xref: /openbmc/linux/security/Kconfig (revision 275876e2)
1#
2# Security configuration
3#
4
5menu "Security options"
6
7source security/keys/Kconfig
8
9config SECURITY_DMESG_RESTRICT
10	bool "Restrict unprivileged access to the kernel syslog"
11	default n
12	help
13	  This enforces restrictions on unprivileged users reading the kernel
14	  syslog via dmesg(8).
15
16	  If this option is not selected, no restrictions will be enforced
17	  unless the dmesg_restrict sysctl is explicitly set to (1).
18
19	  If you are unsure how to answer this question, answer N.
20
21config SECURITY
22	bool "Enable different security models"
23	depends on SYSFS
24	help
25	  This allows you to choose different security modules to be
26	  configured into your kernel.
27
28	  If this option is not selected, the default Linux security
29	  model will be used.
30
31	  If you are unsure how to answer this question, answer N.
32
33config SECURITYFS
34	bool "Enable the securityfs filesystem"
35	help
36	  This will build the securityfs filesystem.  It is currently used by
37	  the TPM bios character driver and IMA, an integrity provider.  It is
38	  not used by SELinux or SMACK.
39
40	  If you are unsure how to answer this question, answer N.
41
42config SECURITY_NETWORK
43	bool "Socket and Networking Security Hooks"
44	depends on SECURITY
45	help
46	  This enables the socket and networking security hooks.
47	  If enabled, a security module can use these hooks to
48	  implement socket and networking access controls.
49	  If you are unsure how to answer this question, answer N.
50
51config SECURITY_NETWORK_XFRM
52	bool "XFRM (IPSec) Networking Security Hooks"
53	depends on XFRM && SECURITY_NETWORK
54	help
55	  This enables the XFRM (IPSec) networking security hooks.
56	  If enabled, a security module can use these hooks to
57	  implement per-packet access controls based on labels
58	  derived from IPSec policy.  Non-IPSec communications are
59	  designated as unlabelled, and only sockets authorized
60	  to communicate unlabelled data can send without using
61	  IPSec.
62	  If you are unsure how to answer this question, answer N.
63
64config SECURITY_PATH
65	bool "Security hooks for pathname based access control"
66	depends on SECURITY
67	help
68	  This enables the security hooks for pathname based access control.
69	  If enabled, a security module can use these hooks to
70	  implement pathname based access controls.
71	  If you are unsure how to answer this question, answer N.
72
73config INTEL_TXT
74	bool "Enable Intel(R) Trusted Execution Technology (Intel(R) TXT)"
75	depends on HAVE_INTEL_TXT
76	help
77	  This option enables support for booting the kernel with the
78	  Trusted Boot (tboot) module. This will utilize
79	  Intel(R) Trusted Execution Technology to perform a measured launch
80	  of the kernel. If the system does not support Intel(R) TXT, this
81	  will have no effect.
82
83	  Intel TXT will provide higher assurance of system configuration and
84	  initial state as well as data reset protection.  This is used to
85	  create a robust initial kernel measurement and verification, which
86	  helps to ensure that kernel security mechanisms are functioning
87	  correctly. This level of protection requires a root of trust outside
88	  of the kernel itself.
89
90	  Intel TXT also helps solve real end user concerns about having
91	  confidence that their hardware is running the VMM or kernel that
92	  it was configured with, especially since they may be responsible for
93	  providing such assurances to VMs and services running on it.
94
95	  See <http://www.intel.com/technology/security/> for more information
96	  about Intel(R) TXT.
97	  See <http://tboot.sourceforge.net> for more information about tboot.
98	  See Documentation/intel_txt.txt for a description of how to enable
99	  Intel TXT support in a kernel boot.
100
101	  If you are unsure as to whether this is required, answer N.
102
103config LSM_MMAP_MIN_ADDR
104	int "Low address space for LSM to protect from user allocation"
105	depends on SECURITY && SECURITY_SELINUX
106	default 32768 if ARM || (ARM64 && COMPAT)
107	default 65536
108	help
109	  This is the portion of low virtual memory which should be protected
110	  from userspace allocation.  Keeping a user from writing to low pages
111	  can help reduce the impact of kernel NULL pointer bugs.
112
113	  For most ia64, ppc64 and x86 users with lots of address space
114	  a value of 65536 is reasonable and should cause no problems.
115	  On arm and other archs it should not be higher than 32768.
116	  Programs which use vm86 functionality or have some need to map
117	  this low address space will need the permission specific to the
118	  systems running LSM.
119
120source security/selinux/Kconfig
121source security/smack/Kconfig
122source security/tomoyo/Kconfig
123source security/apparmor/Kconfig
124source security/yama/Kconfig
125
126source security/integrity/Kconfig
127
128choice
129	prompt "Default security module"
130	default DEFAULT_SECURITY_SELINUX if SECURITY_SELINUX
131	default DEFAULT_SECURITY_SMACK if SECURITY_SMACK
132	default DEFAULT_SECURITY_TOMOYO if SECURITY_TOMOYO
133	default DEFAULT_SECURITY_APPARMOR if SECURITY_APPARMOR
134	default DEFAULT_SECURITY_YAMA if SECURITY_YAMA
135	default DEFAULT_SECURITY_DAC
136
137	help
138	  Select the security module that will be used by default if the
139	  kernel parameter security= is not specified.
140
141	config DEFAULT_SECURITY_SELINUX
142		bool "SELinux" if SECURITY_SELINUX=y
143
144	config DEFAULT_SECURITY_SMACK
145		bool "Simplified Mandatory Access Control" if SECURITY_SMACK=y
146
147	config DEFAULT_SECURITY_TOMOYO
148		bool "TOMOYO" if SECURITY_TOMOYO=y
149
150	config DEFAULT_SECURITY_APPARMOR
151		bool "AppArmor" if SECURITY_APPARMOR=y
152
153	config DEFAULT_SECURITY_YAMA
154		bool "Yama" if SECURITY_YAMA=y
155
156	config DEFAULT_SECURITY_DAC
157		bool "Unix Discretionary Access Controls"
158
159endchoice
160
161config DEFAULT_SECURITY
162	string
163	default "selinux" if DEFAULT_SECURITY_SELINUX
164	default "smack" if DEFAULT_SECURITY_SMACK
165	default "tomoyo" if DEFAULT_SECURITY_TOMOYO
166	default "apparmor" if DEFAULT_SECURITY_APPARMOR
167	default "yama" if DEFAULT_SECURITY_YAMA
168	default "" if DEFAULT_SECURITY_DAC
169
170endmenu
171
172