[RFC PATCH v2 11/12] documentation: Add IPE Documentation

Jonathan Corbet corbet at lwn.net
Tue Apr 14 15:38:09 UTC 2020

On Mon,  6 Apr 2020 15:14:38 -0700
deven.desai at linux.microsoft.com wrote:

> From: Deven Bowers <deven.desai at linux.microsoft.com>
> Add IPE's documentation to the kernel tree.
> Signed-off-by: Deven Bowers <deven.desai at linux.microsoft.com>

Thanks for including this nice documentation from the outset!  I have a
couple of tiny nits to pick, but nothing really substantive to complain
about, so:

  Acked-by: Jonathan Corbet <corbet at lwn.net>


> +IPE is a Linux Security Module, which allows for a configurable policy

I'd drop the comma (I told you these were nits!)


> +IPE Policy
> +~~~~~~~~~~
> +
> +IPE policy is designed to be both forward compatible and backwards
> +compatible. There is one required line, at the top of the policy,
> +indicating the policy name, and the policy version, for instance:
> +
> +::
> +
> +   policy_name="Ex Policy" policy_version=0.0.0

This pattern can be compressed a bit by just putting the "::" at the end of
the last line of text:

	indicating the policy name, and the policy version, for instance::

	   policy_name="Ex Policy" policy_version=0.0.0

The result is a bit more readable in the plain-text format, IMO, and
renders exactly the same in Sphinx.



More information about the Linux-security-module-archive mailing list