Mimi Zohar 54f03916fb ima: permit fsverity's file digests in the IMA measurement list ... Permit fsverity's file digest (a hash of struct fsverity_descriptor) to be included in the IMA measurement list, based on the new measurement policy rule 'digest_type=verity' option. To differentiate between a regular IMA file hash from an fsverity's file digest, use the new d-ngv2 format field included in the ima-ngv2 template. The following policy rule requires fsverity file digests and specifies the new 'ima-ngv2' template, which contains the new 'd-ngv2' field. The policy rule may be constrained, for example based on a fsuuid or LSM label. measure func=FILE_CHECK digest_type=verity template=ima-ngv2 Acked-by: Stefan Berger <stefanb@linux.ibm.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>		2022-05-05 11:49:13 -04:00
..
keys	KEYS: encrypted: Instantiate key with user-provided decrypted data	2022-02-21 19:47:45 -05:00
tpm	Documentation: drop optional BOMs	2021-05-10 15:17:34 -06:00
credentials.rst	Documentation: remove current_security() reference	2020-09-09 11:33:59 -06:00
digsig.rst	docs: move digsig docs to the security book	2020-05-15 12:03:48 -06:00
IMA-templates.rst	ima: permit fsverity's file digests in the IMA measurement list	2022-05-05 11:49:13 -04:00
index.rst	landlock: Add user and kernel documentation	2021-04-22 12:22:11 -07:00
landlock.rst	docs: security: landlock.rst: avoid using ReST :doc:foo markup	2021-06-17 13:24:39 -06:00
lsm-development.rst	Documentation: Replace lkml.org links with lore	2021-01-11 12:47:38 -07:00
lsm.rst	Documentation: LSM: Correct the basic LSM description	2020-05-25 18:59:59 -06:00
sak.rst	docs: security: move some books to it and update	2019-07-15 11:03:01 -03:00
SCTP.rst	docs: fix 'make htmldocs' warning in SCTP.rst	2022-02-28 11:09:10 -05:00
self-protection.rst	docs: update self-protection __ro_after_init status	2021-12-10 14:02:06 -07:00
siphash.rst	crypto: lib/sha1 - rename "sha" to "sha1"	2020-05-08 15:32:17 +10:00