11da177e4SLinus Torvalds# 21da177e4SLinus Torvalds# Security configuration 31da177e4SLinus Torvalds# 41da177e4SLinus Torvalds 51da177e4SLinus Torvaldsmenu "Security options" 61da177e4SLinus Torvalds 71da177e4SLinus Torvaldsconfig KEYS 81da177e4SLinus Torvalds bool "Enable access key retention support" 91da177e4SLinus Torvalds help 101da177e4SLinus Torvalds This option provides support for retaining authentication tokens and 111da177e4SLinus Torvalds access keys in the kernel. 121da177e4SLinus Torvalds 131da177e4SLinus Torvalds It also includes provision of methods by which such keys might be 141da177e4SLinus Torvalds associated with a process so that network filesystems, encryption 151da177e4SLinus Torvalds support and the like can find them. 161da177e4SLinus Torvalds 171da177e4SLinus Torvalds Furthermore, a special type of key is available that acts as keyring: 181da177e4SLinus Torvalds a searchable sequence of keys. Each process is equipped with access 191da177e4SLinus Torvalds to five standard keyrings: UID-specific, GID-specific, session, 201da177e4SLinus Torvalds process and thread. 211da177e4SLinus Torvalds 221da177e4SLinus Torvalds If you are unsure as to whether this is required, answer N. 231da177e4SLinus Torvalds 241da177e4SLinus Torvaldsconfig KEYS_DEBUG_PROC_KEYS 2506ec7be5SMichael LeMay bool "Enable the /proc/keys file by which keys may be viewed" 261da177e4SLinus Torvalds depends on KEYS 271da177e4SLinus Torvalds help 2806ec7be5SMichael LeMay This option turns on support for the /proc/keys file - through which 2906ec7be5SMichael LeMay can be listed all the keys on the system that are viewable by the 3006ec7be5SMichael LeMay reading process. 311da177e4SLinus Torvalds 3206ec7be5SMichael LeMay The only keys included in the list are those that grant View 3306ec7be5SMichael LeMay permission to the reading process whether or not it possesses them. 3406ec7be5SMichael LeMay Note that LSM security checks are still performed, and may further 3506ec7be5SMichael LeMay filter out keys that the current process is not authorised to view. 3606ec7be5SMichael LeMay 3706ec7be5SMichael LeMay Only key attributes are listed here; key payloads are not included in 3806ec7be5SMichael LeMay the resulting table. 3906ec7be5SMichael LeMay 4006ec7be5SMichael LeMay If you are unsure as to whether this is required, answer N. 411da177e4SLinus Torvalds 421da177e4SLinus Torvaldsconfig SECURITY 431da177e4SLinus Torvalds bool "Enable different security models" 442c40579bSAdrian Bunk depends on SYSFS 451da177e4SLinus Torvalds help 461da177e4SLinus Torvalds This allows you to choose different security modules to be 471da177e4SLinus Torvalds configured into your kernel. 481da177e4SLinus Torvalds 491da177e4SLinus Torvalds If this option is not selected, the default Linux security 501da177e4SLinus Torvalds model will be used. 511da177e4SLinus Torvalds 521da177e4SLinus Torvalds If you are unsure how to answer this question, answer N. 531da177e4SLinus Torvalds 54da31894eSEric Parisconfig SECURITYFS 55da31894eSEric Paris bool "Enable the securityfs filesystem" 56da31894eSEric Paris help 57da31894eSEric Paris This will build the securityfs filesystem. It is currently used by 583323eec9SMimi Zohar the TPM bios character driver and IMA, an integrity provider. It is 593323eec9SMimi Zohar not used by SELinux or SMACK. 60da31894eSEric Paris 61da31894eSEric Paris If you are unsure how to answer this question, answer N. 62da31894eSEric Paris 631da177e4SLinus Torvaldsconfig SECURITY_NETWORK 641da177e4SLinus Torvalds bool "Socket and Networking Security Hooks" 651da177e4SLinus Torvalds depends on SECURITY 661da177e4SLinus Torvalds help 671da177e4SLinus Torvalds This enables the socket and networking security hooks. 681da177e4SLinus Torvalds If enabled, a security module can use these hooks to 691da177e4SLinus Torvalds implement socket and networking access controls. 701da177e4SLinus Torvalds If you are unsure how to answer this question, answer N. 711da177e4SLinus Torvalds 72df71837dSTrent Jaegerconfig SECURITY_NETWORK_XFRM 73df71837dSTrent Jaeger bool "XFRM (IPSec) Networking Security Hooks" 74df71837dSTrent Jaeger depends on XFRM && SECURITY_NETWORK 75df71837dSTrent Jaeger help 76df71837dSTrent Jaeger This enables the XFRM (IPSec) networking security hooks. 77df71837dSTrent Jaeger If enabled, a security module can use these hooks to 78df71837dSTrent Jaeger implement per-packet access controls based on labels 79df71837dSTrent Jaeger derived from IPSec policy. Non-IPSec communications are 80df71837dSTrent Jaeger designated as unlabelled, and only sockets authorized 81df71837dSTrent Jaeger to communicate unlabelled data can send without using 82df71837dSTrent Jaeger IPSec. 83df71837dSTrent Jaeger If you are unsure how to answer this question, answer N. 84df71837dSTrent Jaeger 85be6d3e56SKentaro Takedaconfig SECURITY_PATH 86be6d3e56SKentaro Takeda bool "Security hooks for pathname based access control" 87be6d3e56SKentaro Takeda depends on SECURITY 88be6d3e56SKentaro Takeda help 89be6d3e56SKentaro Takeda This enables the security hooks for pathname based access control. 90be6d3e56SKentaro Takeda If enabled, a security module can use these hooks to 91be6d3e56SKentaro Takeda implement pathname based access controls. 92be6d3e56SKentaro Takeda If you are unsure how to answer this question, answer N. 93be6d3e56SKentaro Takeda 94b5376771SSerge E. Hallynconfig SECURITY_FILE_CAPABILITIES 9584aaa7abSAndrew G. Morgan bool "File POSIX Capabilities" 96b5376771SSerge E. Hallyn default n 97b5376771SSerge E. Hallyn help 98b5376771SSerge E. Hallyn This enables filesystem capabilities, allowing you to give 99b5376771SSerge E. Hallyn binaries a subset of root's powers without using setuid 0. 100b5376771SSerge E. Hallyn 101b5376771SSerge E. Hallyn If in doubt, answer N. 102b5376771SSerge E. Hallyn 1031da177e4SLinus Torvaldsconfig SECURITY_ROOTPLUG 10420510f2fSJames Morris bool "Root Plug Support" 10520510f2fSJames Morris depends on USB=y && SECURITY 1061da177e4SLinus Torvalds help 1071da177e4SLinus Torvalds This is a sample LSM module that should only be used as such. 1081da177e4SLinus Torvalds It prevents any programs running with egid == 0 if a specific 1091da177e4SLinus Torvalds USB device is not present in the system. 1101da177e4SLinus Torvalds 1111da177e4SLinus Torvalds See <http://www.linuxjournal.com/article.php?sid=6279> for 1121da177e4SLinus Torvalds more information about this module. 1131da177e4SLinus Torvalds 1141da177e4SLinus Torvalds If you are unsure how to answer this question, answer N. 115a5ecbcb8SEric Paris 11631625340SJoseph Cihulaconfig INTEL_TXT 11731625340SJoseph Cihula bool "Enable Intel(R) Trusted Execution Technology (Intel(R) TXT)" 11831625340SJoseph Cihula depends on EXPERIMENTAL && X86 && DMAR && ACPI 11931625340SJoseph Cihula help 12031625340SJoseph Cihula This option enables support for booting the kernel with the 12131625340SJoseph Cihula Trusted Boot (tboot) module. This will utilize 12231625340SJoseph Cihula Intel(R) Trusted Execution Technology to perform a measured launch 12331625340SJoseph Cihula of the kernel. If the system does not support Intel(R) TXT, this 12431625340SJoseph Cihula will have no effect. 12531625340SJoseph Cihula 12631625340SJoseph Cihula Intel TXT will provide higher assurance of sysem configuration and 12731625340SJoseph Cihula initial state as well as data reset protection. This is used to 12831625340SJoseph Cihula create a robust initial kernel measurement and verification, which 12931625340SJoseph Cihula helps to ensure that kernel security mechanisms are functioning 13031625340SJoseph Cihula correctly. This level of protection requires a root of trust outside 13131625340SJoseph Cihula of the kernel itself. 13231625340SJoseph Cihula 13331625340SJoseph Cihula Intel TXT also helps solve real end user concerns about having 13431625340SJoseph Cihula confidence that their hardware is running the VMM or kernel that 13531625340SJoseph Cihula it was conigured with, especially since they may be responsible for 13631625340SJoseph Cihula providing such assurances to VMs and services running on it. 13731625340SJoseph Cihula 13831625340SJoseph Cihula See <http://www.intel.com/technology/security/> for more information 13931625340SJoseph Cihula about Intel(R) TXT. 14031625340SJoseph Cihula See <http://tboot.sourceforge.net> for more information about tboot. 14131625340SJoseph Cihula See Documentation/intel_txt.txt for a description of how to enable 14231625340SJoseph Cihula Intel TXT support in a kernel boot. 14331625340SJoseph Cihula 14431625340SJoseph Cihula If you are unsure as to whether this is required, answer N. 14531625340SJoseph Cihula 1461da177e4SLinus Torvaldssource security/selinux/Kconfig 147e114e473SCasey Schauflersource security/smack/Kconfig 14800d7d6f8SKentaro Takedasource security/tomoyo/Kconfig 1491da177e4SLinus Torvalds 1503323eec9SMimi Zoharsource security/integrity/ima/Kconfig 1513323eec9SMimi Zohar 1521da177e4SLinus Torvaldsendmenu 1531da177e4SLinus Torvalds 154