ima: extend the "ima_policy" boot command line to support multiple policies

			in crypto/hash_info.h.

	ima_policy=	[IMA]

			The builtin measurement policy to load during IMA

			setup.  Specyfing "tcb" as the value, measures all

			programs exec'd, files mmap'd for exec, and all files

			opened with the read mode bit set by either the

			effective uid (euid=0) or uid=0.

			Format: "tcb"

			The builtin policies to load during IMA setup.

			Format: "tcb | appraise_tcb"

			The "tcb" policy measures all programs exec'd, files

			mmap'd for exec, and all files opened with the read

			mode bit set by either the effective uid (euid=0) or

			uid=0.

			The "appraise_tcb" policy appraises the integrity of

			all files owned by root. (This is the equivalent

			of ima_appraise_tcb.)

	ima_tcb		[IMA] Deprecated.  Use ima_policy= instead.

			Load a policy which meets the needs of the Trusted

}

__setup("ima_tcb", default_measure_policy_setup);

static bool ima_use_appraise_tcb __initdata;

static int __init policy_setup(char *str)

{

	if (ima_policy)

		return 1;

	char *p;

	if (strcmp(str, "tcb") == 0)

	while ((p = strsep(&str, " |\n")) != NULL) {

		if (*p == ' ')

			continue;

		if ((strcmp(p, "tcb") == 0) && !ima_policy)

			ima_policy = DEFAULT_TCB;

		else if (strcmp(p, "appraise_tcb") == 0)

			ima_use_appraise_tcb = 1;

	}

	return 1;

}

__setup("ima_policy=", policy_setup);

static bool ima_use_appraise_tcb __initdata;

static int __init default_appraise_policy_setup(char *str)

{

	ima_use_appraise_tcb = 1;