diff options
author | Matthew Garrett <matthewgarrett@google.com> | 2019-06-19 15:46:11 -0700 |
---|---|---|
committer | Mimi Zohar <zohar@linux.ibm.com> | 2019-06-19 18:51:01 -0400 |
commit | 19453ce0bcfbdf7332a104eebf5d835977af7284 (patch) | |
tree | 905616cb5f8ed74bdd94dfa9a51012f5bdad82af /Documentation/ABI | |
parent | 8c655784e2cf59cb6140759b8b546d98261d1ad9 (diff) | |
download | linux-19453ce0bcfbdf7332a104eebf5d835977af7284.tar.bz2 |
IMA: support for per policy rule template formats
Admins may wish to log different measurements using different IMA
templates. Add support for overriding the default template on a per-rule
basis.
Inspired-by: Roberto Sassu <roberto.sassu@huawei.com>
Signed-off-by: Matthew Garrett <mjg59@google.com>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
Diffstat (limited to 'Documentation/ABI')
-rw-r--r-- | Documentation/ABI/testing/ima_policy | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/Documentation/ABI/testing/ima_policy b/Documentation/ABI/testing/ima_policy index 74c6702de74e..b383c1763610 100644 --- a/Documentation/ABI/testing/ima_policy +++ b/Documentation/ABI/testing/ima_policy @@ -24,8 +24,7 @@ Description: [euid=] [fowner=] [fsname=]] lsm: [[subj_user=] [subj_role=] [subj_type=] [obj_user=] [obj_role=] [obj_type=]] - option: [[appraise_type=]] [permit_directio] - + option: [[appraise_type=]] [template=] [permit_directio] base: func:= [BPRM_CHECK][MMAP_CHECK][CREDS_CHECK][FILE_CHECK][MODULE_CHECK] [FIRMWARE_CHECK] [KEXEC_KERNEL_CHECK] [KEXEC_INITRAMFS_CHECK] @@ -38,6 +37,8 @@ Description: fowner:= decimal value lsm: are LSM specific option: appraise_type:= [imasig] + template:= name of a defined IMA template type + (eg, ima-ng). Only valid when action is "measure". pcr:= decimal value default policy: |