18c2ecf20Sopenharmony_ci# SPDX-License-Identifier: GPL-2.0-only
28c2ecf20Sopenharmony_ci# IBM Integrity Measurement Architecture
38c2ecf20Sopenharmony_ci#
48c2ecf20Sopenharmony_ciconfig IMA
58c2ecf20Sopenharmony_ci	bool "Integrity Measurement Architecture(IMA)"
68c2ecf20Sopenharmony_ci	select SECURITYFS
78c2ecf20Sopenharmony_ci	select CRYPTO
88c2ecf20Sopenharmony_ci	select CRYPTO_HMAC
98c2ecf20Sopenharmony_ci	select CRYPTO_SHA1
108c2ecf20Sopenharmony_ci	select CRYPTO_HASH_INFO
118c2ecf20Sopenharmony_ci	select TCG_TPM if HAS_IOMEM
128c2ecf20Sopenharmony_ci	select TCG_TIS if TCG_TPM && X86
138c2ecf20Sopenharmony_ci	select TCG_CRB if TCG_TPM && ACPI
148c2ecf20Sopenharmony_ci	select TCG_IBMVTPM if TCG_TPM && PPC_PSERIES
158c2ecf20Sopenharmony_ci	select INTEGRITY_AUDIT if AUDIT
168c2ecf20Sopenharmony_ci	help
178c2ecf20Sopenharmony_ci	  The Trusted Computing Group(TCG) runtime Integrity
188c2ecf20Sopenharmony_ci	  Measurement Architecture(IMA) maintains a list of hash
198c2ecf20Sopenharmony_ci	  values of executables and other sensitive system files,
208c2ecf20Sopenharmony_ci	  as they are read or executed. If an attacker manages
218c2ecf20Sopenharmony_ci	  to change the contents of an important system file
228c2ecf20Sopenharmony_ci	  being measured, we can tell.
238c2ecf20Sopenharmony_ci
248c2ecf20Sopenharmony_ci	  If your system has a TPM chip, then IMA also maintains
258c2ecf20Sopenharmony_ci	  an aggregate integrity value over this list inside the
268c2ecf20Sopenharmony_ci	  TPM hardware, so that the TPM can prove to a third party
278c2ecf20Sopenharmony_ci	  whether or not critical system files have been modified.
288c2ecf20Sopenharmony_ci	  Read <https://www.usenix.org/events/sec04/tech/sailer.html>
298c2ecf20Sopenharmony_ci	  to learn more about IMA.
308c2ecf20Sopenharmony_ci	  If unsure, say N.
318c2ecf20Sopenharmony_ci
328c2ecf20Sopenharmony_ciif IMA
338c2ecf20Sopenharmony_ci
348c2ecf20Sopenharmony_ciconfig IMA_KEXEC
358c2ecf20Sopenharmony_ci	bool "Enable carrying the IMA measurement list across a soft boot"
368c2ecf20Sopenharmony_ci	depends on TCG_TPM && HAVE_IMA_KEXEC
378c2ecf20Sopenharmony_ci	default n
388c2ecf20Sopenharmony_ci	help
398c2ecf20Sopenharmony_ci	   TPM PCRs are only reset on a hard reboot.  In order to validate
408c2ecf20Sopenharmony_ci	   a TPM's quote after a soft boot, the IMA measurement list of the
418c2ecf20Sopenharmony_ci	   running kernel must be saved and restored on boot.
428c2ecf20Sopenharmony_ci
438c2ecf20Sopenharmony_ci	   Depending on the IMA policy, the measurement list can grow to
448c2ecf20Sopenharmony_ci	   be very large.
458c2ecf20Sopenharmony_ci
468c2ecf20Sopenharmony_ciconfig IMA_MEASURE_PCR_IDX
478c2ecf20Sopenharmony_ci	int
488c2ecf20Sopenharmony_ci	range 8 14
498c2ecf20Sopenharmony_ci	default 10
508c2ecf20Sopenharmony_ci	help
518c2ecf20Sopenharmony_ci	  IMA_MEASURE_PCR_IDX determines the TPM PCR register index
528c2ecf20Sopenharmony_ci	  that IMA uses to maintain the integrity aggregate of the
538c2ecf20Sopenharmony_ci	  measurement list.  If unsure, use the default 10.
548c2ecf20Sopenharmony_ci
558c2ecf20Sopenharmony_ciconfig IMA_LSM_RULES
568c2ecf20Sopenharmony_ci	bool
578c2ecf20Sopenharmony_ci	depends on AUDIT && (SECURITY_SELINUX || SECURITY_SMACK || SECURITY_APPARMOR)
588c2ecf20Sopenharmony_ci	default y
598c2ecf20Sopenharmony_ci	help
608c2ecf20Sopenharmony_ci	  Disabling this option will disregard LSM based policy rules.
618c2ecf20Sopenharmony_ci
628c2ecf20Sopenharmony_cichoice
638c2ecf20Sopenharmony_ci	prompt "Default template"
648c2ecf20Sopenharmony_ci	default IMA_NG_TEMPLATE
658c2ecf20Sopenharmony_ci	help
668c2ecf20Sopenharmony_ci	  Select the default IMA measurement template.
678c2ecf20Sopenharmony_ci
688c2ecf20Sopenharmony_ci	  The original 'ima' measurement list template contains a
698c2ecf20Sopenharmony_ci	  hash, defined as 20 bytes, and a null terminated pathname,
708c2ecf20Sopenharmony_ci	  limited to 255 characters.  The 'ima-ng' measurement list
718c2ecf20Sopenharmony_ci	  template permits both larger hash digests and longer
728c2ecf20Sopenharmony_ci	  pathnames. The configured default template can be replaced
738c2ecf20Sopenharmony_ci	  by specifying "ima_template=" on the boot command line.
748c2ecf20Sopenharmony_ci
758c2ecf20Sopenharmony_ci	config IMA_NG_TEMPLATE
768c2ecf20Sopenharmony_ci		bool "ima-ng (default)"
778c2ecf20Sopenharmony_ci	config IMA_SIG_TEMPLATE
788c2ecf20Sopenharmony_ci		bool "ima-sig"
798c2ecf20Sopenharmony_ciendchoice
808c2ecf20Sopenharmony_ci
818c2ecf20Sopenharmony_ciconfig IMA_DEFAULT_TEMPLATE
828c2ecf20Sopenharmony_ci	string
838c2ecf20Sopenharmony_ci	default "ima-ng" if IMA_NG_TEMPLATE
848c2ecf20Sopenharmony_ci	default "ima-sig" if IMA_SIG_TEMPLATE
858c2ecf20Sopenharmony_ci
868c2ecf20Sopenharmony_cichoice
878c2ecf20Sopenharmony_ci	prompt "Default integrity hash algorithm"
888c2ecf20Sopenharmony_ci	default IMA_DEFAULT_HASH_SHA1
898c2ecf20Sopenharmony_ci	help
908c2ecf20Sopenharmony_ci	   Select the default hash algorithm used for the measurement
918c2ecf20Sopenharmony_ci	   list, integrity appraisal and audit log.  The compiled default
928c2ecf20Sopenharmony_ci	   hash algorithm can be overwritten using the kernel command
938c2ecf20Sopenharmony_ci	   line 'ima_hash=' option.
948c2ecf20Sopenharmony_ci
958c2ecf20Sopenharmony_ci	config IMA_DEFAULT_HASH_SHA1
968c2ecf20Sopenharmony_ci		bool "SHA1 (default)"
978c2ecf20Sopenharmony_ci		depends on CRYPTO_SHA1=y
988c2ecf20Sopenharmony_ci
998c2ecf20Sopenharmony_ci	config IMA_DEFAULT_HASH_SHA256
1008c2ecf20Sopenharmony_ci		bool "SHA256"
1018c2ecf20Sopenharmony_ci		depends on CRYPTO_SHA256=y
1028c2ecf20Sopenharmony_ci
1038c2ecf20Sopenharmony_ci	config IMA_DEFAULT_HASH_SHA512
1048c2ecf20Sopenharmony_ci		bool "SHA512"
1058c2ecf20Sopenharmony_ci		depends on CRYPTO_SHA512=y
1068c2ecf20Sopenharmony_ci
1078c2ecf20Sopenharmony_ci	config IMA_DEFAULT_HASH_WP512
1088c2ecf20Sopenharmony_ci		bool "WP512"
1098c2ecf20Sopenharmony_ci		depends on CRYPTO_WP512=y
1108c2ecf20Sopenharmony_ci
1118c2ecf20Sopenharmony_ci	config IMA_DEFAULT_HASH_SM3
1128c2ecf20Sopenharmony_ci		bool "SM3"
1138c2ecf20Sopenharmony_ci		depends on CRYPTO_SM3=y
1148c2ecf20Sopenharmony_ciendchoice
1158c2ecf20Sopenharmony_ci
1168c2ecf20Sopenharmony_ciconfig IMA_DEFAULT_HASH
1178c2ecf20Sopenharmony_ci	string
1188c2ecf20Sopenharmony_ci	default "sha1" if IMA_DEFAULT_HASH_SHA1
1198c2ecf20Sopenharmony_ci	default "sha256" if IMA_DEFAULT_HASH_SHA256
1208c2ecf20Sopenharmony_ci	default "sha512" if IMA_DEFAULT_HASH_SHA512
1218c2ecf20Sopenharmony_ci	default "wp512" if IMA_DEFAULT_HASH_WP512
1228c2ecf20Sopenharmony_ci	default "sm3" if IMA_DEFAULT_HASH_SM3
1238c2ecf20Sopenharmony_ci
1248c2ecf20Sopenharmony_ciconfig IMA_WRITE_POLICY
1258c2ecf20Sopenharmony_ci	bool "Enable multiple writes to the IMA policy"
1268c2ecf20Sopenharmony_ci	default n
1278c2ecf20Sopenharmony_ci	help
1288c2ecf20Sopenharmony_ci	  IMA policy can now be updated multiple times.  The new rules get
1298c2ecf20Sopenharmony_ci	  appended to the original policy.  Have in mind that the rules are
1308c2ecf20Sopenharmony_ci	  scanned in FIFO order so be careful when you design and add new ones.
1318c2ecf20Sopenharmony_ci
1328c2ecf20Sopenharmony_ci	  If unsure, say N.
1338c2ecf20Sopenharmony_ci
1348c2ecf20Sopenharmony_ciconfig IMA_READ_POLICY
1358c2ecf20Sopenharmony_ci	bool "Enable reading back the current IMA policy"
1368c2ecf20Sopenharmony_ci	default y if IMA_WRITE_POLICY
1378c2ecf20Sopenharmony_ci	default n if !IMA_WRITE_POLICY
1388c2ecf20Sopenharmony_ci	help
1398c2ecf20Sopenharmony_ci	   It is often useful to be able to read back the IMA policy.  It is
1408c2ecf20Sopenharmony_ci	   even more important after introducing CONFIG_IMA_WRITE_POLICY.
1418c2ecf20Sopenharmony_ci	   This option allows the root user to see the current policy rules.
1428c2ecf20Sopenharmony_ci
1438c2ecf20Sopenharmony_ciconfig IMA_APPRAISE
1448c2ecf20Sopenharmony_ci	bool "Appraise integrity measurements"
1458c2ecf20Sopenharmony_ci	default n
1468c2ecf20Sopenharmony_ci	help
1478c2ecf20Sopenharmony_ci	  This option enables local measurement integrity appraisal.
1488c2ecf20Sopenharmony_ci	  It requires the system to be labeled with a security extended
1498c2ecf20Sopenharmony_ci	  attribute containing the file hash measurement.  To protect
1508c2ecf20Sopenharmony_ci	  the security extended attributes from offline attack, enable
1518c2ecf20Sopenharmony_ci	  and configure EVM.
1528c2ecf20Sopenharmony_ci
1538c2ecf20Sopenharmony_ci	  For more information on integrity appraisal refer to:
1548c2ecf20Sopenharmony_ci	  <http://linux-ima.sourceforge.net>
1558c2ecf20Sopenharmony_ci	  If unsure, say N.
1568c2ecf20Sopenharmony_ci
1578c2ecf20Sopenharmony_ciconfig IMA_ARCH_POLICY
1588c2ecf20Sopenharmony_ci        bool "Enable loading an IMA architecture specific policy"
1598c2ecf20Sopenharmony_ci        depends on (KEXEC_SIG && IMA) || IMA_APPRAISE \
1608c2ecf20Sopenharmony_ci		   && INTEGRITY_ASYMMETRIC_KEYS
1618c2ecf20Sopenharmony_ci        default n
1628c2ecf20Sopenharmony_ci        help
1638c2ecf20Sopenharmony_ci          This option enables loading an IMA architecture specific policy
1648c2ecf20Sopenharmony_ci          based on run time secure boot flags.
1658c2ecf20Sopenharmony_ci
1668c2ecf20Sopenharmony_ciconfig IMA_APPRAISE_BUILD_POLICY
1678c2ecf20Sopenharmony_ci	bool "IMA build time configured policy rules"
1688c2ecf20Sopenharmony_ci	depends on IMA_APPRAISE && INTEGRITY_ASYMMETRIC_KEYS
1698c2ecf20Sopenharmony_ci	default n
1708c2ecf20Sopenharmony_ci	help
1718c2ecf20Sopenharmony_ci	  This option defines an IMA appraisal policy at build time, which
1728c2ecf20Sopenharmony_ci	  is enforced at run time without having to specify a builtin
1738c2ecf20Sopenharmony_ci	  policy name on the boot command line.  The build time appraisal
1748c2ecf20Sopenharmony_ci	  policy rules persist after loading a custom policy.
1758c2ecf20Sopenharmony_ci
1768c2ecf20Sopenharmony_ci	  Depending on the rules configured, this policy may require kernel
1778c2ecf20Sopenharmony_ci	  modules, firmware, the kexec kernel image, and/or the IMA policy
1788c2ecf20Sopenharmony_ci	  to be signed.  Unsigned files might prevent the system from
1798c2ecf20Sopenharmony_ci	  booting or applications from working properly.
1808c2ecf20Sopenharmony_ci
1818c2ecf20Sopenharmony_ciconfig IMA_APPRAISE_REQUIRE_FIRMWARE_SIGS
1828c2ecf20Sopenharmony_ci	bool "Appraise firmware signatures"
1838c2ecf20Sopenharmony_ci	depends on IMA_APPRAISE_BUILD_POLICY
1848c2ecf20Sopenharmony_ci	default n
1858c2ecf20Sopenharmony_ci	help
1868c2ecf20Sopenharmony_ci	  This option defines a policy requiring all firmware to be signed,
1878c2ecf20Sopenharmony_ci	  including the regulatory.db.  If both this option and
1888c2ecf20Sopenharmony_ci	  CFG80211_REQUIRE_SIGNED_REGDB are enabled, then both signature
1898c2ecf20Sopenharmony_ci	  verification methods are necessary.
1908c2ecf20Sopenharmony_ci
1918c2ecf20Sopenharmony_ciconfig IMA_APPRAISE_REQUIRE_KEXEC_SIGS
1928c2ecf20Sopenharmony_ci	bool "Appraise kexec kernel image signatures"
1938c2ecf20Sopenharmony_ci	depends on IMA_APPRAISE_BUILD_POLICY
1948c2ecf20Sopenharmony_ci	default n
1958c2ecf20Sopenharmony_ci	help
1968c2ecf20Sopenharmony_ci	  Enabling this rule will require all kexec'ed kernel images to
1978c2ecf20Sopenharmony_ci	  be signed and verified by a public key on the trusted IMA
1988c2ecf20Sopenharmony_ci	  keyring.
1998c2ecf20Sopenharmony_ci
2008c2ecf20Sopenharmony_ci	  Kernel image signatures can not be verified by the original
2018c2ecf20Sopenharmony_ci	  kexec_load syscall.  Enabling this rule will prevent its
2028c2ecf20Sopenharmony_ci	  usage.
2038c2ecf20Sopenharmony_ci
2048c2ecf20Sopenharmony_ciconfig IMA_APPRAISE_REQUIRE_MODULE_SIGS
2058c2ecf20Sopenharmony_ci	bool "Appraise kernel modules signatures"
2068c2ecf20Sopenharmony_ci	depends on IMA_APPRAISE_BUILD_POLICY
2078c2ecf20Sopenharmony_ci	default n
2088c2ecf20Sopenharmony_ci	help
2098c2ecf20Sopenharmony_ci	  Enabling this rule will require all kernel modules to be signed
2108c2ecf20Sopenharmony_ci	  and verified by a public key on the trusted IMA keyring.
2118c2ecf20Sopenharmony_ci
2128c2ecf20Sopenharmony_ci	  Kernel module signatures can only be verified by IMA-appraisal,
2138c2ecf20Sopenharmony_ci	  via the finit_module syscall. Enabling this rule will prevent
2148c2ecf20Sopenharmony_ci	  the usage of the init_module syscall.
2158c2ecf20Sopenharmony_ci
2168c2ecf20Sopenharmony_ciconfig IMA_APPRAISE_REQUIRE_POLICY_SIGS
2178c2ecf20Sopenharmony_ci	bool "Appraise IMA policy signature"
2188c2ecf20Sopenharmony_ci	depends on IMA_APPRAISE_BUILD_POLICY
2198c2ecf20Sopenharmony_ci	default n
2208c2ecf20Sopenharmony_ci	help
2218c2ecf20Sopenharmony_ci	  Enabling this rule will require the IMA policy to be signed and
2228c2ecf20Sopenharmony_ci	  and verified by a key on the trusted IMA keyring.
2238c2ecf20Sopenharmony_ci
2248c2ecf20Sopenharmony_ciconfig IMA_APPRAISE_BOOTPARAM
2258c2ecf20Sopenharmony_ci	bool "ima_appraise boot parameter"
2268c2ecf20Sopenharmony_ci	depends on IMA_APPRAISE
2278c2ecf20Sopenharmony_ci	default y
2288c2ecf20Sopenharmony_ci	help
2298c2ecf20Sopenharmony_ci	  This option enables the different "ima_appraise=" modes
2308c2ecf20Sopenharmony_ci	  (eg. fix, log) from the boot command line.
2318c2ecf20Sopenharmony_ci
2328c2ecf20Sopenharmony_ciconfig IMA_APPRAISE_MODSIG
2338c2ecf20Sopenharmony_ci	bool "Support module-style signatures for appraisal"
2348c2ecf20Sopenharmony_ci	depends on IMA_APPRAISE
2358c2ecf20Sopenharmony_ci	depends on INTEGRITY_ASYMMETRIC_KEYS
2368c2ecf20Sopenharmony_ci	select PKCS7_MESSAGE_PARSER
2378c2ecf20Sopenharmony_ci	select MODULE_SIG_FORMAT
2388c2ecf20Sopenharmony_ci	default n
2398c2ecf20Sopenharmony_ci	help
2408c2ecf20Sopenharmony_ci	   Adds support for signatures appended to files. The format of the
2418c2ecf20Sopenharmony_ci	   appended signature is the same used for signed kernel modules.
2428c2ecf20Sopenharmony_ci	   The modsig keyword can be used in the IMA policy to allow a hook
2438c2ecf20Sopenharmony_ci	   to accept such signatures.
2448c2ecf20Sopenharmony_ci
2458c2ecf20Sopenharmony_ciconfig IMA_KEYRINGS_PERMIT_SIGNED_BY_BUILTIN_OR_SECONDARY
2468c2ecf20Sopenharmony_ci	bool "Permit keys validly signed by a built-in or secondary CA cert (EXPERIMENTAL)"
2478c2ecf20Sopenharmony_ci	depends on SYSTEM_TRUSTED_KEYRING
2488c2ecf20Sopenharmony_ci	depends on SECONDARY_TRUSTED_KEYRING
2498c2ecf20Sopenharmony_ci	depends on INTEGRITY_ASYMMETRIC_KEYS
2508c2ecf20Sopenharmony_ci	select INTEGRITY_TRUSTED_KEYRING
2518c2ecf20Sopenharmony_ci	default n
2528c2ecf20Sopenharmony_ci	help
2538c2ecf20Sopenharmony_ci	  Keys may be added to the IMA or IMA blacklist keyrings, if the
2548c2ecf20Sopenharmony_ci	  key is validly signed by a CA cert in the system built-in or
2558c2ecf20Sopenharmony_ci	  secondary trusted keyrings.
2568c2ecf20Sopenharmony_ci
2578c2ecf20Sopenharmony_ci	  Intermediate keys between those the kernel has compiled in and the
2588c2ecf20Sopenharmony_ci	  IMA keys to be added may be added to the system secondary keyring,
2598c2ecf20Sopenharmony_ci	  provided they are validly signed by a key already resident in the
2608c2ecf20Sopenharmony_ci	  built-in or secondary trusted keyrings.
2618c2ecf20Sopenharmony_ci
2628c2ecf20Sopenharmony_ciconfig IMA_BLACKLIST_KEYRING
2638c2ecf20Sopenharmony_ci	bool "Create IMA machine owner blacklist keyrings (EXPERIMENTAL)"
2648c2ecf20Sopenharmony_ci	depends on SYSTEM_TRUSTED_KEYRING
2658c2ecf20Sopenharmony_ci	depends on INTEGRITY_TRUSTED_KEYRING
2668c2ecf20Sopenharmony_ci	default n
2678c2ecf20Sopenharmony_ci	help
2688c2ecf20Sopenharmony_ci	   This option creates an IMA blacklist keyring, which contains all
2698c2ecf20Sopenharmony_ci	   revoked IMA keys.  It is consulted before any other keyring.  If
2708c2ecf20Sopenharmony_ci	   the search is successful the requested operation is rejected and
2718c2ecf20Sopenharmony_ci	   an error is returned to the caller.
2728c2ecf20Sopenharmony_ci
2738c2ecf20Sopenharmony_ciconfig IMA_LOAD_X509
2748c2ecf20Sopenharmony_ci	bool "Load X509 certificate onto the '.ima' trusted keyring"
2758c2ecf20Sopenharmony_ci	depends on INTEGRITY_TRUSTED_KEYRING
2768c2ecf20Sopenharmony_ci	default n
2778c2ecf20Sopenharmony_ci	help
2788c2ecf20Sopenharmony_ci	   File signature verification is based on the public keys
2798c2ecf20Sopenharmony_ci	   loaded on the .ima trusted keyring. These public keys are
2808c2ecf20Sopenharmony_ci	   X509 certificates signed by a trusted key on the
2818c2ecf20Sopenharmony_ci	   .system keyring.  This option enables X509 certificate
2828c2ecf20Sopenharmony_ci	   loading from the kernel onto the '.ima' trusted keyring.
2838c2ecf20Sopenharmony_ci
2848c2ecf20Sopenharmony_ciconfig IMA_X509_PATH
2858c2ecf20Sopenharmony_ci	string "IMA X509 certificate path"
2868c2ecf20Sopenharmony_ci	depends on IMA_LOAD_X509
2878c2ecf20Sopenharmony_ci	default "/etc/keys/x509_ima.der"
2888c2ecf20Sopenharmony_ci	help
2898c2ecf20Sopenharmony_ci	   This option defines IMA X509 certificate path.
2908c2ecf20Sopenharmony_ci
2918c2ecf20Sopenharmony_ciconfig IMA_APPRAISE_SIGNED_INIT
2928c2ecf20Sopenharmony_ci	bool "Require signed user-space initialization"
2938c2ecf20Sopenharmony_ci	depends on IMA_LOAD_X509
2948c2ecf20Sopenharmony_ci	default n
2958c2ecf20Sopenharmony_ci	help
2968c2ecf20Sopenharmony_ci	   This option requires user-space init to be signed.
2978c2ecf20Sopenharmony_ci
2988c2ecf20Sopenharmony_ciconfig IMA_MEASURE_ASYMMETRIC_KEYS
2998c2ecf20Sopenharmony_ci	bool
3008c2ecf20Sopenharmony_ci	depends on ASYMMETRIC_PUBLIC_KEY_SUBTYPE=y
3018c2ecf20Sopenharmony_ci	default y
3028c2ecf20Sopenharmony_ci
3038c2ecf20Sopenharmony_ciconfig IMA_QUEUE_EARLY_BOOT_KEYS
3048c2ecf20Sopenharmony_ci	bool
3058c2ecf20Sopenharmony_ci	depends on IMA_MEASURE_ASYMMETRIC_KEYS
3068c2ecf20Sopenharmony_ci	depends on SYSTEM_TRUSTED_KEYRING
3078c2ecf20Sopenharmony_ci	default y
3088c2ecf20Sopenharmony_ci
3098c2ecf20Sopenharmony_ciconfig IMA_SECURE_AND_OR_TRUSTED_BOOT
3108c2ecf20Sopenharmony_ci       bool
3118c2ecf20Sopenharmony_ci       depends on IMA_ARCH_POLICY
3128c2ecf20Sopenharmony_ci       help
3138c2ecf20Sopenharmony_ci          This option is selected by architectures to enable secure and/or
3148c2ecf20Sopenharmony_ci          trusted boot based on IMA runtime policies.
3158c2ecf20Sopenharmony_ci
3168c2ecf20Sopenharmony_ciendif
317