summaryrefslogtreecommitdiff
path: root/Documentation
diff options
context:
space:
mode:
authorJames Morris <james.l.morris@oracle.com>2014-07-26 10:40:28 +1000
committerJames Morris <james.l.morris@oracle.com>2014-07-26 10:40:28 +1000
commitf6fd5c84b9eb93ee6fbf028da87a32aeeecc5ee4 (patch)
tree1784d073fac0cb87b9811c43bde0dda3ba16d6ba /Documentation
parented3c4f8f862b9e79bafec3b85cde98c95807821e (diff)
parent5a9196d715607f76d6b7d96a0970d6065335e62b (diff)
downloadlinux-f6fd5c84b9eb93ee6fbf028da87a32aeeecc5ee4.tar.gz
linux-f6fd5c84b9eb93ee6fbf028da87a32aeeecc5ee4.tar.bz2
linux-f6fd5c84b9eb93ee6fbf028da87a32aeeecc5ee4.zip
Merge tag 'fw-restrict-3.17' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux into next
Diffstat (limited to 'Documentation')
-rw-r--r--Documentation/ABI/testing/ima_policy4
1 files changed, 3 insertions, 1 deletions
diff --git a/Documentation/ABI/testing/ima_policy b/Documentation/ABI/testing/ima_policy
index 4c3efe434806..d0d0c578324c 100644
--- a/Documentation/ABI/testing/ima_policy
+++ b/Documentation/ABI/testing/ima_policy
@@ -26,6 +26,7 @@ Description:
option: [[appraise_type=]] [permit_directio]
base: func:= [BPRM_CHECK][MMAP_CHECK][FILE_CHECK][MODULE_CHECK]
+ [FIRMWARE_CHECK]
mask:= [MAY_READ] [MAY_WRITE] [MAY_APPEND] [MAY_EXEC]
fsmagic:= hex value
fsuuid:= file system UUID (e.g 8bcbe394-4f13-4144-be8e-5aa9ea2ce2f6)
@@ -57,7 +58,8 @@ Description:
measure func=BPRM_CHECK
measure func=FILE_MMAP mask=MAY_EXEC
measure func=FILE_CHECK mask=MAY_READ uid=0
- measure func=MODULE_CHECK uid=0
+ measure func=MODULE_CHECK
+ measure func=FIRMWARE_CHECK
appraise fowner=0
The default policy measures all executables in bprm_check,