[PATCH v9 7/8] IMA: define a builtin critical data measurement policy

Mimi Zohar zohar at linux.ibm.com
Thu Dec 24 14:41:48 UTC 2020

On Sat, 2020-12-12 at 10:02 -0800, Tushar Sugandhi wrote:
> From: Lakshmi Ramasubramanian <nramas at linux.microsoft.com>
> Define a new critical data builtin policy to allow measuring
> early kernel integrity critical data before a custom IMA policy
> is loaded.
> Add critical data to built-in IMA rules if the kernel command line
> contains "ima_policy=critical_data".

This sentence isn't really necessary.

> Update the documentation on kernel parameters to document
> the new critical data builtin policy.
> Signed-off-by: Lakshmi Ramasubramanian <nramas at linux.microsoft.com>
> Reviewed-by: Tyler Hicks <tyhicks at linux.microsoft.com>

Reviewed-by:  Mimi Zohar <zohar at linux.ibm.com>



More information about the Linux-security-module-archive mailing list