Commit ac673187 authored by Deven Bowers's avatar Deven Bowers Committed by Paul Moore

documentation: add IPE documentation

Add IPE's admin and developer documentation to the kernel tree.
Co-developed-by: default avatarFan Wu <wufan@linux.microsoft.com>
Signed-off-by: default avatarDeven Bowers <deven.desai@linux.microsoft.com>
Signed-off-by: default avatarFan Wu <wufan@linux.microsoft.com>
Signed-off-by: default avatarPaul Moore <paul@paul-moore.com>
parent 10ca05a7
...@@ -47,3 +47,4 @@ subdirectories. ...@@ -47,3 +47,4 @@ subdirectories.
tomoyo tomoyo
Yama Yama
SafeSetID SafeSetID
ipe
This diff is collapsed.
...@@ -2350,6 +2350,18 @@ ...@@ -2350,6 +2350,18 @@
ipcmni_extend [KNL,EARLY] Extend the maximum number of unique System V ipcmni_extend [KNL,EARLY] Extend the maximum number of unique System V
IPC identifiers from 32,768 to 16,777,216. IPC identifiers from 32,768 to 16,777,216.
ipe.enforce= [IPE]
Format: <bool>
Determine whether IPE starts in permissive (0) or
enforce (1) mode. The default is enforce.
ipe.success_audit=
[IPE]
Format: <bool>
Start IPE with success auditing enabled, emitting
an audit event when a binary is allowed. The default
is 0.
irqaffinity= [SMP] Set the default irq affinity mask irqaffinity= [SMP] Set the default irq affinity mask
The argument is a cpu list, as described above. The argument is a cpu list, as described above.
......
...@@ -92,7 +92,9 @@ authenticating fs-verity file hashes include: ...@@ -92,7 +92,9 @@ authenticating fs-verity file hashes include:
"IPE policy" specifically allows for the authorization of fs-verity "IPE policy" specifically allows for the authorization of fs-verity
files using properties ``fsverity_digest`` for identifying files using properties ``fsverity_digest`` for identifying
files by their verity digest, and ``fsverity_signature`` to authorize files by their verity digest, and ``fsverity_signature`` to authorize
files with a verified fs-verity's built-in signature. files with a verified fs-verity's built-in signature. For
details on configuring IPE policies and understanding its operational
modes, please refer to :doc:`IPE admin guide </admin-guide/LSM/ipe>`.
- Trusted userspace code in combination with `Built-in signature - Trusted userspace code in combination with `Built-in signature
verification`_. This approach should be used only with great care. verification`_. This approach should be used only with great care.
...@@ -508,6 +510,8 @@ be carefully considered before using them: ...@@ -508,6 +510,8 @@ be carefully considered before using them:
files with a verified fs-verity builtin signature to perform certain files with a verified fs-verity builtin signature to perform certain
operations, such as execution. Note that IPE doesn't require operations, such as execution. Note that IPE doesn't require
fs.verity.require_signatures=1. fs.verity.require_signatures=1.
Please refer to :doc:`IPE admin guide </admin-guide/LSM/ipe>` for
more details.
- A file's builtin signature can only be set at the same time that - A file's builtin signature can only be set at the same time that
fs-verity is being enabled on the file. Changing or deleting the fs-verity is being enabled on the file. Changing or deleting the
......
...@@ -19,3 +19,4 @@ Security Documentation ...@@ -19,3 +19,4 @@ Security Documentation
digsig digsig
landlock landlock
secrets/index secrets/index
ipe
This diff is collapsed.
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment