projects / deliverable / linux.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
ima: add support for measuring and appraising firmware
[deliverable/linux.git] / Documentation / ABI / testing / ima_policy
diff --git a/Documentation/ABI/testing/ima_policy b/Documentation/ABI/testing/ima_policy
index 4c3efe4348060a10d1282059967b3725f5f41e34..d0d0c578324c7437324d5a23f1536cc1f0f2a08d 100644 (file)
--- a/Documentation/ABI/testing/ima_policy
+++ b/Documentation/ABI/testing/ima_policy
@@ -26,6 +26,7 @@ Description:
                        option: [[appraise_type=]] [permit_directio]
 
                base:   func:= [BPRM_CHECK][MMAP_CHECK][FILE_CHECK][MODULE_CHECK]
+                               [FIRMWARE_CHECK]
                        mask:= [MAY_READ] [MAY_WRITE] [MAY_APPEND] [MAY_EXEC]
                        fsmagic:= hex value
                        fsuuid:= file system UUID (e.g 8bcbe394-4f13-4144-be8e-5aa9ea2ce2f6)
@@ -57,7 +58,8 @@ Description:
                        measure func=BPRM_CHECK
                        measure func=FILE_MMAP mask=MAY_EXEC
                        measure func=FILE_CHECK mask=MAY_READ uid=0
-                       measure func=MODULE_CHECK uid=0
+                       measure func=MODULE_CHECK
+                       measure func=FIRMWARE_CHECK
                        appraise fowner=0
 
                The default policy measures all executables in bprm_check,
Linux kernel - Deliverables
This page took 0.024224 seconds and 5 git commands to generate.