1 files changed, 61 insertions, 0 deletions
diff --git a/Documentation/ABI/testing/ima_policy b/Documentation/ABI/testing/ima_policy
new file mode 100644
index 000000000000..6434f0df012e
--- /dev/null
+++ b/Documentation/ABI/testing/ima_policy
@@ -0,0 +1,61 @@
+What:           security/ima/policy
+Date:           May 2008
+Contact:        Mimi Zohar <zohar@us.ibm.com>
+Description:
+                The Trusted Computing Group(TCG) runtime Integrity
+                Measurement Architecture(IMA) maintains a list of hash
+                values of executables and other sensitive system files
+                loaded into the run-time of this system.  At runtime,
+                the policy can be constrained based on LSM specific data.
+                Policies are loaded into the securityfs file ima/policy
+                by opening the file, writing the rules one at a time and
+                then closing the file.  The new policy takes effect after
+                the file ima/policy is closed.
+                rule format: action [condition ...]
+                action: measure | dont_measure
+                condition:= base | lsm
+                        base:   [[func=] [mask=] [fsmagic=] [uid=]]
+                        lsm:    [[subj_user=] [subj_role=] [subj_type=]
+                                 [obj_user=] [obj_role=] [obj_type=]]
+                base:   func:= [BPRM_CHECK][FILE_MMAP][INODE_PERMISSION]
+                        mask:= [MAY_READ] [MAY_WRITE] [MAY_APPEND] [MAY_EXEC]
+                        fsmagic:= hex value
+                        uid:= decimal value
+                lsm:    are LSM specific
+                default policy:
+                        # PROC_SUPER_MAGIC
+                        dont_measure fsmagic=0x9fa0
+                        # SYSFS_MAGIC
+                        dont_measure fsmagic=0x62656572
+                        # DEBUGFS_MAGIC
+                        dont_measure fsmagic=0x64626720
+                        # TMPFS_MAGIC
+                        dont_measure fsmagic=0x01021994
+                        # SECURITYFS_MAGIC
+                        dont_measure fsmagic=0x73636673
+                        measure func=BPRM_CHECK
+                        measure func=FILE_MMAP mask=MAY_EXEC
+                        measure func=INODE_PERM mask=MAY_READ uid=0
+                The default policy measures all executables in bprm_check,
+                all files mmapped executable in file_mmap, and all files
+                open for read by root in inode_permission.
+                Examples of LSM specific definitions:
+                SELinux:
+                        # SELINUX_MAGIC
+                        dont_measure fsmagic=0xF97CFF8C
+                        dont_measure obj_type=var_log_t
+                        dont_measure obj_type=auditd_log_t
+                        measure subj_user=system_u func=INODE_PERM mask=MAY_READ
+                        measure subj_role=system_r func=INODE_PERM mask=MAY_READ
+                Smack:
+                        measure subj_user=_ func=INODE_PERM mask=MAY_READ

diff --git a/Documentation/ABI/testing/ima_policy b/Documentation/ABI/testing/ima_policy new file mode 100644 index 000000000000..6434f0df012e --- /dev/null +++ b/Documentation/ABI/testing/ima_policy
@@ -0,0 +1,61 @@
	1	What: security/ima/policy
	2	Date: May 2008
	3	Contact: Mimi Zohar <zohar@us.ibm.com>
	4	Description:
	5	The Trusted Computing Group(TCG) runtime Integrity
	6	Measurement Architecture(IMA) maintains a list of hash
	7	values of executables and other sensitive system files
	8	loaded into the run-time of this system. At runtime,
	9	the policy can be constrained based on LSM specific data.
	10	Policies are loaded into the securityfs file ima/policy
	11	by opening the file, writing the rules one at a time and
	12	then closing the file. The new policy takes effect after
	13	the file ima/policy is closed.
	14
	15	rule format: action [condition ...]
	16
	17	action: measure \| dont_measure
	18	condition:= base \| lsm
	19	base: [[func=] [mask=] [fsmagic=] [uid=]]
	20	lsm: [[subj_user=] [subj_role=] [subj_type=]
	21	[obj_user=] [obj_role=] [obj_type=]]
	22
	23	base: func:= [BPRM_CHECK][FILE_MMAP][INODE_PERMISSION]
	24	mask:= [MAY_READ] [MAY_WRITE] [MAY_APPEND] [MAY_EXEC]
	25	fsmagic:= hex value
	26	uid:= decimal value
	27	lsm: are LSM specific
	28
	29	default policy:
	30	# PROC_SUPER_MAGIC
	31	dont_measure fsmagic=0x9fa0
	32	# SYSFS_MAGIC
	33	dont_measure fsmagic=0x62656572
	34	# DEBUGFS_MAGIC
	35	dont_measure fsmagic=0x64626720
	36	# TMPFS_MAGIC
	37	dont_measure fsmagic=0x01021994
	38	# SECURITYFS_MAGIC
	39	dont_measure fsmagic=0x73636673
	40
	41	measure func=BPRM_CHECK
	42	measure func=FILE_MMAP mask=MAY_EXEC
	43	measure func=INODE_PERM mask=MAY_READ uid=0
	44
	45	The default policy measures all executables in bprm_check,
	46	all files mmapped executable in file_mmap, and all files
	47	open for read by root in inode_permission.
	48
	49	Examples of LSM specific definitions:
	50
	51	SELinux:
	52	# SELINUX_MAGIC
	53	dont_measure fsmagic=0xF97CFF8C
	54
	55	dont_measure obj_type=var_log_t
	56	dont_measure obj_type=auditd_log_t
	57	measure subj_user=system_u func=INODE_PERM mask=MAY_READ
	58	measure subj_role=system_r func=INODE_PERM mask=MAY_READ
	59
	60	Smack:
	61	measure subj_user=_ func=INODE_PERM mask=MAY_READ