Lines Matching refs:a
19 Measurement Architecture(IMA) maintains a list of hash
25 If your system has a TPM chip, then IMA also maintains
27 TPM hardware, so that the TPM can prove to a third party
36 bool "Enable carrying the IMA measurement list across a soft boot"
40 TPM PCRs are only reset on a hard reboot. In order to validate
41 a TPM's quote after a soft boot, the IMA measurement list of the
69 The original 'ima' measurement list template contains a
70 hash, defined as 20 bytes, and a null terminated pathname,
149 It requires the system to be labeled with a security extended
173 is enforced at run time without having to specify a builtin
175 policy rules persist after loading a custom policy.
187 This option defines a policy requiring all firmware to be signed,
198 be signed and verified by a public key on the trusted IMA
211 and verified by a public key on the trusted IMA keyring.
223 and verified by a key on the trusted IMA keyring.
243 The modsig keyword can be used in the IMA policy to allow a hook
247 bool "Permit keys validly signed by a built-in, machine (if configured) or secondary"
255 key is validly signed by a CA cert in the system built-in,
261 provided they are validly signed by a key already resident in the
282 X509 certificates signed by a trusted key on the