On 2020-12-09 11:42:11, Tushar Sugandhi wrote:Thanks for the review.
From: Lakshmi Ramasubramanian <nramas@xxxxxxxxxxxxxxxxxxx>
Define a new critical data builtin policy to allow measuring
early kernel integrity critical data before a custom IMA policy
is loaded.
Add critical data to built-in IMA rules if the kernel command line
contains "ima_policy=critical_data".
Update the documentation on kernel parameters to document
the new critical data builtin policy.
Signed-off-by: Lakshmi Ramasubramanian <nramas@xxxxxxxxxxxxxxxxxxx>
Reviewed-by: Tyler Hicks <tyhicks@xxxxxxxxxxxxxxxxxxx>
Tyler