space initialization"
297 This option requires user-space init to be signed.