ima: require secure_boot rules in lockdown mode
Require the "secure_boot" rules, whether or not it is specified
on the boot command line, for both the builtin and custom policies
in secure boot lockdown mode.
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Signed-off-by: David Howells <dhowells@redhat.com>
[bwh: Adjust context to apply after commits
6f0911a666d1
"ima: fix updating the ima_appraise flag" and
ef96837b0de4
"ima: add build time policy"]
Gbp-Pq: Topic features/all/lockdown
Gbp-Pq: Name 0003-ima-require-secure_boot-rules-in-lockdown-mode.patch
projects / linux.git / commit