diff options
Diffstat (limited to 'Documentation/kernel-parameters.txt')
| -rw-r--r-- | Documentation/kernel-parameters.txt | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/Documentation/kernel-parameters.txt b/Documentation/kernel-parameters.txt index 8bb54c95cece..afe7e2bbbc23 100644 --- a/Documentation/kernel-parameters.txt +++ b/Documentation/kernel-parameters.txt @@ -1413,7 +1413,15 @@ bytes respectively. Such letter suffixes can also be entirely omitted. The list of supported hash algorithms is defined in crypto/hash_info.h. - ima_tcb [IMA] + ima_policy= [IMA] + The builtin measurement policy to load during IMA + setup. Specyfing "tcb" as the value, measures all + programs exec'd, files mmap'd for exec, and all files + opened with the read mode bit set by either the + effective uid (euid=0) or uid=0. + Format: "tcb" + + ima_tcb [IMA] Deprecated. Use ima_policy= instead. Load a policy which meets the needs of the Trusted Computing Base. This means IMA will measure all programs exec'd, files mmap'd for exec, and all files @@ -1421,7 +1429,7 @@ bytes respectively. Such letter suffixes can also be entirely omitted. ima_template= [IMA] Select one of defined IMA measurements template formats. - Formats: { "ima" | "ima-ng" } + Formats: { "ima" | "ima-ng" | "ima-sig" } Default: "ima-ng" ima_template_fmt= |