Lines Matching full:measure
22 action: measure | dont_measure | appraise | dont_appraise |
52 when action is "measure" and func is KEY_CHECK.
54 (eg, ima-ng). Only valid when action is "measure".
58 For example, "selinux" to measure critical data for SELinux.
98 measure func=BPRM_CHECK
99 measure func=FILE_MMAP mask=MAY_EXEC
100 measure func=FILE_CHECK mask=MAY_READ uid=0
101 measure func=MODULE_CHECK
102 measure func=FIRMWARE_CHECK
118 measure subj_user=system_u func=FILE_CHECK mask=MAY_READ
119 measure subj_role=system_r func=FILE_CHECK mask=MAY_READ
123 measure subj_user=_ func=FILE_CHECK mask=MAY_READ
125 Example of measure rules using alternate PCRs::
127 measure func=KEXEC_KERNEL_CHECK pcr=4
128 measure func=KEXEC_INITRAMFS_CHECK pcr=5
134 Example of measure rule using KEY_CHECK to measure all keys:
136 measure func=KEY_CHECK
138 Example of measure rule using KEY_CHECK to only measure
141 measure func=KEY_CHECK keyrings=.builtin_trusted_keys|.ima