Lines Matching refs:to

21 	  to change the contents of an important system file
26 	  TPM hardware, so that the TPM can prove to a third party
29 	  to learn more about IMA.
39 	   TPM PCRs are only reset on a hard reboot.  In order to validate
43 	   Depending on the IMA policy, the measurement list can grow to
52 	  that IMA uses to maintain the integrity aggregate of the
70 	  limited to 255 characters.  The 'ima-ng' measurement list
125 	bool "Enable multiple writes to the IMA policy"
129 	  appended to the original policy.  Have in mind that the rules are
139 	   It is often useful to be able to read back the IMA policy.  It is
141 	   This option allows the root user to see the current policy rules.
148 	  It requires the system to be labeled with a security extended
153 	  For more information on integrity appraisal refer to:
172 	  is enforced at run time without having to specify a builtin
178 	  to be signed.  Unsigned files might prevent the system from
186 	  This option defines a policy requiring all firmware to be signed,
196 	  Enabling this rule will require all kexec'ed kernel images to
209 	  Enabling this rule will require all kernel modules to be signed
221 	  Enabling this rule will require the IMA policy to be signed and
240 	   Adds support for signatures appended to files. The format of the
242 	   The modsig keyword can be used in the IMA policy to allow a hook
243 	   to accept such signatures.
253 	  Keys may be added to the IMA or IMA blacklist keyrings, if the
258 	  IMA keys to be added may be added to the system secondary keyring,
271 	   an error is returned to the caller.
296 	   This option requires user-space init to be signed.
313           This option is selected by architectures to enable secure and/or
317 	bool "Disable htable to allow measurement of duplicate records"
320 	   This option disables htable to allow measurement of duplicate records.