]> www.infradead.org Git - users/jedix/linux-maple.git/commit
projects / users / jedix / linux-maple.git / commit
summary | shortlog | log | commit | commitdiff | tree
(parent: 31f8c86) | patch
scripts: add boot policy generation program
authorDeven Bowers <deven.desai@linux.microsoft.com>
Sat, 3 Aug 2024 06:08:31 +0000 (23:08 -0700)
committerPaul Moore <paul@paul-moore.com>
Tue, 20 Aug 2024 18:03:39 +0000 (14:03 -0400)
commitba199dc909a20fe62270ae4e93f263987bb9d119
tree497a4893e9b186438a37fbcab53cb1900480065ftree
parent31f8c8682f30720be25e9b1021caa43c64e8d9cecommit | diff
scripts: add boot policy generation program

Enables an IPE policy to be enforced from kernel start, enabling access
control based on trust from kernel startup. This is accomplished by
transforming an IPE policy indicated by CONFIG_IPE_BOOT_POLICY into a
c-string literal that is parsed at kernel startup as an unsigned policy.

Signed-off-by: Deven Bowers <deven.desai@linux.microsoft.com>
Signed-off-by: Fan Wu <wufan@linux.microsoft.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
scripts/Makefile diff | blob | history
scripts/ipe/Makefile [new file with mode: 0644] blob
scripts/ipe/polgen/.gitignore [new file with mode: 0644] blob
scripts/ipe/polgen/Makefile [new file with mode: 0644] blob
scripts/ipe/polgen/polgen.c [new file with mode: 0644] blob
security/ipe/.gitignore [new file with mode: 0644] blob
security/ipe/Kconfig diff | blob | history
security/ipe/Makefile diff | blob | history
security/ipe/fs.c diff | blob | history
security/ipe/ipe.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.