166dbc325SMimi Zoharconfig EVM 266dbc325SMimi Zohar boolean "EVM support" 3a3aef94bSDmitry Kasatkin depends on SECURITY 4a3aef94bSDmitry Kasatkin select KEYS 5a3aef94bSDmitry Kasatkin select ENCRYPTED_KEYS 666dbc325SMimi Zohar select CRYPTO_HMAC 766dbc325SMimi Zohar select CRYPTO_SHA1 866dbc325SMimi Zohar default n 966dbc325SMimi Zohar help 1066dbc325SMimi Zohar EVM protects a file's security extended attributes against 1166dbc325SMimi Zohar integrity attacks. 1266dbc325SMimi Zohar 1366dbc325SMimi Zohar If you are unsure how to answer this question, answer N. 1474de6684SDmitry Kasatkin 15*d3b33679SDmitry Kasatkinif EVM 16*d3b33679SDmitry Kasatkin 17*d3b33679SDmitry Kasatkinmenu "EVM options" 18*d3b33679SDmitry Kasatkin 19*d3b33679SDmitry Kasatkinconfig EVM_ATTR_FSUUID 20*d3b33679SDmitry Kasatkin bool "FSUUID (version 2)" 21*d3b33679SDmitry Kasatkin default y 2274de6684SDmitry Kasatkin depends on EVM 2374de6684SDmitry Kasatkin help 24*d3b33679SDmitry Kasatkin Include filesystem UUID for HMAC calculation. 25*d3b33679SDmitry Kasatkin 26*d3b33679SDmitry Kasatkin Default value is 'selected', which is former version 2. 27*d3b33679SDmitry Kasatkin if 'not selected', it is former version 1 2874de6684SDmitry Kasatkin 2974de6684SDmitry Kasatkin WARNING: changing the HMAC calculation method or adding 3074de6684SDmitry Kasatkin additional info to the calculation, requires existing EVM 3174de6684SDmitry Kasatkin labeled file systems to be relabeled. 32*d3b33679SDmitry Kasatkin 33*d3b33679SDmitry Kasatkinendmenu 34*d3b33679SDmitry Kasatkin 35*d3b33679SDmitry Kasatkinendif 36