You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We need load (or reload) IMA policy at early stage of boot from initramfs, before real root will be mounted.
On modern kernels, with CONFIG_IMA_X509_PATH, no need load cert any more "manually", kernel will do this for us, but we still need store cert in initramfs.
Just in case if you will be interesting, here is the patch for basic IMA support what I am using now (don't include EVM support): ima-support-patch.txt
The text was updated successfully, but these errors were encountered:
For IMA support on modern kernels:
Just in case if you will be interesting, here is the patch for basic IMA support what I am using now (don't include EVM support): ima-support-patch.txt
The text was updated successfully, but these errors were encountered: