1config SECURITY_TOMOYO 2 bool "TOMOYO Linux Support" 3 depends on SECURITY 4 depends on NET 5 select SECURITYFS 6 select SECURITY_PATH 7 select SECURITY_NETWORK 8 select SRCU 9 select BUILD_BIN2C 10 default n 11 help 12 This selects TOMOYO Linux, pathname-based access control. 13 Required userspace tools and further information may be 14 found at <http://tomoyo.sourceforge.jp/>. 15 If you are unsure how to answer this question, answer N. 16 17config SECURITY_TOMOYO_MAX_ACCEPT_ENTRY 18 int "Default maximal count for learning mode" 19 default 2048 20 range 0 2147483647 21 depends on SECURITY_TOMOYO 22 help 23 This is the default value for maximal ACL entries 24 that are automatically appended into policy at "learning mode". 25 Some programs access thousands of objects, so running 26 such programs in "learning mode" dulls the system response 27 and consumes much memory. 28 This is the safeguard for such programs. 29 30config SECURITY_TOMOYO_MAX_AUDIT_LOG 31 int "Default maximal count for audit log" 32 default 1024 33 range 0 2147483647 34 depends on SECURITY_TOMOYO 35 help 36 This is the default value for maximal entries for 37 audit logs that the kernel can hold on memory. 38 You can read the log via /sys/kernel/security/tomoyo/audit. 39 If you don't need audit logs, you may set this value to 0. 40 41config SECURITY_TOMOYO_OMIT_USERSPACE_LOADER 42 bool "Activate without calling userspace policy loader." 43 default n 44 depends on SECURITY_TOMOYO 45 ---help--- 46 Say Y here if you want to activate access control as soon as built-in 47 policy was loaded. This option will be useful for systems where 48 operations which can lead to the hijacking of the boot sequence are 49 needed before loading the policy. For example, you can activate 50 immediately after loading the fixed part of policy which will allow 51 only operations needed for mounting a partition which contains the 52 variant part of policy and verifying (e.g. running GPG check) and 53 loading the variant part of policy. Since you can start using 54 enforcing mode from the beginning, you can reduce the possibility of 55 hijacking the boot sequence. 56 57config SECURITY_TOMOYO_POLICY_LOADER 58 string "Location of userspace policy loader" 59 default "/sbin/tomoyo-init" 60 depends on SECURITY_TOMOYO 61 depends on !SECURITY_TOMOYO_OMIT_USERSPACE_LOADER 62 ---help--- 63 This is the default pathname of policy loader which is called before 64 activation. You can override this setting via TOMOYO_loader= kernel 65 command line option. 66 67config SECURITY_TOMOYO_ACTIVATION_TRIGGER 68 string "Trigger for calling userspace policy loader" 69 default "/sbin/init" 70 depends on SECURITY_TOMOYO 71 depends on !SECURITY_TOMOYO_OMIT_USERSPACE_LOADER 72 ---help--- 73 This is the default pathname of activation trigger. 74 You can override this setting via TOMOYO_trigger= kernel command line 75 option. For example, if you pass init=/bin/systemd option, you may 76 want to also pass TOMOYO_trigger=/bin/systemd option. 77 78config SECURITY_TOMOYO_INSECURE_BUILTIN_SETTING 79 bool "Use insecure built-in settings for fuzzing tests." 80 default n 81 depends on SECURITY_TOMOYO 82 select SECURITY_TOMOYO_OMIT_USERSPACE_LOADER 83 help 84 Enabling this option forces minimal built-in policy and disables 85 domain/program checks for run-time policy modifications. Please enable 86 this option only if this kernel is built for doing fuzzing tests. 87