From 534d76fa634adc6c7c0b076b67025fd082a8a90c Mon Sep 17 00:00:00 2001
From: Holger Dengler <dengler@linutronix.de>
Date: Sun, 19 Nov 2017 18:21:29 +0100
Subject: secureboot

Signed-off-by: Holger Dengler <dengler@linutronix.de>
---
 security/secureboot/frm_secboot_linux.tex | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)
 create mode 100644 security/secureboot/frm_secboot_linux.tex

(limited to 'security/secureboot/frm_secboot_linux.tex')

diff --git a/security/secureboot/frm_secboot_linux.tex b/security/secureboot/frm_secboot_linux.tex
new file mode 100644
index 0000000..73364ee
--- /dev/null
+++ b/security/secureboot/frm_secboot_linux.tex
@@ -0,0 +1,25 @@
+% ----------------------------
+\subsection{Linux}
+
+% ----------------------------
+\begin{frame}[fragile]
+\frametitle{Linux Integrity Targets}
+\begin{itemize}
+\item Kernel Parameters
+ \begin{itemize}
+ \item Append only
+ \item Devicetree
+ \end{itemize}
+\item Signed Modules (enforced)
+\item Filesystem Integrity
+ \begin{itemize}
+ \item IMA/EVM: Hash/Signature per File
+ \item dm-verity: Hashtree per Block-Device
+ \end{itemize}
+\item Mandatory Access Control
+ \begin{itemize}
+ \item SELinux/SMACK
+ \item Tomoyo/AppArmor
+ \end{itemize}
+\end{itemize}
+\end{frame}
-- 
cgit v1.2.3