1# 2# Security configuration 3# 4 5menu "Security options" 6 7source security/keys/Kconfig 8 9config SECURITY_DMESG_RESTRICT 10 bool "Restrict unprivileged access to the kernel syslog" 11 default n 12 help 13 This enforces restrictions on unprivileged users reading the kernel 14 syslog via dmesg(8). 15 16 If this option is not selected, no restrictions will be enforced 17 unless the dmesg_restrict sysctl is explicitly set to (1). 18 19 If you are unsure how to answer this question, answer N. 20 21config SECURITY 22 bool "Enable different security models" 23 depends on SYSFS 24 help 25 This allows you to choose different security modules to be 26 configured into your kernel. 27 28 If this option is not selected, the default Linux security 29 model will be used. 30 31 If you are unsure how to answer this question, answer N. 32 33config SECURITYFS 34 bool "Enable the securityfs filesystem" 35 help 36 This will build the securityfs filesystem. It is currently used by 37 the TPM bios character driver and IMA, an integrity provider. It is 38 not used by SELinux or SMACK. 39 40 If you are unsure how to answer this question, answer N. 41 42config SECURITY_NETWORK 43 bool "Socket and Networking Security Hooks" 44 depends on SECURITY 45 help 46 This enables the socket and networking security hooks. 47 If enabled, a security module can use these hooks to 48 implement socket and networking access controls. 49 If you are unsure how to answer this question, answer N. 50 51config SECURITY_NETWORK_XFRM 52 bool "XFRM (IPSec) Networking Security Hooks" 53 depends on XFRM && SECURITY_NETWORK 54 help 55 This enables the XFRM (IPSec) networking security hooks. 56 If enabled, a security module can use these hooks to 57 implement per-packet access controls based on labels 58 derived from IPSec policy. Non-IPSec communications are 59 designated as unlabelled, and only sockets authorized 60 to communicate unlabelled data can send without using 61 IPSec. 62 If you are unsure how to answer this question, answer N. 63 64config SECURITY_PATH 65 bool "Security hooks for pathname based access control" 66 depends on SECURITY 67 help 68 This enables the security hooks for pathname based access control. 69 If enabled, a security module can use these hooks to 70 implement pathname based access controls. 71 If you are unsure how to answer this question, answer N. 72 73config INTEL_TXT 74 bool "Enable Intel(R) Trusted Execution Technology (Intel(R) TXT)" 75 depends on HAVE_INTEL_TXT 76 help 77 This option enables support for booting the kernel with the 78 Trusted Boot (tboot) module. This will utilize 79 Intel(R) Trusted Execution Technology to perform a measured launch 80 of the kernel. If the system does not support Intel(R) TXT, this 81 will have no effect. 82 83 Intel TXT will provide higher assurance of system configuration and 84 initial state as well as data reset protection. This is used to 85 create a robust initial kernel measurement and verification, which 86 helps to ensure that kernel security mechanisms are functioning 87 correctly. This level of protection requires a root of trust outside 88 of the kernel itself. 89 90 Intel TXT also helps solve real end user concerns about having 91 confidence that their hardware is running the VMM or kernel that 92 it was configured with, especially since they may be responsible for 93 providing such assurances to VMs and services running on it. 94 95 See <http://www.intel.com/technology/security/> for more information 96 about Intel(R) TXT. 97 See <http://tboot.sourceforge.net> for more information about tboot. 98 See Documentation/intel_txt.txt for a description of how to enable 99 Intel TXT support in a kernel boot. 100 101 If you are unsure as to whether this is required, answer N. 102 103config LSM_MMAP_MIN_ADDR 104 int "Low address space for LSM to protect from user allocation" 105 depends on SECURITY && SECURITY_SELINUX 106 default 32768 if ARM || (ARM64 && COMPAT) 107 default 65536 108 help 109 This is the portion of low virtual memory which should be protected 110 from userspace allocation. Keeping a user from writing to low pages 111 can help reduce the impact of kernel NULL pointer bugs. 112 113 For most ia64, ppc64 and x86 users with lots of address space 114 a value of 65536 is reasonable and should cause no problems. 115 On arm and other archs it should not be higher than 32768. 116 Programs which use vm86 functionality or have some need to map 117 this low address space will need the permission specific to the 118 systems running LSM. 119 120source security/selinux/Kconfig 121source security/smack/Kconfig 122source security/tomoyo/Kconfig 123source security/apparmor/Kconfig 124source security/yama/Kconfig 125 126source security/integrity/Kconfig 127 128choice 129 prompt "Default security module" 130 default DEFAULT_SECURITY_SELINUX if SECURITY_SELINUX 131 default DEFAULT_SECURITY_SMACK if SECURITY_SMACK 132 default DEFAULT_SECURITY_TOMOYO if SECURITY_TOMOYO 133 default DEFAULT_SECURITY_APPARMOR if SECURITY_APPARMOR 134 default DEFAULT_SECURITY_YAMA if SECURITY_YAMA 135 default DEFAULT_SECURITY_DAC 136 137 help 138 Select the security module that will be used by default if the 139 kernel parameter security= is not specified. 140 141 config DEFAULT_SECURITY_SELINUX 142 bool "SELinux" if SECURITY_SELINUX=y 143 144 config DEFAULT_SECURITY_SMACK 145 bool "Simplified Mandatory Access Control" if SECURITY_SMACK=y 146 147 config DEFAULT_SECURITY_TOMOYO 148 bool "TOMOYO" if SECURITY_TOMOYO=y 149 150 config DEFAULT_SECURITY_APPARMOR 151 bool "AppArmor" if SECURITY_APPARMOR=y 152 153 config DEFAULT_SECURITY_YAMA 154 bool "Yama" if SECURITY_YAMA=y 155 156 config DEFAULT_SECURITY_DAC 157 bool "Unix Discretionary Access Controls" 158 159endchoice 160 161config DEFAULT_SECURITY 162 string 163 default "selinux" if DEFAULT_SECURITY_SELINUX 164 default "smack" if DEFAULT_SECURITY_SMACK 165 default "tomoyo" if DEFAULT_SECURITY_TOMOYO 166 default "apparmor" if DEFAULT_SECURITY_APPARMOR 167 default "yama" if DEFAULT_SECURITY_YAMA 168 default "" if DEFAULT_SECURITY_DAC 169 170endmenu 171 172