diff options
Diffstat (limited to 'Documentation/ABI/testing/ima_policy')
| -rw-r--r-- | Documentation/ABI/testing/ima_policy | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/Documentation/ABI/testing/ima_policy b/Documentation/ABI/testing/ima_policy index 4c3efe434806..d0d0c578324c 100644 --- a/Documentation/ABI/testing/ima_policy +++ b/Documentation/ABI/testing/ima_policy | |||
| @@ -26,6 +26,7 @@ Description: | |||
| 26 | option: [[appraise_type=]] [permit_directio] | 26 | option: [[appraise_type=]] [permit_directio] |
| 27 | 27 | ||
| 28 | base: func:= [BPRM_CHECK][MMAP_CHECK][FILE_CHECK][MODULE_CHECK] | 28 | base: func:= [BPRM_CHECK][MMAP_CHECK][FILE_CHECK][MODULE_CHECK] |
| 29 | [FIRMWARE_CHECK] | ||
| 29 | mask:= [MAY_READ] [MAY_WRITE] [MAY_APPEND] [MAY_EXEC] | 30 | mask:= [MAY_READ] [MAY_WRITE] [MAY_APPEND] [MAY_EXEC] |
| 30 | fsmagic:= hex value | 31 | fsmagic:= hex value |
| 31 | fsuuid:= file system UUID (e.g 8bcbe394-4f13-4144-be8e-5aa9ea2ce2f6) | 32 | fsuuid:= file system UUID (e.g 8bcbe394-4f13-4144-be8e-5aa9ea2ce2f6) |
| @@ -57,7 +58,8 @@ Description: | |||
| 57 | measure func=BPRM_CHECK | 58 | measure func=BPRM_CHECK |
| 58 | measure func=FILE_MMAP mask=MAY_EXEC | 59 | measure func=FILE_MMAP mask=MAY_EXEC |
| 59 | measure func=FILE_CHECK mask=MAY_READ uid=0 | 60 | measure func=FILE_CHECK mask=MAY_READ uid=0 |
| 60 | measure func=MODULE_CHECK uid=0 | 61 | measure func=MODULE_CHECK |
| 62 | measure func=FIRMWARE_CHECK | ||
| 61 | appraise fowner=0 | 63 | appraise fowner=0 |
| 62 | 64 | ||
| 63 | The default policy measures all executables in bprm_check, | 65 | The default policy measures all executables in bprm_check, |