As IMA policy rules are added, a mask of the type of rule (eg. kexec
kernel image, firmware, IMA policy) is updated. Based on this mask,
integrity decisions can be made quickly.
Unlike custom IMA policy rules, which replace the original builtin
policy rules and update the mask, the builtin
As IMA policy rules are added, a mask of the type of rule (eg. kexec
kernel image, firmware, IMA policy) is updated. Based on this mask,
integrity decisions can be made quickly.
Unlike custom IMA policy rules, which replace the original builtin
policy rules and update the mask, the builtin
2 matches
Mail list logo