Home
last modified time | relevance | path

Searched refs:IMA (Results 1 – 21 of 21) sorted by relevance

/linux-5.19.10/security/integrity/ima/
DKconfig4 config IMA config
5 bool "Integrity Measurement Architecture(IMA)"
18 Measurement Architecture(IMA) maintains a list of hash
24 If your system has a TPM chip, then IMA also maintains
29 to learn more about IMA.
33 bool "Enable carrying the IMA measurement list across a soft boot"
34 depends on IMA && TCG_TPM && HAVE_IMA_KEXEC
38 a TPM's quote after a soft boot, the IMA measurement list of the
41 Depending on the IMA policy, the measurement list can grow to
46 depends on IMA
[all …]
/linux-5.19.10/Documentation/admin-guide/device-mapper/
Ddm-ima.rst26 IMA kernel subsystem provides the necessary functionality for
34 Setting the IMA Policy:
36 For IMA to measure the data on a given system, the IMA policy on the
45 The measurements will be reflected in the IMA logs, which are located at:
52 Then IMA ASCII measurement log has the following format:
61 TEMPLATE_DATA_DIGEST := Template data digest of the IMA record.
76 | The DM target data measured by IMA subsystem can alternatively
84 | To support recording duplicate IMA events in the IMA log, the Kernel needs to be configured with
89 Following device state changes will trigger IMA measurements:
103 The IMA measurement log has the following format for 'dm_table_load':
[all …]
/linux-5.19.10/drivers/misc/sgi-gru/
Dgrukservices.c97 #define IMA IMA_CB_DELAY macro
591 gru_mesq(cb, mqd->mq_gpa, gru_get_tri(mhdr), 1, IMA); in send_noop_message()
617 IMA); in send_noop_message()
659 gru_gamir(cb, EOP_IR_CLR, HSTATUS(mqd->mq_gpa, half), XTYPE_DW, IMA); in send_message_queue_full()
671 XTYPE_DW, IMA); in send_message_queue_full()
682 IMA); in send_message_queue_full()
690 IMA); in send_message_queue_full()
714 gru_vset(cb, m, 0, XTYPE_CL, lines, 1, IMA); in send_message_put_nacked()
718 gru_vstore(cb, m, gru_get_tri(mesg), XTYPE_CL, lines, 1, IMA); in send_message_put_nacked()
821 gru_mesq(cb, mqd->mq_gpa, gru_get_tri(mhdr), clines, IMA); in gru_send_message_gpa()
[all …]
/linux-5.19.10/Documentation/security/
DIMA-templates.rst2 IMA Template Management Mechanism
13 necessary to extend the current version of IMA by defining additional
24 management from the remaining IMA code. The core of this solution is the
35 parameter. At boot time, IMA initializes the chosen template descriptor
39 After the initialization step, IMA will call ``ima_alloc_init_template()``
Dindex.rst9 IMA-templates
Ddigsig.rst20 Currently digital signatures are used by the IMA/EVM integrity protection subsystem.
/linux-5.19.10/Documentation/ABI/testing/
Dima_policy6 Measurement Architecture(IMA) maintains a list of hash
15 IMA appraisal, if configured, uses these file measurements
65 regular IMA file hash.
69 template:= name of a defined IMA template type
/linux-5.19.10/security/integrity/
DKconfig10 Measurement Architecture (IMA), Extended Verification Module
11 (EVM), IMA-appraisal extension, digital signature verification
/linux-5.19.10/fs/verity/
DKconfig56 an alternative to IMA appraisal. Userspace programs still
/linux-5.19.10/Documentation/filesystems/
Dfsverity.rst84 * Integrity Measurement Architecture (IMA)
86 IMA supports including fs-verity file digests and signatures in the
87 IMA measurement list and verifying fs-verity based file signatures
468 the signature verification in userspace or using IMA-appraisal.
659 :Q: Why isn't fs-verity part of IMA?
660 :A: fs-verity and IMA (Integrity Measurement Architecture) have
662 hashing individual files using a Merkle tree. In contrast, IMA
667 IMA supports the fs-verity hashing mechanism as an alternative
671 IMA. fs-verity already meets many users' needs even as a
Dubifs-authentication.rst431 to the way the IMA/EVM subsystem deals with such situations. The HMAC key
/linux-5.19.10/Documentation/security/tpm/
Dxen-tpmfront.rst121 In order to use features such as IMA that require a TPM to be loaded prior to
/linux-5.19.10/security/
DKconfig44 various security modules (AppArmor, IMA, SafeSetID, TOMOYO, TPM).
/linux-5.19.10/Documentation/admin-guide/
Dkernel-parameters.rst120 IMA Integrity measurement architecture is enabled.
Dkernel-parameters.txt1883 ima_appraise= [IMA] appraise integrity measurements
1887 ima_appraise_tcb [IMA] Deprecated. Use ima_policy= instead.
1891 ima_canonical_fmt [IMA]
1895 ima_hash= [IMA]
1903 ima_policy= [IMA]
1904 The builtin policies to load during IMA setup.
1928 ima_tcb [IMA] Deprecated. Use ima_policy= instead.
1930 Computing Base. This means IMA will measure all
1934 ima_template= [IMA]
1935 Select one of defined IMA measurements template formats.
[all …]
/linux-5.19.10/Documentation/x86/
Dintel_txt.rst64 Measurement Architecture (IMA) and Linux Integrity Module interface
/linux-5.19.10/lib/
DKconfig591 which is used by IMA/EVM digital signature extension.
/linux-5.19.10/arch/riscv/
DKconfig438 select HAVE_IMA_KEXEC if IMA
/linux-5.19.10/arch/powerpc/
DKconfig558 select HAVE_IMA_KEXEC if IMA
/linux-5.19.10/arch/arm64/
DKconfig1360 select HAVE_IMA_KEXEC if IMA
/linux-5.19.10/
DMAINTAINERS9887 INTEGRITY MEASUREMENT ARCHITECTURE (IMA)