Lines Matching refs:policy

12 `ima_measurements.sh` require builtin IMA tcb policy to be loaded
14 Although a custom policy, loaded via dracut, systemd or manually from user
20 policy, as well as a loaded measure policy with `func=KEY_CHECK keyrings=...`.
22 The certificate import test (second test) requires measure policy with
25 For example of valid policy for both tests on all supported kernels see `keycheck.policy`.
28 `ima-buf` template should be specified in the IMA policy rule for
35 policy rule for key measurement, e.g.:
41 policy allowed in the kernel configuration:
48 `ima_kexec.sh` requires loaded policy which contains `measure func=KEXEC_CMDLINE`,
49 see example in `kexec.policy`.
56 To enable IMA to measure SELinux state and policy, `ima_selinux.sh`
57 requires a readable IMA policy, as well as a loaded measure policy with
59 see example in `selinux.policy`.
62 and reading the IMA policy allowed in the kernel configuration:
70 `evm_overlay.sh` requires a builtin IMA appraise tcb policy (e.g. `ima_policy=appraise_tcb`
72 Again, for simplicity ignore possibility to load requires rules via custom policy.