54a88cd259
IPE's interpretation of the what the user trusts is accomplished through its policy. IPE's design is to not provide support for a single trust provider, but to support multiple providers to enable the end-user to choose the best one to seek their needs. This requires the policy to be rather flexible and modular so that integrity providers, like fs-verity, dm-verity, or some other system, can plug into the policy with minimal code changes. Signed-off-by: Deven Bowers <deven.desai@linux.microsoft.com> Signed-off-by: Fan Wu <wufan@linux.microsoft.com> [PM: added NULL check in parse_rule() as discussed] Signed-off-by: Paul Moore <paul@paul-moore.com>
12 lines
313 B
C
12 lines
313 B
C
/* SPDX-License-Identifier: GPL-2.0 */
|
|
/*
|
|
* Copyright (C) 2020-2024 Microsoft Corporation. All rights reserved.
|
|
*/
|
|
#ifndef _IPE_POLICY_PARSER_H
|
|
#define _IPE_POLICY_PARSER_H
|
|
|
|
int ipe_parse_policy(struct ipe_policy *p);
|
|
void ipe_free_parsed_policy(struct ipe_parsed_policy *p);
|
|
|
|
#endif /* _IPE_POLICY_PARSER_H */
|