[PATCH v9 7/8] IMA: define a builtin critical data measurement policy

Mimi Zohar zohar at linux.ibm.com
Thu Dec 24 14:41:48 UTC 2020


On Sat, 2020-12-12 at 10:02 -0800, Tushar Sugandhi wrote:
> From: Lakshmi Ramasubramanian <nramas at linux.microsoft.com>
> 
> Define a new critical data builtin policy to allow measuring
> early kernel integrity critical data before a custom IMA policy
> is loaded.
> 
> Add critical data to built-in IMA rules if the kernel command line
> contains "ima_policy=critical_data".

This sentence isn't really necessary.

> 
> Update the documentation on kernel parameters to document
> the new critical data builtin policy.
> 
> Signed-off-by: Lakshmi Ramasubramanian <nramas at linux.microsoft.com>
> Reviewed-by: Tyler Hicks <tyhicks at linux.microsoft.com>

Otherwise,
Reviewed-by:  Mimi Zohar <zohar at linux.ibm.com>

thanks,

Mimi



More information about the Linux-security-module-archive mailing list