| Kconfig (ed32f8d42cee118b075e4372a55c7739a11094b2) | Kconfig (9044d627fd18f9fca49b62d4619ee14914b91464) |
|---|---|
| 1# SPDX-License-Identifier: GPL-2.0-only 2# IBM Integrity Measurement Architecture 3# 4config IMA 5 bool "Integrity Measurement Architecture(IMA)" 6 select SECURITYFS 7 select CRYPTO 8 select CRYPTO_HMAC --- 219 unchanged lines hidden (view full) --- 228config IMA_APPRAISE_BOOTPARAM 229 bool "ima_appraise boot parameter" 230 depends on IMA_APPRAISE && !IMA_ARCH_POLICY 231 default y 232 help 233 This option enables the different "ima_appraise=" modes 234 (eg. fix, log) from the boot command line. 235 | 1# SPDX-License-Identifier: GPL-2.0-only 2# IBM Integrity Measurement Architecture 3# 4config IMA 5 bool "Integrity Measurement Architecture(IMA)" 6 select SECURITYFS 7 select CRYPTO 8 select CRYPTO_HMAC --- 219 unchanged lines hidden (view full) --- 228config IMA_APPRAISE_BOOTPARAM 229 bool "ima_appraise boot parameter" 230 depends on IMA_APPRAISE && !IMA_ARCH_POLICY 231 default y 232 help 233 This option enables the different "ima_appraise=" modes 234 (eg. fix, log) from the boot command line. 235 |
| 236config IMA_APPRAISE_MODSIG 237 bool "Support module-style signatures for appraisal" 238 depends on IMA_APPRAISE 239 default n 240 help 241 Adds support for signatures appended to files. The format of the 242 appended signature is the same used for signed kernel modules. 243 The modsig keyword can be used in the IMA policy to allow a hook 244 to accept such signatures. 245 |
|
| 236config IMA_TRUSTED_KEYRING 237 bool "Require all keys on the .ima keyring be signed (deprecated)" 238 depends on IMA_APPRAISE && SYSTEM_TRUSTED_KEYRING 239 depends on INTEGRITY_ASYMMETRIC_KEYS 240 select INTEGRITY_TRUSTED_KEYRING 241 default y 242 help 243 This option requires that all keys added to the .ima --- 56 unchanged lines hidden --- | 246config IMA_TRUSTED_KEYRING 247 bool "Require all keys on the .ima keyring be signed (deprecated)" 248 depends on IMA_APPRAISE && SYSTEM_TRUSTED_KEYRING 249 depends on INTEGRITY_ASYMMETRIC_KEYS 250 select INTEGRITY_TRUSTED_KEYRING 251 default y 252 help 253 This option requires that all keys added to the .ima --- 56 unchanged lines hidden --- |