1# IBM Integrity Measurement Architecture 2# 3config IMA 4 bool "Integrity Measurement Architecture(IMA)" 5 depends on SECURITY 6 select INTEGRITY 7 select SECURITYFS 8 select CRYPTO 9 select CRYPTO_HMAC 10 select CRYPTO_MD5 11 select CRYPTO_SHA1 12 select CRYPTO_HASH_INFO 13 select TCG_TPM if HAS_IOMEM && !UML 14 select TCG_TIS if TCG_TPM && X86 15 select TCG_IBMVTPM if TCG_TPM && PPC64 16 help 17 The Trusted Computing Group(TCG) runtime Integrity 18 Measurement Architecture(IMA) maintains a list of hash 19 values of executables and other sensitive system files, 20 as they are read or executed. If an attacker manages 21 to change the contents of an important system file 22 being measured, we can tell. 23 24 If your system has a TPM chip, then IMA also maintains 25 an aggregate integrity value over this list inside the 26 TPM hardware, so that the TPM can prove to a third party 27 whether or not critical system files have been modified. 28 Read <http://www.usenix.org/events/sec04/tech/sailer.html> 29 to learn more about IMA. 30 If unsure, say N. 31 32config IMA_MEASURE_PCR_IDX 33 int 34 depends on IMA 35 range 8 14 36 default 10 37 help 38 IMA_MEASURE_PCR_IDX determines the TPM PCR register index 39 that IMA uses to maintain the integrity aggregate of the 40 measurement list. If unsure, use the default 10. 41 42config IMA_LSM_RULES 43 bool 44 depends on IMA && AUDIT && (SECURITY_SELINUX || SECURITY_SMACK) 45 default y 46 help 47 Disabling this option will disregard LSM based policy rules. 48 49choice 50 prompt "Default template" 51 default IMA_NG_TEMPLATE 52 depends on IMA 53 help 54 Select the default IMA measurement template. 55 56 The original 'ima' measurement list template contains a 57 hash, defined as 20 bytes, and a null terminated pathname, 58 limited to 255 characters. The 'ima-ng' measurement list 59 template permits both larger hash digests and longer 60 pathnames. 61 62 config IMA_TEMPLATE 63 bool "ima" 64 config IMA_NG_TEMPLATE 65 bool "ima-ng (default)" 66 config IMA_SIG_TEMPLATE 67 bool "ima-sig" 68endchoice 69 70config IMA_DEFAULT_TEMPLATE 71 string 72 depends on IMA 73 default "ima" if IMA_TEMPLATE 74 default "ima-ng" if IMA_NG_TEMPLATE 75 default "ima-sig" if IMA_SIG_TEMPLATE 76 77choice 78 prompt "Default integrity hash algorithm" 79 default IMA_DEFAULT_HASH_SHA1 80 depends on IMA 81 help 82 Select the default hash algorithm used for the measurement 83 list, integrity appraisal and audit log. The compiled default 84 hash algorithm can be overwritten using the kernel command 85 line 'ima_hash=' option. 86 87 config IMA_DEFAULT_HASH_SHA1 88 bool "SHA1 (default)" 89 depends on CRYPTO_SHA1 90 91 config IMA_DEFAULT_HASH_SHA256 92 bool "SHA256" 93 depends on CRYPTO_SHA256 && !IMA_TEMPLATE 94 95 config IMA_DEFAULT_HASH_SHA512 96 bool "SHA512" 97 depends on CRYPTO_SHA512 && !IMA_TEMPLATE 98 99 config IMA_DEFAULT_HASH_WP512 100 bool "WP512" 101 depends on CRYPTO_WP512 && !IMA_TEMPLATE 102endchoice 103 104config IMA_DEFAULT_HASH 105 string 106 depends on IMA 107 default "sha1" if IMA_DEFAULT_HASH_SHA1 108 default "sha256" if IMA_DEFAULT_HASH_SHA256 109 default "sha512" if IMA_DEFAULT_HASH_SHA512 110 default "wp512" if IMA_DEFAULT_HASH_WP512 111 112config IMA_APPRAISE 113 bool "Appraise integrity measurements" 114 depends on IMA 115 default n 116 help 117 This option enables local measurement integrity appraisal. 118 It requires the system to be labeled with a security extended 119 attribute containing the file hash measurement. To protect 120 the security extended attributes from offline attack, enable 121 and configure EVM. 122 123 For more information on integrity appraisal refer to: 124 <http://linux-ima.sourceforge.net> 125 If unsure, say N. 126 127config IMA_TRUSTED_KEYRING 128 bool "Require all keys on the .ima keyring be signed" 129 depends on IMA_APPRAISE && SYSTEM_TRUSTED_KEYRING 130 depends on INTEGRITY_ASYMMETRIC_KEYS 131 select KEYS_DEBUG_PROC_KEYS 132 default y 133 help 134 This option requires that all keys added to the .ima 135 keyring be signed by a key on the system trusted keyring. 136