IMA: Load policy before testing

[pevik]

There are policy examples in testcases/kernel/security/integrity/ima/datafiles for ima_keys, ima_kexec and ima_policy. It'd be good to automatically load it for tests which don't load any policy to avoid TCONF.

Things are complicated by kernel compiled without CONFIG_IMA_READ_POLICY=y (we cannot check the policy) and CONFIG_IMA_WRITE_POLICY=y (we can load policy only once) and the fact that not all kernels have config installed (+ https://github.com/linux-test-project/ltp/issues/700 needs to be implemented).

Solution could be: after testing loading measure.policy-invalid in ima_policy.sh (which is supposed to fail) there would be loaded (as single policy file) policy containing measure.policy (currently tested in ima_policy.sh) and other policies (now kexec.policy and keycheck.policy), i.e. datafiles/*/*.policy.

There could be also equivalent of tcb policy for ima_measurements.sh (in case tcb policy is not loaded with ima_policy=tcb kernel parameter).

UPDATE: Mimi Zohar suggested that using overlay for loading specific IMA policy for each test could help (similar approach used in evm_overlay.sh).