Lines Matching +full:- +full:- +full:disable +full:- +full:tpm

1 # SPDX-License-Identifier: GPL-2.0-only
24 	  If your system has a TPM chip, then IMA also maintains
26 	  TPM hardware, so that the TPM can prove to a third party
39 	   TPM PCRs are only reset on a hard reboot.  In order to validate
40 	   a TPM's quote after a soft boot, the IMA measurement list of the
51 	  IMA_MEASURE_PCR_IDX determines the TPM PCR register index
70 	  limited to 255 characters.  The 'ima-ng' measurement list
76 		bool "ima-ng (default)"
78 		bool "ima-sig"
83 	default "ima-ng" if IMA_NG_TEMPLATE
84 	default "ima-sig" if IMA_SIG_TEMPLATE
154 	  <http://linux-ima.sourceforge.net>
212 	  Kernel module signatures can only be verified by IMA-appraisal,
233 	bool "Support module-style signatures for appraisal"
246 	bool "Permit keys validly signed by a built-in or secondary CA cert (EXPERIMENTAL)"
254 	  key is validly signed by a CA cert in the system built-in or
261 	  built-in or secondary trusted keyrings.
293 	bool "Require signed user-space initialization"
297 	   This option requires user-space init to be signed.
318 	bool "Disable htable to allow measurement of duplicate records"