Integrity Policy Enforcement (IPE)
modulename: boot_policy.ko
configname: CONFIG_SECURITY_IPE
Linux Kernel Configuration
└─>Security options
└─>Integrity Policy Enforcement (IPE)
In linux kernel since version 4.19.325 (release Date: 2024-12-05)
							This option enables the Integrity Policy Enforcement LSM
						
allowing users to define a policy to enforce a trust-based access
control. A key feature of IPE is a customizable policy to allow
admins to reconfigure trust requirements on the fly.
							
						
If unsure, answer N.
							
						
					
					allowing users to define a policy to enforce a trust-based access
control. A key feature of IPE is a customizable policy to allow
admins to reconfigure trust requirements on the fly.
If unsure, answer N.
source code:
selects
CONFIG_CRYPTO_LIB_SHA256CONFIG_PKCS7_MESSAGE_PARSER
CONFIG_SYSTEM_DATA_VERIFICATION
CONFIG_IPE_PROP_DM_VERITY
CONFIG_IPE_PROP_DM_VERITY_SIGNATURE
CONFIG_IPE_PROP_FS_VERITY
CONFIG_IPE_PROP_FS_VERITY_BUILTIN_SIG
