Searched refs:an (Results 1 – 11 of 11) sorted by relevance
21 as they are read or executed. If an attacker manages22 to change the contents of an important system file26 an aggregate integrity value over this list inside the159 bool "Enable loading an IMA architecture specific policy"164 This option enables loading an IMA architecture specific policy172 This option defines an IMA appraisal policy at build time, which270 This option creates an IMA blacklist keyring, which contains all273 an error is returned to the caller.332 If set to the default value of 0, an extra half page of memory for those
10 rejected. This is best used on systems without an initrd that35 The list of trusted verity can be populated through an ioctl
46 bool "Treat delivering signals as an append operation"52 will be an append operation instead. This makes it possible
60 bool "Load an X509 certificate onto the '.evm' trusted keyring"64 Load an X509 certificate onto the '.evm' trusted keyring.
8 SafeSetID is an LSM module that gates the setid family of syscalls to
6 Build support for an LSM that enforces a coarse kernel lockdown
197 To provide an additional layer of security, route all of these208 STATIC_USERMODEHELPER_PATH to an empty string.221 specify an empty string here (i.e. "").
253 to catch memory corruptions that are not guaranteed to result in an285 This can introduce the requirement of an additional information
28 This option specifies a filepath to an IPE policy that is compiled
166 static int vec_cmp(struct aa_profile **a, int an, struct aa_profile **b, int bn) in vec_cmp() argument174 AA_BUG(an <= 0); in vec_cmp()177 for (i = 0; i < an && i < bn; i++) { in vec_cmp()184 return an - bn; in vec_cmp()
38 filesystem in which each method needs to request an authentication
Completed in 12 milliseconds